[libvirt] [PATCH] tests: Remove obsolete secaatest
by Matthias Bolte
Before the security driver was refactored in d6623003 seclabeltest and
secaatest were basically the same. seclabeltest was meant for SELinux
and secaatest for AppArmor. Both tests exited early when the specific
security driver backend wasn't enabled.
With the new security manager trying to initialize a disabled security
driver backend is an error that can't be distinguished from other errors
anymore. Therefore, the updated seclabeltest just asks for the first
available backend as this will always work even with SELinux and AppArmor
backend being disabled due to the new Nop backend.
Remove the obsolete secaatest and compile and run the seclabeltest
unconditional.
This fixes make check on systems that support AppArmor.
---
tests/Makefile.am | 24 ------------------------
tests/secaatest.c | 45 ---------------------------------------------
2 files changed, 0 insertions(+), 69 deletions(-)
delete mode 100644 tests/secaatest.c
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 345cf46..72beb23 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -98,13 +98,7 @@ if WITH_VMX
check_PROGRAMS += vmx2xmltest xml2vmxtest
endif
-if WITH_SECDRIVER_SELINUX
check_PROGRAMS += seclabeltest
-endif
-
-if WITH_SECDRIVER_APPARMOR
-check_PROGRAMS += secaatest
-endif
if WITH_CIL
check_PROGRAMS += object-locking
@@ -191,13 +185,7 @@ if WITH_VMX
TESTS += vmx2xmltest xml2vmxtest
endif
-if WITH_SECDRIVER_SELINUX
TESTS += seclabeltest
-endif
-
-if WITH_SECDRIVER_APPARMOR
-TESTS += secaatest
-endif
if WITH_LIBVIRTD
check_PROGRAMS += eventtest
@@ -376,21 +364,9 @@ commandhelper_SOURCES = \
commandhelper_CFLAGS = -Dabs_builddir="\"`pwd`\""
commandhelper_LDADD = $(LDADDS)
-if WITH_SECDRIVER_SELINUX
seclabeltest_SOURCES = \
seclabeltest.c
seclabeltest_LDADD = ../src/libvirt_driver_security.la $(LDADDS)
-else
-EXTRA_DIST += seclabeltest.c
-endif
-
-if WITH_SECDRIVER_APPARMOR
-secaatest_SOURCES = \
- secaatest.c
-secaatest_LDADD = ../src/libvirt_driver_security.la $(LDADDS)
-else
-EXTRA_DIST += secaatest.c
-endif
qparamtest_SOURCES = \
qparamtest.c testutils.h testutils.c
diff --git a/tests/secaatest.c b/tests/secaatest.c
deleted file mode 100644
index d9d6b4a..0000000
--- a/tests/secaatest.c
+++ /dev/null
@@ -1,45 +0,0 @@
-#include <config.h>
-
-#include <unistd.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
-#include "security/security_driver.h"
-
-int
-main (int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED)
-{
- int ret;
-
- const char *doi, *model;
- virSecurityDriverPtr security_drv;
-
- ret = virSecurityDriverStartup (&security_drv, "apparmor", false);
- if (ret == -1)
- {
- fprintf (stderr, "Failed to start security driver");
- exit (-1);
- }
- /* No security driver wanted to be enabled: just return */
- if (ret == -2)
- return 0;
-
- model = virSecurityDriverGetModel (security_drv);
- if (!model)
- {
- fprintf (stderr, "Failed to copy secModel model: %s",
- strerror (errno));
- exit (-1);
- }
-
- doi = virSecurityDriverGetDOI (security_drv);
- if (!doi)
- {
- fprintf (stderr, "Failed to copy secModel DOI: %s",
- strerror (errno));
- exit (-1);
- }
-
- return 0;
-}
--
1.7.0.4
14 years, 3 months
[libvirt] [PATCH] virsh: Use WITH_SECDRIVER_APPARMOR to detect AppArmor support
by Matthias Bolte
There is no ENABLE_SECDRIVER_APPARMOR.
---
tools/virsh.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/tools/virsh.c b/tools/virsh.c
index 4f103ae..b86d92f 100644
--- a/tools/virsh.c
+++ b/tools/virsh.c
@@ -11847,7 +11847,7 @@ vshShowVersion(vshControl *ctl ATTRIBUTE_UNUSED)
vshPrint(ctl, "\n");
vshPrint(ctl, "%s", _(" Miscellaneous:"));
-#ifdef ENABLE_SECDRIVER_APPARMOR
+#ifdef WITH_SECDRIVER_APPARMOR
vshPrint(ctl, " AppArmor");
#endif
#ifdef WITH_SECDRIVER_SELINUX
--
1.7.0.4
14 years, 3 months
[libvirt] Bug in virsh memtune on RHEL6?
by Justin Clift
Hi all,
Getting strange numbers from the virsh memtune command on
RHEL 6. (git head compiled, rather than RHEL 6 packages)
virsh # list
Id Name State
----------------------------------
4 Fedora_14_x64 running
virsh # memtune Fedora_14_x64
hard_limit : 9007199254740991
soft_limit : 9007199254740991
swap_hard_limit: 9007199254740991
Those numbers are supposed to be kilobytes, but the host
box itself only has 12GB ram.
Bug?
Regards and best wishes,
Justin Clift
14 years, 4 months
[libvirt] OpenVZ and Libvirt
by Nathan Stratton
I have been working to get libvirt to work with openvz and kvm. I have had no
issues with KVM but libvirt is hit or miss. Sometimes I get it to work, but
most of the time I get back "out of memory". I have tried all recent versions
of libvirt and vzctl from openvz. Any pointers?
17:52:31.974: debug : virConnectOpen:1425 : name=openvz:///system
17:52:31.974: debug : virEventRunOnce:593 : Poll on 12 handles 0x7f6394001420
timeout -1
17:52:31.974: debug : do_open:1204 : name "openvz:///system" to URI components:
scheme openvz
opaque (null)
authority (null)
server (null)
user (null)
port 0
path /system
17:52:31.974: debug : do_open:1242 : trying driver 0 (Test) ...
17:52:31.974: debug : do_open:1248 : driver 0 Test returned DECLINED
17:52:31.974: debug : do_open:1242 : trying driver 1 (Xen) ...
17:52:31.974: debug : do_open:1248 : driver 1 Xen returned DECLINED
17:52:31.974: debug : do_open:1242 : trying driver 2 (OPENVZ) ...
17:52:32.003: debug : virEventRunOnce:595 : Poll got 1 event
17:52:32.003: debug : virEventDispatchTimeouts:405 : Dispatch 3
17:52:32.003: debug : virEventDispatchHandles:450 : Dispatch 12
17:52:32.003: debug : virEventDispatchHandles:464 : i=0 w=1
17:52:32.003: debug : virEventDispatchHandles:464 : i=1 w=2
17:52:32.003: debug : virEventDispatchHandles:477 : Dispatch n=1 f=5 w=2 e=1
0x1cfa820
17:52:32.003: info : qemudDispatchSignalEvent:401 : Received unexpected signal
17
17:52:32.003: debug : virEventDispatchHandles:464 : i=2 w=3
17:52:32.003: debug : virEventDispatchHandles:464 : i=3 w=4
17:52:32.003: debug : virEventDispatchHandles:464 : i=4 w=5
17:52:32.003: debug : virEventDispatchHandles:464 : i=5 w=6
17:52:32.003: debug : virEventDispatchHandles:464 : i=6 w=7
17:52:32.003: debug : virEventDispatchHandles:464 : i=7 w=8
17:52:32.003: debug : virEventDispatchHandles:464 : i=8 w=9
17:52:32.003: debug : virEventDispatchHandles:464 : i=9 w=10
17:52:32.003: debug : virEventDispatchHandles:464 : i=10 w=11
17:52:32.003: debug : virEventDispatchHandles:464 : i=11 w=12
17:52:32.003: debug : virEventCleanupTimeouts:495 : Cleanup 3
17:52:32.003: debug : virEventCleanupHandles:536 : Cleanupo 12
17:52:32.006: error : openvzReadNetworkConf:318 : out of memory
17:52:32.009: error : openvzReadNetworkConf:318 : out of memory
17:52:32.013: error : openvzReadNetworkConf:318 : out of memory
17:52:32.016: error : openvzReadNetworkConf:318 : out of memory
17:52:32.020: error : openvzReadNetworkConf:318 : out of memory
17:52:32.023: error : openvzReadNetworkConf:318 : out of memory
17:52:32.027: error : openvzReadNetworkConf:318 : out of memory
17:52:32.030: error : openvzReadNetworkConf:318 : out of memory
17:52:32.034: error : openvzReadNetworkConf:318 : out of memory
17:52:32.037: error : openvzReadNetworkConf:318 : out of memory
17:52:32.041: error : openvzReadNetworkConf:318 : out of memory
17:52:32.044: error : openvzReadNetworkConf:318 : out of memory
17:52:32.048: error : openvzReadNetworkConf:318 : out of memory
17:52:32.051: error : openvzReadNetworkConf:318 : out of memory
17:52:32.055: error : openvzReadNetworkConf:318 : out of memory
17:52:32.058: error : openvzReadNetworkConf:318 : out of memory
17:52:32.062: error : openvzReadNetworkConf:318 : out of memory
17:52:32.062: error : openvzLoadDomains:534 : out of memory
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384009340 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384009340
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384007780 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384007780
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384005be0 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384005be0
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f63840080d0 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f63840080d0
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f63840089f0 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f63840089f0
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384006500 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384006500
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f63840049b0 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f63840049b0
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384004ef0 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384004ef0
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384008e80 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384008e80
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384006070 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384006070
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384007c10 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384007c10
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384006990 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384006990
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384006e20 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384006e20
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384005330 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384005330
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f63840072e0 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f63840072e0
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384005750 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384005750
17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f63840085f0 refs=0
17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f63840085f0
17:52:32.062: debug : do_open:1248 : driver 2 OPENVZ returned ERROR
17:52:32.062: debug : virUnrefConnect:294 : unref connection 0x7f6384000bd0 1
17:52:32.062: debug : virReleaseConnect:249 : release connection 0x7f6384000bd0
libvir: OpenVZ error : out of memory
><>
Nathan Stratton CTO, BlinkMind, Inc.
nathan at robotics.net nathan at blinkmind.com
http://www.robotics.net http://www.blinkmind.com
14 years, 4 months
[libvirt] [PATCHv2] Enable tuning of qemu network tap device "sndbuf" size
by Laine Stump
This is in response to a request in:
https://bugzilla.redhat.com/show_bug.cgi?id=665293
In short, under heavy load, it's possible for qemu's networking to
lock up due to the tap device's default 1MB sndbuf being
inadequate. adding "sndbuf=0" to the qemu commandline -netdevice
option will alleviate this problem (sndbuf=0 actually sets it to
0xffffffff).
Because we must be able to explicitly specify "0" as a value, the
standard practice of "0 means not specified" won't work here. Instead,
virDomainNetDef also has a sndbuf_specified, which defaults to 0, but
is set to 1 if some value was given.
The sndbuf value is put inside a <tune> element of each <interface> in
the domain. The intent is that further tunable settings will also be
placed inside this element.
<interface type='network'>
...
<tune>
<sndbuf>0</sndbuf>
...
</tune>
</interface>
---
Changes from V1:
sndbuf_specified is now a bool rather than an int bitfield.
sndbuf is now unsigned long. Made possible by eblake's patch adding new
virXPath* and virStrToLong_* functions.
docs/schemas/domain.rng | 10 ++++++++++
src/conf/domain_conf.c | 29 +++++++++++++++++++++++++++--
src/conf/domain_conf.h | 4 ++++
src/qemu/qemu_command.c | 19 +++++++++++++++++--
4 files changed, 58 insertions(+), 4 deletions(-)
diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng
index 5e140fb..a79ca6a 100644
--- a/docs/schemas/domain.rng
+++ b/docs/schemas/domain.rng
@@ -1025,6 +1025,16 @@
<ref name="filterref-node-attributes"/>
</element>
</optional>
+ <optional>
+ <element name="tune">
+ <optional>
+ <!-- size of send buffer for network tap devices -->
+ <element name="sndbuf">
+ <ref name="unsignedInt"/>
+ </element>
+ </optional>
+ </element>
+ </optional>
</interleave>
</define>
<define name="virtualPortProfile">
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 1cef112..396574e 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -2282,6 +2282,7 @@ err_exit:
static virDomainNetDefPtr
virDomainNetDefParseXML(virCapsPtr caps,
xmlNodePtr node,
+ xmlXPathContextPtr ctxt,
int flags ATTRIBUTE_UNUSED) {
virDomainNetDefPtr def;
xmlNodePtr cur;
@@ -2303,12 +2304,15 @@ virDomainNetDefParseXML(virCapsPtr caps,
virNWFilterHashTablePtr filterparams = NULL;
virVirtualPortProfileParams virtPort;
bool virtPortParsed = false;
+ xmlNodePtr oldnode = ctxt->node;
if (VIR_ALLOC(def) < 0) {
virReportOOMError();
return NULL;
}
+ ctxt->node = node;
+
type = virXMLPropString(node, "type");
if (type != NULL) {
if ((int)(def->type = virDomainNetTypeFromString(type)) < 0) {
@@ -2596,7 +2600,12 @@ virDomainNetDefParseXML(virCapsPtr caps,
}
}
+ if (virXPathULong("string(./tune/sndbuf)", ctxt, &def->tune.sndbuf) >= 0) {
+ def->tune.sndbuf_specified = true;
+ }
+
cleanup:
+ ctxt->node = oldnode;
VIR_FREE(macaddr);
VIR_FREE(network);
VIR_FREE(address);
@@ -4306,6 +4315,7 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps,
{
xmlDocPtr xml;
xmlNodePtr node;
+ xmlXPathContextPtr ctxt = NULL;
virDomainDeviceDefPtr dev = NULL;
if (!(xml = xmlReadDoc(BAD_CAST xmlStr, "device.xml", NULL,
@@ -4322,6 +4332,13 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps,
goto error;
}
+ ctxt = xmlXPathNewContext(xml);
+ if (ctxt == NULL) {
+ virReportOOMError();
+ goto error;
+ }
+ ctxt->node = node;
+
if (VIR_ALLOC(dev) < 0) {
virReportOOMError();
goto error;
@@ -4337,7 +4354,7 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps,
goto error;
} else if (xmlStrEqual(node->name, BAD_CAST "interface")) {
dev->type = VIR_DOMAIN_DEVICE_NET;
- if (!(dev->data.net = virDomainNetDefParseXML(caps, node, flags)))
+ if (!(dev->data.net = virDomainNetDefParseXML(caps, node, ctxt, flags)))
goto error;
} else if (xmlStrEqual(node->name, BAD_CAST "input")) {
dev->type = VIR_DOMAIN_DEVICE_INPUT;
@@ -4375,11 +4392,12 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps,
}
xmlFreeDoc(xml);
-
+ xmlXPathFreeContext(ctxt);
return dev;
error:
xmlFreeDoc(xml);
+ xmlXPathFreeContext(ctxt);
VIR_FREE(dev);
return NULL;
}
@@ -5050,6 +5068,7 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps,
for (i = 0 ; i < n ; i++) {
virDomainNetDefPtr net = virDomainNetDefParseXML(caps,
nodes[i],
+ ctxt,
flags);
if (!net)
goto error;
@@ -6318,6 +6337,12 @@ virDomainNetDefFormat(virBufferPtr buf,
VIR_FREE(attrs);
}
+ if (def->tune.sndbuf_specified) {
+ virBufferAddLit(buf, " <tune>\n");
+ virBufferVSprintf(buf, " <sndbuf>%lu</sndbuf>\n", def->tune.sndbuf);
+ virBufferAddLit(buf, " </tune>\n");
+ }
+
if (virDomainDeviceInfoFormat(buf, &def->info, flags) < 0)
return -1;
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index a73fd14..1269ed6 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -346,6 +346,10 @@ struct _virDomainNetDef {
virVirtualPortProfileParams virtPortProfile;
} direct;
} data;
+ struct {
+ bool sndbuf_specified;
+ unsigned long sndbuf;
+ } tune;
char *ifname;
virDomainDeviceInfo info;
char *filter;
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index a3b5ff3..c37fdb2 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -1584,6 +1584,7 @@ qemuBuildHostNetStr(virDomainNetDefPtr net,
const char *tapfd,
const char *vhostfd)
{
+ bool is_tap = false;
virBuffer buf = VIR_BUFFER_INITIALIZER;
switch (net->type) {
@@ -1593,6 +1594,7 @@ qemuBuildHostNetStr(virDomainNetDefPtr net,
virBufferAddLit(&buf, "tap");
virBufferVSprintf(&buf, "%cfd=%s", type_sep, tapfd);
type_sep = ',';
+ is_tap = true;
break;
case VIR_DOMAIN_NET_TYPE_ETHERNET:
@@ -1606,6 +1608,7 @@ qemuBuildHostNetStr(virDomainNetDefPtr net,
net->data.ethernet.script);
type_sep = ',';
}
+ is_tap = true;
break;
case VIR_DOMAIN_NET_TYPE_CLIENT:
@@ -1659,8 +1662,11 @@ qemuBuildHostNetStr(virDomainNetDefPtr net,
type_sep, net->info.alias);
}
- if (vhostfd && *vhostfd) {
- virBufferVSprintf(&buf, ",vhost=on,vhostfd=%s", vhostfd);
+ if (is_tap) {
+ if (vhostfd && *vhostfd)
+ virBufferVSprintf(&buf, ",vhost=on,vhostfd=%s", vhostfd);
+ if (net->tune.sndbuf_specified)
+ virBufferVSprintf(&buf, ",sndbuf=%lu", net->tune.sndbuf);
}
if (virBufferError(&buf)) {
@@ -4661,6 +4667,15 @@ qemuParseCommandLineNet(virCapsPtr caps,
} else if (STREQ(keywords[i], "off")) {
def->backend = VIR_DOMAIN_NET_BACKEND_TYPE_QEMU;
}
+ } else if (STREQ(keywords[i], "sndbuf") && values[i]) {
+ if (virStrToLong_ul(values[i], NULL, 10, &def->tune.sndbuf) < 0) {
+ qemuReportError(VIR_ERR_INTERNAL_ERROR,
+ _("cannot parse sndbuf size in '%s'"), val);
+ virDomainNetDefFree(def);
+ def = NULL;
+ goto cleanup;
+ }
+ def->tune.sndbuf_specified = true;
}
}
--
1.7.3.4
14 years, 4 months
[libvirt] [PATCH 0/2] Update qemu password support (v2)
by Marc-André Lureau
Recently, QEMU learned set_password and expire_password monitor commands.
http://qemu.com/qemu.git/commit/?id=7572150c189c6553c2448334116ab717680de66d
The following patches make use of these new commands if available, and
fallback on VNC-only password support.
Change since v1:
- moved qemuInitGraphicsPasswords to qemu_hotplug, renamed
to qemuDomainChangeGraphicsPasswords.
- updated what looks like a typo (that appears to work anyway) in
initial patch from Daniel:
- ret = qemuInitGraphicsPasswords(driver, vm,
- VIR_DOMAIN_GRAPHICS_TYPE_SPICE,
- &vm->def->graphics[0]->data.vnc.auth,
- driver->vncPassword);
+ ret = qemuInitGraphicsPasswords(driver, vm,
+ VIR_DOMAIN_GRAPHICS_TYPE_SPICE,
+ &vm->def->graphics[0]->data.spice.auth,
+ driver->spicePassword);
Marc-André Lureau (2):
qemu: add set_password and expire_password monitor commands
Use the new set_password monitor command to set password.
src/qemu/qemu_driver.c | 22 ++++----
src/qemu/qemu_hotplug.c | 114 +++++++++++++++++++++++++++++++++++++++---
src/qemu/qemu_hotplug.h | 5 ++
src/qemu/qemu_monitor.c | 77 ++++++++++++++++++++++++++++
src/qemu/qemu_monitor.h | 7 +++
src/qemu/qemu_monitor_json.c | 56 ++++++++++++++++++++
src/qemu/qemu_monitor_json.h | 7 +++
src/qemu/qemu_monitor_text.c | 69 +++++++++++++++++++++++++
src/qemu/qemu_monitor_text.h | 7 +++
9 files changed, 346 insertions(+), 18 deletions(-)
--
1.7.3.4
14 years, 4 months
[libvirt] [PATCHv2] Add XML config switch to enable/disable vhost-net support
by Laine Stump
This patch is in response to
https://bugzilla.redhat.com/show_bug.cgi?id=643050
The existing libvirt support for the vhost-net backend to the virtio
network driver happens automatically - if the vhost-net device is
available, it is always enabled, otherwise the standard userland
virtio backend is used.
This patch makes it possible to force whether or not vhost-net is used
with a bit of XML. Adding a <driver> element to the interface XML, eg:
<interface type="network">
<model type="virtio"/>
<driver name="vhost"/>
will force use of vhost-net (if it's not available, the domain will
fail to start). if driver name="qemu", vhost-net will not be used even
if it is available.
If there is no <driver name='xxx'/> in the config, libvirt will revert
to the pre-existing automatic behavior - use vhost-net if it's
available, and userland backend if vhost-net isn't available.
---
Changes from V1:
enum now starts at 0 instead of -1. I just disallow "default" when
parsing. This eliminates the need for vhost_specified.
Removed superfluous 3rd arg to open().
docs/schemas/domain.rng | 13 +++++++++
src/conf/domain_conf.c | 29 +++++++++++++++++++-
src/conf/domain_conf.h | 10 +++++++
src/qemu/qemu_command.c | 67 ++++++++++++++++++++++++++++++++++++++--------
src/qemu/qemu_command.h | 3 --
5 files changed, 106 insertions(+), 16 deletions(-)
diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng
index 6de85fd..5e140fb 100644
--- a/docs/schemas/domain.rng
+++ b/docs/schemas/domain.rng
@@ -1005,6 +1005,19 @@
</element>
</optional>
<optional>
+ <element name="driver">
+ <optional>
+ <attribute name="name">
+ <choice>
+ <value>qemu</value>
+ <value>vhost</value>
+ </choice>
+ </attribute>
+ </optional>
+ <empty/>
+ </element>
+ </optional>
+ <optional>
<ref name="address"/>
</optional>
<optional>
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 2c54683..1cef112 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -185,6 +185,11 @@ VIR_ENUM_IMPL(virDomainNet, VIR_DOMAIN_NET_TYPE_LAST,
"internal",
"direct")
+VIR_ENUM_IMPL(virDomainNetBackend, VIR_DOMAIN_NET_BACKEND_TYPE_LAST,
+ "default",
+ "qemu",
+ "vhost")
+
VIR_ENUM_IMPL(virDomainChrChannelTarget,
VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_LAST,
"guestfwd",
@@ -2290,6 +2295,7 @@ virDomainNetDefParseXML(virCapsPtr caps,
char *address = NULL;
char *port = NULL;
char *model = NULL;
+ char *backend = NULL;
char *filter = NULL;
char *internal = NULL;
char *devaddr = NULL;
@@ -2372,6 +2378,8 @@ virDomainNetDefParseXML(virCapsPtr caps,
script = virXMLPropString(cur, "path");
} else if (xmlStrEqual (cur->name, BAD_CAST "model")) {
model = virXMLPropString(cur, "type");
+ } else if (xmlStrEqual (cur->name, BAD_CAST "driver")) {
+ backend = virXMLPropString(cur, "name");
} else if (xmlStrEqual (cur->name, BAD_CAST "filterref")) {
filter = virXMLPropString(cur, "filter");
VIR_FREE(filterparams);
@@ -2559,6 +2567,19 @@ virDomainNetDefParseXML(virCapsPtr caps,
model = NULL;
}
+ if ((backend != NULL) &&
+ (def->model && STREQ(def->model, "virtio"))) {
+ int b;
+ if (((b = virDomainNetBackendTypeFromString(backend)) < 0) ||
+ (b == 0)) {
+ virDomainReportError(VIR_ERR_INTERNAL_ERROR,
+ _("Unknown interface <driver name='%s'> "
+ "has been specified"),
+ backend);
+ goto error;
+ }
+ def->backend = b;
+ }
if (filter != NULL) {
switch (def->type) {
case VIR_DOMAIN_NET_TYPE_ETHERNET:
@@ -2585,6 +2606,7 @@ cleanup:
VIR_FREE(script);
VIR_FREE(bridge);
VIR_FREE(model);
+ VIR_FREE(backend);
VIR_FREE(filter);
VIR_FREE(type);
VIR_FREE(internal);
@@ -6276,9 +6298,14 @@ virDomainNetDefFormat(virBufferPtr buf,
if (def->ifname)
virBufferEscapeString(buf, " <target dev='%s'/>\n",
def->ifname);
- if (def->model)
+ if (def->model) {
virBufferEscapeString(buf, " <model type='%s'/>\n",
def->model);
+ if (STREQ(def->model, "virtio") && def->backend) {
+ virBufferVSprintf(buf, " <driver name='%s'/>\n",
+ virDomainNetBackendTypeToString(def->backend));
+ }
+ }
if (def->filter) {
virBufferEscapeString(buf, " <filterref filter='%s'",
def->filter);
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 6a8ec64..a73fd14 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -292,6 +292,14 @@ enum virDomainNetType {
VIR_DOMAIN_NET_TYPE_LAST,
};
+/* the backend driver used for virtio interfaces */
+enum virDomainNetBackendType {
+ VIR_DOMAIN_NET_BACKEND_TYPE_DEFAULT, /* prefer kernel, fall back to user */
+ VIR_DOMAIN_NET_BACKEND_TYPE_QEMU, /* userland */
+ VIR_DOMAIN_NET_BACKEND_TYPE_VHOST, /* kernel */
+
+ VIR_DOMAIN_NET_BACKEND_TYPE_LAST,
+};
/* the mode type for macvtap devices */
enum virDomainNetdevMacvtapType {
@@ -310,6 +318,7 @@ struct _virDomainNetDef {
enum virDomainNetType type;
unsigned char mac[VIR_MAC_BUFLEN];
char *model;
+ enum virDomainNetBackendType backend;
union {
struct {
char *dev;
@@ -1265,6 +1274,7 @@ VIR_ENUM_DECL(virDomainControllerModel)
VIR_ENUM_DECL(virDomainFS)
VIR_ENUM_DECL(virDomainFSAccessMode)
VIR_ENUM_DECL(virDomainNet)
+VIR_ENUM_DECL(virDomainNetBackend)
VIR_ENUM_DECL(virDomainChrDevice)
VIR_ENUM_DECL(virDomainChrChannelTarget)
VIR_ENUM_DECL(virDomainChrConsoleTarget)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 86c5bb5..a3b5ff3 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -302,24 +302,58 @@ cleanup:
}
-int
+static int
qemuOpenVhostNet(virDomainNetDefPtr net,
- unsigned long long qemuCmdFlags)
+ unsigned long long qemuCmdFlags,
+ int *vhostfd)
{
- /* If qemu supports vhost-net mode (including the -netdev command
- * option), the nic model is virtio, and we can open
- * /dev/vhost_net, assume that vhost-net mode is available and
- * return the fd to /dev/vhost_net. Otherwise, return -1.
- */
+ *vhostfd = -1; /* assume we won't use vhost */
+ /* If the config says explicitly to not use vhost, return now */
+ if (net->backend == VIR_DOMAIN_NET_BACKEND_TYPE_QEMU) {
+ return 0;
+ }
+
+ /* If qemu doesn't support vhost-net mode (including the -netdev command
+ * option), don't try to open the device.
+ */
if (!(qemuCmdFlags & QEMUD_CMD_FLAG_VNET_HOST &&
qemuCmdFlags & QEMUD_CMD_FLAG_NETDEV &&
- qemuCmdFlags & QEMUD_CMD_FLAG_DEVICE &&
- net->model && STREQ(net->model, "virtio")))
- return -1;
+ qemuCmdFlags & QEMUD_CMD_FLAG_DEVICE)) {
+ if (net->backend == VIR_DOMAIN_NET_BACKEND_TYPE_VHOST) {
+ qemuReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ "%s", _("vhost-net is not supported with "
+ "this QEMU binary"));
+ return -1;
+ }
+ return 0;
+ }
- return open("/dev/vhost-net", O_RDWR, 0);
+ /* If the nic model isn't virtio, don't try to open. */
+ if (!(net->model && STREQ(net->model, "virtio"))) {
+ if (net->backend == VIR_DOMAIN_NET_BACKEND_TYPE_VHOST) {
+ qemuReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ "%s", _("vhost-net is only supported for "
+ "virtio network interfaces"));
+ return -1;
+ }
+ return 0;
+ }
+
+ *vhostfd = open("/dev/vhost-net", O_RDWR);
+
+ /* If the config says explicitly to use vhost and we couldn't open it,
+ * report an error.
+ */
+ if ((*vhostfd < 0) &&
+ (net->backend == VIR_DOMAIN_NET_BACKEND_TYPE_VHOST)) {
+ qemuReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ "%s", _("vhost-net was requested for an interface, "
+ "but is unavailable"));
+ return -1;
+ }
+ return 0;
}
@@ -3278,7 +3312,10 @@ qemuBuildCommandLine(virConnectPtr conn,
net->type == VIR_DOMAIN_NET_TYPE_DIRECT) {
/* Attempt to use vhost-net mode for these types of
network device */
- int vhostfd = qemuOpenVhostNet(net, qemuCmdFlags);
+ int vhostfd;
+
+ if (qemuOpenVhostNet(net, qemuCmdFlags, &vhostfd) < 0)
+ goto error;
if (vhostfd >= 0) {
virCommandTransferFD(cmd, vhostfd);
@@ -4618,6 +4655,12 @@ qemuParseCommandLineNet(virCapsPtr caps,
} else if (STREQ(keywords[i], "model")) {
def->model = values[i];
values[i] = NULL;
+ } else if (STREQ(keywords[i], "vhost")) {
+ if ((values[i] == NULL) || STREQ(values[i], "on")) {
+ def->backend = VIR_DOMAIN_NET_BACKEND_TYPE_VHOST;
+ } else if (STREQ(keywords[i], "off")) {
+ def->backend = VIR_DOMAIN_NET_BACKEND_TYPE_QEMU;
+ }
}
}
diff --git a/src/qemu/qemu_command.h b/src/qemu/qemu_command.h
index 4c42a10..5439184 100644
--- a/src/qemu/qemu_command.h
+++ b/src/qemu/qemu_command.h
@@ -116,9 +116,6 @@ int qemuNetworkIfaceConnect(virConnectPtr conn,
unsigned long long qemCmdFlags)
ATTRIBUTE_NONNULL(1);
-int qemuOpenVhostNet(virDomainNetDefPtr net,
- unsigned long long qemuCmdFlags);
-
int qemuPhysIfaceConnect(virConnectPtr conn,
struct qemud_driver *driver,
virDomainNetDefPtr net,
--
1.7.3.4
14 years, 4 months
[libvirt] [PATCH] Fix 'make check' after commit 04197350
by Jim Fehlig
I broke 'make check' with commit 04197350 by unconditionally
emitting 'hap=' in xen xm driver. Only emit 'hap=' if
xendConfigVersion >= 3. I've tested sending 'hap=' to a Xen 3.2
machine without support for hap setting and verified that xend
silently drops the unrecognized setting.
---
src/xen/xm_internal.c | 9 +++++----
1 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/src/xen/xm_internal.c b/src/xen/xm_internal.c
index ec618aa..bfb6698 100644
--- a/src/xen/xm_internal.c
+++ b/src/xen/xm_internal.c
@@ -2413,10 +2413,11 @@ virConfPtr xenXMDomainConfigFormat(virConnectPtr conn,
(1 << VIR_DOMAIN_FEATURE_APIC)) ? 1 : 0) < 0)
goto no_memory;
- if (xenXMConfigSetInt(conf, "hap",
- (def->features &
- (1 << VIR_DOMAIN_FEATURE_HAP)) ? 1 : 0) < 0)
- goto no_memory;
+ if (priv->xendConfigVersion >= 3)
+ if (xenXMConfigSetInt(conf, "hap",
+ (def->features &
+ (1 << VIR_DOMAIN_FEATURE_HAP)) ? 1 : 0) < 0)
+ goto no_memory;
if (def->clock.offset == VIR_DOMAIN_CLOCK_OFFSET_LOCALTIME) {
if (def->clock.data.timezone) {
--
1.7.3.1
14 years, 4 months
[libvirt] [PATCH] Enable tuning of qemu network tap device "sndbuf" size
by Laine Stump
This is in response to a request in:
https://bugzilla.redhat.com/show_bug.cgi?id=665293
In short, under heavy load, it's possible for qemu's networking to
lock up due to the tap device's default 1MB sndbuf being
inadequate. adding "sndbuf=0" to the qemu commandline -netdevice
option will alleviate this problem (sndbuf=0 actually sets it to
0xffffffff).
Because we must be able to explicitly specify "0" as a value, the
standard practice of "0 means not specified" won't work here. Instead,
virDomainNetDef also has a sndbuf_specified, which defaults to 0, but
is set to 1 if some value was given.
The sndbuf value is put inside a <tune> element of each <interface> in
the domain. The intent is that further tunable settings will also be
placed inside this elemnent.
<interface type='network'>
...
<tune>
<sndbuf>0</sndbuf>
...
</tune>
</interface>
---
Note that in qemuBuildHostNetStr() I have moved
if (vhostfd && *vhostfd) {
virBufferVSprintf(&buf, ",vhost=on,vhostfd=%s", vhostfd);
into a newly created "if (is_tap) { ... }" block. This always should
have been inside such a conditional, but none existed until now. (I
can make this a separate patch if anyone wants, but it seemed so
simple and obvious that I took the slothenly way out :-)
Also, as with the vhost patch, I didn't get the html docs updated for
this addition either. I will add both in a single followup patch next
week.
docs/schemas/domain.rng | 10 ++++++++++
src/conf/domain_conf.c | 31 +++++++++++++++++++++++++++++--
src/conf/domain_conf.h | 4 ++++
src/qemu/qemu_command.c | 19 +++++++++++++++++--
4 files changed, 60 insertions(+), 4 deletions(-)
diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng
index 6d0654d..e2883aa 100644
--- a/docs/schemas/domain.rng
+++ b/docs/schemas/domain.rng
@@ -1025,6 +1025,16 @@
<ref name="filterref-node-attributes"/>
</element>
</optional>
+ <optional>
+ <element name="tune">
+ <optional>
+ <!-- size of send buffer for network tap devices -->
+ <element name="sndbuf">
+ <ref name="unsignedInt"/>
+ </element>
+ </optional>
+ </element>
+ </optional>
</interleave>
</define>
<define name="virtualPortProfile">
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 04ed502..5d1b8cf 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -2280,6 +2280,7 @@ err_exit:
static virDomainNetDefPtr
virDomainNetDefParseXML(virCapsPtr caps,
xmlNodePtr node,
+ xmlXPathContextPtr ctxt,
int flags ATTRIBUTE_UNUSED) {
virDomainNetDefPtr def;
xmlNodePtr cur;
@@ -2298,15 +2299,19 @@ virDomainNetDefParseXML(virCapsPtr caps,
char *internal = NULL;
char *devaddr = NULL;
char *mode = NULL;
+ unsigned long sndbuf;
virNWFilterHashTablePtr filterparams = NULL;
virVirtualPortProfileParams virtPort;
bool virtPortParsed = false;
+ xmlNodePtr oldnode = ctxt->node;
if (VIR_ALLOC(def) < 0) {
virReportOOMError();
return NULL;
}
+ ctxt->node = node;
+
type = virXMLPropString(node, "type");
if (type != NULL) {
if ((int)(def->type = virDomainNetTypeFromString(type)) < 0) {
@@ -2593,7 +2598,13 @@ virDomainNetDefParseXML(virCapsPtr caps,
}
}
+ if (virXPathULong("string(./tune/sndbuf)", ctxt, &sndbuf) >= 0) {
+ def->tune.sndbuf = sndbuf;
+ def->tune.sndbuf_specified = 1;
+ }
+
cleanup:
+ ctxt->node = oldnode;
VIR_FREE(macaddr);
VIR_FREE(network);
VIR_FREE(address);
@@ -4303,6 +4314,7 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps,
{
xmlDocPtr xml;
xmlNodePtr node;
+ xmlXPathContextPtr ctxt = NULL;
virDomainDeviceDefPtr dev = NULL;
if (!(xml = xmlReadDoc(BAD_CAST xmlStr, "device.xml", NULL,
@@ -4319,6 +4331,13 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps,
goto error;
}
+ ctxt = xmlXPathNewContext(xml);
+ if (ctxt == NULL) {
+ virReportOOMError();
+ goto error;
+ }
+ ctxt->node = node;
+
if (VIR_ALLOC(dev) < 0) {
virReportOOMError();
goto error;
@@ -4334,7 +4353,7 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps,
goto error;
} else if (xmlStrEqual(node->name, BAD_CAST "interface")) {
dev->type = VIR_DOMAIN_DEVICE_NET;
- if (!(dev->data.net = virDomainNetDefParseXML(caps, node, flags)))
+ if (!(dev->data.net = virDomainNetDefParseXML(caps, node, ctxt, flags)))
goto error;
} else if (xmlStrEqual(node->name, BAD_CAST "input")) {
dev->type = VIR_DOMAIN_DEVICE_INPUT;
@@ -4372,11 +4391,12 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps,
}
xmlFreeDoc(xml);
-
+ xmlXPathFreeContext(ctxt);
return dev;
error:
xmlFreeDoc(xml);
+ xmlXPathFreeContext(ctxt);
VIR_FREE(dev);
return NULL;
}
@@ -5047,6 +5067,7 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps,
for (i = 0 ; i < n ; i++) {
virDomainNetDefPtr net = virDomainNetDefParseXML(caps,
nodes[i],
+ ctxt,
flags);
if (!net)
goto error;
@@ -6315,6 +6336,12 @@ virDomainNetDefFormat(virBufferPtr buf,
VIR_FREE(attrs);
}
+ if (def->tune.sndbuf_specified) {
+ virBufferAddLit(buf, " <tune>\n");
+ virBufferVSprintf(buf, " <sndbuf>%d</sndbuf>\n", def->tune.sndbuf);
+ virBufferAddLit(buf, " </tune>\n");
+ }
+
if (virDomainDeviceInfoFormat(buf, &def->info, flags) < 0)
return -1;
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 451ccad..2d35d68 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -346,6 +346,10 @@ struct _virDomainNetDef {
virVirtualPortProfileParams virtPortProfile;
} direct;
} data;
+ struct {
+ int sndbuf_specified : 1;
+ int sndbuf;
+ } tune;
char *ifname;
virDomainDeviceInfo info;
char *filter;
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 9eb54a1..add66cb 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -1587,6 +1587,7 @@ qemuBuildHostNetStr(virDomainNetDefPtr net,
const char *tapfd,
const char *vhostfd)
{
+ bool is_tap = false;
virBuffer buf = VIR_BUFFER_INITIALIZER;
switch (net->type) {
@@ -1596,6 +1597,7 @@ qemuBuildHostNetStr(virDomainNetDefPtr net,
virBufferAddLit(&buf, "tap");
virBufferVSprintf(&buf, "%cfd=%s", type_sep, tapfd);
type_sep = ',';
+ is_tap = true;
break;
case VIR_DOMAIN_NET_TYPE_ETHERNET:
@@ -1609,6 +1611,7 @@ qemuBuildHostNetStr(virDomainNetDefPtr net,
net->data.ethernet.script);
type_sep = ',';
}
+ is_tap = true;
break;
case VIR_DOMAIN_NET_TYPE_CLIENT:
@@ -1662,8 +1665,11 @@ qemuBuildHostNetStr(virDomainNetDefPtr net,
type_sep, net->info.alias);
}
- if (vhostfd && *vhostfd) {
- virBufferVSprintf(&buf, ",vhost=on,vhostfd=%s", vhostfd);
+ if (is_tap) {
+ if (vhostfd && *vhostfd)
+ virBufferVSprintf(&buf, ",vhost=on,vhostfd=%s", vhostfd);
+ if (net->tune.sndbuf_specified)
+ virBufferVSprintf(&buf, ",sndbuf=%d", net->tune.sndbuf);
}
if (virBufferError(&buf)) {
@@ -4665,6 +4671,15 @@ qemuParseCommandLineNet(virCapsPtr caps,
def->backend = VIR_DOMAIN_NET_BACKEND_TYPE_QEMU;
}
def->backend_specified = 1;
+ } else if (STREQ(keywords[i], "sndbuf") && values[i]) {
+ if (virStrToLong_i(values[i], NULL, 10, &def->tune.sndbuf) < 0) {
+ qemuReportError(VIR_ERR_INTERNAL_ERROR,
+ _("cannot parse sndbuf size in '%s'"), val);
+ virDomainNetDefFree(def);
+ def = NULL;
+ goto cleanup;
+ }
+ def->tune.sndbuf_specified = 1;
}
}
--
1.7.3.4
14 years, 4 months
[libvirt] [PATCH] cpu: Add support for Westmere CPU model
by Jiri Denemark
---
src/cpu/cpu_map.xml | 9 +++++++++
1 files changed, 9 insertions(+), 0 deletions(-)
diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml
index 75c6522..35dca20 100644
--- a/src/cpu/cpu_map.xml
+++ b/src/cpu/cpu_map.xml
@@ -142,6 +142,9 @@
<feature name='popcnt'> <!-- CPUID_EXT_POPCNT -->
<cpuid function='0x00000001' ecx='0x00800000'/>
</feature>
+ <feature name='aes'>
+ <cpuid function='0x00000001' ecx='0x02000000'/>
+ </feature>
<feature name='hypervisor'> <!-- CPUID_EXT_HYPERVISOR -->
<cpuid function='0x00000001' ecx='0x80000000'/>
</feature>
@@ -453,6 +456,12 @@
<feature name='lahf_lm'/>
</model>
+ <model name='Westmere'>
+ <vendor name='Intel'/>
+ <model name='Nehalem'/>
+ <feature name='aes'/>
+ </model>
+
<model name='Opteron_G1'>
<vendor name='AMD'/>
<feature name='sse2'/>
--
1.7.4.rc1
14 years, 4 months
