[PATCH] apparmor: allow libvirtd to call virtiofsd
by Kevin Locke
When using [virtiofs], libvirtd must launch [virtiofsd] to provide
filesystem access on the host. When a guest is configured with
virtiofs, such as:
<filesystem type='mount' accessmode='passthrough'>
<driver type='virtiofs'/>
<source dir='/path'/>
<target dir='mount_tag'/>
</filesystem>
Attempting to start the guest fails with:
internal error: virtiofsd died unexpectedly
/var/log/libvirt/qemu/$name-fs0-virtiofsd.log contains:
libvirt: error : cannot execute binary /usr/lib/qemu/virtiofsd: Permission denied
dmesg contains:
audit: type=1400 audit(1598229295.959:73): apparmor="DENIED" operation="exec" profile="libvirtd" name="/usr/lib/qemu/virtiofsd" pid=46007 comm="rpc-worker" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
To avoid this, allow execution of virtiofsd from the libvirtd AppArmor
profile.
[virtiofs]: https://libvirt.org/kbase/virtiofs.html
[virtiofsd]: https://www.qemu.org/docs/master/interop/virtiofsd.html
Signed-off-by: Kevin Locke <kevin(a)kevinlocke.name>
---
src/security/apparmor/usr.sbin.libvirtd.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/security/apparmor/usr.sbin.libvirtd.in b/src/security/apparmor/usr.sbin.libvirtd.in
index 4518e8f865..f2030764cd 100644
--- a/src/security/apparmor/usr.sbin.libvirtd.in
+++ b/src/security/apparmor/usr.sbin.libvirtd.in
@@ -89,6 +89,7 @@ profile libvirtd @sbindir@/libvirtd flags=(attach_disconnected) {
/usr/lib/xen-*/bin/libxl-save-helper PUx,
/usr/lib/xen-*/bin/pygrub PUx,
/usr/{lib,lib64,lib/qemu,libexec}/vhost-user-gpu PUx,
+ /usr/{lib,lib64,lib/qemu,libexec}/virtiofsd PUx,
# Required by nwfilter_ebiptables_driver.c:ebiptablesWriteToTempFile() to
# read and run an ebtables script.
--
2.28.0
4 years, 2 months
[PATCH V4 0/3] Xen: Support PCI permissive setting with writeFiltering attribute
by Jim Fehlig
This is V4 of Marek's series to support the xl.cfg(5) permissive setting on
PCI devices. Previous versions of the series
V3
https://www.redhat.com/archives/libvir-list/2020-August/msg00465.html
V2
https://www.redhat.com/archives/libvir-list/2020-April/msg01230.html
Changes from V3:
- Add a check to qemu_validate to report error if writeFiltering is used
in a qemu domain.
- Rebase to master.
Changes from V2:
- Instead of using a permisssive attribute on the <hostdev> element, use a
writeFiltering attribute on the <hostdev>'s <source> element. Rational
being that the filtering of writes to the PCI config space is done at
the source.
Jim Fehlig (3):
Xen: Add writeFiltering option for PCI devices
Xen: Add support for writeFiltering in config converter
News: Advertise support for writeFiltering attribute of PCI hostdevs
NEWS.rst | 7 ++
docs/formatdomain.rst | 7 +-
docs/schemas/domaincommon.rng | 5 ++
src/conf/domain_conf.c | 14 ++++
src/conf/domain_conf.h | 1 +
src/libxl/libxl_conf.c | 1 +
src/libxl/xen_common.c | 77 +++++++++++++++----
src/qemu/qemu_validate.c | 7 ++
.../libxlxml2domconfigdata/moredevs-hvm.json | 6 ++
tests/libxlxml2domconfigdata/moredevs-hvm.xml | 5 ++
tests/xlconfigdata/test-fullvirt-pci.cfg | 25 ++++++
tests/xlconfigdata/test-fullvirt-pci.xml | 53 +++++++++++++
tests/xlconfigtest.c | 1 +
13 files changed, 195 insertions(+), 14 deletions(-)
create mode 100644 tests/xlconfigdata/test-fullvirt-pci.cfg
create mode 100644 tests/xlconfigdata/test-fullvirt-pci.xml
--
2.28.0
4 years, 2 months
[libvirt PATCH 0/9] qemu: Allow migration over UNIX sockets
by Martin Kletzander
KubeVirt would like to use this feature. For more information see individual
commits and changes in manpages and documentation.
Resolves: https://bugzilla.redhat.com/1638889
Martin Kletzander (9):
qemu: Use g_autofree in qemuMigrationSrcConnect
qemu: Rework qemuMigrationSrcConnect
virsh: Reuse existing variable when parsing migrate --disks-port
qemu: Rework starting NBD server for migration
tests: Add simple test for virDomainMigrateCheckNotLocal
qemu: Allow NBD migration over UNIX socket
peer2peer migration: allow connecting to local sockets
qemu: Allow migration over UNIX socket
news: qemu: Allow migration over UNIX sockets
NEWS.rst | 6 +
docs/manpages/virsh.rst | 30 +++-
docs/migration.html.in | 33 ++++
include/libvirt/libvirt-domain.h | 12 ++
scripts/apibuild.py | 1 +
src/libvirt-domain.c | 12 +-
src/libvirt_internal.h | 2 +
src/libvirt_private.syms | 1 +
src/qemu/qemu_domain.h | 1 +
src/qemu/qemu_driver.c | 33 +++-
src/qemu/qemu_migration.c | 284 ++++++++++++++++++++++---------
src/qemu/qemu_migration.h | 3 +
src/qemu/qemu_migration_cookie.c | 22 ++-
src/qemu/qemu_migration_cookie.h | 1 +
src/remote/remote_driver.c | 8 +-
src/util/viruri.c | 30 ++++
src/util/viruri.h | 2 +
tests/meson.build | 1 +
tests/virmigtest.c | 90 ++++++++++
tools/virsh-domain.c | 19 ++-
20 files changed, 483 insertions(+), 108 deletions(-)
create mode 100644 tests/virmigtest.c
--
2.28.0
4 years, 2 months
[GSoC][PATCH v2] virmigraiton: `qemuMigrationJobPhase` transformed for more generic use
by Prathamesh Chavan
`qemuMigrationJobPhase` was transformed into `virMigrationJobPhase`
and a common util file `virmigration` was created to store its
defination.
This is one of the initial steps we are taking towards making
more and more code hypervisor agnostic. And this shall
be followed by transformation of similar structs in the future.
Signed-off-by: Prathamesh Chavan <pc44800(a)gmail.com>
---
Previous version of this patch can be found here[1].
After recent addition of `qemu_snapshot` files, I thought
about updating the patch on the new master so that
checking it out will be easier.
[1]: https://www.redhat.com/archives/libvir-list/2020-August/msg00743.html
src/hypervisor/meson.build | 1 +
src/hypervisor/virmigration.c | 41 +++++++++++++++++++
src/hypervisor/virmigration.h | 38 ++++++++++++++++++
src/libvirt_private.syms | 4 ++
src/qemu/MIGRATION.txt | 8 ++--
src/qemu/qemu_domainjob.c | 4 +-
src/qemu/qemu_migration.c | 74 +++++++++++++++++------------------
src/qemu/qemu_migration.h | 17 +-------
src/qemu/qemu_process.c | 48 +++++++++++------------
9 files changed, 151 insertions(+), 84 deletions(-)
create mode 100644 src/hypervisor/virmigration.c
create mode 100644 src/hypervisor/virmigration.h
diff --git a/src/hypervisor/meson.build b/src/hypervisor/meson.build
index 85149c683e..c81bdfa2fc 100644
--- a/src/hypervisor/meson.build
+++ b/src/hypervisor/meson.build
@@ -3,6 +3,7 @@ hypervisor_sources = [
'domain_driver.c',
'virclosecallbacks.c',
'virhostdev.c',
+ 'virmigration.c',
]
hypervisor_lib = static_library(
diff --git a/src/hypervisor/virmigration.c b/src/hypervisor/virmigration.c
new file mode 100644
index 0000000000..2cad5a6b1b
--- /dev/null
+++ b/src/hypervisor/virmigration.c
@@ -0,0 +1,41 @@
+/*
+ * virmigration.c: hypervisor migration handling
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * <http://www.gnu.org/licenses/>.
+ */
+
+#include <config.h>
+
+#include "virmigration.h"
+#include "domain_driver.h"
+#include "virlog.h"
+
+#define VIR_FROM_THIS VIR_FROM_DOMAIN
+
+VIR_LOG_INIT("util.migration");
+
+VIR_ENUM_IMPL(virMigrationJobPhase,
+ VIR_MIGRATION_PHASE_LAST,
+ "none",
+ "perform2",
+ "begin3",
+ "perform3",
+ "perform3_done",
+ "confirm3_cancelled",
+ "confirm3",
+ "prepare",
+ "finish2",
+ "finish3",
+);
diff --git a/src/hypervisor/virmigration.h b/src/hypervisor/virmigration.h
new file mode 100644
index 0000000000..e03d71c1bb
--- /dev/null
+++ b/src/hypervisor/virmigration.h
@@ -0,0 +1,38 @@
+/*
+ * virmigration.h: hypervisor migration handling
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * <http://www.gnu.org/licenses/>.
+ */
+
+#pragma once
+
+#include "virenum.h"
+
+
+typedef enum {
+ VIR_MIGRATION_PHASE_NONE = 0,
+ VIR_MIGRATION_PHASE_PERFORM2,
+ VIR_MIGRATION_PHASE_BEGIN3,
+ VIR_MIGRATION_PHASE_PERFORM3,
+ VIR_MIGRATION_PHASE_PERFORM3_DONE,
+ VIR_MIGRATION_PHASE_CONFIRM3_CANCELLED,
+ VIR_MIGRATION_PHASE_CONFIRM3,
+ VIR_MIGRATION_PHASE_PREPARE,
+ VIR_MIGRATION_PHASE_FINISH2,
+ VIR_MIGRATION_PHASE_FINISH3,
+
+ VIR_MIGRATION_PHASE_LAST
+} virMigrationJobPhase;
+VIR_ENUM_DECL(virMigrationJobPhase);
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index f950a68179..c7adf16aba 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1477,6 +1477,10 @@ virHostdevUpdateActiveSCSIDevices;
virHostdevUpdateActiveUSBDevices;
+# hypervisor/virmigration.h
+virMigrationJobPhaseTypeFromString;
+virMigrationJobPhaseTypeToString;
+
# libvirt_internal.h
virConnectSupportsFeature;
virDomainMigrateBegin3;
diff --git a/src/qemu/MIGRATION.txt b/src/qemu/MIGRATION.txt
index e861fd001e..dd044c6064 100644
--- a/src/qemu/MIGRATION.txt
+++ b/src/qemu/MIGRATION.txt
@@ -74,7 +74,7 @@ The sequence of calling qemuMigrationJob* helper methods is as follows:
migration type and version) has to start migration job and keep it active:
qemuMigrationJobStart(driver, vm, QEMU_JOB_MIGRATION_{IN,OUT});
- qemuMigrationJobSetPhase(driver, vm, QEMU_MIGRATION_PHASE_*);
+ qemuMigrationJobSetPhase(driver, vm, VIR_MIGRATION_PHASE_*);
...do work...
qemuMigrationJobContinue(vm);
@@ -82,7 +82,7 @@ The sequence of calling qemuMigrationJob* helper methods is as follows:
if (!qemuMigrationJobIsActive(vm, QEMU_JOB_MIGRATION_{IN,OUT}))
return;
- qemuMigrationJobStartPhase(driver, vm, QEMU_MIGRATION_PHASE_*);
+ qemuMigrationJobStartPhase(driver, vm, VIR_MIGRATION_PHASE_*);
...do work...
qemuMigrationJobContinue(vm);
@@ -90,11 +90,11 @@ The sequence of calling qemuMigrationJob* helper methods is as follows:
if (!qemuMigrationJobIsActive(vm, QEMU_JOB_MIGRATION_{IN,OUT}))
return;
- qemuMigrationJobStartPhase(driver, vm, QEMU_MIGRATION_PHASE_*);
+ qemuMigrationJobStartPhase(driver, vm, VIR_MIGRATION_PHASE_*);
...do work...
qemuMigrationJobFinish(driver, vm);
While migration job is running (i.e., after qemuMigrationJobStart* but before
qemuMigrationJob{Continue,Finish}), migration phase can be advanced using
- qemuMigrationJobSetPhase(driver, vm, QEMU_MIGRATION_PHASE_*);
+ qemuMigrationJobSetPhase(driver, vm, VIR_MIGRATION_PHASE_*);
diff --git a/src/qemu/qemu_domainjob.c b/src/qemu/qemu_domainjob.c
index eeaa089959..02f85e1b13 100644
--- a/src/qemu/qemu_domainjob.c
+++ b/src/qemu/qemu_domainjob.c
@@ -70,7 +70,7 @@ qemuDomainAsyncJobPhaseToString(qemuDomainAsyncJob job,
switch (job) {
case QEMU_ASYNC_JOB_MIGRATION_OUT:
case QEMU_ASYNC_JOB_MIGRATION_IN:
- return qemuMigrationJobPhaseTypeToString(phase);
+ return virMigrationJobPhaseTypeToString(phase);
case QEMU_ASYNC_JOB_SAVE:
case QEMU_ASYNC_JOB_DUMP:
@@ -96,7 +96,7 @@ qemuDomainAsyncJobPhaseFromString(qemuDomainAsyncJob job,
switch (job) {
case QEMU_ASYNC_JOB_MIGRATION_OUT:
case QEMU_ASYNC_JOB_MIGRATION_IN:
- return qemuMigrationJobPhaseTypeFromString(phase);
+ return virMigrationJobPhaseTypeFromString(phase);
case QEMU_ASYNC_JOB_SAVE:
case QEMU_ASYNC_JOB_DUMP:
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 142faa2cf9..a6f1da97bd 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -67,8 +67,8 @@
VIR_LOG_INIT("qemu.qemu_migration");
-VIR_ENUM_IMPL(qemuMigrationJobPhase,
- QEMU_MIGRATION_PHASE_LAST,
+VIR_ENUM_IMPL(virMigrationJobPhase,
+ VIR_MIGRATION_PHASE_LAST,
"none",
"perform2",
"begin3",
@@ -91,13 +91,13 @@ qemuMigrationJobStart(virQEMUDriverPtr driver,
static void
qemuMigrationJobSetPhase(virQEMUDriverPtr driver,
virDomainObjPtr vm,
- qemuMigrationJobPhase phase)
+ virMigrationJobPhase phase)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2);
static void
qemuMigrationJobStartPhase(virQEMUDriverPtr driver,
virDomainObjPtr vm,
- qemuMigrationJobPhase phase)
+ virMigrationJobPhase phase)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2);
static void
@@ -2023,13 +2023,13 @@ qemuMigrationSrcCleanup(virDomainObjPtr vm,
" was closed; canceling the migration",
vm->def->name);
- switch ((qemuMigrationJobPhase) priv->job.phase) {
- case QEMU_MIGRATION_PHASE_BEGIN3:
+ switch ((virMigrationJobPhase) priv->job.phase) {
+ case VIR_MIGRATION_PHASE_BEGIN3:
/* just forget we were about to migrate */
qemuDomainObjDiscardAsyncJob(driver, vm);
break;
- case QEMU_MIGRATION_PHASE_PERFORM3_DONE:
+ case VIR_MIGRATION_PHASE_PERFORM3_DONE:
VIR_WARN("Migration of domain %s finished but we don't know if the"
" domain was successfully started on destination or not",
vm->def->name);
@@ -2039,19 +2039,19 @@ qemuMigrationSrcCleanup(virDomainObjPtr vm,
qemuDomainObjDiscardAsyncJob(driver, vm);
break;
- case QEMU_MIGRATION_PHASE_PERFORM3:
+ case VIR_MIGRATION_PHASE_PERFORM3:
/* cannot be seen without an active migration API; unreachable */
- case QEMU_MIGRATION_PHASE_CONFIRM3:
- case QEMU_MIGRATION_PHASE_CONFIRM3_CANCELLED:
+ case VIR_MIGRATION_PHASE_CONFIRM3:
+ case VIR_MIGRATION_PHASE_CONFIRM3_CANCELLED:
/* all done; unreachable */
- case QEMU_MIGRATION_PHASE_PREPARE:
- case QEMU_MIGRATION_PHASE_FINISH2:
- case QEMU_MIGRATION_PHASE_FINISH3:
+ case VIR_MIGRATION_PHASE_PREPARE:
+ case VIR_MIGRATION_PHASE_FINISH2:
+ case VIR_MIGRATION_PHASE_FINISH3:
/* incoming migration; unreachable */
- case QEMU_MIGRATION_PHASE_PERFORM2:
+ case VIR_MIGRATION_PHASE_PERFORM2:
/* single phase outgoing migration; unreachable */
- case QEMU_MIGRATION_PHASE_NONE:
- case QEMU_MIGRATION_PHASE_LAST:
+ case VIR_MIGRATION_PHASE_NONE:
+ case VIR_MIGRATION_PHASE_LAST:
/* unreachable */
;
}
@@ -2087,7 +2087,7 @@ qemuMigrationSrcBeginPhase(virQEMUDriverPtr driver,
* change protection.
*/
if (priv->job.asyncJob == QEMU_ASYNC_JOB_MIGRATION_OUT)
- qemuMigrationJobSetPhase(driver, vm, QEMU_MIGRATION_PHASE_BEGIN3);
+ qemuMigrationJobSetPhase(driver, vm, VIR_MIGRATION_PHASE_BEGIN3);
if (!qemuMigrationSrcIsAllowed(driver, vm, true, flags))
return NULL;
@@ -2546,7 +2546,7 @@ qemuMigrationDstPrepareAny(virQEMUDriverPtr driver,
if (qemuMigrationJobStart(driver, vm, QEMU_ASYNC_JOB_MIGRATION_IN,
flags) < 0)
goto cleanup;
- qemuMigrationJobSetPhase(driver, vm, QEMU_MIGRATION_PHASE_PREPARE);
+ qemuMigrationJobSetPhase(driver, vm, VIR_MIGRATION_PHASE_PREPARE);
/* Domain starts inactive, even if the domain XML had an id field. */
vm->def->id = -1;
@@ -3007,10 +3007,9 @@ qemuMigrationSrcConfirmPhase(virQEMUDriverPtr driver,
virCheckFlags(QEMU_MIGRATION_FLAGS, -1);
- qemuMigrationJobSetPhase(driver, vm,
- retcode == 0
- ? QEMU_MIGRATION_PHASE_CONFIRM3
- : QEMU_MIGRATION_PHASE_CONFIRM3_CANCELLED);
+ qemuMigrationJobSetPhase(driver, vm, retcode == 0
+ ? VIR_MIGRATION_PHASE_CONFIRM3
+ : VIR_MIGRATION_PHASE_CONFIRM3_CANCELLED);
if (!(mig = qemuMigrationEatCookie(driver, vm->def, priv->origname, priv,
cookiein, cookieinlen,
@@ -3100,7 +3099,7 @@ qemuMigrationSrcConfirm(virQEMUDriverPtr driver,
unsigned int flags,
int cancelled)
{
- qemuMigrationJobPhase phase;
+ virMigrationJobPhase phase;
virQEMUDriverConfigPtr cfg = NULL;
int ret = -1;
@@ -3110,9 +3109,9 @@ qemuMigrationSrcConfirm(virQEMUDriverPtr driver,
goto cleanup;
if (cancelled)
- phase = QEMU_MIGRATION_PHASE_CONFIRM3_CANCELLED;
+ phase = VIR_MIGRATION_PHASE_CONFIRM3_CANCELLED;
else
- phase = QEMU_MIGRATION_PHASE_CONFIRM3;
+ phase = VIR_MIGRATION_PHASE_CONFIRM3;
qemuMigrationJobStartPhase(driver, vm, phase);
virCloseCallbacksUnset(driver->closeCallbacks, vm,
@@ -4059,7 +4058,7 @@ qemuMigrationSrcPerformPeer2Peer2(virQEMUDriverPtr driver,
* until the migration is complete.
*/
VIR_DEBUG("Perform %p", sconn);
- qemuMigrationJobSetPhase(driver, vm, QEMU_MIGRATION_PHASE_PERFORM2);
+ qemuMigrationJobSetPhase(driver, vm, VIR_MIGRATION_PHASE_PERFORM2);
if (flags & VIR_MIGRATE_TUNNELLED)
ret = qemuMigrationSrcPerformTunnel(driver, vm, st, NULL,
NULL, 0, NULL, NULL,
@@ -4297,7 +4296,7 @@ qemuMigrationSrcPerformPeer2Peer3(virQEMUDriverPtr driver,
* confirm migration completion.
*/
VIR_DEBUG("Perform3 %p uri=%s", sconn, NULLSTR(uri));
- qemuMigrationJobSetPhase(driver, vm, QEMU_MIGRATION_PHASE_PERFORM3);
+ qemuMigrationJobSetPhase(driver, vm, VIR_MIGRATION_PHASE_PERFORM3);
VIR_FREE(cookiein);
cookiein = g_steal_pointer(&cookieout);
cookieinlen = cookieoutlen;
@@ -4322,8 +4321,7 @@ qemuMigrationSrcPerformPeer2Peer3(virQEMUDriverPtr driver,
if (ret < 0) {
virErrorPreserveLast(&orig_err);
} else {
- qemuMigrationJobSetPhase(driver, vm,
- QEMU_MIGRATION_PHASE_PERFORM3_DONE);
+ qemuMigrationJobSetPhase(driver, vm, VIR_MIGRATION_PHASE_PERFORM3_DONE);
}
/* If Perform returns < 0, then we need to cancel the VM
@@ -4687,7 +4685,7 @@ qemuMigrationSrcPerformJob(virQEMUDriverPtr driver,
migParams, flags, dname, resource,
&v3proto);
} else {
- qemuMigrationJobSetPhase(driver, vm, QEMU_MIGRATION_PHASE_PERFORM2);
+ qemuMigrationJobSetPhase(driver, vm, VIR_MIGRATION_PHASE_PERFORM2);
ret = qemuMigrationSrcPerformNative(driver, vm, persist_xml, uri, cookiein, cookieinlen,
cookieout, cookieoutlen,
flags, resource, NULL, NULL, 0, NULL,
@@ -4772,7 +4770,7 @@ qemuMigrationSrcPerformPhase(virQEMUDriverPtr driver,
return ret;
}
- qemuMigrationJobStartPhase(driver, vm, QEMU_MIGRATION_PHASE_PERFORM3);
+ qemuMigrationJobStartPhase(driver, vm, VIR_MIGRATION_PHASE_PERFORM3);
virCloseCallbacksUnset(driver->closeCallbacks, vm,
qemuMigrationSrcCleanup);
@@ -4786,7 +4784,7 @@ qemuMigrationSrcPerformPhase(virQEMUDriverPtr driver,
goto endjob;
}
- qemuMigrationJobSetPhase(driver, vm, QEMU_MIGRATION_PHASE_PERFORM3_DONE);
+ qemuMigrationJobSetPhase(driver, vm, VIR_MIGRATION_PHASE_PERFORM3_DONE);
if (virCloseCallbacksSet(driver->closeCallbacks, vm, conn,
qemuMigrationSrcCleanup) < 0)
@@ -5019,8 +5017,8 @@ qemuMigrationDstFinish(virQEMUDriverPtr driver,
ignore_value(virTimeMillisNow(&timeReceived));
qemuMigrationJobStartPhase(driver, vm,
- v3proto ? QEMU_MIGRATION_PHASE_FINISH3
- : QEMU_MIGRATION_PHASE_FINISH2);
+ v3proto ? VIR_MIGRATION_PHASE_FINISH3
+ : VIR_MIGRATION_PHASE_FINISH2);
qemuDomainCleanupRemove(vm, qemuMigrationDstPrepareCleanup);
g_clear_pointer(&priv->job.completed, qemuDomainJobInfoFree);
@@ -5498,14 +5496,14 @@ qemuMigrationJobStart(virQEMUDriverPtr driver,
static void
qemuMigrationJobSetPhase(virQEMUDriverPtr driver,
virDomainObjPtr vm,
- qemuMigrationJobPhase phase)
+ virMigrationJobPhase phase)
{
qemuDomainObjPrivatePtr priv = vm->privateData;
if (phase < priv->job.phase) {
VIR_ERROR(_("migration protocol going backwards %s => %s"),
- qemuMigrationJobPhaseTypeToString(priv->job.phase),
- qemuMigrationJobPhaseTypeToString(phase));
+ virMigrationJobPhaseTypeToString(priv->job.phase),
+ virMigrationJobPhaseTypeToString(phase));
return;
}
@@ -5515,7 +5513,7 @@ qemuMigrationJobSetPhase(virQEMUDriverPtr driver,
static void
qemuMigrationJobStartPhase(virQEMUDriverPtr driver,
virDomainObjPtr vm,
- qemuMigrationJobPhase phase)
+ virMigrationJobPhase phase)
{
qemuMigrationJobSetPhase(driver, vm, phase);
}
diff --git a/src/qemu/qemu_migration.h b/src/qemu/qemu_migration.h
index b6f88d3fd9..b05f5254b4 100644
--- a/src/qemu/qemu_migration.h
+++ b/src/qemu/qemu_migration.h
@@ -24,6 +24,7 @@
#include "qemu_conf.h"
#include "qemu_domain.h"
#include "qemu_migration_params.h"
+#include "virmigration.h"
#include "virenum.h"
/*
@@ -87,22 +88,6 @@
NULL
-typedef enum {
- QEMU_MIGRATION_PHASE_NONE = 0,
- QEMU_MIGRATION_PHASE_PERFORM2,
- QEMU_MIGRATION_PHASE_BEGIN3,
- QEMU_MIGRATION_PHASE_PERFORM3,
- QEMU_MIGRATION_PHASE_PERFORM3_DONE,
- QEMU_MIGRATION_PHASE_CONFIRM3_CANCELLED,
- QEMU_MIGRATION_PHASE_CONFIRM3,
- QEMU_MIGRATION_PHASE_PREPARE,
- QEMU_MIGRATION_PHASE_FINISH2,
- QEMU_MIGRATION_PHASE_FINISH3,
-
- QEMU_MIGRATION_PHASE_LAST
-} qemuMigrationJobPhase;
-VIR_ENUM_DECL(qemuMigrationJobPhase);
-
char *
qemuMigrationSrcBegin(virConnectPtr conn,
virDomainObjPtr vm,
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index ad461d8f34..55b31382f3 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -3434,24 +3434,24 @@ qemuProcessRecoverMigrationIn(virQEMUDriverPtr driver,
(state == VIR_DOMAIN_RUNNING &&
reason == VIR_DOMAIN_RUNNING_POSTCOPY);
- switch ((qemuMigrationJobPhase) job->phase) {
- case QEMU_MIGRATION_PHASE_NONE:
- case QEMU_MIGRATION_PHASE_PERFORM2:
- case QEMU_MIGRATION_PHASE_BEGIN3:
- case QEMU_MIGRATION_PHASE_PERFORM3:
- case QEMU_MIGRATION_PHASE_PERFORM3_DONE:
- case QEMU_MIGRATION_PHASE_CONFIRM3_CANCELLED:
- case QEMU_MIGRATION_PHASE_CONFIRM3:
- case QEMU_MIGRATION_PHASE_LAST:
+ switch ((virMigrationJobPhase) job->phase) {
+ case VIR_MIGRATION_PHASE_NONE:
+ case VIR_MIGRATION_PHASE_PERFORM2:
+ case VIR_MIGRATION_PHASE_BEGIN3:
+ case VIR_MIGRATION_PHASE_PERFORM3:
+ case VIR_MIGRATION_PHASE_PERFORM3_DONE:
+ case VIR_MIGRATION_PHASE_CONFIRM3_CANCELLED:
+ case VIR_MIGRATION_PHASE_CONFIRM3:
+ case VIR_MIGRATION_PHASE_LAST:
/* N/A for incoming migration */
break;
- case QEMU_MIGRATION_PHASE_PREPARE:
+ case VIR_MIGRATION_PHASE_PREPARE:
VIR_DEBUG("Killing unfinished incoming migration for domain %s",
vm->def->name);
return -1;
- case QEMU_MIGRATION_PHASE_FINISH2:
+ case VIR_MIGRATION_PHASE_FINISH2:
/* source domain is already killed so let's just resume the domain
* and hope we are all set */
VIR_DEBUG("Incoming migration finished, resuming domain %s",
@@ -3463,7 +3463,7 @@ qemuProcessRecoverMigrationIn(virQEMUDriverPtr driver,
}
break;
- case QEMU_MIGRATION_PHASE_FINISH3:
+ case VIR_MIGRATION_PHASE_FINISH3:
/* migration finished, we started resuming the domain but didn't
* confirm success or failure yet; killing it seems safest unless
* we already started guest CPUs or we were in post-copy mode */
@@ -3495,22 +3495,22 @@ qemuProcessRecoverMigrationOut(virQEMUDriverPtr driver,
reason == VIR_DOMAIN_PAUSED_POSTCOPY_FAILED);
bool resume = false;
- switch ((qemuMigrationJobPhase) job->phase) {
- case QEMU_MIGRATION_PHASE_NONE:
- case QEMU_MIGRATION_PHASE_PREPARE:
- case QEMU_MIGRATION_PHASE_FINISH2:
- case QEMU_MIGRATION_PHASE_FINISH3:
- case QEMU_MIGRATION_PHASE_LAST:
+ switch ((virMigrationJobPhase) job->phase) {
+ case VIR_MIGRATION_PHASE_NONE:
+ case VIR_MIGRATION_PHASE_PREPARE:
+ case VIR_MIGRATION_PHASE_FINISH2:
+ case VIR_MIGRATION_PHASE_FINISH3:
+ case VIR_MIGRATION_PHASE_LAST:
/* N/A for outgoing migration */
break;
- case QEMU_MIGRATION_PHASE_BEGIN3:
+ case VIR_MIGRATION_PHASE_BEGIN3:
/* nothing happened so far, just forget we were about to migrate the
* domain */
break;
- case QEMU_MIGRATION_PHASE_PERFORM2:
- case QEMU_MIGRATION_PHASE_PERFORM3:
+ case VIR_MIGRATION_PHASE_PERFORM2:
+ case VIR_MIGRATION_PHASE_PERFORM3:
/* migration is still in progress, let's cancel it and resume the
* domain; however we can only do that before migration enters
* post-copy mode
@@ -3528,7 +3528,7 @@ qemuProcessRecoverMigrationOut(virQEMUDriverPtr driver,
}
break;
- case QEMU_MIGRATION_PHASE_PERFORM3_DONE:
+ case VIR_MIGRATION_PHASE_PERFORM3_DONE:
/* migration finished but we didn't have a chance to get the result
* of Finish3 step; third party needs to check what to do next; in
* post-copy mode we can use PAUSED_POSTCOPY_FAILED state for this
@@ -3537,7 +3537,7 @@ qemuProcessRecoverMigrationOut(virQEMUDriverPtr driver,
qemuMigrationAnyPostcopyFailed(driver, vm);
break;
- case QEMU_MIGRATION_PHASE_CONFIRM3_CANCELLED:
+ case VIR_MIGRATION_PHASE_CONFIRM3_CANCELLED:
/* Finish3 failed, we need to resume the domain, but once we enter
* post-copy mode there's no way back, so let's just mark the domain
* as broken in that case
@@ -3551,7 +3551,7 @@ qemuProcessRecoverMigrationOut(virQEMUDriverPtr driver,
}
break;
- case QEMU_MIGRATION_PHASE_CONFIRM3:
+ case VIR_MIGRATION_PHASE_CONFIRM3:
/* migration completed, we need to kill the domain here */
*stopFlags |= VIR_QEMU_PROCESS_STOP_MIGRATED;
return -1;
--
2.25.1
4 years, 2 months
[GSoC][PATCH v4 0/8] creating hypervisor-agnostic domainjob
by Prathamesh Chavan
This series deals with removal of external dependencies of
`qemu_domainjob`, followed by it being moved to
`hypervisor/virdomainjob`, and renaming corresponding
structures and functions for creating the hypervisor-agnostic
domain-jobs.
Previous series can be seen here[1].
The previous series was updated because:
1. The patch series was rebased on master, after the recent merge
of `qemu_snapshot`, so that while checking it out, we can avoid
conflicts.
2. Patch "qemu_domainjob: removed reference to `qemuDomainObjPrivatePtr`"
was updated.
3. Patch "virdomainjob: moved `qemu_domainjob` to
`hypervisor/virdomainjob`" was added to complete the series.
This series is based on this patch (virmigraiton:
`qemuMigrationJobPhase` transformed for more generic
use)[2]. Please checkout that out first and then base this
patch series over it. You can see all these changes on my
github account[3].
[1]: https://www.redhat.com/archives/libvir-list/2020-August/msg00744.html
[2]: https://www.redhat.com/archives/libvir-list/2020-August/msg00966.html
[3]: https://github.com/pratham-pc/libvirt/tree/cms
Prathamesh Chavan (8):
qemu_domainjob: `qemuDomainJobInfo` code moved to `qemu_domain`
qemu_domain: Added `qemuDomainJobInfo` to domainJob's `privateData`
qemu_domainjob: callback functions added to access `jobs_queued`
qemu_domainjob: callback function added to access `maxQueuedJobs`
qemu_domainjob: `qemuDomainJobPrivateJobCallbacks` structure nested
qemu_domainjob: add `saveDomainStatus` as a callback function to jobs
qemu_domainjob: removed reference to `qemuDomainObjPrivatePtr`
virdomainjob: moved `qemu_domainjob` to `hypervisor/virdomainjob`
po/POTFILES.in | 2 +-
po/libvirt.pot | 34 +-
src/hypervisor/meson.build | 1 +
src/hypervisor/virdomainjob.c | 792 ++++++++++++++++++
src/hypervisor/virdomainjob.h | 243 ++++++
src/libvirt_private.syms | 28 +
src/qemu/meson.build | 1 -
src/qemu/qemu_backup.c | 92 +--
src/qemu/qemu_backup.h | 5 +-
src/qemu/qemu_block.c | 65 +-
src/qemu/qemu_block.h | 18 +-
src/qemu/qemu_blockjob.c | 77 +-
src/qemu/qemu_blockjob.h | 3 +-
src/qemu/qemu_checkpoint.c | 39 +-
src/qemu/qemu_domain.c | 657 +++++++++++++--
src/qemu/qemu_domain.h | 106 ++-
src/qemu/qemu_domainjob.c | 1291 ------------------------------
src/qemu/qemu_domainjob.h | 291 -------
src/qemu/qemu_driver.c | 1186 ++++++++++++++-------------
src/qemu/qemu_hotplug.c | 335 ++++----
src/qemu/qemu_hotplug.h | 38 +-
src/qemu/qemu_migration.c | 594 +++++++-------
src/qemu/qemu_migration.h | 20 +-
src/qemu/qemu_migration_cookie.c | 17 +-
src/qemu/qemu_migration_params.c | 52 +-
src/qemu/qemu_migration_params.h | 15 +-
src/qemu/qemu_process.c | 462 ++++++-----
src/qemu/qemu_process.h | 37 +-
src/qemu/qemu_saveimage.c | 4 +-
src/qemu/qemu_saveimage.h | 6 +-
src/qemu/qemu_snapshot.c | 111 ++-
tests/qemuhotplugtest.c | 2 +-
32 files changed, 3323 insertions(+), 3301 deletions(-)
create mode 100644 src/hypervisor/virdomainjob.c
create mode 100644 src/hypervisor/virdomainjob.h
delete mode 100644 src/qemu/qemu_domainjob.c
delete mode 100644 src/qemu/qemu_domainjob.h
--
2.25.1
4 years, 2 months
[PATCH 0/3] CI/test improvements in qemuxml2argvtest
by Daniel Henrique Barboza
Hi,
This started as a saga of figuring out why Libvirt was failing
to build in a Power 9 host after the switch to meson. Turns
out that one of the tests, qemuxml2argvtest, is taking almost
5 minutes to complete, and meson throws a timeout error. This
wasn't noticed before because the test actually completes
without errors.
Running 'perf' showed that 95% of the time spent in
qemuxml2argvtest in Power 9 were in virHostCPUGetMicrocodeVersion()
calls, which is not needed for PowerPC since 'microcode' is
x86 specific. This means that we're calling 'show_cpuinfo' from
the kernel, fetching dynamic data from all CPUs, and then
failing because there is no 'microcode' string. The Power 9
host I tested with has 128 CPUs, meaning that 'show_cpuinfo'
is not something to scoff at.
First patch is a trivial cleanup. Patch 02 is a runtime fix.
The cake is in patch 03. Patch 03 will improve CI on all
archs, including x86, which is nice.
Daniel Henrique Barboza (3):
virhostcpu.c: modernize virHostCPUGetMicrocodeVersion()
virhostcpu.c: skip non x86 hosts in virHostCPUGetMicrocodeVersion()
domaincapsmoc.c: mock virHostCPUGetMicrocodeVersion()
src/cpu/cpu_x86.c | 2 +-
src/qemu/qemu_capabilities.c | 4 ++--
src/util/virhostcpu.c | 13 +++++++------
src/util/virhostcpu.h | 3 ++-
tests/domaincapsmock.c | 6 ++++++
5 files changed, 18 insertions(+), 10 deletions(-)
--
2.26.2
4 years, 2 months
[PATCH V2 0/3] Xen: Add support for qemu commandline passthrough
by Jim Fehlig
V2 of https://www.redhat.com/archives/libvir-list/2020-July/msg02043.html
Changes in V2:
- Drop use of virStringListCopy, and hence patch 1/4
- Switch to using 'xen' namespace and schema extenstion instead of qemu
- Use more glib functions
Jim Fehlig (3):
Xen: Add support for qemu command-line passthrough
Xen: Add support for qemu commandline passthrough to config converter
news: Mention support for device model commandline passthrough in Xen
NEWS.rst | 8 ++
docs/drvxen.html.in | 29 +++++++
docs/schemas/domaincommon.rng | 17 ++++
src/libxl/libxl_conf.c | 10 ++-
src/libxl/libxl_conf.h | 8 ++
src/libxl/libxl_domain.c | 84 ++++++++++++++++++
src/libxl/libxl_domain.h | 1 +
src/libxl/xen_xl.c | 91 ++++++++++++++++++++
tests/xlconfigdata/test-qemu-passthrough.cfg | 26 ++++++
tests/xlconfigdata/test-qemu-passthrough.xml | 53 ++++++++++++
tests/xlconfigtest.c | 1 +
11 files changed, 327 insertions(+), 1 deletion(-)
create mode 100644 tests/xlconfigdata/test-qemu-passthrough.cfg
create mode 100644 tests/xlconfigdata/test-qemu-passthrough.xml
--
2.26.2
4 years, 2 months
XDR related breakage in libvirt v6.6.0 when using libvirt-lxc
by Christian Ehrhardt
Hi,
I expect that this falls under the "with meson now everything is
different anyway" umbrella but wanted to let you know about this as it
affects v6.6 in at least Ubuntu/Debian.
The following recent patch has broken libvirt-lxc for us:
commit d7147b3797380de2d159ce6324536f3e1f2d97e3
Author: Pavel Hrdina <phrdina(a)redhat.com>
Date: Fri Jun 19 00:44:07 2020 +0200
m4: virt-xdr: rewrite XDR check
I was tracking that down for [1] since the tests [4] failed on me. [2]
holds the backtrace.
In Debian the tests are skipped which explains why they were not seen there:
smoke-lxc SKIP Test requires machine-level isolation but testbed
does not provide that
What happens is that the libvirt_lxc segfaults when using XDR functions.
dmesg shows:
[582093.524644] libvirt_lxc[261446]: segfault at 0 ip 0000000000000000
sp 00007ffdd2345598 error 14 in libvirt_lxc[5587e42aa000+8000]
[582093.524650] Code: Bad RIP value.
There are quite some uncertainties left, but on the surface it seems
that it links with libtirpc but
then instead of calling
libtirpc: src/xdr.c:929:xdr_uint64_t(xdrs, ullp)
it ends (gdb tells us in [2]) in glibc
glibc: sunrpc/xdr_intXX_t.c:62:xdr_uint64_t (XDR *xdrs, uint64_t *uip)
And the return from that function breaks it badly (instruction pointer
at 0x0 -> segfault)
Bisecting pointed to the referred commit which brings libtirpc into the mix.
The former builds had xdr detected, but not with libtirpc.
configure: xdr: yes (CFLAGS='' LIBS='')
The new config now does
configure: xdr: yes (CFLAGS='-I/usr/include/tirpc' LIBS='-ltirpc')
And the resulting libvirt_lxc reflects that
v6.0.0
$ lddtree /usr/lib/libvirt/libvirt_lxc | grep tirpc
v6.6.0
$ lddtree /usr/lib/libvirt/libvirt_lxc | grep tirpc
libtirpc.so.3 => /lib/x86_64-linux-gnu/libtirpc.so.3
This seems to lead to the bad jump and the crash eventually.
Meanwhile reverting d7147b37 "m4: virt-xdr: rewrite XDR check" on top
of v6.6.0 resolves the issue back to the former state.
For anyone that wants to recreate this, I also attached a bisect
script [3] which includes the test case you'd need.
[1]: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1892826
[2]: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1892826/comments/4
[3]: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1892826/+attachmen...
[4]: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929...
--
Christian Ehrhardt
Staff Engineer, Ubuntu Server
Canonical Ltd
4 years, 2 months
[libvirt PATCH] storage_util: fix qemu-img sparse allocation
by Pavel Hrdina
Commit <c9ec7088c7a3f4cd26bb471f1f243931fff6f4f9> introduced a support
to fully allocate qcow2 images when <allocation> matches <capacity> but
it doesn't work as expected.
The issue is that info.size_arg is in KB but the info.allocation
introduced by the mentioned commit is in B. This results in using
"preallocation=falloc," in cases where "preallocation=metadata," should
be used.
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
src/storage/storage_util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c
index f7c09e3375..fcecedbc3a 100644
--- a/src/storage/storage_util.c
+++ b/src/storage/storage_util.c
@@ -1044,7 +1044,7 @@ virStorageBackendCreateQemuImgCmdFromVol(virStoragePoolObjPtr pool,
.type = NULL,
.inputType = NULL,
.path = vol->target.path,
- .allocation = vol->target.allocation,
+ .allocation = VIR_DIV_UP(vol->target.allocation, 1024),
.encryption = !!vol->target.encryption,
.preallocate = !!(flags & VIR_STORAGE_VOL_CREATE_PREALLOC_METADATA),
.compat = vol->target.compat,
--
2.26.2
4 years, 2 months
[libvirt PATCH] rpm: always disable ceph on 32-bit
by Daniel P. Berrangé
The logic to disable Ceph on 32-bit was protected by a Fedora
conditional. This is redundant as RHEL doesn't build on 32-bit
platforms for years.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
libvirt.spec.in | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index e64cfdb561..5193a7cf89 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -117,11 +117,9 @@
%define with_storage_zfs 0
%endif
-# Ceph dropping support for 32-bit hosts
-%if 0%{?fedora} >= 30
- %ifarch %{arm} %{ix86}
- %define with_storage_rbd 0
- %endif
+# Ceph dropped support for 32-bit hosts
+%ifarch %{arm} %{ix86}
+ %define with_storage_rbd 0
%endif
# RHEL doesn't ship OpenVZ, VBox, PowerHypervisor,
--
2.26.2
4 years, 2 months
