[libvirt] Supporting vhost-net and macvtap in libvirt for QEMU
by Anthony Liguori
Disclaimer: I am neither an SR-IOV nor a vhost-net expert, but I've CC'd
people that are who can throw tomatoes at me for getting bits wrong :-)
I wanted to start a discussion about supporting vhost-net in libvirt.
vhost-net has not yet been merged into qemu but I expect it will be soon
so it's a good time to start this discussion.
There are two modes worth supporting for vhost-net in libvirt. The
first mode is where vhost-net backs to a tun/tap device. This is
behaves in very much the same way that -net tap behaves in qemu today.
Basically, the difference is that the virtio backend is in the kernel
instead of in qemu so there should be some performance improvement.
Current, libvirt invokes qemu with -net tap,fd=X where X is an already
open fd to a tun/tap device. I suspect that after we merge vhost-net,
libvirt could support vhost-net in this mode by just doing -net
vhost,fd=X. I think the only real question for libvirt is whether to
provide a user visible switch to use vhost or to just always use vhost
when it's available and it makes sense. Personally, I think the later
makes sense.
The more interesting invocation of vhost-net though is one where the
vhost-net device backs directly to a physical network card. In this
mode, vhost should get considerably better performance than the current
implementation. I don't know the syntax yet, but I think it's
reasonable to assume that it will look something like -net
tap,dev=eth0. The effect will be that eth0 is dedicated to the guest.
On most modern systems, there is a small number of network devices so
this model is not all that useful except when dealing with SR-IOV
adapters. In that case, each physical device can be exposed as many
virtual devices (VFs). There are a few restrictions here though. The
biggest is that currently, you can only change the number of VFs by
reloading a kernel module so it's really a parameter that must be set at
startup time.
I think there are a few ways libvirt could support vhost-net in this
second mode. The simplest would be to introduce a new tag similar to
<source network='br0'>. In fact, if you probed the device type for the
network parameter, you could probably do something like <source
network='eth0'> and have it Just Work.
Another model would be to have libvirt see an SR-IOV adapter as a
network pool whereas it handled all of the VF management. Considering
how inflexible SR-IOV is today, I'm not sure whether this is the best model.
Has anyone put any more thought into this problem or how this should be
modeled in libvirt? Michael, could you share your current thinking for
-net syntax?
--
Regards,
Anthony Liguori
1 year, 2 months
[libvirt] [PATCH] qemu: add PCI-multibus support for ppc
by Olivia Yin
Signed-off-by: Olivia Yin <hong-hua.yin(a)freescale.com>
---
src/qemu/qemu_capabilities.c | 10 ++++++++++
1 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 7bc1ebc..7d7791d 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -2209,6 +2209,11 @@ virQEMUCapsInitHelp(virQEMUCapsPtr qemuCaps, uid_t runUid, gid_t runGid)
virQEMUCapsClear(qemuCaps, QEMU_CAPS_NO_ACPI);
}
+ /* ppc support PCI-multibus */
+ if (qemuCaps->arch == VIR_ARCH_PPC) {
+ virQEMUCapsSet(qemuCaps, QEMU_CAPS_PCI_MULTIBUS);
+ }
+
/* virQEMUCapsExtractDeviceStr will only set additional caps if qemu
* understands the 0.13.0+ notion of "-device driver,". */
if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE) &&
@@ -2450,6 +2455,11 @@ virQEMUCapsInitQMP(virQEMUCapsPtr qemuCaps,
virQEMUCapsSet(qemuCaps, QEMU_CAPS_NO_ACPI);
}
+ /* ppc support PCI-multibus */
+ if (qemuCaps->arch == VIR_ARCH_PPC) {
+ virQEMUCapsSet(qemuCaps, QEMU_CAPS_PCI_MULTIBUS);
+ }
+
if (virQEMUCapsProbeQMPCommands(qemuCaps, mon) < 0)
goto cleanup;
if (virQEMUCapsProbeQMPEvents(qemuCaps, mon) < 0)
--
1.6.4
10 years, 10 months
[libvirt] JNA Error Callback could cause core dump.
by Benjamin Wang (gendwang)
Hi,
When I changed code as following:
public class Connect {
// Load the native part
static {
Libvirt.INSTANCE.virInitialize();
try {
ErrorHandler.processError(Libvirt.INSTANCE);
} catch (Exception e) {
e.printStackTrace();
}
+ Libvirt.INSTANCE.virSetErrorFunc(null, new ErrorCallback());
}
The server will generate the following core dump:
Program terminated with signal 6, Aborted.
#0 0x0000003f9b030265 in raise () from /lib64/libc.so.6
(gdb) where
#0 0x0000003f9b030265 in raise () from /lib64/libc.so.6
#1 0x0000003f9b031d10 in abort () from /lib64/libc.so.6
#2 0x0000003f9b06a84b in __libc_message () from /lib64/libc.so.6
#3 0x0000003f9b07230f in _int_free () from /lib64/libc.so.6
#4 0x0000003f9b07276b in free () from /lib64/libc.so.6
#5 0x00002aaaacf46868 in ?? ()
#6 0x0000000000000000 in ?? ()
The problem was caused that when JNA call setErrorFunc, it will create ErrorCallback object. But when GC is executed, the object is GCed. But even I change code as following.
When GC is excuted, the callback object will be moved. Then C can't find this object. Both of scenarios will cause core dump. It seems that JNA mustn't provide ErrorCallback Class,
Because nobody can use this.
Please correct me.
public class Connect {
+ private static final ErrorCallback callback = new ErrorCallback();
// Load the native part
static {
Libvirt.INSTANCE.virInitialize();
try {
ErrorHandler.processError(Libvirt.INSTANCE);
} catch (Exception e) {
e.printStackTrace();
}
+ Libvirt.INSTANCE.virSetErrorFunc(null, callback);
}
B.R.
Benjamin Wang
11 years
[libvirt] [PATCH] python: return dictionay without value in case of no blockjob
by Guannan Ren
Currently, when there is no blockjob, dom.blockJobInfo('vda')
still reports error because it didn't distinguish return value 0 from -1.
libvirt.libvirtError: virDomainGetBlockJobInfo() failed
virDomainGetBlockJobInfo() API return value:
-1 in case of failure, 0 when nothing found, 1 found.
And use PyDict_SetItemString instead of PyDict_SetItem when key is
string type. PyDict_SetItemString increments key/value reference
count, so calling Py_DECREF() for value. For key, we don't need to
do this, because PyDict_SetItemString will handle it internally.
---
python/libvirt-override.c | 54 ++++++++++++++++++++++++++++++++++-------------
1 file changed, 39 insertions(+), 15 deletions(-)
diff --git a/python/libvirt-override.c b/python/libvirt-override.c
index fd9ebb8..c1e8661 100644
--- a/python/libvirt-override.c
+++ b/python/libvirt-override.c
@@ -4354,33 +4354,57 @@ libvirt_virDomainGetBlockJobInfo(PyObject *self ATTRIBUTE_UNUSED,
unsigned int flags;
virDomainBlockJobInfo info;
int c_ret;
- PyObject *ret;
+ PyObject *type = NULL, *bandwidth = NULL, *cur = NULL, *end = NULL;
+ PyObject *dict;
if (!PyArg_ParseTuple(args, (char *)"Ozi:virDomainGetBlockJobInfo",
&pyobj_domain, &path, &flags))
return NULL;
domain = (virDomainPtr) PyvirDomain_Get(pyobj_domain);
-LIBVIRT_BEGIN_ALLOW_THREADS;
+ if ((dict = PyDict_New()) == NULL)
+ return NULL;
+
+ LIBVIRT_BEGIN_ALLOW_THREADS;
c_ret = virDomainGetBlockJobInfo(domain, path, &info, flags);
-LIBVIRT_END_ALLOW_THREADS;
+ LIBVIRT_END_ALLOW_THREADS;
- if (c_ret != 1)
+ if (c_ret == 0) {
+ return dict;
+ } else if (c_ret < 0) {
+ Py_DECREF(dict);
return VIR_PY_NONE;
+ }
- if ((ret = PyDict_New()) == NULL)
- return VIR_PY_NONE;
+ if ((type = libvirt_intWrap(info.type)) == NULL ||
+ PyDict_SetItemString(dict, "type", type) < 0)
+ goto error;
+ Py_DECREF(type);
- PyDict_SetItem(ret, libvirt_constcharPtrWrap("type"),
- libvirt_intWrap(info.type));
- PyDict_SetItem(ret, libvirt_constcharPtrWrap("bandwidth"),
- libvirt_ulongWrap(info.bandwidth));
- PyDict_SetItem(ret, libvirt_constcharPtrWrap("cur"),
- libvirt_ulonglongWrap(info.cur));
- PyDict_SetItem(ret, libvirt_constcharPtrWrap("end"),
- libvirt_ulonglongWrap(info.end));
+ if ((bandwidth = libvirt_ulongWrap(info.bandwidth)) == NULL ||
+ PyDict_SetItemString(dict, "bandwidth", bandwidth) < 0)
+ goto error;
+ Py_DECREF(bandwidth);
- return ret;
+ if ((cur = libvirt_ulonglongWrap(info.cur)) == NULL ||
+ PyDict_SetItemString(dict, "cur", cur) < 0)
+ goto error;
+ Py_DECREF(cur);
+
+ if ((end = libvirt_ulonglongWrap(info.end)) == NULL ||
+ PyDict_SetItemString(dict, "end", end) < 0)
+ goto error;
+ Py_DECREF(end);
+
+ return dict;
+
+error:
+ Py_DECREF(dict);
+ Py_XDECREF(type);
+ Py_XDECREF(bandwidth);
+ Py_XDECREF(cur);
+ Py_XDECREF(end);
+ return NULL;
}
static PyObject *
--
1.8.1.4
11 years, 4 months
[libvirt] [PATCH 0/3] qemu: Fix how files are being opened
by Martin Kletzander
There were some places in the code, where files were being opened with
uid:gid of the daemon instead of the qemu process related to the file.
First patch exposes the parseIds() function in order for it to be used
somewhere else in the code than in the DAC security driver. The next
patch fixes how the files are opened and the last one fixes occurences
of open() that should use different uid:gid for opening files.
There maybe should be a check for whether the file being opened is an
image and whether the label used to open the file should be imagelabel
or not. But, the QEMU process opening the file is running as the
label (not imagelabel) and accessing the files as such.
Martin Kletzander (3):
Expose ownership ID parsing
Make qemuOpenFile aware of per-VM DAC seclabel.
Use qemuOpenFile in qemu_driver.c
src/libvirt_private.syms | 1 +
src/qemu/qemu_driver.c | 87 +++++++++++++++++++++++++++++++--------------
src/security/security_dac.c | 51 ++------------------------
src/util/virutil.c | 56 +++++++++++++++++++++++++++++
src/util/virutil.h | 2 ++
5 files changed, 122 insertions(+), 75 deletions(-)
--
1.8.2.1
11 years, 5 months
[libvirt] [PATCH V2] Expose all CPU features in host definition
by Don Dugger
[V2 - Improve the error handling]
I've opened BZ 697141 on this as I would consider it more
a bug than a feature request. Anyway, to re-iterate my
rationale from the BZ:
The virConnectGetCapabilities API describes the host capabilities
by returning an XML description that includes the CPU model name
and a set of CPU features. The problem is that any features that
are part of the CPU model are not explicitly listed, they are
assumed to be part of the definition of that CPU model. This
makes it extremely difficult for the caller of this API to check
for the presence of a specific CPU feature, the caller would have
to know what features are part of which CPU models, a very
daunting task.
This patch solves this problem by having the API return a model
name, as it currently does, but it will also explicitly list all
of the CPU features that are present. This would make it much
easier for a caller of this API to check for specific features.
Signed-off-by: Don Dugger <donald.d.dugger(a)intel.com>
--
src/cpu/cpu_x86.c | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
index 5d479c2..098ab05 100644
--- a/src/cpu/cpu_x86.c
+++ b/src/cpu/cpu_x86.c
@@ -1296,6 +1296,35 @@ x86GuestData(virCPUDefPtr host,
return x86Compute(host, guest, data, message);
}
+static int
+x86AddFeatures(virCPUDefPtr cpu,
+ struct x86_map *map)
+{
+ int ret;
+ const struct x86_model *candidate;
+ const struct x86_feature *feature = map->features;
+
+ candidate = map->models;
+ while (candidate != NULL) {
+ if (STREQ(cpu->model, candidate->name))
+ break;
+ candidate = candidate->next;
+ }
+ if (!candidate) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ "Odd, %s not a known CPU model\n", cpu->model);
+ return -1;
+ }
+ while (feature != NULL) {
+ if (x86DataIsSubset(candidate->data, feature->data)) {
+ if ((ret = virCPUDefAddFeature(cpu, feature->name, VIR_CPU_FEATURE_DISABLE)) < 0)
+ return ret;
+ }
+ feature = feature->next;
+ }
+ return 0;
+}
+
static int
x86Decode(virCPUDefPtr cpu,
@@ -1383,6 +1412,8 @@ x86Decode(virCPUDefPtr cpu,
goto out;
}
+ if (x86AddFeatures(cpuModel, map) < 0)
+ goto out;
cpu->model = cpuModel->model;
cpu->vendor = cpuModel->vendor;
cpu->nfeatures = cpuModel->nfeatures;
--
1.7.10.4
11 years, 5 months
[libvirt] [sandbox][PATCH] Fix nits in virt-sandbox-service when raise ValueError
by Wayne Sun
Put error msg in list when raise ValueError.
This fix is for bug:
[virt-sandbox-service] execute command with unsupported URI error msg is not right
https://bugzilla.redhat.com/show_bug.cgi?id=967705
Signed-off-by: Wayne Sun <gsun(a)redhat.com>
---
bin/virt-sandbox-service | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service
index 4496b29..1db3c09 100755
--- a/bin/virt-sandbox-service
+++ b/bin/virt-sandbox-service
@@ -878,7 +878,7 @@ def sandbox_list(args):
def sandbox_reload(args):
config = read_config(args.name)
if isinstance(config, gi.repository.LibvirtSandbox.ConfigServiceGeneric):
- raise ValueError(_("Generic Containers do not support reload"))
+ raise ValueError([_("Generic Containers do not support reload")])
container = SystemdContainer(uri = args.uri, config = config)
container.reload(args.unitfiles)
@@ -931,7 +931,7 @@ def fullpath(cmd):
def execute(args):
if args.uri != "lxc:///":
- raise ValueError(_("Can only execute commands inside of linux containers."))
+ raise ValueError([_("Can only execute commands inside of linux containers.")])
myexec = [ "virsh", "-c", args.uri, "lxc-enter-namespace" ]
# myexec = [ "virt-sandbox-service-util", "execute" ]
--
1.7.1
11 years, 6 months
[libvirt] [PATCH 0/2] avoid getpwuid_r deadlock
by Eric Blake
https://bugzilla.redhat.com/show_bug.cgi?id=964358
Posting now to get reviews started. I'd especially like to get
feedback that it doesn't break LXC, and that it works with root-squash
NFS when using qemu:qemu instead of root:root in /etc/libvirt/qemu.conf.
I hope to do more testing myself, and also see if I can try writing an
LD_PRELOAD shim as part of 'make check' to make it easier to test that
the right system calls are made during the sequence.
Eric Blake (2):
util: add virGetGroupList
util: make virSetUIDGID async-signal-safe
configure.ac | 7 +--
src/libvirt_private.syms | 1 +
src/security/security_dac.c | 16 ++++--
src/util/vircommand.c | 10 +++-
src/util/virfile.c | 30 +++++++++--
src/util/virutil.c | 123 ++++++++++++++++++++++++++++++--------------
src/util/virutil.h | 7 ++-
7 files changed, 142 insertions(+), 52 deletions(-)
--
1.8.1.4
11 years, 6 months