[libvirt] [PATCH] build: Install libxenlight log dir
by Jim Fehlig
Add $localstatedir/log/libvirt/libxl when building libxenlight driver
---
src/Makefile.am | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/src/Makefile.am b/src/Makefile.am
index 9b54679..3649106 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1275,6 +1275,7 @@ endif
if WITH_LIBXL
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/libxl"
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/run/libvirt/libxl"
+ $(MKDIR_P) "$(DESTDIR)$(localstatedir)/log/libvirt/libxl"
endif
if WITH_UML
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/uml"
@@ -1316,6 +1317,7 @@ endif
if WITH_LIBXL
rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/libxl" ||:
rmdir "$(DESTDIR)$(localstatedir)/run/libvirt/libxl" ||:
+ rmdir "$(DESTDIR)$(localstatedir)/log/libvirt/libxl" ||:
endif
if WITH_UML
rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/uml" ||:
--
1.7.3.1
13 years, 8 months
[libvirt] Using Restore in another host.
by Marcela Castro León
Hello:
I need to know if I can use the restore operation (virsh o the equivalent in
libvirt) to recover a previous state of a guest, but recovered previously in
another host.
I did a test, but I got an error:
The exactly sequence using virsh I testes is:
On [HOST SOURCE]: Using virsh
1) save [domain] [file]
2) restore file
3) destroy [domain]
On [HOST SOURCE] using ubuntu sh
4) cp [guest.img] [guest.xml] [file] to HOST2
On [HOST TARGET] using virsh
5) define [guest.xml] (using image on destination in HOST2)
6) restore [file]
The restore troughs the following message:
*virsh # restore sv-chubut-2011-04-01-09:58
error: Failed to restore domain from sv-chubut-2011-04-01-09:58
error: monitor socket did not show up.: Connection refused*
Thank you very much.
Marcela.
13 years, 8 months
[libvirt] [PATCH 0/4] Another set of functions for the libxl driver
by Markus Groß
This patch set adds some more functions to the libxl driver.
Best regards
Markus
Markus Groß (4):
Add domainIsUpdated to libxl driver
Add domainSet/GetSchedulerParameters to libxl driver
Add cputune support to libxl driver
Add domainSave/Restore to libxl driver
src/libxl/libxl_conf.h | 10 +
src/libxl/libxl_driver.c | 517 ++++++++++++++++++++++++++++++++++++++++++----
2 files changed, 485 insertions(+), 42 deletions(-)
--
1.7.4.3
13 years, 8 months
[libvirt] [TCK][PATCH] nwfilter: test support for TCP flags evaluation
by Stefan Berger
This patch extends an existing test with test cases for the TCP flags.
Signed-off-by: Stefan Berger <stefanb(a)linux.vnet.ibm.com>
---
scripts/nwfilter/nwfilterxml2fwallout/tcp-test.fwall | 4 ++++
scripts/nwfilter/nwfilterxml2xmlin/tcp-test.xml | 12 ++++++++++++
2 files changed, 16 insertions(+)
Index: libvirt-tck/scripts/nwfilter/nwfilterxml2fwallout/tcp-test.fwall
===================================================================
--- libvirt-tck.orig/scripts/nwfilter/nwfilterxml2fwallout/tcp-test.fwall
+++ libvirt-tck/scripts/nwfilter/nwfilterxml2fwallout/tcp-test.fwall
@@ -10,6 +10,10 @@ target prot opt source
ACCEPT tcp -- 10.1.2.3 0.0.0.0/0 DSCP
match 0x02state ESTABLISHED ctdir ORIGINAL
ACCEPT tcp -- 10.1.2.3 0.0.0.0/0 MAC
01:02:03:04:05:06 DSCP match 0x21tcp spts:20:21 dpts:100:1111
ACCEPT tcp -- 10.1.2.3 0.0.0.0/0 MAC
01:02:03:04:05:06 DSCP match 0x3ftcp spts:255:256 dpt:65535
+ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x02/0x3F
+ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x02/0x12
+ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x04/0x00
+ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:0x08/0x00
#iptables -L HI-vnet0 -n
Chain HI-vnet0 (1 references)
target prot opt source destination
Index: libvirt-tck/scripts/nwfilter/nwfilterxml2xmlin/tcp-test.xml
===================================================================
--- libvirt-tck.orig/scripts/nwfilter/nwfilterxml2xmlin/tcp-test.xml
+++ libvirt-tck/scripts/nwfilter/nwfilterxml2xmlin/tcp-test.xml
@@ -19,4 +19,16 @@
srcportstart='255' srcportend='256'
dstportstart='65535' dstportend='65536'/>
</rule>
+ <rule action='accept' direction='in'>
+ <tcp state='NONE' flags='SYN/ALL'/>
+ </rule>
+ <rule action='accept' direction='in'>
+ <tcp state='NONE' flags='SYN/SYN,ACK'/>
+ </rule>
+ <rule action='accept' direction='in'>
+ <tcp state='NONE' flags='RST/NONE'/>
+ </rule>
+ <rule action='accept' direction='in'>
+ <tcp state='NONE' flags='PSH/'/>
+ </rule>
</filter>
13 years, 8 months
[libvirt] [PATCH v2] nwfilters: support for TCP flags evaluation
by Stefan Berger
This patch adds support for the evaluation of TCP flags in nwfilters.
It adds documentation to the web page and extends the tests as well.
Also, the nwfilter schema is extended.
The following are some example for rules using the tcp flags:
<rule action='accept' direction='in'>
<tcp state='NONE' flags='SYN/ALL' dsptportstart='80'/>
</rule>
<rule action='drop' direction='in'>
<tcp state='NONE' flags='SYN/ALL'/>
</rule>
Signed-off-by: Stefan Berger <stefanb(a)linux.vnet.ibm.com>
---
docs/formatnwfilter.html.in | 10 ++
docs/schemas/nwfilter.rng | 16 ++++
src/conf/nwfilter_conf.c | 115
+++++++++++++++++++++++++++---
src/conf/nwfilter_conf.h | 9 ++
src/libvirt_private.syms | 1
src/nwfilter/nwfilter_ebiptables_driver.c | 9 ++
tests/nwfilterxml2xmlin/tcp-test.xml | 12 +++
tests/nwfilterxml2xmlout/tcp-test.xml | 12 +++
8 files changed, 174 insertions(+), 10 deletions(-)
Index: libvirt-acl/src/conf/nwfilter_conf.c
===================================================================
--- libvirt-acl.orig/src/conf/nwfilter_conf.c
+++ libvirt-acl/src/conf/nwfilter_conf.c
@@ -5,7 +5,8 @@
* Copyright (C) 2006-2011 Red Hat, Inc.
* Copyright (C) 2006-2008 Daniel P. Berrange
*
- * Copyright (C) 2010 IBM Corporation
+ * Copyright (C) 2010-2011 IBM Corporation
+ * Copyright (C) 2010-2011 Stefan Berger
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -726,17 +727,23 @@ printStringItems(virBufferPtr buf, const
int32_t flags, const char *sep)
{
unsigned int i, c = 0;
- int32_t last_attr = 0;
+ int32_t mask = 0x1;
- for (i = 0; int_map[i].val; i++) {
- if (last_attr != int_map[i].attr &&
- flags & int_map[i].attr) {
- if (c >= 1)
- virBufferVSprintf(buf, "%s", sep);
- virBufferVSprintf(buf, "%s", int_map[i].val);
- c++;
+ while (mask) {
+ if ((mask & flags)) {
+ for (i = 0; int_map[i].val; i++) {
+ if (mask == int_map[i].attr) {
+ if (c >= 1)
+ virBufferVSprintf(buf, "%s", sep);
+ virBufferVSprintf(buf, "%s", int_map[i].val);
+ c++;
+ }
+ }
+ flags ^= mask;
+ if (!flags)
+ break;
}
- last_attr = int_map[i].attr;
+ mask <<= 1;
}
return 0;
@@ -799,6 +806,87 @@ stateFormatter(virBufferPtr buf,
}
+
+static const struct int_map tcpFlags[] = {
+ INTMAP_ENTRY(0x1 , "FIN"),
+ INTMAP_ENTRY(0x2 , "SYN"),
+ INTMAP_ENTRY(0x4 , "RST"),
+ INTMAP_ENTRY(0x8 , "PSH"),
+ INTMAP_ENTRY(0x10, "ACK"),
+ INTMAP_ENTRY(0x20, "URG"),
+ INTMAP_ENTRY(0x3F, "ALL"),
+ INTMAP_ENTRY(0x0 , "NONE"),
+ INTMAP_ENTRY_LAST
+};
+
+
+static bool
+tcpFlagsValidator(enum attrDatatype datatype ATTRIBUTE_UNUSED, union
data *val,
+ virNWFilterRuleDefPtr nwf ATTRIBUTE_UNUSED,
+ nwItemDesc *item)
+{
+ bool rc = false;
+ char *s_mask = val->c;
+ char *sep = strchr(val->c, '/');
+ char *s_flags;
+ int32_t mask = 0, flags = 0;
+
+ if (!sep)
+ return false;
+
+ s_flags = sep + 1;
+
+ *sep = '\0';
+
+ if (!parseStringItems(tcpFlags, s_mask , &mask , ',') &&
+ !parseStringItems(tcpFlags, s_flags, &flags, ',')) {
+ item->u.tcpFlags.mask = mask & 0x3f;
+ item->u.tcpFlags.flags = flags & 0x3f;
+ rc = true;
+ }
+
+ *sep = '/';
+
+ return rc;
+}
+
+
+static void
+printTCPFlags(virBufferPtr buf, uint8_t flags)
+{
+ if (flags == 0)
+ virBufferAddLit(buf, "NONE");
+ else if (flags == 0x3f)
+ virBufferAddLit(buf, "ALL");
+ else
+ printStringItems(buf, tcpFlags, flags, ",");
+}
+
+
+void
+virNWFilterPrintTCPFlags(virBufferPtr buf,
+ uint8_t mask, char sep, uint8_t flags)
+{
+ printTCPFlags(buf, mask);
+ virBufferAddChar(buf, sep);
+ printTCPFlags(buf, flags);
+}
+
+
+static bool
+tcpFlagsFormatter(virBufferPtr buf,
+ virNWFilterRuleDefPtr nwf ATTRIBUTE_UNUSED,
+ nwItemDesc *item)
+{
+ virNWFilterPrintTCPFlags(buf,
+ item->u.tcpFlags.mask,
+ '/',
+ item->u.tcpFlags.flags);
+
+ return true;
+}
+
+
#define COMMON_MAC_PROPS(STRUCT) \
{\
.name = SRCMACADDR,\
@@ -1104,6 +1192,13 @@ static const virXMLAttr2Struct tcpAttrib
.datatype = DATATYPE_UINT8 | DATATYPE_UINT8_HEX,
.dataIdx = offsetof(virNWFilterRuleDef,
p.tcpHdrFilter.dataTCPOption),
},
+ {
+ .name = "flags",
+ .datatype = DATATYPE_STRING,
+ .dataIdx = offsetof(virNWFilterRuleDef,
p.tcpHdrFilter.dataTCPFlags),
+ .validator = tcpFlagsValidator,
+ .formatter = tcpFlagsFormatter,
+ },
COMMENT_PROP_IPHDR(tcpHdrFilter),
{
.name = NULL,
Index: libvirt-acl/src/conf/nwfilter_conf.h
===================================================================
--- libvirt-acl.orig/src/conf/nwfilter_conf.h
+++ libvirt-acl/src/conf/nwfilter_conf.h
@@ -122,6 +122,10 @@ struct _nwItemDesc {
uint16_t u16;
char protocolID[10];
char *string;
+ struct {
+ uint8_t mask;
+ uint8_t flags;
+ } tcpFlags;
} u;
};
@@ -242,6 +246,7 @@ struct _tcpHdrFilterDef {
ipHdrDataDef ipHdr;
portDataDef portData;
nwItemDesc dataTCPOption;
+ nwItemDesc dataTCPFlags;
};
@@ -667,6 +672,10 @@ void virNWFilterCallbackDriversLock(void
void virNWFilterCallbackDriversUnlock(void);
+void virNWFilterPrintTCPFlags(virBufferPtr buf, uint8_t mask,
+ char sep, uint8_t flags);
+
+
VIR_ENUM_DECL(virNWFilterRuleAction);
VIR_ENUM_DECL(virNWFilterRuleDirection);
VIR_ENUM_DECL(virNWFilterRuleProtocol);
Index: libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_ebiptables_driver.c
+++ libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -1204,6 +1204,15 @@ _iptablesCreateRuleInstance(int directio
&prefix))
goto err_exit;
+ if (HAS_ENTRY_ITEM(&rule->p.tcpHdrFilter.dataTCPFlags)) {
+ virBufferVSprintf(&buf, " %s --tcp-flags ",
+
ENTRY_GET_NEG_SIGN(&rule->p.tcpHdrFilter.dataTCPFlags));
+ virNWFilterPrintTCPFlags(&buf,
+ rule->p.tcpHdrFilter.dataTCPFlags.u.tcpFlags.mask,
+ ' ',
+ rule->p.tcpHdrFilter.dataTCPFlags.u.tcpFlags.flags);
+ }
+
if (iptablesHandlePortData(&buf,
vars,
&rule->p.tcpHdrFilter.portData,
Index: libvirt-acl/docs/schemas/nwfilter.rng
===================================================================
--- libvirt-acl.orig/docs/schemas/nwfilter.rng
+++ libvirt-acl/docs/schemas/nwfilter.rng
@@ -81,6 +81,7 @@
<ref name="common-port-attributes"/>
<ref name="common-ip-attributes-p1"/>
<ref name="common-ip-attributes-p2"/>
+ <ref name="tcp-attributes"/>
<ref name="comment-attribute"/>
</element>
</zeroOrMore>
@@ -184,6 +185,7 @@
<ref name="common-port-attributes"/>
<ref name="common-ipv6-attributes-p1"/>
<ref name="common-ipv6-attributes-p2"/>
+ <ref name="tcp-attributes"/>
<ref name="comment-attribute"/>
</element>
</zeroOrMore>
@@ -606,6 +608,14 @@
</optional>
</define>
+ <define name="tcp-attributes">
+ <optional>
+ <attribute name="flags">
+ <ref name="tcpflags-type"/>
+ </attribute>
+ </optional>
+ </define>
+
<!-- ################ type library ################ -->
<define name="UUID">
@@ -872,4 +882,10 @@
<param
name="pattern">((NEW|ESTABLISHED|RELATED|INVALID)(,(NEW|ESTABLISHED|RELATED|INVALID))*|NONE)</param>
</data>
</define>
+
+ <define name='tcpflags-type'>
+ <data type="string">
+ <param
name="pattern">((SYN|ACK|URG|PSH|FIN|RST)(,(SYN|ACK|URG|PSH|FIN|RST))*|ALL|NONE)/((SYN|ACK|URG|PSH|FIN|RST)(,(SYN|ACK|URG|PSH|FIN|RST))*|ALL|NONE)</param>
+ </data>
+ </define>
</grammar>
Index: libvirt-acl/docs/formatnwfilter.html.in
===================================================================
--- libvirt-acl.orig/docs/formatnwfilter.html.in
+++ libvirt-acl/docs/formatnwfilter.html.in
@@ -755,6 +755,11 @@
<td>STRING</td>
<td>comma separated list of NEW,ESTABLISHED,RELATED,INVALID or NONE</td>
</tr>
+ <tr>
+ <td>flags <span class="since">(Since 0.9.1)</span></td>
+ <td>STRING</td>
+ <td>TCP-only: format of mask/flags with mask and flags each being a
comma separated list of SYN,ACK,URG,PSH,FIN,RST or NONE or ALL</td>
+ </tr>
</table>
<p>
<br><br>
@@ -1040,6 +1045,11 @@
<td>STRING</td>
<td>comma separated list of NEW,ESTABLISHED,RELATED,INVALID or NONE</td>
</tr>
+ <tr>
+ <td>flags <span class="since">(Since 0.9.1)</span></td>
+ <td>STRING</td>
+ <td>TCP-only: format of mask/flags with mask and flags each being a
comma separated list of SYN,ACK,URG,PSH,FIN,RST or NONE or ALL</td>
+ </tr>
</table>
<p>
<br><br>
Index: libvirt-acl/src/libvirt_private.syms
===================================================================
--- libvirt-acl.orig/src/libvirt_private.syms
+++ libvirt-acl/src/libvirt_private.syms
@@ -683,6 +683,7 @@ virNWFilterObjRemove;
virNWFilterObjSaveDef;
virNWFilterObjUnlock;
virNWFilterPrintStateMatchFlags;
+virNWFilterPrintTCPFlags;
virNWFilterRegisterCallbackDriver;
virNWFilterRuleActionTypeToString;
virNWFilterRuleProtocolTypeToString;
Index: libvirt-acl/tests/nwfilterxml2xmlin/tcp-test.xml
===================================================================
--- libvirt-acl.orig/tests/nwfilterxml2xmlin/tcp-test.xml
+++ libvirt-acl/tests/nwfilterxml2xmlin/tcp-test.xml
@@ -19,4 +19,16 @@
srcportstart='255' srcportend='256'
dstportstart='65535' dstportend='65536'/>
</rule>
+ <rule action='accept' direction='in'>
+ <tcp state='NONE' flags='SYN/ALL'/>
+ </rule>
+ <rule action='accept' direction='in'>
+ <tcp state='NONE' flags='SYN/SYN,ACK'/>
+ </rule>
+ <rule action='accept' direction='in'>
+ <tcp state='NONE' flags='RST/NONE'/>
+ </rule>
+ <rule action='accept' direction='in'>
+ <tcp state='NONE' flags='PSH/'/>
+ </rule>
</filter>
Index: libvirt-acl/tests/nwfilterxml2xmlout/tcp-test.xml
===================================================================
--- libvirt-acl.orig/tests/nwfilterxml2xmlout/tcp-test.xml
+++ libvirt-acl/tests/nwfilterxml2xmlout/tcp-test.xml
@@ -9,4 +9,16 @@
<rule action='accept' direction='in' priority='500' statematch='false'>
<tcp srcmacaddr='01:02:03:04:05:06' srcipaddr='10.1.2.3' srcipmask='32'
dscp='63' srcportstart='255' srcportend='256' dstportstart='65535'/>
</rule>
+ <rule action='accept' direction='in' priority='500'>
+ <tcp state='NONE' flags='SYN/ALL'/>
+ </rule>
+ <rule action='accept' direction='in' priority='500'>
+ <tcp state='NONE' flags='SYN/SYN,ACK'/>
+ </rule>
+ <rule action='accept' direction='in' priority='500'>
+ <tcp state='NONE' flags='RST/NONE'/>
+ </rule>
+ <rule action='accept' direction='in' priority='500'>
+ <tcp state='NONE' flags='PSH/NONE'/>
+ </rule>
</filter>
13 years, 8 months
[libvirt] [PATCH] setmaxmem: remove the code to invoke virDomainSetMemory in cmdSetmaxmem
by Taku Izumi
When the new maximum memory size becomes less than the current memory size,
I think it is not the libvirt client but the each driver that decides the behavior
(reject the operation or shrink the current memory size).
Signed-off-by: Taku Izumi <izumi.taku(a)jp.fujitsu.com>
---
tools/virsh.c | 10 +---------
1 file changed, 1 insertion(+), 9 deletions(-)
Index: libvirt/tools/virsh.c
===================================================================
--- libvirt.orig/tools/virsh.c
+++ libvirt/tools/virsh.c
@@ -3030,15 +3030,7 @@ cmdSetmaxmem(vshControl *ctl, const vshC
if (virDomainSetMaxMemory(dom, kilobytes) != 0) {
vshError(ctl, "%s", _("Unable to change MaxMemorySize"));
- virDomainFree(dom);
- return FALSE;
- }
-
- if (kilobytes < info.memory) {
- if (virDomainSetMemory(dom, kilobytes) != 0) {
- vshError(ctl, "%s", _("Unable to shrink current MemorySize"));
- ret = FALSE;
- }
+ ret = FALSE;
}
virDomainFree(dom);
13 years, 8 months
[libvirt] [BUG] Managed save qemu state gets deleted after failed resume
by Philipp Hahn
Hello,
I haven't had time to provide a fix, but still want you to inform you about a
bug: If resuming a saved VM fails with Qemu-0.14, the managed save state
file /var/lib/libvirt/qemu/save/$VM.save is still deleted. I think it would
be better to only delete the state after an successful resume.
/var/log/libvirt/qemu/ucs2.3-0_basis_amd64.log:
2011-03-30 09:37:56.960: starting up
LC_ALL=C PATH=/sbin:/bin:/usr/sbin:/usr/bin
QEMU_AUDIO_DRV=none /usr/bin/kvm -S
-M pc-0.14 -enable-kvm -m 2048 -smp 2,sockets=2,cores=1,threads=1 -name
ucs2.3-0_basis_amd64 -uuid 656957aa-13a0-6922-5d08-3a39561f9775 -nodefconfig
-nodefaults -chardev
socket,id=monitor,path=/var/lib/libvirt/qemu/ucs2.3-0_basis_amd64.monitor,server,nowait
-mon chardev=monitor,mode=readline -rtc base=utc -boot cnd -drive
file=/var/lib/libvirt/images/ucs_2.3-0-091215-dvd-amd64.iso,if=none,media=cdrom,id=drive-ide0-0-0,readonly=on,format=raw
-device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive
file=/var/lib/libvirt/images/ucs230basis.qcow2,if=none,id=drive-ide0-0-1,format=qcow2
-device ide-drive,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1 -netdev
tap,fd=24,id=hostnet0 -device
rtl8139,netdev=hostnet0,id=net0,mac=52:54:00:12:7c:03,bus=pci.0,addr=0x3 -usb
-device usb-tablet,id=input0 -vnc 0.0.0.0:5 -k de -vga cirrus -device
virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x4 -option-rom
/usr/share/kvm/pxe-rtl8139.bin
Failed to allocate 2147483648 B: Cannot allocate memory
/var/log/univention/virtual-machine-manager-daemon-errors.log:
libvir: QEMU error : operation failed: migration to 'exec:cat | { dd bs=4096
seek=1 if=/dev/null && dd bs=1048576; }
1<>'/var/lib/libvirt/qemu/save/ucs2.3-0_basis_amd64.save'' failed: migration
failed
libvir: QEMU error : operation failed: failed to retrieve chardev info in qemu
with 'info chardev'
This issue is tracked in our (German) bug-tracker at
<https://forge.univention.org/bugzilla/show_bug.cgi?id=22021>
Sincerely
Philipp Hahn
--
Philipp Hahn Open Source Software Engineer hahn(a)univention.de
Univention GmbH Linux for Your Business fon: +49 421 22 232- 0
Mary-Somerville-Str.1 D-28359 Bremen fax: +49 421 22 232-99
http://www.univention.de/
13 years, 8 months