- Devel - libvirt List Archives

[libvirt] [PATCH] CVE-2015-5313: storage: don't allow '/' in filesystem volume names
by Eric Blake 11 Dec '15

11 Dec '15

The libvirt file system storage driver determines what file to act on by concatenating the pool location with the volume name. If a user is able to pick names like "../../../etc/passwd", then they can escape the bounds of the pool. For that matter, virStoragePoolListVolumes() doesn't descend into subdirectories, so a user really shouldn't use a name with a slash. Normally, only privileged users can coerce libvirt into creating or opening existing files using the virStorageVol APIs; and such users already have full privilege to create any domain XML (so it is not an escalation of privilege). But in the case of fine-grained ACLs, it is feasible that a user can be granted storage_vol:create but not domain:write, and it violates assumptions if such a user can abuse libvirt to access files outside of the storage pool. Therefore, prevent all use of volume names that contain "/", whether or not such a name is actually attempting to escape the pool. This changes things from: $ virsh vol-create-as default ../../../../../../etc/haha --capacity 128 Vol ../../../../../../etc/haha created $ rm /etc/haha to: $ virsh vol-create-as default ../../../../../../etc/haha --capacity 128 error: Failed to create vol ../../../../../../etc/haha error: Requested operation is not valid: volume name '../../../../../../etc/haha' cannot contain '/' Signed-off-by: Eric Blake <eblake(a)redhat.com> --- This has been reviewed on the libvirt security list, where it was assigned a CVE. Fortunately, this could only be used for an escalation of privileges under fine-grained ACLs (which is not an out-of-the-box config). I will go ahead and push this to master as well as all the active maint branches back to the introduction of ACLs. src/storage/storage_backend_fs.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/storage/storage_backend_fs.c b/src/storage/storage_backend_fs.c index c71c724..bb3b62a 100644 --- a/src/storage/storage_backend_fs.c +++ b/src/storage/storage_backend_fs.c @@ -1,7 +1,7 @@ /* * storage_backend_fs.c: storage backend for FS and directory handling * - * Copyright (C) 2007-2014 Red Hat, Inc. + * Copyright (C) 2007-2015 Red Hat, Inc. * Copyright (C) 2007-2008 Daniel P. Berrange * * This library is free software; you can redistribute it and/or @@ -1057,6 +1057,14 @@ virStorageBackendFileSystemVolCreate(virConnectPtr conn ATTRIBUTE_UNUSED, else vol->type = VIR_STORAGE_VOL_FILE; + /* Volumes within a directory pools are not recursive; do not + * allow escape to ../ or a subdir */ + if (strchr(vol->name, '/')) { + virReportError(VIR_ERR_OPERATION_INVALID, + _("volume name '%s' cannot contain '/'"), vol->name); + return -1; + } + VIR_FREE(vol->target.path); if (virAsprintf(&vol->target.path, "%s/%s", pool->def->target.path, -- 2.4.3

1 0

[libvirt] [PATCH] storage: Attempt to refresh volume after successful wipe volume
by John Ferlan 11 Dec '15

11 Dec '15

https://bugzilla.redhat.com/show_bug.cgi?id=1270709 When a volume wipe is successful, a volume refresh should be done afterwards to update any volume data that may be used in future volume commands, such as volume resize. For a raw file volume, a wipe would truncate the file and a followup volume resize the capacity may fail because the volume target allocation isn't updated to reflect the wipe activity. Signed-off-by: John Ferlan <jferlan(a)redhat.com> --- src/storage/storage_driver.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/storage/storage_driver.c b/src/storage/storage_driver.c index bbf21f6..2e59e39 100644 --- a/src/storage/storage_driver.c +++ b/src/storage/storage_driver.c @@ -2436,7 +2436,19 @@ storageVolWipePattern(virStorageVolPtr obj, goto cleanup; } - ret = backend->wipeVol(obj->conn, pool, vol, algorithm, flags); + if ((ret = backend->wipeVol(obj->conn, pool, vol, algorithm, flags)) < 0) + goto cleanup; + + /* Best effort to refresh the volume data. If unsuccessful, we've already + * wiped the data so there's no going back on that. Best we can do is + * provide some details over what happened and move on + */ + if (backend->refreshVol && + backend->refreshVol(obj->conn, pool, vol) < 0) { + VIR_WARN("failed to refresh volume '%s' info after volume wipe", + vol->name); + virResetLastError(); + } cleanup: virStoragePoolObjUnlock(pool); -- 2.5.0

2 2

[libvirt] [PATCH 00/10] VFIO fixes for PCI devices
by Andrea Bolognani 11 Dec '15

11 Dec '15

This series is my attempt at fixing https://bugzilla.redhat.com/show_bug.cgi?id=1272300 In its current state, it's missing test cases covering the new functionality[1] and it's known not to handle properly one situation[2], but I'd like to get some feedback on my current work and now that I have something to show for it feels like a good time. I'm already working on the missing bits and they will either be included in the next revision or sent as separate series later on. The problem being solved is that, when using VFIO, IOMMU group ownership can't be shared, eg. two devices that are in the same IOMMU group can't be assigned to different guests, or to the host and a guest. If that happens, the host will probably crash. The series deals with this issue by making sure safety conditions are met before detaching devices from the host or reattaching them to the host. In praticular, when we're asked to reattach a device to the host but doing so would lead to sharing IOMMU group ownership, we delay the operation until we can guarantee this will not cause problems. As a nice side effect of the changes we check for this when starting a guest too, instead of assuming it will work and having QEMU error out immediately afterwards. Patches are organized as follows: 1-2: Minor cleanups that make implicit / confusing stuff explicit / less confusing 3: Convert a string field used as an enumeration to a proper enumeration 4: Introduce a simple helper function used later on 5-6: Rewrite the checks used when detaching devices from the host. With this patches applied, the behaviour is basically the same as before, except for the nice little extra detailed above 7-9: Implement the delay when reattaching devices to the host, thus preventing the crash and fixing the bug 10: Spit and polish Cheers. [1] Luckily, it doesn't break the existing tests either [2] If you call 'virsh nodedev-reattach' on a device that's assigned to a guest, libvirt won't stop you and you will end up crashing your system Andrea Bolognani (10): pci: Remove redundant parameter from virPCIDeviceBindToStub() pci: Remove 'reprobe' parameter from virPCIDeviceUnbind() pci: Introduce virPCIStubDriver enumeration pci: Introduce virPCIDeviceIOMMUGroupIterate() hostdev: Simplify virHostdevIsPCIDeviceUsed() hostdev: Check for safety before detaching VFIO devices hostdev: Delay reattach of VFIO devices hostdev: Clean up delayed VFIO devices hostdev: Devices have already been marked as inactive hostdev: Tidy up after changes to VFIO device handling src/libvirt_private.syms | 3 + src/libxl/libxl_driver.c | 3 +- src/qemu/qemu_driver.c | 6 +- src/util/virhostdev.c | 410 ++++++++++++++++++++++++++++++++++------------- src/util/virpci.c | 125 +++++++++------ src/util/virpci.h | 26 ++- src/xen/xen_driver.c | 3 +- tests/virhostdevtest.c | 5 +- tests/virpcitest.c | 35 ++-- 9 files changed, 427 insertions(+), 189 deletions(-) -- 2.5.0

3 17

[libvirt] [PATCH 0/6] Memory locking limit improvements
by Andrea Bolognani 11 Dec '15

11 Dec '15

As noticed by Peter[1], the memory locking limit for the QEMU process is increased before assigning a VFIO device to a guest, but it might not be decreased when returning said device to the host. This series fixes this inconsistent behaviour and cleans up the code a little bit along the way. The idea is to introduce a new, smarter function called qemuDomainAdjustMaxMemLock() that does The Right Thing™ and increases the limit when required, while at the same time storing the original value. This way, when memory locking is no longer needed, it can restore it. I've tested this both on x86 and ppc64, both by removing devices that were assigned in the domain XML and devices that I had hotplugged. Patches 1-2 lay some groundwork by allowing retrieval of the memory locking limit for a process. Patches 3-4 add qemuDomainAdjustMaxMemLock() and use it where appropriate in the existing code. Patch 5 adds one more use of the function, after a PCI hostdev has been detached from the guest. Patch 6 replaces the use of Mlock with MemLock. Suggestions on how to further improve the names of those functions is very welcome, this is just a first step in the right direction. Cheers. [1] https://www.redhat.com/archives/libvir-list/2015-November/msg00642.html Andrea Bolognani (6): process: Allow virProcessPrLimit() to get current limit process: Add virProcessGetMaxMemLock() qemu: Add qemuDomainAdjustMaxMemLock() qemu: Use qemuDomainAdjustMaxMemLock() qemu: Reduce memlock limit after detaching hostdev qemu: Replace Mlock with MemLock in function names configure.ac | 2 +- src/conf/domain_conf.h | 3 +++ src/libvirt_private.syms | 1 + src/qemu/qemu_command.c | 4 ++-- src/qemu/qemu_domain.c | 56 +++++++++++++++++++++++++++++++++++++++++++--- src/qemu/qemu_domain.h | 5 +++-- src/qemu/qemu_hotplug.c | 46 ++++++++++++++++---------------------- src/util/virprocess.c | 58 +++++++++++++++++++++++++++++++++++++++++++----- src/util/virprocess.h | 2 ++ 9 files changed, 136 insertions(+), 41 deletions(-) -- 2.5.0

2 25

[libvirt] [PATCH] hypervisor driver for Jailhouse
by Christian Loehle 11 Dec '15

11 Dec '15

>From README: The jailhouse hypervisor driver for the libvirt project aims to provide rudimentary support for managing jailhouse with the libvirt library. The main advantage of this is the possibility to use virt-manager as a GUI to manage Jailhouse cells. Thus the driver is mainly built around the API calls that virt-manager uses and needs. Due to the concept of Jailhouse a lot of libvirt functions can't be realized, so this driver isn't as full-featured as upstream drivers of the libvirt project. Currently the driver relies on the Jailhouse binary, which has to be passed when connecting a libvirt client to it(e.g. virt-manager -c jailhouse:///path/to/jailhouse/tools/jailhouse). This has the advantage that remote support can be easily done by not passing the original Jailhouse binary, but an executable that redirects its parameters through ssh to the real Jailhouse binary and outputs that output. Be aware though that the driver doesn't store any information about cells, so most API calls use "jailhouse cell list" every time they're called to get the current state. I would like to get Jailhouse support upstream, any feedback is greatly appreciated. -- Christian Loehle diff --git a/configure.ac b/configure.ac index f481c50..8b68828 100644 --- a/configure.ac +++ b/configure.ac @@ -563,6 +563,10 @@ AC_ARG_WITH([hyperv], [AS_HELP_STRING([--with-hyperv], [add Hyper-V support @<:@default=check@:>@])]) m4_divert_text([DEFAULTS], [with_hyperv=check]) +AC_ARG_WITH([jailhouse], + [AS_HELP_STRING([--with-jailhouse], + [add Jailhouse support @<:@default=yes@:>@])]) +m4_divert_text([DEFAULTS], [with_jailhouse=yes]) AC_ARG_WITH([test], [AS_HELP_STRING([--with-test], [add test driver support @<:@default=yes@:>@])]) @@ -722,6 +726,16 @@ AM_CONDITIONAL([WITH_VMWARE], [test "$with_vmware" = "yes"]) dnl +dnl Checks for the Jailhouse driver +dnl + +if test "$with_jailhouse" = "yes"; then + AC_DEFINE_UNQUOTED([WITH_JAILHOUSE], 1, [whether Jailhouse driver is enabled]) +fi +AM_CONDITIONAL([WITH_JAILHOUSE], [test "$with_jailhouse" = "yes"]) + + +dnl dnl check for XDR dnl @@ -1087,6 +1101,12 @@ dnl LIBVIRT_DRIVER_CHECK_BHYVE dnl +dnl Checks for Jailhouse driver +dnl + +AM_CONDITIONAL([WITH_JAILHOUSE], [test "$with_jailhouse" = "yes"]) + +dnl dnl check for shell that understands <> redirection without truncation, dnl needed by src/qemu/qemu_monitor_{text,json}.c. dnl @@ -2830,6 +2850,7 @@ AC_MSG_NOTICE([ ESX: $with_esx]) AC_MSG_NOTICE([ Hyper-V: $with_hyperv]) LIBVIRT_DRIVER_RESULT_VZ LIBVIRT_DRIVER_RESULT_BHYVE +AC_MSG_NOTICE([Jailhouse: $with_jailhouse]) AC_MSG_NOTICE([ Test: $with_test]) AC_MSG_NOTICE([ Remote: $with_remote]) AC_MSG_NOTICE([ Network: $with_network]) diff --git a/include/libvirt/virterror.h b/include/libvirt/virterror.h index f716cb9..c8fe2d3 100644 --- a/include/libvirt/virterror.h +++ b/include/libvirt/virterror.h @@ -127,6 +127,7 @@ typedef enum { VIR_FROM_POLKIT = 60, /* Error from polkit code */ VIR_FROM_THREAD = 61, /* Error from thread utils */ VIR_FROM_ADMIN = 62, /* Error from admin backend */ + VIR_FROM_JAILHOUSE = 63, /* Error from Jailhouse driver */ # ifdef VIR_ENUM_SENTINELS VIR_ERR_DOMAIN_LAST diff --git a/po/POTFILES.in b/po/POTFILES.in index 0cc5b99..2b144bf 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -59,6 +59,7 @@ src/hyperv/hyperv_wmi.c src/interface/interface_backend_netcf.c src/interface/interface_backend_udev.c src/internal.h +src/jailhouse/jailhouse_driver.c src/libvirt.c src/libvirt-admin.c src/libvirt-domain.c diff --git a/src/Makefile.am b/src/Makefile.am index 99b4993..10d59de 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -578,6 +578,7 @@ DRIVER_SOURCE_FILES = \ $(VMWARE_DRIVER_SOURCES) \ $(XEN_DRIVER_SOURCES) \ $(XENAPI_DRIVER_SOURCES) \ + $(JAILHOUSE_DRIVER_SOURCES) \ $(NULL) STATEFUL_DRIVER_SOURCE_FILES = \ @@ -860,6 +861,11 @@ BHYVE_DRIVER_SOURCES = \ bhyve/bhyve_utils.h \ $(NULL) +JAILHOUSE_DRIVER_SOURCES = \ + jailhouse/jailhouse_driver.c \ + jailhouse/jailhouse_driver.h \ + $(NULL) + NETWORK_DRIVER_SOURCES = \ network/bridge_driver.h network/bridge_driver.c \ network/bridge_driver_platform.h \ @@ -1436,6 +1442,14 @@ libvirt_driver_vz_la_LIBADD = $(PARALLELS_SDK_LIBS) $(LIBNL_LIBS) libvirt_driver_vz_la_SOURCES = $(VZ_DRIVER_SOURCES) endif WITH_VZ +if WITH_JAILHOUSE +noinst_LTLIBRARIES += libvirt_driver_jailhouse.la +libvirt_la_BUILT_LIBADD += libvirt_driver_jailhouse.la +libvirt_driver_jailhouse_la_CFLAGS = \ + -I$(srcdir)/conf $(AM_CFLAGS) +libvirt_driver_jailhouse_la_SOURCES = $(JAILHOUSE_DRIVER_SOURCES) +endif WITH_JAILHOUSE + if WITH_BHYVE noinst_LTLIBRARIES += libvirt_driver_bhyve_impl.la libvirt_driver_bhyve_la_SOURCES = @@ -1801,6 +1815,7 @@ EXTRA_DIST += \ $(HYPERV_DRIVER_EXTRA_DIST) \ $(VZ_DRIVER_SOURCES) \ $(BHYVE_DRIVER_SOURCES) \ + $(JAILHOUSE_DRIVER_SOURCES) \ $(NETWORK_DRIVER_SOURCES) \ $(INTERFACE_DRIVER_SOURCES) \ $(STORAGE_DRIVER_SOURCES) \ diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 2edf123..00d17e9 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -121,7 +121,8 @@ VIR_ENUM_IMPL(virDomainVirt, VIR_DOMAIN_VIRT_LAST, "phyp", "parallels", "bhyve", - "vz") + "vz", + "jailhouse") VIR_ENUM_IMPL(virDomainOS, VIR_DOMAIN_OSTYPE_LAST, "hvm", diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index f10b534..27beef0 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -225,6 +225,7 @@ typedef enum { VIR_DOMAIN_VIRT_PARALLELS, VIR_DOMAIN_VIRT_BHYVE, VIR_DOMAIN_VIRT_VZ, + VIR_DOMAIN_VIRT_JAILHOUSE, VIR_DOMAIN_VIRT_LAST } virDomainVirtType; diff --git a/src/jailhouse/README b/src/jailhouse/README new file mode 100644 index 0000000..564cfbd --- /dev/null +++ b/src/jailhouse/README @@ -0,0 +1,3 @@ +The jailhouse hypervisor driver for the libvirt project aims to provide rudimentary support for managing jailhouse with the libvirt library. The main advantage of this is the possibility to use virt-manager as a GUI to manage Jailhouse cells. Thus the driver is mainly built around the API calls that virt-manager uses and needs. +Due to the concept of Jailhouse a lot of libvirt functions can't be realized, so this driver isn't as full-featured as upstream drivers of the libvirt project. +Currently the driver relies on the Jailhouse binary, which has to be passed when connecting a libvirt client to it(e.g. virt-manager -c jailhouse:///path/to/jailhouse/tools/jailhouse). This has the advantage that remote support can be easily done by not passing the original Jailhouse binary, but an executable that redirects its parameters through ssh to the real Jailhouse binary and outputs that output. Be aware though that the driver doesn't store any information about cells, so most API calls use "jailhouse cell list" every time they're called to get the current state. diff --git a/src/jailhouse/jailhouse_driver.c b/src/jailhouse/jailhouse_driver.c new file mode 100644 index 0000000..21acbba --- /dev/null +++ b/src/jailhouse/jailhouse_driver.c @@ -0,0 +1,614 @@ +/* + * jailhouse_driver.c: hypervisor driver for managing Jailhouse cells + * + * Copyright (C) 2015 Linutronix GmbH + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>. + * + * Author: Christian Loehle + */ + +#include <config.h> +#include <string.h> +#include "jailhouse_driver.h" +#include "datatypes.h" +#include "virerror.h" +#include "viralloc.h" +#include "virlog.h" +#include "vircommand.h" +#include "virxml.h" +#include "configmake.h" +#include "virfile.h" +#include "virtypedparam.h" +#include "virstring.h" +#include "nodeinfo.h" + +#define VIR_FROM_THIS VIR_FROM_JAILHOUSE + +#define IDLENGTH 8 +#define NAMELENGTH 24 +#define STATELENGTH 16 +#define CPULENGTH 24 +#define STATERUNNING 0 +#define STATERUNNINGSTRING "running " +#define STATERUNNINGLOCKED 1 +#define STATERUNNINGLOCKEDSTRING "running/locked " +#define STATESHUTDOWN 2 +#define STATESHUTDOWNSTRING "shut down " +#define STATEFAILED 3 +#define STATEFAILEDSTRING "failed " +#define JAILHOUSEVERSIONOUTPUT "Jailhouse management tool" + +/* + * The driver requeries the cells on most calls, it stores the result of the last query, so it can copy the UUIDs in the new query if the cell is the same(otherwise it just generates a new one) + * not preserving the UUID results in a lot of bugs in libvirts clients. + */ +struct jailhouse_driver { + char *binary; + size_t lastQueryCellsCount; + struct jailhouse_cell* lastQueryCells; +}; + +/* + * CPUs are currently unused but this might change + */ +struct jailhouse_cell { + int id; + char name[NAMELENGTH+1]; + int state; + int *assignedCPUs; //Don't use cpumask because remote system might have different # of cpus + int assignedCPUsLength; + int *failedCPUs; + int failedCPUsLength; + unsigned char uuid[VIR_UUID_BUFLEN]; +}; + +/* + * helper function that returns the number as an integer and sets i to be the first char after the number + */ +static int +charsToInt(char* chars, size_t *i) +{ + int result = 0; + while (chars[*i] != ',' && chars[*i] != '-' && chars[*i] != ' ') { + result *= 10; + result += chars[*i] - '0'; + (*i)++; + } + return result; +} + +/* + * Takes a string in the format of "jailhouse cell list" as input, + * allocates an int array in which every CPU is explicitly listed and saves a pointer in cpusptr + */ +static size_t +parseCPUs(char* output, int **cpusptr) +{ + size_t i; + size_t count = 1; + int number; + int* cpus; + if (output[0] == ' ') { + *cpusptr = NULL; + return 0; + } + for (i = 0; i<CPULENGTH; i++) { + number = charsToInt(output, &i); + if (output[i] == ',') { + count++; + } else if (output[i] == '-') { + i++; + count += charsToInt(output, &i) - number; + } + } + if (VIR_ALLOC_N(cpus, count)) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Failed to allocate CPUs array of size %zu"), count); + return 0; + } + size_t j = 0; + i = 0; + while (output[i] != ' ') { + number = charsToInt(output, &i); + if (output[i] == ',' || output[i] == ' ') { + cpus[j++] = number; + } else if (output[i] == '-') { + i++; + int nextNumber = charsToInt(output, &i); + for (; number <= nextNumber; number++) cpus[j++] = number; + } + i++; + } + *cpusptr = cpus; + return count; +} + +/* + * calls "jailhouse cell list" and parses the output in an array of jailhouse_cell + */ +static size_t +parseListOutput(virConnectPtr conn, struct jailhouse_cell **parsedOutput) +{ + virCommandPtr cmd = virCommandNew(((struct jailhouse_driver *)conn->privateData)->binary); + virCommandAddArg(cmd, "cell"); + virCommandAddArg(cmd, "list"); + virCommandAddEnvPassCommon(cmd); + char *output; + virCommandSetOutputBuffer(cmd, &output); + size_t count = -1; // Don't count table header line + size_t i = 0; + if (virCommandRun(cmd, NULL) < 0) + goto error; + while (output[i] != '\0') { + if (output[i] == '\n') count++; + i++; + } + if (VIR_ALLOC_N(*parsedOutput, count)) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Failed to allocate jailhouse_cell array of size %zu"), count); + goto error; + } + if (*parsedOutput == NULL) + goto error; + i = 0; + size_t j; + while (output[i++] != '\n'); // Skip table header line + for (j = 0; j < count; j++) { + size_t k; + for (k = 0; k <= IDLENGTH; k++) // char after number needs to be NUL for virStrToLong + if (output[i+k] == ' ') { + output[i+k] = '\0'; + break; + } + char c = output[i+IDLENGTH]; + output[i+IDLENGTH] = '\0'; // in case ID is 8 chars long, so beginning of name won't get parsed + if (virStrToLong_i(output+i, NULL, 0, &(*parsedOutput)[j].id)) + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Failed to parse id to long: %s"), output+i); + output[i+IDLENGTH] = c; + i += IDLENGTH; + if (virStrncpy((*parsedOutput)[j].name, output+i, NAMELENGTH, NAMELENGTH+1) == NULL) + // should never happen + goto error; + (*parsedOutput)[j].name[NAMELENGTH] = '\0'; + for (k = 0; k < NAMELENGTH; k++) + if ((*parsedOutput)[j].name[k] == ' ') + break; + (*parsedOutput)[j].name[k] = '\0'; + i += NAMELENGTH; + if (STREQLEN(output+i, STATERUNNINGSTRING, STATELENGTH)) (*parsedOutput)[j].state = STATERUNNING; + else if (STREQLEN(output+i, STATESHUTDOWNSTRING, STATELENGTH)) (*parsedOutput)[j].state = STATESHUTDOWN; + else if (STREQLEN(output+i, STATEFAILEDSTRING, STATELENGTH)) (*parsedOutput)[j].state = STATEFAILED; + else if (STREQLEN(output+i, STATERUNNINGLOCKEDSTRING, STATELENGTH)) (*parsedOutput)[j].state = STATERUNNINGLOCKED; + i += STATELENGTH; + (*parsedOutput)[j].assignedCPUsLength = parseCPUs(output+i, &((*parsedOutput)[j].assignedCPUs)); + i += CPULENGTH; + (*parsedOutput)[j].failedCPUsLength = parseCPUs(output+i, &((*parsedOutput)[j].failedCPUs)); + i += CPULENGTH; + i++; // skip \n + } + VIR_FREE(output); + return count; + error: + for (i = 0; i < count; i++) { + VIR_FREE((*parsedOutput)[i].assignedCPUs); + VIR_FREE((*parsedOutput)[i].failedCPUs); + } + VIR_FREE(*parsedOutput); + *parsedOutput = NULL; + VIR_FREE(output); + output = NULL; + return -1; +} + +/* + * Returns the libvirts equivalent of the cell state passed to it + */ +static virDomainState +cellToVirDomainState(struct jailhouse_cell *cell) +{ + switch (cell->state) { + case STATERUNNING: return VIR_DOMAIN_RUNNING; + case STATERUNNINGLOCKED: return VIR_DOMAIN_RUNNING; + case STATESHUTDOWN: return VIR_DOMAIN_SHUTOFF; + case STATEFAILED: return VIR_DOMAIN_CRASHED; + default: return VIR_DOMAIN_NOSTATE; + } +} + +/* + * Returns a new virDomainPtr filled with the data of the jailhouse_cell + */ +static virDomainPtr +cellToVirDomainPtr(virConnectPtr conn, struct jailhouse_cell *cell) +{ + virDomainPtr dom = virGetDomain(conn, cell->name, cell->uuid); + dom->id = cell->id; + return dom; +} + +/* + * Check cells for cell and copies UUID if found, otherwise generates a new one, this is to preserve UUID in libvirt + */ +static void setUUID(struct jailhouse_cell *cells, size_t count, struct jailhouse_cell* cell) { + size_t i; + for (i = 0; i < count; i++) { + if (strncmp(cells[i].name, cell->name, NAMELENGTH+1)) + continue; + memcpy(cell->uuid, cells[i].uuid, VIR_UUID_BUFLEN); + return; + } + virUUIDGenerate(cell->uuid); +} + +/* + * Frees the old list of cells, gets the new one and preserves UUID if cells were present in the old + */ +static void +getCurrentCellList(virConnectPtr conn) +{ + size_t lastCount = ((struct jailhouse_driver *)conn->privateData)->lastQueryCellsCount; + struct jailhouse_cell *lastCells = ((struct jailhouse_driver *)conn->privateData)->lastQueryCells; + struct jailhouse_cell *cells = NULL; + size_t i; + size_t count = parseListOutput(conn, &cells); + for (i = 0; i < count; i++) + setUUID(lastCells, lastCount, cells+i); + for (i = 0; i < lastCount; i++) { + VIR_FREE(lastCells[i].assignedCPUs); + VIR_FREE(lastCells[i].failedCPUs); + } + VIR_FREE(lastCells); + ((struct jailhouse_driver *)conn->privateData)->lastQueryCells = cells; + ((struct jailhouse_driver *)conn->privateData)->lastQueryCellsCount = count; +} + +/* + * Converts libvirts virDomainPtr to the internal jailhouse_cell by parsing the "jailhouse cell list" output + * and looking up the name of the virDomainPtr, returns NULL if cell is no longer present + */ +static struct jailhouse_cell * +virDomainPtrToCell(virDomainPtr dom) +{ + getCurrentCellList(dom->conn); + size_t cellsCount = ((struct jailhouse_driver *)dom->conn->privateData)->lastQueryCellsCount; + struct jailhouse_cell *cells = ((struct jailhouse_driver *)dom->conn->privateData)->lastQueryCells; + size_t i; + for (i = 0; i < cellsCount; i++) + if (dom->id == cells[i].id) + return cells+i; + return NULL; +} + +static virDrvOpenStatus +jailhouseConnectOpen(virConnectPtr conn, virConnectAuthPtr auth ATTRIBUTE_UNUSED, unsigned int flags) +{ + virCheckFlags(0, VIR_DRV_OPEN_ERROR); + if (conn->uri->scheme == NULL || + STRNEQ(conn->uri->scheme, "jailhouse")) + return VIR_DRV_OPEN_DECLINED; + char* binary; + if (conn->uri->path == NULL) { + if (VIR_STRDUP(binary, "jailhouse") != 1) + return VIR_DRV_OPEN_ERROR; + } else { + if (!virFileIsExecutable(conn->uri->path)) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Path '%s', is not a valid executable file."), + conn->uri->path); + return VIR_DRV_OPEN_ERROR; + } + if (VIR_STRDUP(binary, conn->uri->path) != 1) + return VIR_DRV_OPEN_ERROR; + } + virCommandPtr cmd = virCommandNew(binary); + virCommandAddArg(cmd, "--version"); + virCommandAddEnvPassCommon(cmd); + char *output; + virCommandSetOutputBuffer(cmd, &output); + if (virCommandRun(cmd, NULL) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Executing '%s --version' failed."), + conn->uri->path); + VIR_FREE(output); + return VIR_DRV_OPEN_ERROR; + } + if (STRNEQLEN(JAILHOUSEVERSIONOUTPUT, output, strlen(JAILHOUSEVERSIONOUTPUT))) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("%s doesn't seem to be a correct Jailhouse binary."), + conn->uri->path); + VIR_FREE(output); + return VIR_DRV_OPEN_ERROR; + } + VIR_FREE(output); + struct jailhouse_driver *driver; + if (VIR_ALLOC(driver)) + return VIR_DRV_OPEN_ERROR; + driver->binary = binary; + driver->lastQueryCells = NULL; + driver->lastQueryCellsCount = 0; + conn->privateData = driver; + return VIR_DRV_OPEN_SUCCESS; +} + +static int +jailhouseConnectClose(virConnectPtr conn) +{ + size_t i; + size_t cellsCount = ((struct jailhouse_driver *)conn->privateData)->lastQueryCellsCount; + struct jailhouse_cell *cells = ((struct jailhouse_driver *)conn->privateData)->lastQueryCells; + for (i = 0; i < cellsCount; i++) { + VIR_FREE(cells[i].assignedCPUs); + VIR_FREE(cells[i].failedCPUs); + } + VIR_FREE(cells); + VIR_FREE(((struct jailhouse_driver *)conn->privateData)->binary); + VIR_FREE(conn->privateData); + conn->privateData = NULL; + return 0; +} + +static int +jailhouseConnectNumOfDomains(virConnectPtr conn) +{ + getCurrentCellList(conn); + return ((struct jailhouse_driver *)conn->privateData)->lastQueryCellsCount; +} + +static int +jailhouseConnectListDomains(virConnectPtr conn, int * ids, int maxids) +{ + getCurrentCellList(conn); + size_t cellsCount = ((struct jailhouse_driver *)conn->privateData)->lastQueryCellsCount; + struct jailhouse_cell *cells = ((struct jailhouse_driver *)conn->privateData)->lastQueryCells; + size_t i; + for (i = 0; i < maxids && i < cellsCount; i++) + ids[i] = cells[i].id; + return i; +} + +static int +jailhouseConnectListAllDomains(virConnectPtr conn, virDomainPtr ** domains, unsigned int flags) +{ + virCheckFlags(VIR_CONNECT_LIST_DOMAINS_ACTIVE, 0); + getCurrentCellList(conn); + size_t cellsCount = ((struct jailhouse_driver *)conn->privateData)->lastQueryCellsCount; + struct jailhouse_cell *cells = ((struct jailhouse_driver *)conn->privateData)->lastQueryCells; + if (cellsCount == -1) + goto error; + if (VIR_ALLOC_N(*domains, cellsCount+1)) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Failed to allocate virDomainPtr array of size %zu"), cellsCount+1); + goto error; + } + size_t i; + for (i = 0; i < cellsCount; i++) + (*domains)[i] = cellToVirDomainPtr(conn, cells+i); + (*domains)[cellsCount] = NULL; + return cellsCount; + error: + *domains = NULL; + return -1; +} + +static virDomainPtr +jailhouseDomainLookupByID(virConnectPtr conn, int id) +{ + getCurrentCellList(conn); + size_t cellsCount = ((struct jailhouse_driver *)conn->privateData)->lastQueryCellsCount; + if (cellsCount == -1) + return NULL; + struct jailhouse_cell *cells = ((struct jailhouse_driver *)conn->privateData)->lastQueryCells; + size_t i; + for (i = 0; i < cellsCount; i++) + if (cells[i].id == id) + return cellToVirDomainPtr(conn, cells+i); + virReportError(VIR_ERR_NO_DOMAIN, NULL); + return NULL; +} + +static virDomainPtr +jailhouseDomainLookupByName(virConnectPtr conn, const char *lookupName) +{ + getCurrentCellList(conn); + size_t cellsCount = ((struct jailhouse_driver *)conn->privateData)->lastQueryCellsCount; + if (cellsCount == -1) + return NULL; + struct jailhouse_cell *cells = ((struct jailhouse_driver *)conn->privateData)->lastQueryCells; + size_t i; + for (i = 0; i < cellsCount; i++) + if (STREQ(cells[i].name, lookupName)) + return cellToVirDomainPtr(conn, cells+i); + virReportError(VIR_ERR_NO_DOMAIN, NULL); + return NULL; +} + +static virDomainPtr +jailhouseDomainLookupByUUID(virConnectPtr conn, const unsigned char * uuid) +{ + getCurrentCellList(conn); + size_t cellsCount = ((struct jailhouse_driver *)conn->privateData)->lastQueryCellsCount; + if (cellsCount == -1) + return NULL; + struct jailhouse_cell *cells = ((struct jailhouse_driver *)conn->privateData)->lastQueryCells; + size_t i; + for (i = 0; i < cellsCount; i++) + if (memcmp(cells[i].uuid, (const char*)uuid, VIR_UUID_BUFLEN) == 0) + return cellToVirDomainPtr(conn, cells+i); + virReportError(VIR_ERR_NO_DOMAIN, NULL); + return NULL; +} + +/* + * There currently is no straightforward way for the driver to retrieve those, + * so maxMem, memory and cpuTime have dummy values + */ +static int +jailhouseDomainGetInfo(virDomainPtr domain, virDomainInfoPtr info) +{ + struct jailhouse_cell *cell = virDomainPtrToCell(domain); + if (cell == NULL) + return -1; + info->state = cellToVirDomainState(cell); + info->maxMem = 1; + info->memory = 1; + info->nrVirtCpu = cell->assignedCPUsLength; + info->cpuTime = 1; + return 0; +} + +static int +jailhouseDomainGetState(virDomainPtr domain, int *state, + int *reason ATTRIBUTE_UNUSED, unsigned int flags) +{ + virCheckFlags(0, 0); + struct jailhouse_cell *cell = virDomainPtrToCell(domain); + if (cell == NULL) + return -1; + *state = cellToVirDomainState(cell); + return 0; +} + +static int +jailhouseDomainShutdown(virDomainPtr domain) +{ + virCommandPtr cmd = virCommandNew(((struct jailhouse_driver *)domain->conn->privateData)->binary); + virCommandAddArg(cmd, "cell"); + virCommandAddArg(cmd, "shutdown"); + char buf[IDLENGTH+1]; + snprintf(buf, IDLENGTH+1, "%d", domain->id); + virCommandAddArg(cmd, buf); + virCommandAddEnvPassCommon(cmd); + int resultcode = virCommandRun(cmd, NULL); + if (resultcode < 0) + return -1; + return 0; +} + +/* + * CAREFUL, this is the Jailhouse destroy, not the libvirt destroy, cell will be deleted and would need to be created and loaded again. + * This is implemented anyway, so libvirt clients have an option to use jailhouse destroy too. + */ +static int +jailhouseDomainDestroy(virDomainPtr domain) +{ + virCommandPtr cmd = virCommandNew(((struct jailhouse_driver *)domain->conn->privateData)->binary); + virCommandAddArg(cmd, "cell"); + virCommandAddArg(cmd, "destroy"); + char buf[IDLENGTH+1]; + snprintf(buf, IDLENGTH+1, "%d", domain->id); + virCommandAddArg(cmd, buf); + virCommandAddEnvPassCommon(cmd); + int resultcode = virCommandRun(cmd, NULL); + if (resultcode < 0) + return -1; + return 0; +} + +static int +jailhouseDomainCreate(virDomainPtr domain) +{ + virCommandPtr cmd = virCommandNew(((struct jailhouse_driver *)domain->conn->privateData)->binary); + virCommandAddArg(cmd, "cell"); + virCommandAddArg(cmd, "start"); + char buf[IDLENGTH+1]; + snprintf(buf, IDLENGTH+1, "%d", domain->id); + virCommandAddArg(cmd, buf); + virCommandAddEnvPassCommon(cmd); + int resultcode = virCommandRun(cmd, NULL); + if (resultcode < 0) + return -1; + return 0; +} + +/* + * There currently is no reason why it shouldn't be + */ +static int +jailhouseConnectIsAlive(virConnectPtr conn ATTRIBUTE_UNUSED) +{ + return 1; +} + +static int +jailhouseNodeGetInfo(virConnectPtr conn ATTRIBUTE_UNUSED, virNodeInfoPtr info) +{ + return nodeGetInfo(NULL, info); +} + +/* + * Returns a dummy capabilities XML for virt-manager + */ +static char * +jailhouseConnectGetCapabilities(virConnectPtr conn ATTRIBUTE_UNUSED) +{ + char* caps; + if (VIR_STRDUP(caps, "<capabilities></capabilities>") != 1) + return NULL; + return caps; +} + +/* + * Returns a dummy XML for virt-manager + */ +static char * +jailhouseDomainGetXMLDesc(virDomainPtr domain, unsigned int flags) +{ + virCheckFlags(0, NULL); + char buf[200]; + char uuid[VIR_UUID_STRING_BUFLEN]; + virDomainGetUUIDString(domain, uuid); + snprintf(buf, 200, "<domain type =\"jailhouse\">\n\ + <name>%s</name>\n\ + <uuid>%s</uuid>\n\ + </domain>", domain->name, uuid); + char* result; + if (VIR_STRDUP(result, buf) != 1) + return NULL; + return result; +} + +static virHypervisorDriver jailhouseHypervisorDriver = { + .name = "jailhouse", + .connectOpen = jailhouseConnectOpen, /* 1.2.22 */ + .connectClose = jailhouseConnectClose, /* 1.2.22 */ + .connectGetCapabilities = jailhouseConnectGetCapabilities, /* 1.2.22 */ + .connectNumOfDomains = jailhouseConnectNumOfDomains, /* 1.2.22 */ + .connectListDomains = jailhouseConnectListDomains, /* 1.2.22 */ + .connectIsAlive = jailhouseConnectIsAlive, /* 1.2.22 */ + .connectListAllDomains = jailhouseConnectListAllDomains, /* 1.2.22 */ + .domainLookupByID = jailhouseDomainLookupByID, /* 1.2.22 */ + .domainLookupByName = jailhouseDomainLookupByName, /* 1.2.22 */ + .domainLookupByUUID = jailhouseDomainLookupByUUID, /* 1.2.22 */ + .domainGetInfo = jailhouseDomainGetInfo, /* 1.2.22 */ + .domainGetState = jailhouseDomainGetState, /* 1.2.22 */ + .domainGetXMLDesc = jailhouseDomainGetXMLDesc, /* 1.2.22 */ + .domainShutdown = jailhouseDomainShutdown, /* 1.2.22 */ + .domainDestroy = jailhouseDomainDestroy, /* 1.2.22 */ + .domainCreate = jailhouseDomainCreate, /* 1.2.22 */ + .nodeGetInfo = jailhouseNodeGetInfo /* 1.2.22 */ +}; + +static virConnectDriver jailhouseConnectDriver = { + .hypervisorDriver = &jailhouseHypervisorDriver, +}; + +int +jailhouseRegister(void) +{ + return virRegisterConnectDriver(&jailhouseConnectDriver, + false); +} diff --git a/src/jailhouse/jailhouse_driver.h b/src/jailhouse/jailhouse_driver.h new file mode 100644 index 0000000..47c17e7 --- /dev/null +++ b/src/jailhouse/jailhouse_driver.h @@ -0,0 +1,28 @@ +/* + * jailhouse_driver.h: hypervisor driver for managing Jailhouse cells + * + * Copyright (C) 2015 Linutronix GmbH + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>. + * + * Author: Christian Loehle + */ + +#ifndef JAILHOUSE_DRIVER_H +# define JAILHOUSE_DRIVER_H + +int jailhouseRegister(void); + +#endif diff --git a/src/libvirt.c b/src/libvirt.c index 25a0040..7626353 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -98,6 +98,9 @@ #ifdef WITH_BHYVE # include "bhyve/bhyve_driver.h" #endif +#ifdef WITH_JAILHOUSE +# include "jailhouse/jailhouse_driver.h" +#endif #define VIR_FROM_THIS VIR_FROM_NONE @@ -437,12 +440,17 @@ virGlobalInit(void) if (vzRegister() == -1) goto error; # endif +#ifdef WITH_JAILHOUSE + if (jailhouseRegister() == -1) + goto error; +#endif #endif #ifdef WITH_REMOTE if (remoteRegister() == -1) goto error; #endif + return; error: @@ -1167,6 +1175,9 @@ do_open(const char *name, #ifndef WITH_VZ STRCASEEQ(ret->uri->scheme, "parallels") || #endif +#ifndef WITH_JAILHOUSE + STRCASEEQ(ret->uri->scheme, "jailhouse") || +#endif false)) { virReportErrorHelper(VIR_FROM_NONE, VIR_ERR_CONFIG_UNSUPPORTED, __FILE__, __FUNCTION__, __LINE__, diff --git a/src/util/virerror.c b/src/util/virerror.c index 6dc05f4..0d480c0 100644 --- a/src/util/virerror.c +++ b/src/util/virerror.c @@ -134,6 +134,7 @@ VIR_ENUM_IMPL(virErrorDomain, VIR_ERR_DOMAIN_LAST, "Polkit", /* 60 */ "Thread jobs", "Admin Interface", + "Jailhouse Driver", )

4 13

[libvirt] How should libvirt apps enable virtio-pci for aarch64?
by Cole Robinson 11 Dec '15

11 Dec '15

Hi all, I'm trying to figure out how apps should request virtio-pci for libvirt + qemu + arm/aarch64. Let me provide some background. qemu's arm/aarch64 original virtio support is via virtio-mmio, libvirt XML <address type='virtio-mmio'/>. Currently this is what libvirt sets as the address default for all arm/aarch64 virtio devices in the XML. Long term though all arm virt will likely be using virtio-pci: it's faster, enables hotplug, is more x86 like, etc. Support for virtio-pci is newer and not as widespread. qemu has had the necessary support since 2.4 at least, but the guest side isn't well distributed yet. For example, Fedora 23 and earlier don't work out of the box with virtio-pci. Internal RHELSA (RHEL Server for Aarch64) builds have it recently working AFAIK. Libvirt has some support for enabling virtio-pci with aarch64, commits added by Pavel Fedin in v1.2.19. (See e8d55172544c1fafe31a9e09346bdebca4f0d6f9). The patches add a PCIe controller automatically to the XML (and qemu commandline) if qemu-system-aarch64 supports it. However virtio-mmio is still used as the default virtio address, given the current lack of OS support. So we are at the point where libvirt apps want to enable this, but presently there isn't a good solution; the only option is to fully allocate <address type='pci' ...> for each virtio device in the XML. This is suboptimal for 2 reasons: #1) apps need to duplicate libvirt's non-trivial address type=pci allocation logic #2) apps have to add an <address> block for every virtio device, which is less friendly than the x86 case where this is rarely required. Any XML device snippets that work for x86 likely won't give the desired result for aarch64, since they will default to virtio-mmio. Think virsh attach-device/attach-disk commands Here are some possible solutions: * Drop the current behavior of adding a PCIe controller unconditionally, and instead require apps to specify it in the XML. Then, if libvirt sees a PCIe controller in the XML, default the virtio address type to pci. Apps will know if the OS they are installing supports virtio-pci (eventually via libosinfo), so this is the way we can implicitly ask libvirt 'allocate us pci addresses' Upsides: - Solves both the stated problems. - Simplest addition for applications IMO Downsides: - Requires a libvirt behavior change, no longer adding the PCIe controller by default. But in practice I don't think it will really affect anyone, since there isn't really any OS support for virtio-pci yet, and no apps support it either AFAIK. - The PCIe controller is not strictly about virtio-pci, it's for enabling plain emulated PCI devices as well. So there is a use case for using the PCIe controller for a graphics card even while your OS doesn't yet support virtio-pci. In the big picture though this is a small time window with current OS, and users can work around it by manually requesting <address type='virtio-mmio'/>, so medium/long term this isn't a big deal IMO - The PCIe controller XML is: <controller type='pci' index='0' model='pcie-root'/> <controller type='pci' index='1' model='dmi-to-pci-bridge'/> <controller type='pci' index='2' model='pci-bridge'/> I have no idea if that's always going to be the expected XML, maybe it's not wise to hardcode that in apps. Laine? * Next idea: Users specify something like like <address type='pci'/> and libvirt fills in the address for us. Upsides: - We can stick with the current PCIe controller default and avoid some of the problems mentioned above. - An auto address feature may be useful in other contexts as well. Downsides: - Seems potentially tricky to implement in libvirt code. There's many places that check type=pci and key off that, seems like it would be easy to miss updating a check and cause regressions. Maybe we could add a new type like auto-pci to make it explicit. There's probably some implementation trick to make this safe, but at first glance it looked a little dicey. - Doesn't really solve problem #2 mentioned up above... maybe we could change the address allocation logic to default to virtio-pci if there's already a virtio-pci device in the XML. But it's more work. - More work for apps, but nothing horrible. * Change the default address type from virtio-mmio to pci, if qemu supports it. I'm listing this for completeness. In the short term this doesn't make sense as there isn't any OS releases that will work with this default. However it might be worth considering for the future, maybe keying off a particular qemu version or machine type. I suspect 2 years from now no one is going to be using virtio-mmio so long term it's not an ideal default. I think the first option is best (keying off the PCIe controller specified by the user), with a longer term plan to change the default from mmio to pci. But I'm not really sold on anything either way. So I'm interested if anyone else has ideas. Thanks, Cole

5 13

[libvirt] [PATCH] util: Fixup virnetdevmacvlan.h ATTRIBUTE_NONNULL's
by John Ferlan 11 Dec '15

11 Dec '15

Commit id '56e2171c6' removed a variable from the argument list, but neglected to update the ATTRIBUTE_NONNULL values, so when commit id '08da97bfb' added a couple of arguments, the values were off. Signed-off-by: John Ferlan <jferlan(a)redhat.com> --- Pushed as build breaker (coverity) and trivial. src/util/virnetdevmacvlan.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/util/virnetdevmacvlan.h b/src/util/virnetdevmacvlan.h index 2844a44..70e3b01 100644 --- a/src/util/virnetdevmacvlan.h +++ b/src/util/virnetdevmacvlan.h @@ -74,8 +74,8 @@ int virNetDevMacVLanCreateWithVPortProfile(const char *ifname, int *tapfd, size_t tapfdSize, unsigned int flags) - ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) ATTRIBUTE_NONNULL(6) - ATTRIBUTE_NONNULL(8) ATTRIBUTE_NONNULL(12) ATTRIBUTE_RETURN_CHECK; + ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) ATTRIBUTE_NONNULL(5) + ATTRIBUTE_NONNULL(7) ATTRIBUTE_NONNULL(9) ATTRIBUTE_RETURN_CHECK; int virNetDevMacVLanDeleteWithVPortProfile(const char *ifname, const virMacAddr *macaddress, -- 2.5.0

1 0

[libvirt] [PATCH v2 00/10] Make loading domains with invalid XML possible
by Martin Kletzander 11 Dec '15

11 Dec '15

We always had to deal with new parsing errors in a weird way. All of them needed to go into functions starting the domains. That messes up the code, it's confusing to newcomers and so on. I once had an idea that we can handle this stuff. We know what failed, we have the XML that failed parsing and if the problem is not in the domain name nor UUID, we can create a domain object out of that as well. This way we are able to do something we weren't with this series applied. Example follows. Assume "dummy" is a domain with invalid XML (I just modified the file). Now, just for the purpose of this silly example, let's say we allowed domains with archtecture x86_*, but now we've realized that x86_64 is the only one we want to allow, but there already is a domain defined that has <type arch='x86_256' .../>. With the current master, the domain would be lost, so we would need to modify the funstion starting the domain (e.g. qemuProcessStart for qemu domain). However, with this series, it behaves like this: # virsh list --all --reason Id Name State Reason --------------------------------------------------------------- - dummy shut off invalid XML # virsh domstate --reason dummy shut off (invalid XML) # virsh start dummy error: Failed to start domain dummy error: XML error: domain 'dummy' was not loaded due to an XML error (unsupported configuration: Unknown architecture x86_256), please redefine it # VISUAL='sed -i s/x86_256/x86_64/' virsh edit dummy Domain dummy XML configuration edited. # virsh domstate --reason dummy shut off (unknown) # virsh start dummy Domain dummy started This is a logical next step for us to clean and separate parsing and starting, getting rid of some old code without sacrifying compatibility and maybe generating parser code in the future. v2: - rebased on top of current master (with virdomainobjlist.c) - only disallow starting domains with invalid definitions (change done in v1), but allow re-defining them - add support for "virsh list --reason" to better excercise the feature added in this patchset v1: - rebase - don't allow starting domains with invalid state - https://www.redhat.com/archives/libvir-list/2015-November/msg01127.html RFC: https://www.redhat.com/archives/libvir-list/2015-September/msg00698.html Martin Kletzander (10): conf, virsh: Add new domain shutoff reason virsh: Refactor the table output of the list command virsh: Add support for list -reason qemu: Few whitespace cleanups conf: Extract name-parsing into its own function conf: Extract UUID parsing into its own function conf: Optionally keep domains with invalid XML, but don't allow starting them qemu: Don't lookup invalid domains unless specified otherwise qemu: Prepare basic APIs to handle invalid defs qemu: Load domains with invalid XML on start include/libvirt/libvirt-domain.h | 2 + src/bhyve/bhyve_driver.c | 2 + src/conf/domain_conf.c | 121 +++++++++++++++++++++++++++++++-------- src/conf/domain_conf.h | 7 +++ src/conf/virdomainobjlist.c | 71 +++++++++++++++++++++-- src/conf/virdomainobjlist.h | 1 + src/libvirt_private.syms | 1 + src/libxl/libxl_driver.c | 3 + src/lxc/lxc_driver.c | 3 + src/qemu/qemu_driver.c | 64 +++++++++++++++++---- src/uml/uml_driver.c | 2 + tests/virshtest.c | 30 +++++++--- tools/virsh-domain-monitor.c | 60 ++++++++++++------- tools/virsh.pod | 5 +- 14 files changed, 303 insertions(+), 69 deletions(-) -- 2.6.3

3 26

[libvirt] [PATCH v4 00/10] Few VFIO related fixes
by Shivaprasad G Bhat 11 Dec '15

11 Dec '15

The series fixes few VFIO related host crash issues. The patches 3, 4, 9 and 10 are actual fixes. Patch 7 and 8 are test changes to allow testing patch 9. Rest of the patches are mostly code movements except for patch 2. --- Changes from v3 -> v4 - Andrea's suggestion not to overload the usage of stubDriver to set it in virPCINew is addressed. Not setting it any more. Fetch it fresh from sysfs. - The test case added in old P7 is improvised - Old P7 is split into 3 patches where I have moved the virpcimock changes to support iommu into a new patch. Shivaprasad G Bhat (10): Implement virPCIIsKnownStub function Add iommu group number info to virPCIDevice Refuse to reattach from vfio if the iommu group is in use by any domain Wait for vfio-pci device cleanups before reassinging the device to host driver Split reprobe action from the virPCIUnbindFromStub into a new function Pass activeDevs and inactiveDevs to virPCIDeviceUnbindFromStub and virPCIDeviceBindToStub Change the negative test case to try pciback instead of vfio-pci Add iommu info for pci on mocked sysfs Postpone reprobing till all the devices in iommu group are unbound from vfio Wait for iommmu device to go away before reprobing the host driver src/util/virhostdev.c | 28 ++++- src/util/virpci.c | 297 +++++++++++++++++++++++++++++++++++++++++-------- tests/virpcimock.c | 193 +++++++++++++++++++++++++++++--- tests/virpcitest.c | 117 +++++++++++++++++++ 4 files changed, 566 insertions(+), 69 deletions(-) -- Signature

6 37

[libvirt] [PATCH v3] storage sheepdog: allow to specify redundancy level
by Vasiliy Tolstov 10 Dec '15

10 Dec '15

Completely fix tests and check that all works on production env Vasiliy Tolstov (1): storage sheepdog: allow to specify redundancy level docs/schemas/storagevol.rng | 3 + src/conf/storage_conf.c | 2 + src/storage/storage_backend_sheepdog.c | 143 +++++++++++++++++----------- src/util/virstoragefile.c | 4 +- src/util/virstoragefile.h | 2 + tests/storagebackendsheepdogtest.c | 104 ++++++++++---------- tests/storagevolxml2xmlin/vol-sheepdog.xml | 1 + tests/storagevolxml2xmlout/vol-sheepdog.xml | 1 + 8 files changed, 153 insertions(+), 107 deletions(-) -- 2.5.0

2 3