libvirt.git
44 hours agoutil: fix virfcp build on non-Linux master v3.4.0-rc1
Roman Bogorodskiy [Fri, 26 May 2017 16:00:51 +0000]
util: fix virfcp build on non-Linux

 - Include virerror.h for virReportSystemError
 - Rename stub functions to match original function names

45 hours agodocs: update news.xml
Bjoern Walk [Mon, 22 May 2017 06:38:26 +0000]
docs: update news.xml

Mention CCW and fc_remote_port capablities in the news.xml file.

Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Signed-off-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>

45 hours agonode_device: introduce new capability FC_RPORT
Bjoern Walk [Mon, 22 May 2017 06:38:25 +0000]
node_device: introduce new capability FC_RPORT

Similar to scsi_host and fc_host, there is a relation between a
scsi_target and its transport specific fc_remote_port. Let's expose this
relation and relevant information behind it.

An example for a virsh nodedev-dumpxml:

    virsh # nodedev-dumpxml scsi_target0_0_0
    <device>
      <name>scsi_target0_0_0</name>
      <path>/sys/devices/[...]/host0/rport-0:0-0/target0:0:0</path>
      <parent>scsi_host0</parent>
      <capability type='scsi_target'>
        <target>target0:0:0</target>
        <capability type='fc_remote_port'>
          <rport>rport-0:0-0</rport>
          <wwpn>0x9d73bc45f0e21a86</wwpn>
        </capability>
      </capability>
    </device>

Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Signed-off-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>

45 hours agoutil: helper functions for fibre channel devices
Bjoern Walk [Mon, 22 May 2017 06:38:24 +0000]
util: helper functions for fibre channel devices

We will need some convenient helper functions for managing sysfs-entries
for fibre channel-backed devices. Let's implement them and make them
available in the private API.

Signed-off-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>

45 hours agovirsh: nodedev: ability to filter CCW capabilities
Bjoern Walk [Mon, 22 May 2017 06:38:23 +0000]
virsh: nodedev: ability to filter CCW capabilities

Now that the node_device driver is aware of CCW devices, let's hook up
virsh so that we can filter them properly.

Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Signed-off-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>

45 hours agonode_device: detect CCW devices
Bjoern Walk [Mon, 22 May 2017 06:38:22 +0000]
node_device: detect CCW devices

Make CCW devices available to the node_device driver. The devices are
already seen by udev so let's implement necessary code for detecting
them properly.

Topologically, CCW devices are similar to PCI devices, e.g.:

    +- ccw_0_0_1a2b
        |
        +- scsi_host0
            |
            +- scsi_target0_0_0
                |
                +- scsi_0_0_0_0

Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Signed-off-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>

45 hours agonode_device: Unlock obj in case of an error too
Marc Hartmayer [Mon, 22 May 2017 06:38:21 +0000]
node_device: Unlock obj in case of an error too

Unlock @obj in case of an error too.

Reviewed-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>

45 hours agonode_device: Use the @cap iterator variable
Marc Hartmayer [Mon, 22 May 2017 06:38:20 +0000]
node_device: Use the @cap iterator variable

Since the switch statement is already using the deref'd @cap variable
and the VIR_NODE_DEV_CAP_NET case uses it, the SCSI_HOST and PCI_DEV
cases may as well use it too.

Suggested-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>

47 hours agoqemu: Report shutdown event details
Martin Kletzander [Wed, 12 Apr 2017 10:00:37 +0000]
qemu: Report shutdown event details

QEMU will likely report the details of it shutting down, particularly
whether the shutdown was initiated by the guest or host.  We should
forward that information along, at least for shutdown events.  Reset
has that as well, however that is not a lifecycle event and would add
extra constants that might not be used.  It can be added later on.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1384007

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>

47 hours agorpc: Allow up to 256K records to be returned per domain from virConnectGetAllDomainStats.
Richard W.M. Jones [Fri, 26 May 2017 12:24:49 +0000]
rpc: Allow up to 256K records to be returned per domain from virConnectGetAllDomainStats.

The number of records that virConnectGetAllDomainStats can return per
domain is currently limited to 4096.  This is quite low -- for
example, a single guest with ~320 disks will hit this limit.  This
increases the limit to make it much larger.  Note that
VIR_NET_MESSAGE_MAX still protects the total message size in the case
where there are many domains and many disks per domain.

I tested this using a guest with 500 disks with no issues.

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1440683

47 hours agorpc: Double buffer size instead of quadrupling buffer size.
Richard W.M. Jones [Fri, 26 May 2017 11:23:42 +0000]
rpc: Double buffer size instead of quadrupling buffer size.

When increasing the buffer size up to VIR_NET_MESSAGE_MAX, we
currently quadruple it each time.  This unfortunately means that we
cannot allow certain buffer sizes -- for example the current
VIR_NET_MESSAGE_MAX == 33554432 can never be "hit" since ‘newlen’
jumps from 16MB to 64MB.

Instead of quadrupling, double it each time.

Thanks: Daniel Berrange.
Signed-off-by: Richard W.M. Jones <rjones@redhat.com>

47 hours agonode: Don't return invalid pointers
Peter Krempa [Fri, 26 May 2017 10:57:43 +0000]
node: Don't return invalid pointers

Commit 4337bc57be introduced code that would in certain error paths
unref the last reference of a pointer, but return it.

Clear the pointers before returning them.

2 days agonode_device: fix memory leak in nodeDeviceSysfsGetSCSIHostCaps
Yi Wang [Fri, 26 May 2017 02:39:48 +0000]
node_device: fix memory leak in nodeDeviceSysfsGetSCSIHostCaps

@tmp is leaked after the second call to virVHBAGetConfig within
virVHBAIsVportCapable code block because it wasn't freed after making the
first call to the function.

Signed-off-by: Yi Wang <wang.yi59@zte.com.cn>
Signed-off-by: Erik Skultety <eskultet@redhat.com>

2 days agoutil: fix memory leak in virSocketAddrFormatFull
Yi Wang [Fri, 26 May 2017 02:12:45 +0000]
util: fix memory leak in virSocketAddrFormatFull

The @ipv6_host allocated in virAsprintf may be lost when virAsprintf
addrstr failed.

Signed-off-by: Yi Wang <wang.yi59@zte.com.cn>
Signed-off-by: Erik Skultety <eskultet@redhat.com>

2 days agolxc: Fix wrong VIR_FREE after a return statement
Julio Faracco [Thu, 25 May 2017 22:28:14 +0000]
lxc: Fix wrong VIR_FREE after a return statement

There is a VIR_FREE after a return statement. That code section is never
executed and for this reason the "tty" variable is not being freed. This
commit rearranges the logic.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>

2 days agom4: Fix missing with_acl variable
Julio Faracco [Thu, 25 May 2017 22:27:25 +0000]
m4: Fix missing with_acl variable

This commit fixes an acl missing variable. The virt-acl.m4 inside the
macro directory does not contain the variable 'with_acl'. So, it is
being set as an empty string "with_acl=''". This is causing a missing
option during the configuration, even if you have acl libs installed.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>

2 days agoqemu: format eim on intel-iommu command line
Ján Tomko [Thu, 18 May 2017 08:48:03 +0000]
qemu: format eim on intel-iommu command line

This option turns on extended interrupt mode,
which allows more than 255 vCPUs.

https://bugzilla.redhat.com/show_bug.cgi?id=1451282

Reviewed-by: Andrea Bolognani <abologna@redhat.com>

2 days agoconf: add eim attribute to <iommu><driver>
Ján Tomko [Wed, 17 May 2017 15:22:30 +0000]
conf: add eim attribute to <iommu><driver>

Add an attribute to control extended interrupt mode.

https://bugzilla.redhat.com/show_bug.cgi?id=1451282

Reviewed-by: Andrea Bolognani <abologna@redhat.com>

2 days agovirsh: Track when create pkttyagent
John Ferlan [Thu, 11 May 2017 13:17:09 +0000]
virsh: Track when create pkttyagent

https://bugzilla.redhat.com/show_bug.cgi?id=1374126

Due to how the processing for authentication using polkit works, the
virshConnect code must first "attempt" an virConnectOpenAuth and then
check for a "special" return error code VIR_ERR_AUTH_UNAVAILABLE in
order to attempt to "retry" the authentication after performing a creation
of a pkttyagent to handle the challenge/response for the client.

However, if pkttyagent creation is not possible for the authentication
being attempted (such as perhaps a "qemu+ssh://someuser@localhost/system"),
then the same failure pattern would be returned and another attempt to
create a pkttyagent would be done. This would continue "forever" until
someone forced quit (e.g. ctrl-c) from virsh as the 'authfail' was not
incremented when creating the pkttyagent.

So add a 'agentCreated' boolean to track if we've attempted to create the
agent at least once and force a failure if that creation returned the same
error pattern.

This resolves a possible never ending loop and will generate an error:

error: failed to connect to the hypervisor
error: authentication unavailable: no polkit agent available to authenticate action 'org.libvirt.unix.manage'

NB: If the authentication was for a sufficiently privileged client, such as
qemu+ssh://root@localhost/system, then the remoteDispatchAuthList "allows"
the authentication to use libvirt since @callerUid would be 0.

2 days agoqemu: Use correct variable in qemuDomainSetBlockIoTune
Peter Krempa [Thu, 25 May 2017 11:09:36 +0000]
qemu: Use correct variable in qemuDomainSetBlockIoTune

'param' contains the correct element from 'params'.

If the group name would not be the first parameter libvirtd would crash.

Introduced in c53bd25b13.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1455510

3 days agoCI: show the log in case of failure
Claudio André [Thu, 25 May 2017 05:19:45 +0000]
CI: show the log in case of failure

Disclose the content of the 'test-suite.log' file (if available) in
case of failures inside Travis-CI. This is needed to understand what
happened and to provide hints about the proper fix (if applicable).

3 days agovirDomainDefCheckABIStabilityFlags: move memtune checks into a separate function
Michal Privoznik [Thu, 18 May 2017 07:58:32 +0000]
virDomainDefCheckABIStabilityFlags: move memtune checks into a separate function

The checks are scattered all over the place. Move them into a
single function.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

3 days agoutil: display leading zeros of USB vendor/product id's in log messages
Chen Hanxiao [Fri, 19 May 2017 07:17:32 +0000]
util: display leading zeros of USB vendor/product id's in log messages

Many vendor id's and product id's have leading zeros.  We should show
them in the logs.

Signed-off-by: Chen Hanxiao <chenhanxiao@gmail.com>
Reviewed-by: Laine Stump <laine@laine.org>

3 days agoqemu: Fix memory leak in qemuDomainUpdateMemoryDeviceInfo
Yi Wang [Thu, 25 May 2017 02:20:16 +0000]
qemu: Fix memory leak in qemuDomainUpdateMemoryDeviceInfo

The @meminfo allocated in qemuMonitorGetMemoryDeviceInfo() may be
lost when qemuDomainObjExitMonitor() failed.

Signed-off-by: Yi Wang <wang.yi59@zte.com.cn>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

3 days agoconf: Resolve corner case on fc_host deletion
John Ferlan [Sat, 29 Apr 2017 15:29:27 +0000]
conf: Resolve corner case on fc_host deletion

https://bugzilla.redhat.com/show_bug.cgi?id=1420740

Testing found an inventive way to cause an error at shutdown by providing the
parent name for the fc host creation using the "same name" as the HBA. Since
the code thus assumed the parent host name provided was the parent HBA and
just extracted out the host number and sent that along to the vport_destroy
this avoided checks made for equality.

So just add the equality check to that path to resolve.

3 days agoconf: fix build issue caused by shadowing global declaration
Pavel Hrdina [Wed, 24 May 2017 12:31:26 +0000]
conf: fix build issue caused by shadowing global declaration

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>

4 days agorpc: Bump maximum message size to 32M
Peter Krempa [Mon, 22 May 2017 15:48:09 +0000]
rpc: Bump maximum message size to 32M

While most of the APIs are okay with 16M messages, the bulk stats API
can run into the limit in big configurations. Before we devise a new
plan for this, bump this limit slightly to accomodate some more configs.

4 days agoconf: don't iterate over backcompat console in virDomainChrDefForeach
Pavel Hrdina [Mon, 15 May 2017 13:28:15 +0000]
conf: don't iterate over backcompat console in virDomainChrDefForeach

If the first console is just a copy of the first serial device we
don't need to iterate over the same device twice in order to perform
actions like security labeling, cgroup configuring, etc.

Currently only security SELinux manager was aware of this fact.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>

4 days agovz: minor cleanup in prlsdkDomainSetUserPassword
Konstantin Neumoin [Wed, 3 May 2017 10:44:52 +0000]
vz: minor cleanup in prlsdkDomainSetUserPassword

No need begin job for asynchronous operation.

Signed-off-by: Konstantin Neumoin <kneumoin@virtuozzo.com>

4 days agovz: fix raise in vzDomainBlock
Konstantin Neumoin [Wed, 3 May 2017 10:44:51 +0000]
vz: fix raise in vzDomainBlock

Put domain access after acquiring job condition, otherwise
another job can change it meanwhile.

Signed-off-by: Konstantin Neumoin <kneumoin@virtuozzo.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

4 days agovz: unlock dom until resize operation
Konstantin Neumoin [Wed, 3 May 2017 11:23:35 +0000]
vz: unlock dom until resize operation

We have to use waitDomainJob instead of waitJob, because of it
unlock the domain until job has finished, so domain will be available
for other clients.

Signed-off-by: Konstantin Neumoin <kneumoin@virtuozzo.com>

4 days agoqemu: Properly check return value of VIR_STRDUP in qemuDomainGetBlockIoTune
Peter Krempa [Tue, 23 May 2017 15:21:56 +0000]
qemu: Properly check return value of VIR_STRDUP in qemuDomainGetBlockIoTune

Setting the 'group_name' for a disk would falsely trigger a error path
as in commit 4b57f76502 we did not properly check the return value of
VIR_STRDUP.

4 days agolibxl: add default controllers for USB devices
Jim Fehlig [Tue, 28 Mar 2017 23:34:16 +0000]
libxl: add default controllers for USB devices

Attempting to start a domain with USB hostdevs but no USB controllers
fails with the rather cryptic error

libxl: error: libxl_qmp.c:287:qmp_handle_error_response: received an
error message from QMP server: Bus 'xenusb-0.0' not found

This can be fixed by creating default USB controllers. When no USB
controllers are defined, create the number of 8 port controllers
necessary to accommodate the number of defined USB devices.

Note that USB controllers are already created as needed in the
domainAttachDevice code path. E.g. a USB controller will be created,
if necessary, when attaching a USB device with
'virsh attach-device dom usbdev.xml'.

4 days agoqemu: process: Clear priv->namespaces on VM shutdown
Peter Krempa [Mon, 22 May 2017 11:36:55 +0000]
qemu: process: Clear priv->namespaces on VM shutdown

Otherwise the private data entry would be kept across instances of the
same VM even if it's not configured to do so.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1453142

5 days agoqemu: Remove unused variables in qemuDomainUpdateDeviceConfig
Kothapally Madhu Pavan [Tue, 16 May 2017 07:45:09 +0000]
qemu: Remove unused variables in qemuDomainUpdateDeviceConfig

priv and qemuCaps variables are not used anymore.

Signed-off-by: Kothapally Madhu Pavan <kmp@linux.vnet.ibm.com>

5 days agoRevert "qemu: propagate bridge MTU into qemu "host_mtu" option"
Laine Stump [Thu, 18 May 2017 18:16:27 +0000]
Revert "qemu: propagate bridge MTU into qemu "host_mtu" option"

This reverts commit 2841e675.

It turns out that adding the host_mtu field to the PCI capabilities in
the guest bumps the length of PCI capabilities beyond the 32 byte
boundary, so the virtio-net device gets 64 bytes of ioport space
instead of 32, which offsets the address of all the other following
devices. Migration doesn't work very well when the location and length
of PCI capabilities of devices is changed between source and
destination.

This means that we need to make sure that the absence/presence of
host_mtu on the qemu commandline always matches between source and
destination, which means that we need to make setting of host_mtu an
opt-in thing (it can't happen automatically when the bridge being used
has a non-default MTU, which is what commit 2841e675 implemented).

I do want to re-implement this feature with an <mtu auto='on'/>
setting, but probably won't backport that to any stable branches, so
I'm first reverting the original commit, and that revert can be pushed
to the few releases that have been made since the original (3.1.0 -
3.3.0)

Resolves: https://bugzilla.redhat.com/1449346

5 days agolibxl: add default listen address for VNC and spice
Jim Fehlig [Fri, 19 May 2017 21:52:04 +0000]
libxl: add default listen address for VNC and spice

If a VNC listen address is not specified in domXML, libxl
will default to 127.0.0.1, but this is never reflected in the domXML.
In the case of spice, a missing listen address resulted in listening
on all interfaces, i.e. '0.0.0.0'. If not specified, set the listen
address in virDomainGraphicsDef struct to the libxl default when
creating the frame buffer device. Additionally, set default spice
listen address to 127.0.0.1.

5 days agomaint: define a macro for IPv4 loopback address
Jim Fehlig [Fri, 19 May 2017 21:31:48 +0000]
maint: define a macro for IPv4 loopback address

Use a macro instead of hardcoding "127.0.0.1" throughout the
sources.

5 days agoProvide a useful README file
Daniel P. Berrange [Tue, 16 May 2017 10:48:17 +0000]
Provide a useful README file

The current README file contents has almost no useful info, and that
which does exist is very outdated.

Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

5 days agovirStreamSparseSendAll: Reset @want in each iteration
Michal Privoznik [Mon, 22 May 2017 09:44:26 +0000]
virStreamSparseSendAll: Reset @want in each iteration

There's a slight problem with the current function. Assume we are
currently in a data section and we have say 42 bytes until next
section. Therefore, just before (handler) is called to fill up
the buffer with data, @want is changed to 42 to match the amount
of data left in the current section. However, after hole is
processed, we are back in data section but with incredibly small
@want size. Nobody will ever reset it back. This results in
incredible data fragmentation.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

6 days agodocs: Update pointer to networking information
Andrea Bolognani [Mon, 15 May 2017 12:16:54 +0000]
docs: Update pointer to networking information

Commit 6fb5dd4fd804 removed docs/archnetwork.html.in, but
left behind a pointer to it in docs/formatnetwork.html.in.

Update it so that it points to the wiki, which contains
more detailed and recent information anyway.

6 days agovirCapabilitiesInitCaches: Don't leak cache dir
Michal Privoznik [Mon, 22 May 2017 10:07:19 +0000]
virCapabilitiesInitCaches: Don't leak cache dir

To every virDirOpen we must have VIR_DIR_CLOSE otherwise FD is
leaked.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>

6 days agoDo not release unreserved address in qemuDomainAttachRNGDevice
Ján Tomko [Fri, 19 May 2017 12:14:32 +0000]
Do not release unreserved address in qemuDomainAttachRNGDevice

Only set releaseaddr to true after the address has been
reserved successfully.

https://bugzilla.redhat.com/show_bug.cgi?id=1452581

Reviewed-by: John Ferlan <jferlan@redhat.com>

6 days agoqemu: hotplug: print correct vcpu when validating hot(un)plug config
Peter Krempa [Fri, 12 May 2017 15:46:31 +0000]
qemu: hotplug: print correct vcpu when validating hot(un)plug config

The error message would contain first vcpu id after the list of vcpus
selected for modification. To print the proper vcpu id remember the
first vcpu selected to be modified.

6 days agoutil: Don't leak @reply in virSystemdGetMachineNameByPID
Wang King [Sat, 20 May 2017 01:31:57 +0000]
util: Don't leak @reply in virSystemdGetMachineNameByPID

@reply is a DBusMessage object returned by virDBusCallMethod in
get machine object call path, dereference it before calling
virDBusCallMethod again to get machine name.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

6 days agotest: fixing variable names for test suite inside configure.ac.
Julio Faracco [Sat, 20 May 2017 14:53:54 +0000]
test: fixing variable names for test suite inside configure.ac.

Both variables for gcov and oom have wrong names inside configure.ac.
For this reason, the Test Suite configuration is not showing the current
configuration.

Before patching:
configure:    windres: no
configure:
configure: Test suite
configure:
configure:          Coverage:
configure:         Alloc OOM:
configure:
configure: Miscellaneous

After patching (using --enable-test-coverage and --enable-test-oom):
configure:    windres: no
configure:
configure: Test suite
configure:
configure:          Coverage: yes
configure:         Alloc OOM: yes
configure:
configure: Miscellaneous

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>

8 days agoxenconfig: fix handling of NULL disk source
Wim ten Have [Fri, 19 May 2017 14:38:43 +0000]
xenconfig: fix handling of NULL disk source

It is possible to crash libvirtd when converting xl native config to
domXML when the xl config contains an empty disk source, e.g. an empty
CDROM. Fix by checking that the disk source is non-NULL before parsing it.

Signed-off-by: Wim ten Have <wim.ten.have@oracle.com>

9 days agovirfiletest: include linux/falloc.h
Michal Privoznik [Thu, 18 May 2017 13:38:04 +0000]
virfiletest: include linux/falloc.h

On systems with older glibc including fcntl.h for getting
FALLOC_FL_PUNCH_HOLE defined is not enough. We must also include
linux/falloc.h.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

9 days agovirfiletest: Test virFileInData iff SEEK_HOLE is defined
Michal Privoznik [Thu, 18 May 2017 12:36:41 +0000]
virfiletest: Test virFileInData iff SEEK_HOLE is defined

Yet another place where we need to wrap code in
HAVE_DECL_SEEK_HOLE block.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

9 days agovirfile: Provide stub for virFileInData
Michal Privoznik [Thu, 18 May 2017 09:55:12 +0000]
virfile: Provide stub for virFileInData

Some older systems (such as RHEL6) lack SEEK_HOLE and SEEK_DATA
which virFileInData relies on. Provide a stub for these systems.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

9 days agoconf: Don't assign value from ..TypeFromString directly to enum
Peter Krempa [Fri, 19 May 2017 08:25:00 +0000]
conf: Don't assign value from ..TypeFromString directly to enum

Enums are unsigned, so it's impossible to check whether the helper
returned -1 for invalid conversions.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1452454

9 days agoapparmor, virt-aa-helper: Explicit denies for host devices
Felix Geyer [Thu, 18 May 2017 08:53:43 +0000]
apparmor, virt-aa-helper: Explicit denies for host devices

Add explicit denies for disk devices to avoid cluttering dmesg with
(acceptable) denials.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Guido Günther <agx@sigxcpu.org>

9 days agoapparmor, virt-aa-helper: Allow access to libnl-3 config files
Felix Geyer [Thu, 18 May 2017 08:53:42 +0000]
apparmor, virt-aa-helper: Allow access to libnl-3 config files

Allow access to libnl-3 config files

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Guido Günther <agx@sigxcpu.org>

9 days agoqemu: monitor: Don't bother extracting vCPU halted state in text monitor
Peter Krempa [Thu, 18 May 2017 11:27:24 +0000]
qemu: monitor: Don't bother extracting vCPU halted state in text monitor

The code causes the 'offset' variable to be overwritten (possibly with
NULL if neither of the vCPUs is halted) which causes a crash since the
variable is still used after that part.

Additionally there's a bug, since strstr() would look up the '(halted)'
string in the whole string rather than just the currently processed line
the returned data is completely bogus.

Rather than switching to single line parsing let's remove the code
altogether since it has a commonly used JSON monitor alternative and
the data itself is not very useful to report.

The code was introduced in commit cc5e695bde

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1452106

9 days agodatatypes: removing unnecessary return statement.
Julio Faracco [Thu, 18 May 2017 01:53:23 +0000]
datatypes: removing unnecessary return statement.

There is a wrong 'return' statement after a 'goto' statement inside the
function virConnectCloseCallbackDataRegister(). This commit only removes
the 'return'.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>

9 days agovirStream: Forbid negative seeks
Michal Privoznik [Thu, 18 May 2017 06:27:27 +0000]
virStream: Forbid negative seeks

Currently, we don't assign any meaning to that. Our current view
on virStream is that it's merely a pipe. And pipes don't support
seeking.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

9 days agonews: Document sparse streams
Michal Privoznik [Thu, 18 May 2017 06:17:52 +0000]
news: Document sparse streams

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

9 days agonodedev: mdev: Fix build caused by symbol shadowing
Erik Skultety [Thu, 18 May 2017 12:43:05 +0000]
nodedev: mdev: Fix build caused by symbol shadowing

GCC 4.6 complains about a local declaration shadowing a global symbol.

Signed-off-by: Erik Skultety <eskultet@redhat.com>

10 days agoutil: Do not leak @handles in stop netlink event service
Wang King [Thu, 18 May 2017 04:06:42 +0000]
util: Do not leak @handles in stop netlink event service

Commit e3ba4025 introduced srv->handles and VIR_RESIZE_N to allocate
@handles as necessary, but did not free the handles during when calling
virNetlinkEventServiceStop.

10 days agoutil: Deduplicate code in virNetlinkEventServiceStopAll
Wang King [Thu, 18 May 2017 04:06:41 +0000]
util: Deduplicate code in virNetlinkEventServiceStopAll

Commit 15a71e60 introduced the virNetlinkEventServiceStopAll function, and
the code in virNetlinkEventServiceStop is copied to this function, so just
call virNetlinkEventServiceStop instead.

10 days agodocs: Document the mediated devices within the nodedev driver
Erik Skultety [Wed, 29 Mar 2017 10:36:31 +0000]
docs: Document the mediated devices within the nodedev driver

https://bugzilla.redhat.com/show_bug.cgi?id=1452072

Signed-off-by: Erik Skultety <eskultet@redhat.com>

10 days agonodedev: Introduce mdev capability for mediated devices
Erik Skultety [Mon, 6 Mar 2017 16:18:48 +0000]
nodedev: Introduce mdev capability for mediated devices

Start discovering the mediated devices on the host system and format the
attributes for the mediated device into the XML. Compared to the parent
device which reports generic information about the abstract mediated
devices types, a child device only reports the type name it has been
instantiated from and the IOMMU group number, since that's device
specific compared to the rest of the info that can be gathered about
mediated devices at the moment.
This patch introduces both the formatting and parsing routines, updates
nodedev.rng schema, adding a testcase as well.

The resulting mdev child device XML:
<device>
  <name>mdev_4b20d080_1b54_4048_85b3_a6a62d165c01</name>
  <path>/sys/devices/.../4b20d080-1b54-4048-85b3-a6a62d165c01</path>
  <parent>pci_0000_06_00_0</parent>
  <driver>
    <name>vfio_mdev</name>
  </driver>
  <capability type='mdev'>
    <type id='vendor_supplied_type_id'/>
    <iommuGroup number='NUM'/>
  <capability/>
<device/>

https://bugzilla.redhat.com/show_bug.cgi?id=1452072

Signed-off-by: Erik Skultety <eskultet@redhat.com>

10 days agonodedev: Introduce the mdev capability to a PCI parent device
Erik Skultety [Mon, 6 Mar 2017 16:17:34 +0000]
nodedev: Introduce the mdev capability to a PCI parent device

The parent device needs to report the generic stuff about the supported
mediated devices types, like device API, available instances, type name,
etc. Therefore this patch introduces a new nested capability element of
type 'mdev_types' with the resulting XML of the following format:

<device>
  ...
  <capability type='pci'>
    ...
    <capability type='mdev_types'>
      <type id='vendor_supplied_id'>
        <name>optional_vendor_supplied_codename</name>
        <deviceAPI>vfio-pci</deviceAPI>
        <availableInstances>NUM</availableInstances>
      </type>
        ...
      <type>
        ...
      </type>
    </capability>
  </capability>
  ...
</device>

https://bugzilla.redhat.com/show_bug.cgi?id=1452072

Signed-off-by: Erik Skultety <eskultet@redhat.com>

10 days agonodedev: Introduce new mdev_types and mdev nodedev capabilities
Erik Skultety [Mon, 6 Mar 2017 16:20:00 +0000]
nodedev: Introduce new mdev_types and mdev nodedev capabilities

The reason for introducing two capabilities, one for the device itself
(cap 'mdev') and one for the parent device listing the available types
('mdev_types'), is that we should be able to do
'virsh nodedev-list --cap' not only for existing mdev devices but also
for devices that support creation of mdev devices, since one day libvirt
might be actually able to create the mdev devices in an automated way
(just like we do for NPIV/vHBA).

https://bugzilla.redhat.com/show_bug.cgi?id=1452072

Signed-off-by: Erik Skultety <eskultet@redhat.com>

10 days agonodedev: conf: Split PCI sub-capability parsing to separate methods
Erik Skultety [Tue, 18 Apr 2017 13:56:13 +0000]
nodedev: conf: Split PCI sub-capability parsing to separate methods

Since there's at least SRIOV and MDEV sub-capabilities to be parsed,
let's make the code more readable by splitting it to several logical
blocks.

Signed-off-by: Erik Skultety <eskultet@redhat.com>

10 days agomdev: Pass a uuidstr rather than an mdev object to some util functions
Erik Skultety [Wed, 26 Apr 2017 12:47:15 +0000]
mdev: Pass a uuidstr rather than an mdev object to some util functions

Namely, this patch is about virMediatedDeviceGetIOMMUGroup{Dev,Num}
functions. There's no compelling reason why these functions should take
an object, on the contrary, having to create an object every time one
needs to query the IOMMU group number, discarding the object afterwards,
seems odd.

Signed-off-by: Erik Skultety <eskultet@redhat.com>

10 days agopci: fix link maximum speed detection
Marek Marczykowski-Górecki [Tue, 16 May 2017 13:19:19 +0000]
pci: fix link maximum speed detection

Commit 8e09663 "pci: recognize/report GEN4 (PCIe 4.0) card 16GT/s Link
speed" introduced another speed into enum, but mistakenly also altered
field width, so one bit of link width was included there.

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>

10 days agovirsh: Implement sparse stream to vol-upload
Michal Privoznik [Wed, 27 Apr 2016 12:21:10 +0000]
virsh: Implement sparse stream to vol-upload

Similarly to previous commit, implement sparse streams feature
for vol-upload. This is, however, slightly different approach,
because we must implement a function that will tell us whether
we are in a data section or in a hole. But there's no magic
hidden in here.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agovirsh: Implement sparse stream to vol-download
Michal Privoznik [Tue, 12 Apr 2016 13:35:04 +0000]
virsh: Implement sparse stream to vol-download

Add a new --sparse switch that does nothing more than
enables the sparse streams feature for this command. Among with
the switch new helper function is introduced: virshStreamSkip().
This is the callback that is called whenever daemon sends us a
hole. In the callback we reflect the hole in underlying file by
seeking as many bytes as told.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoIntroduce virStorageVol{Download,Upload}Flags
Michal Privoznik [Fri, 8 Apr 2016 13:41:18 +0000]
Introduce virStorageVol{Download,Upload}Flags

These flags to APIs will tell if caller wants to use sparse
stream for storage transfer. At the same time, it's safe to
enable them in storage driver frontend and rely on our backends
checking the flags. This way we can enable specific flags only on
some specific backends, e.g. enable
VIR_STORAGE_VOL_DOWNLOAD_SPARSE_STREAM for filesystem backend but
not iSCSI backend.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agogendispatch: Introduce @sparseflag for our calls
Michal Privoznik [Tue, 12 Apr 2016 13:17:30 +0000]
gendispatch: Introduce @sparseflag for our calls

Now, not all APIs are going to support sparse streams. To some it
makes no sense at all, e.g. virDomainOpenConsole() or
virDomainOpenChannel(). To others, we will need a special flag to
indicate that client wants to enable sparse streams. Instead of
having to write RPC dispatchers by hand we can just annotate in
our .x files that a certain flag to certain RPC call enables this
feature. For instance:

     /**
      * @generate: both
      * @readstream: 1
      * @sparseflag: VIR_SPARSE_STREAM
      * @acl: storage_vol:data_read
      */
     REMOTE_PROC_DOMAIN_SOME_API = XXX,

Therefore, whenever client calls virDomainSomeAPI(..,
VIR_SPARSE_STREAM); daemon will mark that down and send stream
skips when possible.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agofdstream: Implement sparse stream
Michal Privoznik [Wed, 27 Apr 2016 08:51:46 +0000]
fdstream: Implement sparse stream

Basically, what is needed here is to introduce new message type
for the messages passed between the event loop callbacks and the
worker thread that does all the I/O. The idea is that instead of
a queue of read buffers we will have a queue where "hole of size
X" messages appear. That way the event loop callbacks can just
check the head of the queue and see if the worker thread is in
data or a hole section and how long the section is.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agodaemonStreamHandleRead: Wire up seekable stream
Michal Privoznik [Mon, 11 Apr 2016 09:58:19 +0000]
daemonStreamHandleRead: Wire up seekable stream

Whenever client is able to receive some data from stream
daemonStreamHandleRead is called. But now the behaviour of this
function needs to be changed a bit. Previously it just read data
from underlying file (of chardev or whatever) and sent those
through the stream to client. This model will not work any longer
because it does not differentiate whether underlying file is in
data or hole section. Therefore, at the beginning of this
function add code that checks this situation and acts
accordingly.
So after the this, when wanting to send some data we always check
whether we are not in a hole and if so, skip it an inform client
about its size.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoremote_driver: Implement VIR_STREAM_RECV_STOP_AT_HOLE
Michal Privoznik [Fri, 20 May 2016 14:44:22 +0000]
remote_driver: Implement VIR_STREAM_RECV_STOP_AT_HOLE

This is fairly trivial now that we have everything in place.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agovirNetClientStream: Wire up VIR_NET_STREAM_HOLE
Michal Privoznik [Fri, 20 May 2016 14:35:13 +0000]
virNetClientStream: Wire up VIR_NET_STREAM_HOLE

Whenever server sends a client stream packet (either regular with
actual data or stream skip one) it is queued on @st->rx. So the
list is a mixture of both types of stream packets. So now that we
have all the helpers needed we can wire their processing up. But
since virNetClientStreamRecvPacket doesn't support
VIR_STREAM_RECV_STOP_AT_HOLE flag yet, let's turn all received
skips into zeroes repeating requested times.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoremote: Implement virStreamRecvHole
Michal Privoznik [Fri, 20 May 2016 13:28:42 +0000]
remote: Implement virStreamRecvHole

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoIntroduce virNetClientStreamRecvHole
Michal Privoznik [Fri, 20 May 2016 13:28:29 +0000]
Introduce virNetClientStreamRecvHole

This function will fetch previously processed stream holes and
return their sum.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agovirNetClientStreamRecvPacket: Introduce @flags argument
Michal Privoznik [Fri, 20 May 2016 11:04:29 +0000]
virNetClientStreamRecvPacket: Introduce @flags argument

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoremote_driver: Implement virStreamSendHole
Michal Privoznik [Sun, 10 Apr 2016 13:48:27 +0000]
remote_driver: Implement virStreamSendHole

Now that we have RPC wrappers over VIR_NET_STREAM_HOLE we can
start wiring them up. This commit wires up situation when a
client wants to send a hole to daemon.

To keep stream offsets synchronous, upon successful call on the
daemon skip the same hole in local part of the stream.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agovirnetclientstream: Introduce virNetClientStreamHandleHole
Michal Privoznik [Fri, 12 May 2017 09:27:53 +0000]
virnetclientstream: Introduce virNetClientStreamHandleHole

This is a function that handles an incoming STREAM_HOLE packet.
Even though it is not wired up yet, it will be soon. At the
beginning do couple of checks whether server plays nicely and
sent us a STREAM_HOLE packed only after we've enabled sparse
streams. Then decodes the message payload to see how big the hole
is and stores it in passed @length argument.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agodaemon: Implement VIR_NET_STREAM_HOLE handling
Michal Privoznik [Fri, 12 May 2017 09:26:33 +0000]
daemon: Implement VIR_NET_STREAM_HOLE handling

Basically, whenever the new type of stream packet arrives to the
daemon call this function that decodes it and calls
virStreamSendHole(). Otherwise a regular data stream packet has
arrived and therefore continue its processing.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agovirnetclientstream: Introduce virNetClientStreamSendHole
Michal Privoznik [Mon, 11 Apr 2016 15:23:17 +0000]
virnetclientstream: Introduce virNetClientStreamSendHole

While the previous commit implemented a helper for sending a
STREAM_HOLE packet for daemon, this is a client's counterpart.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agodaemon: Introduce virNetServerProgramSendStreamHole
Michal Privoznik [Mon, 11 Apr 2016 09:44:42 +0000]
daemon: Introduce virNetServerProgramSendStreamHole

This is just a helper function that takes in a length value,
encodes it into XDR and sends to client.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoTeach wireshark plugin about VIR_NET_STREAM_HOLE
Michal Privoznik [Wed, 13 Apr 2016 14:38:09 +0000]
Teach wireshark plugin about VIR_NET_STREAM_HOLE

Ideally, this would be generated, but to achieve that
corresponding XDR definitions needed to go into a different .x
file. But they belong just to the one that they are right now.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoIntroduce VIR_NET_STREAM_HOLE message type
Michal Privoznik [Mon, 4 Apr 2016 12:54:46 +0000]
Introduce VIR_NET_STREAM_HOLE message type

This is a special type of stream packet, that is bidirectional
and contains information regarding how many bytes each side will
be skipping in the stream.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoRPC: Introduce virNetStreamHole
Michal Privoznik [Mon, 11 Apr 2016 14:58:15 +0000]
RPC: Introduce virNetStreamHole

This is going to be RPC representation for virStreamSendHole.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoAdd new flag to daemonCreateClientStream and virNetClientStreamNew
Michal Privoznik [Mon, 11 Apr 2016 14:50:04 +0000]
Add new flag to daemonCreateClientStream and virNetClientStreamNew

Add a new argument to daemonCreateClientStream in order to allow for
future expansion to mark that a specific stream can be used to skip
data, such as the case with sparsely populated files. The new flag will
be the eventual decision point between client/server to decide whether
both ends can support and want to use sparse streams.

A new bool 'allowSkip' is added to both _virNetClientStream and
daemonClientStream in order to perform the tracking.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agovirNetClientStreamNew: Track origin stream
Michal Privoznik [Tue, 12 Apr 2016 09:38:12 +0000]
virNetClientStreamNew: Track origin stream

Add a virStreamPtr pointer to the _virNetClientStream
in order to reverse track the parent stream.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoIntroduce virStreamInData
Michal Privoznik [Sat, 21 May 2016 12:25:14 +0000]
Introduce virStreamInData

This is just an internal API, that calls corresponding function
in stream driver. This function will set @data = 1 if the
underlying file is in data section, or @data = 0 if it is in a
hole. At any rate, @length is set to number of bytes remaining in
the section the file currently is.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoIntroduce virStreamSparseSendAll
Michal Privoznik [Sat, 21 May 2016 13:47:39 +0000]
Introduce virStreamSparseSendAll

This is just a wrapper over new function that have been just
introduced: virStreamSendHole() . It's very similar to
virStreamSendAll() except it handles sparse streams well.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoIntroduce virStreamSparseRecvAll
Michal Privoznik [Sat, 21 May 2016 13:17:51 +0000]
Introduce virStreamSparseRecvAll

This is just a wrapper over new functions that have been just
introduced: virStreamRecvFlags(), virStreamRecvHole(). It's very
similar to virStreamRecvAll() except it handles sparse streams
well.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoIntroduce VIR_STREAM_RECV_STOP_AT_HOLE flag
Michal Privoznik [Fri, 20 May 2016 13:12:59 +0000]
Introduce VIR_STREAM_RECV_STOP_AT_HOLE flag

Add a new flag to virStreamRecvFlags in order to handle being able to
stop reading from the stream so that the consumer can generate a "hole"
in stream target. Generation of a hole replaces the need to receive and
handle a sequence of zero bytes for sparse stream targets.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoIntroduce virStreamRecvHole
Michal Privoznik [Fri, 20 May 2016 13:03:11 +0000]
Introduce virStreamRecvHole

This function is basically a counterpart for virStreamSendHole().
If one side of a stream called virStreamSendHole() the other
should call virStreamRecvHole() to get the size of the hole.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoIntroduce virStreamSendHole
Michal Privoznik [Sun, 10 Apr 2016 10:01:20 +0000]
Introduce virStreamSendHole

This API is used to tell the other side of the stream to skip
some bytes in the stream. This can be used to create a sparse
file on the receiving side of a stream.

It takes @length argument, which says how big the hole is. This
skipping is done from the current point of stream. Since our
streams are not rewindable like regular files, we don't need
@whence argument like seek(2) has.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoImplement virStreamRecvFlags to some drivers
Michal Privoznik [Thu, 19 May 2016 15:34:23 +0000]
Implement virStreamRecvFlags to some drivers

There are three virStreamDriver's currently supported:

 * virFDStream
 * remote driver
 * ESX driver

For now, backend virStreamRecvFlags support for only remote driver and
ESX driver is sufficient. Future patches will update virFDStream.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoIntroduce virStreamRecvFlags
Michal Privoznik [Thu, 19 May 2016 14:53:35 +0000]
Introduce virStreamRecvFlags

This patch is adding the virStreamRecvFlags as a variant to the
virStreamRecv function in order to allow for future expansion of
functionality for processing sparse streams using a @flags
argument.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agoutil: Introduce virFileInData
Michal Privoznik [Thu, 16 Jun 2016 08:42:47 +0000]
util: Introduce virFileInData

This function takes a FD and determines whether the current
position is in data section or in a hole. In addition to that,
it also determines how much bytes are there remaining till the
current section ends.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agovirfdstream: Use messages instead of pipe
Michal Privoznik [Thu, 13 Apr 2017 09:49:30 +0000]
virfdstream: Use messages instead of pipe

One big downside of using the pipe to transfer the data is that
we can really transfer just bare data. No metadata can be carried
through unless some formatted messages are introduced. That would
be quite painful to achieve so let's use a message queue. It's
fairly easy to exchange info between threads now that iohelper is
no longer used.

The reason why we cannot use the FD for plain files directly is
that despite us setting noblock flag on the FD, any
read()/write() blocks regardless (which is a show stopper since
those parts of the code are run from the event loop) and poll()
reports such FD as always readable/writable - even though the
subsequent operation might block.

The pipe is still not gone though. It is used to signal the event
loop that an event occurred (e.g. data is available for reading
in the queue, or vice versa).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

10 days agovirsh: add --io when attaching disks to guests
Gordon Messmer [Fri, 12 May 2017 21:27:27 +0000]
virsh: add --io when attaching disks to guests

virt-install and virt-manager both default to explicitly setting
"io='native'" in the disk "driver" tag. virsh, however, does not and also
does not provide an option to specify that setting at all.  As a result,
disks use a different IO mechanism (the default, "threads") when attached
post-setup using virsh.  Adding this option allows users to keep disk
performance consistent for disks attached at install, and those attached
afterward.

10 days agoqemu: driver: Allow passing disk target as top image with block commit
Peter Krempa [Wed, 17 May 2017 15:16:15 +0000]
qemu: driver: Allow passing disk target as top image with block commit

Since we allow active layer block commit the users are allowed to commit
the top of the chain (e.g. vda) into the backing image. The API would
not accept that parameter, as it tried to look up the image in the
backing chain.

Add the ability to use the top level image target name explicitly as the
top image of the block commit operation.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1451394