Peter Krempa | 1 Oct 16:14 2014

[libvirt] [PATCH] maint: Prohibit "devname" by a syntax check rules

and tweak the code to avoid using it.
---                                 | 12 ++++++++++++
 include/libvirt/           |  2 +-
 src/conf/interface_conf.c              | 10 +++++-----
 src/conf/interface_conf.h              |  2 +-
 src/interface/interface_backend_udev.c |  2 +-
 src/qemu/qemu_monitor.c                |  4 ++--
 src/qemu/qemu_monitor.h                |  6 +++---
 src/util/virfile.c                     |  6 +++---
 tools/virsh-domain.c                   |  4 ++--
 tools/virt-host-validate-common.h      |  2 +-
 10 files changed, 31 insertions(+), 19 deletions(-)

diff --git a/ b/
index ed7123b..8e99d04 100644
--- a/
+++ b/
 <at>  <at>  -962,6 +962,15  <at>  <at>  sc_prohibit_paren_brace:
 	halt='Put space between closing parenthesis and opening brace'	\

+# Look for diagnostics that aren't marked for translation.
+# This won't find any for which error's format string is on a separate line.
+# The sed filters eliminate false-positives like these:
+	 <at> prohibit='\bdevname\b'			\
+	exclude='sc_prohibit_devname'	\
+	halt='avoid using 'devname' as FreeBSD exports the symbol'	\
+	  $(_sc_search_regexp)
(Continue reading)

Ján Tomko | 1 Oct 15:11 2014

[libvirt] [PATCH] Include .libs in libdir in source tree pkg-config files

This lets me build against an uninstalled source tree without
 src/  | 2 +-
 src/ | 2 +-
 src/      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/ b/src/
index 20f173b..88e431b 100644
--- a/src/
+++ b/src/
 <at>  <at>  -4,7 +4,7  <at>  <at> 

 prefix= <at> abs_top_builddir <at> 
 exec_prefix= <at> abs_top_builddir <at> 
-libdir= <at> abs_top_builddir <at> /src
+libdir= <at> abs_top_builddir <at> /src/.libs
 includedir= <at> abs_top_builddir <at> /include
 datarootdir= <at> abs_top_builddir <at> 

diff --git a/src/ b/src/
index 1e2cadf..ed1f68a 100644
--- a/src/
+++ b/src/
 <at>  <at>  -4,7 +4,7  <at>  <at> 

 prefix= <at> abs_top_builddir <at> 
 exec_prefix= <at> abs_top_builddir <at> 
-libdir= <at> abs_top_builddir <at> /src
(Continue reading)

Erik Skultety | 1 Oct 14:57 2014

[libvirt] [PATCHv3] qemu: NUMA/network tuning shouldn't be supported in session mode

Tuning NUMA or network interface parameters require root
privileges to manage cgroups, thus an attempt to set some of these
parameters in session mode on a running domain should be invalid
followed by an error.
As an example might be memory tuning which raises an error in such case.
Following behavior in session mode will be present after applying
this patch:

  Tuning  |      SET      |   GET  |
NUMA      | shut off only | always |
Memory    |     never     | never  |
Interface |     never     | always |

 src/qemu/qemu_command.c | 13 ++++++++++++-
 src/qemu/qemu_driver.c  | 35 +++++++++++++++++++++++++----------
 2 files changed, 37 insertions(+), 11 deletions(-)

diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index eb72451..4c335dc 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
 <at>  <at>  -7671,7 +7671,7  <at>  <at>  qemuBuildCommandLine(virConnectPtr conn,
     emulator = def->emulator;

     if (!cfg->privileged) {
-        /* If we have no cgroups than we can have no tunings that
+        /* If we have no cgroups then we can have no tunings that
(Continue reading)

Peter Krempa | 1 Oct 14:43 2014

[libvirt] [PATCH 0/2] Fix issues introduced by the bulk stats series.

Patch 1/2 will be pushed soon under the trivial rule.
Patch 2/2 will be pushed soon under the build breaker rule.

Peter Krempa (2):
  qemu: json: Fix missing break in error reporting function
  qemu: monitor: Avoid shadowing variable "devname" on FreeBSD. Again.

 src/qemu/qemu_monitor_json.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)



Daniel Veillard | 1 Oct 11:32 2014

[libvirt] Release of libvirt 1.2.9

  As planned the release of libvirt 1.2.9 is available, tagged in
git, signed sources and rpms are available at the usual place:

 I also pushed the libvirt-python release 1.2.9 to its own location:

This release introduce some new APIs and functionalities as well as a
number of bug fixes including 2 security fixes: CVE-2014-3633 and
CVE-2014-3657 which has been pushed as part of the release. There is
also a number of improvements available.

  In a nutshell users are invited to upgrade.

- Introduce virNodeAllocPages (Michal Privoznik)
- event: introduce new event for tunable values (Pavel Hrdina)
- add migration support for OpenVZ driver (Hongbin Lu)
- Add support for fetching statistics of completed jobs (Jiri Denemark)

- CVE-2014-3657: domain_conf: fix domain deadlock (Pavel Hrdina)
- CVE-2014-3633: qemu: blkiotune: Use correct definition when looking up disk (Peter Krempa)

- LXC: emphasis uid start of idmap only accept '0' in docs (Chen Hanxiao)
- specify vhost-net instead of net-vhost (Jianwei Hu)
(Continue reading)

Stefan Bader | 1 Oct 10:30 2014

[libvirt] [PATCH/RFC] Add missing delta from Ubuntu to apparmor profiles

This had been on the Debian package list before but its time to take
this onwards. So the goal would be to have one set to rule them all
(when using apparmor) and drop the seperate set of definitions which
exist at least in the Ubuntu packaging.

Right now the patch would be at a state which adds all missing files
and rules to the current examples in libvirt and installs them when
using --with-apparmor-profiles.

One problem seems to be that some of the definitions might cause
parse failures on certain versions of apparmor. I checked this morning
and this looks a bit hairy. So some apparmor 2.8 versions potentially
have issues, but not all apparmor 2.8 are the same (gah).

I could imagine (but John, we really could use some guidance here ;))
that at least some changes could be related to version 2.8.95~2430:

    + debian/patches/mediate-signals.patch,
      debian/patches/change-signal-syntax.patch: Parse signal rules with
      apparmor_parser. See the apparmor.d(5) man page for syntax details.
    + debian/patches/change-ptrace-syntax.patch,
      debian/patches/mediate-ptrace.patch: Parse ptrace rules with
      apparmor_parser. See the apparmor.d(5) man page for syntax details.

But, regardless of the when, the apparmor rules maybe need a way to handle
versioned features of the parser. One proposal was to comment out problematic
rules and allow the packager to re-enable things. Maybe going one step
further and have some pre-processing that handles version based sections
(like #if (APPARMOR_VERSION >= xxx)).

(Continue reading)

Tomoki Sekiyama | 1 Oct 02:19 2014

[libvirt] [PATCH 0/5] Guest filesystem information API


This series implements a new virDomainGetFSInfo API, that returns a list of
mounted filesystems information in the guest, collected via the guest agent.

The returned info contains mountpoints and disk device alias named in
libvirt, so we can know which mountpoints should be frozen by
virDomainFSFreeze to take snapshots of a part of disks.

Tomoki Sekiyama (5):
      Implement public API for virDomainGetFSInfo
      remote: Implement the remote protocol for virDomainGetFSInfo
      qemu: Implement the qemu driver for virDomainGetFSInfo
      qemu: add test for qemuAgentGetFSInfo
      virsh: expose virDomainGetFSInfo

 daemon/remote.c                          |  117 +++++++++++++++++++++
 include/libvirt/             |   21 ++++
 src/conf/domain_conf.c                   |   71 +++++++++++++
 src/conf/domain_conf.h                   |    6 +
 src/driver.h                             |    6 +
 src/libvirt.c                            |   68 ++++++++++++
 src/libvirt_private.syms                 |    1 
 src/libvirt_public.syms                  |    6 +
 src/qemu/qemu_agent.c                    |  165 ++++++++++++++++++++++++++++++
 src/qemu/qemu_agent.h                    |    2 
 src/qemu/qemu_driver.c                   |   48 +++++++++
 src/remote/remote_driver.c               |   87 ++++++++++++++++
 src/remote/remote_protocol.x             |   32 ++++++
(Continue reading)

John Ferlan | 30 Sep 23:35 2014

[libvirt] [PATCH 0/4] Resolve libvirtd crash matching scsi_host

Not for 1.2.9, but may as well get it in the queue to be reviewed for
post 1.2.9

Although possible to do in one patch - I figured it'd be easier to
review if shown in steps.

Essentially the problem is the scsi_host duplicate checks were causing
a libvirtd crash with the parentaddr/unique_id code.  During my investigation
I determined that there was another lurking issue with the two ways in
which the 'name=' property is allowed to be either 'host#' or 'scsi_host#'.

John Ferlan (4):
  storage_conf: Create function to perform scsi_host dupe check
  storage_conf: Refactor arguments to matchSCSIAdapter
  storage_conf: Fix the comparison
  storage_conf: Resolve libvirtd crash matching scsi_host

 src/conf/storage_conf.c | 111 ++++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 97 insertions(+), 14 deletions(-)



Rick Harris | 30 Sep 19:01 2014

[libvirt] [PATCH] Add support for /run/initctl

Newer versions of Debian use `/run/initctl` instead of `/dev/initctl`. This
patch updates the code to search for the FIFO from a list of well-known

In the FreeBSD case, as before, we fall-back to the `/etc/.initctl` stub.
 src/util/virinitctl.c | 38 ++++++++++++++++++++++++--------------
 1 file changed, 24 insertions(+), 14 deletions(-)

diff --git a/src/util/virinitctl.c b/src/util/virinitctl.c
index a6fda3b..c4b48d4 100644
--- a/src/util/virinitctl.c
+++ b/src/util/virinitctl.c
 <at>  <at>  -46,12 +46,6  <at>  <at> 
  *              Copyright (C) 1995-2004 Miquel van Smoorenburg

-# if defined(__FreeBSD_kernel__)
-#  define VIR_INITCTL_FIFO  "/etc/.initctl"
-# else
-#  define VIR_INITCTL_FIFO  "/dev/initctl"
-# endif
 # define VIR_INITCTL_MAGIC 0x03091969
 # define VIR_INITCTL_CMD_START          0
 # define VIR_INITCTL_CMD_RUNLVL         1
 <at>  <at>  -124,6 +118,13  <at>  <at>  virInitctlSetRunLevel(virInitctlRunLevel level)
     struct virInitctlRequest req;
     int fd = -1;
     int ret = -1;
(Continue reading)

Pavel Hrdina | 30 Sep 18:00 2014

[libvirt] [libvirt-python PATCH] implement new tunable event


Signed-off-by: Pavel Hrdina <phrdina <at>>
 examples/         |  3 ++ |  9 ++++++
 libvirt-override.c             | 64 ++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 76 insertions(+)

diff --git a/examples/ b/examples/
index cd85de3..be7a7d4 100644
--- a/examples/
+++ b/examples/
 <at>  <at>  -515,6 +515,8  <at>  <at>  def myDomainEventDeviceRemovedCallback(conn, dom, dev, opaque):
   , dom.ID(), dev))
 def myDomainEventBlockJob2Callback(conn, dom, disk, type, status, opaque):
     print("myDomainEventBlockJob2Callback: Domain %s(%s) %s on disk %s %s" % (, dom.ID(),
blockJobTypeToString(type), disk, blockJobStatusToString(status)))
+def myDomainEventTunableCallback(conn, dom, params, opaque):
+    print("myDomainEventTunableCallback: Domain %s(%s) %s" % (, dom.ID(), params))

 # Network events
 <at>  <at>  -624,6 +626,7  <at>  <at>  def main():
     vc.domainEventRegisterAny(None, libvirt.VIR_DOMAIN_EVENT_ID_PMSUSPEND_DISK,
myDomainEventPMSuspendDiskCallback, None)
     vc.domainEventRegisterAny(None, libvirt.VIR_DOMAIN_EVENT_ID_DEVICE_REMOVED,
myDomainEventDeviceRemovedCallback, None)
     vc.domainEventRegisterAny(None, libvirt.VIR_DOMAIN_EVENT_ID_BLOCK_JOB_2,
myDomainEventBlockJob2Callback, None)
(Continue reading)

Cristian Klein | 30 Sep 16:39 2014

[libvirt] [PATCH v2 0/8] Post-copy live migration support

Qemu currently implements pre-copy live migration. VM memory pages are
first copied from the source hypervisor to the destination, potentially
multiple times as pages get dirtied during transfer, then VCPU state
is migrated. Unfortunately, if the VM dirties memory faster than the
network bandwidth, then pre-copy cannot finish. `virsh` currently
includes an option to suspend a VM after a timeout, so that migration
may finish, but at the expense of downtime.

A future version of qemu will implement post-copy live migration. The
VCPU state is first migrated to the destination hypervisor, then
memory pages are pulled from the source hypervisor. Post-copy has the
potential to do migration with zero-downtime, despite the VM dirtying
pages fast, with minimum performance impact. On the other hand, one
post-copy is in progress, any network failure would render the VM
unusable, as its memory is partitioned between the source and
destination hypervisor. Therefore, post-copy should only be used when

Post-copy migration in qemu will work as follows:
(1) The `x-postcopy-ram` migration capability needs to be set.
(2) Migration is started.
(3) When the user decides so, post-copy migration is activated by
sending the `migrate-start-postcopy` command. Qemu acknowledges by
setting migration status to `postcopy-active`.

- Fixed formatting
- Set target version to libvirt 1.2.10
- Only use JSON monitor
- Renamed `qemuMigrateStartPostCopy` to `qemuDomainMigrateStartPostCopy`
(Continue reading)