Commit Graph

25 Commits

Author SHA1 Message Date
Benjamin Cama db488c7917 network: fix dnsmasq/radvd binding to IPv6 on recent kernels
I hit this problem recently when trying to create a bridge with an IPv6
address on a 3.2 kernel: dnsmasq (and, further, radvd) would not bind to
the given address, waiting 20s and then giving up with -EADDRNOTAVAIL
(resp. exiting immediately with "error parsing or activating the config
file", without libvirt noticing it, BTW). This can be reproduced with (I
think) any kernel >= 2.6.39 and the following XML (to be used with
"virsh net-create"):

        <network>
          <name>test-bridge</name>
          <bridge name='testbr0' />
          <ip family='ipv6' address='fd00::1' prefix='64'>
          </ip>
        </network>

(it happens even when you have an IPv4, too)

The problem is that since commit [1] (which, ironically, was made to
“help IPv6 autoconfiguration”) the linux bridge code makes bridges
behave like “real” devices regarding carrier detection. This makes the
bridges created by libvirt, which are started without any up devices,
stay with the NO-CARRIER flag set, and thus prevents DAD (Duplicate
address detection) from happening, thus letting the IPv6 address flagged
as “tentative”. Such addresses cannot be bound to (see RFC 2462), so
dnsmasq fails binding to it (for radvd, it detects that "interface XXX
is not RUNNING", thus that "interface XXX does not exist, ignoring the
interface" (sic)). It seems that this behavior was enhanced somehow with
commit [2] by avoiding setting NO-CARRIER on empty bridges, but I
couldn't reproduce this behavior on my kernel. Anyway, with the “dummy
tap to set MAC address” trick, this wouldn't work.

To fix this, the idea is to get the bridge's attached device to be up so
that DAD can happen (deactivating DAD altogether is not a good idea, I
think). Currently, libvirt creates a dummy TAP device to set the MAC
address of the bridge, keeping it down. But even if we set this device
up, it is not RUNNING as soon as the tap file descriptor attached to it
is closed, thus still preventing DAD. So, we must modify the API a bit,
so that we can get the fd, keep the tap device persistent, run the
daemons, and close it after DAD has taken place. After that, the bridge
will be flagged NO-CARRIER again, but the daemons will be running, even
if not happy about the device's state (but we don't really care about
the bridge's daemons doing anything when no up interface is connected to
it).

Other solutions that I envisioned were:
      * Keeping the *-nic interface up: this would waste an fd for each
        bridge during all its life. May be acceptable, I don't really
        know.
      * Stop using the dummy tap trick, and set the MAC address directly
        on the bridge: it is possible since quite some time it seems,
        even if then there is the problem of the bridge not being
        RUNNING when empty, contrary to what [2] says, so this will need
        fixing (and this fix only happened in 3.1, so it wouldn't work
        for 2.6.39)
      * Using the --interface option of dnsmasq, but I saw somewhere
        that it's not used by libvirt for backward compatibility. I am
        not sure this would solve this problem, though, as I don't know
        how dnsmasq binds itself to it with this option.

This is why this patch does what's described earlier.

This patch also makes radvd start even if the interface is
“missing” (i.e. it is not RUNNING), as it daemonizes before binding to
it, and thus sometimes does it after the interface has been brought down
by us (by closing the tap fd), and then originally stops. This also
makes it stop yelling about it in the logs when the interface is down at
a later time.

[1]
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=1faa4356a3bd89ea11fb92752d897cff3a20ec0e
[2]
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=b64b73d7d0c480f75684519c6134e79d50c1b341
2012-09-27 11:17:52 -06:00
Eric Blake 7d7ee14b00 build: fix author of previous commit
Stefan's attribution came through with an extra 'n' in the email address.
2012-08-09 15:39:34 -06:00
Gerd v. Egidy 57fb8d5336 maint: consolidate AUTHOR listings for Gerd von Egidy 2012-08-01 17:29:46 -06:00
Ján Tomko 4fedf388f6 virsh: check if specified debug level is in range 2012-07-26 08:21:04 -06:00
Eric Blake 0fbafe9c50 maint: add mailmap entry for Dan Walsh
As confirmed with Dan on IRC.

* .mailmap: List Dan's preferred 'shortlog' name.
2012-07-18 15:34:53 -06:00
Eric Blake 6bbbe53bea maint: update preferred contributor name
Based on off-list discussion with Royce.

* AUTHORS: Update to Royce Lv's preferred anglicized name.
* .mailmap: Likewise.
2012-07-09 13:05:06 -06:00
Josh Durgin 78290b1641 qemu: add rbd to whitelist of migration-safe formats
QEMU (and librbd) flush the cache on the source before the
destination starts, and the destination does not read any
changeable data before that, so live migration with rbd caching
is safe.

This makes 'virsh migrate' work with rbd and caching without the
--unsafe flag.

Reported-by: Vladimir Bashkirtsev <vladimir@bashkirtsev.com>
Signed-off-by: Josh Durgin <josh.durgin@inktank.com>
2012-07-02 14:52:27 -06:00
Eric Blake 30a30a7a70 maint: use full author name for previous commit
* .mailmap: Add a name alias.
2012-07-02 09:36:16 -06:00
Eric Blake 9a3fc7f3f7 maint: prune duplicate listings in AUTHORS
* AUTHORS: Remove duplicates.
* .mailmap: Update accordingly.
2012-02-03 09:56:45 -07:00
Eric Blake 613f9ea8f7 maint: use mailmap, not AUTHORS, for secondary addresses
* AUTHORS: Move Stefan's second entry...
* .mailmap: ...here.
2011-11-11 08:56:19 -07:00
Neil Wilson 92888c803b bridge_driver.c: Fix autoconf setting
Code altered so that it is consistent with the associated comment. The
'autoconf' variable is forced to zero.

Signed-off-by: Neil Wilson <neil@brightbox.co.uk>
2011-10-03 23:35:29 -04:00
Eric Blake d6fb294346 maint: Prefer names over email in 'git shortlog'
Alex recently committed some patches with just an email instead
of a preferred name; this fixes things so 'git shortlog' gives
nicer output.

* .mailmap: Update.
2011-09-19 16:34:10 -06:00
Jim Fehlig cd592a91de Change my email domain
I'd like to change my primary email address to jfehlig@suse.com.
This patch changes it in AUTHORS and .mailmap.
2011-09-01 16:13:34 -06:00
Supriya Kannery 2de8aa8fd0 virsh: Avoid using magic numbers for logging
Replace magic numbers with loglevel variables.

Signed-off-by: Supriya Kannery <supriyak@in.ibm.com>
2011-07-14 07:03:40 -06:00
Marc-André Lureau 98bfdff12c spice: add <clipboard copypaste='yes|no'> option
From a security pov copy and paste between the guest and the client is not
always desirable. So we need to be able to enable/disable this. The best place
to do this from an administration pov is on the hypervisor, so the qemu cmdline
is getting a spice disable-copy-paste option, see bug 693645. Example qemu
invocation:
qemu -spice port=5932,disable-ticketing,disable-copy-paste

https://bugzilla.redhat.com/show_bug.cgi?id=693661
2011-06-14 17:03:26 -06:00
Federico Simoncelli 18c2a59206 qemu: allow blkstat/blkinfo calls during migration
Originally most of libvirt domain-specific calls were blocking
during a migration.
A new mechanism to allow specific calls (blkstat/blkinfo) to be
executed in such condition has been implemented.
In the long term it'd be desirable to get a more general
solution to mark further APIs as migration safe, without needing
special case code.

 * src/qemu/qemu_migration.c: add some additional job signal
   flags for doing blkstat/blkinfo during a migration
 * src/qemu/qemu_domain.c: add a condition variable that can be
   used to efficiently wait for the migration code to clear the
   signal flag
 * src/qemu/qemu_driver.c: execute blkstat/blkinfo using the
   job signal flags during migration
2011-05-26 11:05:04 -06:00
Doug Goldstein a67407fa36 Use per-user TLS certificates when possible
When using TLS authentication and operating as the non-root user,
initially attempt to use that specific user's TLS certificates before
attempting to use the system wide TLS certificates.

Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
2011-05-23 13:18:14 -06:00
Eric Blake 4037f0257c build: fix syntax-check failure
* .mailmap: Add an alias for last commit.
2011-04-20 17:17:56 -06:00
Christophe Fergeau 454e50beee Fix gcc 4.6 warnings
gcc 4.6 warns when a variable is initialized but isn't used afterwards:

vmware/vmware_driver.c:449:18: warning: variable 'vmxPath' set but not used [-Wunused-but-set-variable]

This patch fixes these warnings. There are still 2 offending files:

- vbox_tmpl.c: the variable is used inside an #ifdef and is assigned several
  times outside of #ifdef. Fixing the warning would have required wrapping
  all the assignment inside #ifdef which hurts readability.

vbox/vbox_tmpl.c: In function 'vboxAttachDrives':
vbox/vbox_tmpl.c:3918:22: warning: variable 'accessMode' set but not used [-Wunused-but-set-variable]

- esx_vi_types.generated.c: the name implies it's generated code and I
  didn't want to dive into the code generator

esx/esx_vi_types.generated.c: In function 'esxVI_FileQueryFlags_Free':
esx/esx_vi_types.generated.c:1203:3: warning: variable 'item' set but not used [-Wunused-but-set-variable]
2011-04-14 19:09:12 +02:00
Eric Blake 1ddefd181b maint: update an email address preference
* AUTHORS (Soren Hansen): Update address.
* .mailmap: Alias other addresses to new preference.
2010-08-10 08:13:22 -06:00
Soren Hansen 92e43e6d02 Add "ubd" to the list of disk prefixes
virDiskNameToIndex has a list of disk name prefixes that it uses in the
process of finding the disk's index. This list is missing "ubd" which
is the disk prefix used for UML domains.

Signed-off-by: Soren Hansen <soren@linux2go.dk>
2010-08-10 07:16:44 -06:00
Daniel P. Berrange 2fc10e1a59 Fix .mailmap after accidental wrong committer address 2010-07-23 10:43:45 +01:00
Justin Clift b3db32610d authors: update my authors details 2010-07-09 23:21:00 +10:00
Jim Meyering ef77388ba4 avoid syntax-check failure
* .mailmap: Map a stray commit-author email address to the canonical one.
Reported by Justin Clift.
2010-06-06 10:27:28 +02:00
Jim Meyering 208b2ad879 maint: new syntax-check rule to ensure that AUTHORS stays in sync
* cfg.mk (sc_check_AUTHOR_list): New rule.
* .mailmap: New file, to tell git log how to map email addresses.
2010-05-28 15:02:04 +02:00