April 2015 - Devel - libvirt List Archives

[libvirt] [PATCH] Ignore bridge template names with multiple printf conversions
by Ján Tomko 05 May '15

05 May '15

For some reason, we allow a bridge name with %d in it, which we replace with an unsigned integer to form a bridge name that does not yet exist on the host. Do not blindly pass it to virAsprintf if it's not the only conversion, to prevent crashing on input like: <network> <name>test</name> <forward mode='none'/> <bridge name='virbr%d%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s'/> </network> Ignore any template strings that do not have exactly one %d conversion, like we do in various drivers before calling virNetDevTapCreateInBridgePort. --- This was added by commit 4c3f3b4 http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=4c3f3b4 https://www.redhat.com/archives/libvir-list/2009-April/msg00394.html claiming it worked some time before that src/network/bridge_driver.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 3b879cd..1c5613a 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -2775,7 +2775,13 @@ networkFindUnusedBridgeName(virNetworkObjListPtr nets, int ret = -1, id = 0; char *newname = NULL; - const char *templ = def->bridge ? def->bridge : "virbr%d"; + const char *templ = "virbr%d"; + const char *p; + + if (def->bridge && + (p = strchr(def->bridge, '%')) == strrchr(def->bridge, '%') && + strstr(def->bridge, "%d")) + templ = def->bridge; do { if (virAsprintf(&newname, templ, id) < 0) @@ -2809,7 +2815,7 @@ networkFindUnusedBridgeName(virNetworkObjListPtr nets, /* * networkValidateBridgeName() - if no bridge name is set, or if the - * bridge name contains a %d (indicating that this is a template for + * bridge name contains a % (indicating that this is a template for * the actual name) try to set an appropriate bridge name. If a * bridge name *is* set, make sure it doesn't conflict with any other * network's bridge name. @@ -2820,7 +2826,7 @@ networkBridgeNameValidate(virNetworkObjListPtr nets, { int ret = -1; - if (def->bridge && !strstr(def->bridge, "%d")) { + if (def->bridge && !strchr(def->bridge, '%')) { if (virNetworkBridgeInUse(nets, def->bridge, def->name)) { virReportError(VIR_ERR_INTERNAL_ERROR, _("bridge name '%s' already in use."), -- 2.0.5

2 2

[libvirt] [PATCH 0/7] Addition host name check for network storage pools
by John Ferlan 04 May '15

04 May '15

https://bugzilla.redhat.com/show_bug.cgi?id=1171984 As a followon to a recent series to conslidate the various network source host checks into a single API, this series of patches takes the next steps. First off existing code assumed the provided "<host name='%s'>" string resolved to a valid IP Address; however, that's not necessarily the case. So rather than assume the path is valid during the various networked pool startup, open, mount, etc API's check to make sure the host name can be resolved. More than like the processing was going to fail anyway, so failing a bit sooner and with a message indicating the problem might help someone resolve it. Second now that we hope the running pools are using a resolved name, check the new/incoming definitions to make sure that their host name strings do not duplicate an existing/running pool. The existing check only compares the strings for equality, but with networks a name could be an IP Address by number (IPv4 or IPv6) or a name that would need to be resolved. If that name resolves to the same IP Address already running, then we fail the attempted new pool definition. John Ferlan (7): virutil: Introduce virIsValidHostname iscsi: Check for validity of pool source hostname netfs: Check for validity of pool source hostname gluster: Check for validity of pool source hostname sheepdog: Check for validity of pool source hostname util: Introduce virIsSameHostnameInfo storage: Check for duplicate host for incoming pool def src/conf/storage_conf.c | 11 ++- src/libvirt_private.syms | 2 + src/storage/storage_backend_fs.c | 2 + src/storage/storage_backend_gluster.c | 3 + src/storage/storage_backend_iscsi.c | 7 ++ src/storage/storage_backend_sheepdog.c | 36 +++++--- src/util/virutil.c | 155 +++++++++++++++++++++++++++++++++ src/util/virutil.h | 3 + 8 files changed, 205 insertions(+), 14 deletions(-) -- 2.1.0

3 33

[libvirt] [PATCH v3] polkit: Allow password-less access for 'libvirt' group
by Cole Robinson 04 May '15

04 May '15

Many users, who admin their own machines, want to be able to access system libvirtd via tools like virt-manager without having to enter a root password. Just google 'virt-manager without password' and you'll find many hits. I've read at least 5 blog posts over the years describing slightly different ways of achieving this goal. Let's finally add official support for this. Install a polkit-1 rules file granting password-less auth for any user in the new 'libvirt' group. Create the group on RPM install https://bugzilla.redhat.com/show_bug.cgi?id=957300 --- v3: Back to group=libvirt to match what debian and suse are using Patch is unchanged otherwise. So unless there's objects all carry over the previous ACK from danpb and push after the release is out daemon/Makefile.am | 13 +++++++++++++ daemon/libvirt.rules | 9 +++++++++ libvirt.spec.in | 15 +++++++++++++-- 3 files changed, 35 insertions(+), 2 deletions(-) create mode 100644 daemon/libvirt.rules diff --git a/daemon/Makefile.am b/daemon/Makefile.am index 300b9a5..974feed 100644 --- a/daemon/Makefile.am +++ b/daemon/Makefile.am @@ -53,6 +53,7 @@ EXTRA_DIST = \ libvirtd.init.in \ libvirtd.upstart \ libvirtd.policy.in \ + libvirt.rules \ libvirtd.sasl \ libvirtd.service.in \ libvirtd.socket.in \ @@ -233,6 +234,8 @@ policyauth = auth_admin_keep_session else ! WITH_POLKIT0 policydir = $(datadir)/polkit-1/actions policyauth = auth_admin_keep +rulesdir = $(datadir)/polkit-1/rules.d +rulesfile = libvirt.rules endif ! WITH_POLKIT0 endif WITH_POLKIT @@ -263,9 +266,19 @@ if WITH_POLKIT install-data-polkit:: $(MKDIR_P) $(DESTDIR)$(policydir) $(INSTALL_DATA) libvirtd.policy $(DESTDIR)$(policydir)/org.libvirt.unix.policy +if ! WITH_POLKIT0 + $(MKDIR_P) $(DESTDIR)$(rulesdir) + $(INSTALL_DATA) $(srcdir)/$(rulesfile) $(DESTDIR)$(rulesdir)/50-libvirt.rules +endif ! WITH_POLKIT0 + uninstall-data-polkit:: rm -f $(DESTDIR)$(policydir)/org.libvirt.unix.policy rmdir $(DESTDIR)$(policydir) || : +if ! WITH_POLKIT0 + rm -f $(DESTDIR)$(rulesdir)/50-libvirt.rules + rmdir $(DESTDIR)$(rulesdir) || : +endif ! WITH_POLKIT0 + else ! WITH_POLKIT install-data-polkit:: uninstall-data-polkit:: diff --git a/daemon/libvirt.rules b/daemon/libvirt.rules new file mode 100644 index 0000000..01a15fa --- /dev/null +++ b/daemon/libvirt.rules @@ -0,0 +1,9 @@ +// Allow any user in the 'libvirt' group to connect to system libvirtd +// without entering a password. + +polkit.addRule(function(action, subject) { + if (action.id == "org.libvirt.unix.manage" && + subject.isInGroup("libvirt")) { + return polkit.Result.YES; + } +}); diff --git a/libvirt.spec.in b/libvirt.spec.in index 20af502..c71ef25 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1645,9 +1645,9 @@ then fi %if %{with_libvirtd} +%pre daemon %if ! %{with_driver_modules} %if %{with_qemu} -%pre daemon %if 0%{?fedora} || 0%{?rhel} >= 6 # We want soft static allocation of well-known ids, as disk images # are commonly shared across NFS mounts by id rather than name; see @@ -1661,11 +1661,21 @@ if ! getent passwd qemu >/dev/null; then useradd -r -g qemu -G kvm -d / -s /sbin/nologin -c "qemu user" qemu fi fi -exit 0 %endif %endif %endif + %if %{with_polkit} + %if 0%{?fedora} || 0%{?rhel} >= 6 +# 'libvirt' group is just to allow password-less polkit access to +# libvirtd. The uid number is irrelevant, so we use dynamic allocation +# described at the above link. +getent group libvirt >/dev/null || groupadd -r libvirt + %endif + %endif + +exit 0 + %post daemon %if %{with_systemd} @@ -1939,6 +1949,7 @@ exit 0 %if 0%{?fedora} || 0%{?rhel} >= 6 %{_datadir}/polkit-1/actions/org.libvirt.unix.policy %{_datadir}/polkit-1/actions/org.libvirt.api.policy +%{_datadir}/polkit-1/rules.d/50-libvirt.rules %else %{_datadir}/PolicyKit/policy/org.libvirt.unix.policy %endif -- 2.3.6

2 2

[libvirt] [PATCH] tests: Fix grammar in comments.
by Andrea Bolognani 04 May '15

04 May '15

Replace all occurrences of "stream write to differences to" with "stream to write differences to". --- tests/testutils.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/testutils.c b/tests/testutils.c index 6a8fe6a..89026c6 100644 --- a/tests/testutils.c +++ b/tests/testutils.c @@ -458,7 +458,7 @@ virtTestCaptureProgramOutput(const char *const argv[] ATTRIBUTE_UNUSED, /** - * @param stream: output stream write to differences to + * @param stream: output stream to write differences to * @param expect: expected output text * @param expectName: name designator of the expected text * @param actual: actual output text @@ -532,7 +532,7 @@ int virtTestDifferenceFull(FILE *stream, } /** - * @param stream: output stream write to differences to + * @param stream: output stream to write differences to * @param expect: expected output text * @param actual: actual output text * @@ -548,7 +548,7 @@ int virtTestDifference(FILE *stream, /** - * @param stream: output stream write to differences to + * @param stream: output stream to write differences to * @param expect: expected output text * @param actual: actual output text * -- 2.1.0

2 2

[libvirt] Entering freeze for libvirt-1.2.15
by Daniel Veillard 03 May '15

03 May '15

I'm a little late, but I have now tagged candidate release 1 for 1.2.15 in git and pushed signed tarballs and rpms to the usual place: ftp://libvirt.org/libvirt/ this seems to work for me in my limited testing, but please give it a try, especially on less common platforms. The https://ci.centos.org/ seems to indicate issues on building the Perl tests as well as virt-manager regression testing, can someone dig into what is happening there ? I will likely push an rc2 on Thursday, and then the final release over the week-end, thanks! Daniel -- Daniel Veillard | Open Source and Standards, Red Hat veillard(a)redhat.com | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | virtualization library http://libvirt.org/

3 4

[libvirt] [PATCH V3] libxl: provide integration with lock manager
by Jim Fehlig 30 Apr '15

30 Apr '15

Provide integration with libvirt's lock manager in the libxl driver. Signed-off-by: Jim Fehlig <jfehlig(a)suse.com> --- V3 of https://www.redhat.com/archives/libvir-list/2015-April/msg01006.html In V3, call virDomainLockProcessStart() with 'paused' parameter set to 'true' and add a call to virDomainLockProcessResume(). src/Makefile.am | 12 +++++++++ src/libxl/libvirtd_libxl.aug | 2 ++ src/libxl/libxl.conf | 10 +++++++ src/libxl/libxl_conf.c | 14 ++++++++++ src/libxl/libxl_conf.h | 6 +++++ src/libxl/libxl_domain.c | 51 +++++++++++++++++++++++++++++++++++- src/libxl/libxl_domain.h | 1 + src/libxl/libxl_driver.c | 25 ++++++++++++++++++ src/libxl/libxl_migration.c | 6 +++++ src/libxl/test_libvirtd_libxl.aug.in | 1 + 10 files changed, 127 insertions(+), 1 deletion(-) diff --git a/src/Makefile.am b/src/Makefile.am index 9a5f16c..1438174 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -2246,6 +2246,12 @@ BUILT_SOURCES += locking/qemu-lockd.conf DISTCLEANFILES += locking/qemu-lockd.conf endif WITH_QEMU +if WITH_LIBXL +nodist_conf_DATA += locking/libxl-lockd.conf +BUILT_SOURCES += locking/libxl-lockd.conf +DISTCLEANFILES += locking/libxl-lockd.conf +endif WITH_LIBXL + locking/%-lockd.conf: $(srcdir)/locking/lockd.conf $(AM_V_GEN)$(MKDIR_P) locking ; \ cp $< $@ @@ -2431,6 +2437,12 @@ nodist_conf_DATA += locking/qemu-sanlock.conf BUILT_SOURCES += locking/qemu-sanlock.conf DISTCLEANFILES += locking/qemu-sanlock.conf endif WITH_QEMU + +if WITH_LIBXL +nodist_conf_DATA += locking/libxl-sanlock.conf +BUILT_SOURCES += locking/libxl-sanlock.conf +DISTCLEANFILES += locking/libxl-sanlock.conf +endif WITH_LIBXL else ! WITH_SANLOCK EXTRA_DIST += $(LOCK_DRIVER_SANLOCK_SOURCES) endif ! WITH_SANLOCK diff --git a/src/libxl/libvirtd_libxl.aug b/src/libxl/libvirtd_libxl.aug index f225954..d5aa150 100644 --- a/src/libxl/libvirtd_libxl.aug +++ b/src/libxl/libvirtd_libxl.aug @@ -25,9 +25,11 @@ module Libvirtd_libxl = (* Config entry grouped by function - same order as example config *) let autoballoon_entry = bool_entry "autoballoon" + let lock_entry = str_entry "lock_manager" (* Each entry in the config is one of the following ... *) let entry = autoballoon_entry + | lock_entry let comment = [ label "#comment" . del /#[ \t]*/ "# " . store /([^ \t\n][^\n]*)?/ . del /\n/ "\n" ] let empty = [ label "#empty" . eol ] diff --git a/src/libxl/libxl.conf b/src/libxl/libxl.conf index c104d40..ba3de7a 100644 --- a/src/libxl/libxl.conf +++ b/src/libxl/libxl.conf @@ -10,3 +10,13 @@ # autoballoon setting. # #autoballoon = 1 + + +# In order to prevent accidentally starting two domains that +# share one writable disk, libvirt offers two approaches for +# locking files: sanlock and virtlockd. sanlock is an external +# project which libvirt integrates with via the libvirt-lock-sanlock +# package. virtlockd is a libvirt implementation that is enabled with +# "lockd". Accepted values are "sanlock" and "lockd". +# +#lock_manager = "lockd" diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c index 1b504fa..29498d5 100644 --- a/src/libxl/libxl_conf.c +++ b/src/libxl/libxl_conf.c @@ -102,6 +102,7 @@ libxlDriverConfigDispose(void *obj) VIR_FREE(cfg->libDir); VIR_FREE(cfg->saveDir); VIR_FREE(cfg->autoDumpDir); + VIR_FREE(cfg->lockManagerName); } @@ -1495,6 +1496,7 @@ int libxlDriverConfigLoadFile(libxlDriverConfigPtr cfg, const char *filename) { virConfPtr conf = NULL; + virConfValuePtr p; int ret = -1; /* Check the file is readable before opening it, otherwise @@ -1512,6 +1514,18 @@ int libxlDriverConfigLoadFile(libxlDriverConfigPtr cfg, if (libxlGetAutoballoonConf(cfg, conf) < 0) goto cleanup; + if ((p = virConfGetValue(conf, "lock_manager"))) { + if (p->type != VIR_CONF_STRING) { + virReportError(VIR_ERR_INTERNAL_ERROR, + "%s", + _("Unexpected type for 'lock_manager' setting")); + goto cleanup; + } + + if (VIR_STRDUP(cfg->lockManagerName, p->str) < 0) + goto cleanup; + } + ret = 0; cleanup: diff --git a/src/libxl/libxl_conf.h b/src/libxl/libxl_conf.h index 5ba1a71..0a1c0db 100644 --- a/src/libxl/libxl_conf.h +++ b/src/libxl/libxl_conf.h @@ -38,6 +38,7 @@ # include "virobject.h" # include "virchrdev.h" # include "virhostdev.h" +# include "locking/lock_manager.h" # define LIBXL_DRIVER_NAME "xenlight" # define LIBXL_VNC_PORT_MIN 5900 @@ -98,6 +99,8 @@ struct _libxlDriverConfig { * memory for new domains from domain0. */ bool autoballoon; + char *lockManagerName; + /* Once created, caps are immutable */ virCapsPtr caps; @@ -144,6 +147,9 @@ struct _libxlDriverPrivate { /* Immutable pointer, lockless APIs*/ virSysinfoDefPtr hostsysinfo; + + /* Immutable pointer. lockless access */ + virLockManagerPluginPtr lockManager; }; # define LIBXL_SAVE_MAGIC "libvirt-xml\n \0 \r" diff --git a/src/libxl/libxl_domain.c b/src/libxl/libxl_domain.c index 3039427..5f5f8e5 100644 --- a/src/libxl/libxl_domain.c +++ b/src/libxl/libxl_domain.c @@ -34,6 +34,7 @@ #include "virlog.h" #include "virstring.h" #include "virtime.h" +#include "locking/domain_lock.h" #define VIR_FROM_THIS VIR_FROM_LIBXL @@ -217,12 +218,36 @@ libxlDomainObjPrivateFree(void *data) { libxlDomainObjPrivatePtr priv = data; + VIR_FREE(priv->lockState); virObjectUnref(priv); } +static int +libxlDomainObjPrivateXMLParse(xmlXPathContextPtr ctxt, void *data) +{ + libxlDomainObjPrivatePtr priv = data; + + priv->lockState = virXPathString("string(./lockstate)", ctxt); + + return 0; +} + +static int +libxlDomainObjPrivateXMLFormat(virBufferPtr buf, void *data) +{ + libxlDomainObjPrivatePtr priv = data; + + if (priv->lockState) + virBufferAsprintf(buf, "<lockstate>%s</lockstate>\n", priv->lockState); + + return 0; +} + virDomainXMLPrivateDataCallbacks libxlDomainXMLPrivateDataCallbacks = { .alloc = libxlDomainObjPrivateAlloc, .free = libxlDomainObjPrivateFree, + .parse = libxlDomainObjPrivateXMLParse, + .format = libxlDomainObjPrivateXMLFormat, }; @@ -667,6 +692,11 @@ libxlDomainCleanup(libxlDriverPrivatePtr driver, virHostdevReAttachDomainDevices(hostdev_mgr, LIBXL_DRIVER_NAME, vm->def, VIR_HOSTDEV_SP_PCI, NULL); + VIR_FREE(priv->lockState); + if (virDomainLockProcessPause(driver->lockManager, vm, &priv->lockState) < 0) + VIR_WARN("Unable to release lease on %s", vm->def->name); + VIR_DEBUG("Preserving lock state '%s'", NULLSTR(priv->lockState)); + vm->def->id = -1; if (priv->deathW) { @@ -960,6 +990,20 @@ libxlDomainStart(libxlDriverPrivatePtr driver, virDomainObjPtr vm, vm->def, VIR_HOSTDEV_SP_PCI) < 0) goto cleanup; + if (virDomainLockProcessStart(driver->lockManager, + "xen:///system", + vm, + true, + NULL) < 0) + goto cleanup; + + if (virDomainLockProcessResume(driver->lockManager, + "xen:///system", + vm, + priv->lockState) < 0) + goto cleanup; + VIR_FREE(priv->lockState); + /* Unlock virDomainObj while creating the domain */ virObjectUnlock(vm); @@ -990,7 +1034,7 @@ libxlDomainStart(libxlDriverPrivatePtr driver, virDomainObjPtr vm, virReportError(VIR_ERR_INTERNAL_ERROR, _("libxenlight failed to restore domain '%s'"), d_config.c_info.name); - goto cleanup; + goto release_dom; } /* @@ -1003,6 +1047,7 @@ libxlDomainStart(libxlDriverPrivatePtr driver, virDomainObjPtr vm, if (libxl_evenable_domain_death(cfg->ctx, vm->def->id, 0, &priv->deathW)) goto cleanup_dom; + if ((dom_xml = virDomainDefFormat(vm->def, 0)) == NULL) goto cleanup_dom; @@ -1040,6 +1085,7 @@ libxlDomainStart(libxlDriverPrivatePtr driver, virDomainObjPtr vm, goto cleanup; cleanup_dom: + ret = -1; if (priv->deathW) { libxl_evdisable_domain_death(cfg->ctx, priv->deathW); priv->deathW = NULL; @@ -1048,6 +1094,9 @@ libxlDomainStart(libxlDriverPrivatePtr driver, virDomainObjPtr vm, vm->def->id = -1; virDomainObjSetState(vm, VIR_DOMAIN_SHUTOFF, VIR_DOMAIN_SHUTOFF_FAILED); + release_dom: + virDomainLockProcessPause(driver->lockManager, vm, &priv->lockState); + cleanup: libxl_domain_config_dispose(&d_config); VIR_FREE(dom_xml); diff --git a/src/libxl/libxl_domain.h b/src/libxl/libxl_domain.h index aa647b8..8c73cc4 100644 --- a/src/libxl/libxl_domain.h +++ b/src/libxl/libxl_domain.h @@ -64,6 +64,7 @@ struct _libxlDomainObjPrivate { virChrdevsPtr devs; libxl_evgen_domain_death *deathW; unsigned short migrationPort; + char *lockState; struct libxlDomainJobObj job; }; diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c index 6a54c73..1ecfd71 100644 --- a/src/libxl/libxl_driver.c +++ b/src/libxl/libxl_driver.c @@ -57,6 +57,7 @@ #include "viratomic.h" #include "virhostdev.h" #include "network/bridge_driver.h" +#include "locking/domain_lock.h" #define VIR_FROM_THIS VIR_FROM_LIBXL @@ -411,6 +412,7 @@ libxlStateCleanup(void) virObjectUnref(libxl_driver->domains); virObjectUnref(libxl_driver->reservedVNCPorts); virObjectUnref(libxl_driver->migrationPorts); + virLockManagerPluginUnref(libxl_driver->lockManager); virObjectEventStateFree(libxl_driver->domainEventState); virSysinfoDefFree(libxl_driver->hostsysinfo); @@ -590,6 +592,14 @@ libxlStateInitialize(bool privileged, goto error; } + if (!(libxl_driver->lockManager = + virLockManagerPluginNew(cfg->lockManagerName ? + cfg->lockManagerName : "nop", + "libxl", + cfg->configBaseDir, + 0))) + goto error; + /* read the host sysinfo */ libxl_driver->hostsysinfo = virSysinfoRead(); @@ -2860,11 +2870,21 @@ libxlDomainAttachDeviceDiskLive(virDomainObjPtr vm, virDomainDeviceDefPtr dev) if (libxlMakeDisk(l_disk, &x_disk) < 0) goto cleanup; + if (virDomainLockDiskAttach(libxl_driver->lockManager, + "xen:///system", + vm, l_disk) < 0) + goto cleanup; + if ((ret = libxl_device_disk_add(cfg->ctx, vm->def->id, &x_disk, NULL)) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("libxenlight failed to attach disk '%s'"), l_disk->dst); + if (virDomainLockDiskDetach(libxl_driver->lockManager, + vm, l_disk) < 0) { + VIR_WARN("Unable to release lock on %s", + virDomainDiskGetSource(l_disk)); + } goto cleanup; } @@ -3005,6 +3025,11 @@ libxlDomainDetachDeviceDiskLive(virDomainObjPtr vm, virDomainDeviceDefPtr dev) goto cleanup; } + if (virDomainLockDiskDetach(libxl_driver->lockManager, + vm, l_disk) < 0) + VIR_WARN("Unable to release lock on %s", + virDomainDiskGetSource(l_disk)); + virDomainDiskRemove(vm->def, idx); virDomainDiskDefFree(l_disk); diff --git a/src/libxl/libxl_migration.c b/src/libxl/libxl_migration.c index 51993c6..1efd98f 100644 --- a/src/libxl/libxl_migration.c +++ b/src/libxl/libxl_migration.c @@ -41,6 +41,7 @@ #include "libxl_driver.h" #include "libxl_conf.h" #include "libxl_migration.h" +#include "locking/domain_lock.h" #define VIR_FROM_THIS VIR_FROM_LIBXL @@ -469,6 +470,7 @@ libxlDomainMigrationPerform(libxlDriverPrivatePtr driver, const char *dname ATTRIBUTE_UNUSED, unsigned int flags) { + libxlDomainObjPrivatePtr priv = vm->privateData; char *hostname = NULL; unsigned short port = 0; char portstr[100]; @@ -503,6 +505,10 @@ libxlDomainMigrationPerform(libxlDriverPrivatePtr driver, sockfd = virNetSocketDupFD(sock, true); virObjectUnref(sock); + if (virDomainLockProcessPause(driver->lockManager, vm, &priv->lockState) < 0) + VIR_WARN("Unable to release lease on %s", vm->def->name); + VIR_DEBUG("Preserving lock state '%s'", NULLSTR(priv->lockState)); + /* suspend vm and send saved data to dst through socket fd */ virObjectUnlock(vm); ret = libxlDoMigrateSend(driver, vm, flags, sockfd); diff --git a/src/libxl/test_libvirtd_libxl.aug.in b/src/libxl/test_libvirtd_libxl.aug.in index 23e667c..baa8c79 100644 --- a/src/libxl/test_libvirtd_libxl.aug.in +++ b/src/libxl/test_libvirtd_libxl.aug.in @@ -3,3 +3,4 @@ module Test_libvirtd_libxl = test Libvirtd_libxl.lns get conf = { "autoballoon" = "1" } +{ "lock_manager" = "lockd" } -- 1.8.4.5

3 6

[libvirt] [PATCH] qemu: Fix bus and lun checks when scsi-disk.channel not present
by John Ferlan 30 Apr '15

30 Apr '15

Found by Laine and discussed a bit on internal IRC. Commit id c56fe7f1d6 added support for creating a command line to support scsi-disk.channel. Series was here: http://www.redhat.com/archives/libvir-list/2012-February/msg01052.html Which pointed to a design proposal here: http://permalink.gmane.org/gmane.comp.emulators.libvirt/50428 Which states (in part): Libvirt should check for the QEMU "scsi-disk.channel" property. If it is unavailable, QEMU will only support channel=lun=0 and 0<=target<=7. However, the check added was ensuring that bus != lun *and* bus != 0. So if bus == lun and both were non zero, we'd never make the second check. Changing this to an *or* check fixes the check, but still is less readable than the just checking each for 0 Signed-off-by: John Ferlan <jferlan(a)redhat.com> --- src/qemu/qemu_command.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 0dc8628..583bc11 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4127,8 +4127,8 @@ qemuBuildDriveDevStr(virDomainDefPtr def, goto error; } - if ((disk->info.addr.drive.bus != disk->info.addr.drive.unit) && - (disk->info.addr.drive.bus != 0)) { + if (disk->info.addr.drive.bus != 0 && + disk->info.addr.drive.unit != 0) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("This QEMU only supports both bus and " "unit equal to 0")); -- 2.1.0

2 1

[libvirt] [PATCH] rpm-build: update %files section for libxl
by Pavel Hrdina 30 Apr '15

30 Apr '15

Recent commit 198cc1d3 introduced integration of lockd and sanlock into libxl, but forget to update libvirt.spec.in to also list new files distributed via package. Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com> --- Pushed under build-breaker rule. libvirt.spec.in | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libvirt.spec.in b/libvirt.spec.in index 20af502..f95e31f 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -2129,6 +2129,8 @@ exit 0 %files daemon-driver-libxl %defattr(-, root, root) %config(noreplace) %{_sysconfdir}/libvirt/libxl.conf +%config(noreplace) %{_sysconfdir}/libvirt/libxl-lockd.conf +%config(noreplace) %{_sysconfdir}/libvirt/libxl-sanlock.conf %{_datadir}/augeas/lenses/libvirtd_libxl.aug %{_datadir}/augeas/lenses/tests/test_libvirtd_libxl.aug %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/libxl/ -- 2.0.5

3 2

[libvirt] [PATCH] main: add new generated files to .gitignore
by Pavel Hrdina 30 Apr '15

30 Apr '15

This means new libxl-lockd.conf and libxl-sanlock.conf Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com> --- Pushed under trivial rule. .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 9d09709..7bcf359 100644 --- a/.gitignore +++ b/.gitignore @@ -124,6 +124,8 @@ /src/libvirt_*helper /src/libvirt_*probes.h /src/libvirt_lxc +/src/locking/libxl-lockd.conf +/src/locking/libxl-sanlock.conf /src/locking/lock_daemon_dispatch_stubs.h /src/locking/lock_protocol.[ch] /src/locking/qemu-lockd.conf -- 2.0.5

1 0

[libvirt] [PATCH] qemu: blockjob: Call qemuDomainSupportsBlockJobs only on online VMs
by Peter Krempa 30 Apr '15

30 Apr '15

Since the qemu capabilities are not initialized for offline VMs the caller might get suboptimal error message: $ virsh blockjob VM PATH --bandwidth 1 error: unsupported configuration: block jobs not supported with this QEMU binary Move the checks after we make sure that the VM is alive. --- src/qemu/qemu_driver.c | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 3695b26..d6e7570 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -16555,34 +16555,34 @@ qemuDomainBlockPullCommon(virQEMUDriverPtr driver, goto cleanup; } - if (qemuDomainSupportsBlockJobs(vm, &modern) < 0) + if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0) goto cleanup; + if (!virDomainObjIsActive(vm)) { + virReportError(VIR_ERR_OPERATION_INVALID, "%s", + _("domain is not running")); + goto endjob; + } + + if (qemuDomainSupportsBlockJobs(vm, &modern) < 0) + goto endjob; + if (!modern) { if (base) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("partial block pull not supported with this " "QEMU binary")); - goto cleanup; + goto endjob; } if (bandwidth) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("setting bandwidth at start of block pull not " "supported with this QEMU binary")); - goto cleanup; + goto endjob; } } - if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0) - goto cleanup; - - if (!virDomainObjIsActive(vm)) { - virReportError(VIR_ERR_OPERATION_INVALID, "%s", - _("domain is not running")); - goto endjob; - } - if (!(device = qemuDiskPathToAlias(vm, path, &idx))) goto endjob; disk = vm->def->disks[idx]; @@ -16682,9 +16682,6 @@ qemuDomainBlockJobAbort(virDomainPtr dom, if (virDomainBlockJobAbortEnsureACL(dom->conn, vm->def) < 0) goto cleanup; - if (qemuDomainSupportsBlockJobs(vm, &modern) < 0) - goto cleanup; - if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0) goto cleanup; @@ -16694,6 +16691,9 @@ qemuDomainBlockJobAbort(virDomainPtr dom, goto endjob; } + if (qemuDomainSupportsBlockJobs(vm, &modern) < 0) + goto endjob; + if (!(device = qemuDiskPathToAlias(vm, path, &idx))) goto endjob; disk = vm->def->disks[idx]; @@ -16896,9 +16896,6 @@ qemuDomainBlockJobSetSpeed(virDomainPtr dom, if (virDomainBlockJobSetSpeedEnsureACL(dom->conn, vm->def) < 0) goto cleanup; - if (qemuDomainSupportsBlockJobs(vm, &modern) < 0) - goto cleanup; - if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0) goto cleanup; @@ -16908,6 +16905,9 @@ qemuDomainBlockJobSetSpeed(virDomainPtr dom, goto endjob; } + if (qemuDomainSupportsBlockJobs(vm, &modern) < 0) + goto endjob; + if (!(device = qemuDiskPathToAlias(vm, path, NULL))) goto endjob; -- 2.3.5

2 2