|
 |
df3bb2 |
From 66a40516a2696b7528803d7637c022659fa8c46e Mon Sep 17 00:00:00 2001
|
|
|
df3bb2 |
From: "Richard W.M. Jones" <rjones@redhat.com>
|
|
|
df3bb2 |
Date: Thu, 2 Oct 2014 16:44:07 +0100
|
|
|
df3bb2 |
Subject: [PATCH] Revert "launch: libvirt: Use qemu-bridge-helper to implement
|
|
|
df3bb2 |
a full network (RHBZ#1148012)."
|
|
|
df3bb2 |
|
|
|
df3bb2 |
We've been carrying this exact patch in RHEL 7 for several years. It
|
|
|
df3bb2 |
reverts the change made in 2014 where we switched to using the virbr0
|
|
|
df3bb2 |
bridge for libguestfs networking instead of SLIRP. We thought SLIRP
|
|
|
df3bb2 |
was going to become unsupported in qemu, but recently there have been
|
|
|
df3bb2 |
more encouraging signs since it looks like SLIRP will be spun off as a
|
|
|
df3bb2 |
separate project, running as a modular process and properly secured
|
|
|
df3bb2 |
and supported.
|
|
|
df3bb2 |
|
|
|
df3bb2 |
This reverts commit 224de20b9a8d5ea56f6337f19b4ca237bb88eca0.
|
|
|
df3bb2 |
|
|
|
df3bb2 |
(cherry picked from commit 492a945791b43f80a769a53e60d0899b3d7c60ab)
|
|
|
df3bb2 |
---
|
|
|
df3bb2 |
lib/guestfs-internal.h | 11 +++++
|
|
|
df3bb2 |
lib/guestfs.pod | 10 -----
|
|
|
df3bb2 |
lib/launch-direct.c | 11 -----
|
|
|
df3bb2 |
lib/launch-libvirt.c | 91 ++++++++++--------------------------------
|
|
|
df3bb2 |
4 files changed, 32 insertions(+), 91 deletions(-)
|
|
|
df3bb2 |
|
|
|
df3bb2 |
diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h
|
|
|
df3bb2 |
index adeb9478a..fe3a0e3b9 100644
|
|
|
df3bb2 |
--- a/lib/guestfs-internal.h
|
|
|
df3bb2 |
+++ b/lib/guestfs-internal.h
|
|
|
df3bb2 |
@@ -147,6 +147,17 @@
|
|
|
df3bb2 |
#define MACHINE_TYPE "pseries"
|
|
|
df3bb2 |
#endif
|
|
|
df3bb2 |
|
|
|
df3bb2 |
+/* Differences in qemu device names on ARMv7 (virtio-mmio), s/390x
|
|
|
df3bb2 |
+ * (CCW) vs normal hardware with PCI.
|
|
|
df3bb2 |
+ */
|
|
|
df3bb2 |
+#if defined(__arm__)
|
|
|
df3bb2 |
+#define VIRTIO_DEVICE_NAME(type) type "-device"
|
|
|
df3bb2 |
+#elif defined(__s390x__)
|
|
|
df3bb2 |
+#define VIRTIO_DEVICE_NAME(type) type "-ccw"
|
|
|
df3bb2 |
+#else
|
|
|
df3bb2 |
+#define VIRTIO_DEVICE_NAME(type) type "-pci"
|
|
|
df3bb2 |
+#endif
|
|
|
df3bb2 |
+
|
|
|
df3bb2 |
/* Guestfs handle and associated structures. */
|
|
|
df3bb2 |
|
|
|
df3bb2 |
/* State. */
|
|
|
df3bb2 |
diff --git a/lib/guestfs.pod b/lib/guestfs.pod
|
|
|
df3bb2 |
index 4b24006df..c7fbeef03 100644
|
|
|
df3bb2 |
--- a/lib/guestfs.pod
|
|
|
df3bb2 |
+++ b/lib/guestfs.pod
|
|
|
df3bb2 |
@@ -1551,16 +1551,6 @@ On Fedora, install C<kernel-debuginfo> for the C<vmlinux> file
|
|
|
df3bb2 |
(containing symbols). Make sure the symbols precisely match the
|
|
|
df3bb2 |
kernel being used.
|
|
|
df3bb2 |
|
|
|
df3bb2 |
-=head3 network_bridge
|
|
|
df3bb2 |
-
|
|
|
df3bb2 |
-The libvirt backend supports:
|
|
|
df3bb2 |
-
|
|
|
df3bb2 |
- export LIBGUESTFS_BACKEND_SETTINGS=network_bridge=virbrX
|
|
|
df3bb2 |
-
|
|
|
df3bb2 |
-This allows you to override the bridge that is connected to when the
|
|
|
df3bb2 |
-network is enabled. The default is C<virbr0>. See also
|
|
|
df3bb2 |
-L</guestfs_set_network>.
|
|
|
df3bb2 |
-
|
|
|
df3bb2 |
=head2 ATTACHING TO RUNNING DAEMONS
|
|
|
df3bb2 |
|
|
|
df3bb2 |
I<Note (1):> This is B<highly experimental> and has a tendency to eat
|
|
|
df3bb2 |
diff --git a/lib/launch-direct.c b/lib/launch-direct.c
|
|
|
df3bb2 |
index 47e8f37de..f6c494d69 100644
|
|
|
df3bb2 |
--- a/lib/launch-direct.c
|
|
|
df3bb2 |
+++ b/lib/launch-direct.c
|
|
|
df3bb2 |
@@ -49,17 +49,6 @@
|
|
|
df3bb2 |
#include "guestfs_protocol.h"
|
|
|
df3bb2 |
#include "qemuopts.h"
|
|
|
df3bb2 |
|
|
|
df3bb2 |
-/* Differences in qemu device names on ARMv7 (virtio-mmio), s/390x
|
|
|
df3bb2 |
- * (CCW) vs normal hardware with PCI.
|
|
|
df3bb2 |
- */
|
|
|
df3bb2 |
-#if defined(__arm__)
|
|
|
df3bb2 |
-#define VIRTIO_DEVICE_NAME(type) type "-device"
|
|
|
df3bb2 |
-#elif defined(__s390x__)
|
|
|
df3bb2 |
-#define VIRTIO_DEVICE_NAME(type) type "-ccw"
|
|
|
df3bb2 |
-#else
|
|
|
df3bb2 |
-#define VIRTIO_DEVICE_NAME(type) type "-pci"
|
|
|
df3bb2 |
-#endif
|
|
|
df3bb2 |
-
|
|
|
df3bb2 |
/* Per-handle data. */
|
|
|
df3bb2 |
struct backend_direct_data {
|
|
|
df3bb2 |
pid_t pid; /* Qemu PID. */
|
|
|
df3bb2 |
diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
|
|
|
df3bb2 |
index 7121aee1b..4df26825a 100644
|
|
|
df3bb2 |
--- a/lib/launch-libvirt.c
|
|
|
df3bb2 |
+++ b/lib/launch-libvirt.c
|
|
|
df3bb2 |
@@ -116,7 +116,6 @@ struct backend_libvirt_data {
|
|
|
df3bb2 |
char *selinux_label;
|
|
|
df3bb2 |
char *selinux_imagelabel;
|
|
|
df3bb2 |
bool selinux_norelabel_disks;
|
|
|
df3bb2 |
- char *network_bridge;
|
|
|
df3bb2 |
char name[DOMAIN_NAME_LEN]; /* random name */
|
|
|
df3bb2 |
bool is_kvm; /* false = qemu, true = kvm (from capabilities)*/
|
|
|
df3bb2 |
struct version libvirt_version; /* libvirt version */
|
|
|
df3bb2 |
@@ -157,7 +156,6 @@ static int is_blk (const char *path);
|
|
|
df3bb2 |
static void ignore_errors (void *ignore, virErrorPtr ignore2);
|
|
|
df3bb2 |
static void set_socket_create_context (guestfs_h *g);
|
|
|
df3bb2 |
static void clear_socket_create_context (guestfs_h *g);
|
|
|
df3bb2 |
-static int check_bridge_exists (guestfs_h *g, const char *brname);
|
|
|
df3bb2 |
|
|
|
df3bb2 |
#if HAVE_LIBSELINUX
|
|
|
df3bb2 |
static void selinux_warning (guestfs_h *g, const char *func, const char *selinux_op, const char *data);
|
|
|
df3bb2 |
@@ -438,17 +436,8 @@ launch_libvirt (guestfs_h *g, void *datav, const char *libvirt_uri)
|
|
|
df3bb2 |
guestfs_get_backend_setting (g, "internal_libvirt_imagelabel");
|
|
|
df3bb2 |
data->selinux_norelabel_disks =
|
|
|
df3bb2 |
guestfs_int_get_backend_setting_bool (g, "internal_libvirt_norelabel_disks");
|
|
|
df3bb2 |
- if (g->enable_network) {
|
|
|
df3bb2 |
- data->network_bridge =
|
|
|
df3bb2 |
- guestfs_get_backend_setting (g, "network_bridge");
|
|
|
df3bb2 |
- if (!data->network_bridge)
|
|
|
df3bb2 |
- data->network_bridge = safe_strdup (g, "virbr0");
|
|
|
df3bb2 |
- }
|
|
|
df3bb2 |
guestfs_pop_error_handler (g);
|
|
|
df3bb2 |
|
|
|
df3bb2 |
- if (g->enable_network && check_bridge_exists (g, data->network_bridge) == -1)
|
|
|
df3bb2 |
- goto cleanup;
|
|
|
df3bb2 |
-
|
|
|
df3bb2 |
/* Locate and/or build the appliance. */
|
|
|
df3bb2 |
TRACE0 (launch_build_libvirt_appliance_start);
|
|
|
df3bb2 |
|
|
|
df3bb2 |
@@ -1403,19 +1392,6 @@ construct_libvirt_xml_devices (guestfs_h *g,
|
|
|
df3bb2 |
} end_element ();
|
|
|
df3bb2 |
} end_element ();
|
|
|
df3bb2 |
|
|
|
df3bb2 |
- /* Connect to libvirt bridge (see: RHBZ#1148012). */
|
|
|
df3bb2 |
- if (g->enable_network) {
|
|
|
df3bb2 |
- start_element ("interface") {
|
|
|
df3bb2 |
- attribute ("type", "bridge");
|
|
|
df3bb2 |
- start_element ("source") {
|
|
|
df3bb2 |
- attribute ("bridge", params->data->network_bridge);
|
|
|
df3bb2 |
- } end_element ();
|
|
|
df3bb2 |
- start_element ("model") {
|
|
|
df3bb2 |
- attribute ("type", "virtio");
|
|
|
df3bb2 |
- } end_element ();
|
|
|
df3bb2 |
- } end_element ();
|
|
|
df3bb2 |
- }
|
|
|
df3bb2 |
-
|
|
|
df3bb2 |
/* Libvirt adds some devices by default. Indicate to libvirt
|
|
|
df3bb2 |
* that we don't want them.
|
|
|
df3bb2 |
*/
|
|
|
df3bb2 |
@@ -1823,6 +1799,27 @@ construct_libvirt_xml_qemu_cmdline (guestfs_h *g,
|
|
|
df3bb2 |
attribute ("value", tmpdir);
|
|
|
df3bb2 |
} end_element ();
|
|
|
df3bb2 |
|
|
|
df3bb2 |
+ /* Workaround because libvirt user networking cannot specify "net="
|
|
|
df3bb2 |
+ * parameter.
|
|
|
df3bb2 |
+ */
|
|
|
df3bb2 |
+ if (g->enable_network) {
|
|
|
df3bb2 |
+ start_element ("qemu:arg") {
|
|
|
df3bb2 |
+ attribute ("value", "-netdev");
|
|
|
df3bb2 |
+ } end_element ();
|
|
|
df3bb2 |
+
|
|
|
df3bb2 |
+ start_element ("qemu:arg") {
|
|
|
df3bb2 |
+ attribute ("value", "user,id=usernet,net=169.254.0.0/16");
|
|
|
df3bb2 |
+ } end_element ();
|
|
|
df3bb2 |
+
|
|
|
df3bb2 |
+ start_element ("qemu:arg") {
|
|
|
df3bb2 |
+ attribute ("value", "-device");
|
|
|
df3bb2 |
+ } end_element ();
|
|
|
df3bb2 |
+
|
|
|
df3bb2 |
+ start_element ("qemu:arg") {
|
|
|
df3bb2 |
+ attribute ("value", VIRTIO_DEVICE_NAME ("virtio-net") ",netdev=usernet");
|
|
|
df3bb2 |
+ } end_element ();
|
|
|
df3bb2 |
+ }
|
|
|
df3bb2 |
+
|
|
|
df3bb2 |
/* The qemu command line arguments requested by the caller. */
|
|
|
df3bb2 |
for (hp = g->hv_params; hp; hp = hp->next) {
|
|
|
df3bb2 |
start_element ("qemu:arg") {
|
|
|
df3bb2 |
@@ -2060,49 +2057,6 @@ is_blk (const char *path)
|
|
|
df3bb2 |
return S_ISBLK (statbuf.st_mode);
|
|
|
df3bb2 |
}
|
|
|
df3bb2 |
|
|
|
df3bb2 |
-static int
|
|
|
df3bb2 |
-is_dir (const char *path)
|
|
|
df3bb2 |
-{
|
|
|
df3bb2 |
- struct stat statbuf;
|
|
|
df3bb2 |
-
|
|
|
df3bb2 |
- if (stat (path, &statbuf) == -1)
|
|
|
df3bb2 |
- return 0;
|
|
|
df3bb2 |
- return S_ISDIR (statbuf.st_mode);
|
|
|
df3bb2 |
-}
|
|
|
df3bb2 |
-
|
|
|
df3bb2 |
-/* Used to check the network_bridge exists, or give a useful error
|
|
|
df3bb2 |
- * message.
|
|
|
df3bb2 |
- */
|
|
|
df3bb2 |
-static int
|
|
|
df3bb2 |
-check_bridge_exists (guestfs_h *g, const char *brname)
|
|
|
df3bb2 |
-{
|
|
|
df3bb2 |
- CLEANUP_FREE char *path = NULL;
|
|
|
df3bb2 |
-
|
|
|
df3bb2 |
- /* If this doesn't look like Linux, give up. */
|
|
|
df3bb2 |
- if (!is_dir ("/sys/class/net"))
|
|
|
df3bb2 |
- return 0;
|
|
|
df3bb2 |
-
|
|
|
df3bb2 |
- /* Does the interface exist and is it a bridge? */
|
|
|
df3bb2 |
- path = safe_asprintf (g, "/sys/class/net/%s/bridge", brname);
|
|
|
df3bb2 |
- if (is_dir (path))
|
|
|
df3bb2 |
- return 0;
|
|
|
df3bb2 |
-
|
|
|
df3bb2 |
- error (g,
|
|
|
df3bb2 |
- _("bridge ā%sā not found. Try running:\n"
|
|
|
df3bb2 |
- "\n"
|
|
|
df3bb2 |
- " brctl show\n"
|
|
|
df3bb2 |
- "\n"
|
|
|
df3bb2 |
- "to get a list of bridges on the host, and then selecting the\n"
|
|
|
df3bb2 |
- "bridge you wish the appliance network to connect to using:\n"
|
|
|
df3bb2 |
- "\n"
|
|
|
df3bb2 |
- " export LIBGUESTFS_BACKEND_SETTINGS=network_bridge=<bridge name>\n"
|
|
|
df3bb2 |
- "\n"
|
|
|
df3bb2 |
- "You may also need to allow the bridge in /etc/qemu/bridge.conf.\n"
|
|
|
df3bb2 |
- "For further information see guestfs(3)."),
|
|
|
df3bb2 |
- brname);
|
|
|
df3bb2 |
- return -1;
|
|
|
df3bb2 |
-}
|
|
|
df3bb2 |
-
|
|
|
df3bb2 |
static void
|
|
|
df3bb2 |
ignore_errors (void *ignore, virErrorPtr ignore2)
|
|
|
df3bb2 |
{
|
|
|
df3bb2 |
@@ -2148,9 +2102,6 @@ shutdown_libvirt (guestfs_h *g, void *datav, int check_for_errors)
|
|
|
df3bb2 |
free (data->selinux_imagelabel);
|
|
|
df3bb2 |
data->selinux_imagelabel = NULL;
|
|
|
df3bb2 |
|
|
|
df3bb2 |
- free (data->network_bridge);
|
|
|
df3bb2 |
- data->network_bridge = NULL;
|
|
|
df3bb2 |
-
|
|
|
df3bb2 |
for (i = 0; i < data->nr_secrets; ++i)
|
|
|
df3bb2 |
free (data->secrets[i].secret);
|
|
|
df3bb2 |
free (data->secrets);
|
|
|
df3bb2 |
--
|
|
|
df3bb2 |
2.21.0
|
|
|
df3bb2 |
|