- 17 4月, 2020 6 次提交
-
-
由 Michal Privoznik 提交于
As explained in the previous commit, we need to relabel the file we are restoring the domain from. That is the FD that is passed to QEMU. If the file is not under /dev then the file inside the namespace is the very same as the one in the host. And regardless of using transactions, the file will be relabeled. But, if the file is under /dev then when using transactions only the copy inside the namespace is relabeled and the one in the host is not. But QEMU is reading from the one in the host, actually. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1772838Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
由 Michal Privoznik 提交于
This API allows drivers to separate out handling of @stdin_path of virSecurityManagerSetAllLabel(). The thing is, the QEMU driver uses transactions for virSecurityManagerSetAllLabel() which relabels devices from inside of domain's namespace. This is what we usually want. Except when resuming domain from a file. The file is opened before any namespace is set up and the FD is passed to QEMU to read the migration stream from. Because of this, the file lives outside of the namespace and if it so happens that the file is a block device (i.e. it lives under /dev) its copy will be created in the namespace. But the FD that is passed to QEMU points to the original living in the host and not in the namespace. So relabeling the file inside the namespace helps nothing. But if we have a separate API for relabeling the restore file then the QEMU driver can continue calling virSecurityManagerSetAllLabel() with transactions enabled and call this new API without transactions. We already have an API for relabeling a single file (virSecurityManagerDomainSetPathLabel()) but in case of SELinux it uses @imagelabel (which allows RW access) and we want to use @content_context (which allows RO access). Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
由 Jiri Denemark 提交于
This commit partially reverts commit c360ea28 Refs: v6.2.0-rc1-1-gc360ea28 Author: Rafael Fonseca <r4f4rfs@gmail.com> AuthorDate: Fri Mar 27 18:40:47 2020 +0100 Commit: Michal Prívozník <mprivozn@redhat.com> CommitDate: Mon Mar 30 09:48:22 2020 +0200 util: virdaemon: fix compilation on mingw The daemons are not supported on Win32 and therefore were not compiled in that platform. However, with the daemon code sharing, all the code in utils *is* compiled and it failed because `waitpid`, `fork`, and `setsid` are not available. So, as before, let's not build them on Win32 and make the code more portable by using existing vir* wrappers. Not compiling virDaemonForkIntoBackground on Win32 is good, but the second part of the original patch incorrectly replaced waitpid and fork with our virProcessWait and virFork APIs. These APIs are more than just simple wrappers and we don't want any of the extra functionality. Especially virFork would reset any setup made before virDaemonForkIntoBackground is called, such as logging, signal handling, etc. As a result of the change the additional fix in v6.2.0-67-ga87e4788 (util: virdaemon: fix waiting for child processes) is no longer needed and it is effectively reverted by this commit. Signed-off-by: NJiri Denemark <jdenemar@redhat.com> Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Boris Fiuczynski 提交于
Improving the zPCI example by choosing more distinct values and adding explanation for fid. Signed-off-by: NBoris Fiuczynski <fiuczy@linux.ibm.com> Reviewed-by: NCornelia Huck <cohuck@redhat.com> Reviewed-by: NAndrea Bolognani <abologna@redhat.com>
-
由 Andrea Bolognani 提交于
Changing the introduction to bring the idea of this document better across. Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NBoris Fiuczynski <fiuczy@linux.ibm.com> Reviewed-by: NCornelia Huck <cohuck@redhat.com>
-
由 Andrea Bolognani 提交于
Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
- 16 4月, 2020 13 次提交
-
-
由 Daniel P. Berrangé 提交于
Reviewed-by: NAndrea Bolognani <abologna@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
The use of 32favicon.png was removed when the new favicons were introduced in commit 40cb5581 Author: Daniel P. Berrangé <berrange@redhat.com> Date: Wed Jul 26 18:22:11 2017 +0100 docs: add full set of "favicon" files to support modern clients Reviewed-by: NLaine Stump <laine@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
The various favicon files were missing from the favicon list, so never installed, as was an example code diagram. Reviewed-by: NLaine Stump <laine@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
We previously added a hack to symlink CSS files from the source dir into the build dir, to allow the website to be browsed locally. We should have also done this for any images. This change merges several variables into one "$(assets)" so that we treat all static files in the root dir the same way. Reviewed-by: NLaine Stump <laine@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
Fixes build error introduced in commit aa15e925 Author: Laine Stump <laine@redhat.com> Date: Sun Apr 5 22:40:37 2020 -0400 qemu/conf: set HOTPLUGGABLE connect flag during PCI address set init Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Leonid Bloch 提交于
Trivial comment fix, reflecting the changes in 4ee2b318. Signed-off-by: NLeonid Bloch <lb.workbox@gmail.com> Reviewed-by: NAndrea Bolognani <abologna@redhat.com>
-
由 Michal Privoznik 提交于
Previously, we used virCapabilitiesDomainDataLookup() to fill machine type in post parse callback if none was provided in the domain XML. If machine type couldn't be filled in an error was reported. After 4a4132b4 we've changed it to virQEMUCapsGetPreferredMachine() which returns NULL, but we no longer report an error and proceed with the post parse callbacks processing. This may lead to a crash because the code later on assumes def->os.machine is not NULL. Fixes: 4a4132b4Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NPavel Mores <pmores@redhat.com>
-
由 Michal Privoznik 提交于
When preparing to do a blockcopy, the mirror image is modified so that QEMU can access it. For instance, the mirror has seclabels set, if it is a NVMe disk it is detached from the host and so on. And usually, the restore is done upon successful finish of the blockcopy operation. But, if something fails then we need to explicitly revoke the access to the mirror image (and thus reattach NVMe disk back to the host). Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1822538Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NPavel Mores <pmores@redhat.com>
-
由 Andrea Bolognani 提交于
The idea behind this document is to show, with actual examples, that users should not expect PCI addresses in the domain XML and in the guest OS to match. The first zPCI example already serves this purpose perfectly, so in the interest of keeping the page as brief and easy to digest as possible the second one is removed. Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NCornelia Huck <cohuck@redhat.com>
-
由 Andrea Bolognani 提交于
Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NCornelia Huck <cohuck@redhat.com>
-
由 Andrea Bolognani 提交于
The section about VFIO devices is kept separate from the rest because it's less about domain XML and guest OS disagreeing on the PCI address of a device, and more about which of the two PCI addresses in the domain XML is even relevant to the guest OS. The section on zPCI addresses, on the other hand, falls squarely in the "more complex cases" category, so it should live in the corresponding section. Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NCornelia Huck <cohuck@redhat.com>
-
由 Andrea Bolognani 提交于
Indent all code snippets by the same number of spaces, and don't embed the :: marker in the line preceding a code block. This commit is best viewed with 'git show -w'. Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NCornelia Huck <cohuck@redhat.com>
-
由 Lin Ma 提交于
When we do parallel migration, The multifd-channels migration parameter needs to be set on the destination side as well before incoming migration URI, unless we accept the default number of connections(2). Usually, This can be correctly handled by libvirtd. But in this case if we use p2p + xbzrle compression without parameter '--comp-xbzrle-cache', qemuMigrationParamsDump returns too early, The corresponding migration parameter will not be set on the destination side, It results QEMU hangs. Reproducer: virsh migrate --live --p2p --comp-methods xbzrle \ --parallel --parallel-connections 3 GUEST qemu+ssh://dsthost/system or virsh migrate --live --p2p --compressed \ --parallel --parallel-connections 3 GUEST qemu+ssh://dsthost/systemSigned-off-by: NLin Ma <lma@suse.com> Message-Id: <20200416044451.21134-1-lma@suse.com> Reviewed-by: NJiri Denemark <jdenemar@redhat.com>
-
- 15 4月, 2020 12 次提交
-
-
由 Andrea Bolognani 提交于
Setting CC="ccache cc" works in most cases, but sometimes it will break the build: in particular, we have experienced issues in the past with that approach when using cgo to build our Go bindings. A more robust approach is to have a directory containing symlinks from the compiler name to the ccache binary: in that case, ccache itself will invoke the compiler, and the build system will be none the wiser. Since libvirt-ci commit 2563aebb6c5c, container images contain a suitable symlink directory, so all that's needed to enable the new approach is to add this directory to $PATH. Since we're touching this anyway, we make a few more changes: $CCACHE_DIR is no longer created manually, because ccache will take care of creating it for us if it doesn't already exist; the ccache setup is moved out of the job template and into script_variables, removing unnecessary duplication; a limit is set on the size of the cache (500 MB, which is twice the amount used by a fresh build on my Fedora 31 machine). Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Andrea Bolognani 提交于
Since libvirt-ci commit 27cfddee8835, paths to build tools such as ninja and make are exported in the container's environment and can be used directly. Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Cornelia Huck 提交于
Add some information on how pci address work on s390x. Signed-off-by: NCornelia Huck <cohuck@redhat.com> Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Andrea Bolognani 提交于
Fixes: 2923e7a3Reported-by: NJán Tomko <jtomko@redhat.com> Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
-
由 Christian Ehrhardt 提交于
With libpmem support compiled into qemu it will trigger the following denials on every startup. apparmor="DENIED" operation="open" name="/" apparmor="DENIED" operation="open" name="/sys/bus/nd/devices/" This is due to [1] that tries to auto-detect if the platform supports auto flush for all region. Once we know all the paths that are potentially needed if this feature is really used we can add them conditionally in virt-aa-helper and labelling calls in case </pmem> is enabled. But until then the change here silences the denial warnings seen above. [1]: https://github.com/pmem/pmdk/blob/master/src/libpmem2/auto_flush_linux.c#L131 Bug: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1871354Signed-off-by: NChristian Ehrhardt <christian.ehrhardt@canonical.com> Acked-by: NJamie Strandboge <jamie@canonical.com>
-
由 Andrea Bolognani 提交于
This document describes the relationship between PCI addresses as seen in the domain XML and by the guest OS, which is a topic that people get confused by time and time again. Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NLaine Stump <laine@redhat.com>
-
由 Peter Krempa 提交于
Add the appropriate entries into the schema to allow encryption of the backup or scratch image. Since we use blockdev internals for everything no changes to the code are actually necessary. https://bugzilla.redhat.com/show_bug.cgi?id=1811906Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NErik Skultety <eskultet@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
It was never implemented and for now I don't think there's demand to do it. Remove the reference. https://bugzilla.redhat.com/show_bug.cgi?id=1812100Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NErik Skultety <eskultet@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Starting with 3b076391 (v6.1.0-122-g3b076391) we support http cookies. Since they may contain somewhat sensitive information we should not format them into the XML unless VIR_DOMAIN_DEF_FORMAT_SECURE is asserted. Reported-by: NHan Han <hhan@redhat.com> Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
由 Peter Krempa 提交于
We want to format even the secure information in tests. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
由 Peter Krempa 提交于
Commit 86608f78 added the above flag as an alias for ambiguous 'delete-snapshots' flag, but forgot to actually change the code that extracts it, thus the new version actually doesn't work. https://bugzilla.redhat.com/show_bug.cgi?id=1821988Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
We always tried to install backing store for the image even if it didn't make sense, e.g. for a full backup into a raw image. Additionally we didn't record the backing file into the qcow2 metadata so the image itself contained the diff of data but reading from it would be incomplete as it depends on the backing image. This patch fixes both issues by carefully installing the correct backing file when appropriate and also recording it into the metadata when creating the image. https://bugzilla.redhat.com/show_bug.cgi?id=1813310Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
- 14 4月, 2020 8 次提交
-
-
由 Andrea Bolognani 提交于
We've adopted reStructuredText as the primary markup language for our documentation and, given that both GitLab and GitHub can render documents in this format just fine, it makes sense to get rid of the few last remaining bits of Markdown and standardize on reStructuredText across the board. Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Seeteena Thoufeek 提交于
Signed-off-by: NSeeteena Thoufeek <s1seetee@linux.vnet.ibm.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
由 Seeteena Thoufeek 提交于
This is the last missing g_autofree conversion change in the module after commit 1e2ae2e3 took care of the VIR_AUTOFREE conversion. Signed-off-by: NSeeteena Thoufeek <s1seetee@linux.vnet.ibm.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
由 Andrea Bolognani 提交于
Travis CI reports root: deprecated key sudo (The key `sudo` has no effect anymore.) so let's drop it. Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Andrea Bolognani 提交于
All information, except for osx_image image, is identical between the two jobs so we can avoid repeating it. Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Andrea Bolognani 提交于
The newly-introduced CONTRIBUTING.rst serves the same purposes and lives in the path where most people would look for it. Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Andrea Bolognani 提交于
It's generally expected that a git repository will contain this file, which serves as an entry point for people interested in contributing to the project. In our case, we have extensive documentation available on the website which we don't want to duplicate, so let's just point people there. Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Nikolay Shirokovskiy 提交于
getaddrinfo returns linked list. Fix iteration accordingly. Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com> Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
-
- 13 4月, 2020 1 次提交
-
-
由 Laine Stump 提交于
Before this patch we would simply rely on QEMU failing to attach the device. Since we have a flag in the address set telling us which controllers support hotplug, we can fail the operation sooner. This also assures that when hotplugging with no provided PCI address, that we skip any controllers with hotplug='off', and attempt to assign the device to a controller that not only supports hotplug, but also has it enabled. Signed-off-by: NLaine Stump <laine@redhat.com> Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
-