September 2014 - Devel - libvirt List Archives

Re: [libvirt] [PATCH virt-manager] details: Add UI for enabling UEFI via 'customize before install'
by Laszlo Ersek 25 Sep '14

25 Sep '14

Hi Cole and Michal, I'm attaching three patches: On 09/20/14 02:37, Cole Robinson wrote: > On 09/17/2014 06:55 PM, Cole Robinson wrote: >> We expose a simple combobox with two entries: BIOS, and UEFI. The >> UEFI option is only selectable if 1) libvirt supports the necessary >> domcapabilities bits, 2) it detects that qemu supports the necessary >> command line options, and 3) libvirt detects a UEFI binary on the >> host that maps to a known template via qemu.conf >> >> If those conditions aren't met, we disable the UEFI option, and show >> a small warning icon with an explanatory tooltip. >> >> The option can only be changed via New VM->Customize Before Install. >> For existing x86 VMs, it's a readonly label. > > I've pushed this now, with follow up patches to handle a couple points > we discussed: > > - Remove the nvram deletion from delete.py, since it won't work in the > non-root case, and all uses of nvram should also be with a libvirt + > driver that provides UNDEFINE_NVRAM > > - Before using UNDEFINE_NVRAM, match the same condition that libvirt > uses: loader_ro is True and loader_type == "pflash" and bool(nvram) (1) unfortunately virt-manager commit 3feedb76 ("domain: Match UNDEFINE_NVRAM conditions with libvirt") is not correct (it doesn't work), and not what I had in mind: > diff --git a/virtManager/domain.py b/virtManager/domain.py > index 29f3861..abf3146 100644 > --- a/virtManager/domain.py > +++ b/virtManager/domain.py > @@ -1403,7 +1403,9 @@ class vmmDomain(vmmLibvirtObject): > flags |= getattr(libvirt, > "VIR_DOMAIN_UNDEFINE_SNAPSHOTS_METADATA", 0) > flags |= getattr(libvirt, "VIR_DOMAIN_UNDEFINE_MANAGED_SAVE", 0) > - if self.get_xmlobj().os.nvram: > + if (self.get_xmlobj().os.loader_ro is True and > + self.get_xmlobj().os.loader_type == "pflash" and > + self.get_xmlobj().os.nvram): > flags |= getattr(libvirt, "VIR_DOMAIN_UNDEFINE_NVRAM", 0) > try: > self._backend.undefineFlags(flags) Before virt-manager commit 3feedb76, the condition on which to set the flag was: self.get_xmlobj().os.nvram and it didn't work for all possible cases. After the patch, what you have is self.get_xmlobj().os.nvram *and* blah The commit only constrains (further tightens, further restricts) the original condition, which had been too restrictive to begin with. Again, the nvram element (or its text() child) can be completely absent from the domain XML -- libvirtd will generate the pathname of the varstore file on the fly, and it need not be part of the serialized XML file. So in the XML all you'll have is <os> <type arch='x86_64' machine='pc-i440fx-rhel7.0.0'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <boot dev='cdrom'/> </os> or <os> <type arch='x86_64' machine='pc-i440fx-rhel7.0.0'>hvm</type> <loader readonly='yes' type='pflash'>/custom/OVMF_CODE.fd</loader> <nvram template='/custom/OVMF_VARS.fd'/> <boot dev='cdrom'/> </os> My suggestion was to *replace* the original condition with the (loader_ro && loader_type=="pflash") one. If you check my earlier message, I wrote *iff*, meaning "if and only if". Cole, can you please apply the first attached patch? (2) Unfortunately, even libvirtd needs to be modified, in addition. My patch for (1) *does* pass VIR_DOMAIN_UNDEFINE_NVRAM to libvirtd (I verified that with gdb), but libvirtd doesn't act upon it correctly. Namely, in the libvirtd source code, in qemuDomainUndefineFlags(), commit 273b6581 added: if (!virDomainObjIsActive(vm) && vm->def->os.loader && vm->def->os.loader->nvram && virFileExists(vm->def->os.loader->nvram)) { if (!(flags & VIR_DOMAIN_UNDEFINE_NVRAM)) { virReportError(VIR_ERR_OPERATION_INVALID, "%s", _("cannot delete inactive domain with nvram")); goto cleanup; } if (unlink(vm->def->os.loader->nvram) < 0) { virReportSystemError(errno, _("failed to remove nvram: %s"), vm->def->os.loader->nvram); goto cleanup; } } Here "vm->def->os.loader->nvram" evaluates to NULL: 6468 if (!virDomainObjIsActive(vm) && 6469 vm->def->os.loader && vm->def->os.loader->nvram && 6470 virFileExists(vm->def->os.loader->nvram)) { 6471 if (!(flags & VIR_DOMAIN_UNDEFINE_NVRAM)) { 6472 virReportError(VIR_ERR_OPERATION_INVALID, "%s", (gdb) print vm->def->os.loader $1 = (virDomainLoaderDefPtr) 0x7ff59c00bf20 (gdb) print vm->def->os.loader->nvram $2 = 0x0 I thought that the auto-generation of the nvram pathname (internal to libvirtd, ie. not visible in the XML file) would occur on the undefine path as well. Apparently this is not the case. Indeed, the only call to qemuPrepareNVRAM() is from qemuProcessStart(). Michal, would it be possible generate the *pathname* of the separate varstore in qemuDomainUndefineFlags() too? Please see the second attached patch; it works for me. (This patch is best looked at with "git diff -b" (or "git show -b").) (3) I just realized that a domain's name can change during its lifetime. Renaming a domain becomes a problem when the varstore's pathname is deduced from the domain's name. For this reason, the auto-generation should use the domain's UUID (which never changes). Michal, what do you think of the 3rd attached patch? I can resubmit these as standalone patches / series as well (the first to virt-tools-list, and the last two to libvir-list), if that's necessary. Thanks, Laszlo

3 5

[libvirt] [PATCH v4 0/2] parallels: use parallels SDK instead of prlctl tool
by Dmitry Guryanov 25 Sep '14

25 Sep '14

This patchset begins reworking of parallels driver. We have published Opensource version of parallels SDK (under LGPL license), so libvirt can link with it. Changes in v4: * Remove reference counting for PrlApi_InitEx and PrlApi_Deinit * remove Parallels SDK prefix in log messages * rename 'out' labels to 'cleanup' Dmitry Guryanov (2): parallels: build with parallels SDK parallels: login to parallels SDK configure.ac | 24 ++-- po/POTFILES.in | 1 + src/Makefile.am | 8 +- src/parallels/parallels_driver.c | 16 ++- src/parallels/parallels_sdk.c | 241 +++++++++++++++++++++++++++++++++++++++ src/parallels/parallels_sdk.h | 30 +++++ src/parallels/parallels_utils.h | 4 + 7 files changed, 310 insertions(+), 14 deletions(-) create mode 100644 src/parallels/parallels_sdk.c create mode 100644 src/parallels/parallels_sdk.h -- 1.9.3

2 4

[libvirt] [PATCH] storage: Fix logical pool fmt type unknown->auto
by Erik Skultety 25 Sep '14

25 Sep '14

According to our documentation logical pool supports formats 'auto' and 'lvm2'. However, in storage_conf.c we prevously defined storage pool formats: unknown, lvm2. Format 'auto' does make more sense than format 'unknown', so we should probably stay consistent with the documentation Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1123767 --- src/conf/storage_conf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/conf/storage_conf.c b/src/conf/storage_conf.c index 36696a4..75004fe 100644 --- a/src/conf/storage_conf.c +++ b/src/conf/storage_conf.c @@ -81,7 +81,7 @@ VIR_ENUM_IMPL(virStoragePoolFormatDisk, VIR_ENUM_IMPL(virStoragePoolFormatLogical, VIR_STORAGE_POOL_LOGICAL_LAST, - "unknown", "lvm2") + "auto", "lvm2") VIR_ENUM_IMPL(virStorageVolFormatDisk, -- 1.9.3

4 3

[libvirt] [PATCH 0/6] Post-copy live migration support
by Cristian Klein 25 Sep '14

25 Sep '14

Qemu currently implements pre-copy live migration. VM memory pages are first copied from the source hypervisor to the destination, potentially multiple times as pages get dirtied during transfer, then VCPU state is migrated. Unfortunately, if the VM dirties memory faster than the network bandwidth, then pre-copy cannot finish. `virsh` currently includes an option to suspend a VM after a timeout, so that migration may finish, but at the expense of downtime. A future version of qemu will implement post-copy live migration. The VCPU state is first migrated to the destination hypervisor, then memory pages are pulled from the source hypervisor. Post-copy has the potential to do migration with zero-downtime, despite the VM dirtying pages fast, with minimum performance impact. On the other hand, one post-copy is in progress, any network failure would render the VM unusable, as its memory is partitioned between the source and destination hypervisor. Therefore, post-copy should only be used when necessary. Post-copy migration in qemu will work as follows: (1) The `x-postcopy-ram` migration capability needs to be set. (2) Migration is started. (3) When the user decides so, post-copy migration is activated by sending the `migrate-start-postcopy` command. Qemu acknowledges by setting migration status to `postcopy-active`. Cristian Klein (6): Added qemu postcopy-active migration status Added public API to enable post-copy migration Added new public API virDomainMigrateStartPostCopy Added domainMigrateStartPostCopy in qemu driver Added domainMigrateStartPostCopy in remote driver virsh: added migrate --postcopy-after include/libvirt/libvirt.h.in | 3 ++ src/driver.h | 4 +++ src/libvirt.c | 44 +++++++++++++++++++++++++++ src/libvirt_public.syms | 5 +++ src/qemu/qemu_driver.c | 44 +++++++++++++++++++++++++++ src/qemu/qemu_migration.c | 44 +++++++++++++++++++++++++++ src/qemu/qemu_migration.h | 3 +- src/qemu/qemu_monitor.c | 21 ++++++++++++- src/qemu/qemu_monitor.h | 3 ++ src/qemu/qemu_monitor_json.c | 21 ++++++++++++- src/qemu/qemu_monitor_json.h | 1 + src/qemu/qemu_monitor_text.c | 14 ++++++++- src/qemu/qemu_monitor_text.h | 2 ++ src/remote/remote_driver.c | 1 + src/remote/remote_protocol.x | 12 +++++++- tools/virsh-domain.c | 72 ++++++++++++++++++++++++++++++++++++++++++-- tools/virsh.pod | 5 +++ 17 files changed, 292 insertions(+), 7 deletions(-) -- 1.9.1

6 27

[libvirt] [PATCH] virnetserver: Raise log level of max_clients related messages
by Michal Privoznik 25 Sep '14

25 Sep '14

We have these configuration knobs, like max_clients and max_anonymous_clients. They limit the number of clients connected. Whenever the limit is reached, the daemon stops accepting new ones and resumes if one of the connected clients disconnects. If that's the case, a debug message is printed into the logs. And when the daemon starts over to accept new clients too. However, the problem is the messages have debug priority. This may be unfortunate, because if the daemon stops accepting new clients all of a sudden, and users don't have debug logs enabled they have no idea what's going on. Raise the messages level to INFO at least. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- src/rpc/virnetserver.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/rpc/virnetserver.c b/src/rpc/virnetserver.c index 7e3fc0a..762c185 100644 --- a/src/rpc/virnetserver.c +++ b/src/rpc/virnetserver.c @@ -285,14 +285,14 @@ static int virNetServerAddClient(virNetServerPtr srv, if (srv->nclients_unauth_max && srv->nclients_unauth == srv->nclients_unauth_max) { /* Temporarily stop accepting new clients */ - VIR_DEBUG("Temporarily suspending services " - "due to max_anonymous_clients"); + VIR_INFO("Temporarily suspending services " + "due to max_anonymous_clients"); virNetServerUpdateServicesLocked(srv, false); } if (srv->nclients == srv->nclients_max) { /* Temporarily stop accepting new clients */ - VIR_DEBUG("Temporarily suspending services due to max_clients"); + VIR_INFO("Temporarily suspending services due to max_clients"); virNetServerUpdateServicesLocked(srv, false); } @@ -1080,7 +1080,7 @@ virNetServerCheckLimits(virNetServerPtr srv) (!srv->nclients_unauth_max || srv->nclients_unauth < srv->nclients_unauth_max)) { /* Now it makes sense to accept() a new client. */ - VIR_DEBUG("Re-enabling services"); + VIR_INFO("Re-enabling services"); virNetServerUpdateServicesLocked(srv, true); } } -- 1.8.5.5

2 1

[libvirt] [PATCH 0/7] Improve performance of polkit checks
by Daniel P. Berrange 25 Sep '14

25 Sep '14

This series improves the performance of the polkit driver by switching from use of the pk-check command, to the DBus APIs. As a convenient side effect, this means we are no longer vulnerable to CVE-2013-4311, on any polkit version, since we no longer need pk-check (which is what had the flaw). In terms of performance, with access control checking turned on for all APIs, the time to list 100 VMs dropps from 2.7 secs to 1 sec on my machine. To improve on this further, we would need to find a way to parallelize the issuing of DBus calls for each VM, instead of serialize the access checks. Daniel P. Berrange (7): Add common API for doing polkit authentication Add typesafe APIs for virIdentity attributes Convert callers to use typesafe APIs for setting identity attrs Convert callers to use typesafe APIs for getting identity attrs Convert remote daemon & acl code to use polkit API Support passing dict by reference for dbus messages Convert polkit code to use DBus API instead of CLI helper cfg.mk | 3 + daemon/remote.c | 235 ++---------------------- include/libvirt/virterror.h | 2 + po/POTFILES.in | 2 + src/Makefile.am | 1 + src/access/viraccessdriverpolkit.c | 97 ++++------ src/libvirt_private.syms | 22 +++ src/rpc/virnetserverclient.c | 115 +++--------- src/util/virdbus.c | 274 +++++++++++++++++++--------- src/util/virerror.c | 2 + src/util/viridentity.c | 320 +++++++++++++++++++++++++++------ src/util/viridentity.h | 40 +++++ src/util/virpolkit.c | 255 ++++++++++++++++++++++++++ src/util/virpolkit.h | 34 ++++ src/util/virstring.c | 14 ++ src/util/virstring.h | 2 + tests/Makefile.am | 9 +- tests/virdbustest.c | 218 +++++++++++++++++++++- tests/virpolkittest.c | 360 +++++++++++++++++++++++++++++++++++++ 19 files changed, 1485 insertions(+), 520 deletions(-) create mode 100644 src/util/virpolkit.c create mode 100644 src/util/virpolkit.h create mode 100644 tests/virpolkittest.c -- 1.9.3

3 11

[libvirt] [PATCH] conf: report error in virCPUDefParseXML
by Jincheng Miao 25 Sep '14

25 Sep '14

When detected invalid 'memAccess', virCPUDefParseXML should report error. Resolves https://bugzilla.redhat.com/show_bug.cgi?id=1146334 Signed-off-by: Jincheng Miao <jmiao(a)redhat.com> --- src/conf/cpu_conf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/conf/cpu_conf.c b/src/conf/cpu_conf.c index 116aa58..a1081b9 100644 --- a/src/conf/cpu_conf.c +++ b/src/conf/cpu_conf.c @@ -510,13 +510,13 @@ virCPUDefParseXML(xmlNodePtr node, def->cells[cur_cell].memAccess = virMemAccessTypeFromString(memAccessStr); - if (def->cells[cur_cell].memAccess <= 0) { + if ((int)def->cells[cur_cell].memAccess <= 0) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("Invalid 'memAccess' attribute " "value '%s'"), memAccessStr); VIR_FREE(memAccessStr); - goto cleanup; + goto error; } VIR_FREE(memAccessStr); } -- 1.9.3

3 4

[libvirt] [PATCH v2] polkit_driver: fix possible segfault
by Pavel Hrdina 25 Sep '14

25 Sep '14

The changes in commit c7542573 introduced possible segfault. Looking deeper into the code and the original code before the patch series were applied I think that we should report error for each function failure and also we shouldn't call some of the function twice. Found by coverity. Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com> --- src/access/viraccessdriverpolkit.c | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/src/access/viraccessdriverpolkit.c b/src/access/viraccessdriverpolkit.c index 2bc1842..3136be7 100644 --- a/src/access/viraccessdriverpolkit.c +++ b/src/access/viraccessdriverpolkit.c @@ -87,24 +87,22 @@ virAccessDriverPolkitGetCaller(const char *actionid, actionid); return -1; } - if (virIdentityGetUNIXProcessID(identity, pid) < 0) - goto cleanup; - if (virIdentityGetUNIXProcessTime(identity, startTime) < 0) - goto cleanup; - if (virIdentityGetUNIXUserID(identity, uid) < 0) - goto cleanup; - if (!pid) { + if (virIdentityGetUNIXProcessID(identity, pid) < 0) { virAccessError(VIR_ERR_INTERNAL_ERROR, "%s", _("No UNIX process ID available")); goto cleanup; } - - if (virIdentityGetUNIXProcessTime(identity, startTime) < 0) + if (virIdentityGetUNIXProcessTime(identity, startTime) < 0) { + virAccessError(VIR_ERR_INTERNAL_ERROR, "%s", + _("No UNIX process start time available")); goto cleanup; - - if (virIdentityGetUNIXUserID(identity, uid) < 0) + } + if (virIdentityGetUNIXUserID(identity, uid) < 0) { + virAccessError(VIR_ERR_INTERNAL_ERROR, "%s", + _("No UNIX caller UID available")); goto cleanup; + } ret = 0; -- 1.8.5.5

2 2

[libvirt] [PATCHv5 0/8] bulk stats: QEMU implementation
by Francesco Romani 25 Sep '14

25 Sep '14

This patchset enhances the QEMU support for the new bulk stats API to include equivalents of these APIs: virDomainBlockInfo virDomainGetInfo - for balloon stats virDomainGetCPUStats virDomainBlockStatsFlags virDomainInterfaceStats virDomainGetVcpusFlags virDomainGetVcpus This subset of API is the one oVirt relies on. Scale/stress test on an oVirt test environment is in progress. The patchset is organized as follows: - the first patch enhances the internal stats gathering API to accomodate the needs of the groups which extract information using QEMU monitor jobs. - the next five patches implement the bulk stats groups, extracting helpers where do refactoring to extract internal helpers every time it is feasible and convenient. - the seventh patch enhances the virsh domstats command with options to use the new bulk stats. - the last patch enhances the block stats group adding the wr_highest_offset information, needed by oVirt for thin provisioned disks. ChangeLog v5: address reviewer's comment - Eric pointed out a possible flaw in balloon stats if QEMU monitor needs to be queried. A proper fix require further discussion and API changes (possbily just a new flag); However, since the balloon event is available in QEMU >= 1.2, I just dropped the query and relied on the event instead. Support for older QEMUs will be reintroduced, if needed, with following patches. - fix: per-domain monitor check and reporting. (pointed out by Peter) - reset last error when fail silently. (pointed out by Peter) v4: address reviewer's comment - addressed reviewers comments (Peter, Wang Rui). - pushed domain check into group stats functions. This follows the strategy to gather and report as much data as possible, silently skipping errors along the way. - moved the block allocation patch to the end of the series. v3: more polishing and fixes after first review - addressed Eric's comments. - squashed patches which extracts helpers with patches which use them. - changed gathering strategy: now code tries to reap as much information as possible instead to give up and bail out with error. Only critical errors cause the bulk stats to fail. - moved away from the transfer semantics. I find it error-prone and not flexible enough, I'd like to avoid as much as possible. - rearranged helpers to have one single QEMU query job with many monitor jobs nested inside. - fixed docs. - implemented missing virsh domstats bits. in v2: polishing and optimizations. - incorporated feedback from Li Wei (thanks). - added documentation. - optimized block group to gather all the information with just one call to QEMU monitor. - stripped to bare bones merged the 'block info' group into the 'block' group - oVirt actually needs just one stat from there. - reorganized the keys to be more consistent and shorter. Francesco Romani (8): qemu: bulk stats: extend internal collection API qemu: bulk stats: implement CPU stats group qemu: bulk stats: implement balloon group qemu: bulk stats: implement VCPU group qemu: bulk stats: implement interface group qemu: bulk stats: implement block group virsh: add options to query bulk stats group qemu: bulk stats: add block allocation information include/libvirt/libvirt.h.in | 5 + src/libvirt.c | 61 +++++ src/qemu/qemu_driver.c | 530 +++++++++++++++++++++++++++++++++++++------ src/qemu/qemu_monitor.c | 26 +++ src/qemu/qemu_monitor.h | 21 ++ src/qemu/qemu_monitor_json.c | 227 +++++++++++++----- src/qemu/qemu_monitor_json.h | 4 + tools/virsh-domain-monitor.c | 35 +++ tools/virsh.pod | 4 +- 9 files changed, 777 insertions(+), 136 deletions(-) -- 1.9.3

4 26

[libvirt] [PATCH] polkit_driver: fix possible segfault
by Pavel Hrdina 25 Sep '14

25 Sep '14

The changes in commit c7542573 introduced a segfault. Found by coverity. Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com> --- src/access/viraccessdriverpolkit.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/access/viraccessdriverpolkit.c b/src/access/viraccessdriverpolkit.c index 2bc1842..2fd4fed 100644 --- a/src/access/viraccessdriverpolkit.c +++ b/src/access/viraccessdriverpolkit.c @@ -87,6 +87,12 @@ virAccessDriverPolkitGetCaller(const char *actionid, actionid); return -1; } + if (!pid) { + virAccessError(VIR_ERR_INTERNAL_ERROR, "%s", + _("No UNIX process ID available")); + goto cleanup; + } + if (virIdentityGetUNIXProcessID(identity, pid) < 0) goto cleanup; if (virIdentityGetUNIXProcessTime(identity, startTime) < 0) @@ -94,12 +100,6 @@ virAccessDriverPolkitGetCaller(const char *actionid, if (virIdentityGetUNIXUserID(identity, uid) < 0) goto cleanup; - if (!pid) { - virAccessError(VIR_ERR_INTERNAL_ERROR, "%s", - _("No UNIX process ID available")); - goto cleanup; - } - if (virIdentityGetUNIXProcessTime(identity, startTime) < 0) goto cleanup; -- 1.8.5.5

3 3