- 11 7月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
Convert the type of loop iterators named 'i', 'j', k', 'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or 'unsigned int', also santizing 'ii', 'jj', 'kk' to use the normal 'i', 'j', 'k' naming Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 10 7月, 2013 1 次提交
-
-
由 Michal Privoznik 提交于
-
- 09 7月, 2013 1 次提交
-
-
由 Gao feng 提交于
Create parent directroy for hostdev automatically when we start a lxc domain or attach a hostdev to a lxc domain. Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
- 03 7月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
Ensure that all APIs which list domain objects filter them against the access control system. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 25 6月, 2013 1 次提交
-
-
由 Jiri Denemark 提交于
-
- 24 6月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
Insert calls to the ACL checking APIs in all LXC driver entrypoints. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 20 6月, 2013 1 次提交
-
-
由 John Ferlan 提交于
As a consequence of the cgroup layout changes from commit 'cfed9ad4', the lxcDomainGetSchedulerParameters[Flags]()' and lxcGetSchedulerType() APIs failed to return data for a non running domain. This can be seen through a 'virsh schedinfo <domain>' command which returns: Scheduler : Unknown error: Requested operation is not valid: cgroup CPU controller is not mounted Prior to that change a non running domain would return: Scheduler : posix cpu_shares : 0 vcpu_period : 0 vcpu_quota : 0 emulator_period: 0 emulator_quota : 0 This patch will restore the capability to return configuration only data for a non running domain regardless of whether cgroups are available.
-
- 21 5月, 2013 1 次提交
-
-
由 Osier Yang 提交于
-
- 09 5月, 2013 1 次提交
-
-
由 Michal Privoznik 提交于
-
- 08 5月, 2013 4 次提交
-
-
由 Daniel P. Berrange 提交于
The LXC, QEMU, and LibXL drivers have all merged their handling of the attach/update/modify device APIs into one large 'xxxxDomainModifyDeviceFlags' which then does a 'switch()' based on the actual API being invoked. While this saves some lines of code, it is not really all that significant in the context of the driver API impls as a whole. This merger of the handling of different APIs creates pain when wanting to automated analysis of the code and do things which are specific to individual APIs. The slight duplication of code from unmerged the API impls, is preferrable to allow for easier automated analysis. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The individual hypervisor drivers were directly referencing APIs in virnodesuspend.c in their virDriverPtr struct. Separate these methods, so there is always a wrapper in the hypervisor driver. This allows the unused virConnectPtr args to be removed from the virnodesuspend.c file. Again this will ensure that ACL checks will only be performed on invocations that are directly associated with public API usage. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The individual hypervisor drivers were directly referencing APIs in src/nodeinfo.c in their virDriverPtr struct. Separate these methods, so there is always a wrapper in the hypervisor driver. This allows the unused virConnectPtr args to be removed from the nodeinfo.c file. Again this will ensure that ACL checks will only be performed on invocations that are directly associated with public API usage. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Currently the virGetHostname() API has a bogus virConnectPtr parameter. This is because virtualization drivers directly reference this API in their virDriverPtr tables, tieing its API design to the public virConnectGetHostname API design. This also causes problems for access control checks since these must only be done for invocations from the public API, not internal invocation. Remove the bogus virConnectPtr parameter, and make each hypervisor driver provide a dedicated function for the driver API impl. This will allow access control checks to be easily inserted later. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 02 5月, 2013 1 次提交
-
-
由 Michal Privoznik 提交于
The source code base needs to be adapted as well. Some files include virutil.h just for the string related functions (here, the include is substituted to match the new file), some include virutil.h without any need (here, the include is removed), and some require both.
-
- 24 4月, 2013 2 次提交
-
-
由 Daniel P. Berrange 提交于
Ensure that all drivers implementing public APIs use a naming convention for their implementation that matches the public API name. eg for the public API virDomainCreate make sure QEMU uses qemuDomainCreate and not qemuDomainStart Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Ensure that the driver struct field names match the public API names. For an API virXXXX we must have a driver struct field xXXXX. ie strip the leading 'vir' and lowercase any leading uppercase letters. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 16 4月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
Instead of calling virCgroupForDomain every time we need the virCgrouPtr instance, just do it once at Vm startup and cache a reference to the object in virLXCDomainObjPrivatePtr until shutdown of the VM. Removing the virCgroupPtr from the LXC driver state also means we don't have stale mount info, if someone mounts the cgroups filesystem after libvirtd has been started Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 08 4月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
The virCgroupMounted method is badly named, since a controller can be mounted, but disabled in the current object. Rename the method to be virCgroupHasController. Also make it tolerant to a NULL virCgroupPtr and out-of-range controller index, to avoid duplication of these checks in all callers Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 05 4月, 2013 4 次提交
-
-
由 Daniel P. Berrange 提交于
Currently when getting an instance of virCgroupPtr we will create the path in all cgroup controllers. Only at the virt driver layer are we attempting to filter controllers. This is bad because the mere act of creating the dirs in the controllers can have a functional impact on the kernel, particularly for performance. Update the virCgroupForDriver() method to accept a bitmask of controllers to use. Only create dirs in the controllers that are requested. When creating cgroups for domains, respect the active controller list from the parent cgroup Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Peter Krempa 提交于
Move the xmlopt and caps arguments to the end of the argument list.
-
由 Peter Krempa 提交于
This patch adds instrumentation that will allow hypervisor drivers to fill and validate domain and device definitions after parsed by the XML parser. With this patch, after the XML is parsed, a callback to the driver is issued requesting to fill and validate driver specific details of the configuration. This allows to use sensible defaults and checks on a per driver basis at the time the XML is parsed. Two callback pointers are stored in the new virDomainXMLConf object: * virDomainDeviceDefPostParseCallback (devicesPostParseCallback) - called for a single device parsed and for every single device in a domain config. A virDomainDeviceDefPtr is passed along with the domain definition and virCaps. * virDomainDefPostParseCallback, (domainPostParseCallback) - A callback that is meant to process the domain config after it's parsed. A virDomainDefPtr is passed along with virCaps. Both types of callbacks support arbitrary opaque data passed for the callback functions. Errors may be reported in those callbacks resulting in a XML parsing failure.
-
由 Peter Krempa 提交于
This patch is the result of running: for i in $(git ls-files | grep -v html | grep -v \.po$ ); do sed -i -e "s/virDomainXMLConf/virDomainXMLOption/g" -e "s/xmlconf/xmlopt/g" $i done and a few manual tweaks.
-
- 04 4月, 2013 2 次提交
-
-
由 Daniel P. Berrange 提交于
The sysinfo code used by QEMU is trivially portable to the LXC driver
-
由 Daniel P. Berrange 提交于
This reverts commit c9c87376. Now that we force all containers to have a root filesystem, there is no way the host's /dev is ever exposed Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 23 3月, 2013 1 次提交
-
-
由 Martin Kletzander 提交于
When the container has the same '/dev' mount as host (no chroot), calling domainShutdown(WithFlags) shouldn't shutdown the host it is running on.
-
- 13 3月, 2013 2 次提交
-
-
由 Daniel P. Berrange 提交于
The virDomainGetSecurityLabel method is currently (mistakenly) showing the label of the libvirt_lxc process: ...snip... Security model: selinux Security DOI: 0 Security label: system_u:system_r:virtd_t:s0-s0:c0.c1023 (permissive) when it should be showing the init process label ...snip... Security model: selinux Security DOI: 0 Security label: system_u:system_r:svirt_t:s0:c724,c995 (permissive)
-
由 Peter Krempa 提交于
The virCaps structure gathered a ton of irrelevant data over time that. The original reason is that it was propagated to the XML parser functions. This patch aims to create a new data structure virDomainXMLConf that will contain immutable data that are used by the XML parser. This will allow two things we need: 1) Get rid of the stuff from virCaps 2) Allow us to add callbacks to check and add driver specific stuff after domain XML is parsed. This first attempt removes pointers to private data allocation functions to this new structure and update all callers and function that require them.
-
- 11 3月, 2013 1 次提交
-
-
由 Guido Günther 提交于
otherwise we crash with #0 virUSBDeviceListFind (list=0x0, dev=dev@entry=0x8193d70) at util/virusb.c:526 #1 0xb1a4995b in virLXCPrepareHostdevUSBDevices (driver=driver@entry=0x815d9a0, name=0x815dbf8 "debian-700267", list=list@entry=0x81d8f08) at lxc/lxc_hostdev.c:88 #2 0xb1a49fce in virLXCPrepareHostUSBDevices (def=0x8193af8, driver=0x815d9a0) at lxc/lxc_hostdev.c:261 #3 virLXCPrepareHostDevices (driver=driver@entry=0x815d9a0, def=0x8193af8) at lxc/lxc_hostdev.c:328 #4 0xb1a4c5b1 in virLXCProcessStart (conn=0x817d3f8, driver=driver@entry=0x815d9a0, vm=vm@entry=0x8190908, autoDestroy=autoDestroy@entry=false, reason=reason@entry=VIR_DOMAIN_RUNNING_BOOTED) at lxc/lxc_process.c:1068 #5 0xb1a57e00 in lxcDomainStartWithFlags (dom=dom@entry=0x815e460, flags=flags@entry=0) at lxc/lxc_driver.c:1014 #6 0xb1a57fc3 in lxcDomainStart (dom=0x815e460) at lxc/lxc_driver.c:1046 #7 0xb79c8375 in virDomainCreate (domain=domain@entry=0x815e460) at libvirt.c:8450 #8 0x08078959 in remoteDispatchDomainCreate (args=0x81920a0, rerr=0xb65c21d0, client=0xb0d00490, server=<optimized out>, msg=<optimized out>) at remote_dispatch.h:1066 #9 remoteDispatchDomainCreateHelper (server=0x80c4928, client=0xb0d00490, msg=0xb0d005b0, rerr=0xb65c21d0, args=0x81920a0, ret=0x815d208) at remote_dispatch.h:1044 #10 0xb7a36901 in virNetServerProgramDispatchCall (msg=0xb0d005b0, client=0xb0d00490, server=0x80c4928, prog=0x80c6438) at rpc/virnetserverprogram.c:432 #11 virNetServerProgramDispatch (prog=0x80c6438, server=server@entry=0x80c4928, client=0xb0d00490, msg=0xb0d005b0) at rpc/virnetserverprogram.c:305 #12 0xb7a300a7 in virNetServerProcessMsg (msg=<optimized out>, prog=<optimized out>, client=<optimized out>, srv=0x80c4928) at rpc/virnetserver.c:162 #13 virNetServerHandleJob (jobOpaque=0xb0d00510, opaque=0x80c4928) at rpc/virnetserver.c:183 #14 0xb7924f98 in virThreadPoolWorker (opaque=opaque@entry=0x80a94b0) at util/virthreadpool.c:144 #15 0xb7924515 in virThreadHelper (data=0x80a9440) at util/virthreadpthread.c:161 #16 0xb7887c39 in start_thread (arg=0xb65c2b70) at pthread_create.c:304 #17 0xb77eb78e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130 when adding a domain with a usb device. This is Debian bug http://bugs.debian.org/700267
-
- 11 2月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
To enable locking to be introduced to the security manager objects later, turn virSecurityManager into a virObjectLockable class Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 08 2月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
To enable virCapabilities instances to be reference counted, turn it into a virObject. All cases of virCapabilitiesFree turn into virObjectUnref Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 06 2月, 2013 2 次提交
-
-
由 Daniel P. Berrange 提交于
Rename all the usbDeviceXXX and usbXXXDevice APIs to have a fixed virUSBDevice name prefix
-
由 Daniel P. Berrange 提交于
The duplicate VM checking should be done atomically with virDomainObjListAdd, so shoud not be a separate function. Instead just use flags to indicate what kind of checks are required. This pair, used in virDomainCreateXML: if (virDomainObjListIsDuplicate(privconn->domains, def, 1) < 0) goto cleanup; if (!(dom = virDomainObjListAdd(privconn->domains, privconn->caps, def, false))) goto cleanup; Changes to if (!(dom = virDomainObjListAdd(privconn->domains, privconn->caps, def, VIR_DOMAIN_OBJ_LIST_ADD_CHECK_LIVE, NULL))) goto cleanup; This pair, used in virDomainRestoreFlags: if (virDomainObjListIsDuplicate(privconn->domains, def, 1) < 0) goto cleanup; if (!(dom = virDomainObjListAdd(privconn->domains, privconn->caps, def, true))) goto cleanup; Changes to if (!(dom = virDomainObjListAdd(privconn->domains, privconn->caps, def, VIR_DOMAIN_OBJ_LIST_ADD_LIVE | VIR_DOMAIN_OBJ_LIST_ADD_CHECK_LIVE, NULL))) goto cleanup; This pair, used in virDomainDefineXML: if (virDomainObjListIsDuplicate(privconn->domains, def, 0) < 0) goto cleanup; if (!(dom = virDomainObjListAdd(privconn->domains, privconn->caps, def, false))) goto cleanup; Changes to if (!(dom = virDomainObjListAdd(privconn->domains, privconn->caps, def, 0, NULL))) goto cleanup;
-
- 05 2月, 2013 2 次提交
-
-
由 Daniel P. Berrange 提交于
As a step towards making virDomainObjList thread-safe turn it into an opaque virObject, preventing any direct access to its internals. As part of this a new method virDomainObjListForEach is introduced to replace all existing usage of virHashForEach
-
由 Daniel P. Berrange 提交于
The APIs names for accessing the domain list object are very inconsistent. Rename them all to have a standard virDomainObjList prefix.
-
- 23 1月, 2013 2 次提交
-
-
由 John Ferlan 提交于
-
由 John Ferlan 提交于
It was possible to call VIR_FREE in cleanup prior to initialization
-
- 22 1月, 2013 1 次提交
-
-
由 John Ferlan 提交于
The use of switch statements inside a bounded for loop resulted in some false positives regarding the "default:" label which cannot be reached since each of the other case statements use the possible for loop values.
-
- 16 1月, 2013 2 次提交
-
-
由 Daniel P. Berrange 提交于
The virDomainObj, qemuAgent, qemuMonitor, lxcMonitor classes all require a mutex, so can be switched to use virObjectLockable Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The virDomainLxcOpenNamespace method needs to open every file in /proc/$INITPID/ns and return the open file descriptor to the client application. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 15 1月, 2013 1 次提交
-
-
由 John Ferlan 提交于
-