[libvirt] Bug report 826704 - sanlock releases all resources on virsh detach-disk
by Frido Roose
Hello,
I logged a bug about using virsh detach-disk cleaning up all sanlock resources for the domain instead of only the device in question.
After a quick look into the code, I think a new method similar to virLockManagerSanlockAddResource is needed in case of detaching a disk from the domain, like e.g. virLockManagerSanlockDelResource (…).
Now it looks like virLockManagerSanlockRelease is called, which releases all resources:
if ((rv = sanlock_release(-1, priv->vm_pid, SANLK_REL_ALL, 0, NULL)) < 0) {
virsh detach-disk should then call virLockManagerSanlockDelResource for the given resource imo.
Any thoughts about this or why it is implemented like this?
--
Frido Roose
12 years, 5 months
[libvirt] [PATCH] build: fix typo that breaks non-Linux builds
by Eric Blake
Commit 9612e4b2 introduced a typo and unused variable that break
non-Linux builds.
* src/util/virfile.c (virFileLoopDeviceAssociate): Fix syntax error.
---
Pushing under the build-breaker rule.
src/util/virfile.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/util/virfile.c b/src/util/virfile.c
index 8387ae9..0f88cef 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -1,7 +1,7 @@
/*
* virfile.c: safer file handling
*
- * Copyright (C) 2010-2011 Red Hat, Inc.
+ * Copyright (C) 2010-2012 Red Hat, Inc.
* Copyright (C) 2010 IBM Corporation
* Copyright (C) 2010 Stefan Berger
* Copyright (C) 2010 Eric Blake
@@ -627,7 +627,8 @@ int virFileLoopDeviceAssociate(const char *file,
virReportSystemError(ENOSYS,
_("Unable to associate file %s with loop device"),
file);
- return -1;m
+ *dev = NULL;
+ return -1;
}
#endif /* __linux__ */
--
1.7.10.4
12 years, 5 months
[libvirt] ANNOUNCE: virt-manager 0.9.2 and virtinst 0.600.2 released
by Cole Robinson
I'm happy to announce two new releases:
virt-manager 0.9.2: virt-manager is a desktop application for managing
KVM and Xen virtual machines via libvirt.
virtinst 0.600.2: virtinst is a collection of command line tools for
provisioning libvirt virtual machines, including virt-install and
virt-clone.
The releases can be downloaded from:
http://virt-manager.org/download.html
The direct download links are:
http://virt-manager.org/download/sources/virt-manager/virt-manager-0.9.2....
http://virt-manager.org/download/sources/virtinst/virtinst-0.600.2.tar.gz
The virt-manager release includes:
- Convert to gtkbuilder: UI can now be edited with modern glade tool
- virt-manager no longer runs on RHEL5, but can manage a remote RHEL5
host
- Option to configure spapr net and disk devices for pseries (Li Zhang)
- Many bug fixes and improvements
The virtinst release includes:
- virt-install: New --memballoon option (Eiichi Tsukata)
- virt-install: Improved qemu/kvm pseries support (Li Zhang, Qing Lin)
- virt-install: Support setting BIOS path using -boot loader=PATH
- Various bug fixes and improvements
Also, unless there are serious snags, the next virt-manager release will have
some major organizational changes: port to GTK3, virtinst will no longer be a
public API, merging virtinst and virt-manager git repos, maybe even converting
to python3. While this will facilitate a ton of future improvements, the
downside is that a much more recent distro will be required to run
virt-manager. More info forthcoming on virt-tools-list
Thanks,
Cole
12 years, 5 months
[libvirt] [RFC 0/5] block: File descriptor passing using -open-hook-fd
by Stefan Hajnoczi
Libvirt can take advantage of SELinux to restrict the QEMU process and prevent
it from opening files that it should not have access to. This improves
security because it prevents the attacker from escaping the QEMU process if
they manage to gain control.
NFS has been a pain point for SELinux because it does not support labels (which
I believe are stored in extended attributes). In other words, it's not
possible to use SELinux goodness on QEMU when image files are located on NFS.
Today we have to allow QEMU access to any file on the NFS export rather than
restricting specifically to the image files that the guest requires.
File descriptor passing is a solution to this problem and might also come in
handy elsewhere. Libvirt or another external process chooses files which QEMU
is allowed to access and provides just those file descriptors - QEMU cannot
open the files itself.
This series adds the -open-hook-fd command-line option. Whenever QEMU needs to
open an image file it sends a request over the given UNIX domain socket. The
response includes the file descriptor or an errno on failure. Please see the
patches for details on the protocol.
The -open-hook-fd approach allows QEMU to support file descriptor passing
without changing -drive. It also supports snapshot_blkdev and other commands
that re-open image files.
Anthony Liguori <aliguori(a)us.ibm.com> wrote most of these patches. I added a
demo -open-hook-fd server and added some small fixes. Since Anthony is
traveling right now I'm sending the RFC for discussion.
Anthony Liguori (3):
block: add open() wrapper that can be hooked by libvirt
block: add new command line parameter that and protocol description
block: plumb up open-hook-fd option
Stefan Hajnoczi (2):
osdep: add qemu_recvmsg() wrapper
Example -open-hook-fd server
block.c | 107 ++++++++++++++++++++++++++++++++++++++
block.h | 2 +
block/raw-posix.c | 18 +++----
block/raw-win32.c | 2 +-
block/vdi.c | 2 +-
block/vmdk.c | 6 +--
block/vpc.c | 2 +-
block/vvfat.c | 4 +-
block_int.h | 12 +++++
osdep.c | 46 +++++++++++++++++
qemu-common.h | 2 +
qemu-options.hx | 42 +++++++++++++++
test-fd-passing.c | 147 +++++++++++++++++++++++++++++++++++++++++++++++++++++
vl.c | 3 ++
14 files changed, 378 insertions(+), 17 deletions(-)
create mode 100644 test-fd-passing.c
--
1.7.10
12 years, 5 months
[libvirt] [PATCH] virsh: Clarify documentation for virsh dompmsuspend command
by Peter Krempa
Clarify the docs to make more clear what this command does and that it
requires a guest agent running in the guest.
---
tools/virsh.c | 7 +++++--
tools/virsh.pod | 10 +++++++++-
2 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/tools/virsh.c b/tools/virsh.c
index 265857d..55cbe2b 100644
--- a/tools/virsh.c
+++ b/tools/virsh.c
@@ -2761,8 +2761,11 @@ cmdSuspend(vshControl *ctl, const vshCmd *cmd)
* "dompmsuspend" command
*/
static const vshCmdInfo info_dom_pm_suspend[] = {
- {"help", N_("suspend a domain for a given time duration")},
- {"desc", N_("Suspend a running domain for a given time duration.")},
+ {"help", N_("suspend a domain gracefully using power management "
+ "functions")},
+ {"desc", N_("Suspends a running domain using guest OS's power management. "
+ "(Note: This requires a guest agent configured and running in "
+ "the guest OS).")},
{NULL, NULL}
};
diff --git a/tools/virsh.pod b/tools/virsh.pod
index f83a29d..6250b89 100644
--- a/tools/virsh.pod
+++ b/tools/virsh.pod
@@ -1487,7 +1487,7 @@ Moves a domain out of the suspended state. This will allow a previously
suspended domain to now be eligible for scheduling by the underlying
hypervisor.
-=item B<dompmsuspend> I<domain-id> I<target>
+=item B<dompmsuspend> I<domain-id> I<target> [I<--duration>]
Suspend a running domain into one of these states (possible I<target>
values):
@@ -1495,6 +1495,14 @@ values):
disk equivallent of S4 ACPI state
hybrid RAM is saved to disk but not powered off
+The I<--duration> argument specifies number of seconds before the domain is
+woken up after it was suspended (see also B<dompmwakeup>). Default is 0 for
+unlimited suspend time. (This feature isn't currently supported by any
+hypervisor driver and 0 should be used.).
+
+Note that this command requires a guest agent configured and running in the
+domain's guest OS.
+
=item B<dompmwakeup> I<domain-id>
Wakeup a domain suspended by dompmsuspend command. Injects a wakeup
--
1.7.8.6
12 years, 5 months
[libvirt] [PATCH] Add gvir_storage_vol_download() and gvir_storage_vol_upload() to h file
by Jovanka Gulicoska
From: Jovanka Gulicoska <jovanka.gulicoska(a)gmail.com>
---
libvirt-gobject/libvirt-gobject-storage-vol.h | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/libvirt-gobject/libvirt-gobject-storage-vol.h b/libvirt-gobject/libvirt-gobject-storage-vol.h
index b425f0a..c6c64c8 100644
--- a/libvirt-gobject/libvirt-gobject-storage-vol.h
+++ b/libvirt-gobject/libvirt-gobject-storage-vol.h
@@ -110,6 +110,20 @@ gboolean gvir_storage_vol_resize(GVirStorageVol *vol,
guint flags,
GError **err);
+gboolean gvir_storage_vol_download(GVirStorageVol *vol,
+ GVirStream *stream,
+ unsigned long long offset,
+ unsigned long long length,
+ guint flags,
+ GError **err);
+
+gboolean gvir_storage_vol_upload(GVirStorageVol *vol,
+ GVirStream *stream,
+ unsigned long long offset,
+ unsigned long long length,
+ guint flags,
+ GError **err);
+
G_END_DECLS
#endif /* __LIBVIRT_GOBJECT_STORAGE_VOL_H__ */
--
1.7.10.4
12 years, 5 months
[libvirt] [PATCH] Add gvir_storage_vol_download() and gvir_sorage_vol_upload()
by Jovanka Gulicoska
From: Jovanka Gulicoska <jovanka.gulicoska(a)gmail.com>
---
libvirt-gobject/libvirt-gobject-storage-vol.c | 74 +++++++++++++++++++++++++
1 file changed, 74 insertions(+)
diff --git a/libvirt-gobject/libvirt-gobject-storage-vol.c b/libvirt-gobject/libvirt-gobject-storage-vol.c
index 6f60fcd..5b0647d 100644
--- a/libvirt-gobject/libvirt-gobject-storage-vol.c
+++ b/libvirt-gobject/libvirt-gobject-storage-vol.c
@@ -349,3 +349,77 @@ gboolean gvir_storage_vol_resize(GVirStorageVol *vol,
return TRUE;
}
+
+/**
+ * gvir_storage_vol_download:
+ * @vol: the storage volume to download from
+ * @stream: stream to use as output
+ * @offset: position in @vol to start reading from
+ * @length: limit on amount of data to download
+ * @flags: extra flags, not used yet, pass 0
+ *
+ * Returns: #TRUE of success, #FALSE otherwise
+ */
+gboolean gvir_storage_vol_download(GVirStorageVol *vol,
+ GVirStream *stream,
+ unsigned long long offset,
+ unsigned long long length,
+ guint flags,
+ GError **err)
+{
+ virStreamPtr st = NULL;
+
+ g_object_get(stream, "handle", &st, NULL);
+
+ g_return_val_if_fail(GVIR_IS_STORAGE_VOL(vol), FALSE);
+ g_return_val_if_fail(GVIR_IS_STREAM(stream), FALSE);
+ g_return_val_if_fail(err == NULL || *err == NULL, FALSE);
+
+ if(virStorageVolDownload(vol->priv->handle, st, offset, length, 0) < 0) {
+ gvir_set_error_literal(err,
+ GVIR_STORAGE_VOL_ERROR,
+ 0,
+ "Unable to downlaod volume storage");
+
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+/**
+ * gvir_storage_vol_upload:
+ * @vol: the storage volume to upload
+ * @stream: stream to use as input
+ * @offset: position in @vol to start to write to
+ * @length: limit on amount of data to upload
+ * @flags: the flags, not set yet, pass 0
+ *
+ * Retirns: #TRUE of success, #FALSE otherwise
+ */
+gboolean gvir_storage_vol_upload(GVirStorageVol *vol,
+ GVirStream *stream,
+ unsigned long long offset,
+ unsigned long long length,
+ guint flags,
+ GError **err)
+{
+ virStreamPtr st = NULL;
+
+ g_object_get(stream, "handle", &st, NULL);
+
+ g_return_val_if_fail(GVIR_IS_STORAGE_VOL(vol), FALSE);
+ g_return_val_if_fail(GVIR_IS_STREAM(stream), FALSE);
+ g_return_val_if_fail(err == NULL || *err == NULL, FALSE);
+
+ if(virStorageVolUpload(vol->priv->handle, st, offset, length, 0) < 0) {
+ gvir_set_error_literal(err,
+ GVIR_STORAGE_VOL_ERROR,
+ 0,
+ "Unable to upload to stream");
+
+ return FALSE;
+ }
+
+ return TRUE;
+}
--
1.7.10.4
12 years, 5 months
[libvirt] [PATCH v2] esx: Extend esxVI_CURL_Download for partial downloads
by Matthias Bolte
Also ensure that the virBuffer used to store the downloaded data
does not overflow.
---
v2:
- Ensure that the used virBuffer dos not overflow.
src/esx/esx_driver.c | 2 +-
src/esx/esx_vi.c | 62 +++++++++++++++++++++++++++++++++++++++++++------
src/esx/esx_vi.h | 3 +-
3 files changed, 57 insertions(+), 10 deletions(-)
diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c
index db2144c..95b9286 100644
--- a/src/esx/esx_driver.c
+++ b/src/esx/esx_driver.c
@@ -2802,7 +2802,7 @@ esxDomainGetXMLDesc(virDomainPtr domain, unsigned int flags)
url = virBufferContentAndReset(&buffer);
- if (esxVI_CURL_Download(priv->primary->curl, url, &vmx) < 0) {
+ if (esxVI_CURL_Download(priv->primary->curl, url, &vmx, 0, NULL) < 0) {
goto cleanup;
}
diff --git a/src/esx/esx_vi.c b/src/esx/esx_vi.c
index 48718b6..0769e8b 100644
--- a/src/esx/esx_vi.c
+++ b/src/esx/esx_vi.c
@@ -116,9 +116,9 @@ ESX_VI__TEMPLATE__FREE(CURL,
})
static size_t
-esxVI_CURL_ReadString(char *data, size_t size, size_t nmemb, void *ptrptr)
+esxVI_CURL_ReadString(char *data, size_t size, size_t nmemb, void *userdata)
{
- const char *content = *(const char **)ptrptr;
+ const char *content = *(const char **)userdata;
size_t available = 0;
size_t requested = size * nmemb;
@@ -138,16 +138,28 @@ esxVI_CURL_ReadString(char *data, size_t size, size_t nmemb, void *ptrptr)
memcpy(data, content, requested);
- *(const char **)ptrptr = content + requested;
+ *(const char **)userdata = content + requested;
return requested;
}
static size_t
-esxVI_CURL_WriteBuffer(char *data, size_t size, size_t nmemb, void *buffer)
+esxVI_CURL_WriteBuffer(char *data, size_t size, size_t nmemb, void *userdata)
{
+ virBufferPtr buffer = userdata;
+
if (buffer != NULL) {
- virBufferAdd((virBufferPtr) buffer, data, size * nmemb);
+ /*
+ * Using a virBuffer to store the download data limits the downloadable
+ * size. This is no problem as esxVI_CURL_Download and esxVI_CURL_Perform
+ * are meant to download small things such as VMX files, VMDK metadata
+ * files and SOAP responses.
+ */
+ if (virBufferUse(buffer) > UINT32_MAX / 2) {
+ return 0;
+ }
+
+ virBufferAdd(buffer, data, size * nmemb);
return size * nmemb;
}
@@ -160,7 +172,7 @@ esxVI_CURL_WriteBuffer(char *data, size_t size, size_t nmemb, void *buffer)
#if ESX_VI__CURL__ENABLE_DEBUG_OUTPUT
static int
esxVI_CURL_Debug(CURL *curl ATTRIBUTE_UNUSED, curl_infotype type,
- char *info, size_t size, void *data ATTRIBUTE_UNUSED)
+ char *info, size_t size, void *userdata ATTRIBUTE_UNUSED)
{
char *buffer = NULL;
@@ -355,8 +367,10 @@ esxVI_CURL_Connect(esxVI_CURL *curl, esxUtil_ParsedUri *parsedUri)
}
int
-esxVI_CURL_Download(esxVI_CURL *curl, const char *url, char **content)
+esxVI_CURL_Download(esxVI_CURL *curl, const char *url, char **content,
+ unsigned long long offset, unsigned long long *length)
{
+ char *range = NULL;
virBuffer buffer = VIR_BUFFER_INITIALIZER;
int responseCode = 0;
@@ -365,9 +379,33 @@ esxVI_CURL_Download(esxVI_CURL *curl, const char *url, char **content)
return -1;
}
+ if (length != NULL && *length > 0) {
+ /*
+ * Using a virBuffer to store the download data limits the downloadable
+ * size. This is no problem as esxVI_CURL_Download is meant to download
+ * small things such as VMX of VMDK metadata files.
+ */
+ if (*length > UINT32_MAX / 2) {
+ ESX_VI_ERROR(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("Download length it too large"));
+ return -1;
+ }
+
+ if (virAsprintf(&range, "%llu-%llu", offset, offset + *length - 1) < 0) {
+ virReportOOMError();
+ goto cleanup;
+ }
+ } else if (offset > 0) {
+ if (virAsprintf(&range, "%llu-", offset) < 0) {
+ virReportOOMError();
+ goto cleanup;
+ }
+ }
+
virMutexLock(&curl->lock);
curl_easy_setopt(curl->handle, CURLOPT_URL, url);
+ curl_easy_setopt(curl->handle, CURLOPT_RANGE, range);
curl_easy_setopt(curl->handle, CURLOPT_WRITEDATA, &buffer);
curl_easy_setopt(curl->handle, CURLOPT_UPLOAD, 0);
curl_easy_setopt(curl->handle, CURLOPT_HTTPGET, 1);
@@ -378,7 +416,7 @@ esxVI_CURL_Download(esxVI_CURL *curl, const char *url, char **content)
if (responseCode < 0) {
goto cleanup;
- } else if (responseCode != 200) {
+ } else if (responseCode != 200 && responseCode != 206) {
ESX_VI_ERROR(VIR_ERR_INTERNAL_ERROR,
_("HTTP response code %d for download from '%s'"),
responseCode, url);
@@ -390,9 +428,15 @@ esxVI_CURL_Download(esxVI_CURL *curl, const char *url, char **content)
goto cleanup;
}
+ if (length != NULL) {
+ *length = virBufferUse(&buffer);
+ }
+
*content = virBufferContentAndReset(&buffer);
cleanup:
+ VIR_FREE(range);
+
if (*content == NULL) {
virBufferFreeAndReset(&buffer);
return -1;
@@ -414,6 +458,7 @@ esxVI_CURL_Upload(esxVI_CURL *curl, const char *url, const char *content)
virMutexLock(&curl->lock);
curl_easy_setopt(curl->handle, CURLOPT_URL, url);
+ curl_easy_setopt(curl->handle, CURLOPT_RANGE, NULL);
curl_easy_setopt(curl->handle, CURLOPT_READDATA, &content);
curl_easy_setopt(curl->handle, CURLOPT_UPLOAD, 1);
curl_easy_setopt(curl->handle, CURLOPT_INFILESIZE, strlen(content));
@@ -1231,6 +1276,7 @@ esxVI_Context_Execute(esxVI_Context *ctx, const char *methodName,
virMutexLock(&ctx->curl->lock);
curl_easy_setopt(ctx->curl->handle, CURLOPT_URL, ctx->url);
+ curl_easy_setopt(ctx->curl->handle, CURLOPT_RANGE, NULL);
curl_easy_setopt(ctx->curl->handle, CURLOPT_WRITEDATA, &buffer);
curl_easy_setopt(ctx->curl->handle, CURLOPT_UPLOAD, 0);
curl_easy_setopt(ctx->curl->handle, CURLOPT_POSTFIELDS, request);
diff --git a/src/esx/esx_vi.h b/src/esx/esx_vi.h
index 9560bd2..49b7ca2 100644
--- a/src/esx/esx_vi.h
+++ b/src/esx/esx_vi.h
@@ -167,7 +167,8 @@ struct _esxVI_CURL {
int esxVI_CURL_Alloc(esxVI_CURL **curl);
void esxVI_CURL_Free(esxVI_CURL **curl);
int esxVI_CURL_Connect(esxVI_CURL *curl, esxUtil_ParsedUri *parsedUri);
-int esxVI_CURL_Download(esxVI_CURL *curl, const char *url, char **content);
+int esxVI_CURL_Download(esxVI_CURL *curl, const char *url, char **content,
+ unsigned long long offset, unsigned long long *length);
int esxVI_CURL_Upload(esxVI_CURL *curl, const char *url, const char *content);
--
1.7.4.1
12 years, 5 months
[libvirt] [PATCH] Fix shutdown of LXC controller
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
Since we are not yet using the virNetServerPtr object for running
the event loop, we can't use virNetServerQuit(). Instead set the
global 'quit' flag in libvirt_lxc
---
src/lxc/lxc_controller.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index a4874ea..7a1ce14 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -852,8 +852,11 @@ static void virLXCControllerSignalChildIO(virNetServerPtr server ATTRIBUTE_UNUSE
int ret;
ret = waitpid(-1, NULL, WNOHANG);
- if (ret == ctrl->initpid)
- virNetServerQuit(ctrl->server);
+ if (ret == ctrl->initpid) {
+ virMutexLock(&lock);
+ quit = true;
+ virMutexUnlock(&lock);
+ }
}
--
1.7.10.4
12 years, 5 months
[libvirt] FYI: CVE-2012-3386 - vulnerability of 'make distcheck'
by Eric Blake
Libvirt is vulnerable to an automake security hole; anyone that runs
'make distcheck' on any existing libvirt release tarball risks a local
exploit that can take advantage of world-writable permissions to inject
the operation of attacker-controlled code under the capabilities of the
developer testing the package. This security hole can be mitigated by
either avoiding the use of 'make distcheck', or by setting a restrictive
umask (such as 022) before running 'make distcheck'.
Since few people beyond developers tend to run 'make distcheck', I'm not
too worried about pushing out a new libvirt tarball any sooner than the
regular release cycle. But we should definitely upgrade to the latest
gnulib (it adds a syntax check to validate whether the vulnerability
still exists), and ensure that the release of libvirt 0.10.0, as well as
the next maintenance releases of v0.9.{6,11}-maint, have been built with
patched automake.
--
Eric Blake eblake(a)redhat.com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
12 years, 5 months