July 2011 - Devel - libvirt List Archives

[libvirt] [PATCH] qemu: Add support for SGA video
by Michal Privoznik 04 Jul '11

04 Jul '11

This patch extends possible values for <video> element. Serial Graphics Adapter allows users to see BIOS messages from the very first moment domain boots up. Therefore, users can choose boot medium, set PXE, etc. However, to be able to use this, one need SGABIOS, which is accessible here: http://code.google.com/p/sgabios/ --- docs/formatdomain.html.in | 5 +++-- docs/schemas/domain.rng | 1 + src/conf/domain_conf.c | 43 ++++++++++++++++++++++++------------------- src/conf/domain_conf.h | 1 + src/qemu/qemu_command.c | 28 ++++++++++++++++++++++------ 5 files changed, 51 insertions(+), 27 deletions(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 3a64983..2d89b37 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -2005,8 +2005,9 @@ qemu-kvm -net nic,model=? /dev/null <dd> The <code>model</code> element has a mandatory <code>type</code> attribute which takes the value "vga", "cirrus", "vmvga", "xen", - "vbox", or "qxl" (since 0.8.6) - depending on the hypervisor features available. + "vbox", "qxl" (since 0.8.6), or "sga" + (Since 0.9.4) depending on the hypervisor + features available. You can also provide the amount of video memory in kilobytes using <code>vram</code> and the number of screen with <code>heads</code>. </dd> diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng index 891662d..74bc111 100644 --- a/docs/schemas/domain.rng +++ b/docs/schemas/domain.rng @@ -1502,6 +1502,7 @@ <value>xen</value> <value>vbox</value> <value>qxl</value> + <value>sga</value> </choice> </attribute> <optional> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index f9bf51e..9848359 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -299,7 +299,8 @@ VIR_ENUM_IMPL(virDomainVideo, VIR_DOMAIN_VIDEO_TYPE_LAST, "vmvga", "xen", "vbox", - "qxl") + "qxl", + "sga") VIR_ENUM_IMPL(virDomainInput, VIR_DOMAIN_INPUT_TYPE_LAST, "mouse", @@ -4713,28 +4714,32 @@ virDomainVideoDefParseXML(const xmlNodePtr node, } } - if (vram) { - if (virStrToLong_ui(vram, NULL, 10, &def->vram) < 0) { - virDomainReportError(VIR_ERR_INTERNAL_ERROR, - _("cannot parse video ram '%s'"), vram); - goto error; + /* SGA video device does not support heads, vram + * or PCI address. It is not PCI device anyway */ + if (def->type != VIR_DOMAIN_VIDEO_TYPE_SGA) { + if (vram) { + if (virStrToLong_ui(vram, NULL, 10, &def->vram) < 0) { + virDomainReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot parse video ram '%s'"), vram); + goto error; + } + } else { + def->vram = virDomainVideoDefaultRAM(dom, def->type); } - } else { - def->vram = virDomainVideoDefaultRAM(dom, def->type); - } - if (heads) { - if (virStrToLong_ui(heads, NULL, 10, &def->heads) < 0) { - virDomainReportError(VIR_ERR_INTERNAL_ERROR, - _("cannot parse video heads '%s'"), heads); - goto error; + if (heads) { + if (virStrToLong_ui(heads, NULL, 10, &def->heads) < 0) { + virDomainReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot parse video heads '%s'"), heads); + goto error; + } + } else { + def->heads = 1; } - } else { - def->heads = 1; - } - if (virDomainDeviceInfoParseXML(node, &def->info, flags) < 0) - goto error; + if (virDomainDeviceInfoParseXML(node, &def->info, flags) < 0) + goto error; + } VIR_FREE(type); VIR_FREE(vram); diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index e81977c..7f60754 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -605,6 +605,7 @@ enum virDomainVideoType { VIR_DOMAIN_VIDEO_TYPE_XEN, VIR_DOMAIN_VIDEO_TYPE_VBOX, VIR_DOMAIN_VIDEO_TYPE_QXL, + VIR_DOMAIN_VIDEO_TYPE_SGA, VIR_DOMAIN_VIDEO_TYPE_LAST }; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 6e4480e..7685d7e 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -80,7 +80,8 @@ VIR_ENUM_IMPL(qemuVideo, VIR_DOMAIN_VIDEO_TYPE_LAST, "vmware", "", /* no arg needed for xen */ "", /* don't support vbox */ - "qxl"); + "qxl", + "sga"); static void uname_normalize (struct utsname *ut) @@ -1213,7 +1214,8 @@ qemuAssignDevicePCISlots(virDomainDefPtr def, qemuDomainPCIAddressSetPtr addrs) /* Further non-primary video cards */ for (i = 1; i < def->nvideos ; i++) { - if (def->videos[i]->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) + if (def->videos[i]->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE || + def->videos[i]->type == VIR_DOMAIN_VIDEO_TYPE_SGA) continue; if (qemuDomainPCIAddressSetNextAddr(addrs, &def->videos[i]->info) < 0) goto error; @@ -2083,8 +2085,9 @@ qemuBuildVideoDevStr(virDomainVideoDefPtr video, virBufferAsprintf(&buf, ",vram_size=%u", video->vram * 1024); } - if (qemuBuildDeviceAddressStr(&buf, &video->info, qemuCaps) < 0) - goto error; + if (video->type != VIR_DOMAIN_VIDEO_TYPE_SGA) + if (qemuBuildDeviceAddressStr(&buf, &video->info, qemuCaps) < 0) + goto error; if (virBufferError(&buf)) { virReportOOMError(); @@ -4254,6 +4257,11 @@ qemuBuildCommandLine(virConnectPtr conn, if (qemuCapsGet(qemuCaps, QEMU_CAPS_VGA)) { if (def->videos[0]->type == VIR_DOMAIN_VIDEO_TYPE_XEN) { /* nothing - vga has no effect on Xen pvfb */ + } else if (def->videos[0]->type == VIR_DOMAIN_VIDEO_TYPE_SGA) { + if (qemuCapsGet(qemuCaps, QEMU_CAPS_DEVICE)) + virCommandAddArgList(cmd, "-device", "sga", NULL); + else + virCommandAddArg(cmd, "-nographic"); } else { if ((def->videos[0]->type == VIR_DOMAIN_VIDEO_TYPE_QXL) && !qemuCapsGet(qemuCaps, QEMU_CAPS_VGA_QXL)) { @@ -4309,6 +4317,13 @@ qemuBuildCommandLine(virConnectPtr conn, /* No special args - this is the default */ break; + case VIR_DOMAIN_VIDEO_TYPE_SGA: + if (qemuCapsGet(qemuCaps, QEMU_CAPS_DEVICE)) + virCommandAddArgList(cmd, "-device", "sga", NULL); + else + virCommandAddArg(cmd, "-nographic"); + break; + default: qemuReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("video type %s is not supported with this QEMU"), @@ -4321,10 +4336,11 @@ qemuBuildCommandLine(virConnectPtr conn, if (qemuCapsGet(qemuCaps, QEMU_CAPS_DEVICE)) { for (i = 1 ; i < def->nvideos ; i++) { char *str; - if (def->videos[i]->type != VIR_DOMAIN_VIDEO_TYPE_QXL) { + if (def->videos[i]->type != VIR_DOMAIN_VIDEO_TYPE_QXL && + def->videos[i]->type != VIR_DOMAIN_VIDEO_TYPE_SGA) { qemuReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("video type %s is only valid as primary video card"), - virDomainVideoTypeToString(def->videos[0]->type)); + virDomainVideoTypeToString(def->videos[i]->type)); goto error; } -- 1.7.5.rc3

2 1

[libvirt] VMWare "independent disk" processing needed
by computernews＠rambler.ru 04 Jul '11

04 Jul '11

Hello, On VMware ESX server it is possible for the virtual machine to add the "independent disk" - the kind of virtual disk that (among other features) is not being covered by the snapshot logic. As I am working on some kind of backup solution I need to be able to backup the precise state of the guest virtual machine running on say VMware ESX server. I am able to perform a backup of a guest machine description with libvirts's amazing API which covers most of my needs except the aforementioned "independent disk" virtual disk type. The problem shows up at the restore type when I need to create the new virtual machine having an .xml file created by "virsh dumpxml" command. In fact I use API but "virsh does the same". This .xml file covers most of guest machine's aspects but it doesn't reflect the "independent" nature of such disks. So the virtual machine is going to be restored incorrectly when includes "independent disks". From the source codes of "libvirt" ("/libvirt/src/vmx/vmx.*") I see that this is ment to be covered but yet is not implemented. Appropriate nodes must be stored in .xml file during the backup and returned back to .vmx file during the restore. So here are my questions: Is someone on it at the moment ? If yes - can I help somehow ? If no - whom shell I approach in order to be mentored/directed if I decide to participate, implement this and contribute the patch back to the source code ? Thanks for an answer in advance. Best regards Oleh Paliy

1 0

[libvirt] PPPoE-Server problem
by B Veera-B37207 04 Jul '11

04 Jul '11

HI, I am using Libvirt with LXC as hypervisor. When I am starting pppoe-server , unable to create ppp0 interface in Virtual machine, it is unable to serve ips to clients. Let me know is there any plug-in for this (Or) What is the solution. Regards, Veera.

1 0

[libvirt] [PATCH 1/4] libvirtd: avoid memory leak on OOM
by Eric Blake 04 Jul '11

04 Jul '11

Detected by Coverity; only strikes on OOM so not serious. * daemon/libvirtd.c (daemonPidFilePath): Plug leak. --- daemon/libvirtd.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diff --git a/daemon/libvirtd.c b/daemon/libvirtd.c index 60ee705..06d2077 100644 --- a/daemon/libvirtd.c +++ b/daemon/libvirtd.c @@ -310,8 +310,10 @@ daemonPidFilePath(bool privileged, if (!(userdir = virGetUserDirectory(geteuid()))) goto error; - if (virAsprintf(pidfile, "%s/.libvirt/libvirtd.pid", userdir) < 0) + if (virAsprintf(pidfile, "%s/.libvirt/libvirtd.pid", userdir) < 0) { + VIR_FREE(userdir); goto no_memory; + } VIR_FREE(userdir); } -- 1.7.4.4

4 11

[libvirt] [PATCH] storage: Do not override the exact error of createRawFile
by Osier Yang 04 Jul '11

04 Jul '11

virStorageBackendCreateRaw: createRawFile already reported the exact error. Before the fix: error: Failed to create vol vol-create.img error: cannot create path '/var/lib/libvirt/images/vol-create.img': Unknown error 18446744073709551597 After the fix: error: Failed to create vol vol-create.img error: cannot fill file '/var/lib/libvirt/images/vol-create.img': No space left on device --- src/storage/storage_backend.c | 13 ++++++++----- 1 files changed, 8 insertions(+), 5 deletions(-) diff --git a/src/storage/storage_backend.c b/src/storage/storage_backend.c index a6e66e1..cee2010 100644 --- a/src/storage/storage_backend.c +++ b/src/storage/storage_backend.c @@ -299,6 +299,7 @@ createRawFile(int fd, virStorageVolDefPtr vol, { int ret = 0; unsigned long long remain; + off_t cur_pos = 0; /* Seek to the final size, so the capacity is available upfront * for progress reporting */ @@ -310,7 +311,12 @@ createRawFile(int fd, virStorageVolDefPtr vol, goto cleanup; } + cur_pos = lseek(fd, 0, SEEK_CUR); + + VIR_WARN("cur_pos = %jd", cur_pos); + remain = vol->allocation; + VIR_WARN("remain = %llu", remain); if (inputvol) { ret = virStorageBackendCopyToFD(vol, inputvol, fd, &remain, 1); @@ -399,12 +405,9 @@ virStorageBackendCreateRaw(virConnectPtr conn ATTRIBUTE_UNUSED, goto cleanup; } - if ((ret = createRawFile(fd, vol, inputvol)) < 0) { - virReportSystemError(-fd, - _("cannot create path '%s'"), - vol->target.path); + if ((ret = createRawFile(fd, vol, inputvol)) < 0) + /* createRawFile already reported the exact error. */ ret = -1; - } cleanup: VIR_FORCE_CLOSE(fd); -- 1.7.4

2 4

[libvirt] Release of libvirt-0.9.3
by Daniel Veillard 04 Jul '11

04 Jul '11

As scheduled, I made the new release of libvirt-0.9.3 today, it is available at ftp://libvirt.org/libvirt/ , the rpms are still being pushed as I write. This is a fairly large release again, with over 330 commits incorporated, including a number of new APIs, large refactoring of the client server code, LXC containers improvements and many improvements and various bug fixes. Features: - vcpupin: introduce the new libvirt API (virDomainGetVcpupinInfo) (Taku Izumi) - Add TXT record support for virtual DNS service (Michal Novotny) - Support reboots with the QEMU driver (Daniel P. Berrange) - Introduce virDomainGetControlInfo API (Jiri Denemark) - virNodeGetMemoryStats: Expose new API (Minoru Usui) - virNodeGetCPUTime: Implement public API (Minoru Usui) - send-key: Defining the public API (Lai Jiangshan) - vcpupin: introduce a new libvirt API (virDomainPinVcpuFlags) (Taku Izumi) - support multifunction PCI device (Wen Congyang) - lxc: various improvements Documentation: - Add documentation for configuration lock managers (Daniel P. Berrange) - fix indentation of sub-elements of <ip> in network XML (Laine Stump) - document correct flag name (Eric Blake) - documenting the 802.1Qbh parameters of a 'direct' interface (David S. Wang) - Make virConnectClose comply to apibuild.py expectations (Matthias Bolte) - fix docs to match behavior of virConnectClose (Eric Blake) - numatune: Add doc for new numatune XML (Osier Yang) - Fix documentation of virStreamRecv (Matthias Bolte) - updated list of applications using libvirt. (Ohad Levy) - improve VIR_DOMAIN_AFFECT_CURRENT description (Eric Blake) - Add doc for video element (Osier Yang) - Make hvsupport.pl pick up the host device drivers (Matthias Bolte) Portability: - Explicitely invoke python for API doc generator (Daniel Veillard) - fix virParseVersionString with linux 3.0 (Scott Moser) - Add conditionals to allow build without SASL (Daniel P. Berrange) - Add missing include of signal.h in virnetsocket.c (Daniel P. Berrange) - Fix compilation with systemtap 1.3 (Matthias Bolte) - build: fix mingw build (Eric Blake) - daemon: Fix build without polkit (Jiri Denemark) - build: fix 'make check' when pdwtags is available (Eric Blake) - build: sanlock-devel is not in F15 yet (Eric Blake) - Only include parthelper if built with storage_disk (Ruben Kerkhof) - build: fix VPATH builds (Eric Blake) - python: Don't declare Py_ssize_t for Python 2.6 (Matthias Bolte) - build: avoid python 2.4 build failure (Eric Blake) - build: fix NUMA build on RHEL 5 (Eric Blake) - build: avoid python 2.4 build failure (Eric Blake) - build: avoid compiler failure (Eric Blake) - build: fix compilation on systems missing libnl and new includes (Stefan Berger) - configure: Make libnl optional unless macvtap is required (Matthias Bolte) - build: require newer netcf when it is available (Eric Blake) - build: fix building error when building without libvirtd (Wen Congyang) - Skip nodeinfo test on non intel architectures (Guido Günther) - Fix dlopen dependency (Matthias Bolte) - virt-aa-helper: add missing include (Eric Blake) Bug Fixes: - initialize pointer to NULL (Wen Congyang) - storage: avoid crash on parse error (Eric Blake) - vmware: avoid null deref on failed lookup (Eric Blake) - qemu: avoid null deref on low memory (Eric Blake) - rpc: avoid memory leak on error (Eric Blake) - rpc: fix logic bug (Eric Blake) - pci: avoid memory leak on error (Eric Blake) - interface: avoid memory leak on parse error (Eric Blake) - libvirtd: avoid memory leak on OOM (Eric Blake) - build: avoid double-close bug with pipe2 (Eric Blake) - rpc: avoid freeing uninitialized variable (Eric Blake) - virsh: avoid uninitialized variable (Eric Blake) - virsh: avoid integer overflow (Eric Blake) - Fix stream procedure number for virDomainMigratePrepareTunnel3 (Daniel P. Berrange) - Fix release of virNetMessagePtr instances in streams processing (Daniel P. Berrange) - Fix potential crash when saving guests (Daniel P. Berrange) - Fix uninitialized value in QEMU monitor FD sending code (Daniel P. Berrange) - Fix leak of JSON object for events (Daniel P. Berrange) - Fix use of uninitialized memory when releasing PCI slots (Daniel P. Berrange) - Fix leak of virStreamPtr object with callback added in fdstream impl (Daniel P. Berrange) - Fix leak of mdnsGroupName in virNetServer object (Daniel P. Berrange) - Fix release of filtered stream messages (Daniel P. Berrange) - save domain status after modifing vcpupin (Wen Congyang) - Fix memory leak in virDomainVcpuPinDel() (Wen Congyang) - sysinfo: fix illegal NULL return (Minoru Usui) - Fix locking wrt virNetClientStreamPtr object (Daniel P. Berrange) - Avoid referencing NULL pointer when copying stream error (Daniel P. Berrange) - Avoid free'ing a filtered RPC message in the server (Daniel P. Berrange) - Ensure empty payload is written upon stream completion (Daniel P. Berrange) - Fix propagation of RPC errors from streams (Daniel P. Berrange) - Fix crash when aborting a stream from a I/O callback (Daniel P. Berrange) - dnsmasq: Fix errno handling and don't unlink non-existing files (Matthias Bolte) - tests: Fix memory leak in virnetmessagetest (Osier Yang) - conf: Fix memory leak in virNetworkDNSDefFormat (Osier Yang) - sysinfo: fix parsing regression (Eric Blake) - remote: fix uninitialized variable (Eric Blake) - build: avoid uninitialized variable (Eric Blake) - buf: protect against integer overflow (Eric Blake) - remote: protect against integer overflow (Eric Blake) - Fix typo in libvirt_private.syms (Matthias Bolte) - Fix some bugs in RPC protocol make rules (Daniel P. Berrange) - Fix job type set in qemuMigrationPrepareDirect/PrepareTunnel (Daniel P. Berrange) - Avoid high privileges taint warning for QEMU session driver (Daniel P. Berrange) - util: Fix memory leak in virJSONParserHandleStartMap (Osier Yang) - qemu: Fix memory leak in qemuProcessWaitForMonitor (Osier Yang) - storage: fix volDelete return when volume still being allocated (Matthew Booth) - Fix use-after-free in handling domain taint flags (Daniel P. Berrange) - qemu: Fix one memory leak (Osier Yang) - virsh: avoid bogus description (Eric Blake) - set and restore MAC address of a NIC when using PASSTHROUGH mode (Dirk Herrendoerfer) - conf: Fix one memory leak (Osier Yang) - Add missing checks for NULL in domain lock manager (Daniel P. Berrange) - Fix errno return in safezero() (Daniel P. Berrange) - Fix allocation of veth's to not skip an index (Daniel P. Berrange) - command: avoid double close (Eric Blake) - qemu: Fix parsing 'info chardev' (Cole Robinson) - vcpupin: Fix cpu affinity setting bug of qemu driver (Taku Izumi) - daemon: plug memory leak (Eric Blake) - qemu: add missing break statement (Eric Blake) - storage: avoid mishandling backing store > 2GB (Eric Blake) Improvements: - tests: Add a general util test (Matthias Bolte) - util: choose whether to require micro in version strings (Eric Blake) - build: consistently use CFLAGS (Eric Blake) - build: simplify sanlock distribution (Eric Blake) - build: allow 'make syntax-check' on fresh checkout (Eric Blake) - Send back an error if we get unexpected stream control message (Daniel P. Berrange) - Add test case for parsing JSON docs (Daniel P. Berrange) - Remove bogus warning message in JSON code (Daniel P. Berrange) - Ensure RPC message is cleared before being reused (Daniel P. Berrange) - Fix hardcoded limit on client requests in RPC code (Daniel P. Berrange) - tests: Add valgrind.supp into EXTRA_DIST (Osier Yang) - virsh: Fix a problem of buildPoolXML (Osier Yang) - lock qemu_driver early in qemuGetSchedulerParametersFlags() (Wen Congyang) - build: avoid pod2man on tarball (Eric Blake) - Ensure that EOF is dispatched to the stream callback (Daniel P. Berrange) - Improve two log messages in virNetMessage (Daniel P. Berrange) - Lower logging level when failing to register socket watch (Daniel P. Berrange) - screenshot: Set access rights to temporary file (Michal Privoznik) - maint: improve makefile whitespace (Eric Blake) - network: Don't ignore errors in dnsmasq config file creation (Matthias Bolte) - network: Fix dnsmasq hostsfile creation logic and related tests (Matthias Bolte) - build: update translated files (Eric Blake) - Support automatic creation of leases for disks in sanlock (Daniel P. Berrange) - Support loading a configuration file for sanlock plugin (Daniel P. Berrange) - Allow per-driver config file for lock manager plugins (Daniel P. Berrange) - network: add domain to unqualified names defined with <host> (Laine Stump) - Convert libvirtd over to the new RPC handling APIs (Daniel P. Berrange) - Convert the remote driver to new RPC client APIs (Daniel P. Berrange) - Add XDR_CFLAGS to libvirt-net-rpc.la library (Daniel P. Berrange) - Ensure sanlock socket is labelled with the VM process label (Daniel P. Berrange) - Add a virSecurityManagerSetProcessFDLabel (Daniel P. Berrange) - Rename virSecurityManagerSetFDLabel method (Daniel P. Berrange) - Add node prefix to virNodeGet(CPU|Memory)Stats structs and defines (Matthias Bolte) - qemu: Fix update device for CURRENT + FORCE flags (Jiri Denemark) - nwfilter: Return error message about unresolvable variables (Stefan Berger) - build: rename Vcpupin to VcpuPin (Eric Blake) - sysinfo: cleanup function/struct names. (Minoru Usui) - sysinfo: fix lack of error check in virSysinfoFormat(). (Minoru Usui) - tests: Partly fix networkxml2argvtest being configure result dependent (Matthias Bolte) - qemu: Remove bogus error codes for NUMA memory tuning (Osier Yang) - network: fix indentation in networkBuildDnsmasqArgv (Laine Stump) - vcpupin: add query option to virsh vcpupin command (Taku Izumi) - vcpuinfo: add the code to fallback to try new API (Taku Izumi) - vcpupin: implement the remote protocol to address the new API (Taku Izumi) - vcpupin: implement the code to support new API for the qemu driver (Taku Izumi) - build: update gnulib for intprops (Eric Blake) - Rename iface(G|S)etMacaddr to iface(G|S)etMacAddress for consistency (Matthias Bolte) - Network: Add support for DNS hosts definition to the network XML (Michal Novotny) - Network: Add additional hosts internal infrastructure (Michal Novotny) - Network: Add regression tests for the command-line arguments (Michal Novotny) - Network: modify dnsmasq commandline build function to allow testing (Michal Novotny) - tests: Improve IPv6 detection for virNetSocket tests (Matthias Bolte) - Move load of AppArmor profile to GenLabel() (Jamie Strandboge) - Add Memory Device Information to virSysinfoRead() from dmidecode type 17 (Minoru Usui) - Add Processor Information to virSysinfoRead() from dmidecode type 4 (Minoru Usui) - Cleanup virSysinfoRead() (Minoru Usui) - Make sure virnetprotocol.[ch] are in BUILT_SOURCES (Daniel P. Berrange) - maint: typo fixes (Eric Blake) - Add missing translation of error message from QEMU reboot patch (Daniel P. Berrange) - Allow automatic kill of guests when a connection is closed (Daniel P. Berrange) - Automatically kill target QEMU if migration aborts abnormally (Daniel P. Berrange) - Add infrastructure to automatically destroy guests when a connection closes (Daniel P. Berrange) - Move the RPC generator scripts into src/rpc (Daniel P. Berrange) - Introduce generic RPC client objects (Daniel P. Berrange) - Introduce generic RPC module for advertising via MDNS (Daniel P. Berrange) - Introduce generic RPC server objects (Daniel P. Berrange) - Integrate TLS/SASL directly into the socket APIs (Daniel P. Berrange) - Generic module for handling SASL authentication & encryption (Daniel P. Berrange) - Generic module for handling TLS encryption and x509 certs (Daniel P. Berrange) - Introduce a generic object for using network sockets (Daniel P. Berrange) - Provide a simple object for encoding/decoding RPC messages (Daniel P. Berrange) - Defines the basics of a generic RPC protocol in XDR (Daniel P. Berrange) - build: update to latest gnulib (Eric Blake) - python: Generate virStreamFree but don't expose in bindings (Cole Robinson) - maint: avoid future setgid problems (Eric Blake) - qemu: Only check for NUMA availability if required (Jiri Denemark) - util: avoid PATH_MAX-sized array (Eric Blake) - xen: avoid PATH_MAX-sized array (Eric Blake) - tests: avoid PATH_MAX-sized array (Eric Blake) - virStorageVol: avoid PATH_MAX-sized array (Eric Blake) - cleanup: make several interface functions commonly available (Stefan Berger) - cleanup: make nlComm commonly available (Stefan Berger) - maint: remove syntax-check exception (Eric Blake) - Remove macvtap dependency on domain configuration (Daniel P. Berrange) - util: Correct the error prompt string (Osier Yang) - Fix to python API extractor and API doc generation (Daniel Veillard) - qemu: domain I/O asynchronous handling (Michal Privoznik) - python: Mark event callback wrappers as private (Cole Robinson) - python: events: Fix C->Python handle callback prototype (Cole Robinson) - python: Add bindings for virEvent*Handle/Timeout (Cole Robinson) - events: Correct virEventAddTimeout docs (Cole Robinson) - Promote virEvent*Handle/Timeout to public API (Cole Robinson) - python: Implement virStreamSend/RecvAll helpers (Cole Robinson) - python: Implement virStreamSend/Recv (Cole Robinson) - conf: Make full use of goto label (Osier Yang) - python: Implement bindings for virStreamEventAddCallback (Cole Robinson) - python: generator: Don't print warning if nothing to warn about (Cole Robinson) - python: libvirt-override: use simpler debug (Cole Robinson) - virsh: enhance snapshot-create-as (Eric Blake) - virsh: add snapshot-create-as command (Eric Blake) - virsh: clarify snapshot vs. save (Eric Blake) - Fix compile warnings in virsh vcpupin (Daniel P. Berrange) - remote generator: Allow to annotate arrays with typecasts (Matthias Bolte) - remote: Handle functions that return optional strings (Matthias Bolte) - remote: Generate virDomainGetBlockPullInfo (Matthias Bolte) - vcpupin: add vcpupin resetting feature to qemu driver (Taku Izumi) - vcpupin: add virDomainVcpupinDel function (Taku Izumi) - vcpupin: add reset option to virsh vcpupin command (Taku Izumi) - vcpupin: improve vcpupin definition of virsh vcpupin (Taku Izumi) - Fix preprocessor indentation in nodeinfo.c (Matthias Bolte) - Move XenAPI driver to correct spec file section (Matthias Bolte) - numatune: Add tests for numatune XML (Osier Yang) - numatune: Support NUMA memory tuning in qemu driver (Osier Yang) - numatune: Support persistent XML for numatune (Osier Yang) - numatune: Define XML schema (Osier Yang) - Update qemuDomainSetBlkioParameters to use flags (Hu Tao) - update qemuDomainGetBlkioParameters to use flags (Hu Tao) - Add new parameters for blkiotune (Hu Tao) - apparmor: implement AppArmorSetFDLabel() (Jamie Strandboge) - Add missing error reporting when loading mac filter config for QEMU (Daniel P. Berrange) - virsh: Add support for virDomainGetControlInfo (Jiri Denemark) - qemu: Implement virDomainGetControlInfo (Jiri Denemark) - Wire protocol and remote driver for virDomainGetControlInfo (Jiri Denemark) - sendkey: use consistent API convention (Eric Blake) - build: export correct function names (Eric Blake) - build: avoid compiler warning on non-Linux (Eric Blake) - remote generator: Handle struct returning functions better (part 2) (Matthias Bolte) - Fix apibuild.py warnings about missing comment headers (Matthias Bolte) - remote generator: Handle struct returning functions better (Matthias Bolte) - support for Xen HVM Viridian (Hyper-V) enlightenment interface (Daniel Gollub) - virsh: reduce complexity in argv iteration (Eric Blake) - Add support for network filter code in LXC driver (Daniel P. Berrange) - qemu: Translate boot config into bootindex if possible (Jiri Denemark) - spice: add <clipboard copypaste='yes|no'> option (Marc-André Lureau) - virNodeGetMemoryStats: Implement linux support (Minoru Usui) - virNodeGetMemoryStats: Implement virsh support (Minoru Usui) - virNodeGetMemoryStats: Implement remote protocol (Minoru Usui) - virNodeGetMemoryStats: Implement public API (Minoru Usui) - virNodeGetMemoryStats: Define internal driver API (Minoru Usui) - virNodeGetCPUStats: Implement linux support (Minoru Usui) - virNodeGetCPUStats: Implement virsh support (Minoru Usui) - virNodeGetCPUStats: Implement remote protocol (Minoru Usui) - virNodeGetCPUStats: Define internal driver API (Minoru Usui) - virNodeGetCPUStats: Expose new API (Minoru Usui) - Fix autostart flag when loading running domains (Michael Chapman) - send-key: Implementing the remote protocol (Lai Jiangshan) - send-key: Implementing the public API (Lai Jiangshan) - send-key: Defining the internal API (Lai Jiangshan) - remote generator: Handle (unsigned) int arrays (Lai Jiangshan) - add VSH_OFLAG_REQ_OPT options (Lai Jiangshan) - allow name for VSH_OT_ARGV options (Lai Jiangshan) - storage: avoid an intermediate malloc (Eric Blake) - command: reduce duplicated debug messages (Eric Blake) - qemu: Scrape stdout for virtio console pty (Cole Robinson) - virsh: Add daemon version reporting (Michal Privoznik) - nodeinfo: remove superflous braces (Guido Günther) - util: Cleanup indention problem in virterror.c (Osier Yang) - qemu: Parse current balloon value returned by query_balloon (Osier Yang) - Deprecate several CURRENT/LIVE/CONFIG enums (Hu Tao) - qemu: Faster response time to qemu startup errors (Stefan Berger) - build: update to latest gnulib (Eric Blake) - vcpupin: add the new option to "virsh vcpupin" command (Taku Izumi) - vcpupin: implement the remote protocol to address the new API (Taku Izumi) - vcpupin: implement the code to address the new API in the qemu driver (Taku Izumi) - Use virTimeMs when appropriate (Jiri Denemark) - Introduce virTimeMs for getting current time in ms (Jiri Denemark) - test: Remove unused timeval (Jiri Denemark) - tests: add a test for multi function PCI device (Wen Congyang) - the hotplugged PCI device should use the whole slot (Wen Congyang) - assign the whole slot to the PCI device that has no address (Wen Congyang) - Reimplement qemuDomainPCIAddressReserveSlot(): reserve all functions in the slot (Wen Congyang) - the key of hash table should include the function value (Wen Congyang) - prevent hot unplugging multi function PCI device (Wen Congyang) - check whether qemu supports multi function PCI device (Wen Congyang) - xenapi: Improve error message on session failure (Matthew Booth) - qemu: Fix one type in the error prompt string (Osier Yang) - Move VMware Workstation/Player driver to correct spec file section (Matthias Bolte) - esx: avoid dead code (Eric Blake) - qemu: reorder checks for safety (Eric Blake) - uuid: annotate non-null requirements (Eric Blake) - debug: avoid null dereference on uuid lookup api (Eric Blake) - python: avoid unlikely sign extension bug (Eric Blake) - build: detect Coverity 5.3.0 (Eric Blake) - build: Fix typos in configure.ac (Osier Yang) - virsh: Expose virDomainMigrateSetMaxSpeed API to virsh (Osier Yang) - lxc: Ensure container <init> actually exists (Cole Robinson) - lxc: Verify root fs exists before mounting (Cole Robinson) - lxc: controller: Improve container error reporting (Cole Robinson) - lxc: Improve guest startup error reporting (Cole Robinson) - lxc: Refactor controller command building (Cole Robinson) - lxc: Don't report error in Wait/SendContinue (Cole Robinson) - lxc: Drop container stdio as late as possible (Cole Robinson) - util: Implement virRun as a wrapper around virCommand (Cole Robinson) - qemu: Convert virExec usage to virCommand (Cole Robinson) - Use VIR_USE_CPU instead of new wheel (Osier Yang) - Avoid virGetVersion failure on specific driver support configurations (Matthias Bolte) Cleanups - cgroup: silence coverity warning (Eric Blake) - rpc: silence coverity warning (Eric Blake) - qemu: silence coverity warnings (Eric Blake) - build: avoid 'make syntax-check' failure (Eric Blake) - build: remove dead variables (Eric Blake) - Remove bogus jsondata.h file reference which does not exist (Daniel P. Berrange) - build: ignore generated file (Eric Blake) - build: Don't expect translatable strings in a dead file (Jiri Denemark) - Cleanup remote protocol definitions (Daniel P. Berrange) - Remove obsolete libvirtd mdns code (Daniel P. Berrange) - build: avoid long line tests (Eric Blake) - maint: add omitted copyright header (Eric Blake) - build: break some long lines (Eric Blake) - build: silence coverity false positives (Eric Blake) - secret: drop dead code (Eric Blake) - build: silence coverity false positive (Eric Blake) - Move virRun, virExec*, virFork to util/command (Cole Robinson) - util: Remove unused virExec wrapper (Cole Robinson) - esx: Remove duplicated invalid-argument checks (Matthias Bolte) Thanks everybody for your help with this release, be it by submitting documentations, ideas, patches, etc ... ! Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel(a)veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/

1 0

[libvirt] [PATCH] initialize pointer to NULL
by Wen Congyang 04 Jul '11

04 Jul '11

>From 577ac7e8594cbcccb59653786e80c3916a3238cb Mon Sep 17 00:00:00 2001 From: Wen Congyang <wency(a)cn.fujitsu.com> Date: Sat, 2 Jul 2011 06:41:18 +0800 Subject: [PATCH] initialize pointer to NULL def and cmd is not initialized to NULL, but we try to freed it if we meet some error. It's very dangerous. --- src/qemu/qemu_command.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 90a6653..6c78161 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -5818,7 +5818,7 @@ virDomainDefPtr qemuParseCommandLine(virCapsPtr caps, const char **progenv, const char **progargv) { - virDomainDefPtr def; + virDomainDefPtr def = NULL; int i; int nographics = 0; int fullscreen = 0; @@ -5827,7 +5827,7 @@ virDomainDefPtr qemuParseCommandLine(virCapsPtr caps, const char **nics = NULL; int video = VIR_DOMAIN_VIDEO_TYPE_CIRRUS; int nvirtiodisk = 0; - qemuDomainCmdlineDefPtr cmd; + qemuDomainCmdlineDefPtr cmd = NULL; if (!progargv[0]) { qemuReportError(VIR_ERR_INTERNAL_ERROR, -- 1.6.5.2

3 2

[libvirt] [PATCH 0/8] more coverity cleanups
by Eric Blake 04 Jul '11

04 Jul '11

Many are minor (silencing warnings or only affect OOM), but at least patch 5/8 is a real bug that needs to be fixed pre-release. Eric Blake (8): rpc: avoid memory leak on error qemu: silence coverity warnings rpc: silence coverity warning cgroup: silence coverity warning rpc: fix logic bug qemu: avoid null deref on low memory vmware: avoid null deref on failed lookup storage: avoid crash on parse error src/qemu/qemu_audit.c | 6 ++++-- src/qemu/qemu_command.c | 6 +++++- src/qemu/qemu_domain.c | 4 ++-- src/qemu/qemu_migration.c | 3 ++- src/rpc/virnetclient.c | 3 ++- src/rpc/virnetserverclient.c | 1 + src/rpc/virnetserverservice.c | 7 ++++++- src/storage/storage_backend_iscsi.c | 14 ++++++++++---- src/util/cgroup.c | 2 +- src/vmware/vmware_driver.c | 2 +- 10 files changed, 34 insertions(+), 14 deletions(-) -- 1.7.4.4

3 15

[libvirt] [PATCH] monitor-proxy: Tool for testing qemu monitor interaction
by Jiri Denemark 04 Jul '11

04 Jul '11

It has two modes, normal and interactive. In normal mode, messages are passed from libvirt to qemu and back as they come and copyied to stdout so that one can monitor the communication. In interactive mode, whenever a message comes from either libvirt or qemu, it is printed to stdout and the user is asked what action to take. One can also inject any message to either libvirt or qemu. Interactive mode can be entered by sending any command to monitor-proxy (sending an empty command, i.e., hitting enter enters interactive mode without doing anything else). The proxy can also be started directly in interactive mode by specifying "-i" command line option. Command "cont" can be used to return back to normal mode. For list of supported commands and their description, use "help" or "h" command. To start monitor-proxy one needs to follow the following steps: - start a domain - run monitor-proxy [-i] <monitor socket path> for example: monitor-proxy /var/lib/libvirt/qemu/vm1.monitor - restart libvirtd (this makes libvirtd disconnect from qemu and reconnect to the proxy) monitor-proxy supports libvirtd restarts, i.e., if libvirtd disconnects, the proxy just waits until it reconnects again. Stopping the proxy while libvirtd is running kills the domain since libvirtd sees monitor EOF. To stop using monitor-proxy without killing the domain, one needs to stop libvirtd, stop monitor-proxy, and start libvirtd. The proxy works by renaming qemu monitor socket so that it can listen at the original place for connections from libvirtd. Once libvirtd connects to monitor-proxy, the proxy connects to qemu through the renamed socket. The socket is renamed back to its original name when proxy is killed or asked to exit. The proxy also supports fd passing through SCM_RIGHTS so to be usable for testing migrations. --- Makefile.am | 3 +- configure.ac | 3 +- examples/monitor-proxy/Makefile.am | 3 + examples/monitor-proxy/README | 36 ++ examples/monitor-proxy/monitor-proxy.c | 751 ++++++++++++++++++++++++++++++++ 5 files changed, 794 insertions(+), 2 deletions(-) create mode 100644 examples/monitor-proxy/Makefile.am create mode 100644 examples/monitor-proxy/README create mode 100644 examples/monitor-proxy/monitor-proxy.c diff --git a/Makefile.am b/Makefile.am index 49e42bf..1ac65e3 100644 --- a/Makefile.am +++ b/Makefile.am @@ -6,7 +6,8 @@ GENHTML = genhtml SUBDIRS = gnulib/lib include src daemon tools docs gnulib/tests \ python tests po examples/domain-events/events-c examples/hellolibvirt \ examples/dominfo examples/domsuspend examples/python examples/apparmor \ - examples/xml/nwfilter examples/openauth examples/systemtap + examples/xml/nwfilter examples/openauth examples/systemtap \ + examples/monitor-proxy ACLOCAL_AMFLAGS = -I m4 -I gnulib/m4 diff --git a/configure.ac b/configure.ac index cd22afb..9d2fe04 100644 --- a/configure.ac +++ b/configure.ac @@ -2414,7 +2414,8 @@ AC_OUTPUT(Makefile src/Makefile include/Makefile docs/Makefile \ examples/python/Makefile \ examples/hellolibvirt/Makefile \ examples/systemtap/Makefile \ - examples/xml/nwfilter/Makefile) + examples/xml/nwfilter/Makefile \ + examples/monitor-proxy/Makefile) AC_MSG_NOTICE([]) AC_MSG_NOTICE([Configuration summary]) diff --git a/examples/monitor-proxy/Makefile.am b/examples/monitor-proxy/Makefile.am new file mode 100644 index 0000000..4fbbed5 --- /dev/null +++ b/examples/monitor-proxy/Makefile.am @@ -0,0 +1,3 @@ +noinst_PROGRAMS = monitor-proxy +monitor_proxy_CFLAGS = $(WARN_CFLAGS) +monitor_proxy_SOURCES = monitor-proxy.c diff --git a/examples/monitor-proxy/README b/examples/monitor-proxy/README new file mode 100644 index 0000000..bf00460 --- /dev/null +++ b/examples/monitor-proxy/README @@ -0,0 +1,36 @@ +monitor-proxy is meant as a developer tool for testing libvirt-qemu +communication. + +It has two modes, normal and interactive. In normal mode, messages are passed +from libvirt to qemu and back as they come and copyied to stdout so that one +can monitor the communication. In interactive mode, whenever a message comes +from either libvirt or qemu, it is printed to stdout and the user is asked +what action to take. One can also inject any message to either libvirt or +qemu. Interactive mode can be entered by sending any command to monitor-proxy +(sending an empty command, i.e., hitting enter enters interactive mode without +doing anything else). The proxy can also be started directly in interactive +mode by specifying "-i" command line option. Command "cont" can be used to +return back to normal mode. For list of supported commands and their +description, use "help" or "h" command. + +To start monitor-proxy one needs to follow the following steps: +- start a domain +- run monitor-proxy [-i] <monitor socket path> + for example: monitor-proxy /var/lib/libvirt/qemu/vm1.monitor +- restart libvirtd (this makes libvirtd disconnect from qemu and reconnect to + the proxy) + +monitor-proxy supports libvirtd restarts, i.e., if libvirtd disconnects, the +proxy just waits until it reconnects again. Stopping the proxy while libvirtd +is running kills the domain since libvirtd sees monitor EOF. To stop using +monitor-proxy without killing the domain, one needs to stop libvirtd, stop +monitor-proxy, and start libvirtd. + +The proxy works by renaming qemu monitor socket so that it can listen at the +original place for connections from libvirtd. Once libvirtd connects to +monitor-proxy, the proxy connects to qemu through the renamed socket. The +socket is renamed back to its original name when proxy is killed or asked to +exit. + +The proxy also supports fd passing through SCM_RIGHTS so to be usable for +testing migrations. diff --git a/examples/monitor-proxy/monitor-proxy.c b/examples/monitor-proxy/monitor-proxy.c new file mode 100644 index 0000000..403033d --- /dev/null +++ b/examples/monitor-proxy/monitor-proxy.c @@ -0,0 +1,751 @@ +#include <stdlib.h> +#include <stdio.h> +#include <stdbool.h> +#include <stdarg.h> +#include <string.h> +#include <signal.h> +#include <unistd.h> +#include <fcntl.h> +#include <errno.h> +#include <sys/select.h> +#include <sys/socket.h> +#include <sys/un.h> + +# ifndef ATTRIBUTE_FMT_PRINTF +# if __GNUC_PREREQ (4, 4) +# define ATTRIBUTE_FMT_PRINTF(fmtpos,argpos) __attribute__((__format__ (gnu_printf, fmtpos,argpos))) +# else +# define ATTRIBUTE_FMT_PRINTF(fmtpos,argpos) __attribute__((__format__ (printf, fmtpos,argpos))) +# endif +# endif + +# ifndef ATTRIBUTE_NORETURN +# define ATTRIBUTE_NORETURN __attribute__((__noreturn__)) +# endif + +#ifndef UNIX_PATH_MAX +# define UNIX_PATH_MAX 108 +#endif +#define SOCK_SUFFIX ".proxy" +#define SIZE (1 << 14) + +#define LABEL_LIBVIRT "libvirt> " +#define LABEL_QEMU "qemu> " +#define LABEL_PROMPT "command> " + +enum party { + PARTY_QEMU, + PARTY_LIBVIRT +}; + +enum command { + CMD_NONE, + CMD_NOOP, + CMD_UNKNOWN, + CMD_CONTINUE, + CMD_QUIT, + CMD_HELP, + CMD_PASS, + CMD_DISCARD, + CMD_SEND_QEMU, + CMD_SEND_LIBVIRT +}; + +struct proxy_command { + enum command command; + const char *name; + bool shortcut; + bool argument; + const char *description; +}; + +const char *monitor; +char *monitor_qemu; + +char *buffer; +char *control; +char *commands; + +struct message { + enum party source; + int fd_qemu; + int fd_libvirt; + struct msghdr hdr; +}; + + +#define ncommands (sizeof(proxy_commands) / sizeof(*proxy_commands)) +static const struct proxy_command proxy_commands[] = { + { + CMD_CONTINUE, + "cont", true, false, + "leave interactive mode" + }, { + CMD_QUIT, + "quit", false, false, + "quit monitor-proxy" + }, { + CMD_HELP, + "help", true, false, + "print this help" + }, { + CMD_PASS, + "pass", true, false, + "pass current data to its destination" + }, { + CMD_DISCARD, + "discard", true, false, + "discard current data" + }, { + CMD_SEND_QEMU, + "qemu", true, true, + "send DATA to qemu" + }, { + CMD_SEND_LIBVIRT, + "libvirt", true, true, + "send DATA to libvirt" + } +}; + + +static void ATTRIBUTE_NORETURN +usage(int ret) +{ + fprintf(stderr, "monitor-proxy [-i] <qemu monitor socket>\n"); + exit(ret); +} + + +static void ATTRIBUTE_FMT_PRINTF(1, 2) +print(const char *msg, ...) +{ + va_list args; + + printf("* "); + va_start(args, msg); + vprintf(msg, args); + va_end(args); + printf("\n"); + fflush(NULL); +} + + +#define HELP_LINE 80 +#define HELP_NAME 20 +static void +help(void) +{ + unsigned int i; + char line[HELP_LINE]; + char name[HELP_NAME]; + + print("Available proxy commands:"); + for (i = 0; i < ncommands; i++) { + const struct proxy_command *cmd = proxy_commands + i; + + if (cmd->shortcut) + snprintf(name, HELP_NAME, "%c(%s)", cmd->name[0], cmd->name + 1); + else + strncpy(name, cmd->name, HELP_NAME); + name[HELP_NAME - 1] = '\0'; + if (cmd->argument) { + strncpy(name + strlen(name), " DATA", HELP_NAME - strlen(name)); + name[HELP_NAME - 1] = '\0'; + } + + snprintf(line, HELP_LINE, " %-*s %s", + HELP_NAME, name, cmd->description); + line[HELP_LINE - 1] = '\0'; + print("%s", line); + } + print("Signals:"); + print(" SIGINT (^C) quit monitor-proxy"); +} + + +static int +move_socket(void) +{ + if (monitor_qemu) { + fprintf(stderr, "Socket already moved to %s\n", monitor_qemu); + return -1; + } + + monitor_qemu = malloc(strlen(monitor) + strlen(SOCK_SUFFIX) + 1); + if (!monitor_qemu) + return -1; + + sprintf(monitor_qemu, "%s%s", monitor, SOCK_SUFFIX); + + if (rename(monitor, monitor_qemu) < 0) { + perror("Cannot move monitor socket"); + free(monitor_qemu); + monitor_qemu = NULL; + return -1; + } + + print("Monitor socket renamed as %s", monitor_qemu); + + return 0; +} + + +static int +restore_socket(void) +{ + if (!monitor_qemu) + return 0; + + if (rename(monitor_qemu, monitor) < 0) { + perror("Cannot restore monitor socket"); + return -1; + } + + print("Monitor socket renamed back to %s", monitor); + + free(monitor_qemu); + monitor_qemu = NULL; + + return 0; +} + + +static void ATTRIBUTE_NORETURN +signal_handler(int signum) +{ + restore_socket(); + + if (signum == SIGINT) + exit(0); + else + exit(1); +} + + +static int +open_qemu(void) +{ + struct sockaddr_un addr; + int fd = -1; + + if ((fd = socket(PF_UNIX, SOCK_STREAM, 0)) == -1) { + perror("Cannot create monitor socket"); + goto error; + } + + addr.sun_family = AF_UNIX; + strncpy(addr.sun_path, monitor_qemu, UNIX_PATH_MAX); + addr.sun_path[UNIX_PATH_MAX - 1] = '\0'; + + if (connect(fd, (struct sockaddr *) &addr, sizeof(addr)) < 0) { + perror("Cannot connect to qemu monitor"); + goto error; + } + + print("Connected to qemu monitor"); + + return fd; + +error: + close(fd); + return -1; +} + + +static int +listen_libvirt(void) +{ + struct sockaddr_un addr; + int fd = -1; + + if ((fd = socket(PF_UNIX, SOCK_STREAM, 0)) == -1) { + perror("Cannot create listening socket"); + goto error; + } + + addr.sun_family = AF_UNIX; + strncpy(addr.sun_path, monitor, UNIX_PATH_MAX); + addr.sun_path[UNIX_PATH_MAX - 1] = '\0'; + + if (bind(fd, (struct sockaddr *) &addr, sizeof(addr)) < 0) { + perror("Cannot bind listening socket"); + goto error; + } + + if (listen(fd, 1) < 0) { + perror("Cannot listen"); + goto error; + } + + return fd; + +error: + close(fd); + return -1; +} + + +static int +accept_libvirt(int sock) +{ + int fd = -1; + + print("Waiting for libvirt connection"); + + if ((fd = accept(sock, NULL, NULL)) == -1) { + perror("Cannot accept connection from libvirt"); + goto error; + } + + print("Libvirt connection accepted"); + + return fd; + +error: + close(fd); + return -1; +} + + +static int +init_message(struct message *msg, int qemu, int libvirt) +{ + struct iovec *iov; + + if (!(iov = malloc(sizeof(*iov)))) + return -1; + + memset(msg, 0, sizeof(*msg)); + msg->fd_qemu = qemu; + msg->fd_libvirt = libvirt; + msg->hdr.msg_iov = iov; + msg->hdr.msg_iovlen = 1; + + return 0; +} + + +static ssize_t +receive_message(enum party source, struct message *msg) +{ + ssize_t count; + int fd = source == PARTY_QEMU ? msg->fd_qemu : msg->fd_libvirt; + + msg->source = source; + msg->hdr.msg_iov[0].iov_base = buffer; + msg->hdr.msg_iov[0].iov_len = SIZE; + msg->hdr.msg_control = control; + msg->hdr.msg_controllen = SIZE; + + if ((count = recvmsg(fd, &msg->hdr, 0)) >= 0) { + msg->hdr.msg_iov[0].iov_len = count; + if (msg->hdr.msg_controllen == 0) + msg->hdr.msg_control = NULL; + } + + return count; +} + + +static void +send_message(enum party target, struct message *msg) +{ + int fd = target == PARTY_QEMU ? msg->fd_qemu : msg->fd_libvirt; + + if (sendmsg(fd, &msg->hdr, 0) < 0) { + if (target == PARTY_QEMU) { + perror("Cannot send message to qemu"); + } else { + perror("Cannot send message to libvirt"); + } + } + + msg->hdr.msg_iov[0].iov_base = NULL; + msg->hdr.msg_iov[0].iov_len = 0; + msg->hdr.msg_control = NULL; + msg->hdr.msg_controllen = 0; +} + + +static int +write_all(int fd, const char *buf, size_t count) +{ + size_t written = 0; + ssize_t w; + + while (count > 0) { + w = write(fd, buf, count); + + if (w == 0) { + break; + } else if (w < 0) { + if (errno == EINTR) + continue; + perror("Cannot write data"); + return -1; + } + + buf += w; + count -= w; + written += w; + } + + return written; +} + + +static int +output(const char *label, const struct message *msg) +{ + ssize_t start = 0; + char *buf = msg->hdr.msg_iov[0].iov_base; + ssize_t count = msg->hdr.msg_iov[0].iov_len; + + while (start < count) { + ssize_t len = 0; + const char* p; + + if (write_all(STDOUT_FILENO, label, strlen(label)) < 0) + return -1; + + p = buf + start; + while (start + len < count && *p != '\n') { + len++; + p++; + } + if (start + len < count) + len++; + + if (write_all(STDOUT_FILENO, buf + start, len) < 0) + return -1; + + start += len; + } + + return 0; +} + + +static ssize_t +read_line(char *buf, size_t size, bool data) +{ + ssize_t count = 0; + struct timeval tv = { 0, 0 }; + struct timeval *timeout; + fd_set fds; + int ret; + + FD_ZERO(&fds); + FD_SET(STDIN_FILENO, &fds); + + if (data) + timeout = NULL; + else + timeout = &tv; + + ret = select(STDIN_FILENO + 1, &fds, NULL, NULL, timeout); + if (ret < 0) + return -1; + if (ret == 0) + return 0; + + while (count < size - 1 && read(STDIN_FILENO, buf, 1) == 1) { + count++; + if (*buf == '\n') { + *buf = '\r'; + *++buf = '\n'; + count++; + break; + } + buf++; + } + return count; +} + + +static enum command +get_command(char **cmd_buf, ssize_t *cmd_len, bool data) +{ + ssize_t len; + unsigned int i; + + if (data) + write_all(STDOUT_FILENO, LABEL_PROMPT, strlen(LABEL_PROMPT)); + + len = read_line(commands, SIZE, data); + if (len < 0) + return CMD_QUIT; + if (len == 0) + return CMD_NONE; + if (len <= 2) + return CMD_NOOP; + + commands[len] = '\0'; + + for (i = 0; i < ncommands; i++) { + const struct proxy_command *cmd = proxy_commands + i; + int skip; + + if (strncmp(commands, cmd->name, strlen(cmd->name)) == 0) + skip = strlen(cmd->name); + else if (cmd->shortcut && *commands == *cmd->name) + skip = 1; + else + continue; + + if (cmd->argument) { + if (commands[skip] == ' ') { + skip++; + *cmd_buf = commands + skip; + *cmd_len = len - skip; + return cmd->command; + } + } else { + if (strncmp(commands + skip, "\r\n", 2) == 0) + return cmd->command; + } + } + + commands[len - 2] = '\0'; + *cmd_buf = commands; + *cmd_len = len - 2; + return CMD_UNKNOWN; +} + + +static int +process_commands(struct message *msg, bool *interactive) +{ + enum party source = msg->source; + ssize_t data_len = msg->hdr.msg_iov[0].iov_len; + ssize_t control_len = msg->hdr.msg_controllen; + bool data = data_len > 0 || control_len > 0; + enum command cmd; + char *cmd_buf = NULL; + ssize_t cmd_len = 0; + + msg->hdr.msg_iov[0].iov_base = NULL; + msg->hdr.msg_iov[0].iov_len = 0; + msg->hdr.msg_control = NULL; + msg->hdr.msg_controllen = 0; + + if (data) { + print("Processing data from %s", + source == PARTY_QEMU ? "qemu" : "libvirt"); + print(" Enter proxy commands (type \"help\" to list them)"); + print(" Finish processing with \"pass\" or \"discard\" command"); + } + + while (*interactive && + (cmd = get_command(&cmd_buf, &cmd_len, data)) != CMD_NONE) { + switch (cmd) { + case CMD_NONE: + case CMD_NOOP: + break; + + case CMD_QUIT: + return -1; + + case CMD_HELP: + help(); + break; + + case CMD_UNKNOWN: + print("Unknown command: \"%s\"", cmd_buf); + break; + + case CMD_CONTINUE: + *interactive = false; + print("Leaving interactive mode"); + case CMD_PASS: + if (data_len > 0) { + msg->hdr.msg_iov[0].iov_len = data_len; + msg->hdr.msg_iov[0].iov_base = buffer; + } + if (control_len > 0) { + msg->hdr.msg_controllen = control_len; + msg->hdr.msg_control = control; + } + if (data) { + print("Passing data from %s to %s", + source == PARTY_QEMU ? "qemu" : "libvirt", + source == PARTY_QEMU ? "libvirt" : "qemu"); + send_message(source == PARTY_QEMU ? PARTY_LIBVIRT : PARTY_QEMU, + msg); + data = false; + } else { + if (cmd == CMD_PASS) + print("No data to pass"); + } + break; + + case CMD_DISCARD: + if (data) { + print("Discarding data from %s", + source == PARTY_QEMU ? "qemu" : "libvirt"); + } else { + print("No data to discard"); + } + data_len = control_len = 0; + data = false; + break; + + case CMD_SEND_QEMU: + case CMD_SEND_LIBVIRT: + msg->hdr.msg_iov[0].iov_len = cmd_len; + msg->hdr.msg_iov[0].iov_base = cmd_buf; + send_message(cmd == CMD_SEND_QEMU ? PARTY_QEMU : PARTY_LIBVIRT, + msg); + break; + } + } + + return 0; +} + + +static int +process_data(struct message *msg, bool *interactive) +{ + output(msg->source == PARTY_QEMU ? LABEL_QEMU : LABEL_LIBVIRT, msg); + + if (!*interactive) { + send_message(msg->source == PARTY_QEMU ? PARTY_LIBVIRT : PARTY_QEMU, + msg); + } else { + return process_commands(msg, interactive); + } + + return 0; +} + + +static int +proxy(bool *interactive, int libvirt, int qemu) +{ + fd_set fds; + int maxfd; + struct message msg; + int ret = -1; + ssize_t count; + + print("New monitor session"); + if (*interactive) + print("Entering interactive mode"); + + if (init_message(&msg, qemu, libvirt) < 0) { + perror("Cannot initialize msghdr"); + goto cleanup; + } + + maxfd = libvirt > qemu ? libvirt : qemu; + while (1) { + FD_ZERO(&fds); + FD_SET(STDIN_FILENO, &fds); + FD_SET(libvirt, &fds); + FD_SET(qemu, &fds); + + if (select(maxfd + 1, &fds, NULL, NULL, NULL) == -1) { + perror("select() failed"); + goto cleanup; + } + + if (FD_ISSET(qemu, &fds)) { + if ((count = receive_message(PARTY_QEMU, &msg)) <= 0) { + if (count < 0) + perror("Cannot receive message from qemu"); + else + print("Qemu closed connection"); + goto cleanup; + } + if (process_data(&msg, interactive) < 0) + goto cleanup; + } + + if (FD_ISSET(libvirt, &fds)) { + if ((count = receive_message(PARTY_LIBVIRT, &msg) <= 0)) { + if (count < 0) { + perror("Cannot receive message from libvirt"); + } else { + print("Libvirt closed connection"); + ret = 0; + } + goto cleanup; + } + if (process_data(&msg, interactive) < 0) + goto cleanup; + } + + if (!*interactive && FD_ISSET(STDIN_FILENO, &fds)) { + print("Entering interactive mode"); + *interactive = true; + } + + if (*interactive && process_commands(&msg, interactive) < 0) + goto cleanup; + } + +cleanup: + print("Session closed"); + + close(libvirt); + close(qemu); + return ret; +} + + +int +main(int argc, char **argv) +{ + int sock = -1; + int libvirt = -1; + bool interactive = false; + + if (argc < 2) + usage(2); + + if (strcmp(argv[1], "-i") == 0) { + interactive = true; + if (argc < 3) + usage(2); + monitor = argv[2]; + } else { + monitor = argv[1]; + } + + signal(SIGHUP, signal_handler); + signal(SIGINT, signal_handler); + signal(SIGQUIT, signal_handler); + signal(SIGABRT, signal_handler); + signal(SIGKILL, signal_handler); + signal(SIGPIPE, SIG_IGN); + signal(SIGTERM, signal_handler); + + if (move_socket() < 0) + goto error; + + buffer = malloc(SIZE); + control = malloc(SIZE); + commands = malloc(SIZE); + if (!buffer || !control || !commands) + goto error; + + if ((sock = listen_libvirt()) == -1) + goto error; + + while ((libvirt = accept_libvirt(sock)) != -1) { + int qemu; + + if ((qemu = open_qemu()) != -1) { + if (proxy(&interactive, libvirt, qemu) < 0) + break; + } else { + close(libvirt); + } + } + +error: + restore_socket(); + close(sock); + return 1; +} -- 1.7.6

3 2

[libvirt] Network device abstraction aka virtual switch - V3
by Laine Stump 03 Jul '11

03 Jul '11

This is a followup to https://www.redhat.com/archives/libvir-list/2011-April/msg00591.html (and an even earlier draft) which I alluded to here: https://www.redhat.com/archives/libvir-list/2011-June/msg00383.html Network device abstraction aka virtual switch - V3 ================================================== The <interface> element of a guest's domain config in libvirt has a <source> element that describes what resources on a host will be used to connect the guest's network interface to the rest of the world. This is very flexible, allowing several different types of connection (virtual network, host bridge, direct macvtap connection to physical interface, qemu usermode, user-defined via an external script), but currently has the problem that unnecessary details of the host resources are embedded into the guest's config; if the guest is migrated to a different host, and that host has a different hardware or network config (or possibly the same hardware, but that hardware is currently in use by a different guest), the migration will fail. I am proposing a change to libvirt's network XML that will allow us to (optionally - old configs will remain valid) remove the host details from the guest's domain XML (which can move around from host to host) and place them in the network XML (which remains with a single host); the domain XML will then use existing config elements to associate each guest interface with a "network". The motivating use case for this change is the "direct" connection type (which uses macvtap for vepa and vnlink connections directly between a guest and a physical interface, rather than through a bridge), but it is applicable for all types of connection. (Another hopeful side effect of this change will be to make libvirt's network connection model easier to realize on non-Linux hypervisors (eg, VMWare ESX) and for other network technologies, such as openvswitch, VDE, and various VPN implementations). Background ========== (parts lifted from Dan Berrange's last mail on this subject) Currently <network> supports 3 connectivity modes - Non-routed network, separate subnet (no <forward> element present) - Routed network, separate subnet with NAT (<forward mode='nat'/>) - Routed network, separate subnet (<forward mode='route'/>) Each of these is implemented in the existing network driver by creating a bridge device using brctl, and connecting the guest network interfaces via tap devices (a detail which, now that I've stated it, you should promptly forget!). All traffic between that bridge and the outside network is done via the host's IP routing stack (ie, there is no physical device directly connected to the bridge) In the future, these two additional routed modes might be useful: - Routed network, IP subnetting - Routed network, separate subnet with VPN The core goal of this proposal, though, is to replace type=bridge and type=direct from the domain interface XML with new types of <network> definitions so that the domain can just give "type='network'" and have all the necessary details filled in at runtime. This basically means we're adding several bridging modes (the submodes of "direct" have been flattened out here): - Bridged network, eth + bridge + tap - Bridged network, eth + macvtap + vepa - Bridged network, eth + macvtap + private - Bridged network, eth + macvtap + passthrough - Bridged network, eth + macvtap + bridge Another "future expansion" could be to add: - Bridged network, with VPN Likewise, support for other technologies, such as openvswitch and VDE would each be another entry on this list. (Dan also listed each of the above "+sriov" separately, but that ends up being handled in an orthogonal manner (by just specifying a pool of interfaces for a single network), so I'm only giving the abbreviated list) I. Changes to domain <interface> element ======================================== In many cases, the <interface> element of the domain XML will be identical to what is used now when connecting the interface to a libvirt-style virtual network: <interface type='network'> <source network='red-network'/> <mac address='xx:xx:xx:xx:xx:xx'/> </interface> Depending on the definition of the network "red-network" on the host the guest was started on / migrated to, this could be either a direct (macvtap) connection using one of the various direct modes (vepa/private/bridge/passthrough), a bridge (again, pointed to by the definition of 'red-network'), or a virtual network (using the current network definition syntax). This way the same guest could be migrated not only between macvtap-enabled hosts, but from there to a host using a bridge, or maybe a host in a remote location that used a virtual network with a secure tunnel to connect back to the rest of the red-network. (Part of the migration process would of course check that the destination host had a network of the proper name with adequate available resources, and fail if it didn't; management software at a level above libvirt would probably filter a list of candidate migration destinations based on available networks and any various details of those networks (eg. it could search for only networks using vepa for the connection), and only attempt migration to one that had the matching network available). <virtualport> element of <interface> ------------------------------------ Since many of the attributes/sub-elements of <virtualport> (used by some modes of "direct" interface connections) are identical for all interfaces connecting to any given switch, most of the information in <virtualport> will be optional in the domain's interface definition - it can be filled in from a similar <virtualport> element that will be added to the <network> definition. Some parameters in <virtualport> ("instanceid", for example) must be unique for every interface, though, so those will still be specified in the <interface> XML. The two <virtualport> elements will be OR'ed at runtime to arrive at the actual set of parameters that are used. (Open Question: What should be the policy when a parameter is specified in both places? Should one take precedence? Or should it be considered an error?) portgroup attribute of <source> ------------------------------- The <source> element of an interface definition will be able to optionally specify a "portgroup" attribute. If portgroup is *NOT* given, the default (first) portgroup of the network will be used (if any are defined). If portgroup *IS* specified, the source network must have a portgroup by that name (or the domain startup/migration will fail), and the attributes of that portgroup will be used for the connection. Here is an example <interface> definition that has both a reduced <virtualport> element, as well as a portgroup attribute: <interface type='network'> <source network='red-network' portgroup='engineering'/> <virtualport type="802.1Qbg"> <parameters instanceid="09b11c53-8b5c-4eeb-8f00-d84eaa0aaa4f"/> </virtualport> <mac address='de:ad:be:ef:ca:fe'/> </interface> (The specifics of what can be in a portgroup are given below) II. Changes to <network> definition =================================== As Dan has pointed out, any additions to <network> must be designed so that existing management applications (written to understand <network> prior to these new additions) will at least recognize that the XML they've been given is for something new that they don't fully understand. At the same time, the new types of network definition should attempt to re-use as much of the existing elements/attributes as possible, both to make it easier to extend these applications, as well as to make the status displays of un-updated applications make as much sense as possible. Dan's suggestion (which I obviously endorse :-) is that the new types of network should be specified by extending the choices for <forward mode='....'>. He also suggested adding a new "layer='network|link'" attribute to <forward>. I'm not convinced that item is necessary (it seems redundant), but am including it here for sake of discussion. The current modes are: <forward layer='network' mode='route|nat'/> (in addition to not listing any mode, which equates to "isolated") Here are suggested new modes: <forward layer='link' mode='bridge-brctl|vepa|private|passthrough|bridge-macvtap'/> A description of each: bridge-brctl - equivalent to "<interface type='bridge'>" in the interface definition. The bridge device to use would be given in the existing <forward dev='xxx'>. (Dan also suggests putting this in <network>'s <bridge name='xxx'/> - opinions?) (Question: better name for this?) vepa - same as "<interface type='direct'>..." with <source mode='vepa'/> private - <interface type='direct'> ... <source mode='private'/> passthrough - <interface type='direct'> ... <source mode='passthrough'/> bridge-macvtap - <interface type='direct'> ... <source mode='bridge'/> (Question: better name for this?) Interface Pools --------------- In many cases, a single host network may have multiple physical network devices associated with it (especially in the case of an SRIOV-capable ethernet card, which will have several "virtual functions" associated with a single physical ethernet connection). The host will at least want to balance the load of multiple guests between these multiple devices, and may even require (in the case of passthrough mode, for example) that only a single guest interface be attached to each host device. The current specification for <forward> only allows for a single "dev" attribute, though. In order to support multiple device names, we will extend <forward> to allow 0 or more <interface> sub-elements: <forward mode='vepa' dev='eth10'/> <interface dev='eth10'/> <interface dev='eth11'/> <interface dev='eth12'/> <interface dev='eth13'/> </forward> Note that, as a convenience, the first of these elements will always be a duplicate of the "dev" attribute in <forward> itself. (Is this necessary/desirable?) In the case of mode='passthrough', only one guest interface can be connected to a device at a time. libvirt will keep track of which devices are in use, and attempt to assign a free device; failure to assign a device will result in a failure of the domain to start/migrate. For the other direct modes, libvirt will simply keep track of the number of guest interfaces currently using each device, and attempt to keep them balanced. (Open question: where will we keep track of this allocation/assignment?) Portgroups ----------- A <portgroup> (sub-element of <network>) is just a way of easily putting connections to the network into different classes, with each class having a different level/type of service. Each <network> can have multiple <portgroup> elements, and each <portgroup> has a name, as well as various attributes associated with it. The first thing we will use portgroups for is as an alternate place to specify <virtualport> parameters: <portgroup name='engineering'> <virtualport type="802.1Qbg"> <parameters managerid="11" typeid="1193047" typeidversion="2"/> </virtualport> </portgroup> Anything that is valid in an interface's <virtualport> is also valid here. The next thing to specify in a portgroup will be bandwidth limiting / QoS configuration. Since I don't know exactly what's needed for that, I won't specify it here. If anything is specified both directly under <network> and in a <portgroup>, the value in portgroup will take precedence. (Again - what will the precedence of items specified in the <interface> be?) EXAMPLES -------- Examples of 'red-network' for different types of connections (all of these would work with minor variations of the interface XML given above, e.g. the 'vepa' version would require <virtualport> in the interface that specified an instanceid, and if the <interface> specified a portgroup, it would need to also be in the <network> definition (even if it was empty aside from name).  <network> <name>red-network</name> <bridge name='virbr0'/> <forward layer='network' mode='route'/> ... </network>  <network> <name>red-network</name> <forward mode='bridge-brctl' dev='br0'/> </network>  <network> <name>red-network</name> <forward layer='link' mode='vepa' dev='eth10'/> <virtualport type='802.1Qbg'> <parameters managerid='11' typeid='1193047' typeidversion='2'/> </virtualport>   <portgroup name='accounting'> <virtualport> <parameters typeid='22'/> </virtualport> </portgroup> <portgroup name='engineering'> <virtualport> <parameters typeid='33'/> </virtualport> </portgroup> </network>  <network> <name>red-network</name> <forward layer='link' mode='passthrough' dev='eth10'/> <interface dev='eth10'/> <interface dev='eth11'/> <interface dev='eth12'/> <interface dev='eth13'/> <interface dev='eth14'/> <interface dev='eth15'/> <interface dev='eth16'/> <interface dev='eth17'/> </forward> </network> ============= Open Questions: * Is there a good reason to include the "layer='network|link'" attribute in forward? (maybe just because it's useful info for a management application that doesn't know the details of the modes?) Or is it redundant? * What should be the policy when a virtualport parameter is specified in both the <interface> and the <network>/<portgroup>? Should one take precedence? Or should it be considered an error? * Is it okay for the domain's own definition to specify what portgroup it will be in? Or are there cases where we want to allow someone to modify their domain XML, but force them into a particular portgroup beyond their control? * Is it really necessary/desirable for the first ethernet device in a pool to be duplicated in the <forward dev='xxx'...> attribute? Or can that attribute be omitted when there is a pool of devices? * Where will we keep track of the count of guest interfaces connected to each host interface device, and where will we keep track of which device is being used by a particular guest interface? In the network/domain XML? * Does anyone have better names for "brctl-bridge" and "macvtap-bridge"?

6 11