November 2014 - Devel - libvirt List Archives

[libvirt] [PATCH] Revert "ip link needs 'name' in 3.16 to create the veth pair"
by Martin Kletzander 27 Nov '14

27 Nov '14

This reverts commit 433b427ff853ab72d32573d415e6ec569b77c7cb. The patch was added in order to overcome a bug in iproute2 and since it was properly identified as a bug, particularly in openSUSE 13.2, and it is being worked on [1], the best solution for libvirt seems to be to keep the old behaviour. [1] https://bugzilla.novell.com/show_bug.cgi?id=907093 --- src/util/virnetdevveth.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/util/virnetdevveth.c b/src/util/virnetdevveth.c index ad30e1d..e9d6f9c 100644 --- a/src/util/virnetdevveth.c +++ b/src/util/virnetdevveth.c @@ -89,7 +89,7 @@ static int virNetDevVethGetFreeNum(int startDev) * @veth2: pointer to return name for container end of veth pair * * Creates a veth device pair using the ip command: - * ip link add name veth1 type veth peer name veth2 + * ip link add veth1 type veth peer name veth2 * If veth1 points to NULL on entry, it will be a valid interface on * return. veth2 should point to NULL on entry. * @@ -146,7 +146,7 @@ int virNetDevVethCreate(char** veth1, char** veth2) } cmd = virCommandNew("ip"); - virCommandAddArgList(cmd, "link", "add", "name", + virCommandAddArgList(cmd, "link", "add", *veth1 ? *veth1 : veth1auto, "type", "veth", "peer", "name", *veth2 ? *veth2 : veth2auto, -- 2.1.3

3 4

[libvirt] [PATCH] tests: fix documentation for mocking methods
by Martin Kletzander 27 Nov '14

27 Nov '14

It looks like it was copy-pasted, so in case anyone wonders what some of those methods do without looking at them, and for the sake of completeness, fix them. Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com> --- tests/virmock.h | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/tests/virmock.h b/tests/virmock.h index 8352e30..a69c836 100644 --- a/tests/virmock.h +++ b/tests/virmock.h @@ -175,8 +175,8 @@ * @retval: the return value * @...: pairs of parameter type and parameter name * - * Define a replacement for @name which invokes wrap_@name - * forwarding on all args, and passing back the return value. + * Define a replacement for @name which doesn't invoke anything, just + * returns @retval. */ # define VIR_MOCK_STUB_RET_ARGS(name, rettype, retval, ...) \ rettype name(VIR_MOCK_ARGTYPENAMES_UNUSED(__VA_ARGS__)) \ @@ -188,9 +188,10 @@ * VIR_MOCK_STUB_RET_VOID: * @name: the symbol name to replace * @rettype: the return type + * @retval: value to return * - * Define a replacement for @name which invokes wrap_@name - * with no arguments, and passing back the return value. + * Define a replacement for @name which doesn't invoke anything, just + * returns @retval. */ # define VIR_MOCK_STUB_RET_VOID(name, rettype, retval) \ rettype name(void) \ @@ -203,8 +204,8 @@ * @name: the symbol name to replace * @...: pairs of parameter type and parameter name * - * Define a replacement for @name which invokes wrap_@name - * forwarding on all args, but with no return value. + * Define a replacement for @name which doesn't invoke or return + * anything. */ # define VIR_MOCK_STUB_VOID_ARGS(name, ...) \ void name(VIR_MOCK_ARGTYPENAMES_UNUSED(__VA_ARGS__)) \ @@ -217,8 +218,8 @@ * VIR_MOCK_STUB_VOID_VOID: * @name: the symbol name to replace * - * Define a replacement for @name which invokes wrap_@name - * with no arguments and with no return value + * Define a replacement for @name which doesn't invoke or return + * anything. */ # define VIR_MOCK_STUB_VOID_VOID(name) \ void name(void) \ -- 2.1.3

1 1

[libvirt] [PATCH] qemu: fix block{commit,copy} abort handling
by Erik Skultety 27 Nov '14

27 Nov '14

When a block{commit,copy} job was aborted on a domain, block job handler did not process it correctly, leaving a phantom job in the background. Any further calls to any blockjob causes "block <jobtype> still active" error. This patch fixes the blockjob handler so that it checks not only for VIR_DOMAIN_BLOCK_JOB_FAILED status, but VIR_DOMAIN_BLOCK_JOB_CANCELED status as well, followed by our existing cleanup routine. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1135169 --- src/qemu/qemu_process.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index c3ee40b..7e53515 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -1108,7 +1108,8 @@ qemuProcessHandleBlockJob(qemuMonitorPtr mon ATTRIBUTE_UNUSED, if (status == VIR_DOMAIN_BLOCK_JOB_READY) { disk->mirrorState = VIR_DOMAIN_DISK_MIRROR_STATE_READY; save = true; - } else if (status == VIR_DOMAIN_BLOCK_JOB_FAILED) { + } else if (status == VIR_DOMAIN_BLOCK_JOB_FAILED || + status == VIR_DOMAIN_BLOCK_JOB_CANCELED) { virStorageSourceFree(disk->mirror); disk->mirror = NULL; disk->mirrorState = VIR_DOMAIN_DISK_MIRROR_STATE_NONE; -- 1.9.3

2 1

[libvirt] [PATCH] qemu: Don't track quiesced state of FSs
by Michal Privoznik 27 Nov '14

27 Nov '14

https://bugzilla.redhat.com/show_bug.cgi?id=1160084 As of b6d4dad11b (1.2.5) we are trying to keep the status of FSFreeze in the guest. Even though I've tried to fixed couple of corner cases (6ea54769ba18), it occurred to me just recently, that the approach is broken by design. Firstly, there are many other ways to talk to qemu-ga (even through libvirt) that filesystems can be thawed (e.g. qemu-agent-command) without libvirt noticing. Moreover, there are plenty of ways to thaw filesystems without even qemu-ga noticing (yes, qemu-ga keeps internal track of FSFreeze status). So, instead of keeping the track ourselves, or asking qemu-ga for stale state, it's the best to let qemu-ga deal with that (and possibly let guest kernel propagate an error). Moreover, there's one bug with the following approach, if fsfreeze command failed, we've executed fsthaw subsequently. So issuing domfsfreeze in virsh gave the following result: virsh # domfsfreeze gentoo Froze 1 filesystem(s) virsh # domfsfreeze gentoo error: Unable to freeze filesystems error: internal error: unable to execute QEMU agent command 'guest-fsfreeze-freeze': The command guest-fsfreeze-freeze has been disabled for this instance virsh # domfsfreeze gentoo Froze 1 filesystem(s) virsh # domfsfreeze gentoo error: Unable to freeze filesystems error: internal error: unable to execute QEMU agent command 'guest-fsfreeze-freeze': The command guest-fsfreeze-freeze has been disabled for this instance Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- src/qemu/qemu_domain.c | 5 ----- src/qemu/qemu_domain.h | 2 -- src/qemu/qemu_driver.c | 44 ++------------------------------------------ src/qemu/qemu_process.c | 5 ----- 4 files changed, 2 insertions(+), 54 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 6513c78..4061ca1 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -563,9 +563,6 @@ qemuDomainObjPrivateXMLFormat(virBufferPtr buf, void *data) virBufferAddLit(buf, "</devices>\n"); } - if (priv->quiesced) - virBufferAddLit(buf, "<quiesced/>\n"); - return 0; } @@ -750,8 +747,6 @@ qemuDomainObjPrivateXMLParse(xmlXPathContextPtr ctxt, void *data) } VIR_FREE(nodes); - priv->quiesced = virXPathBoolean("boolean(./quiesced)", ctxt) == 1; - return 0; error: diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index e4ea4ce..ebb282a 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -187,8 +187,6 @@ struct _qemuDomainObjPrivate { char **qemuDevices; /* NULL-terminated list of devices aliases known to QEMU */ bool hookRun; /* true if there was a hook run over this domain */ - - bool quiesced; /* true if filesystems are quiesced */ }; typedef enum { diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 07da3e3..ad5f70a 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -12704,34 +12704,17 @@ qemuDomainPrepareDiskChainElement(virQEMUDriverPtr driver, * is sent but failed, and number of frozen filesystems on success. If -2 is * returned, FSThaw should be called revert the quiesced status. */ static int -qemuDomainSnapshotFSFreeze(virQEMUDriverPtr driver, +qemuDomainSnapshotFSFreeze(virQEMUDriverPtr driver ATTRIBUTE_UNUSED, virDomainObjPtr vm, const char **mountpoints, unsigned int nmountpoints) { qemuDomainObjPrivatePtr priv = vm->privateData; - virQEMUDriverConfigPtr cfg; int frozen; - if (priv->quiesced) { - virReportError(VIR_ERR_OPERATION_INVALID, "%s", - _("domain is already quiesced")); - return -1; - } - if (!qemuDomainAgentAvailable(priv, true)) return -1; - priv->quiesced = true; - - cfg = virQEMUDriverGetConfig(driver); - if (virDomainSaveStatus(driver->xmlopt, cfg->stateDir, vm) < 0) { - priv->quiesced = false; - virObjectUnref(cfg); - return -1; - } - virObjectUnref(cfg); - qemuDomainObjEnterAgent(vm); frozen = qemuAgentFSFreeze(priv->agent, mountpoints, nmountpoints); qemuDomainObjExitAgent(vm); @@ -12741,24 +12724,17 @@ qemuDomainSnapshotFSFreeze(virQEMUDriverPtr driver, /* Return -1 on error, otherwise number of thawed filesystems. */ static int -qemuDomainSnapshotFSThaw(virQEMUDriverPtr driver, +qemuDomainSnapshotFSThaw(virQEMUDriverPtr driver ATTRIBUTE_UNUSED, virDomainObjPtr vm, bool report) { qemuDomainObjPrivatePtr priv = vm->privateData; - virQEMUDriverConfigPtr cfg; int thawed; virErrorPtr err = NULL; if (!qemuDomainAgentAvailable(priv, report)) return -1; - if (!priv->quiesced && report) { - virReportError(VIR_ERR_OPERATION_INVALID, "%s", - _("domain is not quiesced")); - return -1; - } - qemuDomainObjEnterAgent(vm); if (!report) err = virSaveLastError(); @@ -12769,18 +12745,6 @@ qemuDomainSnapshotFSThaw(virQEMUDriverPtr driver, virFreeError(err); - if (!report || thawed >= 0) { - priv->quiesced = false; - - cfg = virQEMUDriverGetConfig(driver); - if (virDomainSaveStatus(driver->xmlopt, cfg->stateDir, vm) < 0) { - /* Revert the statuses when we failed to save them. */ - priv->quiesced = true; - thawed = -1; - } - virObjectUnref(cfg); - } - return thawed; } @@ -18033,10 +17997,6 @@ qemuDomainFSFreeze(virDomainPtr dom, } ret = qemuDomainSnapshotFSFreeze(driver, vm, mountpoints, nmountpoints); - if (ret == -2) { - qemuDomainSnapshotFSThaw(driver, vm, false); - ret = -1; - } endjob: if (!qemuDomainObjEndJob(driver, vm)) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index c3ee40b..382d802 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -539,10 +539,6 @@ qemuProcessHandleReset(qemuMonitorPtr mon ATTRIBUTE_UNUSED, priv = vm->privateData; if (priv->agent) qemuAgentNotifyEvent(priv->agent, QEMU_AGENT_EVENT_RESET); - /* Clear some domain runtime information. For instance, - * fsfreeze won't survive domain reset. This, however, - * required the domain status file to be rewritten onto disk. */ - priv->quiesced = false; if (virDomainSaveStatus(driver->xmlopt, cfg->stateDir, vm) < 0) VIR_WARN("Failed to save status on vm %s", vm->def->name); @@ -4985,7 +4981,6 @@ void qemuProcessStop(virQEMUDriverPtr driver, virPortAllocatorRelease(driver->migrationPorts, priv->nbdPort); priv->nbdPort = 0; - priv->quiesced = false; if (priv->agent) { qemuAgentClose(priv->agent); -- 2.0.4

2 1

[libvirt] [libvirt-glib PATCHv3] Add gvir_domain_open_graphics_fd()
by Zeeshan Ali (Khattak) 27 Nov '14

27 Nov '14

Add binding for virDomainOpenGraphicsFD. If virDomainOpenGraphicsFD is not available, it means we are dealing with older libvirt so we create the socket pair ourselves if that is the case. --- configure.ac | 4 ++ libvirt-gobject/libvirt-gobject-domain.c | 72 ++++++++++++++++++++++++++++++++ libvirt-gobject/libvirt-gobject-domain.h | 4 ++ libvirt-gobject/libvirt-gobject.sym | 5 +++ 4 files changed, 85 insertions(+) diff --git a/configure.ac b/configure.ac index 8cc3fca..bcb5cda 100644 --- a/configure.ac +++ b/configure.ac @@ -93,6 +93,10 @@ m4_if(m4_version_compare([2.61a.100], LIBVIRT_GLIB_COMPILE_WARNINGS PKG_CHECK_MODULES(LIBVIRT, libvirt >= $LIBVIRT_REQUIRED) +# virDomainOpenGraphicsFD was introduced in libvirt 1.2.8 +AC_CHECK_LIB([virt], + [virDomainOpenGraphicsFD], + [AC_DEFINE([HAVE_VIR_DOMAIN_OPEN_GRAPHICS_FD], 1, [Have virDomainOpenGraphicsFD?])]) enable_tests=no PKG_CHECK_MODULES(GLIB2, glib-2.0 >= $GLIB2_TEST_REQUIRED, [enable_tests=yes], diff --git a/libvirt-gobject/libvirt-gobject-domain.c b/libvirt-gobject/libvirt-gobject-domain.c index 8df30d7..5a5189f 100644 --- a/libvirt-gobject/libvirt-gobject-domain.c +++ b/libvirt-gobject/libvirt-gobject-domain.c @@ -25,6 +25,9 @@ #include <libvirt/virterror.h> #include <string.h> +#ifndef HAVE_VIR_DOMAIN_OPEN_GRAPHICS_FD +#include <sys/socket.h> +#endif #include "libvirt-glib/libvirt-glib.h" #include "libvirt-gobject/libvirt-gobject.h" @@ -1222,6 +1225,75 @@ cleanup: } /** + * gvir_domain_open_graphics_fd: + * @dom: the domain + * @idx: the graphics index + * @flags: extra flags, currently unused + * + * This will create a socket pair connected to the graphics backend of @dom. One + * end of the socket will be returned on success, and the other end is handed to + * the hypervisor. If @dom has multiple graphics backends configured, then @idx + * will determine which one is opened, starting from @idx 0. + * + * Returns: An fd on success, -1 on failure. + * + * Since: 0.2.0 + */ +int gvir_domain_open_graphics_fd(GVirDomain *dom, + guint idx, + unsigned int flags, + GError **err) +{ + GVirDomainPrivate *priv; + int ret = -1; +#ifndef HAVE_VIR_DOMAIN_OPEN_GRAPHICS_FD + int pair[2]; +#endif + + g_return_val_if_fail(GVIR_IS_DOMAIN(dom), -1); + g_return_val_if_fail(err == NULL || *err == NULL, -1); + + priv = dom->priv; + +#ifdef HAVE_VIR_DOMAIN_OPEN_GRAPHICS_FD + ret = virDomainOpenGraphicsFD(priv->handle, idx, flags); + if (ret <= 0) { + gvir_set_error_literal(err, GVIR_DOMAIN_ERROR, + 0, + "Unable to open graphics"); + goto end; + } + +#else + if (socketpair(PF_UNIX, SOCK_STREAM, 0, pair) < 0) { + g_set_error_literal(err, GVIR_DOMAIN_ERROR, + 0, + "Failed to create socket pair"); + goto end; + } + + if (virDomainOpenGraphics(priv->handle, idx, pair[0], flags) < 0) { + virErrorPtr vir_err; + + vir_err = virGetLastError(); + gvir_set_error_literal(err, GVIR_DOMAIN_ERROR, + 0, + "Unable to open graphics"); + close(pair[0]); + close(pair[1]); + + goto end; + } + close(pair[0]); + ret = pair[1]; + +#endif + +end: + return ret; +} + +/** * gvir_domain_suspend: * @dom: the domain to suspend * @err: Place-holder for possible errors diff --git a/libvirt-gobject/libvirt-gobject-domain.h b/libvirt-gobject/libvirt-gobject-domain.h index 47ed784..4fe381e 100644 --- a/libvirt-gobject/libvirt-gobject-domain.h +++ b/libvirt-gobject/libvirt-gobject-domain.h @@ -332,6 +332,10 @@ gboolean gvir_domain_open_graphics(GVirDomain *dom, int fd, unsigned int flags, GError **err); +int gvir_domain_open_graphics_fd(GVirDomain *dom, + guint idx, + unsigned int flags, + GError **err); gboolean gvir_domain_suspend (GVirDomain *dom, GError **err); diff --git a/libvirt-gobject/libvirt-gobject.sym b/libvirt-gobject/libvirt-gobject.sym index d18769b..927cad9 100644 --- a/libvirt-gobject/libvirt-gobject.sym +++ b/libvirt-gobject/libvirt-gobject.sym @@ -260,4 +260,9 @@ LIBVIRT_GOBJECT_0.1.9 { gvir_stream_io_condition_get_type; } LIBVIRT_GOBJECT_0.1.5; +LIBVIRT_GOBJECT_0.2.0 { + global: + gvir_domain_open_graphics_fd; +} LIBVIRT_GOBJECT_0.1.9; + # .... define new API here using predicted next version number .... -- 2.1.0

2 1

[libvirt] [PATCH] network: Fix upgrade from libvirt older than 1.2.4
by Jiri Denemark 27 Nov '14

27 Nov '14

Starting from libvirt-1.2.4, network state XML files moved to another directory (see commit b9e95491) and libvirt automatically migrates the network state files to a new location. However, the code used dirent.dt_type which is not supported by all filesystems. Thus, when libvirt is upgraded on a host which uses such filesystem, network state XMLs were not properly moved and running networks disappeared from libvirt. This patch falls back to stat() whenever dirent.dt_type is DT_UNKNOWN to fix this issue. https://bugzilla.redhat.com/show_bug.cgi?id=1167145 Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com> --- src/network/bridge_driver.c | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 6cb421c..7066dfe 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -499,15 +499,34 @@ networkMigrateStateFiles(void) } while ((direrr = virDirRead(dir, &entry, oldStateDir)) > 0) { + if (entry->d_type != DT_UNKNOWN && + entry->d_type != DT_REG) + continue; - if (entry->d_type != DT_REG || - STREQ(entry->d_name, ".") || + if (STREQ(entry->d_name, ".") || STREQ(entry->d_name, "..")) continue; if (virAsprintf(&oldPath, "%s/%s", oldStateDir, entry->d_name) < 0) goto cleanup; + + if (entry->d_type == DT_UNKNOWN) { + struct stat st; + + if (stat(oldPath, &st) < 0) { + virReportSystemError(errno, + _("failed to stat network status file '%s'"), + oldPath); + goto cleanup; + } + + if (!S_ISREG(st.st_mode)) { + VIR_FREE(oldPath); + continue; + } + } + if (virFileReadAll(oldPath, 1024*1024, &contents) < 0) goto cleanup; -- 2.1.3

2 2

[libvirt] [PATCH] qemu: add tun devices to cgroup ACL
by rongqing.li＠windriver.com 27 Nov '14

27 Nov '14

From: Roy Li <rongqing.li(a)windriver.com> When systemd is used as init, CGroup will be enabled by default, and lead to virsh unable to start VM(which is using the tun/tap), since virsh can not access /dev/net/tun device Signed-off-by: Roy Li <rongqing.li(a)windriver.com> --- src/qemu/qemu.conf | 3 ++- src/qemu/qemu_cgroup.c | 2 +- src/qemu/test_libvirtd_qemu.aug.in | 1 + 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index c6db568..225cd0f 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -272,7 +272,8 @@ # "/dev/null", "/dev/full", "/dev/zero", # "/dev/random", "/dev/urandom", # "/dev/ptmx", "/dev/kvm", "/dev/kqemu", -# "/dev/rtc","/dev/hpet", "/dev/vfio/vfio" +# "/dev/rtc","/dev/hpet", "/dev/vfio/vfio", +# "/dev/net/tun" #] # # RDMA migration requires the following extra files to be added to the list: diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index 0e94cae..7c15c07 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -45,7 +45,7 @@ static const char *const defaultDeviceACL[] = { "/dev/random", "/dev/urandom", "/dev/ptmx", "/dev/kvm", "/dev/kqemu", "/dev/rtc", "/dev/hpet", "/dev/vfio/vfio", - NULL, + "/dev/net/tun", NULL, }; #define DEVICE_PTY_MAJOR 136 #define DEVICE_SND_MAJOR 116 diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qemu.aug.in index 30fd27e..2ab7a8d 100644 --- a/src/qemu/test_libvirtd_qemu.aug.in +++ b/src/qemu/test_libvirtd_qemu.aug.in @@ -48,6 +48,7 @@ module Test_libvirtd_qemu = { "9" = "/dev/rtc" } { "10" = "/dev/hpet" } { "11" = "/dev/vfio/vfio" } + { "12" = "/dev/net/tun" } } { "save_image_format" = "raw" } { "dump_image_format" = "raw" } -- 2.1.0

1 0

[libvirt] Cloning libvirt
by Kevin Wilson 27 Nov '14

27 Nov '14

Hi, According to the web page you can clone libvirt by: git clone git://libvirt.org/libvirt.git There are places which block access via git connection, but permit git clone by http/https. So my question is: is there also an http/https server from which you can clone it ? Regards, Kevin

2 1

[libvirt] [PATCH 0/2] Testcase fixes for nwfilter.
by Prerna Saxena 27 Nov '14

27 Nov '14

This series adds fixes for nwfilter testcases. Patch 1/2 : Flips result reporting for tests/nwfilterebiptablestest.c in line with other tests. Patch 2/2 : Makes nwfilter testcases more resilient to the presence of locking flags, introduced by Commit dc33e6e4a5a5d42 Prerna Saxena (2): tests : Fix failure reporting for tests/nwfilterebiptablestest.c Tests : Make nwfilter testcases robust against optional locking flags. tests/nwfilterebiptablestest.c | 35 ++++++++++++++--------- tests/nwfilterxml2firewalltest.c | 3 ++ tests/testutils.c | 62 ++++++++++++++++++++++++++++++++++++++++ tests/testutils.h | 6 ++++ 4 files changed, 92 insertions(+), 14 deletions(-) Regards, -- Prerna Saxena Linux Technology Centre, IBM Systems and Technology Lab, Bangalore, India

3 9

[libvirt] [PATCH] test: fix nwfilter tests following changes in virfirewall.c
by Stefan Berger 27 Nov '14

27 Nov '14

Some of the nwfilter tests are now failing since --concurrent shows up in the ebtables command. To avoid this, implement a few functions that allow to set the booleans indicating how the locking is to be done to false, overriding the probing. Signed-off-by: Stefan Berger <stefanb(a)linux.vnet.ibm.com> --- src/libvirt_private.syms | 3 +++ src/util/virfirewall.c | 18 ++++++++++++++++++ src/util/virfirewall.h | 4 ++++ tests/nwfilterebiptablestest.c | 5 +++++ tests/nwfilterxml2firewalltest.c | 4 ++++ 5 files changed, 34 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 2647d36..376826a 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1353,7 +1353,10 @@ virFindFileInPath; virFirewallAddRule; virFirewallAddRuleFull; virFirewallApply; +virFirewallEbtablesNotUseLock; virFirewallFree; +virFirewallIp6tablesNotUseLock; +virFirewallIptablesNotUseLock; virFirewallNew; virFirewallRemoveRule; virFirewallRuleAddArg; diff --git a/src/util/virfirewall.c b/src/util/virfirewall.c index 8496062..5df2a5f 100644 --- a/src/util/virfirewall.c +++ b/src/util/virfirewall.c @@ -108,6 +108,24 @@ static bool iptablesUseLock; static bool ip6tablesUseLock; static bool ebtablesUseLock; +void +virFirewallIptablesNotUseLock(void) +{ + iptablesUseLock = false; +} + +void +virFirewallIp6tablesNotUseLock(void) +{ + ip6tablesUseLock = false; +} + +void +virFirewallEbtablesNotUseLock(void) +{ + ebtablesUseLock = false; +} + static void virFirewallCheckUpdateLock(bool *lockflag, const char *const*args) diff --git a/src/util/virfirewall.h b/src/util/virfirewall.h index 1129219..aa72a76 100644 --- a/src/util/virfirewall.h +++ b/src/util/virfirewall.h @@ -106,4 +106,8 @@ void virFirewallStartRollback(virFirewallPtr firewall, int virFirewallApply(virFirewallPtr firewall); +void virFirewallIptablesNotUseLock(void); +void virFirewallIp6tablesNotUseLock(void); +void virFirewallEbtablesNotUseLock(void); + #endif /* __VIR_FIREWALL_H__ */ diff --git a/tests/nwfilterebiptablestest.c b/tests/nwfilterebiptablestest.c index e04bc21..e18a6c7 100644 --- a/tests/nwfilterebiptablestest.c +++ b/tests/nwfilterebiptablestest.c @@ -24,6 +24,7 @@ #include "testutils.h" #include "nwfilter/nwfilter_ebiptables_driver.h" #include "virbuffer.h" +#include "virfirewall.h" #define __VIR_FIREWALL_PRIV_H_ALLOW__ #include "virfirewallpriv.h" @@ -527,6 +528,10 @@ mymain(void) goto cleanup; } + virFirewallEbtablesNotUseLock(); + virFirewallIptablesNotUseLock(); + virFirewallIp6tablesNotUseLock(); + if (virtTestRun("ebiptablesAllTeardown", testNWFilterEBIPTablesAllTeardown, NULL) < 0) diff --git a/tests/nwfilterxml2firewalltest.c b/tests/nwfilterxml2firewalltest.c index 01527f4..f6ef0e0 100644 --- a/tests/nwfilterxml2firewalltest.c +++ b/tests/nwfilterxml2firewalltest.c @@ -479,6 +479,10 @@ mymain(void) goto cleanup; } + virFirewallEbtablesNotUseLock(); + virFirewallIptablesNotUseLock(); + virFirewallIp6tablesNotUseLock(); + DO_TEST("ah"); DO_TEST("ah-ipv6"); DO_TEST("all"); -- 1.9.3

2 1