[libvirt] [PATCH 0/2] qemu: add debug-threads support
by Marc-André Lureau
QEMU (somewhere around 2.0) added a new sub-option to the -name flag
-name debug-threads=on
This causes the naming of individual QEMU threads to be helpful; e.g.
'CPU/KVM 0' or 'migration' these show up in top once the H key is
pressed, and also show up in a core dump, making it easy to figure
out which thread is which.
The following 2 patches add a capability check and a qemu-conf key to
enable debug-threads.
Related to:
https://bugzilla.redhat.com/show_bug.cgi?id=1140121
cheers
Marc-André Lureau (2):
qemu: check for debug-threads capability
qemu_conf: add set_debug_threads_name configuration key
src/qemu/libvirtd_qemu.aug | 1 +
src/qemu/qemu.conf | 6 ++++++
src/qemu/qemu_capabilities.c | 2 ++
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_command.c | 14 ++++++++++----
src/qemu/qemu_conf.c | 1 +
src/qemu/qemu_conf.h | 1 +
src/qemu/test_libvirtd_qemu.aug.in | 1 +
tests/qemucapabilitiesdata/caps_2.1.1-1.caps | 1 +
tests/qemucapabilitiesdata/caps_2.4.0-1.caps | 1 +
tests/qemucapabilitiesdata/caps_2.5.0-1.caps | 1 +
tests/qemucapabilitiesdata/caps_2.6.0-1.caps | 1 +
12 files changed, 27 insertions(+), 4 deletions(-)
--
2.5.0
8 years, 9 months
[libvirt] [PATCH v2 0/2] vcpu info refactors - part 3b
by Peter Krempa
Peter Krempa (2):
qemu: vcpupin: Extract live vcpupin setting into a separate function
qemu: Refactor bitmap handling in qemuDomainPinVcpuFlags
src/qemu/qemu_driver.c | 163 +++++++++++++++++++++++++++----------------------
1 file changed, 89 insertions(+), 74 deletions(-)
--
2.6.2
8 years, 9 months
[libvirt] [PATCH 0/2] persistant live migration with specified XML
by Dmitry Andreev
Live migration has a bug: specified XML doesn't used for persistant
configuration. https://bugzilla.redhat.com/show_bug.cgi?id=835300
This patch-set fixes this problem. Specified XML used for both active and
inactive domain XML. Hope this is what it should be.
Dmitry Andreev (2):
qemuMigrationCookieAddPersistent: change argument type
qemu: migration: use specified XML for active and inactive
confguration
src/qemu/qemu_migration.c | 55 ++++++++++++++++++++++++-----------------------
1 file changed, 28 insertions(+), 27 deletions(-)
--
1.8.3.1
8 years, 9 months
[libvirt] [PATCH] libxl: small fix in parsing network
by Chunyan Liu
Signed-off-by: Chunyan Liu <cyliu(a)suse.com>
---
src/libxl/libxl_conf.c | 2 +-
src/libxl/libxl_domain.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c
index 5133299..48b8826 100644
--- a/src/libxl/libxl_conf.c
+++ b/src/libxl/libxl_conf.c
@@ -1471,7 +1471,7 @@ libxlMakeNicList(virDomainDefPtr def, libxl_domain_config *d_config)
VIR_SHRINK_N(x_nics, nnics, nnics - nvnics);
d_config->nics = x_nics;
- d_config->num_nics = nnics;
+ d_config->num_nics = nvnics;
return 0;
diff --git a/src/libxl/libxl_domain.c b/src/libxl/libxl_domain.c
index 632acfd..50f7eed 100644
--- a/src/libxl/libxl_domain.c
+++ b/src/libxl/libxl_domain.c
@@ -315,7 +315,7 @@ libxlDomainDeviceDefPostParse(virDomainDeviceDefPtr dev,
virDomainHostdevSubsysPCIPtr pcisrc;
if (dev->type == VIR_DOMAIN_DEVICE_NET)
- hostdev = &(dev->data.net)->data.hostdev.def;
+ hostdev = &dev->data.net->data.hostdev.def;
else
hostdev = dev->data.hostdev;
pcisrc = &hostdev->source.subsys.u.pci;
--
2.1.4
8 years, 9 months
[libvirt] [PATCH 0/9] vcpu info refactors - part 3b
by Peter Krempa
Yet another continuation of the saga. In this episode we add pinning for
inactive cpus.
Peter Krempa (9):
virsh: vcpupin: Ask for pinning info for all vCPUs
conf: Extract code filling data for virDomainGetVcpuPinInfo
qemu: Report pinning for all vCPUs in qemuDomainGetVcpuPinInfo
conf: introduce parser feature flags
conf: refactor checking for unsupported memory devices
conf: extract ignoring of inactive vcpu pinning information
qemu: add support for offline vcpupin
qemu: vcpupin: Extract live vcpupin setting into a separate function
qemu: Refactor bitmap handling in qemuDomainPinVcpuFlags
src/bhyve/bhyve_domain.c | 9 +-
src/conf/domain_conf.c | 157 +++++++++++++++++++++++++++---
src/conf/domain_conf.h | 20 +++-
src/libvirt_private.syms | 3 +-
src/libxl/libxl_domain.c | 7 --
src/libxl/libxl_driver.c | 38 +-------
src/lxc/lxc_domain.c | 8 --
src/openvz/openvz_driver.c | 7 --
src/phyp/phyp_driver.c | 6 +-
src/qemu/qemu_domain.c | 2 +
src/qemu/qemu_driver.c | 234 +++++++++++++++++++--------------------------
src/test/test_driver.c | 38 +-------
src/uml/uml_driver.c | 9 +-
src/vbox/vbox_common.c | 6 +-
src/vmware/vmware_driver.c | 6 +-
src/vmx/vmx.c | 8 +-
src/vz/vz_driver.c | 6 +-
src/xen/xen_driver.c | 7 --
src/xenapi/xenapi_driver.c | 7 --
tools/virsh-domain.c | 3 +-
20 files changed, 279 insertions(+), 302 deletions(-)
--
2.6.2
8 years, 9 months
[libvirt] [python PATCH] Add support for JOB_COMPLETED event
by Jiri Denemark
Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com>
---
examples/event-test.py | 3 ++
libvirt-override-virConnect.py | 9 ++++++
libvirt-override.c | 64 ++++++++++++++++++++++++++++++++++++++++++
3 files changed, 76 insertions(+)
diff --git a/examples/event-test.py b/examples/event-test.py
index 615f86c..5be4978 100755
--- a/examples/event-test.py
+++ b/examples/event-test.py
@@ -533,6 +533,8 @@ def myDomainEventDeviceAddedCallback(conn, dom, dev, opaque):
def myDomainEventMigrationIteration(conn, dom, iteration, opaque):
print("myDomainEventMigrationIteration: Domain %s(%s) started migration iteration %d" % (
dom.name(), dom.ID(), iteration))
+def myDomainEventJobCompletedCallback(conn, dom, params, opaque):
+ print("myDomainEventJobCompletedCallback: Domain %s(%s) %s" % (dom.name(), dom.ID(), params))
##########################################################################
# Network events
@@ -646,6 +648,7 @@ def main():
vc.domainEventRegisterAny(None, libvirt.VIR_DOMAIN_EVENT_ID_AGENT_LIFECYCLE, myDomainEventAgentLifecycleCallback, None)
vc.domainEventRegisterAny(None, libvirt.VIR_DOMAIN_EVENT_ID_DEVICE_ADDED, myDomainEventDeviceAddedCallback, None)
vc.domainEventRegisterAny(None, libvirt.VIR_DOMAIN_EVENT_ID_MIGRATION_ITERATION, myDomainEventMigrationIteration, None)
+ vc.domainEventRegisterAny(None, libvirt.VIR_DOMAIN_EVENT_ID_JOB_COMPLETED, myDomainEventJobCompletedCallback, None)
vc.networkEventRegisterAny(None, libvirt.VIR_NETWORK_EVENT_ID_LIFECYCLE, myNetworkEventLifecycleCallback, None)
diff --git a/libvirt-override-virConnect.py b/libvirt-override-virConnect.py
index 4231195..396a6ed 100644
--- a/libvirt-override-virConnect.py
+++ b/libvirt-override-virConnect.py
@@ -225,6 +225,15 @@
cb(self, virDomain(self, _obj=dom), iteration, opaque)
return 0
+ def _dispatchDomainEventJobCompletedCallback(self, dom, params, cbData):
+ """Dispatches event to python user domain job completed callbacks
+ """
+ cb = cbData["cb"]
+ opaque = cbData["opaque"]
+
+ cb(self, virDomain(self, _obj=dom), params, opaque)
+ return 0
+
def domainEventDeregisterAny(self, callbackID):
"""Removes a Domain Event Callback. De-registering for a
domain callback will disable delivery of this event type """
diff --git a/libvirt-override.c b/libvirt-override.c
index 2308802..ce36280 100644
--- a/libvirt-override.c
+++ b/libvirt-override.c
@@ -6835,6 +6835,65 @@ libvirt_virConnectDomainEventMigrationIterationCallback(virConnectPtr conn ATTRI
}
#endif /* VIR_DOMAIN_EVENT_ID_MIGRATION_ITERATION */
+#ifdef VIR_DOMAIN_EVENT_ID_JOB_COMPLETED
+static int
+libvirt_virConnectDomainEventJobCompletedCallback(virConnectPtr conn ATTRIBUTE_UNUSED,
+ virDomainPtr dom,
+ virTypedParameterPtr params,
+ int nparams,
+ void *opaque)
+{
+ PyObject *pyobj_cbData = (PyObject*)opaque;
+ PyObject *pyobj_dom;
+ PyObject *pyobj_ret = NULL;
+ PyObject *pyobj_conn;
+ PyObject *dictKey;
+ PyObject *pyobj_dict = NULL;
+ int ret = -1;
+
+ LIBVIRT_ENSURE_THREAD_STATE;
+
+ pyobj_dict = getPyVirTypedParameter(params, nparams);
+ if (!pyobj_dict)
+ goto cleanup;
+
+ if (!(dictKey = libvirt_constcharPtrWrap("conn")))
+ goto cleanup;
+ pyobj_conn = PyDict_GetItem(pyobj_cbData, dictKey);
+ Py_DECREF(dictKey);
+
+ /* Create a python instance of this virDomainPtr */
+ virDomainRef(dom);
+ if (!(pyobj_dom = libvirt_virDomainPtrWrap(dom))) {
+ virDomainFree(dom);
+ goto cleanup;
+ }
+ Py_INCREF(pyobj_cbData);
+
+ /* Call the Callback Dispatcher */
+ pyobj_ret = PyObject_CallMethod(pyobj_conn,
+ (char*)"_dispatchDomainEventJobCompletedCallback",
+ (char*)"OOO",
+ pyobj_dom, pyobj_dict, pyobj_cbData);
+
+ Py_DECREF(pyobj_cbData);
+ Py_DECREF(pyobj_dom);
+
+ cleanup:
+ if (!pyobj_ret) {
+ DEBUG("%s - ret:%p\n", __FUNCTION__, pyobj_ret);
+ PyErr_Print();
+ Py_XDECREF(pyobj_dict);
+ } else {
+ Py_DECREF(pyobj_ret);
+ ret = 0;
+ }
+
+ LIBVIRT_RELEASE_THREAD_STATE;
+ return ret;
+}
+#endif /* VIR_DOMAIN_EVENT_ID_JOB_COMPLETED */
+
static PyObject *
libvirt_virConnectDomainEventRegisterAny(PyObject *self ATTRIBUTE_UNUSED,
PyObject *args)
@@ -6940,6 +6999,11 @@ libvirt_virConnectDomainEventRegisterAny(PyObject *self ATTRIBUTE_UNUSED,
cb = VIR_DOMAIN_EVENT_CALLBACK(libvirt_virConnectDomainEventMigrationIterationCallback);
break;
#endif /* VIR_DOMAIN_EVENT_ID_MIGRATION_ITERATION */
+#ifdef VIR_DOMAIN_EVENT_ID_JOB_COMPLETED
+ case VIR_DOMAIN_EVENT_ID_JOB_COMPLETED:
+ cb = VIR_DOMAIN_EVENT_CALLBACK(libvirt_virConnectDomainEventJobCompletedCallback);
+ break;
+#endif /* VIR_DOMAIN_EVENT_ID_JOB_COMPLETED */
case VIR_DOMAIN_EVENT_ID_LAST:
break;
}
--
2.7.2
8 years, 9 months
[libvirt] sVirt shouldn't let Nova do stupid things
by Matthew Booth
Nova just released a fix for this critical CVE:
https://bugs.launchpad.net/nova/+bug/1548450
To summarise, it's a qcow2 backing file exploit. The user writes a
malicious qcow2 header to the top of a raw disk, then triggers a bug in
Nova which causes it to do format detection.
If you read the bug and comments, you'll see that when I initially reported
it I was fairly dismissive of its impact because it's only exploitable
through libvirt, and the instance is going to be confined by SELinux. But
then Dan B points out that sVirt is going to trust whatever Nova tells it
to do and label it appropriately. Cue rapid ramping of severity, and it
turns out this allows an unprivileged user to read anything on the host,
including all raw block devices.
I'm not sure exactly where, but something in this stack has failed us.
Let's be clear a couple of things, though:
1. This is an egregious, stupid bug in Nova, and Nova shouldn't have
egregious, stupid bugs.
2. SELinux should prevent obviously bad things from happening, even in the
presence of egregious, stupid bugs.
I point that out to head off: 'Well Nova shouldn't do that'. Of course it
shouldn't. However, it might, and when it does, I'd like to think that
SELinux has its back. It doesn't, though.
As I understand it, sVirt is the mechanism libvirt uses for controlling
SELinux. I wonder if the current sVirt model is enough to cover the use
case where the thing connecting to libvirt is large enough to have its own
serious bugs. Is there any way we could define a sane set of operations
independent of Nova?
Matt
--
Matthew Booth
Red Hat Engineering, Virtualisation Team
Phone: +442070094448 (UK)
8 years, 9 months
[libvirt] [PATCH v4 0/8] NSS module for libvirt
by Michal Privoznik
v4 of:
https://www.redhat.com/archives/libvir-list/2016-February/msg00693.html
diff to v3:
- Introduced yet another test to catch linkage problems
- Extended nsstest to test multiple addresses
- Reworked src/libvirt_nss.la CFLAGS/LDFLAGS - dropped some dependencies
- Dropped checking for lease timestamp from nss plugin implementation as it's
already done by lease parsing function
Michal Privoznik (8):
Export virLease* functions for leases file handling
virjson: Resolve const correctness
Initial support for NSS plugin skeleton
libvirt.spec.in: Introduce libvirt-nss package
nss: Implement _nss_libvirt_gethostbyname3_r
Implement _nss_libvirt_gethostbyname4_r
nss: Introduce a test
tests: Introduce nsslinktest
cfg.mk | 2 +-
config-post.h | 24 +++
configure.ac | 2 +
libvirt.spec.in | 21 ++
m4/virt-nss.m4 | 51 +++++
po/POTFILES.in | 1 +
src/Makefile.am | 60 ++++++
src/libvirt_private.syms | 6 +
src/network/leaseshelper.c | 271 +-------------------------
src/util/virfile.c | 2 +-
src/util/virjson.c | 58 +++---
src/util/virjson.h | 54 +++---
src/util/virlease.c | 304 +++++++++++++++++++++++++++++
src/util/virlease.h | 44 +++++
tests/Makefile.am | 31 ++-
tests/nssdata/virbr0.status | 20 ++
tests/nssdata/virbr1.status | 14 ++
tests/nsslinktest.c | 39 ++++
tests/nssmock.c | 140 ++++++++++++++
tests/nsstest.c | 195 +++++++++++++++++++
tools/Makefile.am | 44 +++++
tools/nss/libvirt_nss.c | 463 ++++++++++++++++++++++++++++++++++++++++++++
tools/nss/libvirt_nss.h | 52 +++++
tools/nss/libvirt_nss.syms | 12 ++
24 files changed, 1580 insertions(+), 330 deletions(-)
create mode 100644 m4/virt-nss.m4
create mode 100644 src/util/virlease.c
create mode 100644 src/util/virlease.h
create mode 100644 tests/nssdata/virbr0.status
create mode 100644 tests/nssdata/virbr1.status
create mode 100644 tests/nsslinktest.c
create mode 100644 tests/nssmock.c
create mode 100644 tests/nsstest.c
create mode 100644 tools/nss/libvirt_nss.c
create mode 100644 tools/nss/libvirt_nss.h
create mode 100644 tools/nss/libvirt_nss.syms
--
2.4.10
8 years, 9 months
[libvirt] GSoC 2016
by Tahir Ramzan
Respected Sir,
I am a MS CS scholar of Virtual University of Pakistan, I want to
participate in GSoC 2016 for Libvirt. Data Science, Networks, Information
security, digital forensics and ethical hacking are my core areas of
interest.
Currently, I am working on a research project on live forensics of GPU and
volatile memories like RAMs and Caches.
I am looking forward your guidance to start my contribution for Libvirt,
thanks in anticipation.
Regards
Tahir Ramzan
8 years, 9 months