January 2011 - Devel - libvirt List Archives

[libvirt] [PATCH] tests: Remove obsolete secaatest
by Matthias Bolte 15 Jan '11

15 Jan '11

Before the security driver was refactored in d6623003 seclabeltest and secaatest were basically the same. seclabeltest was meant for SELinux and secaatest for AppArmor. Both tests exited early when the specific security driver backend wasn't enabled. With the new security manager trying to initialize a disabled security driver backend is an error that can't be distinguished from other errors anymore. Therefore, the updated seclabeltest just asks for the first available backend as this will always work even with SELinux and AppArmor backend being disabled due to the new Nop backend. Remove the obsolete secaatest and compile and run the seclabeltest unconditional. This fixes make check on systems that support AppArmor. --- tests/Makefile.am | 24 ------------------------ tests/secaatest.c | 45 --------------------------------------------- 2 files changed, 0 insertions(+), 69 deletions(-) delete mode 100644 tests/secaatest.c diff --git a/tests/Makefile.am b/tests/Makefile.am index 345cf46..72beb23 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -98,13 +98,7 @@ if WITH_VMX check_PROGRAMS += vmx2xmltest xml2vmxtest endif -if WITH_SECDRIVER_SELINUX check_PROGRAMS += seclabeltest -endif - -if WITH_SECDRIVER_APPARMOR -check_PROGRAMS += secaatest -endif if WITH_CIL check_PROGRAMS += object-locking @@ -191,13 +185,7 @@ if WITH_VMX TESTS += vmx2xmltest xml2vmxtest endif -if WITH_SECDRIVER_SELINUX TESTS += seclabeltest -endif - -if WITH_SECDRIVER_APPARMOR -TESTS += secaatest -endif if WITH_LIBVIRTD check_PROGRAMS += eventtest @@ -376,21 +364,9 @@ commandhelper_SOURCES = \ commandhelper_CFLAGS = -Dabs_builddir="\"`pwd`\"" commandhelper_LDADD = $(LDADDS) -if WITH_SECDRIVER_SELINUX seclabeltest_SOURCES = \ seclabeltest.c seclabeltest_LDADD = ../src/libvirt_driver_security.la $(LDADDS) -else -EXTRA_DIST += seclabeltest.c -endif - -if WITH_SECDRIVER_APPARMOR -secaatest_SOURCES = \ - secaatest.c -secaatest_LDADD = ../src/libvirt_driver_security.la $(LDADDS) -else -EXTRA_DIST += secaatest.c -endif qparamtest_SOURCES = \ qparamtest.c testutils.h testutils.c diff --git a/tests/secaatest.c b/tests/secaatest.c deleted file mode 100644 index d9d6b4a..0000000 --- a/tests/secaatest.c +++ /dev/null @@ -1,45 +0,0 @@ -#include <config.h> - -#include <unistd.h> -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <errno.h> -#include "security/security_driver.h" - -int -main (int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED) -{ - int ret; - - const char *doi, *model; - virSecurityDriverPtr security_drv; - - ret = virSecurityDriverStartup (&security_drv, "apparmor", false); - if (ret == -1) - { - fprintf (stderr, "Failed to start security driver"); - exit (-1); - } - /* No security driver wanted to be enabled: just return */ - if (ret == -2) - return 0; - - model = virSecurityDriverGetModel (security_drv); - if (!model) - { - fprintf (stderr, "Failed to copy secModel model: %s", - strerror (errno)); - exit (-1); - } - - doi = virSecurityDriverGetDOI (security_drv); - if (!doi) - { - fprintf (stderr, "Failed to copy secModel DOI: %s", - strerror (errno)); - exit (-1); - } - - return 0; -} -- 1.7.0.4

2 2

[libvirt] [PATCH] virsh: Use WITH_SECDRIVER_APPARMOR to detect AppArmor support
by Matthias Bolte 15 Jan '11

15 Jan '11

There is no ENABLE_SECDRIVER_APPARMOR. --- tools/virsh.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/tools/virsh.c b/tools/virsh.c index 4f103ae..b86d92f 100644 --- a/tools/virsh.c +++ b/tools/virsh.c @@ -11847,7 +11847,7 @@ vshShowVersion(vshControl *ctl ATTRIBUTE_UNUSED) vshPrint(ctl, "\n"); vshPrint(ctl, "%s", _(" Miscellaneous:")); -#ifdef ENABLE_SECDRIVER_APPARMOR +#ifdef WITH_SECDRIVER_APPARMOR vshPrint(ctl, " AppArmor"); #endif #ifdef WITH_SECDRIVER_SELINUX -- 1.7.0.4

2 2

[libvirt] Bug in virsh memtune on RHEL6?
by Justin Clift 15 Jan '11

15 Jan '11

Hi all, Getting strange numbers from the virsh memtune command on RHEL 6. (git head compiled, rather than RHEL 6 packages) virsh # list Id Name State ---------------------------------- 4 Fedora_14_x64 running virsh # memtune Fedora_14_x64 hard_limit : 9007199254740991 soft_limit : 9007199254740991 swap_hard_limit: 9007199254740991 Those numbers are supposed to be kilobytes, but the host box itself only has 12GB ram. Bug? Regards and best wishes, Justin Clift

4 16

[libvirt] OpenVZ and Libvirt
by Nathan Stratton 14 Jan '11

14 Jan '11

I have been working to get libvirt to work with openvz and kvm. I have had no issues with KVM but libvirt is hit or miss. Sometimes I get it to work, but most of the time I get back "out of memory". I have tried all recent versions of libvirt and vzctl from openvz. Any pointers? 17:52:31.974: debug : virConnectOpen:1425 : name=openvz:///system 17:52:31.974: debug : virEventRunOnce:593 : Poll on 12 handles 0x7f6394001420 timeout -1 17:52:31.974: debug : do_open:1204 : name "openvz:///system" to URI components: scheme openvz opaque (null) authority (null) server (null) user (null) port 0 path /system 17:52:31.974: debug : do_open:1242 : trying driver 0 (Test) ... 17:52:31.974: debug : do_open:1248 : driver 0 Test returned DECLINED 17:52:31.974: debug : do_open:1242 : trying driver 1 (Xen) ... 17:52:31.974: debug : do_open:1248 : driver 1 Xen returned DECLINED 17:52:31.974: debug : do_open:1242 : trying driver 2 (OPENVZ) ... 17:52:32.003: debug : virEventRunOnce:595 : Poll got 1 event 17:52:32.003: debug : virEventDispatchTimeouts:405 : Dispatch 3 17:52:32.003: debug : virEventDispatchHandles:450 : Dispatch 12 17:52:32.003: debug : virEventDispatchHandles:464 : i=0 w=1 17:52:32.003: debug : virEventDispatchHandles:464 : i=1 w=2 17:52:32.003: debug : virEventDispatchHandles:477 : Dispatch n=1 f=5 w=2 e=1 0x1cfa820 17:52:32.003: info : qemudDispatchSignalEvent:401 : Received unexpected signal 17 17:52:32.003: debug : virEventDispatchHandles:464 : i=2 w=3 17:52:32.003: debug : virEventDispatchHandles:464 : i=3 w=4 17:52:32.003: debug : virEventDispatchHandles:464 : i=4 w=5 17:52:32.003: debug : virEventDispatchHandles:464 : i=5 w=6 17:52:32.003: debug : virEventDispatchHandles:464 : i=6 w=7 17:52:32.003: debug : virEventDispatchHandles:464 : i=7 w=8 17:52:32.003: debug : virEventDispatchHandles:464 : i=8 w=9 17:52:32.003: debug : virEventDispatchHandles:464 : i=9 w=10 17:52:32.003: debug : virEventDispatchHandles:464 : i=10 w=11 17:52:32.003: debug : virEventDispatchHandles:464 : i=11 w=12 17:52:32.003: debug : virEventCleanupTimeouts:495 : Cleanup 3 17:52:32.003: debug : virEventCleanupHandles:536 : Cleanupo 12 17:52:32.006: error : openvzReadNetworkConf:318 : out of memory 17:52:32.009: error : openvzReadNetworkConf:318 : out of memory 17:52:32.013: error : openvzReadNetworkConf:318 : out of memory 17:52:32.016: error : openvzReadNetworkConf:318 : out of memory 17:52:32.020: error : openvzReadNetworkConf:318 : out of memory 17:52:32.023: error : openvzReadNetworkConf:318 : out of memory 17:52:32.027: error : openvzReadNetworkConf:318 : out of memory 17:52:32.030: error : openvzReadNetworkConf:318 : out of memory 17:52:32.034: error : openvzReadNetworkConf:318 : out of memory 17:52:32.037: error : openvzReadNetworkConf:318 : out of memory 17:52:32.041: error : openvzReadNetworkConf:318 : out of memory 17:52:32.044: error : openvzReadNetworkConf:318 : out of memory 17:52:32.048: error : openvzReadNetworkConf:318 : out of memory 17:52:32.051: error : openvzReadNetworkConf:318 : out of memory 17:52:32.055: error : openvzReadNetworkConf:318 : out of memory 17:52:32.058: error : openvzReadNetworkConf:318 : out of memory 17:52:32.062: error : openvzReadNetworkConf:318 : out of memory 17:52:32.062: error : openvzLoadDomains:534 : out of memory 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384009340 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384009340 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384007780 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384007780 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384005be0 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384005be0 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f63840080d0 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f63840080d0 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f63840089f0 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f63840089f0 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384006500 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384006500 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f63840049b0 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f63840049b0 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384004ef0 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384004ef0 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384008e80 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384008e80 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384006070 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384006070 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384007c10 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384007c10 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384006990 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384006990 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384006e20 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384006e20 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384005330 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384005330 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f63840072e0 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f63840072e0 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f6384005750 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f6384005750 17:52:32.062: debug : virDomainObjUnref:777 : obj=0x7f63840085f0 refs=0 17:52:32.062: debug : virDomainObjFree:753 : obj=0x7f63840085f0 17:52:32.062: debug : do_open:1248 : driver 2 OPENVZ returned ERROR 17:52:32.062: debug : virUnrefConnect:294 : unref connection 0x7f6384000bd0 1 17:52:32.062: debug : virReleaseConnect:249 : release connection 0x7f6384000bd0 libvir: OpenVZ error : out of memory ><> Nathan Stratton CTO, BlinkMind, Inc. nathan at robotics.net nathan at blinkmind.com http://www.robotics.net http://www.blinkmind.com

2 1

[libvirt] [PATCHv2] Enable tuning of qemu network tap device "sndbuf" size
by Laine Stump 14 Jan '11

14 Jan '11

This is in response to a request in: https://bugzilla.redhat.com/show_bug.cgi?id=665293 In short, under heavy load, it's possible for qemu's networking to lock up due to the tap device's default 1MB sndbuf being inadequate. adding "sndbuf=0" to the qemu commandline -netdevice option will alleviate this problem (sndbuf=0 actually sets it to 0xffffffff). Because we must be able to explicitly specify "0" as a value, the standard practice of "0 means not specified" won't work here. Instead, virDomainNetDef also has a sndbuf_specified, which defaults to 0, but is set to 1 if some value was given. The sndbuf value is put inside a <tune> element of each <interface> in the domain. The intent is that further tunable settings will also be placed inside this element. <interface type='network'> ... <tune> <sndbuf>0</sndbuf> ... </tune> </interface> --- Changes from V1: sndbuf_specified is now a bool rather than an int bitfield. sndbuf is now unsigned long. Made possible by eblake's patch adding new virXPath* and virStrToLong_* functions. docs/schemas/domain.rng | 10 ++++++++++ src/conf/domain_conf.c | 29 +++++++++++++++++++++++++++-- src/conf/domain_conf.h | 4 ++++ src/qemu/qemu_command.c | 19 +++++++++++++++++-- 4 files changed, 58 insertions(+), 4 deletions(-) diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng index 5e140fb..a79ca6a 100644 --- a/docs/schemas/domain.rng +++ b/docs/schemas/domain.rng @@ -1025,6 +1025,16 @@ <ref name="filterref-node-attributes"/> </element> </optional> + <optional> + <element name="tune"> + <optional> +  + <element name="sndbuf"> + <ref name="unsignedInt"/> + </element> + </optional> + </element> + </optional> </interleave> </define> <define name="virtualPortProfile"> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 1cef112..396574e 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -2282,6 +2282,7 @@ err_exit: static virDomainNetDefPtr virDomainNetDefParseXML(virCapsPtr caps, xmlNodePtr node, + xmlXPathContextPtr ctxt, int flags ATTRIBUTE_UNUSED) { virDomainNetDefPtr def; xmlNodePtr cur; @@ -2303,12 +2304,15 @@ virDomainNetDefParseXML(virCapsPtr caps, virNWFilterHashTablePtr filterparams = NULL; virVirtualPortProfileParams virtPort; bool virtPortParsed = false; + xmlNodePtr oldnode = ctxt->node; if (VIR_ALLOC(def) < 0) { virReportOOMError(); return NULL; } + ctxt->node = node; + type = virXMLPropString(node, "type"); if (type != NULL) { if ((int)(def->type = virDomainNetTypeFromString(type)) < 0) { @@ -2596,7 +2600,12 @@ virDomainNetDefParseXML(virCapsPtr caps, } } + if (virXPathULong("string(./tune/sndbuf)", ctxt, &def->tune.sndbuf) >= 0) { + def->tune.sndbuf_specified = true; + } + cleanup: + ctxt->node = oldnode; VIR_FREE(macaddr); VIR_FREE(network); VIR_FREE(address); @@ -4306,6 +4315,7 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps, { xmlDocPtr xml; xmlNodePtr node; + xmlXPathContextPtr ctxt = NULL; virDomainDeviceDefPtr dev = NULL; if (!(xml = xmlReadDoc(BAD_CAST xmlStr, "device.xml", NULL, @@ -4322,6 +4332,13 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps, goto error; } + ctxt = xmlXPathNewContext(xml); + if (ctxt == NULL) { + virReportOOMError(); + goto error; + } + ctxt->node = node; + if (VIR_ALLOC(dev) < 0) { virReportOOMError(); goto error; @@ -4337,7 +4354,7 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps, goto error; } else if (xmlStrEqual(node->name, BAD_CAST "interface")) { dev->type = VIR_DOMAIN_DEVICE_NET; - if (!(dev->data.net = virDomainNetDefParseXML(caps, node, flags))) + if (!(dev->data.net = virDomainNetDefParseXML(caps, node, ctxt, flags))) goto error; } else if (xmlStrEqual(node->name, BAD_CAST "input")) { dev->type = VIR_DOMAIN_DEVICE_INPUT; @@ -4375,11 +4392,12 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps, } xmlFreeDoc(xml); - + xmlXPathFreeContext(ctxt); return dev; error: xmlFreeDoc(xml); + xmlXPathFreeContext(ctxt); VIR_FREE(dev); return NULL; } @@ -5050,6 +5068,7 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps, for (i = 0 ; i < n ; i++) { virDomainNetDefPtr net = virDomainNetDefParseXML(caps, nodes[i], + ctxt, flags); if (!net) goto error; @@ -6318,6 +6337,12 @@ virDomainNetDefFormat(virBufferPtr buf, VIR_FREE(attrs); } + if (def->tune.sndbuf_specified) { + virBufferAddLit(buf, " <tune>\n"); + virBufferVSprintf(buf, " <sndbuf>%lu</sndbuf>\n", def->tune.sndbuf); + virBufferAddLit(buf, " </tune>\n"); + } + if (virDomainDeviceInfoFormat(buf, &def->info, flags) < 0) return -1; diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index a73fd14..1269ed6 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -346,6 +346,10 @@ struct _virDomainNetDef { virVirtualPortProfileParams virtPortProfile; } direct; } data; + struct { + bool sndbuf_specified; + unsigned long sndbuf; + } tune; char *ifname; virDomainDeviceInfo info; char *filter; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index a3b5ff3..c37fdb2 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -1584,6 +1584,7 @@ qemuBuildHostNetStr(virDomainNetDefPtr net, const char *tapfd, const char *vhostfd) { + bool is_tap = false; virBuffer buf = VIR_BUFFER_INITIALIZER; switch (net->type) { @@ -1593,6 +1594,7 @@ qemuBuildHostNetStr(virDomainNetDefPtr net, virBufferAddLit(&buf, "tap"); virBufferVSprintf(&buf, "%cfd=%s", type_sep, tapfd); type_sep = ','; + is_tap = true; break; case VIR_DOMAIN_NET_TYPE_ETHERNET: @@ -1606,6 +1608,7 @@ qemuBuildHostNetStr(virDomainNetDefPtr net, net->data.ethernet.script); type_sep = ','; } + is_tap = true; break; case VIR_DOMAIN_NET_TYPE_CLIENT: @@ -1659,8 +1662,11 @@ qemuBuildHostNetStr(virDomainNetDefPtr net, type_sep, net->info.alias); } - if (vhostfd && *vhostfd) { - virBufferVSprintf(&buf, ",vhost=on,vhostfd=%s", vhostfd); + if (is_tap) { + if (vhostfd && *vhostfd) + virBufferVSprintf(&buf, ",vhost=on,vhostfd=%s", vhostfd); + if (net->tune.sndbuf_specified) + virBufferVSprintf(&buf, ",sndbuf=%lu", net->tune.sndbuf); } if (virBufferError(&buf)) { @@ -4661,6 +4667,15 @@ qemuParseCommandLineNet(virCapsPtr caps, } else if (STREQ(keywords[i], "off")) { def->backend = VIR_DOMAIN_NET_BACKEND_TYPE_QEMU; } + } else if (STREQ(keywords[i], "sndbuf") && values[i]) { + if (virStrToLong_ul(values[i], NULL, 10, &def->tune.sndbuf) < 0) { + qemuReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot parse sndbuf size in '%s'"), val); + virDomainNetDefFree(def); + def = NULL; + goto cleanup; + } + def->tune.sndbuf_specified = true; } } -- 1.7.3.4

2 2

[libvirt] [PATCH 0/2] Update qemu password support (v2)
by Marc-André Lureau 14 Jan '11

14 Jan '11

Recently, QEMU learned set_password and expire_password monitor commands. http://qemu.com/qemu.git/commit/?id=7572150c189c6553c2448334116ab717680de66d The following patches make use of these new commands if available, and fallback on VNC-only password support. Change since v1: - moved qemuInitGraphicsPasswords to qemu_hotplug, renamed to qemuDomainChangeGraphicsPasswords. - updated what looks like a typo (that appears to work anyway) in initial patch from Daniel: - ret = qemuInitGraphicsPasswords(driver, vm, - VIR_DOMAIN_GRAPHICS_TYPE_SPICE, - &vm->def->graphics[0]->data.vnc.auth, - driver->vncPassword); + ret = qemuInitGraphicsPasswords(driver, vm, + VIR_DOMAIN_GRAPHICS_TYPE_SPICE, + &vm->def->graphics[0]->data.spice.auth, + driver->spicePassword); Marc-André Lureau (2): qemu: add set_password and expire_password monitor commands Use the new set_password monitor command to set password. src/qemu/qemu_driver.c | 22 ++++---- src/qemu/qemu_hotplug.c | 114 +++++++++++++++++++++++++++++++++++++++--- src/qemu/qemu_hotplug.h | 5 ++ src/qemu/qemu_monitor.c | 77 ++++++++++++++++++++++++++++ src/qemu/qemu_monitor.h | 7 +++ src/qemu/qemu_monitor_json.c | 56 ++++++++++++++++++++ src/qemu/qemu_monitor_json.h | 7 +++ src/qemu/qemu_monitor_text.c | 69 +++++++++++++++++++++++++ src/qemu/qemu_monitor_text.h | 7 +++ 9 files changed, 346 insertions(+), 18 deletions(-) -- 1.7.3.4

3 5

[libvirt] [PATCHv2] Add XML config switch to enable/disable vhost-net support
by Laine Stump 14 Jan '11

14 Jan '11

This patch is in response to https://bugzilla.redhat.com/show_bug.cgi?id=643050 The existing libvirt support for the vhost-net backend to the virtio network driver happens automatically - if the vhost-net device is available, it is always enabled, otherwise the standard userland virtio backend is used. This patch makes it possible to force whether or not vhost-net is used with a bit of XML. Adding a <driver> element to the interface XML, eg: <interface type="network"> <model type="virtio"/> <driver name="vhost"/> will force use of vhost-net (if it's not available, the domain will fail to start). if driver name="qemu", vhost-net will not be used even if it is available. If there is no <driver name='xxx'/> in the config, libvirt will revert to the pre-existing automatic behavior - use vhost-net if it's available, and userland backend if vhost-net isn't available. --- Changes from V1: enum now starts at 0 instead of -1. I just disallow "default" when parsing. This eliminates the need for vhost_specified. Removed superfluous 3rd arg to open(). docs/schemas/domain.rng | 13 +++++++++ src/conf/domain_conf.c | 29 +++++++++++++++++++- src/conf/domain_conf.h | 10 +++++++ src/qemu/qemu_command.c | 67 ++++++++++++++++++++++++++++++++++++++-------- src/qemu/qemu_command.h | 3 -- 5 files changed, 106 insertions(+), 16 deletions(-) diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng index 6de85fd..5e140fb 100644 --- a/docs/schemas/domain.rng +++ b/docs/schemas/domain.rng @@ -1005,6 +1005,19 @@ </element> </optional> <optional> + <element name="driver"> + <optional> + <attribute name="name"> + <choice> + <value>qemu</value> + <value>vhost</value> + </choice> + </attribute> + </optional> + <empty/> + </element> + </optional> + <optional> <ref name="address"/> </optional> <optional> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 2c54683..1cef112 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -185,6 +185,11 @@ VIR_ENUM_IMPL(virDomainNet, VIR_DOMAIN_NET_TYPE_LAST, "internal", "direct") +VIR_ENUM_IMPL(virDomainNetBackend, VIR_DOMAIN_NET_BACKEND_TYPE_LAST, + "default", + "qemu", + "vhost") + VIR_ENUM_IMPL(virDomainChrChannelTarget, VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_LAST, "guestfwd", @@ -2290,6 +2295,7 @@ virDomainNetDefParseXML(virCapsPtr caps, char *address = NULL; char *port = NULL; char *model = NULL; + char *backend = NULL; char *filter = NULL; char *internal = NULL; char *devaddr = NULL; @@ -2372,6 +2378,8 @@ virDomainNetDefParseXML(virCapsPtr caps, script = virXMLPropString(cur, "path"); } else if (xmlStrEqual (cur->name, BAD_CAST "model")) { model = virXMLPropString(cur, "type"); + } else if (xmlStrEqual (cur->name, BAD_CAST "driver")) { + backend = virXMLPropString(cur, "name"); } else if (xmlStrEqual (cur->name, BAD_CAST "filterref")) { filter = virXMLPropString(cur, "filter"); VIR_FREE(filterparams); @@ -2559,6 +2567,19 @@ virDomainNetDefParseXML(virCapsPtr caps, model = NULL; } + if ((backend != NULL) && + (def->model && STREQ(def->model, "virtio"))) { + int b; + if (((b = virDomainNetBackendTypeFromString(backend)) < 0) || + (b == 0)) { + virDomainReportError(VIR_ERR_INTERNAL_ERROR, + _("Unknown interface <driver name='%s'> " + "has been specified"), + backend); + goto error; + } + def->backend = b; + } if (filter != NULL) { switch (def->type) { case VIR_DOMAIN_NET_TYPE_ETHERNET: @@ -2585,6 +2606,7 @@ cleanup: VIR_FREE(script); VIR_FREE(bridge); VIR_FREE(model); + VIR_FREE(backend); VIR_FREE(filter); VIR_FREE(type); VIR_FREE(internal); @@ -6276,9 +6298,14 @@ virDomainNetDefFormat(virBufferPtr buf, if (def->ifname) virBufferEscapeString(buf, " <target dev='%s'/>\n", def->ifname); - if (def->model) + if (def->model) { virBufferEscapeString(buf, " <model type='%s'/>\n", def->model); + if (STREQ(def->model, "virtio") && def->backend) { + virBufferVSprintf(buf, " <driver name='%s'/>\n", + virDomainNetBackendTypeToString(def->backend)); + } + } if (def->filter) { virBufferEscapeString(buf, " <filterref filter='%s'", def->filter); diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 6a8ec64..a73fd14 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -292,6 +292,14 @@ enum virDomainNetType { VIR_DOMAIN_NET_TYPE_LAST, }; +/* the backend driver used for virtio interfaces */ +enum virDomainNetBackendType { + VIR_DOMAIN_NET_BACKEND_TYPE_DEFAULT, /* prefer kernel, fall back to user */ + VIR_DOMAIN_NET_BACKEND_TYPE_QEMU, /* userland */ + VIR_DOMAIN_NET_BACKEND_TYPE_VHOST, /* kernel */ + + VIR_DOMAIN_NET_BACKEND_TYPE_LAST, +}; /* the mode type for macvtap devices */ enum virDomainNetdevMacvtapType { @@ -310,6 +318,7 @@ struct _virDomainNetDef { enum virDomainNetType type; unsigned char mac[VIR_MAC_BUFLEN]; char *model; + enum virDomainNetBackendType backend; union { struct { char *dev; @@ -1265,6 +1274,7 @@ VIR_ENUM_DECL(virDomainControllerModel) VIR_ENUM_DECL(virDomainFS) VIR_ENUM_DECL(virDomainFSAccessMode) VIR_ENUM_DECL(virDomainNet) +VIR_ENUM_DECL(virDomainNetBackend) VIR_ENUM_DECL(virDomainChrDevice) VIR_ENUM_DECL(virDomainChrChannelTarget) VIR_ENUM_DECL(virDomainChrConsoleTarget) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 86c5bb5..a3b5ff3 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -302,24 +302,58 @@ cleanup: } -int +static int qemuOpenVhostNet(virDomainNetDefPtr net, - unsigned long long qemuCmdFlags) + unsigned long long qemuCmdFlags, + int *vhostfd) { - /* If qemu supports vhost-net mode (including the -netdev command - * option), the nic model is virtio, and we can open - * /dev/vhost_net, assume that vhost-net mode is available and - * return the fd to /dev/vhost_net. Otherwise, return -1. - */ + *vhostfd = -1; /* assume we won't use vhost */ + /* If the config says explicitly to not use vhost, return now */ + if (net->backend == VIR_DOMAIN_NET_BACKEND_TYPE_QEMU) { + return 0; + } + + /* If qemu doesn't support vhost-net mode (including the -netdev command + * option), don't try to open the device. + */ if (!(qemuCmdFlags & QEMUD_CMD_FLAG_VNET_HOST && qemuCmdFlags & QEMUD_CMD_FLAG_NETDEV && - qemuCmdFlags & QEMUD_CMD_FLAG_DEVICE && - net->model && STREQ(net->model, "virtio"))) - return -1; + qemuCmdFlags & QEMUD_CMD_FLAG_DEVICE)) { + if (net->backend == VIR_DOMAIN_NET_BACKEND_TYPE_VHOST) { + qemuReportError(VIR_ERR_CONFIG_UNSUPPORTED, + "%s", _("vhost-net is not supported with " + "this QEMU binary")); + return -1; + } + return 0; + } - return open("/dev/vhost-net", O_RDWR, 0); + /* If the nic model isn't virtio, don't try to open. */ + if (!(net->model && STREQ(net->model, "virtio"))) { + if (net->backend == VIR_DOMAIN_NET_BACKEND_TYPE_VHOST) { + qemuReportError(VIR_ERR_CONFIG_UNSUPPORTED, + "%s", _("vhost-net is only supported for " + "virtio network interfaces")); + return -1; + } + return 0; + } + + *vhostfd = open("/dev/vhost-net", O_RDWR); + + /* If the config says explicitly to use vhost and we couldn't open it, + * report an error. + */ + if ((*vhostfd < 0) && + (net->backend == VIR_DOMAIN_NET_BACKEND_TYPE_VHOST)) { + qemuReportError(VIR_ERR_CONFIG_UNSUPPORTED, + "%s", _("vhost-net was requested for an interface, " + "but is unavailable")); + return -1; + } + return 0; } @@ -3278,7 +3312,10 @@ qemuBuildCommandLine(virConnectPtr conn, net->type == VIR_DOMAIN_NET_TYPE_DIRECT) { /* Attempt to use vhost-net mode for these types of network device */ - int vhostfd = qemuOpenVhostNet(net, qemuCmdFlags); + int vhostfd; + + if (qemuOpenVhostNet(net, qemuCmdFlags, &vhostfd) < 0) + goto error; if (vhostfd >= 0) { virCommandTransferFD(cmd, vhostfd); @@ -4618,6 +4655,12 @@ qemuParseCommandLineNet(virCapsPtr caps, } else if (STREQ(keywords[i], "model")) { def->model = values[i]; values[i] = NULL; + } else if (STREQ(keywords[i], "vhost")) { + if ((values[i] == NULL) || STREQ(values[i], "on")) { + def->backend = VIR_DOMAIN_NET_BACKEND_TYPE_VHOST; + } else if (STREQ(keywords[i], "off")) { + def->backend = VIR_DOMAIN_NET_BACKEND_TYPE_QEMU; + } } } diff --git a/src/qemu/qemu_command.h b/src/qemu/qemu_command.h index 4c42a10..5439184 100644 --- a/src/qemu/qemu_command.h +++ b/src/qemu/qemu_command.h @@ -116,9 +116,6 @@ int qemuNetworkIfaceConnect(virConnectPtr conn, unsigned long long qemCmdFlags) ATTRIBUTE_NONNULL(1); -int qemuOpenVhostNet(virDomainNetDefPtr net, - unsigned long long qemuCmdFlags); - int qemuPhysIfaceConnect(virConnectPtr conn, struct qemud_driver *driver, virDomainNetDefPtr net, -- 1.7.3.4

2 2

[libvirt] [PATCH] Fix 'make check' after commit 04197350
by Jim Fehlig 14 Jan '11

14 Jan '11

I broke 'make check' with commit 04197350 by unconditionally emitting 'hap=' in xen xm driver. Only emit 'hap=' if xendConfigVersion >= 3. I've tested sending 'hap=' to a Xen 3.2 machine without support for hap setting and verified that xend silently drops the unrecognized setting. --- src/xen/xm_internal.c | 9 +++++---- 1 files changed, 5 insertions(+), 4 deletions(-) diff --git a/src/xen/xm_internal.c b/src/xen/xm_internal.c index ec618aa..bfb6698 100644 --- a/src/xen/xm_internal.c +++ b/src/xen/xm_internal.c @@ -2413,10 +2413,11 @@ virConfPtr xenXMDomainConfigFormat(virConnectPtr conn, (1 << VIR_DOMAIN_FEATURE_APIC)) ? 1 : 0) < 0) goto no_memory; - if (xenXMConfigSetInt(conf, "hap", - (def->features & - (1 << VIR_DOMAIN_FEATURE_HAP)) ? 1 : 0) < 0) - goto no_memory; + if (priv->xendConfigVersion >= 3) + if (xenXMConfigSetInt(conf, "hap", + (def->features & + (1 << VIR_DOMAIN_FEATURE_HAP)) ? 1 : 0) < 0) + goto no_memory; if (def->clock.offset == VIR_DOMAIN_CLOCK_OFFSET_LOCALTIME) { if (def->clock.data.timezone) { -- 1.7.3.1

2 2

[libvirt] [PATCH] Enable tuning of qemu network tap device "sndbuf" size
by Laine Stump 14 Jan '11

14 Jan '11

This is in response to a request in: https://bugzilla.redhat.com/show_bug.cgi?id=665293 In short, under heavy load, it's possible for qemu's networking to lock up due to the tap device's default 1MB sndbuf being inadequate. adding "sndbuf=0" to the qemu commandline -netdevice option will alleviate this problem (sndbuf=0 actually sets it to 0xffffffff). Because we must be able to explicitly specify "0" as a value, the standard practice of "0 means not specified" won't work here. Instead, virDomainNetDef also has a sndbuf_specified, which defaults to 0, but is set to 1 if some value was given. The sndbuf value is put inside a <tune> element of each <interface> in the domain. The intent is that further tunable settings will also be placed inside this elemnent. <interface type='network'> ... <tune> <sndbuf>0</sndbuf> ... </tune> </interface> --- Note that in qemuBuildHostNetStr() I have moved if (vhostfd && *vhostfd) { virBufferVSprintf(&buf, ",vhost=on,vhostfd=%s", vhostfd); into a newly created "if (is_tap) { ... }" block. This always should have been inside such a conditional, but none existed until now. (I can make this a separate patch if anyone wants, but it seemed so simple and obvious that I took the slothenly way out :-) Also, as with the vhost patch, I didn't get the html docs updated for this addition either. I will add both in a single followup patch next week. docs/schemas/domain.rng | 10 ++++++++++ src/conf/domain_conf.c | 31 +++++++++++++++++++++++++++++-- src/conf/domain_conf.h | 4 ++++ src/qemu/qemu_command.c | 19 +++++++++++++++++-- 4 files changed, 60 insertions(+), 4 deletions(-) diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng index 6d0654d..e2883aa 100644 --- a/docs/schemas/domain.rng +++ b/docs/schemas/domain.rng @@ -1025,6 +1025,16 @@ <ref name="filterref-node-attributes"/> </element> </optional> + <optional> + <element name="tune"> + <optional> +  + <element name="sndbuf"> + <ref name="unsignedInt"/> + </element> + </optional> + </element> + </optional> </interleave> </define> <define name="virtualPortProfile"> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 04ed502..5d1b8cf 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -2280,6 +2280,7 @@ err_exit: static virDomainNetDefPtr virDomainNetDefParseXML(virCapsPtr caps, xmlNodePtr node, + xmlXPathContextPtr ctxt, int flags ATTRIBUTE_UNUSED) { virDomainNetDefPtr def; xmlNodePtr cur; @@ -2298,15 +2299,19 @@ virDomainNetDefParseXML(virCapsPtr caps, char *internal = NULL; char *devaddr = NULL; char *mode = NULL; + unsigned long sndbuf; virNWFilterHashTablePtr filterparams = NULL; virVirtualPortProfileParams virtPort; bool virtPortParsed = false; + xmlNodePtr oldnode = ctxt->node; if (VIR_ALLOC(def) < 0) { virReportOOMError(); return NULL; } + ctxt->node = node; + type = virXMLPropString(node, "type"); if (type != NULL) { if ((int)(def->type = virDomainNetTypeFromString(type)) < 0) { @@ -2593,7 +2598,13 @@ virDomainNetDefParseXML(virCapsPtr caps, } } + if (virXPathULong("string(./tune/sndbuf)", ctxt, &sndbuf) >= 0) { + def->tune.sndbuf = sndbuf; + def->tune.sndbuf_specified = 1; + } + cleanup: + ctxt->node = oldnode; VIR_FREE(macaddr); VIR_FREE(network); VIR_FREE(address); @@ -4303,6 +4314,7 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps, { xmlDocPtr xml; xmlNodePtr node; + xmlXPathContextPtr ctxt = NULL; virDomainDeviceDefPtr dev = NULL; if (!(xml = xmlReadDoc(BAD_CAST xmlStr, "device.xml", NULL, @@ -4319,6 +4331,13 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps, goto error; } + ctxt = xmlXPathNewContext(xml); + if (ctxt == NULL) { + virReportOOMError(); + goto error; + } + ctxt->node = node; + if (VIR_ALLOC(dev) < 0) { virReportOOMError(); goto error; @@ -4334,7 +4353,7 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps, goto error; } else if (xmlStrEqual(node->name, BAD_CAST "interface")) { dev->type = VIR_DOMAIN_DEVICE_NET; - if (!(dev->data.net = virDomainNetDefParseXML(caps, node, flags))) + if (!(dev->data.net = virDomainNetDefParseXML(caps, node, ctxt, flags))) goto error; } else if (xmlStrEqual(node->name, BAD_CAST "input")) { dev->type = VIR_DOMAIN_DEVICE_INPUT; @@ -4372,11 +4391,12 @@ virDomainDeviceDefPtr virDomainDeviceDefParse(virCapsPtr caps, } xmlFreeDoc(xml); - + xmlXPathFreeContext(ctxt); return dev; error: xmlFreeDoc(xml); + xmlXPathFreeContext(ctxt); VIR_FREE(dev); return NULL; } @@ -5047,6 +5067,7 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps, for (i = 0 ; i < n ; i++) { virDomainNetDefPtr net = virDomainNetDefParseXML(caps, nodes[i], + ctxt, flags); if (!net) goto error; @@ -6315,6 +6336,12 @@ virDomainNetDefFormat(virBufferPtr buf, VIR_FREE(attrs); } + if (def->tune.sndbuf_specified) { + virBufferAddLit(buf, " <tune>\n"); + virBufferVSprintf(buf, " <sndbuf>%d</sndbuf>\n", def->tune.sndbuf); + virBufferAddLit(buf, " </tune>\n"); + } + if (virDomainDeviceInfoFormat(buf, &def->info, flags) < 0) return -1; diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 451ccad..2d35d68 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -346,6 +346,10 @@ struct _virDomainNetDef { virVirtualPortProfileParams virtPortProfile; } direct; } data; + struct { + int sndbuf_specified : 1; + int sndbuf; + } tune; char *ifname; virDomainDeviceInfo info; char *filter; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 9eb54a1..add66cb 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -1587,6 +1587,7 @@ qemuBuildHostNetStr(virDomainNetDefPtr net, const char *tapfd, const char *vhostfd) { + bool is_tap = false; virBuffer buf = VIR_BUFFER_INITIALIZER; switch (net->type) { @@ -1596,6 +1597,7 @@ qemuBuildHostNetStr(virDomainNetDefPtr net, virBufferAddLit(&buf, "tap"); virBufferVSprintf(&buf, "%cfd=%s", type_sep, tapfd); type_sep = ','; + is_tap = true; break; case VIR_DOMAIN_NET_TYPE_ETHERNET: @@ -1609,6 +1611,7 @@ qemuBuildHostNetStr(virDomainNetDefPtr net, net->data.ethernet.script); type_sep = ','; } + is_tap = true; break; case VIR_DOMAIN_NET_TYPE_CLIENT: @@ -1662,8 +1665,11 @@ qemuBuildHostNetStr(virDomainNetDefPtr net, type_sep, net->info.alias); } - if (vhostfd && *vhostfd) { - virBufferVSprintf(&buf, ",vhost=on,vhostfd=%s", vhostfd); + if (is_tap) { + if (vhostfd && *vhostfd) + virBufferVSprintf(&buf, ",vhost=on,vhostfd=%s", vhostfd); + if (net->tune.sndbuf_specified) + virBufferVSprintf(&buf, ",sndbuf=%d", net->tune.sndbuf); } if (virBufferError(&buf)) { @@ -4665,6 +4671,15 @@ qemuParseCommandLineNet(virCapsPtr caps, def->backend = VIR_DOMAIN_NET_BACKEND_TYPE_QEMU; } def->backend_specified = 1; + } else if (STREQ(keywords[i], "sndbuf") && values[i]) { + if (virStrToLong_i(values[i], NULL, 10, &def->tune.sndbuf) < 0) { + qemuReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot parse sndbuf size in '%s'"), val); + virDomainNetDefFree(def); + def = NULL; + goto cleanup; + } + def->tune.sndbuf_specified = 1; } } -- 1.7.3.4

3 4

[libvirt] [PATCH] cpu: Add support for Westmere CPU model
by Jiri Denemark 14 Jan '11

14 Jan '11

--- src/cpu/cpu_map.xml | 9 +++++++++ 1 files changed, 9 insertions(+), 0 deletions(-) diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml index 75c6522..35dca20 100644 --- a/src/cpu/cpu_map.xml +++ b/src/cpu/cpu_map.xml @@ -142,6 +142,9 @@ <feature name='popcnt'>  <cpuid function='0x00000001' ecx='0x00800000'/> </feature> + <feature name='aes'> + <cpuid function='0x00000001' ecx='0x02000000'/> + </feature> <feature name='hypervisor'>  <cpuid function='0x00000001' ecx='0x80000000'/> </feature> @@ -453,6 +456,12 @@ <feature name='lahf_lm'/> </model> + <model name='Westmere'> + <vendor name='Intel'/> + <model name='Nehalem'/> + <feature name='aes'/> + </model> + <model name='Opteron_G1'> <vendor name='AMD'/> <feature name='sse2'/> -- 1.7.4.rc1

2 2