def config_security_check(config, verbose):
"""Checks each resource listed in the config to see if the active
policy will permit creation of a new domain using the config.
Returns 1 if the config passes all tests, otherwise 0.
"""
answer = 1
# get the domain acm_label
domain_label = None
domain_policy = None
for x in sxp.children(config):
if sxp.name(x) == 'security':
domain_label = sxp.child_value(sxp.name(sxp.child0(x)), 'label')
domain_policy = sxp.child_value(sxp.name(sxp.child0(x)), 'policy')
# if no domain label, use default
if not domain_label and security.on():
try:
domain_label = security.ssidref2label(security.NULL_SSIDREF)
except:
import traceback
traceback.print_exc(limit=1)
return 0
domain_policy = 'NULL'
elif not domain_label:
domain_label = ""
domain_policy = 'NULL'
if verbose:
print "Checking resources:"
# build a list of all resources in the config file
resources = []
for x in sxp.children(config):
if sxp.name(x) == 'device':
if sxp.name(sxp.child0(x)) == 'vbd':
resources.append(sxp.child_value(sxp.child0(x), 'uname'))
# perform a security check on each resource
for resource in resources:
try:
security.res_security_check(resource, domain_label)
if verbose:
print " %s: PERMITTED" % (resource)
except security.XSMError:
print " %s: DENIED" % (resource)
(poltype, res_label, res_policy) = security.get_res_label(resource)
if not res_label:
res_label = ""
print " --> res: %s (%s:%s)" % (str(res_label),
str(poltype), str(res_policy))
print " --> dom: %s (%s:%s)" % (str(domain_label),
str(poltype), str(domain_policy))
answer = 0
return answer
def config_security_check(config, verbose):
"""Checks each resource listed in the config to see if the active
policy will permit creation of a new domain using the config.
Returns 1 if the config passes all tests, otherwise 0.
"""
answer = 1
# get the domain acm_label
domain_label = None
domain_policy = None
for x in sxp.children(config):
if sxp.name(x) == 'security':
domain_label = sxp.child_value(sxp.name(sxp.child0(x)), 'label')
domain_policy = sxp.child_value(sxp.name(sxp.child0(x)), 'policy')
# if no domain label, use default
if not domain_label and security.on():
try:
domain_label = security.ssidref2label(security.NULL_SSIDREF)
except:
import traceback
traceback.print_exc(limit=1)
return 0
domain_policy = 'NULL'
elif not domain_label:
domain_label = ""
domain_policy = 'NULL'
if verbose:
print "Checking resources:"
# build a list of all resources in the config file
resources = []
for x in sxp.children(config):
if sxp.name(x) == 'device':
if sxp.name(sxp.child0(x)) == 'vbd':
resources.append(sxp.child_value(sxp.child0(x), 'uname'))
# perform a security check on each resource
for resource in resources:
try:
security.res_security_check(resource, domain_label)
if verbose:
print " %s: PERMITTED" % (resource)
except security.XSMError:
print " %s: DENIED" % (resource)
(poltype, res_label, res_policy) = security.get_res_label(resource)
if not res_label:
res_label = ""
print " --> res: %s (%s:%s)" % (str(res_label), str(poltype),
str(res_policy))
print " --> dom: %s (%s:%s)" % (str(domain_label), str(poltype),
str(domain_policy))
answer = 0
return answer
def get_vbd_paths(domain):
info = server.xend.domain(domain,1)
devices = [x[1] for x in sxp.children(info,'device')]
vbds = sxp.children(devices,'vbd')
for vbd in vbds:
path = sxp.child_value(vbd,'uname')
if path.startswith("phy:"):
path = path.replace("phy:", "/dev/")
elif path.startswith("file:"):
path = path.replace("file:", "")
else :
raise 'not handled'
yield path
def get_vbd_paths(domain):
info = server.xend.domain(domain)
devices = [x[1] for x in sxp.children(info, 'device')]
vbds = sxp.children(devices, 'vbd')
for vbd in vbds:
path = sxp.child_value(vbd, 'uname')
if path.startswith("phy:"):
path = path.replace("phy:", "/dev/")
elif path.startswith("file:"):
path = path.replace("file:", "")
else:
raise 'not handled'
yield path
def extract_pcis(self, pcis_sxp, document):
pcis = []
for pci_sxp in pcis_sxp:
for dev_sxp in sxp.children(pci_sxp, "dev"):
pci = document.createElement("pci")
pci.attributes["domain"] \
= get_child_by_name(dev_sxp, "domain", "0")
pci.attributes["bus"] \
= get_child_by_name(dev_sxp, "bus", "0")
pci.attributes["slot"] \
= get_child_by_name(dev_sxp, "slot", "0")
pci.attributes["func"] \
= get_child_by_name(dev_sxp, "func", "0")
pci.attributes["vdevfn"] \
= get_child_by_name(dev_sxp, "vdevfn", "0")
pci.attributes["key"] \
= get_child_by_name(dev_sxp, "key", "0")
for opt in pci_opts_list_from_sxp(dev_sxp):
pci_opt = document.createElement("pci_opt")
pci_opt.attributes["key"] = opt[0]
pci_opt.attributes["value"] = opt[1]
pci.appendChild(pci_opt)
pcis.append(pci)
return pcis
def extract_pcis(self, pcis_sxp, document):
pcis = []
for pci_sxp in pcis_sxp:
for dev_sxp in sxp.children(pci_sxp, "dev"):
pci = document.createElement("pci")
pci.attributes["domain"] \
= get_child_by_name(dev_sxp, "domain", "0")
pci.attributes["bus"] \
= get_child_by_name(dev_sxp, "bus", "0")
pci.attributes["slot"] \
= get_child_by_name(dev_sxp, "slot", "0")
pci.attributes["func"] \
= get_child_by_name(dev_sxp, "func", "0")
pci.attributes["vdevfn"] \
= get_child_by_name(dev_sxp, "vdevfn", "0")
pci.attributes["key"] \
= get_child_by_name(dev_sxp, "key", "0")
for opt in pci_opts_list_from_sxp(dev_sxp):
pci_opt = document.createElement("pci_opt")
pci_opt.attributes["key"] = opt[0]
pci_opt.attributes["value"] = opt[1]
pci.appendChild(pci_opt)
pcis.append(pci)
return pcis
def getDeviceDetails(self, config):
"""@see DevController.getDeviceDetails"""
#log.debug('pci config='+sxp.to_string(config))
def get_param(config, field, default=None):
try:
val = sxp.child_value(config, field)
if not val:
if default == None:
raise VmError('pci: Missing %s config setting' % field)
else:
return default
if isinstance(val, types.StringType):
return int(val, 16)
else:
return val
except:
if default == None:
raise VmError('pci: Invalid config setting %s: %s' %
(field, val))
else:
return default
back = {}
val = sxp.child_value(config, 'dev')
if isinstance(val, list):
pcidevid = 0
for dev_config in sxp.children(config, 'dev'):
domain = get_param(dev_config, 'domain', 0)
bus = get_param(dev_config, 'bus')
slot = get_param(dev_config, 'slot')
func = get_param(dev_config, 'func')
self.setupDevice(domain, bus, slot, func)
back['dev-%i'%(pcidevid)]="%04x:%02x:%02x.%02x"% \
(domain, bus, slot, func)
pcidevid += 1
back['num_devs'] = str(pcidevid)
else:
# Xen 2.0 configuration compatibility
domain = get_param(dev_config, 'domain', 0)
bus = get_param(config, 'bus')
slot = get_param(config, 'dev')
func = get_param(config, 'func')
self.setupDevice(domain, bus, slot, func)
back['dev-0'] = "%04x:%02x:%02x.%02x" % (domain, bus, slot, func)
back['num_devs'] = str(1)
return (0, back, {})
def getDeviceDetails(self, config):
"""@see DevController.getDeviceDetails"""
#log.debug('pci config='+sxp.to_string(config))
def get_param(config, field, default=None):
try:
val = sxp.child_value(config, field)
if not val:
if default==None:
raise VmError('pci: Missing %s config setting' % field)
else:
return default
if isinstance(val, types.StringType):
return int(val, 16)
else:
return val
except:
if default==None:
raise VmError('pci: Invalid config setting %s: %s' %
(field, val))
else:
return default
back = {}
val = sxp.child_value(config, 'dev')
if isinstance(val, list):
pcidevid = 0
for dev_config in sxp.children(config, 'dev'):
domain = get_param(dev_config, 'domain', 0)
bus = get_param(dev_config,'bus')
slot = get_param(dev_config,'slot')
func = get_param(dev_config,'func')
self.setupDevice(domain, bus, slot, func)
back['dev-%i'%(pcidevid)]="%04x:%02x:%02x.%02x"% \
(domain, bus, slot, func)
pcidevid+=1
back['num_devs']=str(pcidevid)
else:
# Xen 2.0 configuration compatibility
domain = get_param(dev_config, 'domain', 0)
bus = get_param(config, 'bus')
slot = get_param(config, 'dev')
func = get_param(config, 'func')
self.setupDevice(domain, bus, slot, func)
back['dev-0']="%04x:%02x:%02x.%02x"%(domain, bus, slot, func)
back['num_devs']=str(1)
return (0, back, {})
def sxp2hash(s):
sxphash = {}
for child in sxp.children(s):
if isinstance(child, types.ListType) and len(child) > 1:
if isinstance(child[1], types.ListType) and len(child) > 1:
sxphash[child[0]] = sxp2hash(child[1])
else:
sxphash[child[0]] = child[1]
return sxphash
def sxp2hash(s):
sxphash = {}
for child in sxp.children(s):
if isinstance(child, types.ListType) and len(child) > 1:
if isinstance(child[1], types.ListType) and len(child) > 1:
sxphash[child[0]] = sxp2hash(child[1])
else:
sxphash[child[0]] = child[1]
return sxphash
def sxp2map( s ):
""" conversion of sxp to map.
@param s: sxp expr
@type s: list
@return: map
@rtype: dict
"""
sxphash = {}
for child in sxp.children( s ):
if isinstance( child, types.ListType ) and len( child ) > 1:
if isinstance( child[1], types.ListType ) and len( child[1] ) > 1:
sxphash[ child[0] ] = sxp2map( child )
else:
childs = sxp.children(child)
if len(childs) > 1:
sxphash[ child[0] ] = childs
else:
sxphash[ child[0] ] = childs[0]
return sxphash
def sxp2map(s):
""" conversion of sxp to map.
@param s: sxp expr
@type s: list
@return: map
@rtype: dict
"""
sxphash = {}
for child in sxp.children(s):
if isinstance(child, types.ListType) and len(child) > 1:
if isinstance(child[1], types.ListType) and len(child[1]) > 1:
sxphash[child[0]] = sxp2map(child)
else:
childs = sxp.children(child)
if len(childs) > 1:
sxphash[child[0]] = childs
else:
sxphash[child[0]] = childs[0]
return sxphash
def getVncPort(domain):
port = "0"
if re.search("\w-(\d+-)?\d+-VM", domain):
server = ServerProxy(XendClient.uri)
dom = server.xend.domain(domain, 1)
devices = [child for child in sxp.children(dom)
if len(child) > 0 and child[0] == "device"]
vfbs_sxp = map(lambda x: x[1], [device for device in devices
if device[1][0] == "vfb"])[0]
loc = [child for child in vfbs_sxp
if child[0] == "location"][0][1]
listner, port = loc.split(":")
else:
print "no valid domain: %s" % domain
return port
def extract_scsis(self, scsis_sxp, document):
scsis = []
for scsi_sxp in scsis_sxp:
for dev_sxp in sxp.children(scsi_sxp, "dev"):
scsi = document.createElement("vscsi")
scsi.attributes["p-dev"] \
= get_child_by_name(dev_sxp, "p-dev")
scsi.attributes["v-dev"] \
= get_child_by_name(dev_sxp, "v-dev")
scsis.append(scsi)
return scsis
def extract_scsis(self, scsis_sxp, document):
scsis = []
for scsi_sxp in scsis_sxp:
for dev_sxp in sxp.children(scsi_sxp, "dev"):
scsi = document.createElement("vscsi")
scsi.attributes["p-dev"] \
= get_child_by_name(dev_sxp, "p-dev")
scsi.attributes["v-dev"] \
= get_child_by_name(dev_sxp, "v-dev")
scsis.append(scsi)
return scsis
def getVncPort(domain):
port = "0"
if re.search("\w-(\d+-)?\d+-VM", domain):
server = ServerProxy(XendClient.uri)
dom = server.xend.domain(domain, 1)
devices = [
child for child in sxp.children(dom)
if len(child) > 0 and child[0] == "device"
]
vfbs_sxp = map(lambda x: x[1],
[device
for device in devices if device[1][0] == "vfb"])[0]
loc = [child for child in vfbs_sxp if child[0] == "location"][0][1]
listner, port = loc.split(":")
else:
print "no valid domain: %s" % domain
return port
def check_domain_label(config, verbose):
"""All that we need to check here is that the domain label exists and
is not null when security is on. Other error conditions are
handled when the config file is parsed.
"""
answer = 0
default_label = None
secon = 0
if security.on():
default_label = security.ssidref2label(security.NULL_SSIDREF)
secon = 1
# get the domain acm_label
dom_label = None
dom_name = None
for x in sxp.children(config):
if sxp.name(x) == 'security':
dom_label = sxp.child_value(sxp.name(sxp.child0(x)), 'label')
if sxp.name(x) == 'name':
dom_name = sxp.child0(x)
# sanity check on domain label
if verbose:
print "Checking domain:"
if (not secon) and (not dom_label):
answer = 1
if verbose:
print " %s: PERMITTED" % (dom_name)
elif (secon) and (dom_label) and (dom_label != default_label):
answer = 1
if verbose:
print " %s: PERMITTED" % (dom_name)
else:
print " %s: DENIED" % (dom_name)
if not secon:
print " --> Security off, but domain labeled"
else:
print " --> Domain not labeled"
answer = 0
return answer
def check_domain_label(config, verbose):
"""All that we need to check here is that the domain label exists and
is not null when security is on. Other error conditions are
handled when the config file is parsed.
"""
answer = 0
default_label = None
secon = 0
if security.on():
default_label = security.ssidref2label(security.NULL_SSIDREF)
secon = 1
# get the domain acm_label
dom_label = None
dom_name = None
for x in sxp.children(config):
if sxp.name(x) == 'security':
dom_label = sxp.child_value(sxp.name(sxp.child0(x)), 'label')
if sxp.name(x) == 'name':
dom_name = sxp.child0(x)
# sanity check on domain label
if verbose:
print "Checking domain:"
if (not secon) and (not dom_label):
answer = 1
if verbose:
print " %s: PERMITTED" % (dom_name)
elif (secon) and (dom_label) and (dom_label != default_label):
answer = 1
if verbose:
print " %s: PERMITTED" % (dom_name)
else:
print " %s: DENIED" % (dom_name)
if not secon:
print " --> Security off, but domain labeled"
else:
print " --> Domain not labeled"
answer = 0
return answer
def extract_pcis(self, pcis_sxp, document):
pcis = []
for pci_sxp in pcis_sxp:
for dev_sxp in sxp.children(pci_sxp, "dev"):
pci = document.createElement("pci")
pci.attributes["domain"] \
= get_child_by_name(dev_sxp, "domain", "0")
pci.attributes["bus"] \
= get_child_by_name(dev_sxp, "bus", "0")
pci.attributes["slot"] \
= get_child_by_name(dev_sxp, "slot", "0")
pci.attributes["func"] \
= get_child_by_name(dev_sxp, "func", "0")
pci.attributes["vslt"] \
= get_child_by_name(dev_sxp, "vslt", "0")
pcis.append(pci)
return pcis
def extract_pcis(self, pcis_sxp, document):
pcis = []
for pci_sxp in pcis_sxp:
for dev_sxp in sxp.children(pci_sxp, "dev"):
pci = document.createElement("pci")
pci.attributes["domain"] \
= get_child_by_name(dev_sxp, "domain", "0")
pci.attributes["bus"] \
= get_child_by_name(dev_sxp, "bus", "0")
pci.attributes["slot"] \
= get_child_by_name(dev_sxp, "slot", "0")
pci.attributes["func"] \
= get_child_by_name(dev_sxp, "func", "0")
pci.attributes["vslt"] \
= get_child_by_name(dev_sxp, "vslt", "0")
pcis.append(pci)
return pcis
def extract_scsis(self, scsis_sxp, document):
scsis = []
for scsi_sxp in scsis_sxp:
feature_host = sxp.child_value(scsi_sxp, "feature-host")
for dev_sxp in sxp.children(scsi_sxp, "dev"):
scsi = document.createElement("vscsi")
scsi.attributes["feature-host"] \
= feature_host and "True" or "False"
if feature_host:
scsi.attributes["devid"] \
= str(get_child_by_name(dev_sxp, "devid"))
scsis.append(scsi)
break
else:
scsi.attributes["p-dev"] \
= get_child_by_name(dev_sxp, "p-dev")
scsi.attributes["v-dev"] \
= get_child_by_name(dev_sxp, "v-dev")
scsis.append(scsi)
return scsis
def extract_scsis(self, scsis_sxp, document):
scsis = []
for scsi_sxp in scsis_sxp:
feature_host = sxp.child_value(scsi_sxp, "feature-host")
for dev_sxp in sxp.children(scsi_sxp, "dev"):
scsi = document.createElement("vscsi")
scsi.attributes["feature-host"] \
= feature_host and "True" or "False"
if feature_host:
scsi.attributes["devid"] \
= str(get_child_by_name(dev_sxp, "devid"))
scsis.append(scsi)
break
else:
scsi.attributes["p-dev"] \
= get_child_by_name(dev_sxp, "p-dev")
scsi.attributes["v-dev"] \
= get_child_by_name(dev_sxp, "v-dev")
scsis.append(scsi)
return scsis
def xm_vcpu_list(args):
if args:
dominfo = map(server.xend.domain.getVCPUInfo, args)
else:
doms = server.xend.domains(False)
dominfo = map(server.xend.domain.getVCPUInfo, doms)
print 'Name ID VCPU CPU State Time(s) CPU Affinity'
for dom in dominfo:
def get_info(n):
return sxp.child_value(dom, n)
#
# convert a list of integers into a list of pairs indicating
# continuous sequences in the list:
#
# [0,1,2,3] -> [(0,3)]
# [1,2,4,5] -> [(1,2),(4,5)]
# [0] -> [(0,0)]
# [0,1,4,6,7] -> [(0,1),(4,4),(6,7)]
#
def list_to_rangepairs(cmap):
cmap.sort()
pairs = []
x = y = 0
for i in range(0, len(cmap)):
try:
if ((cmap[y + 1] - cmap[i]) > 1):
pairs.append((cmap[x], cmap[y]))
x = y = i + 1
else:
y = y + 1
# if we go off the end, then just add x to y
except IndexError:
pairs.append((cmap[x], cmap[y]))
return pairs
#
# Convert pairs to range string, e.g: [(1,2),(3,3),(5,7)] -> 1-2,3,5-7
#
def format_pairs(pairs):
if not pairs:
return "no cpus"
out = ""
for f, s in pairs:
if (f == s):
out += '%d' % f
else:
out += '%d-%d' % (f, s)
out += ','
# trim trailing ','
return out[:-1]
def format_cpumap(cpumap):
cpumap = map(lambda x: int(x), cpumap)
cpumap.sort()
for x in server.xend.node.info()[1:]:
if len(x) > 1 and x[0] == 'nr_cpus':
nr_cpus = int(x[1])
# normalize cpumap by modulus nr_cpus, and drop duplicates
cpumap = dict.fromkeys(map(lambda x: x % nr_cpus,
cpumap)).keys()
if len(cpumap) == nr_cpus:
return "any cpu"
break
return format_pairs(list_to_rangepairs(cpumap))
name = get_info('name')
domid = int(get_info('domid'))
for vcpu in sxp.children(dom, 'vcpu'):
def vinfo(n, t):
return t(sxp.child_value(vcpu, n))
number = vinfo('number', int)
cpu = vinfo('cpu', int)
cpumap = format_cpumap(vinfo('cpumap', list))
online = vinfo('online', int)
cpu_time = vinfo('cpu_time', float)
running = vinfo('running', int)
blocked = vinfo('blocked', int)
if online:
c = str(cpu)
if running:
s = 'r'
else:
s = '-'
if blocked:
s += 'b'
else:
s += '-'
s += '-'
else:
c = "-"
s = "--p"
print(
"%(name)-32s %(domid)3d %(number)4d %(c)3s %(s)-3s %(cpu_time)7.1f %(cpumap)s"
% locals())
def xm_vcpu_list(args):
if args:
dominfo = map(server.xend.domain.getVCPUInfo, args)
else:
doms = server.xend.domains(False)
dominfo = map(server.xend.domain.getVCPUInfo, doms)
print "Name ID VCPU CPU State Time(s) CPU Affinity"
for dom in dominfo:
def get_info(n):
return sxp.child_value(dom, n)
#
# convert a list of integers into a list of pairs indicating
# continuous sequences in the list:
#
# [0,1,2,3] -> [(0,3)]
# [1,2,4,5] -> [(1,2),(4,5)]
# [0] -> [(0,0)]
# [0,1,4,6,7] -> [(0,1),(4,4),(6,7)]
#
def list_to_rangepairs(cmap):
cmap.sort()
pairs = []
x = y = 0
for i in range(0, len(cmap)):
try:
if (cmap[y + 1] - cmap[i]) > 1:
pairs.append((cmap[x], cmap[y]))
x = y = i + 1
else:
y = y + 1
# if we go off the end, then just add x to y
except IndexError:
pairs.append((cmap[x], cmap[y]))
return pairs
#
# Convert pairs to range string, e.g: [(1,2),(3,3),(5,7)] -> 1-2,3,5-7
#
def format_pairs(pairs):
if not pairs:
return "no cpus"
out = ""
for f, s in pairs:
if f == s:
out += "%d" % f
else:
out += "%d-%d" % (f, s)
out += ","
# trim trailing ','
return out[:-1]
def format_cpumap(cpumap):
cpumap = map(lambda x: int(x), cpumap)
cpumap.sort()
for x in server.xend.node.info()[1:]:
if len(x) > 1 and x[0] == "nr_cpus":
nr_cpus = int(x[1])
# normalize cpumap by modulus nr_cpus, and drop duplicates
cpumap = dict.fromkeys(map(lambda x: x % nr_cpus, cpumap)).keys()
if len(cpumap) == nr_cpus:
return "any cpu"
break
return format_pairs(list_to_rangepairs(cpumap))
name = get_info("name")
domid = int(get_info("domid"))
for vcpu in sxp.children(dom, "vcpu"):
def vinfo(n, t):
return t(sxp.child_value(vcpu, n))
number = vinfo("number", int)
cpu = vinfo("cpu", int)
cpumap = format_cpumap(vinfo("cpumap", list))
online = vinfo("online", int)
cpu_time = vinfo("cpu_time", float)
running = vinfo("running", int)
blocked = vinfo("blocked", int)
if online:
c = str(cpu)
if running:
s = "r"
else:
s = "-"
if blocked:
s += "b"
else:
s += "-"
s += "-"
else:
c = "-"
s = "--p"
print ("%(name)-32s %(domid)3d %(number)4d %(c)3s %(s)-3s %(cpu_time)7.1f %(cpumap)s" % locals())
def _get_config_ipaddr(config):
val = []
for ipaddr in sxp.children(config, elt='ip'):
val.append(sxp.child0(ipaddr))
return val
def convert_sxp_to_xml(self, config, transient=False):
devices = [child for child in sxp.children(config)
if len(child) > 0 and child[0] == "device"]
vbds_sxp = map(lambda x: x[1], [device for device in devices
if device[1][0] in ("vbd", "tap", "tap2")])
vifs_sxp = map(lambda x: x[1], [device for device in devices
if device[1][0] == "vif"])
vtpms_sxp = map(lambda x: x[1], [device for device in devices
if device[1][0] == "vtpm"])
vfbs_sxp = map(lambda x: x[1], [device for device in devices
if device[1][0] == "vfb"])
pcis_sxp = map(lambda x: x[1], [device for device in devices
if device[1][0] == "pci"])
scsis_sxp = map(lambda x: x[1], [device for device in devices
if device[1][0] == "vscsi"])
# Create XML Document
impl = getDOMImplementation()
document = impl.createDocument(None, "xm", None)
# Lets make the VM tag..
vm = document.createElement("vm")
# Some string compatibility
actions_after_shutdown \
= get_child_by_name(config, "on_poweroff", "destroy")
actions_after_reboot \
= get_child_by_name(config, "on_reboot", "restart")
actions_after_crash \
= get_child_by_name(config, "on_crash", "restart")
def conv_chk(val, vals):
lval = val.replace("-", "_")
if lval not in vals:
raise ValueError("Invalid value: %s" % val)
else:
return lval
actions_after_shutdown = conv_chk(actions_after_shutdown,\
XEN_API_ON_NORMAL_EXIT)
actions_after_reboot = conv_chk(actions_after_reboot, \
XEN_API_ON_NORMAL_EXIT)
actions_after_crash = conv_chk(actions_after_crash, \
XEN_API_ON_CRASH_BEHAVIOUR)
# Flesh out tag attributes
vm.attributes["is_a_template"] = "false"
vm.attributes["auto_power_on"] = "false"
vm.attributes["actions_after_shutdown"] \
= actions_after_shutdown
vm.attributes["actions_after_reboot"] \
= actions_after_reboot
vm.attributes["actions_after_crash"] \
= actions_after_crash
vm.attributes["PCI_bus"] = ""
vm.attributes["vcpus_max"] \
= str(get_child_by_name(config, "vcpus", 1))
vm.attributes["vcpus_at_startup"] \
= str(get_child_by_name(config, "vcpus", 1))
vm.attributes["s3_integrity"] \
= str(get_child_by_name(config, "s3_integrity", 0))
vm.attributes["superpages"] \
= str(get_child_by_name(config, "superpages", 0))
sec_data = get_child_by_name(config, "security")
if sec_data:
try :
vm.attributes['security_label'] = \
security.set_security_label(sec_data[0][1][1],sec_data[0][2][1])
except Exception, e:
raise "Invalid security data format: %s" % str(sec_data)
def pci_convert_sxp_to_dict(dev_sxp):
"""Convert pci device sxp to dict
@param dev_sxp: device configuration
@type dev_sxp: SXP object (parsed config)
@return: dev_config
@rtype: dictionary
"""
# Parsing the device SXP's. In most cases, the SXP looks
# like this:
#
# [device, [vif, [mac, xx:xx:xx:xx:xx:xx], [ip 1.3.4.5]]]
#
# However, for PCI devices it looks like this:
#
# [device, [pci, [dev, [domain, 0], [bus, 0], [slot, 1], [func, 2]]]
#
# It seems the reasoning for this difference is because
# pciif.py needs all the PCI device configurations at
# the same time when creating the devices.
#
# To further complicate matters, Xen 2.0 configuration format
# uses the following for pci device configuration:
#
# [device, [pci, [domain, 0], [bus, 0], [dev, 1], [func, 2]]]
# For PCI device hotplug support, the SXP of PCI devices is
# extendend like this:
#
# [device, [pci, [dev, [domain, 0], [bus, 0], [slot, 1], [func, 2],
# [vdevfn, 0]],
# [state, 'Initialising']]]
#
# 'vdevfn' shows the virtual hotplug slot number which the PCI device
# is inserted in. This is only effective for HVM domains.
#
# state 'Initialising' indicates that the device is being attached,
# while state 'Closing' indicates that the device is being detached.
#
# The Dict looks like this:
#
# { devs: [{domain: 0, bus: 0, slot: 1, func: 2, vdevfn: 0}],
# states: ['Initialising'] }
dev_config = {}
pci_devs = []
for pci_dev in sxp.children(dev_sxp, 'dev'):
pci_dev_info = dict(pci_dev[1:])
if 'opts' in pci_dev_info:
pci_dev_info['opts'] = pci_opts_list_from_sxp(pci_dev)
# If necessary, initialize uuid, key, and vdevfn for each pci device
if not pci_dev_info.has_key('uuid'):
pci_dev_info['uuid'] = uuid.createString()
if not pci_dev_info.has_key('key'):
pci_dev_info['key'] = "%02x:%02x.%x" % \
(int(pci_dev_info['bus'], 16),
int(pci_dev_info['slot'], 16),
int(pci_dev_info['func'], 16))
if not pci_dev_info.has_key('vdevfn'):
pci_dev_info['vdevfn'] = "0x%02x" % AUTO_PHP_SLOT
pci_devs.append(pci_dev_info)
dev_config['devs'] = pci_devs
pci_states = []
for pci_state in sxp.children(dev_sxp, 'state'):
try:
pci_states.append(pci_state[1])
except IndexError:
raise XendError("Error reading state while parsing pci sxp")
dev_config['states'] = pci_states
return dev_config
def pci_opts_list_from_sxp(dev):
return map(lambda x: sxp.children(x)[0], sxp.children(dev, 'opts'))
def configure(self):
log.info("Configuring vnet %s", self.id)
val = vnet_cmd(['vnet.add'] + sxp.children(self.config))
Brctl.bridge_create(self.bridge)
Brctl.vif_bridge_add({'bridge': self.bridge, 'vif': self.vnetif})
return val
def get_child_by_name(exp, childname, default=None):
try:
return [child for child in sxp.children(exp)
if child[0] == childname][0][1]
except:
return default
def pci_opts_list_from_sxp(dev):
return map(lambda x: sxp.children(x)[0], sxp.children(dev, 'opts'))
def pci_convert_sxp_to_dict(dev_sxp):
"""Convert pci device sxp to dict
@param dev_sxp: device configuration
@type dev_sxp: SXP object (parsed config)
@return: dev_config
@rtype: dictionary
"""
# Parsing the device SXP's. In most cases, the SXP looks
# like this:
#
# [device, [vif, [mac, xx:xx:xx:xx:xx:xx], [ip 1.3.4.5]]]
#
# However, for PCI devices it looks like this:
#
# [device, [pci, [dev, [domain, 0], [bus, 0], [slot, 1], [func, 2]]]
#
# It seems the reasoning for this difference is because
# pciif.py needs all the PCI device configurations at
# the same time when creating the devices.
#
# To further complicate matters, Xen 2.0 configuration format
# uses the following for pci device configuration:
#
# [device, [pci, [domain, 0], [bus, 0], [dev, 1], [func, 2]]]
# For PCI device hotplug support, the SXP of PCI devices is
# extendend like this:
#
# [device, [pci, [dev, [domain, 0], [bus, 0], [slot, 1], [func, 2],
# [vdevfn, 0]],
# [state, 'Initialising']]]
#
# 'vdevfn' shows the virtual hotplug slot number which the PCI device
# is inserted in. This is only effective for HVM domains.
#
# state 'Initialising' indicates that the device is being attached,
# while state 'Closing' indicates that the device is being detached.
#
# The Dict looks like this:
#
# { devs: [{domain: 0, bus: 0, slot: 1, func: 2, vdevfn: 0}],
# states: ['Initialising'] }
dev_config = {}
pci_devs = []
for pci_dev in sxp.children(dev_sxp, 'dev'):
pci_dev_info = dict(pci_dev[1:])
if 'opts' in pci_dev_info:
pci_dev_info['opts'] = pci_opts_list_from_sxp(pci_dev)
# append uuid to each pci device that does't already have one.
if not pci_dev_info.has_key('uuid'):
dpci_uuid = pci_dev_info.get('uuid', uuid.createString())
pci_dev_info['uuid'] = dpci_uuid
pci_devs.append(pci_dev_info)
dev_config['devs'] = pci_devs
pci_states = []
for pci_state in sxp.children(dev_sxp, 'state'):
try:
pci_states.append(pci_state[1])
except IndexError:
raise XendError("Error reading state while parsing pci sxp")
dev_config['states'] = pci_states
return dev_config
try:
if not os.path.isdir("/var/lib/xen"):
os.makedirs("/var/lib/xen")
except Exception, exn:
log.exception("Can't create directory '/var/lib/xen'")
raise XendError("Can't create directory '/var/lib/xen'")
write_exact(fd, SIGNATURE, "could not write guest state file: signature")
sxprep = dominfo.sxpr()
if node > -1:
insert_after(sxprep, 'vcpus', ['node', str(node)])
for device_sxp in sxp.children(sxprep, 'device'):
backend = sxp.child(device_sxp[1], 'backend')
if backend == None:
continue
bkdominfo = XendDomain.instance().domain_lookup_nr(backend[1])
if bkdominfo == None:
raise XendError("Could not find backend: %s" % backend[1])
if bkdominfo.getDomid() == XendDomain.DOM0_ID:
# Skip for compatibility of checkpoint data format
continue
backend[1] = bkdominfo.getName()
config = sxp.to_string(sxprep)
domain_name = dominfo.getName()
# Rename the domain temporarily, so that we don't get a name clash if this
def get_child_by_name(exp, childname, default = None):
try:
return [child for child in sxp.children(exp)
if child[0] == childname][0][1]
except:
return default
try:
if not os.path.isdir("/var/lib/xen"):
os.makedirs("/var/lib/xen")
except Exception, exn:
log.exception("Can't create directory '/var/lib/xen'")
raise XendError("Can't create directory '/var/lib/xen'")
write_exact(fd, SIGNATURE, "could not write guest state file: signature")
sxprep = dominfo.sxpr()
if node > -1:
insert_after(sxprep, "vcpus", ["node", str(node)])
for device_sxp in sxp.children(sxprep, "device"):
backend = sxp.child(device_sxp[1], "backend")
if backend == None:
continue
bkdominfo = XendDomain.instance().domain_lookup_nr(backend[1])
if bkdominfo == None:
raise XendError("Could not find backend: %s" % backend[1])
if bkdominfo.getDomid() == XendDomain.DOM0_ID:
# Skip for compatibility of checkpoint data format
continue
backend[1] = bkdominfo.getName()
config = sxp.to_string(sxprep)
domain_name = dominfo.getName()
# Rename the domain temporarily, so that we don't get a name clash if this
try:
if not os.path.isdir("/var/lib/xen"):
os.makedirs("/var/lib/xen")
except Exception, exn:
log.exception("Can't create directory '/var/lib/xen'")
raise XendError("Can't create directory '/var/lib/xen'")
write_exact(fd, SIGNATURE, "could not write guest state file: signature")
sxprep = dominfo.sxpr()
if node > -1:
insert_after(sxprep,'vcpus',['node', str(node)])
for device_sxp in sxp.children(sxprep, 'device'):
backend = sxp.child(device_sxp[1], 'backend')
if backend == None:
continue
bkdominfo = XendDomain.instance().domain_lookup_nr(backend[1])
if bkdominfo == None:
raise XendError("Could not find backend: %s" % backend[1])
if bkdominfo.getDomid() == XendDomain.DOM0_ID:
# Skip for compatibility of checkpoint data format
continue
backend[1] = bkdominfo.getName()
config = sxp.to_string(sxprep)
domain_name = dominfo.getName()
# Rename the domain temporarily, so that we don't get a name clash if this
def configure(self):
log.info("Configuring vnet %s", self.id)
val = vnet_cmd(['vnet.add'] + sxp.children(self.config))
Brctl.bridge_create(self.bridge)
Brctl.vif_bridge_add({'bridge': self.bridge, 'vif': self.vnetif})
return val
def convert_sxp_to_xml(self, config, transient=False):
devices = [
child for child in sxp.children(config)
if len(child) > 0 and child[0] == "device"
]
vbds_sxp = map(lambda x: x[1],
[device for device in devices if device[1][0] == "vbd"])
vifs_sxp = map(lambda x: x[1],
[device for device in devices if device[1][0] == "vif"])
vtpms_sxp = map(
lambda x: x[1],
[device for device in devices if device[1][0] == "vtpm"])
# Create XML Document
impl = getDOMImplementation()
document = impl.createDocument(None, "xm", None)
# Lets make the VM tag..
vm = document.createElement("vm")
# Some string compatibility
actions_after_shutdown \
= get_child_by_name(config, "on_poweroff", "destroy")
actions_after_reboot \
= get_child_by_name(config, "on_reboot", "restart")
actions_after_crash \
= get_child_by_name(config, "on_crash", "restart")
def conv_chk(val, vals):
val.replace("-", "_")
if val not in vals:
raise "Invalid value: " + val
else:
return val
actions_after_shutdown = conv_chk(actions_after_shutdown,\
XEN_API_ON_NORMAL_EXIT)
actions_after_reboot = conv_chk(actions_after_reboot, \
XEN_API_ON_NORMAL_EXIT)
actions_after_crash = conv_chk(actions_after_crash, \
XEN_API_ON_CRASH_BEHAVIOUR)
# Flesh out tag attributes
vm.attributes["is_a_template"] = "false"
vm.attributes["auto_power_on"] = "false"
vm.attributes["actions_after_shutdown"] \
= actions_after_shutdown
vm.attributes["actions_after_reboot"] \
= actions_after_reboot
vm.attributes["actions_after_crash"] \
= actions_after_crash
vm.attributes["PCI_bus"] = ""
vm.attributes["vcpus_max"] \
= str(get_child_by_name(config, "vcpus", 1))
vm.attributes["vcpus_at_startup"] \
= str(get_child_by_name(config, "vcpus", 1))
sec_data = get_child_by_name(config, "security")
if sec_data:
try:
vm.attributes['security_label'] = \
security.set_security_label(sec_data[0][1][1],sec_data[0][2][1])
except Exception, e:
raise "Invalid security data format: %s" % str(sec_data)
def _get_config_ipaddr(config):
val = []
for ipaddr in sxp.children(config, elt='ip'):
val.append(sxp.child0(ipaddr))
return val
