April 2010 - Devel - libvirt List Archives

[libvirt] 'dommemstat' is not working for LXC hypervisor.
by Kumar L Srikanth-B22348 30 Apr '10

30 Apr '10

Hi Daniel, I am using libvirt version 0.8.0. I created a domain 'srikanth_vm' using 'lxc' hypervisor. I am able to start the Domain. But, I am not able to get the memory stats for that Domain. If I issue 'dommemstat Srikanth_vm' in the virsh console, the following error is throwing: error: Failed to get memory statistics for domain srikanth_vm error: this function is not supported by the hypervisor: virDomainMemoryStats Can you please let me know, how can I get memory stats for a particular domain in libvirt? Regards, Srikanth.

3 15

[libvirt] [PATCH] Fix virt-pki-validate's determination of CN
by Dustin Kirkland 30 Apr '10

30 Apr '10

Fix virt-pki-validate's determination of CN This patch is a follow-up to: cb06a9bfe529e64b15773cb86781ae14c09f8216 "portability fixes to tools/virt-pki-validate.in" addressing Eric Blake's concerns about the regular expression. Ubuntu's gntls package generates an Issuer line that looks like this: Issuer: C=US,ST=NY,L=Rochester,O=example.com,CN=example.com CA,EMAIL=hostmaster(a)example.com While Red Hat's looks like this Issuer: CN=Red Hat Emerging Technologies Note the leading whitespace, and the additional fields in the former. This patch updates the regular expression to: * trim leading characters before "Issuer:" * trim anything between Issuer: and CN= * trim anything after the next , I've tested this against the certool output of both RH and Ubuntu generated certs. I know that Eric dislikes the leading grep. My apologies. I spent more time than I care to admit trying to get sed to select that one line, and then run two regexes against it. Feel free to correct this patch and educate me, if you have a better way. Thanks! Signed-off-by: Dustin Kirkland <kirkland(a)canonical.com> diff --git a/tools/virt-pki-validate.in b/tools/virt-pki-validate.in index f77521d..c44aa9d 100755 --- a/tools/virt-pki-validate.in +++ b/tools/virt-pki-validate.in @@ -130,7 +130,7 @@ then echo "as root do: chmod 644 $CA/cacert.pem" exit 1 fi -ORG=`$CERTOOL -i --infile $CA/cacert.pem | sed -n '/Issuer/ s+Issuer: CN=++p'` +ORG=`$CERTOOL -i --infile $CA/cacert.pem | grep "Issuer:" | sed -e 's/^.*Issuer:.*CN=//' -e 's/,.*$//'` if [ "$ORG" = "" ] then echo the CA certificate $CA/cacert.pem does not define the organization

2 4

[libvirt] [v2 0/3] Fixes related to the IP address learning thread
by Stefan Berger 30 Apr '10

30 Apr '10

The following set of patches are primarily related to the thread learning the IP address of a VM and deal with: - ebtables cleanup before applying basic filtering rules that are active while the IP address is detected - shutting down all traffic in case the filtering rules could not be applied by the thread - serialization of the teardown of eb/ip/ip6tables rules to occurr after the IP address learning thread has terminated - not to apply or tear any eb/ip/ip6tables rules of a VM's interface while the IP address learning thread is active. This may be due to a filter being updated concurrently using for exampe 'virsh define/edit'. Regards, Stefan

1 3

[libvirt] [PATCH] qemudDomainSaveFlag: remove dead store
by Jim Meyering 30 Apr '10

30 Apr '10

Clang spotted a new (albeit harmless) dead store: >From 0e37c524fb9c62d9b16443d6ff081c977963f4c5 Mon Sep 17 00:00:00 2001 From: Jim Meyering <meyering(a)redhat.com> Date: Thu, 29 Apr 2010 17:56:01 +0200 Subject: [PATCH] qemudDomainSaveFlag: remove dead store * src/qemu/qemu_driver.c (qemudDomainSaveFlag): Remove dead store to "rc". --- src/qemu/qemu_driver.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 6ee5cc2..8c5d745 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -4818,7 +4818,7 @@ static int qemudDomainSaveFlag(virDomainPtr dom, const char *path, virReportSystemError(errno, _("unable to open %s"), path); goto endjob; } - if ((rc = qemudDomainSaveFileOpHook(fd, &hdata)) != 0) { + if (qemudDomainSaveFileOpHook(fd, &hdata) != 0) { close(fd); goto endjob; } -- 1.7.1.328.g9993c

2 2

[libvirt] [PATCH 0/5] build: rely more on gnulib
by Eric Blake 30 Apr '10

30 Apr '10

I can't yet upgrade to the latest gnulib due to some LGPLv2+ issues being worked out upstream. But in the meantime, here's some cleanups that will make it easier to upgrade when gnulib is ready. I always like patch series with a net reduction in lines. I suppose I should try to get a mingw or cygwin build finished with these in place, before pushing anything, but that will have to be tomorrow (I tested on Linux, but it's late for me now). bootstrap.conf | 3 +++ configure.ac | 39 +++++++++++++-------------------------- src/Makefile.am | 3 ++- src/libvirt.c | 4 +--- src/nodeinfo.c | 12 ++---------- src/remote/remote_driver.c | 11 ++++------- src/storage/storage_backend.c | 4 +--- src/util/ebtables.c | 7 ++----- src/util/hooks.c | 4 +--- src/util/iptables.c | 7 ++----- src/util/threads.c | 4 ++-- src/util/threads.h | 4 ++-- src/util/util.c | 14 ++++++-------- 13 files changed, 41 insertions(+), 75 deletions(-) [PATCH 1/5] build: rely on gnulib's pthread module [PATCH 2/5] build: replace redundant header check with function check [PATCH 3/5] build: use gnulib's uname [PATCH 4/5] build: use gnulib's sys/wait.h [PATCH 5/5] build: drop more redundant configure checks

4 14

[libvirt] [PATCH] Fix handling of disk backing stores with cgroups
by Daniel P. Berrange 30 Apr '10

30 Apr '10

The cgroups ACL code was only allowing the primary disk image. It is possible to chain images together, so we need to search for backing stores and add them to the ACL too. Since the ACL only handles block devices, we ignore the EINVAL we get from plain files. * src/qemu/qemu_driver.c: Allow backing stores in cgroup ACLs --- src/qemu/qemu_driver.c | 47 +++++++++++++++++++++++++++++++++++------------ 1 files changed, 35 insertions(+), 12 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 326cb58..ae6addd 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -84,6 +84,7 @@ #include "macvtap.h" #include "nwfilter/nwfilter_gentech_driver.h" #include "hooks.h" +#include "storage_file.h" #define VIR_FROM_THIS VIR_FROM_QEMU @@ -2957,18 +2958,40 @@ static int qemuSetupCgroup(struct qemud_driver *driver, } for (i = 0; i < vm->def->ndisks ; i++) { - if (vm->def->disks[i]->type != VIR_DOMAIN_DISK_TYPE_BLOCK || - vm->def->disks[i]->src == NULL) - continue; + char *path = vm->def->disks[i]->src; + while (path != NULL) { + virStorageFileMetadata meta; + int ret; + + VIR_DEBUG("Process path %s for disk %d", path, i); + rc = virCgroupAllowDevicePath(cgroup, path); + if (rc != 0) { + /* Get this for non-block devices */ + if (rc == -EINVAL) { + VIR_DEBUG("Ignoring EINVAL for %s", path); + } else { + virReportSystemError(-rc, + _("Unable to allow device %s for %s"), + path, vm->def->name); + if (path != vm->def->disks[i]->src) + VIR_FREE(path); + goto cleanup; + } + } - rc = virCgroupAllowDevicePath(cgroup, - vm->def->disks[i]->src); - if (rc != 0) { - virReportSystemError(-rc, - _("Unable to allow device %s for %s"), - vm->def->disks[i]->src, vm->def->name); - goto cleanup; - } + memset(&meta, 0, sizeof(meta)); + + ret = virStorageFileGetMetadata(path, &meta); + + if (path != vm->def->disks[i]->src) + VIR_FREE(path); + path = NULL; + + if (ret < 0) + goto cleanup; + + path = meta.backingStore; + } while (path != NULL); } rc = virCgroupAllowDeviceMajor(cgroup, 'c', DEVICE_PTY_MAJOR); -- 1.6.5.2

2 2

[libvirt] [PATCH v2 0/8]: Add arbitrary qemu command-line and monitor commands
by Chris Lalancette 29 Apr '10

29 Apr '10

As we discussed previously, here is the patch series to add the ability to specify arbitrary qemu command-line parameters and environment variables, and also give arbitrary monitor commands to a guest. Because these extra arguments have a good shot at confusing libvirt, the use of them is not supported, but left available for advanced users and developers. They are also in a separate library and have a separate on-the-wire protocol. There is one bug left that I have not yet been able to fix. Because of the complicated way that virsh parses command-line arguments, it is not possible to pass through spaces and quotes when using the qemu-monitor-command. Unfortunately, the qemu monitor commands (and in particular when using QMP) depend heavily on quoting and spacing, so using virsh to send through command-lines is difficult. I'll have to think about how to better resolve this issue, but it should not hold up the rest of the series. Thanks to Dan Berrange and Eric Blake for their reviews already, and to DV for the Relax NG schema changes. Changes since v1 are listed in the individual patches.

2 10

[libvirt] [PATCH] Report better error if qemuSnapshotIsAllowed failed.
by Chris Lalancette 29 Apr '10

29 Apr '10

Signed-off-by: Chris Lalancette <clalance(a)redhat.com> --- src/qemu/qemu_driver.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index f7084ca..5ab211a 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -10782,8 +10782,8 @@ static int qemuDomainSnapshotIsAllowed(virDomainObjPtr vm) (!vm->def->disks[i]->driverType || STRNEQ(vm->def->disks[i]->driverType, "qcow2"))) { qemuReportError(VIR_ERR_OPERATION_INVALID, - _("Disk device '%s' does not support snapshotting"), - vm->def->disks[i]->info.alias); + _("Disk '%s' does not support snapshotting"), + vm->def->disks[i]->src); return 0; } } -- 1.6.6.1

3 3

[libvirt] nwfilter: Also pick IP address from a DHCP ACK message
by Stefan Berger 29 Apr '10

29 Apr '10

The local DHCP server on virtbr0 sends DHCP ACK messages when a VM is started and requests an IP address while the initial DHCP lease on the VM's MAC address hasn't expired. So, also pick the IP address of the VM if that type of message is seen. Thanks to Gerhard Stenzel for providing a test case for this. Signed-off-by: Stefan Berger <stefanb(a)us.ibm.com> Index: libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c =================================================================== --- libvirt-acl.orig/src/nwfilter/nwfilter_learnipaddr.c +++ libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c @@ -98,6 +98,7 @@ struct dhcp { } ATTRIBUTE_PACKED; #define DHCP_MSGT_DHCPOFFER 2 +#define DHCP_MSGT_DHCPACK 5 struct ether_vlan_header { @@ -347,6 +348,7 @@ procDHCPOpts(struct dhcp *dhcp, int dhcp if (dhcp_opts_len >= 3) { uint8_t *val = (uint8_t *)&dhcpopt->value; switch (*val) { + case DHCP_MSGT_DHCPACK: case DHCP_MSGT_DHCPOFFER: *vmaddr = dhcp->yiaddr; *howDetected = DETECT_DHCP;

1 0

[libvirt] [PATCH] Fix build on Ubuntu.
by Chris Lalancette 29 Apr '10

29 Apr '10

When building on Ubuntu with make -j3 (or more), it would always fail when trying to build virt-aa-helper. I'm not an expert in automake by any means, but I think the entry for virt-aa-helper is mis-using LDADD; it shouldn't be putting direct paths to libvirt_conf.la and libvirt_util.la, but instead referencing those names. With this patch in place, I'm able to successfully build on Ubuntu 9.04 with make -j3. Signed-off-by: Chris Lalancette <clalance(a)redhat.com> --- src/Makefile.am | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Makefile.am b/src/Makefile.am index d8466f0..2531ac5 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1005,9 +1005,9 @@ virt_aa_helper_LDFLAGS = $(WARN_CFLAGS) virt_aa_helper_LDADD = \ $(WARN_CFLAGS) \ $(LIBXML_LIBS) \ - @top_srcdir@/src/libvirt_conf.la \ - @top_srcdir@/src/libvirt_util.la \ - @top_srcdir@/gnulib/lib/libgnu.la + libvirt_conf.la \ + libvirt_util.la \ + ../gnulib/lib/libgnu.la virt_aa_helper_CFLAGS = \ -I@top_srcdir@/src/conf \ -I@top_srcdir@/src/security -- 1.6.6.1

2 2