August 2018 - Devel - libvirt List Archives

[libvirt] [PATCH v3 00/28] Introduce metadata locking
by Michal Privoznik 04 Sep '18

04 Sep '18

v3 of: https://www.redhat.com/archives/libvir-list/2018-August/msg00814.html What has changed since v2? A lot. - The lock manager was moved into security manager (which requires a lot of preparation which is done in first 8 or so patches). - The VIR_LOCK_SPACE_ACQUIRE_WAIT flag (2/7 in v2) is dropped as it turned out to be harmful. virlockd can't block under any circumstances. And we can not introduce a thread pool for it. - While going through the code I've found couple of bugs which I'm fixing in first few patches. As usual, you can find all the patches at: https://github.com/zippy2/libvirt/tree/disk_metadata_lock_v3 Michal Prívozník (28): virSecurityManagerNewDriver: Fix code pattern virSecurityManagerNewStack: Don't ignore virSecurityStackAddNested retval lock_daemon: Fix some memleaks lock_driver_lockd: Don't leak lockspace dirs virLockManagerLockDaemonAcquire: Drop useless check virLockManagerSanlockAddResource: Do not ignore unknown resource types locking: Don't leak private data in virLockManagerLockDaemonNew virLockManagerLockDaemonAddResource: Switch to cleanup label rather than error virlockspace: Allow caller to specify start and length offset in virLockSpaceAcquireResource lock_driver_lockd: Introduce VIR_LOCK_SPACE_PROTOCOL_ACQUIRE_RESOURCE_METADATA flag lock_driver: Introduce new VIR_LOCK_MANAGER_OBJECT_TYPE_DAEMON _virLockManagerLockDaemonPrivate: Move @hasRWDisks into dom union lock_driver: Introduce VIR_LOCK_MANAGER_RESOURCE_TYPE_METADATA lock_daemon_dispatch: Check for ownerPid rather than ownerId locking: Introduce virLockManagerClearResources lock_driver: Introduce KEEP_OPEN flags lock_manager: Introduce virLockManagerCloseConn lock_manager: Allow disabling configFile for virLockManagerPluginNew qemu_conf: Introduce metadata_lock_manager security_manager: Load lock plugin on init security_manager: Introduce virSecurityManagerLockCloseConn security_manager: Introduce metadata locking APIs security_dac: Pass virSecurityManagerPtr to virSecurityDACSetOwnership security_dac: Pass virSecurityManagerPtr to virSecurityDACRestoreFileLabelInternal security_dac: Fix info messages when chown()-ing security_dac: Fix const correctness security_dac: Move transaction handling up one level security_dac: Lock domain metadata cfg.mk | 4 +- src/libvirt_private.syms | 2 + src/locking/lock_daemon.c | 3 + src/locking/lock_daemon_dispatch.c | 25 +- src/locking/lock_driver.h | 38 +++ src/locking/lock_driver_lockd.c | 520 ++++++++++++++++++++++++++----------- src/locking/lock_driver_lockd.h | 1 + src/locking/lock_driver_nop.c | 14 + src/locking/lock_driver_sanlock.c | 50 ++-- src/locking/lock_manager.c | 31 ++- src/locking/lock_manager.h | 7 + src/qemu/libvirtd_qemu.aug | 1 + src/qemu/qemu.conf | 6 + src/qemu/qemu_conf.c | 13 + src/qemu/qemu_conf.h | 1 + src/qemu/qemu_driver.c | 12 +- src/qemu/test_libvirtd_qemu.aug.in | 1 + src/security/security_dac.c | 213 +++++++++------ src/security/security_manager.c | 366 +++++++++++++++++++++++++- src/security/security_manager.h | 17 +- src/util/virlockspace.c | 15 +- src/util/virlockspace.h | 4 + tests/testutilsqemu.c | 2 +- tests/virlockspacetest.c | 29 ++- 24 files changed, 1096 insertions(+), 279 deletions(-) -- 2.16.4

4 71

[libvirt] [PATCH 0/2] qemu: Unify generation of command line for virtio devices
by Andrea Bolognani 04 Sep '18

04 Sep '18

-device virtio-blurb-pci Andrea Bolognani (2): tests: Fix use of virtio-serial for aarch64/virt qemu: Unify generation of command line for virtio devices src/qemu/qemu_command.c | 299 ++++++++++-------- .../mach-virt-console-virtio.args | 2 +- tests/qemuxml2argvtest.c | 3 +- .../mach-virt-console-virtio.xml | 4 +- tests/qemuxml2xmltest.c | 6 +- 5 files changed, 173 insertions(+), 141 deletions(-) -- 2.17.1

2 6

[libvirt] [PATCH] qemu: clear seccomp capability if TSYNC is not supported by host
by marcandre.lureau＠redhat.com 04 Sep '18

04 Sep '18

From: Marc-André Lureau <marcandre.lureau(a)redhat.com> With qemu <= 3.0, when using "-seccomp on", the seccomp policy is only applied to the main thread, the vcpu worker thread and other worker threads created after seccomp policy is applied; the seccomp policy is not applied to e.g. the RCU thread because it is created before the seccomp policy is applied. Since qemu commit 70dfabeaa79ba4d7a3b699abe1a047c8012db114 "seccomp: set the seccomp filter to all threads", qemu will require seccomp TSYNC flag, and will fail to start if the flag isn't available. Without it, sandboxing is flawed. Disable seccomp capability if the host is not capable of using seccomp TSYNC. Signed-off-by: Marc-André Lureau <marcandre.lureau(a)redhat.com> --- configure.ac | 2 +- src/qemu/qemu_capabilities.c | 27 +++++++++++++++++++++++++++ 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index da940e34df..c206de1cad 100644 --- a/configure.ac +++ b/configure.ac @@ -330,7 +330,7 @@ AC_CHECK_FUNCS_ONCE([cfmakeraw fallocate geteuid getgid getgrnam_r \ dnl Availability of various common headers (non-fatal if missing). AC_CHECK_HEADERS([pwd.h regex.h sys/un.h \ - sys/poll.h syslog.h mntent.h net/ethernet.h linux/magic.h \ + sys/poll.h syslog.h mntent.h net/ethernet.h linux/magic.h linux/seccomp.h \ sys/un.h sys/syscall.h sys/sysctl.h netinet/tcp.h ifaddrs.h \ libtasn1.h sys/ucred.h sys/mount.h stdarg.h]) dnl Check whether endian provides handy macros. diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index a075677421..dd62246eb4 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -54,6 +54,10 @@ #include <sys/wait.h> #include <stdarg.h> #include <sys/utsname.h> +#if defined(HAVE_LINUX_SECCOMP_H) && defined(HAVE_SYS_SYSCALL_H) +#include <linux/seccomp.h> +#include <sys/syscall.h> +#endif #define VIR_FROM_THIS VIR_FROM_QEMU @@ -4615,6 +4619,15 @@ virQEMUCapsLogProbeFailure(const char *binary) } +#if defined(HAVE_LINUX_SECCOMP_H) && defined(HAVE_SYS_SYSCALL_H) +static int +virSeccomp(unsigned int op, unsigned int flags, void *args) +{ + errno = 0; + return syscall(__NR_seccomp, op, flags, args); +} +#endif + virQEMUCapsPtr virQEMUCapsNewForBinaryInternal(virArch hostArch, const char *binary, @@ -4679,6 +4692,20 @@ virQEMUCapsNewForBinaryInternal(virArch hostArch, goto error; } + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SECCOMP_SANDBOX)) { + bool have_seccomp = false; +#if defined(HAVE_LINUX_SECCOMP_H) && defined(HAVE_SYS_SYSCALL_H) + /* check the TSYNC flag - it returns errno == ENOSYS if unavailable */ + if (virSeccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, NULL) < 0 && + errno == EFAULT) { + have_seccomp = true; + } +#endif + if (!have_seccomp) { + virQEMUCapsClear(qemuCaps, QEMU_CAPS_SECCOMP_SANDBOX); + } + } + cleanup: VIR_FREE(qmperr); return qemuCaps; -- 2.19.0.rc0.48.gb9dfa238d5

5 5

[libvirt] [jenkins-ci PATCH 0/8] lcitool: Support building arbitrary branches
by Andrea Bolognani 04 Sep '18

04 Sep '18

Better (hopefully :) implementation of the feature scrapped from the initial "build support" series. Andrea Bolognani (8): lcitool: Add "-r REVISION" argument for build Don't use "branch" in paths and job names jobs: Hardcode "master" branch guests: Use "git_branch" when building Drop "branch" variable Add "git_urls" dictionary to defaults guests: Use "git_remote" when building guests: Update documentation guests/README.markdown | 8 ++++- guests/lcitool | 36 +++++++++++++------ .../build/jobs/autotools-build-job.yml | 4 +-- .../build/jobs/autotools-check-job.yml | 4 +-- .../build/jobs/autotools-rpm-job.yml | 4 +-- .../build/jobs/autotools-syntax-check-job.yml | 4 +-- guests/playbooks/build/jobs/defaults.yml | 32 ++++++++++++++++- .../build/jobs/generic-build-job.yml | 4 +-- .../build/jobs/generic-check-job.yml | 4 +-- .../playbooks/build/jobs/generic-rpm-job.yml | 4 +-- .../build/jobs/generic-syntax-check-job.yml | 4 +-- guests/playbooks/build/jobs/go-build-job.yml | 4 +-- guests/playbooks/build/jobs/go-check-job.yml | 4 +-- .../build/jobs/perl-modulebuild-build-job.yml | 4 +-- .../build/jobs/perl-modulebuild-check-job.yml | 4 +-- .../build/jobs/perl-modulebuild-rpm-job.yml | 4 +-- guests/playbooks/build/jobs/prepare.yml | 10 +++--- .../build/jobs/python-distutils-build-job.yml | 4 +-- .../build/jobs/python-distutils-check-job.yml | 4 +-- .../build/jobs/python-distutils-rpm-job.yml | 4 +-- guests/playbooks/build/projects/libosinfo.yml | 2 +- .../playbooks/build/projects/libvirt-cim.yml | 2 +- .../playbooks/build/projects/libvirt-dbus.yml | 2 +- .../playbooks/build/projects/libvirt-glib.yml | 2 +- .../build/projects/libvirt-go-xml.yml | 2 +- .../playbooks/build/projects/libvirt-go.yml | 2 +- .../playbooks/build/projects/libvirt-perl.yml | 2 +- .../build/projects/libvirt-python.yml | 2 +- .../build/projects/libvirt-sandbox.yml | 2 +- .../playbooks/build/projects/libvirt-tck.yml | 2 +- guests/playbooks/build/projects/libvirt.yml | 2 +- .../build/projects/osinfo-db-tools.yml | 2 +- guests/playbooks/build/projects/osinfo-db.yml | 2 +- .../playbooks/build/projects/virt-manager.yml | 2 +- .../playbooks/build/projects/virt-viewer.yml | 2 +- jobs/autotools.yaml | 18 +++++----- jobs/defaults.yaml | 32 ++++++++++++++++- jobs/generic.yaml | 18 +++++----- jobs/go.yaml | 10 +++--- jobs/perl-modulebuild.yaml | 14 ++++---- jobs/python-distutils.yaml | 14 ++++---- projects/libosinfo.yaml | 14 ++++---- projects/libvirt-cim.yaml | 6 ++-- projects/libvirt-dbus.yaml | 10 +++--- projects/libvirt-glib.yaml | 14 ++++---- projects/libvirt-go-xml.yaml | 6 ++-- projects/libvirt-go.yaml | 6 ++-- projects/libvirt-perl.yaml | 8 ++--- projects/libvirt-python.yaml | 8 ++--- projects/libvirt-sandbox.yaml | 10 +++--- projects/libvirt-tck.yaml | 8 ++--- projects/libvirt.yaml | 8 ++--- projects/osinfo-db-tools.yaml | 8 ++--- projects/osinfo-db.yaml | 8 ++--- projects/virt-manager.yaml | 10 +++--- projects/virt-viewer.yaml | 14 ++++---- 56 files changed, 253 insertions(+), 171 deletions(-) -- 2.17.1

2 19

[libvirt] [PATCH 0/6] conf: Move a bunch of stuff to device_conf
by Andrea Bolognani 03 Sep '18

03 Sep '18

These are the times where I wish we were using a language with support for proper classes and modules like, I dunno, PHP or something. Andrea Bolognani (6): conf: Move virDomainDeviceAddressType to device_conf conf: Move virDomainDeviceAddressIsValid() to device_conf conf: Change return type of *AddressIsValid() to bool conf: Move virDomainPCIAddressAsString() to device_conf conf: Rename virDomainPCIAddressAsString() conf: Move *AddressParseXML() to device_conf src/conf/device_conf.c | 348 ++++++++++++++++++++++++++++++++- src/conf/device_conf.h | 31 ++- src/conf/domain_addr.c | 20 +- src/conf/domain_addr.h | 3 - src/conf/domain_conf.c | 320 ------------------------------ src/conf/domain_conf.h | 3 - src/libvirt_private.syms | 13 +- src/qemu/qemu_command.c | 2 +- src/qemu/qemu_domain_address.c | 6 +- 9 files changed, 386 insertions(+), 360 deletions(-) -- 2.17.1

3 14

[libvirt] [PATCH] qemu: Don't overwrite stats in qemuDomainBlocksStatsGather
by Peter Krempa 03 Sep '18

03 Sep '18

The size/capacity stats gathered in qemuDomainBlocksStatsGather when using -blockdev would be overwritten by assigning/copying the transfered data statistics at the end. Fix it by moving the assignment prior to fetching the capacity data. Signed-off-by: Peter Krempa <pkrempa(a)redhat.com> --- src/qemu/qemu_driver.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index a0f7c71675..07ea5473b6 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -11114,6 +11114,8 @@ qemuDomainBlocksStatsGather(virQEMUDriverPtr driver, goto cleanup; } + **retstats = *stats; + if (blockdev) { /* capacity are reported only per node-name so we need to transfer them */ qemuBlockStatsPtr capstats; @@ -11127,8 +11129,6 @@ qemuDomainBlocksStatsGather(virQEMUDriverPtr driver, (*retstats)->write_threshold = capstats->write_threshold; } } - - **retstats = *stats; } else { for (i = 0; i < vm->def->ndisks; i++) { disk = vm->def->disks[i]; -- 2.16.2

2 1

[libvirt] [PATCHv2 0/3] network: new network forward mode 'vlan'
by Shi Lei 02 Sep '18

02 Sep '18

Hi, everyone! This patch supports VLan by '8021q' kernel module other than by OVS. The way of '8021q' is simpler and more robust. Mode 'vlan' is like mode 'route' except these major differences: - mode 'vlan' inserts a vlan-device between the specified host's interface and the internal bridge. The vlan-device is based on '8021q' kernel module. - mode 'vlan' has no routed iptables rules but has other common iptables rules It can simplify the work of management apps whose developers want to implement VLan but don't want to introduce OVS into their project. Thank John for his comments in v1. v1 here: https://www.redhat.com/archives/libvir-list/2018-July/msg00331.html since v1: - Change docs/formatnetwork.html.in - Change docs/schemas/network.rng - Add tests/networkxml2* - Other code fixes Besides, I have post two patches followed by John's suggestions. - Replace 'if' type conditions with 'switch' for VIR_NETWORK_FORWARD_* https://www.redhat.com/archives/libvir-list/2018-July/msg01537.html This has been accepted. - Introduce timeout mode for virKModLoad to solve the potential problem of the 'strange delay' when loading '8021q' module https://www.redhat.com/archives/libvir-list/2018-August/msg00605.html This has been rejected and I don't know wether I should continue to solve this problem. Now I just check the INIT process code of '8021q' module and I think this module should not cause delay now. The loading time of '8021q' by virKModLoad on my PC is about 30 milliseconds. Shi Lei (3): add functions: load 8021q module, create/destroy vlan-dev support new forward mode 'vlan' for virtual network tests and docs for new forward mode 'vlan' configure.ac | 6 + docs/formatnetwork.html.in | 27 ++- docs/schemas/network.rng | 1 + src/conf/domain_conf.c | 1 + src/conf/network_conf.c | 24 ++- src/conf/network_conf.h | 1 + src/conf/virnetworkobj.c | 1 + src/esx/esx_network_driver.c | 1 + src/libvirt_private.syms | 4 + src/network/bridge_driver.c | 55 +++++- src/qemu/qemu_process.c | 1 + src/util/virnetdev.c | 203 +++++++++++++++++++++ src/util/virnetdev.h | 18 ++ tests/networkxml2confdata/vlan-network.conf | 16 ++ tests/networkxml2confdata/vlan-network.xml | 13 ++ tests/networkxml2conftest.c | 1 + .../vlan-network-multi-vlan-tag.xml | 11 ++ .../vlan-network-no-forward-dev.xml | 10 + tests/networkxml2xmlin/vlan-network-with-dhcp.xml | 15 ++ tests/networkxml2xmlin/vlan-network.xml | 10 + tests/networkxml2xmlout/vlan-network-with-dhcp.xml | 17 ++ tests/networkxml2xmlout/vlan-network.xml | 12 ++ tests/networkxml2xmltest.c | 5 + 23 files changed, 448 insertions(+), 5 deletions(-) create mode 100644 tests/networkxml2confdata/vlan-network.conf create mode 100644 tests/networkxml2confdata/vlan-network.xml create mode 100644 tests/networkxml2xmlin/vlan-network-multi-vlan-tag.xml create mode 100644 tests/networkxml2xmlin/vlan-network-no-forward-dev.xml create mode 100644 tests/networkxml2xmlin/vlan-network-with-dhcp.xml create mode 100644 tests/networkxml2xmlin/vlan-network.xml create mode 100644 tests/networkxml2xmlout/vlan-network-with-dhcp.xml create mode 100644 tests/networkxml2xmlout/vlan-network.xml -- 2.7.4

3 5

[libvirt] [PATCH] Add virNetlinkNewLink for simplifying virNetDev*Create
by Shi Lei 02 Sep '18

02 Sep '18

This patch adds virNetlinkNewLink for simplifying virNetDevMacVLanCreate and virNetDevBridgeCreate. Signed-off-by: Shi Lei <shi_lei(a)massclouds.com> --- src/libvirt_private.syms | 1 + src/util/virnetdevbridge.c | 73 +++-------------------- src/util/virnetdevmacvlan.c | 137 ++++++++++++++------------------------------ src/util/virnetlink.c | 104 +++++++++++++++++++++++++++++++++ src/util/virnetlink.h | 8 +++ 5 files changed, 164 insertions(+), 159 deletions(-) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 47ea35f..23931ba 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -2439,6 +2439,7 @@ virNetlinkEventServiceStop; virNetlinkEventServiceStopAll; virNetlinkGetErrorCode; virNetlinkGetNeighbor; +virNetlinkNewLink; virNetlinkShutdown; virNetlinkStartup; diff --git a/src/util/virnetdevbridge.c b/src/util/virnetdevbridge.c index bc377b5..1f5b37e 100644 --- a/src/util/virnetdevbridge.c +++ b/src/util/virnetdevbridge.c @@ -417,77 +417,22 @@ virNetDevBridgeCreate(const char *brname) { /* use a netlink RTM_NEWLINK message to create the bridge */ const char *type = "bridge"; - struct nlmsgerr *err; - struct ifinfomsg ifinfo = { .ifi_family = AF_UNSPEC }; - unsigned int recvbuflen; - struct nlattr *linkinfo; - VIR_AUTOPTR(virNetlinkMsg) nl_msg = NULL; - VIR_AUTOFREE(struct nlmsghdr *) resp = NULL; + int error = 0; - nl_msg = nlmsg_alloc_simple(RTM_NEWLINK, - NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL); - if (!nl_msg) { - virReportOOMError(); - return -1; - } - - if (nlmsg_append(nl_msg, &ifinfo, sizeof(ifinfo), NLMSG_ALIGNTO) < 0) - goto buffer_too_small; - if (nla_put(nl_msg, IFLA_IFNAME, strlen(brname)+1, brname) < 0) - goto buffer_too_small; - if (!(linkinfo = nla_nest_start(nl_msg, IFLA_LINKINFO))) - goto buffer_too_small; - if (nla_put(nl_msg, IFLA_INFO_KIND, strlen(type), type) < 0) - goto buffer_too_small; - nla_nest_end(nl_msg, linkinfo); - - if (virNetlinkCommand(nl_msg, &resp, &recvbuflen, 0, 0, - NETLINK_ROUTE, 0) < 0) { - return -1; - } - - if (recvbuflen < NLMSG_LENGTH(0) || resp == NULL) - goto malformed_resp; - - switch (resp->nlmsg_type) { - case NLMSG_ERROR: - err = (struct nlmsgerr *)NLMSG_DATA(resp); - if (resp->nlmsg_len < NLMSG_LENGTH(sizeof(*err))) - goto malformed_resp; - - if (err->error < 0) { + if (virNetlinkNewLink(NULL, brname, NULL, type, NULL, NULL, &error) < 0) { # if defined(HAVE_STRUCT_IFREQ) && defined(SIOCBRADDBR) - if (err->error == -EOPNOTSUPP) { - /* fallback to ioctl if netlink doesn't support creating - * bridges - */ - return virNetDevBridgeCreateWithIoctl(brname); - } -# endif - - virReportSystemError(-err->error, - _("error creating bridge interface %s"), - brname); - return -1; + if (error == -EOPNOTSUPP) { + /* fallback to ioctl if netlink doesn't support creating bridges */ + return virNetDevBridgeCreateWithIoctl(brname); } - break; +# endif + virReportSystemError(-error, _("error creating bridge interface %s"), + brname); - case NLMSG_DONE: - break; - default: - goto malformed_resp; + return -1; } return 0; - - malformed_resp: - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("malformed netlink response message")); - return -1; - buffer_too_small: - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("allocated netlink buffer is too small")); - return -1; } diff --git a/src/util/virnetdevmacvlan.c b/src/util/virnetdevmacvlan.c index 2035b1f..1629add 100644 --- a/src/util/virnetdevmacvlan.c +++ b/src/util/virnetdevmacvlan.c @@ -283,6 +283,37 @@ virNetDevMacVLanReleaseName(const char *name) } +static int +virNetDevMacVLanCreateCallback(struct nl_msg *nl_msg, const void *opaque) +{ + const uint32_t *mode = (const uint32_t *) opaque; + if (!nl_msg || !opaque) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("nl_msg %p or opaque %p is NULL"), + nl_msg, opaque); + return -1; + } + + if (*mode > 0) { + struct nlattr *info_data; + if (!(info_data = nla_nest_start(nl_msg, IFLA_INFO_DATA))) + goto buffer_too_small; + + if (nla_put(nl_msg, IFLA_MACVLAN_MODE, sizeof(*mode), mode) < 0) + goto buffer_too_small; + + nla_nest_end(nl_msg, info_data); + } + + return 0; + + buffer_too_small: + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("allocated netlink buffer is too small")); + return -1; +} + + /** * virNetDevMacVLanCreate: * @@ -307,113 +338,29 @@ virNetDevMacVLanCreate(const char *ifname, uint32_t macvlan_mode, int *retry) { - int rc = -1; - struct nlmsgerr *err; - struct ifinfomsg ifinfo = { .ifi_family = AF_UNSPEC }; int ifindex; - unsigned int recvbuflen; - struct nl_msg *nl_msg; - struct nlattr *linkinfo, *info_data; - char macstr[VIR_MAC_STRING_BUFLEN]; - VIR_AUTOFREE(struct nlmsghdr *) resp = NULL; - - if (virNetDevGetIndex(srcdev, &ifindex) < 0) - return -1; - + int error = 0; *retry = 0; - nl_msg = nlmsg_alloc_simple(RTM_NEWLINK, - NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL); - if (!nl_msg) { - virReportOOMError(); + if (virNetDevGetIndex(srcdev, &ifindex) < 0) return -1; - } - - if (nlmsg_append(nl_msg, &ifinfo, sizeof(ifinfo), NLMSG_ALIGNTO) < 0) - goto buffer_too_small; - - if (nla_put_u32(nl_msg, IFLA_LINK, ifindex) < 0) - goto buffer_too_small; - - if (nla_put(nl_msg, IFLA_ADDRESS, VIR_MAC_BUFLEN, macaddress) < 0) - goto buffer_too_small; - - if (ifname && - nla_put(nl_msg, IFLA_IFNAME, strlen(ifname)+1, ifname) < 0) - goto buffer_too_small; - if (!(linkinfo = nla_nest_start(nl_msg, IFLA_LINKINFO))) - goto buffer_too_small; - - if (nla_put(nl_msg, IFLA_INFO_KIND, strlen(type), type) < 0) - goto buffer_too_small; - - if (macvlan_mode > 0) { - if (!(info_data = nla_nest_start(nl_msg, IFLA_INFO_DATA))) - goto buffer_too_small; - - if (nla_put(nl_msg, IFLA_MACVLAN_MODE, sizeof(macvlan_mode), - &macvlan_mode) < 0) - goto buffer_too_small; - - nla_nest_end(nl_msg, info_data); - } - - nla_nest_end(nl_msg, linkinfo); - - if (virNetlinkCommand(nl_msg, &resp, &recvbuflen, 0, 0, - NETLINK_ROUTE, 0) < 0) { - goto cleanup; - } - - if (recvbuflen < NLMSG_LENGTH(0) || resp == NULL) - goto malformed_resp; - - switch (resp->nlmsg_type) { - case NLMSG_ERROR: - err = (struct nlmsgerr *)NLMSG_DATA(resp); - if (resp->nlmsg_len < NLMSG_LENGTH(sizeof(*err))) - goto malformed_resp; - - switch (err->error) { - - case 0: - break; - - case -EEXIST: + if (virNetlinkNewLink(&ifindex, ifname, macaddress, type, + virNetDevMacVLanCreateCallback, &macvlan_mode, + &error) < 0) { + char macstr[VIR_MAC_STRING_BUFLEN]; + if (error == -EEXIST) *retry = 1; - goto cleanup; - - default: - virReportSystemError(-err->error, + else + virReportSystemError(-error, _("error creating %s interface %s@%s (%s)"), type, ifname, srcdev, virMacAddrFormat(macaddress, macstr)); - goto cleanup; - } - break; - - case NLMSG_DONE: - break; - default: - goto malformed_resp; + return -1; } - rc = 0; - cleanup: - nlmsg_free(nl_msg); - return rc; - - malformed_resp: - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("malformed netlink response message")); - goto cleanup; - - buffer_too_small: - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("allocated netlink buffer is too small")); - goto cleanup; + return 0; } /** diff --git a/src/util/virnetlink.c b/src/util/virnetlink.c index 8f06446..817e347 100644 --- a/src/util/virnetlink.c +++ b/src/util/virnetlink.c @@ -489,6 +489,110 @@ virNetlinkDumpLink(const char *ifname, int ifindex, /** + * virNetlinkNewLink: + * + * @ifindex: The index for the 'link' device + * @ifname: The name of the link + * @mac: The MAC address of the device + * @type: The type of device, i.e., "bridge", "macvtap", "macvlan" + * @cb: The callback for filling in IFLA_INFO_DATA for this type + * @opaque: opaque for the callback + * @error: for retrieving error code + * + * Create a network "link" (aka interface aka device) with the given + * args. This works for many different types of network devices, + * including macvtap and bridges. + * + * Returns 0 on success, -1 on fatal error. + */ +int +virNetlinkNewLink(const int *ifindex, + const char *ifname, + const virMacAddr *mac, + const char *type, + virNetlinkNewLinkCallback cb, + const void *opaque, + int *error) +{ + struct nlmsgerr *err; + struct nlattr *linkinfo; + unsigned int buflen; + struct ifinfomsg ifinfo = { .ifi_family = AF_UNSPEC }; + VIR_AUTOPTR(virNetlinkMsg) nl_msg = NULL; + VIR_AUTOFREE(struct nlmsghdr *) resp = NULL; + + *error = 0; + + nl_msg = nlmsg_alloc_simple(RTM_NEWLINK, + NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL); + if (!nl_msg) { + virReportOOMError(); + return -1; + } + + if (nlmsg_append(nl_msg, &ifinfo, sizeof(ifinfo), NLMSG_ALIGNTO) < 0) + goto buffer_too_small; + + if (ifindex && nla_put_u32(nl_msg, IFLA_LINK, *ifindex) < 0) + goto buffer_too_small; + + if (mac && nla_put(nl_msg, IFLA_ADDRESS, VIR_MAC_BUFLEN, mac) < 0) + goto buffer_too_small; + + if (ifname && nla_put(nl_msg, IFLA_IFNAME, strlen(ifname)+1, ifname) < 0) + goto buffer_too_small; + + if (!(linkinfo = nla_nest_start(nl_msg, IFLA_LINKINFO))) + goto buffer_too_small; + + if (nla_put(nl_msg, IFLA_INFO_KIND, strlen(type), type) < 0) + goto buffer_too_small; + + if (cb && cb(nl_msg, opaque) < 0) + return -1; + + nla_nest_end(nl_msg, linkinfo); + + if (virNetlinkCommand(nl_msg, &resp, &buflen, 0, 0, NETLINK_ROUTE, 0) < 0) + return -1; + + if (buflen < NLMSG_LENGTH(0) || resp == NULL) + goto malformed_resp; + + switch (resp->nlmsg_type) { + case NLMSG_ERROR: + err = (struct nlmsgerr *)NLMSG_DATA(resp); + if (resp->nlmsg_len < NLMSG_LENGTH(sizeof(*err))) + goto malformed_resp; + + if (err->error < 0) { + *error = err->error; + return -1; + } + break; + + case NLMSG_DONE: + break; + + default: + goto malformed_resp; + } + + return 0; + + malformed_resp: + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("malformed netlink response message")); + return -1; + + buffer_too_small: + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("allocated netlink buffer is too small")); + return -1; +} + + +/** * virNetlinkDelLink: * * @ifname: Name of the link diff --git a/src/util/virnetlink.h b/src/util/virnetlink.h index 1e1e616..195c7bb 100644 --- a/src/util/virnetlink.h +++ b/src/util/virnetlink.h @@ -65,6 +65,14 @@ int virNetlinkDumpCommand(struct nl_msg *nl_msg, unsigned int protocol, unsigned int groups, void *opaque); +typedef int (*virNetlinkNewLinkCallback)(struct nl_msg *nl_msg, + const void *opaque); + +int virNetlinkNewLink(const int *ifindex, const char *ifname, + const virMacAddr *macaddress, const char *type, + virNetlinkNewLinkCallback cb, const void *opaque, + int *error); + typedef int (*virNetlinkDelLinkFallback)(const char *ifname); int virNetlinkDelLink(const char *ifname, virNetlinkDelLinkFallback fallback); -- 2.7.4

2 4

[libvirt] [PATCH v3 0/2] Add .domainGetHostname() support for QEMU driver.
by Julio Faracco 02 Sep '18

02 Sep '18

This serie adds a new function into QEMU Guest Agent handlers to use the QEMU command 'guest-get-host-name' to retrieve the domain hostname. This approach requires QEMU-GA running inside the guest, but it is the fastest and easiest way to get this info. Julio Faracco (2): qemu: implementing qemuAgentGetHostname() function. qemu: adding domainGetHostname support for QEMU. src/qemu/qemu_agent.c | 39 +++++++++++++++++++++++++++++++++++++++ src/qemu/qemu_agent.h | 4 ++++ src/qemu/qemu_driver.c | 40 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 83 insertions(+) -- 2.17.1

2 5

[libvirt] [PATCH] virsh: Drop dead variables
by Eric Blake 01 Sep '18

01 Sep '18

The helper function virshSnapshotCreate (formerly vshSnapshotCreate) has had dead variables since commit a00c37f2 (Sep 2011). Signed-off-by: Eric Blake <eblake(a)redhat.com> --- Pushing under the trivial rule. tools/virsh-snapshot.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/tools/virsh-snapshot.c b/tools/virsh-snapshot.c index 812fa91333..a4ea959230 100644 --- a/tools/virsh-snapshot.c +++ b/tools/virsh-snapshot.c @@ -50,9 +50,6 @@ virshSnapshotCreate(vshControl *ctl, virDomainPtr dom, const char *buffer, bool ret = false; virDomainSnapshotPtr snapshot; bool halt = false; - char *doc = NULL; - xmlDocPtr xml = NULL; - xmlXPathContextPtr ctxt = NULL; const char *name = NULL; snapshot = virDomainSnapshotCreateXML(dom, buffer, flags); @@ -101,10 +98,7 @@ virshSnapshotCreate(vshControl *ctl, virDomainPtr dom, const char *buffer, ret = true; cleanup: - xmlXPathFreeContext(ctxt); - xmlFreeDoc(xml); virshDomainSnapshotFree(snapshot); - VIR_FREE(doc); return ret; } -- 2.17.1

1 0