July 2012 - Devel - libvirt List Archives

[libvirt] [PATCH] ESX: interface driver routines
by Ata Bohra 10 Jul '12

10 Jul '12

Hi All, Attached patch adds missing routines to esx interface driver, one of the missing routine is esxInterfaceDefineXML. I am currently working on it and will update patch soon. Also, patch addresses some of the changes needed in esx_vi_generator.py and esx_vi_types.c to deserialize "String List" types. # On branch master # Changes not staged for commit: # (use "git add <file>..." to update what will be committed) # (use "git checkout -- <file>..." to discard changes in working directory) # # modified: src/esx/esx_interface_driver.c # modified: src/esx/esx_vi.c # modified: src/esx/esx_vi.h # modified: src/esx/esx_vi_generator.input # modified: src/esx/esx_vi_generator.py # modified: src/esx/esx_vi_types.c Thanks! Ata Attachment: 1. esxInterface.diff

3 4

[libvirt] Bug report 826704 - sanlock releases all resources on virsh detach-disk
by Frido Roose 10 Jul '12

10 Jul '12

Hello, I logged a bug about using virsh detach-disk cleaning up all sanlock resources for the domain instead of only the device in question. After a quick look into the code, I think a new method similar to virLockManagerSanlockAddResource is needed in case of detaching a disk from the domain, like e.g. virLockManagerSanlockDelResource (…). Now it looks like virLockManagerSanlockRelease is called, which releases all resources: if ((rv = sanlock_release(-1, priv->vm_pid, SANLK_REL_ALL, 0, NULL)) < 0) { virsh detach-disk should then call virLockManagerSanlockDelResource for the given resource imo. Any thoughts about this or why it is implemented like this? -- Frido Roose

3 6

[libvirt] [PATCH] build: fix typo that breaks non-Linux builds
by Eric Blake 10 Jul '12

10 Jul '12

Commit 9612e4b2 introduced a typo and unused variable that break non-Linux builds. * src/util/virfile.c (virFileLoopDeviceAssociate): Fix syntax error. --- Pushing under the build-breaker rule. src/util/virfile.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/util/virfile.c b/src/util/virfile.c index 8387ae9..0f88cef 100644 --- a/src/util/virfile.c +++ b/src/util/virfile.c @@ -1,7 +1,7 @@ /* * virfile.c: safer file handling * - * Copyright (C) 2010-2011 Red Hat, Inc. + * Copyright (C) 2010-2012 Red Hat, Inc. * Copyright (C) 2010 IBM Corporation * Copyright (C) 2010 Stefan Berger * Copyright (C) 2010 Eric Blake @@ -627,7 +627,8 @@ int virFileLoopDeviceAssociate(const char *file, virReportSystemError(ENOSYS, _("Unable to associate file %s with loop device"), file); - return -1;m + *dev = NULL; + return -1; } #endif /* __linux__ */ -- 1.7.10.4

1 1

[libvirt] ANNOUNCE: virt-manager 0.9.2 and virtinst 0.600.2 released
by Cole Robinson 09 Jul '12

09 Jul '12

I'm happy to announce two new releases: virt-manager 0.9.2: virt-manager is a desktop application for managing KVM and Xen virtual machines via libvirt. virtinst 0.600.2: virtinst is a collection of command line tools for provisioning libvirt virtual machines, including virt-install and virt-clone. The releases can be downloaded from: http://virt-manager.org/download.html The direct download links are: http://virt-manager.org/download/sources/virt-manager/virt-manager-0.9.2.ta… http://virt-manager.org/download/sources/virtinst/virtinst-0.600.2.tar.gz The virt-manager release includes: - Convert to gtkbuilder: UI can now be edited with modern glade tool - virt-manager no longer runs on RHEL5, but can manage a remote RHEL5 host - Option to configure spapr net and disk devices for pseries (Li Zhang) - Many bug fixes and improvements The virtinst release includes: - virt-install: New --memballoon option (Eiichi Tsukata) - virt-install: Improved qemu/kvm pseries support (Li Zhang, Qing Lin) - virt-install: Support setting BIOS path using -boot loader=PATH - Various bug fixes and improvements Also, unless there are serious snags, the next virt-manager release will have some major organizational changes: port to GTK3, virtinst will no longer be a public API, merging virtinst and virt-manager git repos, maybe even converting to python3. While this will facilitate a ton of future improvements, the downside is that a much more recent distro will be required to run virt-manager. More info forthcoming on virt-tools-list Thanks, Cole

1 1

[libvirt] [RFC 0/5] block: File descriptor passing using -open-hook-fd
by Stefan Hajnoczi 09 Jul '12

09 Jul '12

Libvirt can take advantage of SELinux to restrict the QEMU process and prevent it from opening files that it should not have access to. This improves security because it prevents the attacker from escaping the QEMU process if they manage to gain control. NFS has been a pain point for SELinux because it does not support labels (which I believe are stored in extended attributes). In other words, it's not possible to use SELinux goodness on QEMU when image files are located on NFS. Today we have to allow QEMU access to any file on the NFS export rather than restricting specifically to the image files that the guest requires. File descriptor passing is a solution to this problem and might also come in handy elsewhere. Libvirt or another external process chooses files which QEMU is allowed to access and provides just those file descriptors - QEMU cannot open the files itself. This series adds the -open-hook-fd command-line option. Whenever QEMU needs to open an image file it sends a request over the given UNIX domain socket. The response includes the file descriptor or an errno on failure. Please see the patches for details on the protocol. The -open-hook-fd approach allows QEMU to support file descriptor passing without changing -drive. It also supports snapshot_blkdev and other commands that re-open image files. Anthony Liguori <aliguori(a)us.ibm.com> wrote most of these patches. I added a demo -open-hook-fd server and added some small fixes. Since Anthony is traveling right now I'm sending the RFC for discussion. Anthony Liguori (3): block: add open() wrapper that can be hooked by libvirt block: add new command line parameter that and protocol description block: plumb up open-hook-fd option Stefan Hajnoczi (2): osdep: add qemu_recvmsg() wrapper Example -open-hook-fd server block.c | 107 ++++++++++++++++++++++++++++++++++++++ block.h | 2 + block/raw-posix.c | 18 +++---- block/raw-win32.c | 2 +- block/vdi.c | 2 +- block/vmdk.c | 6 +-- block/vpc.c | 2 +- block/vvfat.c | 4 +- block_int.h | 12 +++++ osdep.c | 46 +++++++++++++++++ qemu-common.h | 2 + qemu-options.hx | 42 +++++++++++++++ test-fd-passing.c | 147 +++++++++++++++++++++++++++++++++++++++++++++++++++++ vl.c | 3 ++ 14 files changed, 378 insertions(+), 17 deletions(-) create mode 100644 test-fd-passing.c -- 1.7.10

10 36

[libvirt] [PATCH] virsh: Clarify documentation for virsh dompmsuspend command
by Peter Krempa 09 Jul '12

09 Jul '12

Clarify the docs to make more clear what this command does and that it requires a guest agent running in the guest. --- tools/virsh.c | 7 +++++-- tools/virsh.pod | 10 +++++++++- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/tools/virsh.c b/tools/virsh.c index 265857d..55cbe2b 100644 --- a/tools/virsh.c +++ b/tools/virsh.c @@ -2761,8 +2761,11 @@ cmdSuspend(vshControl *ctl, const vshCmd *cmd) * "dompmsuspend" command */ static const vshCmdInfo info_dom_pm_suspend[] = { - {"help", N_("suspend a domain for a given time duration")}, - {"desc", N_("Suspend a running domain for a given time duration.")}, + {"help", N_("suspend a domain gracefully using power management " + "functions")}, + {"desc", N_("Suspends a running domain using guest OS's power management. " + "(Note: This requires a guest agent configured and running in " + "the guest OS).")}, {NULL, NULL} }; diff --git a/tools/virsh.pod b/tools/virsh.pod index f83a29d..6250b89 100644 --- a/tools/virsh.pod +++ b/tools/virsh.pod @@ -1487,7 +1487,7 @@ Moves a domain out of the suspended state. This will allow a previously suspended domain to now be eligible for scheduling by the underlying hypervisor. -=item B<dompmsuspend> I<domain-id> I<target> +=item B<dompmsuspend> I<domain-id> I<target> [I<--duration>] Suspend a running domain into one of these states (possible I<target> values): @@ -1495,6 +1495,14 @@ values): disk equivallent of S4 ACPI state hybrid RAM is saved to disk but not powered off +The I<--duration> argument specifies number of seconds before the domain is +woken up after it was suspended (see also B<dompmwakeup>). Default is 0 for +unlimited suspend time. (This feature isn't currently supported by any +hypervisor driver and 0 should be used.). + +Note that this command requires a guest agent configured and running in the +domain's guest OS. + =item B<dompmwakeup> I<domain-id> Wakeup a domain suspended by dompmsuspend command. Injects a wakeup -- 1.7.8.6

2 3

[libvirt] [PATCH] Add gvir_storage_vol_download() and gvir_storage_vol_upload() to h file
by Jovanka Gulicoska 09 Jul '12

09 Jul '12

From: Jovanka Gulicoska <jovanka.gulicoska(a)gmail.com> --- libvirt-gobject/libvirt-gobject-storage-vol.h | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/libvirt-gobject/libvirt-gobject-storage-vol.h b/libvirt-gobject/libvirt-gobject-storage-vol.h index b425f0a..c6c64c8 100644 --- a/libvirt-gobject/libvirt-gobject-storage-vol.h +++ b/libvirt-gobject/libvirt-gobject-storage-vol.h @@ -110,6 +110,20 @@ gboolean gvir_storage_vol_resize(GVirStorageVol *vol, guint flags, GError **err); +gboolean gvir_storage_vol_download(GVirStorageVol *vol, + GVirStream *stream, + unsigned long long offset, + unsigned long long length, + guint flags, + GError **err); + +gboolean gvir_storage_vol_upload(GVirStorageVol *vol, + GVirStream *stream, + unsigned long long offset, + unsigned long long length, + guint flags, + GError **err); + G_END_DECLS #endif /* __LIBVIRT_GOBJECT_STORAGE_VOL_H__ */ -- 1.7.10.4

2 2

[libvirt] [PATCH] Add gvir_storage_vol_download() and gvir_sorage_vol_upload()
by Jovanka Gulicoska 09 Jul '12

09 Jul '12

From: Jovanka Gulicoska <jovanka.gulicoska(a)gmail.com> --- libvirt-gobject/libvirt-gobject-storage-vol.c | 74 +++++++++++++++++++++++++ 1 file changed, 74 insertions(+) diff --git a/libvirt-gobject/libvirt-gobject-storage-vol.c b/libvirt-gobject/libvirt-gobject-storage-vol.c index 6f60fcd..5b0647d 100644 --- a/libvirt-gobject/libvirt-gobject-storage-vol.c +++ b/libvirt-gobject/libvirt-gobject-storage-vol.c @@ -349,3 +349,77 @@ gboolean gvir_storage_vol_resize(GVirStorageVol *vol, return TRUE; } + +/** + * gvir_storage_vol_download: + * @vol: the storage volume to download from + * @stream: stream to use as output + * @offset: position in @vol to start reading from + * @length: limit on amount of data to download + * @flags: extra flags, not used yet, pass 0 + * + * Returns: #TRUE of success, #FALSE otherwise + */ +gboolean gvir_storage_vol_download(GVirStorageVol *vol, + GVirStream *stream, + unsigned long long offset, + unsigned long long length, + guint flags, + GError **err) +{ + virStreamPtr st = NULL; + + g_object_get(stream, "handle", &st, NULL); + + g_return_val_if_fail(GVIR_IS_STORAGE_VOL(vol), FALSE); + g_return_val_if_fail(GVIR_IS_STREAM(stream), FALSE); + g_return_val_if_fail(err == NULL || *err == NULL, FALSE); + + if(virStorageVolDownload(vol->priv->handle, st, offset, length, 0) < 0) { + gvir_set_error_literal(err, + GVIR_STORAGE_VOL_ERROR, + 0, + "Unable to downlaod volume storage"); + + return FALSE; + } + + return TRUE; +} + +/** + * gvir_storage_vol_upload: + * @vol: the storage volume to upload + * @stream: stream to use as input + * @offset: position in @vol to start to write to + * @length: limit on amount of data to upload + * @flags: the flags, not set yet, pass 0 + * + * Retirns: #TRUE of success, #FALSE otherwise + */ +gboolean gvir_storage_vol_upload(GVirStorageVol *vol, + GVirStream *stream, + unsigned long long offset, + unsigned long long length, + guint flags, + GError **err) +{ + virStreamPtr st = NULL; + + g_object_get(stream, "handle", &st, NULL); + + g_return_val_if_fail(GVIR_IS_STORAGE_VOL(vol), FALSE); + g_return_val_if_fail(GVIR_IS_STREAM(stream), FALSE); + g_return_val_if_fail(err == NULL || *err == NULL, FALSE); + + if(virStorageVolUpload(vol->priv->handle, st, offset, length, 0) < 0) { + gvir_set_error_literal(err, + GVIR_STORAGE_VOL_ERROR, + 0, + "Unable to upload to stream"); + + return FALSE; + } + + return TRUE; +} -- 1.7.10.4

2 3

[libvirt] [PATCH v2] esx: Extend esxVI_CURL_Download for partial downloads
by Matthias Bolte 09 Jul '12

09 Jul '12

Also ensure that the virBuffer used to store the downloaded data does not overflow. --- v2: - Ensure that the used virBuffer dos not overflow. src/esx/esx_driver.c | 2 +- src/esx/esx_vi.c | 62 +++++++++++++++++++++++++++++++++++++++++++------ src/esx/esx_vi.h | 3 +- 3 files changed, 57 insertions(+), 10 deletions(-) diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c index db2144c..95b9286 100644 --- a/src/esx/esx_driver.c +++ b/src/esx/esx_driver.c @@ -2802,7 +2802,7 @@ esxDomainGetXMLDesc(virDomainPtr domain, unsigned int flags) url = virBufferContentAndReset(&buffer); - if (esxVI_CURL_Download(priv->primary->curl, url, &vmx) < 0) { + if (esxVI_CURL_Download(priv->primary->curl, url, &vmx, 0, NULL) < 0) { goto cleanup; } diff --git a/src/esx/esx_vi.c b/src/esx/esx_vi.c index 48718b6..0769e8b 100644 --- a/src/esx/esx_vi.c +++ b/src/esx/esx_vi.c @@ -116,9 +116,9 @@ ESX_VI__TEMPLATE__FREE(CURL, }) static size_t -esxVI_CURL_ReadString(char *data, size_t size, size_t nmemb, void *ptrptr) +esxVI_CURL_ReadString(char *data, size_t size, size_t nmemb, void *userdata) { - const char *content = *(const char **)ptrptr; + const char *content = *(const char **)userdata; size_t available = 0; size_t requested = size * nmemb; @@ -138,16 +138,28 @@ esxVI_CURL_ReadString(char *data, size_t size, size_t nmemb, void *ptrptr) memcpy(data, content, requested); - *(const char **)ptrptr = content + requested; + *(const char **)userdata = content + requested; return requested; } static size_t -esxVI_CURL_WriteBuffer(char *data, size_t size, size_t nmemb, void *buffer) +esxVI_CURL_WriteBuffer(char *data, size_t size, size_t nmemb, void *userdata) { + virBufferPtr buffer = userdata; + if (buffer != NULL) { - virBufferAdd((virBufferPtr) buffer, data, size * nmemb); + /* + * Using a virBuffer to store the download data limits the downloadable + * size. This is no problem as esxVI_CURL_Download and esxVI_CURL_Perform + * are meant to download small things such as VMX files, VMDK metadata + * files and SOAP responses. + */ + if (virBufferUse(buffer) > UINT32_MAX / 2) { + return 0; + } + + virBufferAdd(buffer, data, size * nmemb); return size * nmemb; } @@ -160,7 +172,7 @@ esxVI_CURL_WriteBuffer(char *data, size_t size, size_t nmemb, void *buffer) #if ESX_VI__CURL__ENABLE_DEBUG_OUTPUT static int esxVI_CURL_Debug(CURL *curl ATTRIBUTE_UNUSED, curl_infotype type, - char *info, size_t size, void *data ATTRIBUTE_UNUSED) + char *info, size_t size, void *userdata ATTRIBUTE_UNUSED) { char *buffer = NULL; @@ -355,8 +367,10 @@ esxVI_CURL_Connect(esxVI_CURL *curl, esxUtil_ParsedUri *parsedUri) } int -esxVI_CURL_Download(esxVI_CURL *curl, const char *url, char **content) +esxVI_CURL_Download(esxVI_CURL *curl, const char *url, char **content, + unsigned long long offset, unsigned long long *length) { + char *range = NULL; virBuffer buffer = VIR_BUFFER_INITIALIZER; int responseCode = 0; @@ -365,9 +379,33 @@ esxVI_CURL_Download(esxVI_CURL *curl, const char *url, char **content) return -1; } + if (length != NULL && *length > 0) { + /* + * Using a virBuffer to store the download data limits the downloadable + * size. This is no problem as esxVI_CURL_Download is meant to download + * small things such as VMX of VMDK metadata files. + */ + if (*length > UINT32_MAX / 2) { + ESX_VI_ERROR(VIR_ERR_INTERNAL_ERROR, "%s", + _("Download length it too large")); + return -1; + } + + if (virAsprintf(&range, "%llu-%llu", offset, offset + *length - 1) < 0) { + virReportOOMError(); + goto cleanup; + } + } else if (offset > 0) { + if (virAsprintf(&range, "%llu-", offset) < 0) { + virReportOOMError(); + goto cleanup; + } + } + virMutexLock(&curl->lock); curl_easy_setopt(curl->handle, CURLOPT_URL, url); + curl_easy_setopt(curl->handle, CURLOPT_RANGE, range); curl_easy_setopt(curl->handle, CURLOPT_WRITEDATA, &buffer); curl_easy_setopt(curl->handle, CURLOPT_UPLOAD, 0); curl_easy_setopt(curl->handle, CURLOPT_HTTPGET, 1); @@ -378,7 +416,7 @@ esxVI_CURL_Download(esxVI_CURL *curl, const char *url, char **content) if (responseCode < 0) { goto cleanup; - } else if (responseCode != 200) { + } else if (responseCode != 200 && responseCode != 206) { ESX_VI_ERROR(VIR_ERR_INTERNAL_ERROR, _("HTTP response code %d for download from '%s'"), responseCode, url); @@ -390,9 +428,15 @@ esxVI_CURL_Download(esxVI_CURL *curl, const char *url, char **content) goto cleanup; } + if (length != NULL) { + *length = virBufferUse(&buffer); + } + *content = virBufferContentAndReset(&buffer); cleanup: + VIR_FREE(range); + if (*content == NULL) { virBufferFreeAndReset(&buffer); return -1; @@ -414,6 +458,7 @@ esxVI_CURL_Upload(esxVI_CURL *curl, const char *url, const char *content) virMutexLock(&curl->lock); curl_easy_setopt(curl->handle, CURLOPT_URL, url); + curl_easy_setopt(curl->handle, CURLOPT_RANGE, NULL); curl_easy_setopt(curl->handle, CURLOPT_READDATA, &content); curl_easy_setopt(curl->handle, CURLOPT_UPLOAD, 1); curl_easy_setopt(curl->handle, CURLOPT_INFILESIZE, strlen(content)); @@ -1231,6 +1276,7 @@ esxVI_Context_Execute(esxVI_Context *ctx, const char *methodName, virMutexLock(&ctx->curl->lock); curl_easy_setopt(ctx->curl->handle, CURLOPT_URL, ctx->url); + curl_easy_setopt(ctx->curl->handle, CURLOPT_RANGE, NULL); curl_easy_setopt(ctx->curl->handle, CURLOPT_WRITEDATA, &buffer); curl_easy_setopt(ctx->curl->handle, CURLOPT_UPLOAD, 0); curl_easy_setopt(ctx->curl->handle, CURLOPT_POSTFIELDS, request); diff --git a/src/esx/esx_vi.h b/src/esx/esx_vi.h index 9560bd2..49b7ca2 100644 --- a/src/esx/esx_vi.h +++ b/src/esx/esx_vi.h @@ -167,7 +167,8 @@ struct _esxVI_CURL { int esxVI_CURL_Alloc(esxVI_CURL **curl); void esxVI_CURL_Free(esxVI_CURL **curl); int esxVI_CURL_Connect(esxVI_CURL *curl, esxUtil_ParsedUri *parsedUri); -int esxVI_CURL_Download(esxVI_CURL *curl, const char *url, char **content); +int esxVI_CURL_Download(esxVI_CURL *curl, const char *url, char **content, + unsigned long long offset, unsigned long long *length); int esxVI_CURL_Upload(esxVI_CURL *curl, const char *url, const char *content); -- 1.7.4.1

2 2

[libvirt] [PATCH] Fix shutdown of LXC controller
by Daniel P. Berrange 09 Jul '12

09 Jul '12

From: "Daniel P. Berrange" <berrange(a)redhat.com> Since we are not yet using the virNetServerPtr object for running the event loop, we can't use virNetServerQuit(). Instead set the global 'quit' flag in libvirt_lxc --- src/lxc/lxc_controller.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c index a4874ea..7a1ce14 100644 --- a/src/lxc/lxc_controller.c +++ b/src/lxc/lxc_controller.c @@ -852,8 +852,11 @@ static void virLXCControllerSignalChildIO(virNetServerPtr server ATTRIBUTE_UNUSE int ret; ret = waitpid(-1, NULL, WNOHANG); - if (ret == ctrl->initpid) - virNetServerQuit(ctrl->server); + if (ret == ctrl->initpid) { + virMutexLock(&lock); + quit = true; + virMutexUnlock(&lock); + } } -- 1.7.10.4

2 1