August 2017 - Devel - libvirt List Archives

[libvirt] [PATCH] maint: Update to latest gnulib
by Erik Skultety 28 Aug '17

28 Aug '17

This pulls in, among other new things, vc-list-files fix to make syntax-check work with git worktrees. Signed-off-by: Erik Skultety <eskultet(a)redhat.com> --- As per http://lists.gnu.org/archive/html/bug-gnulib/2017-08/msg00171.html which fixes the build with old autoconf, pushing this patch under the gnulib maintenance rule. Again, thanks a lot for fixing it so fast Eric :). .gnulib | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gnulib b/.gnulib index ce4ee4cbb..8d116e3f6 160000 --- a/.gnulib +++ b/.gnulib @@ -1 +1 @@ -Subproject commit ce4ee4cbb596a9d7de2786cf8c48cf62a4edede7 +Subproject commit 8d116e3f657cb120f79efbbb675fa3cc9d21f53e -- 2.13.3

1 0

[libvirt] security: the qemu agent command "guest-exec" may cause Insider Access
by Zhangbo (Oscar) 28 Aug '17

28 Aug '17

Hi all: The Host Administrator is capable of running any exec in guests via the qemu-ga command "guest-exec", eg: virsh qemu-agent-command test_guest '{"execute": "guest-exec", "arguments": {"path": "ifconfig", "arg": [ "eth1", "192.168.0.99" ],"capture-output": true } }' {"return":{"pid":12425}} virsh qemu-agent-command test_guest '{"execute": "guest-exec-status", "arguments": { "pid": 12425 } }' {"return":{"exitcode":0,"exited":true}} The example above just change the guests' ip address, the Administrator may also change guests' user password, get sensitive information, etc. which causes Insider Access. The Administrator also can use other commands such as " guest-file-open" that also cause Insider Access. So, how to avoid this security problem, what's your suggestion? Thanks! Best Regrads Oscar

4 13

[libvirt] [discuss] add reconnect support for vhost-user
by lu.zhipeng＠zte.com.cn 28 Aug '17

28 Aug '17

SGVsbG8gZXZlcnlvbmU6DQoNCiBJIHdhbnQgdG8gaW1wbGVtZW50IGEgZnVuY3Rpb24sIGl0IGlz IHVuY2xlYXIgd2hldGhlciBhbnlvbmUgaGFzIHN1Ym1pdHRlZCBzdWNoIGEgcGF0Y2guIA0KDQph ZGQgcmVjb25uZWN0IHN1cHBvcnQgZm9yIHZob3N0LXVzZXIgd2hlbiB1bml4IGNvbnRyb2wgc29j a2V0IGJldHdlZW4gdmhvc3QtdXNlciBhbmQgdmhvc3QtdXNlciBiYWNrZW5kIGlzICAgZGlzY29u bmVjdGVkIC4NCg0KDQoNCg0KeG1sIA0KDQoNCg0KIDxpbnRlcmZhY2UgdHlwZT0ndmhvc3R1c2Vy Jz4NCg0KICAgICAgPG1hYyBhZGRyZXNzPSdmYToxNjozZToxMDoyMzowMScvPg0KDQogICAgICA8 c291cmNlIHR5cGU9J3VuaXgnIHBhdGg9Jy9vcHQvbmV0d29yay9vdmRrL2Jpbi92aG9zdC5zb2Nr JyByZWNvbm5lY3Q9JzEwJyBtb2RlPSdjbGllbnQnLz4gLS0tLS0tLS0tLXJlY29ubmVjdCANCg0K ICAgICAgPG1vZGVsIHR5cGU9J3ZpcnRpbycvPg0KDQoNCiAgICA8L2ludGVyZmFjZT4NCg0KUmVj b25uZWN0IHZhbHVlICByZXByZXNlbnRzIHRoZSBpbnRlcnZhbCBzZWNvbmRzIGJldHdlZW4gcmVj b25uZWN0aW9uLg==

2 1

[libvirt] Why not support additional machine args in XML such as max-ram-below-4g?
by Wuzongyong (Euler Dept) 28 Aug '17

28 Aug '17

Since qemu support the arg -machine like that: -machine [type=]name[,prop[=value][,...]] So I'm inquisitive about why libvirt doesn't support specify the prop in xml ? So I can specify the qemu machine args like -max-raw-below-4g in xml, well, I mean not by specifying the -qemu-command-line in xml. Thanks, Zongyong Wu

2 1

[libvirt] [PATCH] qemu: undefine is not allowed during domain starting up
by Yi Wang 28 Aug '17

28 Aug '17

Start a domain whilst undefine it, if starting failed duing ProcessLaunch, on which period qemu exited unexpectedly, the operation will lead to failure of undefine the domain until libvirtd restarted. The reason is that libvirtd will unlock vm during qemuProcessStart, qemuDomainUndefineFlags can get the lock and set vm->persistent 0 but not remove the "active" domain. Signed-off-by: Yi Wang <wang.yi59(a)zte.com.cn> --- src/conf/domain_conf.h | 1 + src/qemu/qemu_driver.c | 6 ++++++ src/qemu/qemu_process.c | 3 +++ 3 files changed, 10 insertions(+) diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index af15ee8..f339f84 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -2468,6 +2468,7 @@ struct _virDomainObj { virDomainSnapshotObjPtr current_snapshot; bool hasManagedSave; + bool starting; void *privateData; void (*privateDataFreeFunc)(void *); diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 6568def..5d9acfc 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -7317,6 +7317,12 @@ qemuDomainUndefineFlags(virDomainPtr dom, if (!(vm = qemuDomObjFromDomain(dom))) return -1; + if (vm->starting) { + virReportError(VIR_ERR_OPERATION_INVALID, + "%s", _("cannot undefine during domain starting up")); + goto cleanup; + } + cfg = virQEMUDriverGetConfig(driver); if (virDomainUndefineFlagsEnsureACL(dom->conn, vm->def) < 0) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 525521a..7b708be 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -5847,6 +5847,8 @@ qemuProcessStart(virConnectPtr conn, if (!migrateFrom && !snapshot) flags |= VIR_QEMU_PROCESS_START_NEW; + vm->starting = true; + if (qemuProcessInit(driver, vm, updatedCPU, asyncJob, !!migrateFrom, flags) < 0) goto cleanup; @@ -5892,6 +5894,7 @@ qemuProcessStart(virConnectPtr conn, ret = 0; cleanup: + vm->starting = false; qemuProcessIncomingDefFree(incoming); return ret; -- 1.8.3.1

4 5

[libvirt] [PATCH go-xml] Add support for domain hostdev and test code
by zhenwei.pi 28 Aug '17

28 Aug '17

Signed-off-by: zhenwei.pi <zhenwei.pi(a)youruncloud.com> --- domain.go | 36 ++++++++++++++++++++++++++++++++++++ domain_test.go | 36 ++++++++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+) diff --git a/domain.go b/domain.go index a5d3203..2c63307 100644 --- a/domain.go +++ b/domain.go @@ -406,6 +406,29 @@ type DomainRNG struct { Backend *DomainRNGBackend `xml:"backend"` } +type DomainHostdevAdapter struct { + Name string `xml:"name,attr,omitempty"` +} + +type DomainHostdevSource struct { + Protocol string `xml:"protocol,attr,omitempty"` + Name string `xml:"name,attr,omitempty"` + Wwpn string `xml:"wwpn,attr,omitempty"` + Adapter *DomainHostdevAdapter `xml:"adapter"` + Address *DomainAddress `xml:"address"` +} + +type DomainHostdev struct { + XMLName xml.Name `xml:"hostdev"` + Mode string `xml:"mode,attr"` + Type string `xml:"type,attr"` + Sgio string `xml:"sgio,attr,omitempty"` + Rawio string `xml:"rawio,attr,omitempty"` + Managed string `xml:"managed,attr,omitempty"` + Source *DomainHostdevSource `xml:"source"` + Address *DomainAddress `xml:"address"` +} + type DomainDeviceList struct { Emulator string `xml:"emulator,omitempty"` Controllers []DomainController `xml:"controller"` @@ -421,6 +444,7 @@ type DomainDeviceList struct { MemBalloon *DomainMemBalloon `xml:"memballoon"` Sounds []DomainSound `xml:"sound"` RNGs []DomainRNG `xml:"rng"` + Hostdevs []DomainHostdev `xml:"hostdev"` } type DomainMemory struct { @@ -792,3 +816,15 @@ func (d *DomainRNG) Marshal() (string, error) { } return string(doc), nil } + +func (d *DomainHostdev) Unmarshal(doc string) error { + return xml.Unmarshal([]byte(doc), d) +} + +func (d *DomainHostdev) Marshal() (string, error) { + doc, err := xml.MarshalIndent(d, "", " ") + if err != nil { + return "", err + } + return string(doc), nil +} diff --git a/domain_test.go b/domain_test.go index 2af451f..e3abbbf 100644 --- a/domain_test.go +++ b/domain_test.go @@ -1457,6 +1457,42 @@ var domainTestData = []struct { `</rng>`, }, }, + { + Object: &DomainHostdev{ + Mode: "subsystem", + Type: "scsi", + Sgio: "unfiltered", + Rawio: "yes", + Source: &DomainHostdevSource{ + Adapter: &DomainHostdevAdapter{ + Name: "scsi_host0", + }, + Address: &DomainAddress{ + Type: "scsi", + Bus: &diskAddr.Bus, + Target: &diskAddr.Slot, + Unit: &diskAddr.Function, + }, + }, + Address: &DomainAddress{ + Type: "drive", + Controller: &diskAddr.Domain, + Bus: &diskAddr.Bus, + Target: &diskAddr.Slot, + Unit: &diskAddr.Function, + }, + }, + + Expected: []string{ + `<hostdev mode="subsystem" type="scsi" sgio="unfiltered" rawio="yes">`, + ` <source>`, + ` <adapter name="scsi_host0"></adapter>`, + ` <address type="scsi" bus="0" target="3" unit="0"></address>`, + ` </source>`, + ` <address type="drive" controller="0" bus="0" target="3" unit="0"></address>`, + `</hostdev>`, + }, + }, } func TestDomain(t *testing.T) { -- 2.7.4

2 2

[libvirt] [PATCH 0/8] qemu: Default to video type=virtio for machvirt
by Cole Robinson 27 Aug '17

27 Aug '17

This series aim is to change the qemu machvirt video type default to virtio, but rather than continue to hack things into place in domain_conf.c, this rearranges things to allow drivers to set a video type default. Patches 1-4 are small cleanups/improvements in this area Patches 5-7 are the plumbing to allow drivers to set their own default Patch 8 is the actual default change https://bugzilla.redhat.com/show_bug.cgi?id=1404112 Cole Robinson (8): qemu: parse: drop redundant video config qemu: domain: Move some validation out of DeviceDefPostParse qemu: annotate some VIDEO_TYPE enum switch conf: add virDomainVideoDefNew conf: domain: add VIDEO_TYPE_DEFAULT conf: domain: move video type validation to DeviceDefValidate qemu: Set default video type in qemu PostParse qemu: Default to video type=virtio for machvirt src/conf/domain_conf.c | 54 +++++++++++------- src/conf/domain_conf.h | 2 + src/libvirt_private.syms | 1 + src/qemu/qemu_command.c | 7 +-- src/qemu/qemu_domain.c | 66 ++++++++++++++-------- src/qemu/qemu_domain_address.c | 1 + src/qemu/qemu_monitor_json.c | 16 ++---- src/qemu/qemu_parse_command.c | 14 +---- src/qemu/qemu_process.c | 7 +-- src/vz/vz_sdk.c | 3 +- tests/domaincapsschemadata/full.xml | 1 + .../qemuxml2argv-aarch64-video-default.args | 24 ++++++++ .../qemuxml2argv-aarch64-video-default.xml | 17 ++++++ tests/qemuxml2argvtest.c | 6 ++ .../qemuxml2xmlout-aarch64-video-default.xml | 46 +++++++++++++++ tests/qemuxml2xmltest.c | 6 ++ 16 files changed, 191 insertions(+), 80 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-aarch64-video-default.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-aarch64-video-default.xml create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-aarch64-video-default.xml -- 2.13.0

2 19

[libvirt] [PATCH v4 0/4] Implement migrate-getmaxdowntime command
by Scott Garfinkle 26 Aug '17

26 Aug '17

Currently, the maximum tolerable downtime for a domain being migrated is write-only. This patch implements a way to query that value nondestructively. I've tried to incorporate the feedback from v3; however, I've left alone a couple of places where the feedback would have diverged from parallelism with the existing migrate-setdowntime help/info. Also, since the main use of this new command is likely to be (as in virt-manager) in combination with migrate-setmaxdowntime, I don't think it's going to really help to add an options to report this in some other unit other than milliseconds. To-do: Ought to revisit setmaxdowntime to use the new preferred qemu interface. Changes from [v3]: * Incorporated suggestions, including adding an error message * Added a patch to the news.xml file [v1} https://www.redhat.com/archives/libvir-list/2017-July/msg00908.html [v2} https://www.redhat.com/archives/libvir-list/2017-July/msg01010.html [v3} https://www.redhat.com/archives/libvir-list/2017-July/msg01301.html Scott Garfinkle (4) Add virDomainMigrateGetMaxDowntime public API qemu: Implement virDomainMigrateGetMaxDowntime virsh: Add support for virDomainMigrateGetMaxDowntime docs: document migrate-getmaxdowntime support --- docs/news.xml | 10 +++++++ include/libvirt/libvirt-domain.h | 4 +++ src/driver-hypervisor.h | 6 +++++ src/libvirt-domain.c | 41 ++++++++++++++++++++++++++++ src/libvirt_public.syms | 4 +++ src/qemu/qemu_driver.c | 58 ++++++++++++++++++++++++++++++++++++++++ src/qemu/qemu_monitor.h | 3 +++ src/qemu/qemu_monitor_json.c | 4 +++ src/remote/remote_driver.c | 1 + src/remote/remote_protocol.x | 16 ++++++++++- src/remote_protocol-structs | 8 ++++++ tools/virsh-domain.c | 42 +++++++++++++++++++++++++++++ tools/virsh.pod | 6 +++++ 13 files changed, 202 insertions(+), 1 deletion(-)

3 10

[libvirt] [PATCH 0/2] Some domain name handing improvements
by Martin Kletzander 25 Aug '17

25 Aug '17

It's not like anyone would hit any of those limitations, almost... Martin Kletzander (3): conf: Properly truncate wide character names in virDomainObjGetShortName qemu: Use short domain name in qemuDomainGetPreservedMountPath docs: Update news with domain name bug fixes docs/news.xml | 20 +++++++++++++++ src/conf/domain_conf.c | 30 +++++++++++++++++++--- src/qemu/qemu_domain.c | 10 ++++++-- .../qemuxml2argv-aarch64-virt-default-nic.args | 2 +- .../qemuxml2argv-hugepages-pages2.args | 4 +-- .../qemuxml2argv-hugepages-pages3.args | 5 ++-- .../qemuxml2argv-hugepages-pages5.args | 4 +-- .../qemuxml2argv-hugepages-pages6.args | 2 +- .../qemuxml2argv-pcie-expander-bus.args | 2 +- 9 files changed, 65 insertions(+), 14 deletions(-) -- 2.14.1

2 7

[libvirt] [PATCH 0/4] Make it easier to clean up after using virBuffer
by Martin Kletzander 25 Aug '17

25 Aug '17

There are many places in the code where virBufferCheckError() is used and then, right after that, virBufferContentAndReset() is called. The former has ATTRIBUTE_RETURN_CHECK, so every occurrence just checks that. However, if the return value of the latter is also the return value of the current function, there is no need to duplicate the work and act upon the error twice. This series proposes the idea of virCheckError being used for only reporting the error [1/4] and shows an example commit on how to clean up existing functions [2/4] so that it can be posted to our wiki under https://wiki.libvirt.org/page/BiteSizedTasks and linked from there. Further enhancements could go a step further and create one function (actually a macro the same way CheckError is done) and wrap those two lines in one so that it is even shorter. This, however, is not meant to be part of this series. Patches [3/4] and [4/4] utilize this for miscellaneous clean-ups in src/conf/. Martin Kletzander (4): util: Umark virBufferCheckErrorInternal as ATTRIBUTE_RETURN_CHECK util: Use virBufferCheckError to its full potential. conf: Clean up and report error in virDomainCapsFormat conf: Clean up and report error in virDomainGenerateMachineName src/conf/domain_capabilities.c | 68 +++++++++++++++++------------------------- src/conf/domain_conf.c | 16 +++++----- src/util/virbitmap.c | 6 +--- src/util/virbuffer.h | 2 +- 4 files changed, 37 insertions(+), 55 deletions(-) -- 2.14.1

2 8