[libvirt] [PATCH] network: add debug when bandwidth settings are not applied
by Daniel P. Berrangé
To aid in troubleshooting add some debug messages wrt
bandwidth settings and networks.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
src/network/bridge_driver.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index 6a97bb17e2..c54be96407 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -5192,9 +5192,14 @@ networkCheckBandwidth(virNetworkObjPtr obj,
return -1;
}
+ if (!netBand || !netBand->in) {
+ VIR_DEBUG("No network bandwidth controls present");
+ /* no QoS required, claim success */
+ return 1;
+ }
if (((!ifaceBand || !ifaceBand->in || !ifaceBand->in->floor) &&
- (!oldBandwidth || !oldBandwidth->in || !oldBandwidth->in->floor)) ||
- !netBand || !netBand->in) {
+ (!oldBandwidth || !oldBandwidth->in || !oldBandwidth->in->floor))) {
+ VIR_DEBUG("No old/new interface bandwidth floor");
/* no QoS required, claim success */
return 1;
}
--
2.21.0
5 years, 2 months
[libvirt] [PATCH 0/9] Pass identity information between daemons
by Daniel P. Berrangé
This was previously posted as part of the daemon split series:
https://www.redhat.com/archives/libvir-list/2019-July/msg01754.html
The patches were not merged at the time since they needed more work
which is now done by this series.
This is all about enabling the polkit fine grain auth checks to
work correctly with the split daemons
A mgmt app running non-root will connect to virtqemud. virtqemud
sees the client identity as the non-root user. virtqemud in turn
may connect to virtnetworkd, forwarding API calls that the mgmt
app makes. virtnetworkd sees the client identity as the root user.
This series allows virtqemud to pass on the non-root identity of
the mgmt app to virtnetworkd, so that polkit checks are done against
the correct identity.
Daniel P. Berrangé (9):
api: introduce virConnectSetIdentity for passing uid, gid, selinux
info
util: change identity class attribute names
tests: fix debug messages wrt selinux context when test fails
util: make generic identity accessors private
util: removed unused virIdentityIsEqual method
util: sanitize return values for virIdentity getters
util: store identity attrs as virTypedParameter internally
util: allow identity to be imported/exported as typed parameters
remote: pass identity across to newly opened daemons
include/libvirt/libvirt-host.h | 74 +++++
src/access/viraccessdriverpolkit.c | 22 +-
src/admin/admin_server.c | 52 +--
src/driver-hypervisor.h | 7 +
src/libvirt-host.c | 51 +++
src/libvirt_private.syms | 21 +-
src/libvirt_public.syms | 4 +
src/libvirt_remote.syms | 1 +
src/remote/remote_daemon_dispatch.c | 112 ++++++-
src/remote/remote_driver.c | 1 +
src/remote/remote_protocol.x | 16 +-
src/remote_protocol-structs | 8 +
src/rpc/virnetserverclient.c | 20 +-
src/rpc/virnetserverclient.h | 2 +
src/util/viridentity.c | 488 ++++++++++++++++------------
src/util/viridentity.h | 71 ++--
tests/viridentitytest.c | 115 ++-----
tests/virnetserverclienttest.c | 40 +--
18 files changed, 672 insertions(+), 433 deletions(-)
--
2.21.0
5 years, 2 months
[libvirt] [PATCH] tests: remove use of virTestOOMActive from bhyve testsuite
by Daniel P. Berrangé
The virTestOOMActive method was deleted in
commit 2c52ecd96086b4643b99b4570b5823d40ce2787b
Author: Daniel P. Berrangé <berrange(a)redhat.com>
Date: Thu Aug 29 13:04:07 2019 +0100
util: purge all code for testing OOM handling
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
Pushed as a CI build fix for FreeBSD
tests/bhyveargv2xmltest.c | 44 +++++++++++++++++++--------------------
1 file changed, 21 insertions(+), 23 deletions(-)
diff --git a/tests/bhyveargv2xmltest.c b/tests/bhyveargv2xmltest.c
index 1684f03355..d108366682 100644
--- a/tests/bhyveargv2xmltest.c
+++ b/tests/bhyveargv2xmltest.c
@@ -39,38 +39,36 @@ testCompareXMLToArgvFiles(const char *xmlfile,
if (!(vmdef = bhyveParseCommandLineString(cmd, driver.bhyvecaps,
driver.xmlopt))) {
- if ((flags & FLAG_EXPECT_FAILURE) && !virTestOOMActive()) {
- VIR_TEST_DEBUG("Got expected failure from "
- "bhyveParseCommandLineString.");
+ if ((flags & FLAG_EXPECT_FAILURE)) {
+ VIR_TEST_DEBUG("Got expected failure from "
+ "bhyveParseCommandLineString.");
} else {
goto fail;
}
- } else if ((flags & FLAG_EXPECT_FAILURE) && !virTestOOMActive()) {
+ } else if ((flags & FLAG_EXPECT_FAILURE)) {
VIR_TEST_DEBUG("Did not get expected failure from "
"bhyveParseCommandLineString.");
goto fail;
}
- if (!virTestOOMActive()) {
- if ((log = virTestLogContentAndReset()) == NULL)
+ if ((log = virTestLogContentAndReset()) == NULL)
+ goto fail;
+ if (flags & FLAG_EXPECT_WARNING) {
+ if (*log) {
+ VIR_TEST_DEBUG("Got expected warning from "
+ "bhyveParseCommandLineString:\n%s",
+ log);
+ } else {
+ VIR_TEST_DEBUG("bhyveParseCommandLineString "
+ "should have logged a warning");
+ goto fail;
+ }
+ } else { /* didn't expect a warning */
+ if (*log) {
+ VIR_TEST_DEBUG("Got unexpected warning from "
+ "bhyveParseCommandLineString:\n%s",
+ log);
goto fail;
- if (flags & FLAG_EXPECT_WARNING) {
- if (*log) {
- VIR_TEST_DEBUG("Got expected warning from "
- "bhyveParseCommandLineString:\n%s",
- log);
- } else {
- VIR_TEST_DEBUG("bhyveParseCommandLineString "
- "should have logged a warning");
- goto fail;
- }
- } else { /* didn't expect a warning */
- if (*log) {
- VIR_TEST_DEBUG("Got unexpected warning from "
- "bhyveParseCommandLineString:\n%s",
- log);
- goto fail;
- }
}
}
--
2.21.0
5 years, 2 months
[libvirt] [PATCH] apparmor: avoid copying empty profile name
by Jim Fehlig
AppArmorGetSecurityProcessLabel copies the VM's profile name to the
label member of virSecurityLabel struct. If the profile is not loaded,
the name is set empty before calling virStrcpy to copy it. However,
virStrcpy will fail if src is empty (0 length), causing
AppArmorGetSecurityProcessLabel to needlessly fail. Simple operations
that report security driver information will subsequently fail
virsh dominfo test
Id: 248
Name: test
...
Security model: apparmor
Security DOI: 0
error: internal error: error copying profile name
Avoid copying an empty profile name when the profile is not loaded.
Signed-off-by: Jim Fehlig <jfehlig(a)suse.com>
---
src/security/security_apparmor.c | 15 +++++++--------
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index 6d16b15c65..77eee9410c 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -525,14 +525,13 @@ AppArmorGetSecurityProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
"%s", _("error getting profile status"));
goto cleanup;
} else if (status == -1) {
- profile_name[0] = '\0';
- }
-
- if (virStrcpy(sec->label, profile_name,
- VIR_SECURITY_LABEL_BUFLEN) < 0) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- "%s", _("error copying profile name"));
- goto cleanup;
+ sec->label[0] = '\0';
+ } else {
+ if (virStrcpy(sec->label, profile_name, VIR_SECURITY_LABEL_BUFLEN) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ "%s", _("error copying profile name"));
+ goto cleanup;
+ }
}
sec->enforcing = status == 1;
--
2.23.0
5 years, 2 months
[libvirt] [PATCH] qemu: fix detach of hostdev based network interface
by Daniel P. Berrangé
This fixes bug in
commit bbe2aa627f621e6749af374b22856184d1f351dc
Author: Daniel P. Berrangé <berrange(a)redhat.com>
Date: Thu Jul 26 17:24:30 2018 +0100
conf: simplify link from hostdev back to network device
hostdevs have a link back to the original network device. This is fairly
generic accepting any type of device, however, we don't intend to make
use of this approach in future. It can thus be specialized to network
devices.
Reviewed-by: Cole Robinson <crobinso(a)redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
which mistakenly deleted the assignment to the 'net' variable,
which meant we never invoked the network driver release callback
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
src/qemu/qemu_hotplug.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index bd8868b0f7..16070f2a57 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -4561,6 +4561,7 @@ qemuDomainRemoveHostDevice(virQEMUDriverPtr driver,
}
if (hostdev->parentnet) {
+ net = hostdev->parentnet;
for (i = 0; i < vm->def->nnets; i++) {
if (vm->def->nets[i] == hostdev->parentnet) {
virDomainNetRemove(vm->def, i);
--
2.21.0
5 years, 2 months
[libvirt] [PATCH 0/5] qemu: Use FW descriptors to report FW image paths
by Michal Privoznik
It feels a bit odd to report a built in list of FW images when we have
FW descriptor files. Especially, when some weird architectures are
concerned. For instance, OVMF_CODE.fd is reported even for
non-x86_64/non-i386 arches, like ppc. But if FW descriptor files are
taken into the picture then no OVMF_CODE.fd is ever reported.
One can argue, that these patches are not necessary, because the whole
point of FW descriptor files is that users do not have to bother with
paths to FW images. And that is true. However, the whole ecosystem of
FW descriptor files allows sys admins and regular users to write their
own FW descriptor files and thus reporting what paths libvirt found
might come handy when writing those descriptors.
Michal Prívozník (5):
virfirmware: Expose and define autoptr for virFirmwareFree
qemu_firmware: Document qemuFirmwareGetSupported
qemu_firmware: Extend qemuFirmwareGetSupported to return FW paths
qemufirmwaretest: Test FW path getting through
qemuFirmwareGetSupported()
qemu: Use FW descriptors to report FW image paths
src/libvirt_private.syms | 1 +
src/qemu/qemu_capabilities.c | 19 +++++++--
src/qemu/qemu_firmware.c | 81 +++++++++++++++++++++++++++++++++++-
src/qemu/qemu_firmware.h | 5 ++-
src/util/virfirmware.c | 2 +-
src/util/virfirmware.h | 5 +++
tests/qemufirmwaretest.c | 78 ++++++++++++++++++++++++++++++----
7 files changed, 177 insertions(+), 14 deletions(-)
--
2.21.0
5 years, 2 months
[libvirt] [PATCH] maint: Use pep8 to implement sc_prohibit_semicolon_at_eol_in_python
by Shi Lei
Now sc_prohibit_semicolon_at_eol_in_python can't handle semicolon
within multiline strings(comments) properly.
I suggest that we could use pep8 to check python code style error, such
as 'statement ends with a semicolon'. In future, we could use '--select'
to introduce other rules.
Signed-off-by: Shi Lei <shi_lei(a)massclouds.com>
---
cfg.mk | 6 ++----
configure.ac | 4 ++++
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/cfg.mk b/cfg.mk
index 42e1abf0..c8eaf74e 100644
--- a/cfg.mk
+++ b/cfg.mk
@@ -813,10 +813,8 @@ sc_require_enum_last_marker:
# In Python files we don't want to end lines with a semicolon like in C
sc_prohibit_semicolon_at_eol_in_python:
- @prohibit='^[^#].*\;$$' \
- in_vc_files='\.py$$' \
- halt='python does not require to end lines with a semicolon' \
- $(_sc_search_regexp)
+ @$(VC_LIST_EXCEPT) | $(GREP) '\.py$$' | xargs $(PEP8) --select E703 \
+ | $(GREP) . && { exit 1; } || :
# mymain() in test files should use return, not exit, for nicer output
sc_prohibit_exit_in_tests:
diff --git a/configure.ac b/configure.ac
index bf9e7681..37fa9924 100644
--- a/configure.ac
+++ b/configure.ac
@@ -704,6 +704,10 @@ AC_PATH_PROGS([PYTHON], [python3 python2 python])
if test -z "$PYTHON"; then
AC_MSG_ERROR(['python3', 'python2' or 'python' binary is required to build libvirt])
fi
+AC_PATH_PROG([PEP8], [pep8])
+if test -z "$PEP8"; then
+ AC_MSG_ERROR(['pep8' binary is required to check python code style])
+fi
AC_PATH_PROG([PERL], [perl])
if test -z "$PERL"; then
AC_MSG_ERROR(['perl' binary is required to build libvirt])
--
2.17.1
5 years, 2 months
[libvirt] [PATCH] conf: correctly convert 'managed' attribute from network port
by Daniel P. Berrangé
The virNetworkPortDef config stores the 'managed' attribute
as the virTristate type.
The virDomainDef config stores the 'managed' attribute as
the bool type.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
src/conf/domain_conf.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 3dc638f0de..ae196cac52 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -30688,7 +30688,15 @@ virDomainNetDefActualFromNetworkPort(virDomainNetDefPtr iface,
actual->data.hostdev.def.parentnet = iface;
actual->data.hostdev.def.info = &iface->info;
actual->data.hostdev.def.mode = VIR_DOMAIN_HOSTDEV_MODE_SUBSYS;
- actual->data.hostdev.def.managed = port->plug.hostdevpci.managed;
+ switch (port->plug.hostdevpci.managed) {
+ case VIR_TRISTATE_BOOL_YES:
+ actual->data.hostdev.def.managed = true;
+ break;
+ case VIR_TRISTATE_BOOL_ABSENT:
+ case VIR_TRISTATE_BOOL_NO:
+ actual->data.hostdev.def.managed = false;
+ break;
+ }
actual->data.hostdev.def.source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI;
actual->data.hostdev.def.source.subsys.u.pci.addr = port->plug.hostdevpci.addr;
switch ((virNetworkForwardDriverNameType)port->plug.hostdevpci.driver) {
@@ -30820,7 +30828,10 @@ virDomainNetDefActualToNetworkPort(virDomainDefPtr dom,
iface->ifname);
goto error;
}
- port->plug.hostdevpci.managed = actual->data.hostdev.def.managed;
+ if (actual->data.hostdev.def.managed)
+ port->plug.hostdevpci.managed = VIR_TRISTATE_BOOL_YES;
+ else
+ port->plug.hostdevpci.managed = VIR_TRISTATE_BOOL_NO;
port->plug.hostdevpci.addr = actual->data.hostdev.def.source.subsys.u.pci.addr;
switch ((virDomainHostdevSubsysPCIBackendType)actual->data.hostdev.def.source.subsys.u.pci.backend) {
case VIR_DOMAIN_HOSTDEV_PCI_BACKEND_DEFAULT:
--
2.21.0
5 years, 2 months
[libvirt] [PATCH python] sanitytest: whitelist 'network' method as having no C impl
by Daniel P. Berrangé
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
Pushed as a CI build fix for the previous patch.
sanitytest.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sanitytest.py b/sanitytest.py
index e87b57d..0b415fd 100644
--- a/sanitytest.py
+++ b/sanitytest.py
@@ -357,7 +357,7 @@ for klass in gotfunctions:
for func in sorted(gotfunctions[klass]):
# These are pure python methods with no C APi
if func in ["connect", "getConnect", "domain", "getDomain",
- "virEventInvokeFreeCallback",
+ "virEventInvokeFreeCallback", "network",
"sparseRecvAll", "sparseSendAll"]:
continue
--
2.21.0
5 years, 2 months
[libvirt] [PATCH v2 0/4] util: abort when out of memory
by Daniel P. Berrangé
This is the first part of a previously posted series:
https://www.redhat.com/archives/libvir-list/2019-August/msg01374.html
I've temporarily split the addition of glib into a separate branch
until we get clarity on guarantees around g_malloc() and mallc()
using the same allocator. I published a docs update
https://gitlab.gnome.org/GNOME/glib/merge_requests/1099/
to attempt to get confirmation from glib maintainers on this
matter.
Changed in v2:
- Keep ATTRIBUTE_RETURN_CHECK annotations. We're aborting on OOM,
but don't want to update all callers to drop return value
checks yet
- Update docs for virAsprintfQuiet too
Daniel P. Berrangé (4):
util: purge all code for testing OOM handling
util: make allocation functions abort on OOM
util: remove several unused _QUIET allocation macro variants
util: make string functions abort on OOM
configure.ac | 17 --
docs/docs.html.in | 3 -
docs/internals/oomtesting.html.in | 213 --------------------
src/libvirt_private.syms | 4 -
src/util/viralloc.c | 314 +++++-------------------------
src/util/viralloc.h | 192 ++++--------------
src/util/virstring.c | 93 +++------
src/util/virstring.h | 73 +++----
tests/Makefile.am | 1 -
tests/oomtrace.pl | 41 ----
tests/qemuxml2argvtest.c | 12 +-
tests/testutils.c | 189 +-----------------
tests/testutils.h | 2 -
tests/virfirewalltest.c | 12 --
14 files changed, 136 insertions(+), 1030 deletions(-)
delete mode 100644 docs/internals/oomtesting.html.in
delete mode 100755 tests/oomtrace.pl
--
2.21.0
5 years, 2 months