July 2007 - Devel - libvirt List Archives

[Libvir] [PATCH] Add the check of the format of MAC address on virsh attach-interface
by Masayuki Sunou 13 Jul '07

13 Jul '07

Hi Even if specified MAC address is invalid, network interface is attached to the guest. And attached network interface cannot communicate. This patch checks the format of MAC address, and virsh become error when it is invalid. Signed-off-by: Masayuki Sunou <fj1826dm(a)aa.jp.fujitsu.com> Thanks, Masayuki Sunou. -------------------------------------------------------------------------------- Index: include/libvirt/virterror.h =================================================================== RCS file: /data/cvs/libvirt/include/libvirt/virterror.h,v retrieving revision 1.26 diff -u -p -r1.26 virterror.h --- include/libvirt/virterror.h 6 Jul 2007 14:56:15 -0000 1.26 +++ include/libvirt/virterror.h 12 Jul 2007 02:00:54 -0000 @@ -127,6 +127,7 @@ typedef enum { VIR_WAR_NO_NETWORK, /* failed to start network */ VIR_ERR_NO_DOMAIN, /* domain not found or unexpectedly disappeared */ VIR_ERR_NO_NETWORK, /* network not found */ + VIR_ERR_INVALID_MAC, /* invalid MAC adress */ } virErrorNumber; /** Index: src/virterror.c =================================================================== RCS file: /data/cvs/libvirt/src/virterror.c,v retrieving revision 1.28 diff -u -p -r1.28 virterror.c --- src/virterror.c 6 Jul 2007 14:56:15 -0000 1.28 +++ src/virterror.c 12 Jul 2007 02:00:54 -0000 @@ -646,6 +646,12 @@ __virErrorMsg(virErrorNumber error, cons else errmsg = _("Network not found: %s"); break; + case VIR_ERR_INVALID_MAC: + if (info == NULL) + errmsg = _("invalid MAC adress"); + else + errmsg = _("invalid MAC adress: %s"); + break; } return (errmsg); } Index: src/xml.c =================================================================== RCS file: /data/cvs/libvirt/src/xml.c,v retrieving revision 1.81 diff -u -p -r1.81 xml.c --- src/xml.c 11 Jul 2007 08:41:11 -0000 1.81 +++ src/xml.c 12 Jul 2007 02:00:55 -0000 @@ -934,8 +934,19 @@ virDomainParseXMLIfDesc(virConnectPtr co } virBufferAdd(buf, "(vif ", 5); - if (mac != NULL) + if (mac != NULL) { + unsigned int addr[12]; + int ret = sscanf((const char *)mac, "%01x%01x:%01x%01x:%01x%01x:%01x%01x:%01x%01x:%01x%01x", + (unsigned int*)&addr[0], (unsigned int*)&addr[1], (unsigned int*)&addr[2], + (unsigned int*)&addr[3], (unsigned int*)&addr[4], (unsigned int*)&addr[5], + (unsigned int*)&addr[6], (unsigned int*)&addr[7], (unsigned int*)&addr[8], + (unsigned int*)&addr[9], (unsigned int*)&addr[10], (unsigned int*)&addr[11]); + if (ret != 12 || strlen(mac) != 17) { + virXMLError(conn, VIR_ERR_INVALID_MAC, (const char *) mac, 0); + goto error; + } virBufferVSprintf(buf, "(mac '%s')", (const char *) mac); + } if (source != NULL) { if (typ == 0) virBufferVSprintf(buf, "(bridge '%s')", (const char *) source);

3 3

[Libvir] [PATCH] Fix strange message on virsh attach-device
by Masayuki Sunou 13 Jul '07

13 Jul '07

Hi Virsh attach-device outputs a strange message, when XML whose top element is not <device> or <interface>. ---------------------------------------------------------------------- libvir: Xen Daemon error : POST operation failed: (xend.err "object of type 'NoneType' has no len()") error: Failed to attach device from test.xml ---------------------------------------------------------------------- This patch fixes it by not calling Xen in this case. Signed-off-by: Masayuki Sunou <fj1826dm(a)aa.jp.fujitsu.com> Thanks, Masayuki Sunou. ---------------------------------------------------------------------- Index: libvirt/src/xml.c =================================================================== RCS file: /data/cvs/libvirt/src/xml.c,v retrieving revision 1.81 diff -u -p -r1.81 xml.c --- libvirt/src/xml.c 11 Jul 2007 08:41:11 -0000 1.81 +++ libvirt/src/xml.c 13 Jul 2007 02:48:04 -0000 @@ -1337,6 +1337,8 @@ virParseXMLDevice(virConnectPtr conn, ch else if (xmlStrEqual(node->name, BAD_CAST "interface")) { if (virDomainParseXMLIfDesc(conn, node, &buf, hvm, xendConfigVersion) != 0) goto error; + } else { + goto error; } cleanup: if (xml != NULL)

3 2

[Libvir] Small remote doc update and little checking script
by Daniel Veillard 12 Jul '07

12 Jul '07

Hi, I updated slightly the remote page (mostly adding an index at the top and updating a couple of things which changed prior to 0.3.0 release) http://libvirt.org/remote.html and added a small script to check the client/server setup on a given host, trying to pinpoint the problems I faced myself when trying to set the TLS certificates. This may help others, checked in docs/pki_check.sh and hence available at http://libvirt.org/pki_check.sh There is certainly many more check which can be done (like expiration date checking, or making sure certs and keys are properly matched), but it's a first step, an maybe it can help others testing the remote support. Feedback and patches are as usual welcome :-) Daniel -- Red Hat Virtualization group http://redhat.com/virtualization/ Daniel Veillard | virtualization library http://libvirt.org/ veillard(a)redhat.com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/

1 0

[Libvir] PATCH: Report errors against virConnectPtr object
by Daniel P. Berrange 12 Jul '07

12 Jul '07

The QEMU driver is not passing in a virConnectPtr object for many of the places it calls virRaiseError. This means the errors aren't getting fed back to the client correctly - particularly when starting a VM / network. This patch passes around a virConnectPtr object so errors get reported correctly Instead of: $ ~/usr/bin/virsh --connect qemu://celery.virt.boston.redhat.com/system start demo error: Failed to start domain demo It now gives $ ~/usr/bin/virsh --connect qemu://celery.virt.boston.redhat.com/system start demo libvir: QEMU error : QEMU quit during console startup qemu: could not open hard disk image '/root/demo.img' error: Failed to start domain demo Dan -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|

3 4

[Libvir] PATCH: Fix crash if client acl check fails
by Daniel P. Berrange 12 Jul '07

12 Jul '07

There was a couple of places where if the ACL check for an incoming client failed, it would go on and register the client's FD in the event loop anyway. The trouble is, after the ACL failed, the client had been forcably disconnected & the client struct free'd, so the daemon died in the event loop a short time later. This patch fixes it & makes a couple of other places more paranoid about checking too Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|

3 3

[Libvir] PATCH: More useful error messages with missing certs
by Daniel P. Berrange 12 Jul '07

12 Jul '07

On the server end if you try to start the server with TLS enabled and you don't have the certs setup, you get a cryptic: gnutls_certificate_set_x509_trust_file: Error while reading file. Rather useless the gnutls error message not telling you what file was missing. Similarly with virsh: # ~/usr/bin/virsh --connect qemu://localhost/system list libvir: Remote error : Error while reading file. Since GNU TLS doesn't even tell you the actual problem - was it wrong permissions, or missing file altogether, I decided its better to do an explicit 'stat' check ahead of time. So now it gives: $ ~/usr/bin/virsh --connect qemu://celery.virt.boston.redhat.com/system start demo libvir: Remote error : Cannot access CA certificate '/home/berrange/usr/etc/pki/CA/cacert.pem': No such file or directory (2) Or $ ~/usr/bin/virsh --connect qemu://celery.virt.boston.redhat.com/system start demo libvir: Remote error : Cannot access CA certificate '/home/berrange/usr/etc/pki/CA/cacert.pem': Permission denied (13) Or in the daemon # /usr/sbin/libvirtd --listen Cannot access CA certificate '/home/berrange/usr/etc/pki/CA/cacert.pem': No such file or directory (2) Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|

3 4

[Libvir] Next features and target for development
by Daniel Veillard 12 Jul '07

12 Jul '07

Hi all, now that 0.3.0 is out, it's probably time to build the next set of features we aims at developping in the next months, the list I have currently is short, but still significant: - migration API: now that we have remote support it should be possible to build an API for migration of domains between 2 connections. Could be as simple as int virDomainMigrate(virDomainPtr domain, virConnectPtr to, int flags); sounds like a fun and very useful part. - USB support: we discussed that already, but the initial patch did not match the XML format suggestions we should try to resurrect this http://libvirt.org/search.php?query=USB&scope=LISTS http://www.redhat.com/archives/libvir-list/2007-March/thread.html#00118 - Support for Xen-API new entry points at least for localhost access since we have remote support now - platform support: resolve the PPC64 issues - more engine support: OpenVZ is on the work, is there interest in lguest, UML or for example Solaris zones ? Now is a good time to suggest new potential directions, and I certainly forgot some obvious points, so what did I missed ? Daniel -- Red Hat Virtualization group http://redhat.com/virtualization/ Daniel Veillard | virtualization library http://libvirt.org/ veillard(a)redhat.com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/

11 42

[Libvir] Starting a domain
by Shuveb Hussain 12 Jul '07

12 Jul '07

Hi, suspend() -> resume() save() -> restore() shutdown() -> ??? Which method should I map in the OpenVZ driver that starts a domain that has been shutdown. Does the 'reboot' method do the job here as well? Thanks & Regards, -- Shuveb Hussain Unix is very user friendly. It is just a little choosy about who its friends are http://www.binarykarma.com

2 1

[Libvir] big-endian support for libvirt - introduce GUEST_HANDLE infrastructure ?
by Christian Ehrhardt 12 Jul '07

12 Jul '07

Hello everyone, we currently try to use/port libvirt to run on xenppc. While doing that I found a endianess issue. First a simple example: Sample code: #include <stdio.h> union u { int i; long long l; }; int main(void) { union u u; u.l = 0; u.i = ~0; printf("%016llx\n", u.l); return 0; } Little-endian output: 00000000ffffffff Big-endian output: ffffffff00000000 Now look at the padding in e.g. xen_v2s3_getdomaininfolistop: it doesn't work on big-endian systems. This problem is why the GUEST_HANDLE infrastructure is present in Xen. To work on big-endian systems, libvirt will need this or a similar mechanism. --- Current Questions --- We could now add several ugly ifdefs to libvirt code to differentiate powerpc from the others and solve the issue described above, but I think thats not a good solution. The GUEST_HANDLE mechanism would provide an architecture abstraction and is already implemented/working in libxc. The question is, shouldn't libvirt actually use the GUEST_HANDLE mechanism like libxc does (at least for the _v2d5_ structures) or are there big arguments against it? I would create a patch to add the GUEST_HANDLE stuff in libvirt if there is nothing against it, but I will need some help to test it on x86/x86_64/ia64 since I have no such machines here. If there is a major reason against the GUEST_HANDLE code, are there other suggestions/preferences how to solve this? Below is the technical background in a more verbose way for anyone interested --- Code Affected --- More or less everything in libvirt that would use GUEST_HANDLE in libxc: I saw the effect on a bad pointer passed down by the structure I use for my example below, but in the end it may affect all the stuff that uses the *GUEST_HANDLE* stuff in libxc which are e.g. uchar,ulong,... here an example: libxc: uint64_aligned_t max_pages; // <- arch dependent mapping of uint64_aligned_t libvirt: #define ALIGN_64 __attribute__((aligned(8))) uint64_t max_pages ALIGN_64; // <- this align is fix on all architectures --- The Issue in libvirt in one example --- XEN_GUEST_HANDLE usage in libxc: - XEN_GUEST_HANDLE is defined arch specific giving the arch the posibility to pad/align as needed. See xen/tools/libxc/xen/arch-powerpc.h for example. - xen/tools use set_xen_guest_handle and get_xen_guest_handle to set/access these handles and let the arch the posibility to handle any specific needs. Example: struct xen_sysctl_getdomaininfolist { domid_t first_domain; uint32_t max_domains; XEN_GUEST_HANDLE_64(xen_domctl_getdomaininfo_t) buffer; uint32_t num_domains; }; The arch defined XEN_GUEST_HANDLE_64 leads to the following type for buffer on powerpc (see the initial padding): typedef struct { \ int __pad[(sizeof (long long) - sizeof (void *)) / sizeof (int)]; \ xen_domctl_getdomaininfo_t *p; } __attribute__((__aligned__(8))) __guest_handle_xen_domctl_getdomaininfo_t In this scenario a 32bit pointer for *p with 0xFFFFFFFF will be stored as 0xPADPADPAFFFFFFFF and read in a valid way by the 64bit host that receives this syscall. XEN_GUEST_HANDLE usage in libvirt: - In my example where XEN_GUEST_HANDLE is in libxc libvirt currently uses a union based structure like the following: struct xen_v2s3_getdomaininfolistop { domid_t first_domain; uint32_t max_domains; union { struct xen_v2d5_getdomaininfo *v; uint64_t pad ALIGN_64; } buffer; uint32_t num_domains; }; typedef struct xen_v2s3_getdomaininfolistop xen_v2s3_getdomaininfolistop; The union used here to add the 64 bit padding does not work on big endian powerpc because reading this two half words in 64bit receiver gives 0xFFFFFFFF00000000 (The two half words are stored in the wrong order) while on ia64 it is read as the the valid 0x00000000FFFFFFFF. P.S. Thanks Hollis for the simple example code -- Grüsse / regards, Christian Ehrhardt IBM Linux Technology Center, Open Virtualization +49 7031/16-3385 Ehrhardt(a)linux.vnet.ibm.com Ehrhardt(a)de.ibm.com IBM Deutschland Entwicklung GmbH Vorsitzender des Aufsichtsrats: Johann Weihen Geschäftsführung: Herbert Kircher Sitz der Gesellschaft: Böblingen Registergericht: Amtsgericht Stuttgart, HRB 243294

5 12

[Libvir] xen long-list s-expression
by Daniel Miles 12 Jul '07

12 Jul '07

Hello everone, does anybody know if libvirt has any way of getting the full s-expression that xm list --long <domID> produces? Or failing that, some way to get the location property under device(vfb(location <location string>)) ?

3 2