June 2019 - Devel - libvirt List Archives

[libvirt] [PATCH 00/10] qemu: remove json fields from domain and monitor objects
by Ján Tomko 11 Jul '19

11 Jul '19

Applies on top of Peter's removal of commandline parsing https://www.redhat.com/archives/libvir-list/2019-June/msg00405.html After removal of qemuProcessAttach there is no codepath that could possibly set monJSON to false (not that libvirt would be able to much with such domain), so we can finish cleaning it up. Ján Tomko (10): qemu: also delete qemuProcessAttach qemu: assume monJSON is always true qemu: domain: remove monJSON field qemu: stop formatting json='1' in status XML qemu: remove json argument from qemuMonitorOpen qemu: monitor: assume JSON in QEMU_CHECK_MONITOR macro qemu: monitor: remove mon->json checks qemu: monitor: remove the json field qemu: monitor: use VIR_AUTOFREE in qemuMonitor*VideoSize qemu: monitor: s/ret/rc/ in UpdateVideoSize functions src/qemu/qemu_command.c | 8 +- src/qemu/qemu_domain.c | 12 +- src/qemu/qemu_domain.h | 1 - src/qemu/qemu_driver.c | 3 +- src/qemu/qemu_migration.c | 21 +- src/qemu/qemu_monitor.c | 109 ++------ src/qemu/qemu_monitor.h | 2 - src/qemu/qemu_process.c | 247 +----------------- src/qemu/qemu_process.h | 8 - tests/qemuhotplugtest.c | 2 - tests/qemumonitortestutils.c | 1 - .../blockjob-mirror-in.xml | 2 +- .../disk-secinfo-upgrade-out.xml | 2 +- .../migration-in-params-in.xml | 2 +- .../migration-out-nbd-out.xml | 2 +- .../migration-out-nbd-tls-out.xml | 2 +- .../migration-out-params-in.xml | 2 +- tests/qemustatusxml2xmldata/modern-in.xml | 2 +- .../qemustatusxml2xmldata/vcpus-multi-in.xml | 2 +- 19 files changed, 52 insertions(+), 378 deletions(-) -- 2.20.1

2 21

[libvirt] [PATCH 00/23] Enable proper use of systemd socket activation with libvirtd
by Daniel P. Berrangé 11 Jul '19

11 Jul '19

The libvirtd daemon has some support for systemd socket activation from: commit 27a7081c2968ca0d7fbd590629b5a5303851f4a3 Author: Martin Kletzander <mkletzan(a)redhat.com> Date: Tue Jul 15 15:28:53 2014 +0200 daemon: support passing FDs from the calling process First FD is the RW unix socket to listen on, second one (if applicable) is the RO unix socket. This was originally intended for use by the libvirt client when doing auto-spawning of libvirtd, but we later deleted that client side code in commit be78814ae07f092d9c4e71fd82dd1947aba2f029 Author: Michal Privoznik <mprivozn(a)redhat.com> Date: Thu Apr 2 14:41:17 2015 +0200 virNetSocketNewConnectUNIX: Use flocks when spawning a daemon We never added systemd socket units before as we need libvirtd to start on boot to perform autostart. It was recently pointed out by Lennart that these two features are not mutually exclusive though. Libvirtd can be set to start on boot, and also have socket unit files. The idea is that we start libvirtd on boot, perform autostart, and then libvirtd can exit if nothing is running. The socket unit files are then there to start it again when a mgmt app connects. This series implements that strategy. In doing so the current socket activation support was rewritten to be more flexible, able to cope with the admin socket and the TCP/TLS sockets, all passed in any order. NB, I don't believe I have got the RPM upgrade procedure right yet. As there are alot of scenario to test for upgrades, I need more validation of that. The series is long enough now though, that it would benefit from code review already This socket activation is also going to be important when we split out the daemons, as we will use the same libvirtd codebase for these new daemons, simply compiled with different options. Daniel P. Berrangé (23): locking,logging: put a strong dep from admin socket to main socket util: add helper API for getting UNIX path from socket address rpc: add helper API for getting UNIX path from socket object util: add VIR_AUTOSTRUCT for directly calling a struct free function util: add API for resolving socket service names util: add APIs for facilitating use of systemd activation FDs rpc: ensure all sockets bind to same port when service is NULL rpc: refactor RPC service constructors to share more code rpc: allow creating RPC service from an array of FDs rpc: avoid unlinking sockets passed in from systemd rpc: add helper APIs for adding services with systemd activation rpc: add API for checking whether an auth scheme is in use on a server remote: simplify libvirtd code for deciding if SASL auth is needed remote: fix handling of systemd activation wrt socket ordering rpc: remove unused API for creating services from FDs remote: add systemd socket units for UNIX/TCP sockets remote: make system libvirtd exit when idle via timeout remote: update config files to note usage wrt systemd socket activation util: remove code spawning with systemd activation env vars locking: convert lock daemon to use systemd activation APIs logging: convert log daemon to use systemd activation APIs util: move code for getting listen FDs into systemd module util: remove unused helper for getting UNIX socket path libvirt.spec.in | 24 +- src/libvirt_private.syms | 10 +- src/libvirt_remote.syms | 7 +- src/locking/lock_daemon.c | 121 +++---- src/locking/virtlockd-admin.socket.in | 2 + src/logging/log_daemon.c | 121 +++---- src/logging/virtlogd-admin.socket.in | 2 + src/remote/Makefile.inc.am | 35 +++ src/remote/libvirtd-admin.socket.in | 15 + src/remote/libvirtd-ro.socket.in | 15 + src/remote/libvirtd-tcp.socket.in | 14 + src/remote/libvirtd-tls.socket.in | 14 + src/remote/libvirtd.conf | 31 ++ src/remote/libvirtd.service.in | 16 +- src/remote/libvirtd.socket.in | 13 + src/remote/libvirtd.sysconf | 3 +- src/remote/remote_daemon.c | 255 +++++++-------- src/rpc/virnetserver.c | 162 ++++++++++ src/rpc/virnetserver.h | 26 ++ src/rpc/virnetserverservice.c | 238 ++++++-------- src/rpc/virnetserverservice.h | 24 +- src/rpc/virnetsocket.c | 93 ++++-- src/rpc/virnetsocket.h | 2 + src/util/viralloc.h | 13 + src/util/vircommand.c | 99 ------ src/util/vircommand.h | 2 - src/util/virsocketaddr.c | 93 ++++++ src/util/virsocketaddr.h | 4 + src/util/virsystemd.c | 434 ++++++++++++++++++++++++++ src/util/virsystemd.h | 30 ++ src/util/virutil.c | 116 ------- src/util/virutil.h | 3 - tests/commanddata/test24.log | 8 - tests/commandtest.c | 58 ---- tests/virsystemdtest.c | 169 ++++++++++ 35 files changed, 1490 insertions(+), 782 deletions(-) create mode 100644 src/remote/libvirtd-admin.socket.in create mode 100644 src/remote/libvirtd-ro.socket.in create mode 100644 src/remote/libvirtd-tcp.socket.in create mode 100644 src/remote/libvirtd-tls.socket.in create mode 100644 src/remote/libvirtd.socket.in delete mode 100644 tests/commanddata/test24.log -- 2.21.0

3 35

[libvirt] [PATCH v4 00/25] Fix and enable owner remembering
by Michal Privoznik 09 Jul '19

09 Jul '19

This is meant for next release to have the most time possible for testing. Some of the patches were ACKed in v3 already but since they don't make sense on their own I haven't pushed them. v4 of: https://www.redhat.com/archives/libvir-list/2019-March/msg01948.html As usual, you can find (not only these) patches on my github: https://github.com/zippy2/libvirt branch xattr_fixes_v4 diff to v3: - Some new patches (qemusecuritytest and qemusecuritymock) - Some other fixes raised by Cole in review of v3 (like double error reporting and others) - Remembering is done only for paths that cannot be shared between domains. This renders refcounting needless because the refcounter can't ever be greater than one. Nevertheless, I'm keeping it in because in the long run I might come up with a solution to the problem of shared resources and having refcounters might help. Michal Prívozník (25): qemusecuritymock: Mock virProcessRunInFork qemusecuritymock: Fix bit arithmetic qemusecuritymock: Actually set error on failure qemusecuritymock: Introduce and use freePaths() qemusecuritytest: Drop unused variable qemusecuritytest: Use AUTOFREE/AUTOUNREF qemusecuritytest: Fix capabilities loading tools: Slightly rework libvirt_recover_xattrs.sh virSecuritySELinuxRestoreAllLabel: Print @migrated in the debug message too virfile: Make virFileGetXAttr report errors virFileSetXAttr: Report error on failure virFileRemoveXAttr: Report error on failure security: Don't skip label restore on file systems lacking XATTRs security: Document @restore member of transaction list security_dac: Allow caller to suppress owner remembering security_selinux: Allow caller to suppress owner remembering qemusecuritymock: Allow some paths to be not restored security: Don't remember owner for shared resources security: Introduce virSecurityManagerMoveImageMetadata security_util: Introduce virSecurityMoveRememberedLabel security_dac: Implement virSecurityManagerMoveImageMetadata security_selinux: Implement virSecurityManagerMoveImageMetadata qemu_security: Implement qemuSecurityMoveImageMetadata qemu: Move image security metadata on snapshot activity Revert "qemu: Temporary disable owner remembering" docs/news.xml | 13 ++ src/libvirt_private.syms | 2 + src/qemu/libvirtd_qemu.aug | 1 + src/qemu/qemu.conf | 5 + src/qemu/qemu_blockjob.c | 6 + src/qemu/qemu_conf.c | 4 + src/qemu/qemu_driver.c | 17 +- src/qemu/qemu_security.c | 19 +++ src/qemu/qemu_security.h | 5 + src/qemu/test_libvirtd_qemu.aug.in | 1 + src/security/security_dac.c | 171 +++++++++++++++---- src/security/security_driver.h | 5 + src/security/security_manager.c | 39 +++++ src/security/security_manager.h | 4 + src/security/security_nop.c | 10 ++ src/security/security_selinux.c | 263 ++++++++++++++++++++--------- src/security/security_stack.c | 20 +++ src/security/security_util.c | 73 +++++++- src/security/security_util.h | 5 + src/util/virfile.c | 78 +++++++-- src/util/virfile.h | 5 + src/util/virprocess.h | 3 +- tests/qemusecuritymock.c | 76 +++++++-- tests/qemusecuritytest.c | 146 ++++++++++------ tests/qemusecuritytest.h | 4 +- tools/libvirt_recover_xattrs.sh | 50 +++--- 26 files changed, 802 insertions(+), 223 deletions(-) -- 2.21.0

4 64

[libvirt] New Feature: Identify Intel SGX support
by Carvalho, Larkins L 08 Jul '19

08 Jul '19

Hello Team, Greetings! We want to identify if the platform is Intel Software Guard Extensions<https://software.intel.com/en-us/sgx> (SGX) capable. The management platform (ex. Openstack) can use this information to launch VM that can run secure application code and data. Intel(r) SGX offers hardware-based memory encryption that isolates specific application code and data in memory. Regards, Larkins Carvalho Intel Corp.

2 2

[libvirt] [PATCH v8 00/21] Incremental backups
by Eric Blake 06 Jul '19

06 Jul '19

The API is fairly stable, but there are still probably code cleanups worth adding to the qemu driver implementation. I've also seen a desire on the list to support all APIs in the test driver, so I'll try and whip that together for my next round of patches. If we are confident that the API is worth having in 5.3 (especially since the earlier part of this series already has positive reviews), then it's probably worth committing that part of the series now even while I still address review comments on the later patches. I've pushed a tag backup-v8 to both my libvirt.git and libvirt-python.git repos to match: https://repo.or.cz/libvirt/ericb.git/shortlog/refs/tags/backup-v8 https://repo.or.cz/libvirt-python/ericb.git/shortlog/refs/tags/backup-v8 Here's hoping we're happy enough with the API, including the fact that rudimentary operation of pull mode backups work with qemu 4.0-rc1, for this to make it into the 5.2 release. Notable diffs from v7: - address several review comments (although I didn't get to every comment later in the series) - actually support job id of 0 (it was documented but not working in v7) - add support for Unix socket pull mode backups - improve checkpoint XML handling (more tests, separate postparse actions out from initial parse) - rebase to master 001/21:[0044] [FC] 'backup: Document new XML for checkpoints' 002/21:[----] [--] 'backup: Document new XML for backups' 003/21:[0006] [FC] 'backup: Introduce virDomainCheckpoint APIs' 004/21:[0002] [FC] 'backup: Introduce virDomainBackup APIs' 005/21:[----] [--] 'backup: Document nuances between different state capture APIs' 006/21:[0304] [FC] 'backup: Parse and output checkpoint XML' 007/21:[0007] [FC] 'backup: Allow for lists of checkpoint objects' 008/21:[0004] [FC] 'backup: Add new domain:checkpoint access control' 009/21:[0043] [FC] 'backup: Implement backup APIs for remote driver' 010/21:[down] 'conf: Add parameter to virDomainDiskSourceFormat' 011/21:[0019] [FC] 'backup: Parse and output backup XML' 012/21:[0006] [FC] 'backup: Implement virsh support for checkpoints' 013/21:[0002] [FC] 'backup: Implement virsh support for backup' 014/21:[down] 'backup: Prepare for Unix sockets in QMP nbd-server-start' 015/21:[0008] [FC] 'backup: Add new qemu monitor interactions' 016/21:[0022] [FC] 'backup: qemu: Implement metadata tracking for checkpoint APIs' 017/21:[0004] [FC] 'backup: Wire up qemu checkpoint commands over QMP' 018/21:[0019] [FC] 'backup: qemu: Implement framework for backup job APIs' 019/21:[0042] [FC] 'backup: Wire up qemu full pull backup commands over QMP' 020/21:[----] [-C] 'backup: qemu: Wire up qemu full push backup commands over QMP' 021/21:[0003] [FC] 'backup: implement qemu incremental pull backup' Eric Blake (21): backup: Document new XML for checkpoints backup: Document new XML for backups backup: Introduce virDomainCheckpoint APIs backup: Introduce virDomainBackup APIs backup: Document nuances between different state capture APIs backup: Parse and output checkpoint XML backup: Allow for lists of checkpoint objects backup: Add new domain:checkpoint access control backup: Implement backup APIs for remote driver conf: Add parameter to virDomainDiskSourceFormat backup: Parse and output backup XML backup: Implement virsh support for checkpoints backup: Implement virsh support for backup backup: Prepare for Unix sockets in QMP nbd-server-start backup: Add new qemu monitor interactions backup: qemu: Implement metadata tracking for checkpoint APIs backup: Wire up qemu checkpoint commands over QMP backup: qemu: Implement framework for backup job APIs backup: Wire up qemu full pull backup commands over QMP backup: qemu: Wire up qemu full push backup commands over QMP backup: implement qemu incremental pull backup include/libvirt/libvirt-domain-checkpoint.h | 161 ++ include/libvirt/libvirt-domain-snapshot.h | 8 +- include/libvirt/libvirt-domain.h | 47 +- include/libvirt/libvirt.h | 5 +- src/access/viraccessperm.h | 6 + src/conf/backup_conf.h | 97 + src/conf/checkpoint_conf.h | 103 ++ src/conf/domain_conf.h | 3 + src/conf/virconftypes.h | 12 + src/conf/virdomaincheckpointobjlist.h | 74 + src/conf/virdomainmomentobjlist.h | 7 +- src/conf/virdomainobjlist.h | 7 +- src/driver-hypervisor.h | 79 + src/qemu/qemu_block.h | 3 + src/qemu/qemu_blockjob.h | 1 + src/qemu/qemu_capabilities.h | 2 + src/qemu/qemu_conf.h | 2 + src/qemu/qemu_domain.h | 19 + src/qemu/qemu_monitor.h | 27 +- src/qemu/qemu_monitor_json.h | 22 +- tools/virsh-checkpoint.h | 29 + tools/virsh-completer.h | 4 + tools/virsh-util.h | 3 + tools/virsh.h | 1 + docs/Makefile.am | 3 + docs/apibuild.py | 2 + docs/docs.html.in | 10 +- docs/domainstatecapture.html.in | 315 ++++ docs/format.html.in | 2 + docs/formatbackup.html.in | 184 ++ docs/formatcheckpoint.html.in | 204 +++ docs/formatsnapshot.html.in | 2 + docs/index.html.in | 4 +- docs/schemas/domainbackup.rng | 219 +++ docs/schemas/domaincheckpoint.rng | 87 + examples/object-events/event-test.c | 3 + libvirt.spec.in | 3 + mingw-libvirt.spec.in | 6 + po/POTFILES | 3 + src/Makefile.am | 2 + src/access/viraccessperm.c | 3 +- src/conf/Makefile.inc.am | 6 + src/conf/backup_conf.c | 538 ++++++ src/conf/checkpoint_conf.c | 636 +++++++ src/conf/domain_conf.c | 22 +- src/conf/snapshot_conf.c | 3 +- src/conf/virdomaincheckpointobjlist.c | 223 +++ src/conf/virdomainmomentobjlist.c | 40 +- src/conf/virdomainobjlist.c | 11 + src/conf/virdomainsnapshotobjlist.c | 2 +- src/libvirt-domain-checkpoint.c | 750 ++++++++ src/libvirt-domain-snapshot.c | 89 + src/libvirt-domain.c | 237 ++- src/libvirt_private.syms | 32 + src/libvirt_public.syms | 24 + src/qemu/qemu_block.c | 12 + src/qemu/qemu_capabilities.c | 4 + src/qemu/qemu_conf.c | 5 + src/qemu/qemu_domain.c | 221 ++- src/qemu/qemu_driver.c | 1577 +++++++++++++++++ src/qemu/qemu_migration.c | 9 +- src/qemu/qemu_monitor.c | 72 +- src/qemu/qemu_monitor_json.c | 222 ++- src/qemu/qemu_process.c | 9 + src/remote/remote_daemon_dispatch.c | 20 + src/remote/remote_driver.c | 32 +- src/remote/remote_protocol.x | 258 ++- src/remote_protocol-structs | 139 ++ src/rpc/gendispatch.pl | 32 +- tests/Makefile.am | 13 +- tests/domainbackupxml2xmlin/backup-pull.xml | 9 + tests/domainbackupxml2xmlin/backup-push.xml | 9 + tests/domainbackupxml2xmlin/empty.xml | 1 + tests/domainbackupxml2xmlout/backup-pull.xml | 9 + tests/domainbackupxml2xmlout/backup-push.xml | 9 + tests/domainbackupxml2xmlout/empty.xml | 7 + tests/domaincheckpointxml2xmlin/empty.xml | 1 + tests/domaincheckpointxml2xmlin/sample.xml | 7 + tests/domaincheckpointxml2xmlin/size.xml | 4 + tests/domaincheckpointxml2xmlout/empty.xml | 7 + .../internal-active-invalid.xml | 53 + .../internal-inactive-invalid.xml | 53 + tests/domaincheckpointxml2xmlout/redefine.xml | 63 + tests/domaincheckpointxml2xmlout/sample.xml | 12 + tests/domaincheckpointxml2xmlout/size.xml | 11 + tests/domaincheckpointxml2xmltest.c | 223 +++ tests/qemublocktest.c | 3 +- .../caps_4.0.0.riscv32.xml | 2 + .../caps_4.0.0.riscv64.xml | 2 + .../caps_4.0.0.x86_64.xml | 2 + tests/qemumonitorjsontest.c | 32 +- tests/virschematest.c | 4 + tests/virstoragetest.c | 2 +- tools/Makefile.am | 1 + tools/virsh-checkpoint.c | 1370 ++++++++++++++ tools/virsh-completer.c | 51 + tools/virsh-domain-monitor.c | 23 + tools/virsh-domain.c | 268 ++- tools/virsh-snapshot.c | 37 +- tools/virsh-util.c | 11 + tools/virsh.c | 2 + tools/virsh.pod | 302 +++- 102 files changed, 9502 insertions(+), 100 deletions(-) create mode 100644 include/libvirt/libvirt-domain-checkpoint.h create mode 100644 src/conf/backup_conf.h create mode 100644 src/conf/checkpoint_conf.h create mode 100644 src/conf/virdomaincheckpointobjlist.h create mode 100644 tools/virsh-checkpoint.h create mode 100644 docs/domainstatecapture.html.in create mode 100644 docs/formatbackup.html.in create mode 100644 docs/formatcheckpoint.html.in create mode 100644 docs/schemas/domainbackup.rng create mode 100644 docs/schemas/domaincheckpoint.rng create mode 100644 src/conf/backup_conf.c create mode 100644 src/conf/checkpoint_conf.c create mode 100644 src/conf/virdomaincheckpointobjlist.c create mode 100644 src/libvirt-domain-checkpoint.c create mode 100644 tests/domainbackupxml2xmlin/backup-pull.xml create mode 100644 tests/domainbackupxml2xmlin/backup-push.xml create mode 100644 tests/domainbackupxml2xmlin/empty.xml create mode 100644 tests/domainbackupxml2xmlout/backup-pull.xml create mode 100644 tests/domainbackupxml2xmlout/backup-push.xml create mode 100644 tests/domainbackupxml2xmlout/empty.xml create mode 100644 tests/domaincheckpointxml2xmlin/empty.xml create mode 100644 tests/domaincheckpointxml2xmlin/sample.xml create mode 100644 tests/domaincheckpointxml2xmlin/size.xml create mode 100644 tests/domaincheckpointxml2xmlout/empty.xml create mode 100644 tests/domaincheckpointxml2xmlout/internal-active-invalid.xml create mode 100644 tests/domaincheckpointxml2xmlout/internal-inactive-invalid.xml create mode 100644 tests/domaincheckpointxml2xmlout/redefine.xml create mode 100644 tests/domaincheckpointxml2xmlout/sample.xml create mode 100644 tests/domaincheckpointxml2xmlout/size.xml create mode 100644 tests/domaincheckpointxml2xmltest.c create mode 100644 tools/virsh-checkpoint.c -- 2.20.1

2 46

[libvirt] [RFC] test_driver: Thoughts on the implementation of some FS-related APIs
by Ilias Stamatis 04 Jul '19

04 Jul '19

Hello, I was thinking about how to implement the following APIs in the test driver: -virDomainFSFreeze -virDomainFSThaw -virDomainFSTrim The first two are conceptually paired. They both get a mountpoints argument. The QEMU driver (which is the only driver implementing this currently) ignores this completely. However, I thought that we can allow it and pretend that the only available mountpoints are "/" and "/boot" (like in a default Fedora installation). The following questions arise though: - Should we keep some kind of temporary or permanent state on the test driver about this? Because it makes sense for virDomainFSThaw to succeed only on mountpoints for which previously virDomainFSFreeze has been called. If so, *where* exactly should we keep this state? - In case a non-existing mountpoint is passed to either of the first 2 APIs. Should we fail? If so, a new error code should be introduced for this. Also for the cases above where e.g. Thaw is called on a fs that isn't frozen probably yet another different error code must be used. Should we add all these new error codes? Or maybe all the above is more complicated than necessary and it's fine if we ignore mountpoints completely like the QEMU driver does and make all 3 APIs above to always succeed no matter what in the test driver? Thanks, Ilias

2 3

[libvirt] [PATCH] qemu: De-duplicate some path definitions
by Michal Privoznik 03 Jul '19

03 Jul '19

There are some paths (e.g. /dev/vfio/vfio or /dev/mapper/control) which are defined in qemu_domain.c and then in qemu_cgroup.c again. This is suboptimal. Lets move paths into qemu_domain.h and drop duplicate definitions. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- src/qemu/qemu_cgroup.c | 13 ++++++------- src/qemu/qemu_domain.c | 30 +++++++++++------------------- src/qemu/qemu_domain.h | 7 +++++++ src/qemu/qemu_hostdev.c | 5 +++-- 4 files changed, 27 insertions(+), 28 deletions(-) diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index ca76c4fdfa..19ca60905a 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -113,8 +113,6 @@ qemuSetupImagePathCgroup(virDomainObjPtr vm, } -#define DEVICE_MAPPER_CONTROL_PATH "/dev/mapper/control" - static int qemuSetupImageCgroupInternal(virDomainObjPtr vm, virStorageSourcePtr src, @@ -127,8 +125,8 @@ qemuSetupImageCgroupInternal(virDomainObjPtr vm, } if (virStoragePRDefIsManaged(src->pr) && - virFileExists(DEVICE_MAPPER_CONTROL_PATH) && - qemuSetupImagePathCgroup(vm, DEVICE_MAPPER_CONTROL_PATH, false) < 0) + virFileExists(QEMU_DEVICE_MAPPER_CONTROL_PATH) && + qemuSetupImagePathCgroup(vm, QEMU_DEVICE_MAPPER_CONTROL_PATH, false) < 0) return -1; return qemuSetupImagePathCgroup(vm, src->path, src->readonly || forceReadonly); @@ -162,7 +160,7 @@ qemuTeardownImageCgroup(virDomainObjPtr vm, return 0; } - if (virFileExists(DEVICE_MAPPER_CONTROL_PATH)) { + if (virFileExists(QEMU_DEVICE_MAPPER_CONTROL_PATH)) { for (i = 0; i < vm->def->ndisks; i++) { virStorageSourcePtr diskSrc = vm->def->disks[i]->src; @@ -176,9 +174,10 @@ qemuTeardownImageCgroup(virDomainObjPtr vm, if (i == vm->def->ndisks) { VIR_DEBUG("Disabling device mapper control"); ret = virCgroupDenyDevicePath(priv->cgroup, - DEVICE_MAPPER_CONTROL_PATH, perms, true); + QEMU_DEVICE_MAPPER_CONTROL_PATH, + perms, true); virDomainAuditCgroupPath(vm, priv->cgroup, "deny", - DEVICE_MAPPER_CONTROL_PATH, + QEMU_DEVICE_MAPPER_CONTROL_PATH, virCgroupGetDevicePermsString(perms), ret); if (ret < 0) return ret; diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 0f1335de9c..7e6a9764c5 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -117,14 +117,6 @@ VIR_ENUM_IMPL(qemuDomainNamespace, "mount", ); - -#define PROC_MOUNTS "/proc/mounts" -#define DEVPREFIX "/dev/" -#define DEV_VFIO "/dev/vfio/vfio" -#define DEVICE_MAPPER_CONTROL_PATH "/dev/mapper/control" -#define DEV_SEV "/dev/sev" - - struct _qemuDomainLogContext { virObject parent; @@ -11872,7 +11864,7 @@ qemuDomainGetHostdevPath(virDomainDefPtr def, tmpPerms[0] = perm; if (includeVFIO) { - if (VIR_STRDUP(tmpPaths[1], DEV_VFIO) < 0) + if (VIR_STRDUP(tmpPaths[1], QEMU_DEV_VFIO) < 0) goto cleanup; tmpPerms[1] = VIR_CGROUP_DEVICE_RW; } @@ -11919,7 +11911,7 @@ qemuDomainGetPreservedMountPath(virQEMUDriverConfigPtr cfg, { char *path = NULL; char *tmp; - const char *suffix = mountpoint + strlen(DEVPREFIX); + const char *suffix = mountpoint + strlen(QEMU_DEVPREFIX); char *domname = virDomainDefGetShortName(vm->def); size_t off; @@ -11974,7 +11966,7 @@ qemuDomainGetPreservedMounts(virQEMUDriverConfigPtr cfg, char **paths = NULL, **mounts = NULL; size_t i, j, nmounts; - if (virFileGetMountSubtree(PROC_MOUNTS, "/dev", + if (virFileGetMountSubtree(QEMU_PROC_MOUNTS, "/dev", &mounts, &nmounts) < 0) goto error; @@ -12099,7 +12091,7 @@ qemuDomainCreateDeviceRecursive(const char *device, * Otherwise we might get fooled with `/dev/../var/my_image'. * For now, lets hope callers play nice. */ - if (STRPREFIX(device, DEVPREFIX)) { + if (STRPREFIX(device, QEMU_DEVPREFIX)) { size_t i; for (i = 0; i < data->ndevMountsPath; i++) { @@ -12113,7 +12105,7 @@ qemuDomainCreateDeviceRecursive(const char *device, /* Okay, @device is in /dev but not in any mount point under /dev. * Create it. */ if (virAsprintf(&devicePath, "%s/%s", - data->path, device + strlen(DEVPREFIX)) < 0) + data->path, device + strlen(QEMU_DEVPREFIX)) < 0) goto cleanup; if (virFileMakeParentPath(devicePath) < 0) { @@ -12375,7 +12367,7 @@ qemuDomainSetupDisk(virQEMUDriverConfigPtr cfg ATTRIBUTE_UNUSED, /* qemu-pr-helper might require access to /dev/mapper/control. */ if (disk->src->pr && - qemuDomainCreateDevice(DEVICE_MAPPER_CONTROL_PATH, data, true) < 0) + qemuDomainCreateDevice(QEMU_DEVICE_MAPPER_CONTROL_PATH, data, true) < 0) goto cleanup; ret = 0; @@ -12707,7 +12699,7 @@ qemuDomainSetupLaunchSecurity(virQEMUDriverConfigPtr cfg ATTRIBUTE_UNUSED, VIR_DEBUG("Setting up launch security"); - if (qemuDomainCreateDevice(DEV_SEV, data, false) < 0) + if (qemuDomainCreateDevice(QEMU_DEV_SEV, data, false) < 0) return -1; VIR_DEBUG("Set up launch security"); @@ -13122,7 +13114,7 @@ qemuDomainAttachDeviceMknodRecursive(virQEMUDriverPtr driver, isReg = S_ISREG(data.sb.st_mode) || S_ISFIFO(data.sb.st_mode) || S_ISSOCK(data.sb.st_mode); isDir = S_ISDIR(data.sb.st_mode); - if ((isReg || isDir) && STRPREFIX(file, DEVPREFIX)) { + if ((isReg || isDir) && STRPREFIX(file, QEMU_DEVPREFIX)) { cfg = virQEMUDriverGetConfig(driver); if (!(target = qemuDomainGetPreservedMountPath(cfg, vm, file))) goto cleanup; @@ -13178,7 +13170,7 @@ qemuDomainAttachDeviceMknodRecursive(virQEMUDriverPtr driver, } # endif - if (STRPREFIX(file, DEVPREFIX)) { + if (STRPREFIX(file, QEMU_DEVPREFIX)) { size_t i; for (i = 0; i < ndevMountsPath; i++) { @@ -13287,7 +13279,7 @@ qemuDomainDetachDeviceUnlink(virQEMUDriverPtr driver ATTRIBUTE_UNUSED, int ret = -1; size_t i; - if (STRPREFIX(file, DEVPREFIX)) { + if (STRPREFIX(file, QEMU_DEVPREFIX)) { for (i = 0; i < ndevMountsPath; i++) { if (STREQ(devMountsPath[i], "/dev")) continue; @@ -13429,7 +13421,7 @@ qemuDomainNamespaceSetupDisk(virDomainObjPtr vm, /* qemu-pr-helper might require access to /dev/mapper/control. */ if (src->pr && - (VIR_STRDUP(dmPath, DEVICE_MAPPER_CONTROL_PATH) < 0 || + (VIR_STRDUP(dmPath, QEMU_DEVICE_MAPPER_CONTROL_PATH) < 0 || VIR_APPEND_ELEMENT_COPY(paths, npaths, dmPath) < 0)) goto cleanup; diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 5cb4a32c0e..3eea8b0f96 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -223,6 +223,13 @@ struct _qemuDomainUnpluggingDevice { }; +#define QEMU_PROC_MOUNTS "/proc/mounts" +#define QEMU_DEVPREFIX "/dev/" +#define QEMU_DEV_VFIO "/dev/vfio/vfio" +#define QEMU_DEV_SEV "/dev/sev" +#define QEMU_DEVICE_MAPPER_CONTROL_PATH "/dev/mapper/control" + + typedef enum { QEMU_DOMAIN_NS_MOUNT = 0, QEMU_DOMAIN_NS_LAST diff --git a/src/qemu/qemu_hostdev.c b/src/qemu/qemu_hostdev.c index cc0a4574cd..efa4d62f1f 100644 --- a/src/qemu/qemu_hostdev.c +++ b/src/qemu/qemu_hostdev.c @@ -25,6 +25,7 @@ #include <sys/ioctl.h> #include "qemu_hostdev.h" +#include "qemu_domain.h" #include "virlog.h" #include "virerror.h" #include "viralloc.h" @@ -140,7 +141,7 @@ qemuHostdevHostSupportsPassthroughVFIO(void) return false; /* condition 2 - /dev/vfio/vfio exists */ - if (!virFileExists("/dev/vfio/vfio")) + if (!virFileExists(QEMU_DEV_VFIO)) return false; return true; @@ -343,7 +344,7 @@ qemuHostdevPrepareMediatedDevices(virQEMUDriverPtr driver, /* Checking for VFIO only is fine with mdev, as IOMMU isolation is achieved * by the physical parent device. */ - supportsVFIO = virFileExists("/dev/vfio/vfio"); + supportsVFIO = virFileExists(QEMU_DEV_VFIO); for (i = 0; i < nhostdevs; i++) { if (virHostdevIsMdevDevice(hostdevs[i])) { -- 2.21.0

3 2

[libvirt] [PATCH 0/2] test_driver: add a disk device and implement
by Ilias Stamatis 02 Jul '19

02 Jul '19

Ilias Stamatis (2): test_driver: add a disk device in the default config test_driver: implement virDomainGetFSInfo src/test/test_driver.c | 71 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) -- 2.22.0

2 6

[libvirt] [PATCH] test_driver: fix some bugs on testDomainGetDiskErrors
by Ilias Stamatis 02 Jul '19

02 Jul '19

The current implementation has the following bugs: - the vm variable is accessed after calling virDomainObjEndAPI on it - if VIR_STRDUP fails and we jump to the cleanup section, we're calling VIR_FREE on pointers for which we haven't allocated memory - the error type VIR_DOMAIN_DISK_ERROR_NONE is used which contradicts the documentation of the API that says that disks with no errors are not reported This patch fixes all of them and additionally reports errors only for every second disk (instead of reporting errors for all disks) which was the initial intention. Signed-off-by: Ilias Stamatis <stamatis.iliass(a)gmail.com> --- src/test/test_driver.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/test/test_driver.c b/src/test/test_driver.c index 2a0ffbc6c5..a7e40112d1 100755 --- a/src/test/test_driver.c +++ b/src/test/test_driver.c @@ -3246,6 +3246,7 @@ static int testDomainGetDiskErrors(virDomainPtr dom, unsigned int flags) { virDomainObjPtr vm = NULL; + int n = 0; int ret = -1; size_t i; @@ -3258,12 +3259,13 @@ static int testDomainGetDiskErrors(virDomainPtr dom, goto cleanup; if (errors) { - for (i = 0; i < MIN(vm->def->ndisks, maxerrors); i++) { - if (VIR_STRDUP(errors[i].disk, vm->def->disks[i]->dst) < 0) + for (i = 1; i < vm->def->ndisks && n < maxerrors; i += 2) { + if (VIR_STRDUP(errors[n].disk, vm->def->disks[i]->dst) < 0) goto cleanup; - errors[i].error = i % VIR_DOMAIN_DISK_ERROR_LAST; + errors[n].error = (n % (VIR_DOMAIN_DISK_ERROR_LAST - 1)) + 1; + n++; } - ret = i; + ret = n; } else { ret = vm->def->ndisks; } @@ -3271,7 +3273,7 @@ static int testDomainGetDiskErrors(virDomainPtr dom, cleanup: virDomainObjEndAPI(&vm); if (ret < 0) { - for (i = 0; i < MIN(vm->def->ndisks, maxerrors); i++) + for (i = 0; i < n; i++) VIR_FREE(errors[i].disk); } return ret; -- 2.22.0

2 3

[libvirt] [PATCH v2] test_driver: implement virDomainGetMemoryParameters
by Ilias Stamatis 02 Jul '19

02 Jul '19

Signed-off-by: Ilias Stamatis <stamatis.iliass(a)gmail.com> --- Things changed since v1: - virDomainObjGetOneDef is used in order to get the appropriate def - the TEST_ASSIGN_MEM_PARAM macro got removed src/test/test_driver.c | 52 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/src/test/test_driver.c b/src/test/test_driver.c index 4b1f2724a0..01b3ed88f3 100755 --- a/src/test/test_driver.c +++ b/src/test/test_driver.c @@ -2514,6 +2514,57 @@ testDomainGetMaxVcpus(virDomainPtr domain) VIR_DOMAIN_VCPU_MAXIMUM)); } + +static int +testDomainGetMemoryParameters(virDomainPtr dom, + virTypedParameterPtr params, + int *nparams, + unsigned int flags) +{ + int ret = -1; + virDomainObjPtr vm = NULL; + virDomainDefPtr def = NULL; + + virCheckFlags(VIR_DOMAIN_AFFECT_LIVE | + VIR_DOMAIN_AFFECT_CONFIG | + VIR_TYPED_PARAM_STRING_OKAY, -1); + + if ((*nparams) == 0) { + *nparams = 3; + return 0; + } + + if (!(vm = testDomObjFromDomain(dom))) + goto cleanup; + + if (!(def = virDomainObjGetOneDef(vm, flags))) + goto cleanup; + + if (*nparams > 0 && + virTypedParameterAssign(&params[0], VIR_DOMAIN_MEMORY_HARD_LIMIT, + VIR_TYPED_PARAM_ULLONG, def->mem.hard_limit) < 0) + goto cleanup; + + if (*nparams > 1 && + virTypedParameterAssign(&params[1], VIR_DOMAIN_MEMORY_SOFT_LIMIT, + VIR_TYPED_PARAM_ULLONG, def->mem.soft_limit) < 0) + goto cleanup; + + if (*nparams > 2 && + virTypedParameterAssign(&params[2], VIR_DOMAIN_MEMORY_SWAP_HARD_LIMIT, + VIR_TYPED_PARAM_ULLONG, def->mem.swap_hard_limit) < 0) + goto cleanup; + + if (*nparams > 3) + *nparams = 3; + + ret = 0; + cleanup: + virDomainObjEndAPI(&vm); + return ret; +} + + static int testDomainSetVcpusFlags(virDomainPtr domain, unsigned int nrCpus, unsigned int flags) @@ -7275,6 +7326,7 @@ static virHypervisorDriver testHypervisorDriver = { .domainGetVcpus = testDomainGetVcpus, /* 0.7.3 */ .domainGetVcpuPinInfo = testDomainGetVcpuPinInfo, /* 1.2.18 */ .domainGetMaxVcpus = testDomainGetMaxVcpus, /* 0.7.3 */ + .domainGetMemoryParameters = testDomainGetMemoryParameters, /* 5.6.0 */ .domainGetXMLDesc = testDomainGetXMLDesc, /* 0.1.4 */ .connectListDefinedDomains = testConnectListDefinedDomains, /* 0.1.11 */ .connectNumOfDefinedDomains = testConnectNumOfDefinedDomains, /* 0.1.11 */ -- 2.22.0

2 4