May 2016 - Devel - libvirt List Archives

[libvirt] New account at Wiki
by Artur Zochniak 27 May '16

27 May '16

Hello! Can I have an account for wiki? I ask here because I am following http://wiki.libvirt.org/page/Main_Page#libvirt_Wiki preferred username: arjamizo Thanks! BR Artur

1 0

[libvirt] [PATCHv2] Added hook for network modification event
by Khramov Anton 27 May '16

27 May '16

From: Anton Khramov <anton(a)endocode.com> Anton Khramov (1): network: Added hook for network modification event docs/hooks.html.in | 2 ++ src/network/bridge_driver.c | 5 +++++ src/util/virhook.c | 3 ++- src/util/virhook.h | 1 + 4 files changed, 10 insertions(+), 1 deletion(-) -- 1.9.1

2 2

[libvirt] [PATCH v2] esx: do not store escaped password in esxVI_Context.
by Dawid Zamirski 27 May '16

27 May '16

This patch fixes an issue where screenshot API call was failing when the esx/vcenter password contains special characters such as apostrophee. The reason for failures was that passwords were escaped for XML and stored in esxVI_Context which was then passed to raw CURL API calls where the password must be passed in original form to authenticate successfully. So this patch addresses this by storing original passwords in the esxVI_Context struct and escape only for esxVI_Login call. --- Changes made since v1: * Also patch esxVI_EnsureSession * Added cleanup to esxVI_Context_Connect to make sure escapedPassword is freed where appropiate. Also move the code block that escapes the password to happen earlier in the function body so that it can bail earlier in the event of failure and skip the rest of the processing. * Updated virReportError calls to pass syntax-check src/esx/esx_driver.c | 22 ++++--------------- src/esx/esx_vi.c | 62 ++++++++++++++++++++++++++++++++++++++-------------- 2 files changed, 50 insertions(+), 34 deletions(-) diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c index 00d0e0a..031c666 100644 --- a/src/esx/esx_driver.c +++ b/src/esx/esx_driver.c @@ -617,7 +617,6 @@ esxConnectToHost(esxPrivate *priv, int result = -1; char ipAddress[NI_MAXHOST] = ""; char *username = NULL; - char *unescapedPassword = NULL; char *password = NULL; char *url = NULL; esxVI_String *propertyNameList = NULL; @@ -647,18 +646,13 @@ esxConnectToHost(esxPrivate *priv, } } - unescapedPassword = virAuthGetPassword(conn, auth, "esx", username, conn->uri->server); + password = virAuthGetPassword(conn, auth, "esx", username, conn->uri->server); - if (!unescapedPassword) { + if (!password) { virReportError(VIR_ERR_AUTH_FAILED, "%s", _("Password request failed")); goto cleanup; } - password = esxUtil_EscapeForXml(unescapedPassword); - - if (!password) - goto cleanup; - if (virAsprintf(&url, "%s://%s:%d/sdk", priv->parsedUri->transport, conn->uri->server, conn->uri->port) < 0) goto cleanup; @@ -705,7 +699,6 @@ esxConnectToHost(esxPrivate *priv, cleanup: VIR_FREE(username); - VIR_FREE(unescapedPassword); VIR_FREE(password); VIR_FREE(url); esxVI_String_Free(&propertyNameList); @@ -726,7 +719,6 @@ esxConnectToVCenter(esxPrivate *priv, int result = -1; char ipAddress[NI_MAXHOST] = ""; char *username = NULL; - char *unescapedPassword = NULL; char *password = NULL; char *url = NULL; @@ -752,18 +744,13 @@ esxConnectToVCenter(esxPrivate *priv, } } - unescapedPassword = virAuthGetPassword(conn, auth, "esx", username, hostname); + password = virAuthGetPassword(conn, auth, "esx", username, hostname); - if (!unescapedPassword) { + if (!password) { virReportError(VIR_ERR_AUTH_FAILED, "%s", _("Password request failed")); goto cleanup; } - password = esxUtil_EscapeForXml(unescapedPassword); - - if (!password) - goto cleanup; - if (virAsprintf(&url, "%s://%s:%d/sdk", priv->parsedUri->transport, hostname, conn->uri->port) < 0) goto cleanup; @@ -799,7 +786,6 @@ esxConnectToVCenter(esxPrivate *priv, cleanup: VIR_FREE(username); - VIR_FREE(unescapedPassword); VIR_FREE(password); VIR_FREE(url); diff --git a/src/esx/esx_vi.c b/src/esx/esx_vi.c index 6520196..5fb2279 100644 --- a/src/esx/esx_vi.c +++ b/src/esx/esx_vi.c @@ -996,39 +996,52 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url, const char *ipAddress, const char *username, const char *password, esxUtil_ParsedUri *parsedUri) { + int result = -1; + char *escapedPassword = NULL; + if (!ctx || !url || !ipAddress || !username || !password || ctx->url || ctx->service || ctx->curl) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Invalid argument")); return -1; } + escapedPassword = esxUtil_EscapeForXml(password); + + if (!escapedPassword) { + VIR_FREE(escapedPassword); + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("Failed to escape password for XML")); + goto cleanup; + } + if (esxVI_CURL_Alloc(&ctx->curl) < 0 || esxVI_CURL_Connect(ctx->curl, parsedUri) < 0 || VIR_STRDUP(ctx->url, url) < 0 || VIR_STRDUP(ctx->ipAddress, ipAddress) < 0 || VIR_STRDUP(ctx->username, username) < 0 || VIR_STRDUP(ctx->password, password) < 0) { - return -1; + goto cleanup; } if (VIR_ALLOC(ctx->sessionLock) < 0) - return -1; + goto cleanup; + if (virMutexInit(ctx->sessionLock) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Could not initialize session mutex")); - return -1; + goto cleanup; } if (esxVI_RetrieveServiceContent(ctx, &ctx->service) < 0) - return -1; + goto cleanup; if (STRNEQ(ctx->service->about->apiType, "HostAgent") && STRNEQ(ctx->service->about->apiType, "VirtualCenter")) { virReportError(VIR_ERR_INTERNAL_ERROR, _("Expecting VI API type 'HostAgent' or 'VirtualCenter' " "but found '%s'"), ctx->service->about->apiType); - return -1; + goto cleanup; } if (virParseVersionString(ctx->service->about->apiVersion, @@ -1036,14 +1049,14 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url, virReportError(VIR_ERR_INTERNAL_ERROR, _("Could not parse VI API version '%s'"), ctx->service->about->apiVersion); - return -1; + goto cleanup; } if (ctx->apiVersion < 1000000 * 2 + 1000 * 5 /* 2.5 */) { virReportError(VIR_ERR_INTERNAL_ERROR, _("Minimum supported %s version is %s but found version '%s'"), "VI API", "2.5", ctx->service->about->apiVersion); - return -1; + goto cleanup; } if (virParseVersionString(ctx->service->about->version, @@ -1051,7 +1064,7 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url, virReportError(VIR_ERR_INTERNAL_ERROR, _("Could not parse product version '%s'"), ctx->service->about->version); - return -1; + goto cleanup; } if (STREQ(ctx->service->about->productLineId, "gsx")) { @@ -1060,7 +1073,7 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url, _("Minimum supported %s version is %s but found version '%s'"), esxVI_ProductLineToDisplayName(esxVI_ProductLine_GSX), "2.0", ctx->service->about->version); - return -1; + goto cleanup; } ctx->productLine = esxVI_ProductLine_GSX; @@ -1071,7 +1084,7 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url, _("Minimum supported %s version is %s but found version '%s'"), esxVI_ProductLineToDisplayName(esxVI_ProductLine_ESX), "3.5", ctx->service->about->version); - return -1; + goto cleanup; } ctx->productLine = esxVI_ProductLine_ESX; @@ -1081,7 +1094,7 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url, _("Minimum supported %s version is %s but found version '%s'"), esxVI_ProductLineToDisplayName(esxVI_ProductLine_VPX), "2.5", ctx->service->about->version); - return -1; + goto cleanup; } ctx->productLine = esxVI_ProductLine_VPX; @@ -1090,7 +1103,7 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url, _("Expecting product 'gsx' or 'esx' or 'embeddedEsx' " "or 'vpx' but found '%s'"), ctx->service->about->productLineId); - return -1; + goto cleanup; } if (ctx->productLine == esxVI_ProductLine_ESX) { @@ -1107,12 +1120,19 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url, if (ctx->productLine == esxVI_ProductLine_VPX) ctx->hasSessionIsActive = true; - if (esxVI_Login(ctx, username, password, NULL, &ctx->session) < 0 || + + + if (esxVI_Login(ctx, username, escapedPassword, NULL, &ctx->session) < 0 || esxVI_BuildSelectSetCollection(ctx) < 0) { - return -1; + goto cleanup; } - return 0; + result = 0; + + cleanup: + VIR_FREE(escapedPassword); + + return result; } int @@ -2062,6 +2082,7 @@ esxVI_EnsureSession(esxVI_Context *ctx) esxVI_ObjectContent *sessionManager = NULL; esxVI_DynamicProperty *dynamicProperty = NULL; esxVI_UserSession *currentSession = NULL; + char *escapedPassword = NULL; if (!ctx->sessionLock) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Invalid call, no mutex")); @@ -2075,6 +2096,14 @@ esxVI_EnsureSession(esxVI_Context *ctx) goto cleanup; } + escapedPassword = esxUtil_EscapeForXml(ctx->password); + + if (!escapedPassword) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("Failed to escape password for XML")); + goto cleanup; + } + if (esxVI_String_AppendValueToList(&propertyNameList, "currentSession") < 0 || esxVI_LookupObjectContentByType(ctx, ctx->service->sessionManager, @@ -2101,7 +2130,7 @@ esxVI_EnsureSession(esxVI_Context *ctx) if (!currentSession) { esxVI_UserSession_Free(&ctx->session); - if (esxVI_Login(ctx, ctx->username, ctx->password, NULL, + if (esxVI_Login(ctx, ctx->username, escapedPassword, NULL, &ctx->session) < 0) { goto cleanup; } @@ -2117,6 +2146,7 @@ esxVI_EnsureSession(esxVI_Context *ctx) cleanup: virMutexUnlock(ctx->sessionLock); + VIR_FREE(escapedPassword); esxVI_String_Free(&propertyNameList); esxVI_ObjectContent_Free(&sessionManager); esxVI_UserSession_Free(&currentSession); -- 2.7.4

2 1

[libvirt] [PATCH] testutils.c: unsetenv() iff platform has it
by Michal Privoznik 27 May '16

27 May '16

I've encountered the following problem (introduced by 6326865e): ../../tests/testutils.c: In function 'virtTestRun': ../../tests/testutils.c:289:5: error: implicit declaration of function 'unsetenv' [-Werror=implicit-function-declaration] unsetenv("VIR_TEST_MOCK_TESTNAME"); Apparently, mingw does not have unsetenv(). Therefore we should call it iff we are sure platform we are building for has it. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- This is a tentative patch. Ideally, we would use gnulib's implementation (like we do for setenv()), but there are some licensing problems right now [1]. If they are resolved before our release, we can just pick new gnulib. If, however, they are not, we can just push this patch. 1: https://www.redhat.com/archives/libvir-list/2016-May/msg01952.html tests/testutils.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/testutils.c b/tests/testutils.c index f4fbad2..8b7bf70 100644 --- a/tests/testutils.c +++ b/tests/testutils.c @@ -286,7 +286,9 @@ virtTestRun(const char *title, } #endif /* TEST_OOM */ +#ifdef HAVE_UNSETENV unsetenv("VIR_TEST_MOCK_TESTNAME"); +#endif return ret; } -- 2.8.3

2 2

[libvirt] [PATCH] qemu: Fix error message when PCI bridge has index <= bus
by Andrea Bolognani 27 May '16

27 May '16

Commit ff2126225df0 changed the error message to be more detailed about the failure at hand; however, while the new error message claims that "bus must be <= index", the error message is displayed if "idx <= addr->bus", ie. when bus is bigger than or *equal to* index. Change the error message to report the correct constraint, and format it in a way that mirrors the check exactly to make it clearer to people reading the code. The new error message reads "must be index > bus". --- I'm assuming the code, which is pre-existing, is correct here. CC'ing Laine for insights. src/qemu/qemu_domain_address.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c index 7bd8ee5..650cb2a 100644 --- a/src/qemu/qemu_domain_address.c +++ b/src/qemu/qemu_domain_address.c @@ -1598,14 +1598,14 @@ qemuDomainAssignPCIAddresses(virDomainDefPtr def, break; } - /* check if every PCI bridge controller's ID is greater than + /* check if every PCI bridge controller's index is greater than * the bus it is placed onto */ if (cont->model == VIR_DOMAIN_CONTROLLER_MODEL_PCI_BRIDGE && idx <= addr->bus) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("PCI controller at index %d (0x%02x) has " - "bus='0x%02x', but bus must be <= index"), + "bus='0x%02x'; must be index > bus"), idx, idx, addr->bus); goto cleanup; } -- 2.5.5

2 2

[libvirt] inconsistent handling of "qemu64" CPU model
by Chris Friesen 27 May '16

27 May '16

Hi, I'm not sure where the problem lies, hence the CC to both lists. Please copy me on the reply. I'm playing with OpenStack's devstack environment on an Ubuntu 14.04 host with a Celeron 2961Y CPU. (libvirt detects it as a Nehalem with a bunch of extra features.) Qemu gives version 2.2.0 (Debian 1:2.2+dfsg-5expubuntu9.7~cloud2). If I don't specify a virtual CPU model, it appears to give me a "qemu64" CPU, and /proc/cpuinfo in the guest instance looks something like this: processor 0 vendor_id GenuineIntel cpu family 6 model 6 model name: QEMU Virtual CPU version 2.2.0 stepping: 3 microcode: 0x1 flags: fpu de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pse36 clflush mmx fxsr sse sse2 syscall nx lm rep_good nopl pni vmx cx16 x2apic popcnt hypervisor lahf_lm abm vnmi ept However, if I explicitly specify a custom CPU model of "qemu64" the instance refuses to boot and I get a log saying: libvirtError: unsupported configuration: guest and host CPU are not compatible: Host CPU does not provide required features: svmlibvirtError: unsupported configuration: guest and host CPU are not compatible: Host CPU does not provide required features: svm When this happens, some of the XML for the domain looks like this: <os> <type arch='x86_64' machine='pc-i440fx-utopic'>hvm</type> .... <cpu mode='custom' match='exact'> <model fallback='allow'>qemu64</model> <topology sockets='1' cores='1' threads='1'/> </cpu> Of course "svm" is an AMD flag and I'm running an Intel CPU. But why does it work when I just rely on the default virtual CPU? Is kvm_default_unset_features handled differently when it's implicit vs explicit? If I explicitly specify a custom CPU model of "kvm64" then it boots, but of course I get a different virtual CPU from what I get if I don't specify anything. Following some old suggestions I tried turning off nested kvm, deleting /var/cache/libvirt/qemu/capabilities/*, and restarting libvirtd. Didn't help. So...anyone got any ideas what's going on? Is there no way to explicitly specify the model that you get by default? Thanks, Chris

3 3

[libvirt] [PATCH 0/8] lxc: add job support
by Katerina Koukiou 26 May '16

26 May '16

This patch series adds job support to the lxc driver, using techiques from the libxl driver. One benefit is no longer blocking get operations during long running modify operations. E.g. with these patches 'vish dominfo dom' will work while 'virsh save dom ...' is in progress. The first patch adds the job support machinery, followed by several patches that make use of it. Although this might look not needed that much right now, it is preparing environment for future work. This patch series has been reviewed by Michal Privoznik who is my mentor for GSoC 2016. Katerina Koukiou (8): lxc: Add job support to lxc driver lxc: use job functions in lxcDomain{CreateXMLWithFiles, CreateWithFiles} lxc: use job functions in lxcDomainSetMemoryFlags lxc: use job functions in lxcDomain{Suspend, Resume} lxc: use job functions in lxcDomain{AttachDeviceFlags, DetachDeviceFlags, UpdateDeviceFlags} lxc: add job functions in lxcDomainSetAutostart lxc: use job functions in lxcDomain* functions that do query operations. lxc: use job functions in lxcDomain* functions that perform modify actions. src/lxc/lxc_domain.c | 154 ++++++++++++++++++++-- src/lxc/lxc_domain.h | 37 ++++++ src/lxc/lxc_driver.c | 351 ++++++++++++++++++++++++++++++++++++--------------- 3 files changed, 428 insertions(+), 114 deletions(-) -- 2.7.4

4 12

[libvirt] [PATCH] daemon: cleanup state drivers in order reverse to init order
by Nikolay Shirokovskiy 26 May '16

26 May '16

This patch aims to fix observed crash on daemon shutdown. Main thread is in the process of state drivers cleanup, network driver is cleaned up and qemu driver is not yet. Meanwhile eof event from qemu process triggers qemuProcessStop -> networkReleaseActualDevice and crash happens as network driver is already cleaned up. Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy(a)virtuozzo.com> --- src/libvirt.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/libvirt.c b/src/libvirt.c index 114e88c..d79fe75 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -800,12 +800,12 @@ virStateInitialize(bool privileged, int virStateCleanup(void) { - size_t i; + int r; int ret = 0; - for (i = 0; i < virStateDriverTabCount; i++) { - if (virStateDriverTab[i]->stateCleanup && - virStateDriverTab[i]->stateCleanup() < 0) + for (r = virStateDriverTabCount - 1; r >= 0; r--) { + if (virStateDriverTab[r]->stateCleanup && + virStateDriverTab[r]->stateCleanup() < 0) ret = -1; } return ret; -- 1.8.3.1

2 3

[libvirt] [PATCH 0/3] esx: improve virtualHW > 7 handling.
by Dawid Zamirski 26 May '16

26 May '16

Hello, The following patches are for issues found when using libvirt to create/manage VMs on ESXi hosts (5.5 and 6). The first patch addresses a fairly common issue with creating VMs on ESXi with SCSI controllers. The other two are to less common but work around known ESX issues e.g. 4TB drive size limit and vMotion compatibility. Dawid Zamirski (3): esx: add pciBridge devices when SCSI is used esx: Add VMCI device for virtualHW >= 7 esx: use newer virtualHW version for 5.1+ hosts src/esx/esx_vi.c | 17 ++++++++++++++ src/vmx/vmx.c | 27 ++++++++++++++++++++++ tests/xml2vmxdata/xml2vmx-fusion-in-the-wild-1.vmx | 14 +++++++++++ .../xml2vmxdata/xml2vmx-serial-network-client.vmx | 1 + .../xml2vmxdata/xml2vmx-serial-network-server.vmx | 1 + tests/xml2vmxdata/xml2vmx-ws-in-the-wild-1.vmx | 14 +++++++++++ tests/xml2vmxdata/xml2vmx-ws-in-the-wild-2.vmx | 14 +++++++++++ 7 files changed, 88 insertions(+) -- 2.7.4

2 6

[libvirt] Question on output of virsh capabilities
by Eli Qiao 26 May '16

26 May '16

hi I am confused by the libvirt's "virsh capabilities" help said: DESCRIPTION Returns capabilities of hypervisor/driver. I got follow outtput of a host. <cpu> <arch>x86_64</arch> <model>Broadwell-noTSX</model> <vendor>Intel</vendor> <topology sockets='1' cores='2' threads='2'/> <feature name='invtsc'/> <feature name='mpx'/> <feature name='abm'/> <feature name='pdpe1gb'/> <feature name='rdrand'/> <feature name='f16c'/> <feature name='osxsave'/> <feature name='pdcm'/> <feature name='xtpr'/> <feature name='tm2'/> <feature name='est'/> <feature name='vmx'/> <feature name='ds_cpl'/> <feature name='monitor'/> <feature name='dtes64'/> <feature name='pbe'/> <feature name='tm'/> <feature name='ht'/> <feature name='ss'/> <feature name='acpi'/> <feature name='ds'/> <feature name='vme'/> <pages unit='KiB' size='4'/> <pages unit='KiB' size='2048'/> <pages unit='KiB' size='1048576'/> </cpu> but from cat /proc/cpuinfo flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch epb intel_pt tpr_shadow vnmi flexpriority ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt xsaveopt xsavec xgetbv1 dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp The output of virsh seems missed some of the cpu features so my question what doesn't the features of "virsh capibalities" mean? why not pass all cpu flags? I see there is a cpu_map.xml in libvirt source, what does it used for? I have requirements to get all the hypervisors feature, what should I do? Thanks. -- Best Regards, Eli Qiao (乔立勇) Intel OTC China

2 1