[libvirt] [PATCH] virNetDevMacVLanTapSetup: Drop @multiqueue argument
by Michal Privoznik
Firstly, there's a bug (or typo) in the only place where we call
this function: @multiqueue is set whenever @tapfdSize is greater
than zero, while in fact the condition should have been 'greater
than one'.
Then, secondly, since the condition depends on just one
variable, that we are even passing down to the function, we can
move the condition into the function and drop useless argument.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/util/virnetdevmacvlan.c | 17 ++++++++---------
1 file changed, 8 insertions(+), 9 deletions(-)
diff --git a/src/util/virnetdevmacvlan.c b/src/util/virnetdevmacvlan.c
index 8fc71af..496416e 100644
--- a/src/util/virnetdevmacvlan.c
+++ b/src/util/virnetdevmacvlan.c
@@ -289,12 +289,11 @@ virNetDevMacVLanTapOpen(const char *ifname,
* @tapfd: array of file descriptors of the macvtap tap
* @tapfdSize: number of file descriptors in @tapfd
* @vnet_hdr: whether to enable or disable IFF_VNET_HDR
- * @multiqueue: whether to enable or disable IFF_MULTI_QUEUE
*
- * Turn on the IFF_VNET_HDR flag if requested and available, but make sure it's
- * off otherwise. Similarly, turn on IFF_MULTI_QUEUE if requested, but if it
- * can't be set, consider it a fatal error (rather than ignoring as with
- * @vnet_hdr).
+ * Turn on the IFF_VNET_HDR flag if requested and available, but make sure
+ * it's off otherwise. Similarly, turn on IFF_MULTI_QUEUE if @tapfdSize is
+ * greater than one, but if it can't be set, consider it a fatal error
+ * (rather than ignoring as with @vnet_hdr).
*
* A fatal error is defined as the VNET_HDR flag being set but it cannot
* be turned off for some reason. This is reported with -1. Other fatal
@@ -304,7 +303,7 @@ virNetDevMacVLanTapOpen(const char *ifname,
* Returns 0 on success, -1 in case of fatal error.
*/
static int
-virNetDevMacVLanTapSetup(int *tapfd, size_t tapfdSize, bool vnet_hdr, bool multiqueue)
+virNetDevMacVLanTapSetup(int *tapfd, size_t tapfdSize, bool vnet_hdr)
{
unsigned int features;
struct ifreq ifreq;
@@ -335,12 +334,12 @@ virNetDevMacVLanTapSetup(int *tapfd, size_t tapfdSize, bool vnet_hdr, bool multi
}
# ifdef IFF_MULTI_QUEUE
- if (multiqueue)
+ if (tapfdSize > 1)
new_flags |= IFF_MULTI_QUEUE;
else
new_flags &= ~IFF_MULTI_QUEUE;
# else
- if (multiqueue) {
+ if (tapfdSize > 1) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("Multiqueue devices are not supported on this system"));
return -1;
@@ -870,7 +869,7 @@ int virNetDevMacVLanCreateWithVPortProfile(const char *tgifname,
if (virNetDevMacVLanTapOpen(cr_ifname, tapfd, tapfdSize, 10) < 0)
goto disassociate_exit;
- if (virNetDevMacVLanTapSetup(tapfd, tapfdSize, vnet_hdr, tapfdSize > 0) < 0) {
+ if (virNetDevMacVLanTapSetup(tapfd, tapfdSize, vnet_hdr) < 0) {
VIR_FORCE_CLOSE(rc); /* sets rc to -1 */
goto disassociate_exit;
}
--
2.4.10
9 years, 4 months
[libvirt] [PATCH v2 0/7] Add multiqueue support for macvtaps
by Michal Privoznik
Patches 1, 2, 3, 6, 7 have been ACKed in previous round. However, I did
slightly change them to reflect Laine's review suggestions.
Patch 4 has not been ACKed yet, patch 5 is new.
Michal Privoznik (7):
virNetDevMacVLanCreateWithVPortProfile: Turn vnet_hdr into flag
virNetDevMacVLanTapOpen: Slightly rework
virNetDevMacVLanTapOpen: Rework to support multiple FDs
virNetDevMacVLanTapSetup: Rework to support multiple FDs
virNetDevMacVLanTapSetup: Allow enabling of IFF_MULTI_QUEUE
virNetDevMacVLanCreateWithVPortProfile: Rework to support multiple FDs
qemu: Enable multiqueue for macvtaps
src/lxc/lxc_process.c | 3 +-
src/qemu/qemu_command.c | 65 ++++++++++------
src/qemu/qemu_command.h | 2 +
src/qemu/qemu_hotplug.c | 16 ++--
src/util/virnetdevmacvlan.c | 185 ++++++++++++++++++++++----------------------
src/util/virnetdevmacvlan.h | 7 +-
6 files changed, 153 insertions(+), 125 deletions(-)
--
2.4.10
9 years, 4 months
[libvirt] how to pass qemu drive option
by Vasiliy Tolstov
I want to pass to my drive detect-zeros=on how can i do that in libvirt?
I'm use lvm with virtio-scsi for sda disk.
--
Vasiliy Tolstov,
e-mail: v.tolstov(a)selfip.ru
9 years, 4 months
[libvirt] [PATCH] qemu_agent: fix deadlock in qemuProcessHandleAgentEOF
by Wang Yufei
We shutdown a VM A by qemu agent,meanwhile an agent EOF
of VM A happened, there's a chance that deadlock occurred:
qemuProcessHandleAgentEOF in main thread
A) priv->agent = NULL; //A happened before B
//deadlock when we get agent lock which's held by worker thread
qemuAgentClose(agent);
qemuDomainObjExitAgent called by qemuDomainShutdownFlags in worker thread
B) hasRefs = virObjectUnref(priv->agent); //priv->agent is NULL, return false
if (hasRefs)
virObjectUnlock(priv->agent); //agent lock will not be released here
So I close agent first, then set priv->agent NULL to fix the deadlock.
Signed-off-by: Wang Yufei <james.wangyufei(a)huawei.com>
Reviewed-by: Ren Guannan <renguannan(a)huawei.com>
---
src/qemu/qemu_process.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index f2586a1..8c9622e 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -150,11 +150,10 @@ qemuProcessHandleAgentEOF(qemuAgentPtr agent,
goto unlock;
}
+ qemuAgentClose(agent);
priv->agent = NULL;
virObjectUnlock(vm);
-
- qemuAgentClose(agent);
return;
unlock:
--
1.8.3.4
9 years, 4 months
[libvirt] Release of libvirt-1.3.0
by Daniel Veillard
So as planned, I tagged the release in git and pushed signed tarball and
rpms to the usual place:
ftp://libvirt.org/libvirt
I also pushed the associated python release for 1.3.0 though there was no
actual code change except numbering:
ftp://libvirt.org/libvirt/python
The bump in version minor number comes from the addition of the administration
API which nearly made it in 1.2.17 in the summer but was postponed since. That
is backed up by serious improvement in virtio support and logging. As usual
that release carries a sigificant amount of fixes and smaller improvements too:
Features:
- virt-admin and administration API (Erik Skultety, Martin Kletzander)
- various improvements in virtio devices support (Ján Tomko, Marc-André Lureau)
- log daemon, logging improvements and protocol (Daniel P. Berrange)
Documentation:
- libvirt: Update virDomainSetMemory description (Nikolay Shirokovskiy)
- virt-admin: Provide a man page for virt-admin (Erik Skultety)
- Enhance documentation of virDomainDetachDevice (Jiri Denemark)
- qemu: monitor: Explain logic of qemuMonitorGetCPUInfo (Peter Krempa)
- document virCommandRunRegex function (Christian Loehle)
- libvirt-domain: Fix typo in debug message (Cole Robinson)
- qemu: Explain mlock limit size more in detail (Peter Krempa)
- virsh.pod: improve attach-interface section (Pavel Hrdina)
- virnetdev: Fix function comments for virNetDevGetFeatures (John Ferlan)
- virnetdev: Document reasons for ignoring some SIOCETHTOOL errno values (John Ferlan)
Portability:
- network: selectively disable -Wcast-align in virNetDevParseDadStatus (Ian Campbell)
- log_manager: Include configmake.h last (Michal Privoznik)
- virtlogd: Fix build without DBus (Martin Kletzander)
- virtlogd: use %llu to print 64bit types (Guido Günther)
Bug Fixes:
- qemu: fix memory leak in opening log file (Daniel P. Berrange)
- qemu: Automatic SCSI controller creation in SCSI disk hotplug broken (Boris Fiuczynski)
- qemu: domain: Prevent overflows in memory alignment code (Peter Krempa)
- conf: Revert some code to resolve issues for hostdev hotplug (Boris Fiuczynski)
- virsh: report errors for empty strings (Ján Tomko)
- bridge: check for invalid MAC in networkGetDHCPLeases (Ján Tomko)
- qemu_agent: fix deadlock in qemuProcessHandleAgentEOF (Wang Yufei)
- include: Install libvirt-common.h (Martin Kletzander)
- tools: fix output of list with state-shutoff (Wei Jiangang)
- virlogd: fix crash if log file exists and it's larger the maxlen (Pavel Hrdina)
- systemd: Escape only needed characters for machined (Martin Kletzander)
- logging: remove reference to non-existent augeas files (Daniel P. Berrange)
- virtlockd: fix misc memory leaks and other bugs (Daniel P. Berrange)
- systemd: Escape machine name for machined (Martin Kletzander)
- schema: use a better regex for listen addresses (Ján Tomko)
- apparmor: add missing qemu binaries (Guido Günther)
- storage: Change virStorageBackendVolOpen to use virFileOpenAs (John Ferlan)
- storage: Really fix setting mode for backend exec in NFS root-squash env (John Ferlan)
- qemu: Add ppc64-specific math to qemuDomainGetMlockLimitBytes() (Andrea Bolognani)
- libxl: don't unlock virDomainObj if refcnt is 0 (Jim Fehlig)
- libxl: unref libxlDriverConfig object (Jim Fehlig)
- qemu: Fix build error in Coverity environment (John Ferlan)
- virSetUIDGID: Don't leak supplementary groups (Richard Weinberger)
- locking: Add io_timeout to sanlock (Michal Privoznik)
- libvirt-guests: Disable shutdown timeout (Guido Günther)
- tpm: adapt sysfs cancel path for new TPM driver (Stefan Berger)
- bhyve: monitor: do not override domain's privateData (Roman Bogorodskiy)
- storage: Don't assume storage pool exists for FC/SCSI refresh thread (John Ferlan)
- domain-conf: reorder usb controllers so the master is first (Pavel Hrdina)
- qemu: fix parsing of -sdl arg (Daniel P. Berrange)
- qemu: handle floppy disk bus when parsing command line argv (Daniel P. Berrange)
- qemu: hotplug: Fix mlock limit handling on memory hotplug (Peter Krempa)
- Revert "utils: Remove the logging of errors from virNetDevSendEthtoolIoctl" (Daniel P. Berrange)
- qemu: migration: Actually error out on unsupported migration flag (Peter Krempa)
- qemu: migration: Properly parse memory hotplug migration flag (Peter Krempa)
- network: Remove extraneous ATTRIBUTE_NONNULL for virNetDevWaitDadFinish (John Ferlan)
- virnetdev: Check correct return value for virNetDevFeatureAvailable (John Ferlan)
- storage: On 'buildVol' failure don't delete the volume (John Ferlan)
- Revert "storage: Prior to creating a volume, refresh the pool" (John Ferlan)
- qemu: Fix memory leak in qemuProcessStart (Jiri Denemark)
- qemu: Use correct type when calling qemuPrepareNVRAM (Jiri Denemark)
Improvements:
- Revert "libxl: implement virDomainInterfaceStats" (Jim Fehlig)
- rpm: explicitly enable & start virtlogd on install (Daniel P. Berrange)
- libvirtd: enable virtlockd/virtlogd socket activation on install (Daniel P. Berrange)
- logging: validate flags passed from client in virtlogd (Daniel P. Berrange)
- logging: change log protocol to be more reusable (Daniel P. Berrange)
- logging: preserve driver, dom name & uuid against log file (Daniel P. Berrange)
- qemu: include hostname in QEMU log files (Daniel P. Berrange)
- rotatingfile: mark log files as close-on-exec (Daniel P. Berrange)
- libvirtd: require virtlogd to start before libvirtd (Guido Günther)
- schema: Allow > UINT_MAX KiB of memory for NUMA nodes (Peter Krempa)
- virsh: remove custom error for cpulist from cmdIOThreadPin (Ján Tomko)
- libxl: implement virDomainInterfaceStats (Joao Martins)
- tests: Run virnetdaemontest iff WITH_YAJL (Michal Privoznik)
- admin: Distribute libvirt-admin.conf (Martin Kletzander)
- admin: Rename virAdmConnect to virAdmDaemon (Martin Kletzander)
- spec: Temporarily disable new admin-related files (Martin Kletzander)
- admin: Include admin_remote.c in the dist package (Martin Kletzander)
- build: Create needed folders without dependency tracking (Martin Kletzander)
- util: Avoid variable named 'truncate' shadowing global declaration (Martin Kletzander)
- conf: Split virDomainObjList into a separate file (Michal Privoznik)
- qemu: build command line for virtio-input-host device (Ján Tomko)
- qemu: add passed-through input devs to cgroup ACL (Ján Tomko)
- security: label the evdev for input device passthrough (Ján Tomko)
- conf: add XML for input device passthrough (Ján Tomko)
- qemu: add capability for virtio-input-host-device (Ján Tomko)
- qemu: build command line for virtio input devices (Ján Tomko)
- conf: parse and format virtio input bus in domain XML (Ján Tomko)
- qemu: add capabilities for virtio input devices (Ján Tomko)
- admin: Introduce virAdmConnectGetLibVersion (Erik Skultety)
- admin: Add support for connection close callbacks (Erik Skultety)
- admin: Add support for URI aliases (Erik Skultety)
- livirt: Move URI alias matching to util (Erik Skultety)
- admin: Add URI support and introduce virAdmGetDefaultURI (Erik Skultety)
- admin: Do not generate remoteAdminConnect{Open,Close} (Erik Skultety)
- admin: Move remote admin API version to a separate module (Erik Skultety)
- admin: Introduce virAdmConnectIsAlive (Erik Skultety)
- virt-admin: Introduce first working skeleton (Erik Skultety)
- admin: introduce virAdmGetVersion (Erik Skultety)
- libvirt: Move config getters to util (Erik Skultety)
- admin: Introduce libvirt-admin.conf (Erik Skultety)
- libvirt: introduce libvirt/libvirt-common.h.in (Erik Skultety)
- qemu: add virtio-gpu virgl support (Marc-André Lureau)
- qemu: add virtio video device (Marc-André Lureau)
- domain: replace bool accel{2d, 3d} with a tristate (Marc-André Lureau)
- Replace support{2d,3d} with accel{2d,3d} (Marc-André Lureau)
- logging: avoid variables called 'daemon' due to function clash (Daniel P. Berrange)
- logging: inhibit virtlogd shutdown while log files are open (Daniel P. Berrange)
- qemu: add support for sending QEMU stdout/stderr to virtlogd (Daniel P. Berrange)
- qemu: convert monitor to use qemuDomainLogContextPtr indirectly (Daniel P. Berrange)
- qemu: convert process stop/attach to use qemuDomainLogContextPtr (Daniel P. Berrange)
- qemu: convert qemuLogOperation to take a qemuDomainLogContextPtr (Daniel P. Berrange)
- qemu: change qemuDomainTaint APIs to accept qemuDomainLogContextPtr (Daniel P. Berrange)
- qemu: convert log file creation to use qemuDomainLogContextPtr (Daniel P. Berrange)
- qemu: introduce a qemuDomainLogContext object (Daniel P. Berrange)
- qemu: unify code for reporting errors from QEMU log files (Daniel P. Berrange)
- qemu: remove writing to QEMU log file for rename operation (Daniel P. Berrange)
- logging: add client for virtlogd daemon (Daniel P. Berrange)
- logging: introduce log handling protocol (Daniel P. Berrange)
- Import stripped down virtlockd code as basis of virtlogd (Daniel P. Berrange)
- util: add APIs for reading/writing from/to rotating files (Daniel P. Berrange)
- virsh: Try to keep printed XML pretty with change-media (Martin Kletzander)
- qemu: Use qemuProcessLaunch in migration Prepare phase (Jiri Denemark)
- qemu: Skip starting NBD servers for offline migration (Jiri Denemark)
- qemu: Kill QEMU process if Prepare phase fails (Jiri Denemark)
- qemu: Separate incoming URI generation from qemuMigrationPrepareAny (Jiri Denemark)
- qemu: Introduce qemuProcessFinishStartup (Jiri Denemark)
- qemu: Introduce qemuProcessLaunch (Jiri Denemark)
- qemu: Introduce qemuProcessInit (Jiri Denemark)
- conf: reject multiple panic devices of same model (Dmitry Andreev)
- Allow multiple panic devices (Dmitry Andreev)
- qemu: add support for hv_crash feature as a panic device (Dmitry Andreev)
- tests: add tests for the new panic device attribute - 'model' (Dmitry Andreev)
- conf: add 'model' attribute for panic device with values isa, pseries, hyperv (Dmitry Andreev)
- conf: refactor code for checking ABI stability of panic device (Dmitry Andreev)
- nodedev: report maxCount for virtual_functions capability (Laine Stump)
- conf: support reporting maxCount attribute for virtual_functions cap (Laine Stump)
- Post-release version bump to 1.3.0 (Pavel Hrdina)
- conf: Drop useless check when parsing cpu scheduler info (Peter Krempa)
- qemu: pass the asyncJob to qemuProcessStartCPUs (Ján Tomko)
- xenapi: Refactor extraction of vcpu count (Peter Krempa)
- phyp: Refactor extraction of vcpu count (Peter Krempa)
- openvz: Refactor extraction of vcpu count (Peter Krempa)
- hyperv: Allocate 'def' via virDomainDefNew (Peter Krempa)
- qemuSetupChrSourceCgroup: rename dev to source (Ján Tomko)
- Simplify qemuSetupChrSourceCgroup and its callers (Ján Tomko)
- rename qemuSetupHostdevCGroup to qemuSetupHostdevCgroup (Ján Tomko)
- qemu: handle more machines with a single builtin IDE controller (Guido Günther)
- qemu: Always set locked memory limit for ppc64 domains (Andrea Bolognani)
- qemu: Use qemuDomainRequiresMlock() when attaching PCI hostdev (Andrea Bolognani)
- qemu: Use qemuDomainRequiresMlock() in qemuBuildCommandLine() (Andrea Bolognani)
- process: Log when limiting the amount of locked memory (Andrea Bolognani)
- vz: implementation of domainReboot callback (Mikhail Feoktistov)
- vz: allow only en-us keymap for VNC (Mikhail Feoktistov)
- qemu: Close logfd when closing monitor (Jiri Denemark)
- qemu: Do not infer flags from other qemuProcessStart arguments (Jiri Denemark)
- qemu: Introduce qemuProcessMakeDir (Jiri Denemark)
- qemu: Separate balloon code from qemuProcessStart (Jiri Denemark)
- qemu: Enter monitor within qemuProcessSetLinkStates (Jiri Denemark)
- qemu: Separate raw IO code from qemuProcessStart (Jiri Denemark)
- qemu: Separate graphics handling code from qemuProcessStart (Jiri Denemark)
- qemu: Separate hook handling code from qemuProcessStart (Jiri Denemark)
- qemu: Rename stdin_{fd,path} in qemuProcessStart (Jiri Denemark)
- qemu: Use -incoming defer for migrations (Jiri Denemark)
- qemu: Add APIs for migrate-incoming QMP command (Jiri Denemark)
- qemu: Always set async job when starting a domain (Jiri Denemark)
- qemu: Introduce qemuProcessIncomingDef (Jiri Denemark)
- qemu: Move incoming URI code to qemu_migration (Jiri Denemark)
- qemu: Don't generate migration URI in qemuBuildCommandLine (Jiri Denemark)
- qemu: Refactor the code to build -incoming command line (Jiri Denemark)
- qemu: Refactor waiting for completed migration on destination (Jiri Denemark)
- util: add virDiskNameParse to handle disk and partition idx (Joao Martins)
- libxl: implement virDomainMemorystats (Joao Martins)
- lxc: Bind mount container TTYs (Richard Weinberger)
- lxc: Don't make container's TTY a controlling TTY (Richard Weinberger)
- qemu: ppc64: Support memory hotplug without NUMA enabled (Peter Krempa)
- qemu: command: Prepare memory device def formatter for missing target node (Peter Krempa)
- conf: Prepare making memory device target node optional (Peter Krempa)
- qemu: command: Move dimm device checks from formatter to checker (Peter Krempa)
- qemu: domain: Add common function to perform memory hotplug checks (Peter Krempa)
- qemu: command: Always execute memory device formatter (Peter Krempa)
- qemu: command: Make qemuBuildMemoryBackendStr usable without NUMA (Peter Krempa)
- libxl: implement virDomainGetCPUStats (Joao Martins)
- syntax-check: Add prohibit_space_in_label rule (Andrea Bolognani)
- util: remove unnecessary needSize (Chen Hanxiao)
- storage: Introduce virStoragePoolObjFindPoolByUUID (John Ferlan)
- storage: Change cbdata scsi refresh thread field name (John Ferlan)
- storage: Make active boolean (John Ferlan)
- qemu: domain: Restructurate control flow in qemuDomainGetMlockLimitBytes (Peter Krempa)
- qemu: Fix job entry debug message (Jiri Denemark)
- tests: Add QEMU 2.4.0 capabilities (Jiri Denemark)
- tests: Remove qemuxmlnstest (Jiri Denemark)
- qemu: Fix style in qemuProcessStart (Jiri Denemark)
- security: Cleanup DAC driver (Jiri Denemark)
- domain-conf: cleanup controller insert function (Pavel Hrdina)
- virsh-domain: update attach-interface to support type=hostdev (Pavel Hrdina)
- vz: support cpu time in driver's domainGetInfo (Nikolay Shirokovskiy)
- qemu: assume various QEMU 0.10 features are always available (Daniel P. Berrange)
- qemu: assume -vga is always available (Daniel P. Berrange)
- qemu: assume -drive format is always available (Daniel P. Berrange)
- qemu: assume -drive cache always uses v2 option names (Daniel P. Berrange)
- qemu: assume support for all migration protocols except rdma (Daniel P. Berrange)
- qemu: assume vnet-hdr feature is always available (Daniel P. Berrange)
- qemu: really remove last traces of Xenner support (Daniel P. Berrange)
- qemu: assume -uuid is always available (Daniel P. Berrange)
- qemu: assume -name is always available (Daniel P. Berrange)
- qemu: assume -drive argument is always available (Daniel P. Berrange)
- qemu: handle USB bus in qemuAssignDeviceDiskAliasFixed() (Daniel P. Berrange)
- qemu: assume -no-reboot is always available (Daniel P. Berrange)
- qemu: assume 'info chardev' is always available (Daniel P. Berrange)
- qemu: assume -vnc arg always takes a ':' (Daniel P. Berrange)
- qemu: remove all support for kQEMU (Daniel P. Berrange)
- qemu: mandate QEMU version 0.12.0 or newer (Daniel P. Berrange)
- qemu: hotplug: Reject VFIO hotplug if setting RLIMIT_MEMLOCK fails (Peter Krempa)
- qemu: Extract logic to determine the mlock limit size for VFIO (Peter Krempa)
- conf: Make @def const in virDomainDefGetMemoryInitial (Peter Krempa)
- tests: redo test argv file line wrapping (Daniel P. Berrange)
- virnetdev: Use virNetDevSetupControl in virNetDevSendEthtoolIoctl (John Ferlan)
- virnetdev: Check for root in virNetDevGetFeatures (John Ferlan)
- qemu: add /usr/lib to AC_PATH_PROG for qemu-bridge-helper (Michel Normand)
- storage: Pull volume removal from pool in storageVolDeleteInternal (John Ferlan)
- storage: Cleanup failures in virStorageBackendCreateRaw (John Ferlan)
- storage: Cleanup failures virStorageBackendCreateExecCommand (John Ferlan)
- storage: Fix setting mode in virStorageBackendCreateExecCommand (John Ferlan)
- Remove new lines from log messages (Jiri Denemark)
- qemu: Introduce cleanup label in qemuProcessStart (Jiri Denemark)
- qemu: Rename ret variable in qemuProcessStart (Jiri Denemark)
- qemu: Rename cleanup label in qemuProcessStart (Jiri Denemark)
So thanks everybody for helping with this release, be it with patches, ideas,
reports, documentation, etc...
As a reminder next release supposedly 1.3.1 will come mid-January due to the
end of year slowdown, and then 1.3.2 at the end or February.
Enjoy !
Daniel
--
Daniel Veillard | Open Source and Standards, Red Hat
veillard(a)redhat.com | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
http://veillard.com/ | virtualization library http://libvirt.org/
9 years, 4 months
[libvirt] [PATCH] virNetDevMacVLanTapSetup: Work around older systems
by Michal Privoznik
Some older systems, e.g. RHEL-6 do not have IFF_MULTI_QUEUE flag
which we use to enable multiqueue feature. Therefore one gets the
following compile error there:
CC util/libvirt_util_la-virnetdevmacvlan.lo
util/virnetdevmacvlan.c: In function 'virNetDevMacVLanTapSetup':
util/virnetdevmacvlan.c:338: error: 'IFF_MULTI_QUEUE' undeclared (first use in this function)
util/virnetdevmacvlan.c:338: error: (Each undeclared identifier is reported only once
util/virnetdevmacvlan.c:338: error: for each function it appears in.)
make[3]: *** [util/libvirt_util_la-virnetdevmacvlan.lo] Error 1
So, whenever user wants us to enable the feature on such systems,
we will just throw a runtime error instead.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/util/virnetdevmacvlan.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/src/util/virnetdevmacvlan.c b/src/util/virnetdevmacvlan.c
index d8d1d90..28c9f22 100644
--- a/src/util/virnetdevmacvlan.c
+++ b/src/util/virnetdevmacvlan.c
@@ -307,49 +307,57 @@ static int
virNetDevMacVLanTapSetup(int *tapfd, size_t tapfdSize, bool vnet_hdr, bool multiqueue)
{
unsigned int features;
struct ifreq ifreq;
short new_flags = 0;
size_t i;
for (i = 0; i < tapfdSize; i++) {
memset(&ifreq, 0, sizeof(ifreq));
if (ioctl(tapfd[i], TUNGETIFF, &ifreq) < 0) {
virReportSystemError(errno, "%s",
_("cannot get interface flags on macvtap tap"));
return -1;
}
new_flags = ifreq.ifr_flags;
if (vnet_hdr) {
if (ioctl(tapfd[i], TUNGETFEATURES, &features) < 0) {
virReportSystemError(errno, "%s",
_("cannot get feature flags on macvtap tap"));
return -1;
}
if (features & IFF_VNET_HDR)
new_flags |= IFF_VNET_HDR;
} else {
new_flags &= ~IFF_VNET_HDR;
}
+#ifdef IFF_MULTI_QUEUE
if (multiqueue)
new_flags |= IFF_MULTI_QUEUE;
else
new_flags &= ~IFF_MULTI_QUEUE;
+#else
+ if (multiqueue) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Multiqueue devices are not supported on this system"));
+ return -1;
+ }
+#endif
if (new_flags != ifreq.ifr_flags) {
ifreq.ifr_flags = new_flags;
if (ioctl(tapfd[i], TUNSETIFF, &ifreq) < 0) {
virReportSystemError(errno, "%s",
_("unable to set vnet or multiqueue flags on macvtap"));
return -1;
}
}
}
return 0;
}
--
2.4.10
9 years, 5 months
[libvirt] [PATCH] CVE-2015-5313: storage: don't allow '/' in filesystem volume names
by Eric Blake
The libvirt file system storage driver determines what file to
act on by concatenating the pool location with the volume name.
If a user is able to pick names like "../../../etc/passwd", then
they can escape the bounds of the pool. For that matter,
virStoragePoolListVolumes() doesn't descend into subdirectories,
so a user really shouldn't use a name with a slash.
Normally, only privileged users can coerce libvirt into creating
or opening existing files using the virStorageVol APIs; and such
users already have full privilege to create any domain XML (so it
is not an escalation of privilege). But in the case of
fine-grained ACLs, it is feasible that a user can be granted
storage_vol:create but not domain:write, and it violates
assumptions if such a user can abuse libvirt to access files
outside of the storage pool.
Therefore, prevent all use of volume names that contain "/",
whether or not such a name is actually attempting to escape the
pool.
This changes things from:
$ virsh vol-create-as default ../../../../../../etc/haha --capacity 128
Vol ../../../../../../etc/haha created
$ rm /etc/haha
to:
$ virsh vol-create-as default ../../../../../../etc/haha --capacity 128
error: Failed to create vol ../../../../../../etc/haha
error: Requested operation is not valid: volume name '../../../../../../etc/haha' cannot contain '/'
Signed-off-by: Eric Blake <eblake(a)redhat.com>
---
This has been reviewed on the libvirt security list, where it
was assigned a CVE. Fortunately, this could only be used for
an escalation of privileges under fine-grained ACLs (which is
not an out-of-the-box config).
I will go ahead and push this to master as well as all the
active maint branches back to the introduction of ACLs.
src/storage/storage_backend_fs.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/storage/storage_backend_fs.c b/src/storage/storage_backend_fs.c
index c71c724..bb3b62a 100644
--- a/src/storage/storage_backend_fs.c
+++ b/src/storage/storage_backend_fs.c
@@ -1,7 +1,7 @@
/*
* storage_backend_fs.c: storage backend for FS and directory handling
*
- * Copyright (C) 2007-2014 Red Hat, Inc.
+ * Copyright (C) 2007-2015 Red Hat, Inc.
* Copyright (C) 2007-2008 Daniel P. Berrange
*
* This library is free software; you can redistribute it and/or
@@ -1057,6 +1057,14 @@ virStorageBackendFileSystemVolCreate(virConnectPtr conn ATTRIBUTE_UNUSED,
else
vol->type = VIR_STORAGE_VOL_FILE;
+ /* Volumes within a directory pools are not recursive; do not
+ * allow escape to ../ or a subdir */
+ if (strchr(vol->name, '/')) {
+ virReportError(VIR_ERR_OPERATION_INVALID,
+ _("volume name '%s' cannot contain '/'"), vol->name);
+ return -1;
+ }
+
VIR_FREE(vol->target.path);
if (virAsprintf(&vol->target.path, "%s/%s",
pool->def->target.path,
--
2.4.3
9 years, 5 months
[libvirt] [PATCH] storage: Attempt to refresh volume after successful wipe volume
by John Ferlan
https://bugzilla.redhat.com/show_bug.cgi?id=1270709
When a volume wipe is successful, a volume refresh should be done afterwards
to update any volume data that may be used in future volume commands, such as
volume resize. For a raw file volume, a wipe would truncate the file and
a followup volume resize the capacity may fail because the volume target
allocation isn't updated to reflect the wipe activity.
Signed-off-by: John Ferlan <jferlan(a)redhat.com>
---
src/storage/storage_driver.c | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/src/storage/storage_driver.c b/src/storage/storage_driver.c
index bbf21f6..2e59e39 100644
--- a/src/storage/storage_driver.c
+++ b/src/storage/storage_driver.c
@@ -2436,7 +2436,19 @@ storageVolWipePattern(virStorageVolPtr obj,
goto cleanup;
}
- ret = backend->wipeVol(obj->conn, pool, vol, algorithm, flags);
+ if ((ret = backend->wipeVol(obj->conn, pool, vol, algorithm, flags)) < 0)
+ goto cleanup;
+
+ /* Best effort to refresh the volume data. If unsuccessful, we've already
+ * wiped the data so there's no going back on that. Best we can do is
+ * provide some details over what happened and move on
+ */
+ if (backend->refreshVol &&
+ backend->refreshVol(obj->conn, pool, vol) < 0) {
+ VIR_WARN("failed to refresh volume '%s' info after volume wipe",
+ vol->name);
+ virResetLastError();
+ }
cleanup:
virStoragePoolObjUnlock(pool);
--
2.5.0
9 years, 5 months
[libvirt] [PATCH 00/10] VFIO fixes for PCI devices
by Andrea Bolognani
This series is my attempt at fixing
https://bugzilla.redhat.com/show_bug.cgi?id=1272300
In its current state, it's missing test cases covering the new
functionality[1] and it's known not to handle properly one
situation[2], but I'd like to get some feedback on my current
work and now that I have something to show for it feels like
a good time.
I'm already working on the missing bits and they will either
be included in the next revision or sent as separate series
later on.
The problem being solved is that, when using VFIO, IOMMU group
ownership can't be shared, eg. two devices that are in the
same IOMMU group can't be assigned to different guests, or to
the host and a guest. If that happens, the host will probably
crash.
The series deals with this issue by making sure safety
conditions are met before detaching devices from the host or
reattaching them to the host. In praticular, when we're asked
to reattach a device to the host but doing so would lead to
sharing IOMMU group ownership, we delay the operation until
we can guarantee this will not cause problems. As a nice side
effect of the changes we check for this when starting a guest
too, instead of assuming it will work and having QEMU error
out immediately afterwards.
Patches are organized as follows:
1-2: Minor cleanups that make implicit / confusing stuff
explicit / less confusing
3: Convert a string field used as an enumeration to a
proper enumeration
4: Introduce a simple helper function used later on
5-6: Rewrite the checks used when detaching devices from
the host. With this patches applied, the behaviour
is basically the same as before, except for the nice
little extra detailed above
7-9: Implement the delay when reattaching devices to the
host, thus preventing the crash and fixing the bug
10: Spit and polish
Cheers.
[1] Luckily, it doesn't break the existing tests either
[2] If you call 'virsh nodedev-reattach' on a device that's
assigned to a guest, libvirt won't stop you and you will
end up crashing your system
Andrea Bolognani (10):
pci: Remove redundant parameter from virPCIDeviceBindToStub()
pci: Remove 'reprobe' parameter from virPCIDeviceUnbind()
pci: Introduce virPCIStubDriver enumeration
pci: Introduce virPCIDeviceIOMMUGroupIterate()
hostdev: Simplify virHostdevIsPCIDeviceUsed()
hostdev: Check for safety before detaching VFIO devices
hostdev: Delay reattach of VFIO devices
hostdev: Clean up delayed VFIO devices
hostdev: Devices have already been marked as inactive
hostdev: Tidy up after changes to VFIO device handling
src/libvirt_private.syms | 3 +
src/libxl/libxl_driver.c | 3 +-
src/qemu/qemu_driver.c | 6 +-
src/util/virhostdev.c | 410 ++++++++++++++++++++++++++++++++++-------------
src/util/virpci.c | 125 +++++++++------
src/util/virpci.h | 26 ++-
src/xen/xen_driver.c | 3 +-
tests/virhostdevtest.c | 5 +-
tests/virpcitest.c | 35 ++--
9 files changed, 427 insertions(+), 189 deletions(-)
--
2.5.0
9 years, 5 months
[libvirt] [PATCH 0/6] Memory locking limit improvements
by Andrea Bolognani
As noticed by Peter[1], the memory locking limit for the
QEMU process is increased before assigning a VFIO device to
a guest, but it might not be decreased when returning said
device to the host.
This series fixes this inconsistent behaviour and cleans up
the code a little bit along the way.
The idea is to introduce a new, smarter function called
qemuDomainAdjustMaxMemLock() that does The Right Thing™ and
increases the limit when required, while at the same time
storing the original value. This way, when memory locking
is no longer needed, it can restore it.
I've tested this both on x86 and ppc64, both by removing
devices that were assigned in the domain XML and devices
that I had hotplugged.
Patches 1-2 lay some groundwork by allowing retrieval of
the memory locking limit for a process.
Patches 3-4 add qemuDomainAdjustMaxMemLock() and use it
where appropriate in the existing code.
Patch 5 adds one more use of the function, after a PCI
hostdev has been detached from the guest.
Patch 6 replaces the use of Mlock with MemLock. Suggestions
on how to further improve the names of those functions is
very welcome, this is just a first step in the right
direction.
Cheers.
[1] https://www.redhat.com/archives/libvir-list/2015-November/msg00642.html
Andrea Bolognani (6):
process: Allow virProcessPrLimit() to get current limit
process: Add virProcessGetMaxMemLock()
qemu: Add qemuDomainAdjustMaxMemLock()
qemu: Use qemuDomainAdjustMaxMemLock()
qemu: Reduce memlock limit after detaching hostdev
qemu: Replace Mlock with MemLock in function names
configure.ac | 2 +-
src/conf/domain_conf.h | 3 +++
src/libvirt_private.syms | 1 +
src/qemu/qemu_command.c | 4 ++--
src/qemu/qemu_domain.c | 56 +++++++++++++++++++++++++++++++++++++++++++---
src/qemu/qemu_domain.h | 5 +++--
src/qemu/qemu_hotplug.c | 46 ++++++++++++++++----------------------
src/util/virprocess.c | 58 +++++++++++++++++++++++++++++++++++++++++++-----
src/util/virprocess.h | 2 ++
9 files changed, 136 insertions(+), 41 deletions(-)
--
2.5.0
9 years, 5 months
