[libvirt] [PATCH] bridge driver: implement networkEnableIpForwarding for BSD
by Roman Bogorodskiy
Implement networkEnableIpForwarding() using BSD style sysctl.
---
configure.ac | 7 ++++---
src/network/bridge_driver.c | 14 ++++++++++++++
2 files changed, 18 insertions(+), 3 deletions(-)
diff --git a/configure.ac b/configure.ac
index d3219ce..cc2213d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -207,7 +207,8 @@ dnl Availability of various common functions (non-fatal if missing),
dnl and various less common threadsafe functions
AC_CHECK_FUNCS_ONCE([cfmakeraw geteuid getgid getgrnam_r getmntent_r \
getpwuid_r getuid kill mmap newlocale posix_fallocate posix_memalign \
- prlimit regexec sched_getaffinity setgroups setns setrlimit symlink])
+ prlimit regexec sched_getaffinity setgroups setns setrlimit symlink \
+ sysctlbyname])
dnl Availability of pthread functions (if missing, win32 threading is
dnl assumed). Because of $LIB_PTHREAD, we cannot use AC_CHECK_FUNCS_ONCE.
@@ -220,8 +221,8 @@ LIBS=$old_libs
dnl Availability of various common headers (non-fatal if missing).
AC_CHECK_HEADERS([pwd.h paths.h regex.h sys/un.h \
sys/poll.h syslog.h mntent.h net/ethernet.h linux/magic.h \
- sys/un.h sys/syscall.h netinet/tcp.h ifaddrs.h libtasn1.h \
- sys/ucred.h sys/mount.h])
+ sys/un.h sys/syscall.h sys/sysctl.h netinet/tcp.h ifaddrs.h \
+ libtasn1.h sys/ucred.h sys/mount.h])
dnl Check whether endian provides handy macros.
AC_CHECK_DECLS([htole64], [], [], [[#include <endian.h>]])
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index dd30244..9d070b8 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -41,6 +41,9 @@
#include <sys/wait.h>
#include <sys/ioctl.h>
#include <net/if.h>
+#if HAVE_SYS_SYSCTL_H
+# include <sys/sysctl.h>
+#endif
#include "virerror.h"
#include "datatypes.h"
@@ -1537,10 +1540,21 @@ static int
networkEnableIpForwarding(bool enableIPv4, bool enableIPv6)
{
int ret = 0;
+ int enabled = 1;
if (enableIPv4)
+#ifdef HAVE_SYSCTLBYNAME
+ ret = sysctlbyname("net.inet.ip.forwarding", NULL, 0,
+ &enabled, sizeof(enabled));
+#else
ret = virFileWriteStr("/proc/sys/net/ipv4/ip_forward", "1\n", 0);
+#endif
if (enableIPv6 && ret == 0)
+#ifdef HAVE_SYSCTLBYNAME
+ ret = sysctlbyname("net.inet6.ip6.forwarding", NULL, 0,
+ &enabled, sizeof(enabled));
+#else
ret = virFileWriteStr("/proc/sys/net/ipv6/conf/all/forwarding", "1\n", 0);
+#endif
return ret;
}
--
1.8.2.3
11 years, 9 months
[libvirt] [PATCH] maint: avoid C99 loop declaration
by Eric Blake
Commit 3d0e3c1 reintroduced a problem previously squelched in
commit 7e5aa78. Add a syntax check this time around.
util/virutil.c: In function 'virGetGroupList':
util/virutil.c:1015: error: 'for' loop initial declaration used outside C99 mode
* cfg.mk (sc_prohibit_loop_var_decl): New rule.
* src/util/virutil.c (virGetGroupList): Fix offender.
Signed-off-by: Eric Blake <eblake(a)redhat.com>
---
Pushing under the build-breaker rule.
cfg.mk | 12 +++++++++---
src/util/virutil.c | 8 ++++----
2 files changed, 13 insertions(+), 7 deletions(-)
diff --git a/cfg.mk b/cfg.mk
index 13de268..791c393 100644
--- a/cfg.mk
+++ b/cfg.mk
@@ -546,15 +546,21 @@ sc_avoid_attribute_unused_in_header:
$(_sc_search_regexp)
sc_prohibit_int_ijk:
- @prohibit='\<(int|unsigned) ([^(]* )*(i|j|k)(\s|,|;)' \
+ @prohibit='\<(int|unsigned) ([^(]* )*(i|j|k)(\s|,|;)' \
halt='use size_t, not int/unsigned int for loop vars i, j, k' \
$(_sc_search_regexp)
sc_prohibit_loop_iijjkk:
- @prohibit='\<(int|unsigned) ([^=]+ )*(ii|jj|kk)(\s|,|;)' \
- halt='use i, j, k for loop iterators, not ii, jj, kk' \
+ @prohibit='\<(int|unsigned) ([^=]+ )*(ii|jj|kk)(\s|,|;)' \
+ halt='use i, j, k for loop iterators, not ii, jj, kk' \
$(_sc_search_regexp)
+# RHEL 5 gcc can't grok "for (int i..."
+sc_prohibit_loop_var_decl:
+ @prohibit='\<for *\(\w+[ *]+\w+' \
+ in_vc_files='\.[ch]$$' \
+ halt='declare loop iterators outside the for statement' \
+ $(_sc_search_regexp)
# Many of the function names below came from this filter:
# git grep -B2 '\<_('|grep -E '\.c- *[[:alpha:]_][[:alnum:]_]* ?\(.*[,;]$' \
diff --git a/src/util/virutil.c b/src/util/virutil.c
index 3de72ea..34f5998 100644
--- a/src/util/virutil.c
+++ b/src/util/virutil.c
@@ -1010,18 +1010,18 @@ virGetGroupList(uid_t uid, gid_t gid, gid_t **list)
}
if (gid != (gid_t)-1) {
- size_t n = ret;
+ size_t i;
- for (size_t i = 0; i < ret; i++) {
+ for (i = 0; i < ret; i++) {
if ((*list)[i] == gid)
goto cleanup;
}
- if (VIR_APPEND_ELEMENT(*list, n, gid) < 0) {
+ if (VIR_APPEND_ELEMENT(*list, i, gid) < 0) {
ret = -1;
VIR_FREE(*list);
goto cleanup;
} else {
- ret = n;
+ ret = i;
}
}
--
1.8.3.1
11 years, 9 months
[libvirt] [PATCH] libxl: fix libvirtd segfault
by Jim Fehlig
Commit d72ef888 introduced a bug in the libxl driver that will
segfault libvirtd if libxl reports an error message, e.g. when
attempting to initialize the driver on a non-Xen system. I
assumed it was valid to pass a NULL logger to libxl_ctx_alloc(),
but that is not the case since any errors associated with the ctx
that are emitted by libxl will dereference the logger and crash
libvirtd.
Errors associated with the libxl driver-wide ctx could be useful
for debugging anyway, so create a 'libxl-driver.log' to capture
these errors.
---
src/libxl/libxl_conf.h | 3 +++
src/libxl/libxl_driver.c | 30 ++++++++++++++++++++++++++++--
2 files changed, 31 insertions(+), 2 deletions(-)
diff --git a/src/libxl/libxl_conf.h b/src/libxl/libxl_conf.h
index 78133b9..9d72b72 100644
--- a/src/libxl/libxl_conf.h
+++ b/src/libxl/libxl_conf.h
@@ -57,6 +57,9 @@ struct _libxlDriverPrivate {
virDomainXMLOptionPtr xmlopt;
unsigned int version;
+ /* log stream for driver-wide libxl ctx */
+ FILE *logger_file;
+ xentoollog_logger *logger;
/* libxl ctx for driver wide ops; getVersion, getNodeInfo, ... */
libxl_ctx *ctx;
diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
index cc9e772..9dc7261 100644
--- a/src/libxl/libxl_driver.c
+++ b/src/libxl/libxl_driver.c
@@ -1180,6 +1180,9 @@ libxlStateCleanup(void)
virObjectUnref(libxl_driver->xmlopt);
virObjectUnref(libxl_driver->domains);
libxl_ctx_free(libxl_driver->ctx);
+ xtl_logger_destroy(libxl_driver->logger);
+ if (libxl_driver->logger_file)
+ VIR_FORCE_FCLOSE(libxl_driver->logger_file);
virObjectUnref(libxl_driver->reservedVNCPorts);
@@ -1229,6 +1232,7 @@ libxlStateInitialize(bool privileged,
void *opaque ATTRIBUTE_UNUSED)
{
const libxl_version_info *ver_info;
+ char *log_file = NULL;
virCommandPtr cmd;
int status, ret = 0;
unsigned int free_mem;
@@ -1308,6 +1312,17 @@ libxlStateInitialize(bool privileged,
goto error;
}
+ if (virAsprintf(&log_file, "%s/libxl-driver.log", libxl_driver->logDir) < 0)
+ goto error;
+
+ if ((libxl_driver->logger_file = fopen(log_file, "a")) == NULL) {
+ virReportSystemError(errno,
+ _("failed to create logfile %s"),
+ log_file);
+ goto error;
+ }
+ VIR_FREE(log_file);
+
/* read the host sysinfo */
if (privileged)
libxl_driver->hostsysinfo = virSysinfoRead();
@@ -1316,8 +1331,18 @@ libxlStateInitialize(bool privileged,
if (!libxl_driver->domainEventState)
goto error;
- if (libxl_ctx_alloc(&libxl_driver->ctx, LIBXL_VERSION, 0, NULL)) {
- VIR_INFO("cannot initialize libxenlight context, probably not running in a Xen Dom0, disabling driver");
+ libxl_driver->logger =
+ (xentoollog_logger *)xtl_createlogger_stdiostream(libxl_driver->logger_file, XTL_DEBUG, 0);
+ if (!libxl_driver->logger) {
+ VIR_INFO("cannot create logger for libxenlight, disabling driver");
+ goto fail;
+ }
+
+ if (libxl_ctx_alloc(&libxl_driver->ctx,
+ LIBXL_VERSION, 0,
+ libxl_driver->logger)) {
+ VIR_INFO("cannot initialize libxenlight context, probably not running "
+ "in a Xen Dom0, disabling driver");
goto fail;
}
@@ -1383,6 +1408,7 @@ libxlStateInitialize(bool privileged,
error:
ret = -1;
fail:
+ VIR_FREE(log_file);
if (libxl_driver)
libxlDriverUnlock(libxl_driver);
libxlStateCleanup();
--
1.8.1.4
11 years, 9 months
[libvirt] [PATCH] remote: Fix a segfault in remoteDomainCreateWithFlags
by Alex Jia
Valgrind defects memory error:
==16759== 1 errors in context 1 of 8:
==16759== Invalid free() / delete / delete[] / realloc()
==16759== at 0x4A074C4: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==16759== by 0x83CD329: xdr_string (in /usr/lib64/libc-2.17.so)
==16759== by 0x4D93E4D: xdr_remote_nonnull_string (remote_protocol.c:31)
==16759== by 0x4D94350: xdr_remote_nonnull_domain (remote_protocol.c:58)
==16759== by 0x4D976C8: xdr_remote_domain_create_with_flags_ret (remote_protocol.c:1762)
==16759== by 0x83CC734: xdr_free (in /usr/lib64/libc-2.17.so)
==16759== by 0x4D7F1E0: remoteDomainCreateWithFlags (remote_driver.c:2441)
==16759== by 0x4D4BF17: virDomainCreateWithFlags (libvirt.c:9499)
==16759== by 0x13127A: cmdStart (virsh-domain.c:3376)
==16759== by 0x12BF83: vshCommandRun (virsh.c:1751)
==16759== by 0x126FFB: main (virsh.c:3205)
==16759== Address 0xe1394a0 is not stack'd, malloc'd or (recently) free'd
==16759== 1 errors in context 2 of 8:
==16759== Conditional jump or move depends on uninitialised value(s)
==16759== at 0x4A07477: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==16759== by 0x83CD329: xdr_string (in /usr/lib64/libc-2.17.so)
==16759== by 0x4D93E4D: xdr_remote_nonnull_string (remote_protocol.c:31)
==16759== by 0x4D94350: xdr_remote_nonnull_domain (remote_protocol.c:58)
==16759== by 0x4D976C8: xdr_remote_domain_create_with_flags_ret (remote_protocol.c:1762)
==16759== by 0x83CC734: xdr_free (in /usr/lib64/libc-2.17.so)
==16759== by 0x4D7F1E0: remoteDomainCreateWithFlags (remote_driver.c:2441)
==16759== by 0x4D4BF17: virDomainCreateWithFlags (libvirt.c:9499)
==16759== by 0x13127A: cmdStart (virsh-domain.c:3376)
==16759== by 0x12BF83: vshCommandRun (virsh.c:1751)
==16759== by 0x126FFB: main (virsh.c:3205)
==16759== Uninitialised value was created by a stack allocation
==16759== at 0x4D7F120: remoteDomainCreateWithFlags (remote_driver.c:2423)
How to reproduce?
# virsh start <domain> --paused
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=994855
Signed-off-by: Alex Jia <ajia(a)redhat.com>
---
src/remote/remote_driver.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index f828eef..71d0034 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -2431,6 +2431,7 @@ remoteDomainCreateWithFlags(virDomainPtr dom, unsigned int flags)
make_nonnull_domain(&args.dom, dom);
args.flags = flags;
+ memset(&ret, 0, sizeof(ret));
if (call(dom->conn, priv, 0, REMOTE_PROC_DOMAIN_CREATE_WITH_FLAGS,
(xdrproc_t)xdr_remote_domain_create_with_flags_args, (char *)&args,
(xdrproc_t)xdr_remote_domain_create_with_flags_ret, (char *)&ret) == -1) {
--
1.7.1
11 years, 9 months
[libvirt] [PATCH] Make check for /dev/loop device names stricter to avoid /dev/loop-control
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
Recentish (2011) kernels introduced a new device called /dev/loop-control,
which causes libvirt's detection of loop devices to get confused
since it only checks for a prefix of 'loop'. Also check that the
next character is a digit
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
src/util/virfile.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/util/virfile.c b/src/util/virfile.c
index 8f0eec3..2b07ac9 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -546,7 +546,11 @@ static int virFileLoopDeviceOpen(char **dev_name)
errno = 0;
while ((de = readdir(dh)) != NULL) {
- if (!STRPREFIX(de->d_name, "loop"))
+ /* Checking 'loop' prefix is insufficient, since
+ * new kernels have a dev named 'loop-control'
+ */
+ if (!STRPREFIX(de->d_name, "loop") ||
+ !c_isdigit(de->d_name[4]))
continue;
if (virAsprintf(&looppath, "/dev/%s", de->d_name) < 0)
--
1.8.3.1
11 years, 9 months
[libvirt] Hyper-V driver API version support
by surface@me.is-a-linux-user.org
Hello
The "version" function is not supported by the hyperv driver:
$ virsh --connect=hyperv://hypervhost version
Compiled against library: libvirt 1.1.1
Using library: libvirt 1.1.1
Using API: Hyper-V 1.1.1
error: failed to get the hypervisor version
error: this function is not supported by the connection driver:
virConnectGetVersion
But we need this funtion for the "external/libvirt" stonith plugin of
clusterglue:
$ cat /usr/lib/stonith/plugins/libvirt | more
# get status of stonith device (*NOT* of the domain).
# If we can retrieve some info from the hypervisor
# the stonith device is OK.
libvirt_status() {
out=$($VIRSH -c $hypervisor_uri version 2>&1)
if [ $? -eq 0 ]
then
out=`echo "$out" | tail -1`
ha_log.sh notice "$hypervisor_uri: $out"
return 0
fi
ha_log.sh err "Failed to get status for $hypervisor_uri"
ha_log.sh err "$out"
return 1
}
So, we can't implement libvirt stonith with hyperv support in our
corosync/pacemaker cluster. Is it possible to implement the "version"
function for hyperv into virConnectGetVersion? Or exist any workaround
for this problem?
Regards
Rocco
11 years, 9 months
[libvirt] [PATCH] Fix VPATH build of ACL docs
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
The aclperms.htmlinc file must be generated in $(srcdir) to
let includes work when doing a VPATH build
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
docs/Makefile.am | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/docs/Makefile.am b/docs/Makefile.am
index 9057432..0b0d2d4 100644
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -141,13 +141,13 @@ EXTRA_DIST= \
BUILT_SOURCES += aclperms.htmlinc
-CLEANFILES = aclperms.htmlinc
+CLEANFILES = $(srcdir)/aclperms.htmlinc
-acl.html:: aclperms.htmlinc
+acl.html:: $(srcdir)/aclperms.htmlinc
-aclperms.htmlinc: $(top_srcdir)/src/access/viraccessperm.h \
- genaclperms.pl Makefile.am
- $(PERL) genaclperms.pl $< > $@
+$(srcdir)/aclperms.htmlinc: $(top_srcdir)/src/access/viraccessperm.h \
+ $(srcdir)/genaclperms.pl Makefile.am
+ $(PERL) $(srcdir)/genaclperms.pl $< > $@
MAINTAINERCLEANFILES = \
$(addprefix $(srcdir)/,$(dot_html)) \
--
1.8.1.4
11 years, 9 months
[libvirt] [PATCH] tests: avoid too-large constants
by Eric Blake
Compiling with gcc 4.1.2 (RHEL 5) complains:
virdbustest.c: In function 'testMessageSimple':
virdbustest.c:61: warning: integer constant is too large for 'long' type
virdbustest.c:62: warning: integer constant is too large for 'long' type
virdbustest.c: In function 'testMessageArray':
virdbustest.c:183: warning: this decimal constant is unsigned only in ISO C90
virdbustest.c: In function 'testMessageStruct':
virdbustest.c:239: warning: integer constant is too large for 'long' type
virdbustest.c:240: warning: integer constant is too large for 'long' type
* tests/virdbustest.c (testMessageSiple, testMessageArray)
(testMessageStruct): Don't violate C89 constant constraints.
Signed-off-by: Eric Blake <eblake(a)redhat.com>
---
Pushing under the build-breaker rule.
tests/virdbustest.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/tests/virdbustest.c b/tests/virdbustest.c
index 61de937..528342b 100644
--- a/tests/virdbustest.c
+++ b/tests/virdbustest.c
@@ -58,8 +58,8 @@ static int testMessageSimple(const void *args ATTRIBUTE_UNUSED)
unsigned short in_uint16 = 32000, out_uint16 = 0;
int in_int32 = 100000000, out_int32 = 0;
unsigned int in_uint32 = 200000000, out_uint32 = 0;
- long long in_int64 = 1000000000000, out_int64 = 0;
- unsigned long long in_uint64 = 2000000000000, out_uint64 = 0;
+ long long in_int64 = 1000000000000LL, out_int64 = 0;
+ unsigned long long in_uint64 = 2000000000000LL, out_uint64 = 0;
double in_double = 3.14159265359, out_double = 0;;
const char *in_string = "Hello World";
char *out_string = NULL;
@@ -178,9 +178,9 @@ static int testMessageArray(const void *args ATTRIBUTE_UNUSED)
DBusMessage *msg = NULL;
int ret = -1;
const char *in_str1 = "Hello";
- int in_int32a = 1000000000, out_int32a = 0;
- int in_int32b = 2000000000, out_int32b = 0;
- int in_int32c = 3000000000, out_int32c = 0;
+ int in_int32a = 100000000, out_int32a = 0;
+ int in_int32b = 200000000, out_int32b = 0;
+ int in_int32c = 300000000, out_int32c = 0;
const char *in_str2 = "World";
char *out_str1 = NULL, *out_str2 = NULL;
@@ -236,8 +236,8 @@ static int testMessageStruct(const void *args ATTRIBUTE_UNUSED)
unsigned short in_uint16 = 32000, out_uint16 = 0;
int in_int32 = 100000000, out_int32 = 0;
unsigned int in_uint32 = 200000000, out_uint32 = 0;
- long long in_int64 = 1000000000000, out_int64 = 0;
- unsigned long long in_uint64 = 2000000000000, out_uint64 = 0;
+ long long in_int64 = 1000000000000LL, out_int64 = 0;
+ unsigned long long in_uint64 = 2000000000000LL, out_uint64 = 0;
double in_double = 3.14159265359, out_double = 0;;
const char *in_string = "Hello World";
char *out_string = NULL;
--
1.8.3.1
11 years, 9 months
[libvirt] Proposing Archive / Unarchive VM Guest functionality.
by Suhas Mane
Hello Team,
Me and few of my friends are planning to add VM Guest archival
functionality.
What we are proposing is:
1. Below diagram shows: possible states of VM guest (*archived new state
introduced*)
2. For any reason, User / Admin expects to archive the VM guest to remote
storage space, so that storage space consumed by VM guest (disk image...
.vmdk / .img etc..) will be relived. Rest configuration files will be
intact.
3. Later on when so called archived VM guest is to be booted, libvirt
should unarchive the VM guest to local place, and booting should proceed as
usual.
[image: Inline image 1]
I am new to Virtualization. I am using QEMU/KVM hypervisor.
Requesting to suggest how it can be achieved.
What all things I need to do.
Thanks,
Suhas Mane.
11 years, 9 months
[libvirt] [PATCH] qemu: Drop qemuDomainMemoryLimit
by Michal Privoznik
This function is to guess the correct limit for maximal memory
usage by qemu for given domain. This can never be guessed
correctly, not to mention all the pains and sleepless nights this
code has caused. Once somebody discovers algorithm to solve the
Halting Problem, we can compute the limit algorithmically. But
till then, this code should never see the light of the release
again.
---
src/qemu/qemu_cgroup.c | 3 +--
src/qemu/qemu_command.c | 2 +-
src/qemu/qemu_domain.c | 49 -------------------------------------------------
src/qemu/qemu_domain.h | 2 --
src/qemu/qemu_hotplug.c | 2 +-
5 files changed, 3 insertions(+), 55 deletions(-)
diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c
index dc949db..9673e8e 100644
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -428,8 +428,7 @@ qemuSetupMemoryCgroup(virDomainObjPtr vm)
}
}
- if (virCgroupSetMemoryHardLimit(priv->cgroup,
- qemuDomainMemoryLimit(vm->def)) < 0)
+ if (virCgroupSetMemoryHardLimit(priv->cgroup, vm->def->mem.hard_limit) < 0)
return -1;
if (vm->def->mem.soft_limit != 0 &&
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index b811e1d..a0a1773 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -9220,7 +9220,7 @@ qemuBuildCommandLine(virConnectPtr conn,
}
if (mlock)
- virCommandSetMaxMemLock(cmd, qemuDomainMemoryLimit(def) * 1024);
+ virCommandSetMaxMemLock(cmd, def->mem.hard_limit * 1024);
virObjectUnref(cfg);
return cmd;
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 393af6b..7f4d17d 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -2306,55 +2306,6 @@ cleanup:
return ret;
}
-
-unsigned long long
-qemuDomainMemoryLimit(virDomainDefPtr def)
-{
- unsigned long long mem;
- size_t i;
-
- if (def->mem.hard_limit) {
- mem = def->mem.hard_limit;
- } else {
- /* If there is no hard_limit set, compute a reasonable one to avoid
- * system thrashing caused by exploited qemu. A 'reasonable
- * limit' has been chosen:
- * (1 + k) * (domain memory + total video memory) + (32MB for
- * cache per each disk) + F
- * where k = 0.5 and F = 400MB. The cache for disks is important as
- * kernel cache on the host side counts into the RSS limit.
- * Moreover, VFIO requires some amount for IO space. Alex Williamson
- * suggested adding 1GiB for IO space just to be safe (some finer
- * tuning might be nice, though).
- *
- * Technically, the disk cache does not have to be included in
- * RLIMIT_MEMLOCK but it doesn't hurt as it's just an upper limit and
- * it makes this function and its usage simpler.
- */
- mem = def->mem.max_balloon;
- for (i = 0; i < def->nvideos; i++)
- mem += def->videos[i]->vram;
- mem *= 1.5;
- mem += def->ndisks * 32768;
- mem += 409600;
-
- for (i = 0; i < def->nhostdevs; i++) {
- virDomainHostdevDefPtr hostdev = def->hostdevs[i];
- if (hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS &&
- hostdev->source.subsys.type ==
- VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI &&
- hostdev->source.subsys.u.pci.backend ==
- VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
- mem += 1024 * 1024;
- break;
- }
- }
- }
-
- return mem;
-}
-
-
int
qemuDomainUpdateDeviceList(virQEMUDriverPtr driver,
virDomainObjPtr vm)
diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index 0a4a51e..21f116c 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -365,8 +365,6 @@ extern virDomainXMLPrivateDataCallbacks virQEMUDriverPrivateDataCallbacks;
extern virDomainXMLNamespace virQEMUDriverDomainXMLNamespace;
extern virDomainDefParserConfig virQEMUDriverDomainDefParserConfig;
-unsigned long long qemuDomainMemoryLimit(virDomainDefPtr def);
-
int qemuDomainUpdateDeviceList(virQEMUDriverPtr driver,
virDomainObjPtr vm);
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index c9748d9..fa64dd7 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -1030,7 +1030,7 @@ int qemuDomainAttachHostPciDevice(virQEMUDriverPtr driver,
*/
vm->def->hostdevs[vm->def->nhostdevs++] = hostdev;
virProcessSetMaxMemLock(vm->pid,
- qemuDomainMemoryLimit(vm->def) * 1024);
+ vm->def->mem.hard_limit * 1024);
vm->def->hostdevs[vm->def->nhostdevs--] = NULL;
}
--
1.8.1.5
11 years, 9 months
