* src/remote_internal.c: in remoteOpen() allow the daemon itself to make
  RPCs to an external libvirtd, but only if the URI is fully specified.

* src/qemu_driver.c: Free the vm->monitor_chr field at VM shutdown.
  Unlink the UNIX domain socket at VM shutdown to avoid littering
  FS with old sockets

* src/qemu_driver.c: Change ownership of /var/{lib,cache}/libvirt/qemu
  to match user/group that QEMU VMs are configured to run as.

Separate the guest created QEMU monitor socket location
from the libvirtd create XML / PID data files, to improve
security separation when running QEMU non-root

* libvirt.spec.in: Leave /var/run/libvirt/qemu as root:root
* src/qemu_conf.h: Add libDir and cacheDir directory paths
* src/qemu_driver.c: Move QEMU monitor socket from
  stateDir to libDir to avoid making security critical directory
  accessible to QEMU guests.
* src/util.c: Delay running hook till after damonizing to
  ensure pidfile is still written before changing UID/GID

* src/xen_internal.c (xenHypervisorSetSchedulerParameters): Remove
set-but-never-used local variables, cap_set and weight_set.

* src/esx/esx_vi.c (esxVI_Enumeration_Deserialize): Fix
reversed goto and result=-1 statements.

* src/node_device_conf.c (virNodeDeviceDefFormat): Remove dead
initialization.

* src/openvz_conf.c (openvzReadNetworkConf): Initialize "net".
Otherwise, upon openvzRead... failure, we would "goto error;"
where an uninitialized "net" could be dereferenced.

* src/test.c (testOpenVolumesForPool): Upon early virAsprintf or
virXPathNodeSet failure, "goto error" would take us to
virStorageVolDefFree(def), but with "def" not defined.
Initialize it to NULL.

* src/uml_conf.c (umlBuildCommandLineChr): Initialize "ret".

* src/storage_backend.c: Include "internal.h".
(virStorageBackendCopyToFD): Mark inputvol parameter as "nonnull".
Remove test for non-NULL inputvol.  Both callers ensure it's non-NULL.

* src/libvirt.c (virStoragePoolSetAutostart): Return -1 if the pool
argument is invalid, rather than "goto error" where we could dereference
that possibly-NULL "pool".
(virConnectFindStoragePoolSources): Likewise.
(virConnectNumOfDomains): Likewise.
Daniel P. Berrange spotted that the two latter functions
needed the same treatment.

* src/remote_internal.c (remoteNetworkOpen): Mark "conn" parameter
as non-NULL.  Remove now-unnecessary "conn == NULL" test.
(remoteDevMonOpen): Likewise.
(remoteSecretOpen): Likewise.
(remoteStorageOpen): Likewise.
(remoteInterfaceOpen): Likewise.

* src/internal.h (ATTRIBUTE_NONNULL): Define.

* src/lxc_controller.c (main): Unlink sockpath only if it's non-NULL.

* src/lxc_container.c (lxcContainerUnmountOldFS): Don't pass
a NULL pointer to qsort.

* src/storage_conf.c (virStorageSize): Don't try to compute 1024^7,
since it's too large for a 64-bit type.

* src/storage_backend_fs.c (virStorageBackendFileSystemRefresh):
Don't call closedir on a NULL pointer.

* src/vbox/vbox_tmpl.c: merged vboxNetworkUndefine() and
  vboxNetworkDestroy() and added code to handle multiple hostonly
  interfaces.

* src/vbox/vbox_tmpl.c: merged vboxNetworkCreateXML() and
  vboxNetworkDefineXML() and added code to handle multiple hostonly
  interfaces.

* docs/schemas/domain.rng: Add <serial> element to disks
* src/domain_conf.h, src/domain_conf.c: XML parsing and
  formatting for disk serial numbers
* src/qemu_conf.c: Set serial number when launching guests
* tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared.args,
  tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared.xml: Add
  serial number to XML test

Add option to domain XML for

     <memoryBacking>
        <hugepages/>
     </memoryBacking>

* configure.in: Add check for mntent.h
* qemud/libvirtd_qemu.aug, qemud/test_libvirtd_qemu.aug, src/qemu.conf
  Add 'hugetlbfs_mount' config parameter
* src/qemu_conf.c, src/qemu_conf.h: Check for -mem-path flag in QEMU,
  and pass it when hugepages are requested.
  Load hugetlbfs_mount config parameter, search for mount if not given.
* src/qemu_driver.c: Free hugetlbfs_mount/path parameter in driver shutdown.
  Create directory for QEMU hugepage usage, chowning if required.
* docs/formatdomain.html.in: Document memoryBacking/hugepages elements
* docs/schemas/domain.rng: Add memoryBacking/hugepages elements to schema
* src/util.c, src/util.h, src/libvirt_private.syms: Add virFileFindMountPoint
  helper API
* tests/qemuhelptest.c: Add -mem-path constants
* tests/qemuxml2argvtest.c, tests/qemuxml2xmltest.c: Add tests for hugepage
  handling
* tests/qemuxml2argvdata/qemuxml2argv-hugepages.xml,
  tests/qemuxml2argvdata/qemuxml2argv-hugepages.args: Data files for
  hugepage tests

* tests/testutils.c: Run test function twice, once to prime it for
  static allocations, once to count the non-static allocations.
* tests/testutilsqemu.c: Initialize variable correctl
* src/capabilities.c: Don't free machines variable upon failure
  since caller must do that
* src/xm_internal.c: Add missing check for OOM in building VIF
  config param

* src/vbox/vbox_tmpl.c: add setting of video and acceleration in
  VBox driver, and the ability to save this back for serialization

* docs/schemas/domain.rng: augment the video model with an optional
  acceleration element with optional accel2d and accel3d flags
* src/domain_conf.c src/domain_conf.h: exten the virDomainVideoDef
  structure with an optional accel field, virDomainVideoAccelDefParseXML
  and virDomainVideoAccelDefFormat functions to parse and serialize
  the structure.

Paolo Bonzini points out that in my refactoring of the code for
virDomainMigrate(), I added a check for the return value from
virDomainMigratePerform().  The problem is that we don't want to
exit if we fail, we actually want to go on and do
virDomainMigrateFinish2() with a non-0 return code to clean things
up.  Remove the check.

While reproducing this issue, I also noticed that we wouldn't
always properly propagate an error message.  In particular, I
found that if you blocked off the migration ports (with iptables)
and then tried the migration, it would actually fail but we would
get no failure output from Qemu.  Therefore, we would think we
succeeded, and leave a huge mess behind us.  Execute the monitor
command "info migrate", and look for a failure string in there
as well.
Signed-off-by: NChris Lalancette <clalance@redhat.com>

* src/esx/esx_util.c: esxUtil_ParseQuery() warns if a known query
  parameter should be ignored due to the corresponding char/int pointer
  being NULL, instead of silently ignoring it. Fix the control flow.

* src/esx/esx_vmx.c: add an extra type of addressType beside 'static'
  and 'generated', 'vpx' indicates that the MAC address was generated
  by a vCenter.

Calling qsort() on the disks array causes disk to be
unneccessarily re-ordered, potentially breaking the
ability to boot if the boot disk gets moved later in
the list. The new algorithm will insert a new disk as
far to the end of the list as possible, while being
ordered correctly wrt other disks on the same bus.

* src/domain_conf.c, src/domain_conf.h: Remove disk sorting
  routines. Add API to insert a disk into existing list at
  the optimal position, without resorting disks
* src/libvirt_private.syms: Export virDomainDiskInsert
* src/xend_internal.c, src/xm_internal.c: Remove calls to
  qsort, use virDomainDiskInsert instead.
* src/qemu_driver.c: Remove calls to qsort, use virDoaminDiskInsert
  instead. Fix reordering bugs when hotunplugging disks and
  networks. Fix memory leak in disk/net unplug

* src/vbox/vbox_tmpl.c: adds support for getting/setting number of cpus

* proxy/Makefile.am: Build storage_encryption_conf.c since its a
  dependancy of domain_conf.c
* src/storage_encryption_conf.c: Disable XML parsing APis when
  build under proxy
* src/test.c: Add a dummy no-op secrets driver for test suite

* src/storage_encryption_conf.c: Remove base64.h

* src/qemu_driver.c: Support arbitrary callbacks for "secondary
  prompts".  Reimplement qemudMonitorCommandExtra using such a
  callback.

The if ((nlptr...)) implicitly assumes commptr != NULL (and that "buf"
starts with "cmd").  Make the assumption explicit, it will be broken in
a future patch.

* src/qemu_driver.c: Don't assume buffered monitor output echoes the
  command.

The XML allows <encryption format='unencrypted'/>, this implementation
canonicalizes the internal representation so that "disk->encryption" is
non-NULL iff encryption information is available.

A domain with partial encryption information can be defined,
completeness of the information is not verified.  The domain won't
start until the remaining information is added, of course.

* docs/formatdomain.html, docs/formatdomain.html.in: Document
  new encryption options for disks
* docs/schemas/domain.rng: Pull in storage encryption schema
  rules
* src/domain_conf.h, src/domain_conf.c: Wire up storage encryption
  XML parsing/formatting APIs

Supports only virStorageVolCreateXML, not virStorageVolCreateXMLFrom.

Curiously, qemu-img does not need the passphrase for anything to create
an encrypted volume.  This implementation thus does not need to touch
any secrets to work with cooperating clients.  More generic passphrase
handling is added in the next patch.

* src/storage_backend.c: Request encryption when creating qcow/qcow2
  files
* src/storage_backend_disk.c, src/storage_backend_fs.c,
  src/storage_backend_logical.c: Refuse to create volumes with
  encryption params set.

(The implementation is not very generic, but that can be very
easily rectified if/when new encryption formats appear.)

* src/storage_backend_fs.c: Probe for qcow/qcow2 encryption
  algorithm field

The XML allows <encryption format='unencrypted'/>, this implementation
canonicalizes the internal representation so that "vol->encryption" is
non-NULL iff the volume is encrypted.

Note that partial encryption information (e.g. specifying an encryption
format, but not the key/passphrase) is valid, libvirt will automatically
choose value for the missing information during volume creation.  The
user can read the volume XML, and use the unmodified <encryption> tag in
future operations (without having to be able to understand) its contents.

* docs/formatstorage.html, docs/formatstorage.html.in: Document
  storage volume encryption options
* src/storage_conf.c, src/storage_conf.h: Hook up storage
  encryption XML handling
* tests/storagevolschemadata/vol-qcow2.xml: Test case for encryption
  schema changes

Define an <encryption> tag specifying volume encryption format and
format-depenedent parameters (e.g. passphrase, cipher name, key
length, key).

Currently the only defined parameter is a reference to a "secret"
(passphrase/key) managed using the virSecret* API.

Only the qcow/qcow2 encryption format, and a "default" format used to
let libvirt choose the format during volume creation, is currently
supported.

This patch does not add any users; the <encryption> tag is added in
the following patches to both volumes (to support encrypted volume
creation) and domains.

* docs/*.html: Re-generate
* docs/formatstorageencryption.html.in, docs/sitemap.html.in:
  Add page describing storage encryption data format
* docs/schemas/Makefile.am, docs/schemas/storageencryption.rng:
  Add RNG schema for storage encryption format
* po/POTFILES.in: Add src/storage_encryption_conf.c
* src/libvirt_private.syms: Export virStorageEncryption* functions
* src/storage_encryption_conf.h, src/storage_encryption_conf.c: Internal
  helper APIs for dealing with storage encryption format
* libvirt.spec.in, mingw32-libvirt.spec.in: Add storageencryption.rng
  RNG schema

* src/remote_internal.c: Implement client binding for new secrets
  APIs
* src/datatypes.h: Add 'void *secretPrivateData' to virConnectPtr
  struct