[libvirt] VMWare "independent disk" processing needed
by computernews@rambler.ru
Hello,
On VMware ESX server it is possible for the virtual machine to add the
"independent disk" - the kind of virtual disk that (among other
features) is not being covered by the snapshot logic.
As I am working on some kind of backup solution I need to be able to
backup the precise state of the guest virtual machine running on say
VMware ESX server.
I am able to perform a backup of a guest machine description with
libvirts's amazing API which covers most of my needs except the
aforementioned "independent disk" virtual disk type. The problem shows
up at the restore type when I need to create the new virtual machine
having an .xml file created by "virsh dumpxml" command. In fact I use
API but "virsh does the same". This .xml file covers most of guest
machine's aspects but it doesn't reflect the "independent" nature of
such disks. So the virtual machine is going to be restored incorrectly
when includes "independent disks".
From the source codes of "libvirt" ("/libvirt/src/vmx/vmx.*") I see
that this is ment to be covered but yet is not implemented. Appropriate
nodes must be stored in .xml file during the backup and returned back to
.vmx file during the restore.
So here are my questions: Is someone on it at the moment ? If yes - can
I help somehow ? If no - whom shell I approach in order to be
mentored/directed if I decide to participate, implement this and
contribute the patch back to the source code ?
Thanks for an answer in advance.
Best regards
Oleh Paliy
13 years, 5 months
[libvirt] PPPoE-Server problem
by B Veera-B37207
HI,
I am using Libvirt with LXC as hypervisor.
When I am starting pppoe-server , unable to create ppp0 interface in Virtual machine, it is unable to serve ips to clients.
Let me know is there any plug-in for this (Or) What is the solution.
Regards,
Veera.
13 years, 5 months
[libvirt] [PATCH 1/4] libvirtd: avoid memory leak on OOM
by Eric Blake
Detected by Coverity; only strikes on OOM so not serious.
* daemon/libvirtd.c (daemonPidFilePath): Plug leak.
---
daemon/libvirtd.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/daemon/libvirtd.c b/daemon/libvirtd.c
index 60ee705..06d2077 100644
--- a/daemon/libvirtd.c
+++ b/daemon/libvirtd.c
@@ -310,8 +310,10 @@ daemonPidFilePath(bool privileged,
if (!(userdir = virGetUserDirectory(geteuid())))
goto error;
- if (virAsprintf(pidfile, "%s/.libvirt/libvirtd.pid", userdir) < 0)
+ if (virAsprintf(pidfile, "%s/.libvirt/libvirtd.pid", userdir) < 0) {
+ VIR_FREE(userdir);
goto no_memory;
+ }
VIR_FREE(userdir);
}
--
1.7.4.4
13 years, 5 months
[libvirt] [PATCH] storage: Do not override the exact error of createRawFile
by Osier Yang
virStorageBackendCreateRaw: createRawFile already reported the
exact error.
Before the fix:
error: Failed to create vol vol-create.img
error: cannot create path '/var/lib/libvirt/images/vol-create.img': Unknown error 18446744073709551597
After the fix:
error: Failed to create vol vol-create.img
error: cannot fill file '/var/lib/libvirt/images/vol-create.img': No space left on device
---
src/storage/storage_backend.c | 13 ++++++++-----
1 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/src/storage/storage_backend.c b/src/storage/storage_backend.c
index a6e66e1..cee2010 100644
--- a/src/storage/storage_backend.c
+++ b/src/storage/storage_backend.c
@@ -299,6 +299,7 @@ createRawFile(int fd, virStorageVolDefPtr vol,
{
int ret = 0;
unsigned long long remain;
+ off_t cur_pos = 0;
/* Seek to the final size, so the capacity is available upfront
* for progress reporting */
@@ -310,7 +311,12 @@ createRawFile(int fd, virStorageVolDefPtr vol,
goto cleanup;
}
+ cur_pos = lseek(fd, 0, SEEK_CUR);
+
+ VIR_WARN("cur_pos = %jd", cur_pos);
+
remain = vol->allocation;
+ VIR_WARN("remain = %llu", remain);
if (inputvol) {
ret = virStorageBackendCopyToFD(vol, inputvol, fd, &remain, 1);
@@ -399,12 +405,9 @@ virStorageBackendCreateRaw(virConnectPtr conn ATTRIBUTE_UNUSED,
goto cleanup;
}
- if ((ret = createRawFile(fd, vol, inputvol)) < 0) {
- virReportSystemError(-fd,
- _("cannot create path '%s'"),
- vol->target.path);
+ if ((ret = createRawFile(fd, vol, inputvol)) < 0)
+ /* createRawFile already reported the exact error. */
ret = -1;
- }
cleanup:
VIR_FORCE_CLOSE(fd);
--
1.7.4
13 years, 5 months
[libvirt] Release of libvirt-0.9.3
by Daniel Veillard
As scheduled, I made the new release of libvirt-0.9.3 today,
it is available at ftp://libvirt.org/libvirt/ , the rpms are still being
pushed as I write.
This is a fairly large release again, with over 330 commits
incorporated, including a number of new APIs, large refactoring of the
client server code, LXC containers improvements and many improvements
and various bug fixes.
Features:
- vcpupin: introduce the new libvirt API (virDomainGetVcpupinInfo) (Taku Izumi)
- Add TXT record support for virtual DNS service (Michal Novotny)
- Support reboots with the QEMU driver (Daniel P. Berrange)
- Introduce virDomainGetControlInfo API (Jiri Denemark)
- virNodeGetMemoryStats: Expose new API (Minoru Usui)
- virNodeGetCPUTime: Implement public API (Minoru Usui)
- send-key: Defining the public API (Lai Jiangshan)
- vcpupin: introduce a new libvirt API (virDomainPinVcpuFlags) (Taku Izumi)
- support multifunction PCI device (Wen Congyang)
- lxc: various improvements
Documentation:
- Add documentation for configuration lock managers (Daniel P. Berrange)
- fix indentation of sub-elements of <ip> in network XML (Laine Stump)
- document correct flag name (Eric Blake)
- documenting the 802.1Qbh parameters of a 'direct' interface (David S. Wang)
- Make virConnectClose comply to apibuild.py expectations (Matthias Bolte)
- fix docs to match behavior of virConnectClose (Eric Blake)
- numatune: Add doc for new numatune XML (Osier Yang)
- Fix documentation of virStreamRecv (Matthias Bolte)
- updated list of applications using libvirt. (Ohad Levy)
- improve VIR_DOMAIN_AFFECT_CURRENT description (Eric Blake)
- Add doc for video element (Osier Yang)
- Make hvsupport.pl pick up the host device drivers (Matthias Bolte)
Portability:
- Explicitely invoke python for API doc generator (Daniel Veillard)
- fix virParseVersionString with linux 3.0 (Scott Moser)
- Add conditionals to allow build without SASL (Daniel P. Berrange)
- Add missing include of signal.h in virnetsocket.c (Daniel P. Berrange)
- Fix compilation with systemtap 1.3 (Matthias Bolte)
- build: fix mingw build (Eric Blake)
- daemon: Fix build without polkit (Jiri Denemark)
- build: fix 'make check' when pdwtags is available (Eric Blake)
- build: sanlock-devel is not in F15 yet (Eric Blake)
- Only include parthelper if built with storage_disk (Ruben Kerkhof)
- build: fix VPATH builds (Eric Blake)
- python: Don't declare Py_ssize_t for Python 2.6 (Matthias Bolte)
- build: avoid python 2.4 build failure (Eric Blake)
- build: fix NUMA build on RHEL 5 (Eric Blake)
- build: avoid python 2.4 build failure (Eric Blake)
- build: avoid compiler failure (Eric Blake)
- build: fix compilation on systems missing libnl and new includes (Stefan Berger)
- configure: Make libnl optional unless macvtap is required (Matthias Bolte)
- build: require newer netcf when it is available (Eric Blake)
- build: fix building error when building without libvirtd (Wen Congyang)
- Skip nodeinfo test on non intel architectures (Guido Günther)
- Fix dlopen dependency (Matthias Bolte)
- virt-aa-helper: add missing include (Eric Blake)
Bug Fixes:
- initialize pointer to NULL (Wen Congyang)
- storage: avoid crash on parse error (Eric Blake)
- vmware: avoid null deref on failed lookup (Eric Blake)
- qemu: avoid null deref on low memory (Eric Blake)
- rpc: avoid memory leak on error (Eric Blake)
- rpc: fix logic bug (Eric Blake)
- pci: avoid memory leak on error (Eric Blake)
- interface: avoid memory leak on parse error (Eric Blake)
- libvirtd: avoid memory leak on OOM (Eric Blake)
- build: avoid double-close bug with pipe2 (Eric Blake)
- rpc: avoid freeing uninitialized variable (Eric Blake)
- virsh: avoid uninitialized variable (Eric Blake)
- virsh: avoid integer overflow (Eric Blake)
- Fix stream procedure number for virDomainMigratePrepareTunnel3 (Daniel P. Berrange)
- Fix release of virNetMessagePtr instances in streams processing (Daniel P. Berrange)
- Fix potential crash when saving guests (Daniel P. Berrange)
- Fix uninitialized value in QEMU monitor FD sending code (Daniel P. Berrange)
- Fix leak of JSON object for events (Daniel P. Berrange)
- Fix use of uninitialized memory when releasing PCI slots (Daniel P. Berrange)
- Fix leak of virStreamPtr object with callback added in fdstream impl (Daniel P. Berrange)
- Fix leak of mdnsGroupName in virNetServer object (Daniel P. Berrange)
- Fix release of filtered stream messages (Daniel P. Berrange)
- save domain status after modifing vcpupin (Wen Congyang)
- Fix memory leak in virDomainVcpuPinDel() (Wen Congyang)
- sysinfo: fix illegal NULL return (Minoru Usui)
- Fix locking wrt virNetClientStreamPtr object (Daniel P. Berrange)
- Avoid referencing NULL pointer when copying stream error (Daniel P. Berrange)
- Avoid free'ing a filtered RPC message in the server (Daniel P. Berrange)
- Ensure empty payload is written upon stream completion (Daniel P. Berrange)
- Fix propagation of RPC errors from streams (Daniel P. Berrange)
- Fix crash when aborting a stream from a I/O callback (Daniel P. Berrange)
- dnsmasq: Fix errno handling and don't unlink non-existing files (Matthias Bolte)
- tests: Fix memory leak in virnetmessagetest (Osier Yang)
- conf: Fix memory leak in virNetworkDNSDefFormat (Osier Yang)
- sysinfo: fix parsing regression (Eric Blake)
- remote: fix uninitialized variable (Eric Blake)
- build: avoid uninitialized variable (Eric Blake)
- buf: protect against integer overflow (Eric Blake)
- remote: protect against integer overflow (Eric Blake)
- Fix typo in libvirt_private.syms (Matthias Bolte)
- Fix some bugs in RPC protocol make rules (Daniel P. Berrange)
- Fix job type set in qemuMigrationPrepareDirect/PrepareTunnel (Daniel P. Berrange)
- Avoid high privileges taint warning for QEMU session driver (Daniel P. Berrange)
- util: Fix memory leak in virJSONParserHandleStartMap (Osier Yang)
- qemu: Fix memory leak in qemuProcessWaitForMonitor (Osier Yang)
- storage: fix volDelete return when volume still being allocated (Matthew Booth)
- Fix use-after-free in handling domain taint flags (Daniel P. Berrange)
- qemu: Fix one memory leak (Osier Yang)
- virsh: avoid bogus description (Eric Blake)
- set and restore MAC address of a NIC when using PASSTHROUGH mode (Dirk Herrendoerfer)
- conf: Fix one memory leak (Osier Yang)
- Add missing checks for NULL in domain lock manager (Daniel P. Berrange)
- Fix errno return in safezero() (Daniel P. Berrange)
- Fix allocation of veth's to not skip an index (Daniel P. Berrange)
- command: avoid double close (Eric Blake)
- qemu: Fix parsing 'info chardev' (Cole Robinson)
- vcpupin: Fix cpu affinity setting bug of qemu driver (Taku Izumi)
- daemon: plug memory leak (Eric Blake)
- qemu: add missing break statement (Eric Blake)
- storage: avoid mishandling backing store > 2GB (Eric Blake)
Improvements:
- tests: Add a general util test (Matthias Bolte)
- util: choose whether to require micro in version strings (Eric Blake)
- build: consistently use CFLAGS (Eric Blake)
- build: simplify sanlock distribution (Eric Blake)
- build: allow 'make syntax-check' on fresh checkout (Eric Blake)
- Send back an error if we get unexpected stream control message (Daniel P. Berrange)
- Add test case for parsing JSON docs (Daniel P. Berrange)
- Remove bogus warning message in JSON code (Daniel P. Berrange)
- Ensure RPC message is cleared before being reused (Daniel P. Berrange)
- Fix hardcoded limit on client requests in RPC code (Daniel P. Berrange)
- tests: Add valgrind.supp into EXTRA_DIST (Osier Yang)
- virsh: Fix a problem of buildPoolXML (Osier Yang)
- lock qemu_driver early in qemuGetSchedulerParametersFlags() (Wen Congyang)
- build: avoid pod2man on tarball (Eric Blake)
- Ensure that EOF is dispatched to the stream callback (Daniel P. Berrange)
- Improve two log messages in virNetMessage (Daniel P. Berrange)
- Lower logging level when failing to register socket watch (Daniel P. Berrange)
- screenshot: Set access rights to temporary file (Michal Privoznik)
- maint: improve makefile whitespace (Eric Blake)
- network: Don't ignore errors in dnsmasq config file creation (Matthias Bolte)
- network: Fix dnsmasq hostsfile creation logic and related tests (Matthias Bolte)
- build: update translated files (Eric Blake)
- Support automatic creation of leases for disks in sanlock (Daniel P. Berrange)
- Support loading a configuration file for sanlock plugin (Daniel P. Berrange)
- Allow per-driver config file for lock manager plugins (Daniel P. Berrange)
- network: add domain to unqualified names defined with <host> (Laine Stump)
- Convert libvirtd over to the new RPC handling APIs (Daniel P. Berrange)
- Convert the remote driver to new RPC client APIs (Daniel P. Berrange)
- Add XDR_CFLAGS to libvirt-net-rpc.la library (Daniel P. Berrange)
- Ensure sanlock socket is labelled with the VM process label (Daniel P. Berrange)
- Add a virSecurityManagerSetProcessFDLabel (Daniel P. Berrange)
- Rename virSecurityManagerSetFDLabel method (Daniel P. Berrange)
- Add node prefix to virNodeGet(CPU|Memory)Stats structs and defines (Matthias Bolte)
- qemu: Fix update device for CURRENT + FORCE flags (Jiri Denemark)
- nwfilter: Return error message about unresolvable variables (Stefan Berger)
- build: rename Vcpupin to VcpuPin (Eric Blake)
- sysinfo: cleanup function/struct names. (Minoru Usui)
- sysinfo: fix lack of error check in virSysinfoFormat(). (Minoru Usui)
- tests: Partly fix networkxml2argvtest being configure result dependent (Matthias Bolte)
- qemu: Remove bogus error codes for NUMA memory tuning (Osier Yang)
- network: fix indentation in networkBuildDnsmasqArgv (Laine Stump)
- vcpupin: add query option to virsh vcpupin command (Taku Izumi)
- vcpuinfo: add the code to fallback to try new API (Taku Izumi)
- vcpupin: implement the remote protocol to address the new API (Taku Izumi)
- vcpupin: implement the code to support new API for the qemu driver (Taku Izumi)
- build: update gnulib for intprops (Eric Blake)
- Rename iface(G|S)etMacaddr to iface(G|S)etMacAddress for consistency (Matthias Bolte)
- Network: Add support for DNS hosts definition to the network XML (Michal Novotny)
- Network: Add additional hosts internal infrastructure (Michal Novotny)
- Network: Add regression tests for the command-line arguments (Michal Novotny)
- Network: modify dnsmasq commandline build function to allow testing (Michal Novotny)
- tests: Improve IPv6 detection for virNetSocket tests (Matthias Bolte)
- Move load of AppArmor profile to GenLabel() (Jamie Strandboge)
- Add Memory Device Information to virSysinfoRead() from dmidecode type 17 (Minoru Usui)
- Add Processor Information to virSysinfoRead() from dmidecode type 4 (Minoru Usui)
- Cleanup virSysinfoRead() (Minoru Usui)
- Make sure virnetprotocol.[ch] are in BUILT_SOURCES (Daniel P. Berrange)
- maint: typo fixes (Eric Blake)
- Add missing translation of error message from QEMU reboot patch (Daniel P. Berrange)
- Allow automatic kill of guests when a connection is closed (Daniel P. Berrange)
- Automatically kill target QEMU if migration aborts abnormally (Daniel P. Berrange)
- Add infrastructure to automatically destroy guests when a connection closes (Daniel P. Berrange)
- Move the RPC generator scripts into src/rpc (Daniel P. Berrange)
- Introduce generic RPC client objects (Daniel P. Berrange)
- Introduce generic RPC module for advertising via MDNS (Daniel P. Berrange)
- Introduce generic RPC server objects (Daniel P. Berrange)
- Integrate TLS/SASL directly into the socket APIs (Daniel P. Berrange)
- Generic module for handling SASL authentication & encryption (Daniel P. Berrange)
- Generic module for handling TLS encryption and x509 certs (Daniel P. Berrange)
- Introduce a generic object for using network sockets (Daniel P. Berrange)
- Provide a simple object for encoding/decoding RPC messages (Daniel P. Berrange)
- Defines the basics of a generic RPC protocol in XDR (Daniel P. Berrange)
- build: update to latest gnulib (Eric Blake)
- python: Generate virStreamFree but don't expose in bindings (Cole Robinson)
- maint: avoid future setgid problems (Eric Blake)
- qemu: Only check for NUMA availability if required (Jiri Denemark)
- util: avoid PATH_MAX-sized array (Eric Blake)
- xen: avoid PATH_MAX-sized array (Eric Blake)
- tests: avoid PATH_MAX-sized array (Eric Blake)
- virStorageVol: avoid PATH_MAX-sized array (Eric Blake)
- cleanup: make several interface functions commonly available (Stefan Berger)
- cleanup: make nlComm commonly available (Stefan Berger)
- maint: remove syntax-check exception (Eric Blake)
- Remove macvtap dependency on domain configuration (Daniel P. Berrange)
- util: Correct the error prompt string (Osier Yang)
- Fix to python API extractor and API doc generation (Daniel Veillard)
- qemu: domain I/O asynchronous handling (Michal Privoznik)
- python: Mark event callback wrappers as private (Cole Robinson)
- python: events: Fix C->Python handle callback prototype (Cole Robinson)
- python: Add bindings for virEvent*Handle/Timeout (Cole Robinson)
- events: Correct virEventAddTimeout docs (Cole Robinson)
- Promote virEvent*Handle/Timeout to public API (Cole Robinson)
- python: Implement virStreamSend/RecvAll helpers (Cole Robinson)
- python: Implement virStreamSend/Recv (Cole Robinson)
- conf: Make full use of goto label (Osier Yang)
- python: Implement bindings for virStreamEventAddCallback (Cole Robinson)
- python: generator: Don't print warning if nothing to warn about (Cole Robinson)
- python: libvirt-override: use simpler debug (Cole Robinson)
- virsh: enhance snapshot-create-as (Eric Blake)
- virsh: add snapshot-create-as command (Eric Blake)
- virsh: clarify snapshot vs. save (Eric Blake)
- Fix compile warnings in virsh vcpupin (Daniel P. Berrange)
- remote generator: Allow to annotate arrays with typecasts (Matthias Bolte)
- remote: Handle functions that return optional strings (Matthias Bolte)
- remote: Generate virDomainGetBlockPullInfo (Matthias Bolte)
- vcpupin: add vcpupin resetting feature to qemu driver (Taku Izumi)
- vcpupin: add virDomainVcpupinDel function (Taku Izumi)
- vcpupin: add reset option to virsh vcpupin command (Taku Izumi)
- vcpupin: improve vcpupin definition of virsh vcpupin (Taku Izumi)
- Fix preprocessor indentation in nodeinfo.c (Matthias Bolte)
- Move XenAPI driver to correct spec file section (Matthias Bolte)
- numatune: Add tests for numatune XML (Osier Yang)
- numatune: Support NUMA memory tuning in qemu driver (Osier Yang)
- numatune: Support persistent XML for numatune (Osier Yang)
- numatune: Define XML schema (Osier Yang)
- Update qemuDomainSetBlkioParameters to use flags (Hu Tao)
- update qemuDomainGetBlkioParameters to use flags (Hu Tao)
- Add new parameters for blkiotune (Hu Tao)
- apparmor: implement AppArmorSetFDLabel() (Jamie Strandboge)
- Add missing error reporting when loading mac filter config for QEMU (Daniel P. Berrange)
- virsh: Add support for virDomainGetControlInfo (Jiri Denemark)
- qemu: Implement virDomainGetControlInfo (Jiri Denemark)
- Wire protocol and remote driver for virDomainGetControlInfo (Jiri Denemark)
- sendkey: use consistent API convention (Eric Blake)
- build: export correct function names (Eric Blake)
- build: avoid compiler warning on non-Linux (Eric Blake)
- remote generator: Handle struct returning functions better (part 2) (Matthias Bolte)
- Fix apibuild.py warnings about missing comment headers (Matthias Bolte)
- remote generator: Handle struct returning functions better (Matthias Bolte)
- support for Xen HVM Viridian (Hyper-V) enlightenment interface (Daniel Gollub)
- virsh: reduce complexity in argv iteration (Eric Blake)
- Add support for network filter code in LXC driver (Daniel P. Berrange)
- qemu: Translate boot config into bootindex if possible (Jiri Denemark)
- spice: add <clipboard copypaste='yes|no'> option (Marc-André Lureau)
- virNodeGetMemoryStats: Implement linux support (Minoru Usui)
- virNodeGetMemoryStats: Implement virsh support (Minoru Usui)
- virNodeGetMemoryStats: Implement remote protocol (Minoru Usui)
- virNodeGetMemoryStats: Implement public API (Minoru Usui)
- virNodeGetMemoryStats: Define internal driver API (Minoru Usui)
- virNodeGetCPUStats: Implement linux support (Minoru Usui)
- virNodeGetCPUStats: Implement virsh support (Minoru Usui)
- virNodeGetCPUStats: Implement remote protocol (Minoru Usui)
- virNodeGetCPUStats: Define internal driver API (Minoru Usui)
- virNodeGetCPUStats: Expose new API (Minoru Usui)
- Fix autostart flag when loading running domains (Michael Chapman)
- send-key: Implementing the remote protocol (Lai Jiangshan)
- send-key: Implementing the public API (Lai Jiangshan)
- send-key: Defining the internal API (Lai Jiangshan)
- remote generator: Handle (unsigned) int arrays (Lai Jiangshan)
- add VSH_OFLAG_REQ_OPT options (Lai Jiangshan)
- allow name for VSH_OT_ARGV options (Lai Jiangshan)
- storage: avoid an intermediate malloc (Eric Blake)
- command: reduce duplicated debug messages (Eric Blake)
- qemu: Scrape stdout for virtio console pty (Cole Robinson)
- virsh: Add daemon version reporting (Michal Privoznik)
- nodeinfo: remove superflous braces (Guido Günther)
- util: Cleanup indention problem in virterror.c (Osier Yang)
- qemu: Parse current balloon value returned by query_balloon (Osier Yang)
- Deprecate several CURRENT/LIVE/CONFIG enums (Hu Tao)
- qemu: Faster response time to qemu startup errors (Stefan Berger)
- build: update to latest gnulib (Eric Blake)
- vcpupin: add the new option to "virsh vcpupin" command (Taku Izumi)
- vcpupin: implement the remote protocol to address the new API (Taku Izumi)
- vcpupin: implement the code to address the new API in the qemu driver (Taku Izumi)
- Use virTimeMs when appropriate (Jiri Denemark)
- Introduce virTimeMs for getting current time in ms (Jiri Denemark)
- test: Remove unused timeval (Jiri Denemark)
- tests: add a test for multi function PCI device (Wen Congyang)
- the hotplugged PCI device should use the whole slot (Wen Congyang)
- assign the whole slot to the PCI device that has no address (Wen Congyang)
- Reimplement qemuDomainPCIAddressReserveSlot(): reserve all functions in the slot (Wen Congyang)
- the key of hash table should include the function value (Wen Congyang)
- prevent hot unplugging multi function PCI device (Wen Congyang)
- check whether qemu supports multi function PCI device (Wen Congyang)
- xenapi: Improve error message on session failure (Matthew Booth)
- qemu: Fix one type in the error prompt string (Osier Yang)
- Move VMware Workstation/Player driver to correct spec file section (Matthias Bolte)
- esx: avoid dead code (Eric Blake)
- qemu: reorder checks for safety (Eric Blake)
- uuid: annotate non-null requirements (Eric Blake)
- debug: avoid null dereference on uuid lookup api (Eric Blake)
- python: avoid unlikely sign extension bug (Eric Blake)
- build: detect Coverity 5.3.0 (Eric Blake)
- build: Fix typos in configure.ac (Osier Yang)
- virsh: Expose virDomainMigrateSetMaxSpeed API to virsh (Osier Yang)
- lxc: Ensure container <init> actually exists (Cole Robinson)
- lxc: Verify root fs exists before mounting (Cole Robinson)
- lxc: controller: Improve container error reporting (Cole Robinson)
- lxc: Improve guest startup error reporting (Cole Robinson)
- lxc: Refactor controller command building (Cole Robinson)
- lxc: Don't report error in Wait/SendContinue (Cole Robinson)
- lxc: Drop container stdio as late as possible (Cole Robinson)
- util: Implement virRun as a wrapper around virCommand (Cole Robinson)
- qemu: Convert virExec usage to virCommand (Cole Robinson)
- Use VIR_USE_CPU instead of new wheel (Osier Yang)
- Avoid virGetVersion failure on specific driver support configurations (Matthias Bolte)
Cleanups
- cgroup: silence coverity warning (Eric Blake)
- rpc: silence coverity warning (Eric Blake)
- qemu: silence coverity warnings (Eric Blake)
- build: avoid 'make syntax-check' failure (Eric Blake)
- build: remove dead variables (Eric Blake)
- Remove bogus jsondata.h file reference which does not exist (Daniel P. Berrange)
- build: ignore generated file (Eric Blake)
- build: Don't expect translatable strings in a dead file (Jiri Denemark)
- Cleanup remote protocol definitions (Daniel P. Berrange)
- Remove obsolete libvirtd mdns code (Daniel P. Berrange)
- build: avoid long line tests (Eric Blake)
- maint: add omitted copyright header (Eric Blake)
- build: break some long lines (Eric Blake)
- build: silence coverity false positives (Eric Blake)
- secret: drop dead code (Eric Blake)
- build: silence coverity false positive (Eric Blake)
- Move virRun, virExec*, virFork to util/command (Cole Robinson)
- util: Remove unused virExec wrapper (Cole Robinson)
- esx: Remove duplicated invalid-argument checks (Matthias Bolte)
Thanks everybody for your help with this release, be it by submitting
documentations, ideas, patches, etc ... !
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel(a)veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
13 years, 5 months
[libvirt] [PATCH] initialize pointer to NULL
by Wen Congyang
>From 577ac7e8594cbcccb59653786e80c3916a3238cb Mon Sep 17 00:00:00 2001
From: Wen Congyang <wency(a)cn.fujitsu.com>
Date: Sat, 2 Jul 2011 06:41:18 +0800
Subject: [PATCH] initialize pointer to NULL
def and cmd is not initialized to NULL, but we try to freed it if we
meet some
error. It's very dangerous.
---
src/qemu/qemu_command.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 90a6653..6c78161 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -5818,7 +5818,7 @@ virDomainDefPtr qemuParseCommandLine(virCapsPtr caps,
const char **progenv,
const char **progargv)
{
- virDomainDefPtr def;
+ virDomainDefPtr def = NULL;
int i;
int nographics = 0;
int fullscreen = 0;
@@ -5827,7 +5827,7 @@ virDomainDefPtr qemuParseCommandLine(virCapsPtr caps,
const char **nics = NULL;
int video = VIR_DOMAIN_VIDEO_TYPE_CIRRUS;
int nvirtiodisk = 0;
- qemuDomainCmdlineDefPtr cmd;
+ qemuDomainCmdlineDefPtr cmd = NULL;
if (!progargv[0]) {
qemuReportError(VIR_ERR_INTERNAL_ERROR,
--
1.6.5.2
13 years, 5 months
[libvirt] [PATCH 0/8] more coverity cleanups
by Eric Blake
Many are minor (silencing warnings or only affect OOM), but at least
patch 5/8 is a real bug that needs to be fixed pre-release.
Eric Blake (8):
rpc: avoid memory leak on error
qemu: silence coverity warnings
rpc: silence coverity warning
cgroup: silence coverity warning
rpc: fix logic bug
qemu: avoid null deref on low memory
vmware: avoid null deref on failed lookup
storage: avoid crash on parse error
src/qemu/qemu_audit.c | 6 ++++--
src/qemu/qemu_command.c | 6 +++++-
src/qemu/qemu_domain.c | 4 ++--
src/qemu/qemu_migration.c | 3 ++-
src/rpc/virnetclient.c | 3 ++-
src/rpc/virnetserverclient.c | 1 +
src/rpc/virnetserverservice.c | 7 ++++++-
src/storage/storage_backend_iscsi.c | 14 ++++++++++----
src/util/cgroup.c | 2 +-
src/vmware/vmware_driver.c | 2 +-
10 files changed, 34 insertions(+), 14 deletions(-)
--
1.7.4.4
13 years, 5 months
[libvirt] [PATCH] monitor-proxy: Tool for testing qemu monitor interaction
by Jiri Denemark
It has two modes, normal and interactive. In normal mode, messages are
passed from libvirt to qemu and back as they come and copyied to stdout
so that one can monitor the communication. In interactive mode,
whenever a message comes from either libvirt or qemu, it is printed to
stdout and the user is asked what action to take. One can also inject
any message to either libvirt or qemu. Interactive mode can be entered
by sending any command to monitor-proxy (sending an empty command, i.e.,
hitting enter enters interactive mode without doing anything else). The
proxy can also be started directly in interactive mode by specifying
"-i" command line option. Command "cont" can be used to return back to
normal mode. For list of supported commands and their description, use
"help" or "h" command.
To start monitor-proxy one needs to follow the following steps:
- start a domain
- run monitor-proxy [-i] <monitor socket path>
for example: monitor-proxy /var/lib/libvirt/qemu/vm1.monitor
- restart libvirtd (this makes libvirtd disconnect from qemu and
reconnect to the proxy)
monitor-proxy supports libvirtd restarts, i.e., if libvirtd disconnects,
the proxy just waits until it reconnects again. Stopping the proxy
while libvirtd is running kills the domain since libvirtd sees monitor
EOF. To stop using monitor-proxy without killing the domain, one needs
to stop libvirtd, stop monitor-proxy, and start libvirtd.
The proxy works by renaming qemu monitor socket so that it can listen at
the original place for connections from libvirtd. Once libvirtd
connects to monitor-proxy, the proxy connects to qemu through the
renamed socket. The socket is renamed back to its original name when
proxy is killed or asked to exit.
The proxy also supports fd passing through SCM_RIGHTS so to be usable
for testing migrations.
---
Makefile.am | 3 +-
configure.ac | 3 +-
examples/monitor-proxy/Makefile.am | 3 +
examples/monitor-proxy/README | 36 ++
examples/monitor-proxy/monitor-proxy.c | 751 ++++++++++++++++++++++++++++++++
5 files changed, 794 insertions(+), 2 deletions(-)
create mode 100644 examples/monitor-proxy/Makefile.am
create mode 100644 examples/monitor-proxy/README
create mode 100644 examples/monitor-proxy/monitor-proxy.c
diff --git a/Makefile.am b/Makefile.am
index 49e42bf..1ac65e3 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -6,7 +6,8 @@ GENHTML = genhtml
SUBDIRS = gnulib/lib include src daemon tools docs gnulib/tests \
python tests po examples/domain-events/events-c examples/hellolibvirt \
examples/dominfo examples/domsuspend examples/python examples/apparmor \
- examples/xml/nwfilter examples/openauth examples/systemtap
+ examples/xml/nwfilter examples/openauth examples/systemtap \
+ examples/monitor-proxy
ACLOCAL_AMFLAGS = -I m4 -I gnulib/m4
diff --git a/configure.ac b/configure.ac
index cd22afb..9d2fe04 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2414,7 +2414,8 @@ AC_OUTPUT(Makefile src/Makefile include/Makefile docs/Makefile \
examples/python/Makefile \
examples/hellolibvirt/Makefile \
examples/systemtap/Makefile \
- examples/xml/nwfilter/Makefile)
+ examples/xml/nwfilter/Makefile \
+ examples/monitor-proxy/Makefile)
AC_MSG_NOTICE([])
AC_MSG_NOTICE([Configuration summary])
diff --git a/examples/monitor-proxy/Makefile.am b/examples/monitor-proxy/Makefile.am
new file mode 100644
index 0000000..4fbbed5
--- /dev/null
+++ b/examples/monitor-proxy/Makefile.am
@@ -0,0 +1,3 @@
+noinst_PROGRAMS = monitor-proxy
+monitor_proxy_CFLAGS = $(WARN_CFLAGS)
+monitor_proxy_SOURCES = monitor-proxy.c
diff --git a/examples/monitor-proxy/README b/examples/monitor-proxy/README
new file mode 100644
index 0000000..bf00460
--- /dev/null
+++ b/examples/monitor-proxy/README
@@ -0,0 +1,36 @@
+monitor-proxy is meant as a developer tool for testing libvirt-qemu
+communication.
+
+It has two modes, normal and interactive. In normal mode, messages are passed
+from libvirt to qemu and back as they come and copyied to stdout so that one
+can monitor the communication. In interactive mode, whenever a message comes
+from either libvirt or qemu, it is printed to stdout and the user is asked
+what action to take. One can also inject any message to either libvirt or
+qemu. Interactive mode can be entered by sending any command to monitor-proxy
+(sending an empty command, i.e., hitting enter enters interactive mode without
+doing anything else). The proxy can also be started directly in interactive
+mode by specifying "-i" command line option. Command "cont" can be used to
+return back to normal mode. For list of supported commands and their
+description, use "help" or "h" command.
+
+To start monitor-proxy one needs to follow the following steps:
+- start a domain
+- run monitor-proxy [-i] <monitor socket path>
+ for example: monitor-proxy /var/lib/libvirt/qemu/vm1.monitor
+- restart libvirtd (this makes libvirtd disconnect from qemu and reconnect to
+ the proxy)
+
+monitor-proxy supports libvirtd restarts, i.e., if libvirtd disconnects, the
+proxy just waits until it reconnects again. Stopping the proxy while libvirtd
+is running kills the domain since libvirtd sees monitor EOF. To stop using
+monitor-proxy without killing the domain, one needs to stop libvirtd, stop
+monitor-proxy, and start libvirtd.
+
+The proxy works by renaming qemu monitor socket so that it can listen at the
+original place for connections from libvirtd. Once libvirtd connects to
+monitor-proxy, the proxy connects to qemu through the renamed socket. The
+socket is renamed back to its original name when proxy is killed or asked to
+exit.
+
+The proxy also supports fd passing through SCM_RIGHTS so to be usable for
+testing migrations.
diff --git a/examples/monitor-proxy/monitor-proxy.c b/examples/monitor-proxy/monitor-proxy.c
new file mode 100644
index 0000000..403033d
--- /dev/null
+++ b/examples/monitor-proxy/monitor-proxy.c
@@ -0,0 +1,751 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include <stdbool.h>
+#include <stdarg.h>
+#include <string.h>
+#include <signal.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <sys/select.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+
+# ifndef ATTRIBUTE_FMT_PRINTF
+# if __GNUC_PREREQ (4, 4)
+# define ATTRIBUTE_FMT_PRINTF(fmtpos,argpos) __attribute__((__format__ (gnu_printf, fmtpos,argpos)))
+# else
+# define ATTRIBUTE_FMT_PRINTF(fmtpos,argpos) __attribute__((__format__ (printf, fmtpos,argpos)))
+# endif
+# endif
+
+# ifndef ATTRIBUTE_NORETURN
+# define ATTRIBUTE_NORETURN __attribute__((__noreturn__))
+# endif
+
+#ifndef UNIX_PATH_MAX
+# define UNIX_PATH_MAX 108
+#endif
+#define SOCK_SUFFIX ".proxy"
+#define SIZE (1 << 14)
+
+#define LABEL_LIBVIRT "libvirt> "
+#define LABEL_QEMU "qemu> "
+#define LABEL_PROMPT "command> "
+
+enum party {
+ PARTY_QEMU,
+ PARTY_LIBVIRT
+};
+
+enum command {
+ CMD_NONE,
+ CMD_NOOP,
+ CMD_UNKNOWN,
+ CMD_CONTINUE,
+ CMD_QUIT,
+ CMD_HELP,
+ CMD_PASS,
+ CMD_DISCARD,
+ CMD_SEND_QEMU,
+ CMD_SEND_LIBVIRT
+};
+
+struct proxy_command {
+ enum command command;
+ const char *name;
+ bool shortcut;
+ bool argument;
+ const char *description;
+};
+
+const char *monitor;
+char *monitor_qemu;
+
+char *buffer;
+char *control;
+char *commands;
+
+struct message {
+ enum party source;
+ int fd_qemu;
+ int fd_libvirt;
+ struct msghdr hdr;
+};
+
+
+#define ncommands (sizeof(proxy_commands) / sizeof(*proxy_commands))
+static const struct proxy_command proxy_commands[] = {
+ {
+ CMD_CONTINUE,
+ "cont", true, false,
+ "leave interactive mode"
+ }, {
+ CMD_QUIT,
+ "quit", false, false,
+ "quit monitor-proxy"
+ }, {
+ CMD_HELP,
+ "help", true, false,
+ "print this help"
+ }, {
+ CMD_PASS,
+ "pass", true, false,
+ "pass current data to its destination"
+ }, {
+ CMD_DISCARD,
+ "discard", true, false,
+ "discard current data"
+ }, {
+ CMD_SEND_QEMU,
+ "qemu", true, true,
+ "send DATA to qemu"
+ }, {
+ CMD_SEND_LIBVIRT,
+ "libvirt", true, true,
+ "send DATA to libvirt"
+ }
+};
+
+
+static void ATTRIBUTE_NORETURN
+usage(int ret)
+{
+ fprintf(stderr, "monitor-proxy [-i] <qemu monitor socket>\n");
+ exit(ret);
+}
+
+
+static void ATTRIBUTE_FMT_PRINTF(1, 2)
+print(const char *msg, ...)
+{
+ va_list args;
+
+ printf("* ");
+ va_start(args, msg);
+ vprintf(msg, args);
+ va_end(args);
+ printf("\n");
+ fflush(NULL);
+}
+
+
+#define HELP_LINE 80
+#define HELP_NAME 20
+static void
+help(void)
+{
+ unsigned int i;
+ char line[HELP_LINE];
+ char name[HELP_NAME];
+
+ print("Available proxy commands:");
+ for (i = 0; i < ncommands; i++) {
+ const struct proxy_command *cmd = proxy_commands + i;
+
+ if (cmd->shortcut)
+ snprintf(name, HELP_NAME, "%c(%s)", cmd->name[0], cmd->name + 1);
+ else
+ strncpy(name, cmd->name, HELP_NAME);
+ name[HELP_NAME - 1] = '\0';
+ if (cmd->argument) {
+ strncpy(name + strlen(name), " DATA", HELP_NAME - strlen(name));
+ name[HELP_NAME - 1] = '\0';
+ }
+
+ snprintf(line, HELP_LINE, " %-*s %s",
+ HELP_NAME, name, cmd->description);
+ line[HELP_LINE - 1] = '\0';
+ print("%s", line);
+ }
+ print("Signals:");
+ print(" SIGINT (^C) quit monitor-proxy");
+}
+
+
+static int
+move_socket(void)
+{
+ if (monitor_qemu) {
+ fprintf(stderr, "Socket already moved to %s\n", monitor_qemu);
+ return -1;
+ }
+
+ monitor_qemu = malloc(strlen(monitor) + strlen(SOCK_SUFFIX) + 1);
+ if (!monitor_qemu)
+ return -1;
+
+ sprintf(monitor_qemu, "%s%s", monitor, SOCK_SUFFIX);
+
+ if (rename(monitor, monitor_qemu) < 0) {
+ perror("Cannot move monitor socket");
+ free(monitor_qemu);
+ monitor_qemu = NULL;
+ return -1;
+ }
+
+ print("Monitor socket renamed as %s", monitor_qemu);
+
+ return 0;
+}
+
+
+static int
+restore_socket(void)
+{
+ if (!monitor_qemu)
+ return 0;
+
+ if (rename(monitor_qemu, monitor) < 0) {
+ perror("Cannot restore monitor socket");
+ return -1;
+ }
+
+ print("Monitor socket renamed back to %s", monitor);
+
+ free(monitor_qemu);
+ monitor_qemu = NULL;
+
+ return 0;
+}
+
+
+static void ATTRIBUTE_NORETURN
+signal_handler(int signum)
+{
+ restore_socket();
+
+ if (signum == SIGINT)
+ exit(0);
+ else
+ exit(1);
+}
+
+
+static int
+open_qemu(void)
+{
+ struct sockaddr_un addr;
+ int fd = -1;
+
+ if ((fd = socket(PF_UNIX, SOCK_STREAM, 0)) == -1) {
+ perror("Cannot create monitor socket");
+ goto error;
+ }
+
+ addr.sun_family = AF_UNIX;
+ strncpy(addr.sun_path, monitor_qemu, UNIX_PATH_MAX);
+ addr.sun_path[UNIX_PATH_MAX - 1] = '\0';
+
+ if (connect(fd, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
+ perror("Cannot connect to qemu monitor");
+ goto error;
+ }
+
+ print("Connected to qemu monitor");
+
+ return fd;
+
+error:
+ close(fd);
+ return -1;
+}
+
+
+static int
+listen_libvirt(void)
+{
+ struct sockaddr_un addr;
+ int fd = -1;
+
+ if ((fd = socket(PF_UNIX, SOCK_STREAM, 0)) == -1) {
+ perror("Cannot create listening socket");
+ goto error;
+ }
+
+ addr.sun_family = AF_UNIX;
+ strncpy(addr.sun_path, monitor, UNIX_PATH_MAX);
+ addr.sun_path[UNIX_PATH_MAX - 1] = '\0';
+
+ if (bind(fd, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
+ perror("Cannot bind listening socket");
+ goto error;
+ }
+
+ if (listen(fd, 1) < 0) {
+ perror("Cannot listen");
+ goto error;
+ }
+
+ return fd;
+
+error:
+ close(fd);
+ return -1;
+}
+
+
+static int
+accept_libvirt(int sock)
+{
+ int fd = -1;
+
+ print("Waiting for libvirt connection");
+
+ if ((fd = accept(sock, NULL, NULL)) == -1) {
+ perror("Cannot accept connection from libvirt");
+ goto error;
+ }
+
+ print("Libvirt connection accepted");
+
+ return fd;
+
+error:
+ close(fd);
+ return -1;
+}
+
+
+static int
+init_message(struct message *msg, int qemu, int libvirt)
+{
+ struct iovec *iov;
+
+ if (!(iov = malloc(sizeof(*iov))))
+ return -1;
+
+ memset(msg, 0, sizeof(*msg));
+ msg->fd_qemu = qemu;
+ msg->fd_libvirt = libvirt;
+ msg->hdr.msg_iov = iov;
+ msg->hdr.msg_iovlen = 1;
+
+ return 0;
+}
+
+
+static ssize_t
+receive_message(enum party source, struct message *msg)
+{
+ ssize_t count;
+ int fd = source == PARTY_QEMU ? msg->fd_qemu : msg->fd_libvirt;
+
+ msg->source = source;
+ msg->hdr.msg_iov[0].iov_base = buffer;
+ msg->hdr.msg_iov[0].iov_len = SIZE;
+ msg->hdr.msg_control = control;
+ msg->hdr.msg_controllen = SIZE;
+
+ if ((count = recvmsg(fd, &msg->hdr, 0)) >= 0) {
+ msg->hdr.msg_iov[0].iov_len = count;
+ if (msg->hdr.msg_controllen == 0)
+ msg->hdr.msg_control = NULL;
+ }
+
+ return count;
+}
+
+
+static void
+send_message(enum party target, struct message *msg)
+{
+ int fd = target == PARTY_QEMU ? msg->fd_qemu : msg->fd_libvirt;
+
+ if (sendmsg(fd, &msg->hdr, 0) < 0) {
+ if (target == PARTY_QEMU) {
+ perror("Cannot send message to qemu");
+ } else {
+ perror("Cannot send message to libvirt");
+ }
+ }
+
+ msg->hdr.msg_iov[0].iov_base = NULL;
+ msg->hdr.msg_iov[0].iov_len = 0;
+ msg->hdr.msg_control = NULL;
+ msg->hdr.msg_controllen = 0;
+}
+
+
+static int
+write_all(int fd, const char *buf, size_t count)
+{
+ size_t written = 0;
+ ssize_t w;
+
+ while (count > 0) {
+ w = write(fd, buf, count);
+
+ if (w == 0) {
+ break;
+ } else if (w < 0) {
+ if (errno == EINTR)
+ continue;
+ perror("Cannot write data");
+ return -1;
+ }
+
+ buf += w;
+ count -= w;
+ written += w;
+ }
+
+ return written;
+}
+
+
+static int
+output(const char *label, const struct message *msg)
+{
+ ssize_t start = 0;
+ char *buf = msg->hdr.msg_iov[0].iov_base;
+ ssize_t count = msg->hdr.msg_iov[0].iov_len;
+
+ while (start < count) {
+ ssize_t len = 0;
+ const char* p;
+
+ if (write_all(STDOUT_FILENO, label, strlen(label)) < 0)
+ return -1;
+
+ p = buf + start;
+ while (start + len < count && *p != '\n') {
+ len++;
+ p++;
+ }
+ if (start + len < count)
+ len++;
+
+ if (write_all(STDOUT_FILENO, buf + start, len) < 0)
+ return -1;
+
+ start += len;
+ }
+
+ return 0;
+}
+
+
+static ssize_t
+read_line(char *buf, size_t size, bool data)
+{
+ ssize_t count = 0;
+ struct timeval tv = { 0, 0 };
+ struct timeval *timeout;
+ fd_set fds;
+ int ret;
+
+ FD_ZERO(&fds);
+ FD_SET(STDIN_FILENO, &fds);
+
+ if (data)
+ timeout = NULL;
+ else
+ timeout = &tv;
+
+ ret = select(STDIN_FILENO + 1, &fds, NULL, NULL, timeout);
+ if (ret < 0)
+ return -1;
+ if (ret == 0)
+ return 0;
+
+ while (count < size - 1 && read(STDIN_FILENO, buf, 1) == 1) {
+ count++;
+ if (*buf == '\n') {
+ *buf = '\r';
+ *++buf = '\n';
+ count++;
+ break;
+ }
+ buf++;
+ }
+ return count;
+}
+
+
+static enum command
+get_command(char **cmd_buf, ssize_t *cmd_len, bool data)
+{
+ ssize_t len;
+ unsigned int i;
+
+ if (data)
+ write_all(STDOUT_FILENO, LABEL_PROMPT, strlen(LABEL_PROMPT));
+
+ len = read_line(commands, SIZE, data);
+ if (len < 0)
+ return CMD_QUIT;
+ if (len == 0)
+ return CMD_NONE;
+ if (len <= 2)
+ return CMD_NOOP;
+
+ commands[len] = '\0';
+
+ for (i = 0; i < ncommands; i++) {
+ const struct proxy_command *cmd = proxy_commands + i;
+ int skip;
+
+ if (strncmp(commands, cmd->name, strlen(cmd->name)) == 0)
+ skip = strlen(cmd->name);
+ else if (cmd->shortcut && *commands == *cmd->name)
+ skip = 1;
+ else
+ continue;
+
+ if (cmd->argument) {
+ if (commands[skip] == ' ') {
+ skip++;
+ *cmd_buf = commands + skip;
+ *cmd_len = len - skip;
+ return cmd->command;
+ }
+ } else {
+ if (strncmp(commands + skip, "\r\n", 2) == 0)
+ return cmd->command;
+ }
+ }
+
+ commands[len - 2] = '\0';
+ *cmd_buf = commands;
+ *cmd_len = len - 2;
+ return CMD_UNKNOWN;
+}
+
+
+static int
+process_commands(struct message *msg, bool *interactive)
+{
+ enum party source = msg->source;
+ ssize_t data_len = msg->hdr.msg_iov[0].iov_len;
+ ssize_t control_len = msg->hdr.msg_controllen;
+ bool data = data_len > 0 || control_len > 0;
+ enum command cmd;
+ char *cmd_buf = NULL;
+ ssize_t cmd_len = 0;
+
+ msg->hdr.msg_iov[0].iov_base = NULL;
+ msg->hdr.msg_iov[0].iov_len = 0;
+ msg->hdr.msg_control = NULL;
+ msg->hdr.msg_controllen = 0;
+
+ if (data) {
+ print("Processing data from %s",
+ source == PARTY_QEMU ? "qemu" : "libvirt");
+ print(" Enter proxy commands (type \"help\" to list them)");
+ print(" Finish processing with \"pass\" or \"discard\" command");
+ }
+
+ while (*interactive &&
+ (cmd = get_command(&cmd_buf, &cmd_len, data)) != CMD_NONE) {
+ switch (cmd) {
+ case CMD_NONE:
+ case CMD_NOOP:
+ break;
+
+ case CMD_QUIT:
+ return -1;
+
+ case CMD_HELP:
+ help();
+ break;
+
+ case CMD_UNKNOWN:
+ print("Unknown command: \"%s\"", cmd_buf);
+ break;
+
+ case CMD_CONTINUE:
+ *interactive = false;
+ print("Leaving interactive mode");
+ case CMD_PASS:
+ if (data_len > 0) {
+ msg->hdr.msg_iov[0].iov_len = data_len;
+ msg->hdr.msg_iov[0].iov_base = buffer;
+ }
+ if (control_len > 0) {
+ msg->hdr.msg_controllen = control_len;
+ msg->hdr.msg_control = control;
+ }
+ if (data) {
+ print("Passing data from %s to %s",
+ source == PARTY_QEMU ? "qemu" : "libvirt",
+ source == PARTY_QEMU ? "libvirt" : "qemu");
+ send_message(source == PARTY_QEMU ? PARTY_LIBVIRT : PARTY_QEMU,
+ msg);
+ data = false;
+ } else {
+ if (cmd == CMD_PASS)
+ print("No data to pass");
+ }
+ break;
+
+ case CMD_DISCARD:
+ if (data) {
+ print("Discarding data from %s",
+ source == PARTY_QEMU ? "qemu" : "libvirt");
+ } else {
+ print("No data to discard");
+ }
+ data_len = control_len = 0;
+ data = false;
+ break;
+
+ case CMD_SEND_QEMU:
+ case CMD_SEND_LIBVIRT:
+ msg->hdr.msg_iov[0].iov_len = cmd_len;
+ msg->hdr.msg_iov[0].iov_base = cmd_buf;
+ send_message(cmd == CMD_SEND_QEMU ? PARTY_QEMU : PARTY_LIBVIRT,
+ msg);
+ break;
+ }
+ }
+
+ return 0;
+}
+
+
+static int
+process_data(struct message *msg, bool *interactive)
+{
+ output(msg->source == PARTY_QEMU ? LABEL_QEMU : LABEL_LIBVIRT, msg);
+
+ if (!*interactive) {
+ send_message(msg->source == PARTY_QEMU ? PARTY_LIBVIRT : PARTY_QEMU,
+ msg);
+ } else {
+ return process_commands(msg, interactive);
+ }
+
+ return 0;
+}
+
+
+static int
+proxy(bool *interactive, int libvirt, int qemu)
+{
+ fd_set fds;
+ int maxfd;
+ struct message msg;
+ int ret = -1;
+ ssize_t count;
+
+ print("New monitor session");
+ if (*interactive)
+ print("Entering interactive mode");
+
+ if (init_message(&msg, qemu, libvirt) < 0) {
+ perror("Cannot initialize msghdr");
+ goto cleanup;
+ }
+
+ maxfd = libvirt > qemu ? libvirt : qemu;
+ while (1) {
+ FD_ZERO(&fds);
+ FD_SET(STDIN_FILENO, &fds);
+ FD_SET(libvirt, &fds);
+ FD_SET(qemu, &fds);
+
+ if (select(maxfd + 1, &fds, NULL, NULL, NULL) == -1) {
+ perror("select() failed");
+ goto cleanup;
+ }
+
+ if (FD_ISSET(qemu, &fds)) {
+ if ((count = receive_message(PARTY_QEMU, &msg)) <= 0) {
+ if (count < 0)
+ perror("Cannot receive message from qemu");
+ else
+ print("Qemu closed connection");
+ goto cleanup;
+ }
+ if (process_data(&msg, interactive) < 0)
+ goto cleanup;
+ }
+
+ if (FD_ISSET(libvirt, &fds)) {
+ if ((count = receive_message(PARTY_LIBVIRT, &msg) <= 0)) {
+ if (count < 0) {
+ perror("Cannot receive message from libvirt");
+ } else {
+ print("Libvirt closed connection");
+ ret = 0;
+ }
+ goto cleanup;
+ }
+ if (process_data(&msg, interactive) < 0)
+ goto cleanup;
+ }
+
+ if (!*interactive && FD_ISSET(STDIN_FILENO, &fds)) {
+ print("Entering interactive mode");
+ *interactive = true;
+ }
+
+ if (*interactive && process_commands(&msg, interactive) < 0)
+ goto cleanup;
+ }
+
+cleanup:
+ print("Session closed");
+
+ close(libvirt);
+ close(qemu);
+ return ret;
+}
+
+
+int
+main(int argc, char **argv)
+{
+ int sock = -1;
+ int libvirt = -1;
+ bool interactive = false;
+
+ if (argc < 2)
+ usage(2);
+
+ if (strcmp(argv[1], "-i") == 0) {
+ interactive = true;
+ if (argc < 3)
+ usage(2);
+ monitor = argv[2];
+ } else {
+ monitor = argv[1];
+ }
+
+ signal(SIGHUP, signal_handler);
+ signal(SIGINT, signal_handler);
+ signal(SIGQUIT, signal_handler);
+ signal(SIGABRT, signal_handler);
+ signal(SIGKILL, signal_handler);
+ signal(SIGPIPE, SIG_IGN);
+ signal(SIGTERM, signal_handler);
+
+ if (move_socket() < 0)
+ goto error;
+
+ buffer = malloc(SIZE);
+ control = malloc(SIZE);
+ commands = malloc(SIZE);
+ if (!buffer || !control || !commands)
+ goto error;
+
+ if ((sock = listen_libvirt()) == -1)
+ goto error;
+
+ while ((libvirt = accept_libvirt(sock)) != -1) {
+ int qemu;
+
+ if ((qemu = open_qemu()) != -1) {
+ if (proxy(&interactive, libvirt, qemu) < 0)
+ break;
+ } else {
+ close(libvirt);
+ }
+ }
+
+error:
+ restore_socket();
+ close(sock);
+ return 1;
+}
--
1.7.6
13 years, 5 months
[libvirt] Network device abstraction aka virtual switch - V3
by Laine Stump
This is a followup to
https://www.redhat.com/archives/libvir-list/2011-April/msg00591.html
(and an even earlier draft) which I alluded to here:
https://www.redhat.com/archives/libvir-list/2011-June/msg00383.html
Network device abstraction aka virtual switch - V3
==================================================
The <interface> element of a guest's domain config in libvirt has a
<source> element that describes what resources on a host will be used
to connect the guest's network interface to the rest of the
world. This is very flexible, allowing several different types of
connection (virtual network, host bridge, direct macvtap connection to
physical interface, qemu usermode, user-defined via an external
script), but currently has the problem that unnecessary details of the
host resources are embedded into the guest's config; if the guest is
migrated to a different host, and that host has a different hardware
or network config (or possibly the same hardware, but that hardware is
currently in use by a different guest), the migration will fail.
I am proposing a change to libvirt's network XML that will allow us to
(optionally - old configs will remain valid) remove the host details
from the guest's domain XML (which can move around from host to host)
and place them in the network XML (which remains with a single host);
the domain XML will then use existing config elements to associate
each guest interface with a "network".
The motivating use case for this change is the "direct" connection
type (which uses macvtap for vepa and vnlink connections directly
between a guest and a physical interface, rather than through a
bridge), but it is applicable for all types of connection. (Another
hopeful side effect of this change will be to make libvirt's network
connection model easier to realize on non-Linux hypervisors (eg,
VMWare ESX) and for other network technologies, such as openvswitch,
VDE, and various VPN implementations).
Background
==========
(parts lifted from Dan Berrange's last mail on this subject)
Currently <network> supports 3 connectivity modes
- Non-routed network, separate subnet (no <forward> element
present)
- Routed network, separate subnet with NAT (<forward mode='nat'/>)
- Routed network, separate subnet (<forward mode='route'/>)
Each of these is implemented in the existing network driver by
creating a bridge device using brctl, and connecting the guest network
interfaces via tap devices (a detail which, now that I've stated it,
you should promptly forget!). All traffic between that bridge and the
outside network is done via the host's IP routing stack (ie, there is
no physical device directly connected to the bridge)
In the future, these two additional routed modes might be useful:
- Routed network, IP subnetting
- Routed network, separate subnet with VPN
The core goal of this proposal, though, is to replace type=bridge and
type=direct from the domain interface XML with new types of <network>
definitions so that the domain can just give "type='network'" and have
all the necessary details filled in at runtime. This basically means
we're adding several bridging modes (the submodes of "direct" have
been flattened out here):
- Bridged network, eth + bridge + tap
- Bridged network, eth + macvtap + vepa
- Bridged network, eth + macvtap + private
- Bridged network, eth + macvtap + passthrough
- Bridged network, eth + macvtap + bridge
Another "future expansion" could be to add:
- Bridged network, with VPN
Likewise, support for other technologies, such as openvswitch and VDE
would each be another entry on this list.
(Dan also listed each of the above "+sriov" separately, but that ends
up being handled in an orthogonal manner (by just specifying a pool of
interfaces for a single network), so I'm only giving the abbreviated
list)
I. Changes to domain <interface> element
========================================
In many cases, the <interface> element of the domain XML will be
identical to what is used now when connecting the interface to a
libvirt-style virtual network:
<interface type='network'>
<source network='red-network'/>
<mac address='xx:xx:xx:xx:xx:xx'/>
</interface>
Depending on the definition of the network "red-network" on the host
the guest was started on / migrated to, this could be either a direct
(macvtap) connection using one of the various direct modes
(vepa/private/bridge/passthrough), a bridge (again, pointed to by the
definition of 'red-network'), or a virtual network (using the current
network definition syntax). This way the same guest could be migrated
not only between macvtap-enabled hosts, but from there to a host using
a bridge, or maybe a host in a remote location that used a virtual
network with a secure tunnel to connect back to the rest of the
red-network.
(Part of the migration process would of course check that the
destination host had a network of the proper name with adequate
available resources, and fail if it didn't; management software at a
level above libvirt would probably filter a list of candidate
migration destinations based on available networks and any various
details of those networks (eg. it could search for only networks using
vepa for the connection), and only attempt migration to one that had
the matching network available).
<virtualport> element of <interface>
------------------------------------
Since many of the attributes/sub-elements of <virtualport> (used by
some modes of "direct" interface connections) are identical for all
interfaces connecting to any given switch, most of the information in
<virtualport> will be optional in the domain's interface definition -
it can be filled in from a similar <virtualport> element that will be
added to the <network> definition.
Some parameters in <virtualport> ("instanceid", for example) must be
unique for every interface, though, so those will still be specified
in the <interface> XML. The two <virtualport> elements will be OR'ed
at runtime to arrive at the actual set of parameters that are
used.
(Open Question: What should be the policy when a parameter is
specified in both places? Should one take precedence? Or should it be
considered an error?)
portgroup attribute of <source>
-------------------------------
The <source> element of an interface definition will be able to
optionally specify a "portgroup" attribute. If portgroup is *NOT*
given, the default (first) portgroup of the network will be used (if
any are defined). If portgroup *IS* specified, the source network must
have a portgroup by that name (or the domain startup/migration will
fail), and the attributes of that portgroup will be used for the
connection. Here is an example <interface> definition that has both a
reduced <virtualport> element, as well as a portgroup attribute:
<interface type='network'>
<source network='red-network' portgroup='engineering'/>
<virtualport type="802.1Qbg">
<parameters instanceid="09b11c53-8b5c-4eeb-8f00-d84eaa0aaa4f"/>
</virtualport>
<mac address='de:ad:be:ef:ca:fe'/>
</interface>
(The specifics of what can be in a portgroup are given below)
II. Changes to <network> definition
===================================
As Dan has pointed out, any additions to <network> must be designed so
that existing management applications (written to understand <network>
prior to these new additions) will at least recognize that the XML
they've been given is for something new that they don't fully
understand. At the same time, the new types of network definition
should attempt to re-use as much of the existing elements/attributes
as possible, both to make it easier to extend these applications, as
well as to make the status displays of un-updated applications make as
much sense as possible.
Dan's suggestion (which I obviously endorse :-) is that the new types
of network should be specified by extending the choices for <forward
mode='....'>.
He also suggested adding a new "layer='network|link'" attribute to
<forward>. I'm not convinced that item is necessary (it seems
redundant), but am including it here for sake of discussion.
The current modes are:
<forward layer='network' mode='route|nat'/>
(in addition to not listing any mode, which equates to "isolated")
Here are suggested new modes:
<forward layer='link'
mode='bridge-brctl|vepa|private|passthrough|bridge-macvtap'/>
A description of each:
bridge-brctl - equivalent to "<interface type='bridge'>" in the
interface definition. The bridge device to use would be
given in the existing <forward dev='xxx'>. (Dan also
suggests putting this in <network>'s <bridge
name='xxx'/> - opinions?)
(Question: better name for this?)
vepa - same as "<interface type='direct'>..." with <source
mode='vepa'/>
private - <interface type='direct'> ... <source mode='private'/>
passthrough - <interface type='direct'> ... <source mode='passthrough'/>
bridge-macvtap - <interface type='direct'> ... <source mode='bridge'/>
(Question: better name for this?)
Interface Pools
---------------
In many cases, a single host network may have multiple physical
network devices associated with it (especially in the case of an
SRIOV-capable ethernet card, which will have several "virtual
functions" associated with a single physical ethernet connection). The
host will at least want to balance the load of multiple guests between
these multiple devices, and may even require (in the case of
passthrough mode, for example) that only a single guest interface be
attached to each host device.
The current specification for <forward> only allows for a single "dev"
attribute, though. In order to support multiple device names, we will
extend <forward> to allow 0 or more <interface> sub-elements:
<forward mode='vepa' dev='eth10'/>
<interface dev='eth10'/>
<interface dev='eth11'/>
<interface dev='eth12'/>
<interface dev='eth13'/>
</forward>
Note that, as a convenience, the first of these elements will always
be a duplicate of the "dev" attribute in <forward> itself. (Is this
necessary/desirable?)
In the case of mode='passthrough', only one guest interface can be
connected to a device at a time. libvirt will keep track of which
devices are in use, and attempt to assign a free device; failure to
assign a device will result in a failure of the domain to
start/migrate. For the other direct modes, libvirt will simply keep
track of the number of guest interfaces currently using each device,
and attempt to keep them balanced.
(Open question: where will we keep track of this allocation/assignment?)
Portgroups
-----------
A <portgroup> (sub-element of <network>) is just a way of easily
putting connections to the network into different classes, with each
class having a different level/type of service. Each <network> can
have multiple <portgroup> elements, and each <portgroup> has a name,
as well as various attributes associated with it. The first thing we
will use portgroups for is as an alternate place to specify
<virtualport> parameters:
<portgroup name='engineering'>
<virtualport type="802.1Qbg">
<parameters managerid="11" typeid="1193047" typeidversion="2"/>
</virtualport>
</portgroup>
Anything that is valid in an interface's <virtualport> is also valid here.
The next thing to specify in a portgroup will be bandwidth limiting /
QoS configuration. Since I don't know exactly what's needed for that,
I won't specify it here.
If anything is specified both directly under <network> and in a
<portgroup>, the value in portgroup will take precedence. (Again -
what will the precedence of items specified in the <interface> be?)
EXAMPLES
--------
Examples of 'red-network' for different types of connections (all of
these would work with minor variations of the interface XML given
above, e.g. the 'vepa' version would require <virtualport> in the
interface that specified an instanceid, and if the <interface>
specified a portgroup, it would need to also be in the <network>
definition (even if it was empty aside from name).
<!-- Existing usage - a libvirt virtual network -->
<network>
<name>red-network</name>
<bridge name='virbr0'/>
<forward layer='network' mode='route'/>
...
</network>
<!-- The simplest - an existing host bridge -->
<network>
<name>red-network</name>
<forward mode='bridge-brctl' dev='br0'/>
</network>
<!-- A macvtap connection to a vepa bridge -->
<network>
<name>red-network</name>
<forward layer='link' mode='vepa' dev='eth10'/>
<virtualport type='802.1Qbg'>
<parameters managerid='11' typeid='1193047' typeidversion='2'/>
</virtualport>
<!-- NB: if <interface> doesn't specify portgroup, -->
<!-- 'accounting' is assumed -->
<portgroup name='accounting'>
<virtualport>
<parameters typeid='22'/>
</virtualport>
</portgroup>
<portgroup name='engineering'>
<virtualport>
<parameters typeid='33'/>
</virtualport>
</portgroup>
</network>
<!-- A macvtap passthrough connection (one guest interface per dev) -->
<network>
<name>red-network</name>
<forward layer='link' mode='passthrough' dev='eth10'/>
<interface dev='eth10'/>
<interface dev='eth11'/>
<interface dev='eth12'/>
<interface dev='eth13'/>
<interface dev='eth14'/>
<interface dev='eth15'/>
<interface dev='eth16'/>
<interface dev='eth17'/>
</forward>
</network>
=============
Open Questions:
* Is there a good reason to include the "layer='network|link'"
attribute in forward? (maybe just because it's useful info for a
management application that doesn't know the details of the modes?)
Or is it redundant?
* What should be the policy when a virtualport parameter is specified
in both the <interface> and the <network>/<portgroup>? Should one take
precedence? Or should it be considered an error?
* Is it okay for the domain's own definition to specify what portgroup
it will be in? Or are there cases where we want to allow someone to
modify their domain XML, but force them into a particular portgroup
beyond their control?
* Is it really necessary/desirable for the first ethernet device in a
pool to be duplicated in the <forward dev='xxx'...> attribute? Or
can that attribute be omitted when there is a pool of devices?
* Where will we keep track of the count of guest interfaces connected
to each host interface device, and where will we keep track of which
device is being used by a particular guest interface? In the
network/domain XML?
* Does anyone have better names for "brctl-bridge" and
"macvtap-bridge"?
13 years, 6 months
[libvirt] FreeBSD Port, update to 0.9.2 compile error
by Jason Helfman
Hi,
I am trying to update the port for libvirt to 0.9.2, but am receiving a new
compiling error, that I have not seen yet.
console.c:280: warning: declaration of 'devname' shadows a global declaration [-Wshadow]
/usr/include/stdlib.h:264: warning: shadowed declaration is here [-Wshadow]
CC virsh-virsh.o
CCLD virsh
GEN virt-xml-validate
GEN virt-pki-validate
gmake[3]: Leaving directory `/home/jhelfman/ports/devel/libvirt/work/libvirt-0.9.2/tools'
gmake[2]: Leaving directory `/home/jhelfman/ports/devel/libvirt/work/libvirt-0.9.2/tools'
Making all in docs
gmake[2]: Entering directory `/home/jhelfman/ports/devel/libvirt/work/libvirt-0.9.2/docs'
GEN libvirt-api.xml
./apibuild.py: not found
gmake[2]: *** [libvirt-api.xml] Error 127
gmake[2]: Leaving directory `/home/jhelfman/ports/devel/libvirt/work/libvirt-0.9.2/docs'
gmake[1]: *** [all-recursive] Error 1
gmake[1]: Leaving directory `/home/jhelfman/ports/devel/libvirt/work/libvirt-0.9.2'
gmake: *** [all] Error 2
*** Error code 1
Stop in /home/jhelfman/ports/devel/libvirt.
Any thoughts?
Thanks,
Jason
--
Jason Helfman
System Administrator
experts-exchange.com
http://www.experts-exchange.com/M_4830110.html
E4AD 7CF1 1396 27F6 79DD 4342 5E92 AD66 8C8C FBA5
13 years, 6 months