1. 08 9月, 2014 5 次提交
  2. 07 9月, 2014 4 次提交
    • S
      selinux: Avoid label reservations for type = none · a48362cd
      Shivaprasad G Bhat 提交于
      For security type='none' libvirt according to the docs should not
      generate seclabel be it for selinux or any model. So, skip the
      reservation of labels when type is none.
      Signed-off-by: NShivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
      a48362cd
    • E
      blockcopy: remote implementation for new API · 1069e3b9
      Eric Blake 提交于
      Fairly straightforward - I got lucky that the generated functions
      worked out of the box :)
      
      * src/remote/remote_protocol.x (remote_domain_block_copy_args):
      New struct.
      (REMOTE_PROC_DOMAIN_BLOCK_COPY): New RPC.
      * src/remote/remote_driver.c (remote_driver): Wire it up.
      * src/remote_protocol-structs: Regenerate.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      1069e3b9
    • E
      blockcopy: expose new API in virsh · c1d75dee
      Eric Blake 提交于
      Expose the new power of virDomainBlockCopy through virsh (well,
      all but the finer-grained bandwidth, as that is its own can of
      worms for a later patch).  Continue to use the older API where
      possible, for maximum compatibility.
      
      The command now requires either --dest (with optional --format
      and --blockdev), to directly describe the file destination, or
      --xml, to name a file that contains an XML description such as:
      
      <disk type='network'>
        <driver type='raw'/>
        <source protocol='gluster' name='vol1/img'>
          <host name='red'/>
        </source>
      </disk>
      
      [well, it may be a while before the qemu driver is actually patched
      to act on that particular xml beyond just parsing it, but the virsh
      interface won't need changing at that time]
      
      Non-zero option parameters are converted into virTypedParameters,
      and if anything requires the new API, the command can synthesize
      appropriate XML even if the --dest option was used instead of --xml.
      
      The existing --raw flag remains for back-compat, but the preferred
      spelling is now --format=raw, since the new API now allows us
      to specify all formats rather than just a boolean raw to suppress
      probing.
      
      I hope I did justice in describing the effects of granularity and
      buf-size on how they get passed through to qemu.
      
      * tools/virsh-domain.c (cmdBlockCopy): Add new options --xml,
      --granularity, --buf-size, --format. Make --raw an alias for
      --format=raw. Call new API if new parameters are in use.
      * tools/virsh.pod (blockcopy): Document new options.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      c1d75dee
    • E
      maint: update to latest gnulib · 0e8bed81
      Eric Blake 提交于
      The usual portability fixes; and this includes a fix that adds
      a new syntax check for double semicolons (commit 28de556d fixed
      some, but gnulib found a better check).
      
      * .gnulib: Update to latest.
      * src/xenconfig/xen_common.c (xenFormatConfigCommon): Fix offender.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      0e8bed81
  3. 06 9月, 2014 10 次提交
    • E
      blockcopy: split out virsh implementation · 0eaad0a3
      Eric Blake 提交于
      I'm about to extend the capabilities of blockcopy.  Hiding a few
      common lines of implementation gets in the way of the new required
      logic, and putting the new logic in the common implementation won't
      benefit any of the other blockjob operations.  Therefore, it is
      simpler to just do the work inline.  There should be no semantic
      change in this patch.
      
      * tools/virsh-domain.c (blockJobImpl): Move block copy guts...
      (cmdBlockCopy): ...into their lone caller.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      0eaad0a3
    • P
      storage_conf: Fix libvirtd crash when defining scsi storage pool · 119b6dfc
      Pradipta Kr. Banerjee 提交于
      Since 9f781da6
      
      Resolve a libvirtd crash in virStoragePoolSourceFindDuplicate()
      when there is an existing SCSI pool defined with adapter type as
      'scsi_host' and defining a new SCSI pool with adapter type as
      'fc_host' and parent attribute missing or vice versa.
      
      For example, if there is an existing SCSI pool with adapter type
      as 'scsi_host' defined using the following XML
      
      <pool type='scsi'>
        <name>TEST_SCSI_POOL</name>
          <source>
             <adapter type='scsi_host' name='scsi_host1'/>
          </source>
          <target>
              <path>/dev/disk/by-path</path>
          </target>
      </pool>
      
      When defining another SCSI pool with adapter type as 'fc_host' using the
      following XML will crash libvirtd
      
      <pool type='scsi'>
        <name>TEST_SCSI_FC_POOL</name>
        <source>
           <adapter type='fc_host' wwnn='1234567890abcdef' wwpn='abcdef1234567890'/>
        </source>
        <target>
           <path>/dev/disk/by-path</path>
        </target>
      </pool>
      
      Same is true for the reverse case as well where there exists a SCSI pool
      with adapter type as 'fc_host' and another SCSI pool is defined with
      adapter type as 'scsi_host'.
      
      This happens because for fc_host 'name' is optional attribute whereas for
      scsi_host its mandatory. However the check in libvirt for finding duplicate
      storage pools didn't take that into account while comparing
      Signed-off-by: NPradipta Kr. Banerjee <bpradip@in.ibm.com>
      119b6dfc
    • E
      blockcopy: allow block device destination · b7e73585
      Eric Blake 提交于
      To date, anyone performing a block copy and pivot ends up with
      the destination being treated as <disk type='file'>.  While this
      works for data access for a block device, it has at least one
      noticeable shortcoming: virDomainGetBlockInfo() reports allocation
      differently for block devices visited as files (the size of the
      device) than for block devices visited as <disk type='block'>
      (the maximum sector used, as reported by qemu); and this difference
      is significant when trying to manage qcow2 format on block devices
      that can be grown as needed.
      
      Of course, the more powerful virDomainBlockCopy() API can already
      express the ability to set the <disk> type.  But a new API can't
      be backported, while a new flag to an existing API can; and it is
      also rather inconvenient to have to resort to the full power of
      generating XML when just adding a flag to the older call will do
      the trick.  So this patch enhances blockcopy to let the user flag
      when the resulting XML after the copy must list the device as
      type='block'.
      
      * include/libvirt/libvirt.h.in (VIR_DOMAIN_BLOCK_REBASE_COPY_DEV):
      New flag.
      * src/libvirt.c (virDomainBlockRebase): Document it.
      * tools/virsh-domain.c (opts_block_copy, blockJobImpl): Add
      --blockdev option.
      * tools/virsh.pod (blockcopy): Document it.
      * src/qemu/qemu_driver.c (qemuDomainBlockRebase): Allow new flag.
      (qemuDomainBlockCopy): Remember the flag, and make sure it is only
      used on actual block devices.
      * tests/qemuxml2argvdata/qemuxml2argv-disk-mirror.xml: Test it.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      b7e73585
    • E
      blockjob: add new --bytes flag to virsh blockjob · 1105c1de
      Eric Blake 提交于
      Expose the new flag just added to virDomainGetBlockJobInfo.
      With --raw, the presence or absence of --bytes determines which
      flag to use in the single API call.  Without --raw, the use of
      --bytes forces an error if the server doesn't support it,
      otherwise, the code tries to silently fall back to scaling the
      MiB/s value.
      
      My goal is to eventually also support --bytes in bandwidth mode;
      but that's a bit further down the road (and needs a new API flag
      added in libvirt.h first).
      
      This changes the human output, but the previous patch added
      raw output precisely so that we can have flexibility with the
      human output.  For this commit, I used qemu-monitor-command to
      force an unusual bandwidth, but the same will be possible once
      qemu implements virDomainBlockCopy:
      
      Before:
      Block Copy: [100 %]    Bandwidth limit: 2 MiB/s
      After:
      Block Copy: [100 %]    Bandwidth limit: 1048577 bytes/s (1.000 MiB/s)
      
      The cache avoids having to repeatedly checking whether the flag
      works when talking to an older server, when multiple blockjob
      commands are issued during a batch session and the user is
      manually polling for job completion.
      
      * tools/virsh.h (_vshControl): Add a cache.
      * tools/virsh.c (cmdConnect, vshReconnect): Initialize the cache.
      * tools/virsh-domain.c (opts_block_job): Add --bytes.
      * tools/virsh.pod (blockjob): Document this.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      1105c1de
    • E
      blockjob: add new --raw flag to virsh blockjob · 2019b7ca
      Eric Blake 提交于
      The current output of 'blockjob [--info]' is a single line
      designed for human consumption; it's not very nice for machine
      parsing.  Furthermore, I have plans to modify the line in
      response to the new flag for controlling bandwidth units.
      Solve that by adding a --raw parameter, which outputs
      information closer to the C struct.
      
      $ virsh blockjob testvm1 vda --raw
       type=Block Copy
       bandwidth=1
       cur=197120
       end=197120
      
      The information is indented, because I'd like for a later patch
      to add a mode that iterates over all the vm's disks with status
      for each; in that mode, each block name would be listed unindented
      before information (if any) about that block.
      
      Now that we have a raw mode, we can guarantee that it won't change
      format over time.  Any app that cares about parsing the output can
      try --raw, and if it fails, know that it was talking to an older
      virsh and fall back to parsing the human-readable format which had
      not changed until now; meanwhile, when not using --raw, we have
      freed future virsh to change the output to whatever makes sense.
      
      My first change to human mode: this command now guarantees a line
      is printed on successful use of the API, even when the API did
      not find a current block job (consistent with the rest of virsh).
      
      Bonus: https://bugzilla.redhat.com/show_bug.cgi?id=1135441
      complained that this message was confusing:
      
      $ virsh blockjob test1 hda  --async --bandwidth 10
      error: conflict between --abort, --info, and --bandwidth modes
      
      even though the man page already documents that --async implies
      abort mode, all because '--abort' wasn't present in the command
      line.  Since I'm adding another case where options are tied
      to or imply a mode, I changed that error to:
      
      error: conflict between abort, info, and bandwidth modes
      
      * tools/virsh-domain.c (cmdBlockJob): Add --raw parameter; tweak
      error wording.
      * tools/virsh.pod (blockjob): Document it.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      2019b7ca
    • E
      blockjob: split up virsh blockjob info · c47f6aad
      Eric Blake 提交于
      I have plans to make future enhancements to the job list mode,
      which will be easier to do if the common blockJobImpl function
      is not mixing a query command with multiple modify commands.
      Besides, it just feels weird that all callers to blockJobImpl
      had to supply both a bandwidth input argument (unused for info
      mode) and an info output argument (unused for all other modes);
      not to mention I just made similar cleanups on the libvirtd
      side.
      
      The only reason blockJobImpl returned int was because of info
      mode returning -1/0/1 (all other job API are -1/0), so that
      can also be cleaned up.  No user-visible changes in this commit.
      
      * tools/virsh-domain.c (blockJobImpl): Change signature and return
      value.  Drop info handling.
      (cmdBlockJob): Handle info here.
      (cmdBlockCommit, cmdBlockCopy, cmdBlockPull): Adjust callers.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      c47f6aad
    • E
      blockjob: allow finer bandwidth tuning for query · db33cc24
      Eric Blake 提交于
      While reviewing the new virDomainBlockCopy API, Peter Krempa
      pointed out that our existing design of using MiB/s for block
      job bandwidth is rather coarse, especially since qemu tracks
      it in bytes/s; so virDomainBlockCopy only accepts bytes/s.
      But once the new API is implemented for qemu, we will be in
      the situation where it is possible to set a value that cannot
      be accurately reflected back to the user, because the existing
      virDomainGetBlockJobInfo defaults to the coarser units.
      
      Fortunately, we have an escape hatch; and one that has already
      served us well in the past: we can use the flags argument to
      specify which scale to use (see virDomainBlockResize for prior
      art).  This patch fixes the query side of the API; made easier
      by previous patches that split the query side out from the
      modification code.  Later patches will address the virsh
      interface, as well retrofitting all other blockjob APIs to
      also accept a flag for toggling bandwidth units.
      
      * include/libvirt/libvirt.h.in (_virDomainBlockJobInfo)
      (VIR_DOMAIN_BLOCK_COPY_BANDWIDTH): Document sizing issues.
      (virDomainBlockJobInfoFlags): New enum.
      * src/libvirt.c (virDomainGetBlockJobInfo): Document new flag.
      * src/qemu/qemu_monitor.h (qemuMonitorBlockJobInfo): Add parameter.
      * src/qemu/qemu_monitor.c (qemuMonitorBlockJobInfo): Likewise.
      * src/qemu/qemu_monitor_json.h (qemuMonitorJSONBlockJobInfo):
      Likewise.
      * src/qemu/qemu_monitor_json.c (qemuMonitorJSONBlockJobInfo)
      (qemuMonitorJSONGetBlockJobInfoOne): Likewise. Don't scale here.
      * src/qemu/qemu_migration.c (qemuMigrationDriveMirror): Update
      callers.
      * src/qemu/qemu_driver.c (qemuDomainBlockPivot)
      (qemuDomainBlockJobImpl): Likewise.
      (qemuDomainGetBlockJobInfo): Likewise, and support new flag.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      db33cc24
    • E
      blockjob: add new monitor json conversions · fcbeb2e9
      Eric Blake 提交于
      The previous patch hoisted some bounds checks to the callers;
      but someone that is not aware of the hoisted check could now
      try passing an integer between LLONG_MAX and ULLONG_MAX.  As a
      safety measure, add new json conversion modes that let libvirt
      error out early instead of pass bad numbers to qemu, if the
      caller ever makes a mistake due to later refactoring.
      
      Convert the various blockjob QMP calls to use the new modes,
      and switch some of them to be optional (QMP has always supported
      an omitted "speed" the same as "speed":0, for everything except
      block-job-set-speed).
      
      * src/qemu/qemu_monitor_json.c (qemuMonitorJSONMakeCommandRaw):
      Add 'j'/'y' and 'J'/'Y' to error out on negative input.
      (qemuMonitorJSONDriveMirror, qemuMonitorJSONBlockCommit)
      (qemuMonitorJSONBlockJob): Use it.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      fcbeb2e9
    • E
      blockjob: hoist bandwidth scaling out of monitor code · 08cc14f7
      Eric Blake 提交于
      qemu treats blockjob bandwidth as a 64-bit number, in the units
      of bytes/second.  But we stupidly modeled block job bandwidth
      after migration bandwidth, which in turn was an 'unsigned long'
      and therefore subject to 32-bit vs. 64-bit interpretations, and
      with a scale of MiB/s.  Our code already has to convert between
      the two scales, and report overflow as appropriate; although
      this conversion currently lives in the monitor code.  In fact,
      our conversion code limited things to 63 bits, because we
      checked against LLONG_MAX and reject what would be negative
      bandwidth if treated as signed.
      
      On the bright side, our use of MiB/s means that even with a
      32-bit unsigned long, we still have no problem representing a
      bandwidth of 2GiB/s, which is starting to be more feasible as
      10-gigabit or even faster interfaces are used.  And once you
      get past the physical speeds of existing interfaces, any larger
      bandwidth number behaves the same - effectively unlimited.
      But on the low side, the granularity of 1MiB/s tuning is rather
      coarse.  So the new virDomainBlockJob API decided to go with
      a direct 64-bit bytes/sec number instead of the scaled number
      that prior blockjob APIs had used.  But there is no point in
      rounding this number to MiB/s just to scale it back to bytes/s
      for handing to qemu.
      
      In order to make future code sharing possible between the old
      virDomainBlockRebase and the new virDomainBlockCopy, this patch
      moves the scaling and overflow detection into the driver code.
      Several of the block job calls that can set speed are fed
      through a common interface, so it was easier to adjust all block
      jobs at once, for consistency.  This patch is just code motion;
      there should be no user-visible change in behavior.
      
      * src/qemu/qemu_monitor.h (qemuMonitorBlockJob)
      (qemuMonitorBlockCommit, qemuMonitorDriveMirror): Change
      parameter type and scale.
      * src/qemu/qemu_monitor.c (qemuMonitorBlockJob)
      (qemuMonitorBlockCommit, qemuMonitorDriveMirror): Move scaling
      and overflow detection...
      * src/qemu/qemu_driver.c (qemuDomainBlockJobImpl)
      (qemuDomainBlockRebase, qemuDomainBlockCommit): ...here.
      (qemuDomainBlockCopy): Use bytes/sec.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      08cc14f7
    • E
      blockjob: split out block info monitor handling · ced81365
      Eric Blake 提交于
      Another layer of overly-multiplexed code that deserves to be
      split into obviously separate paths for query vs. modify.
      This continues the cleanup started in commit cefe0ba3.
      
      In the process, make some tweaks to simplify the logic when
      parsing the JSON reply.  There should be no user-visible
      semantic changes.
      
      * src/qemu/qemu_monitor.h (qemuMonitorBlockJob): Drop parameter.
      (qemuMonitorBlockJobInfo): New prototype.
      (BLOCK_JOB_INFO): Drop enum.
      * src/qemu/qemu_monitor_json.h (qemuMonitorJSONBlockJob)
      (qemuMonitorJSONBlockJobInfo): Likewise.
      * src/qemu/qemu_monitor.c (qemuMonitorBlockJob): Split...
      (qemuMonitorBlockJobInfo): ...into second function.
      * src/qemu/qemu_monitor_json.c (qemuMonitorJSONBlockJob): Move
      block info portions...
      (qemuMonitorJSONGetBlockJobInfo): ...here, and rename...
      (qemuMonitorJSONBlockJobInfo): ...and export.
      (qemuMonitorJSONGetBlockJobInfoOne): Alter return semantics.
      * src/qemu/qemu_driver.c (qemuDomainBlockPivot)
      (qemuDomainBlockJobImpl, qemuDomainGetBlockJobInfo): Adjust
      callers.
      * src/qemu/qemu_migration.c (qemuMigrationDriveMirror)
      (qemuMigrationCancelDriveMirror): Likewise.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      ced81365
  4. 05 9月, 2014 9 次提交
    • J
      Don't include non-migratable features in host-model · de0aeafe
      Ján Tomko 提交于
      Commit fba6bc47 introduced support for the 'invtsc' feature,
      which blocks migration. We should not include it in the
      host-model CPU by default, because it's intended to be used
      with migration.
      
      https://bugzilla.redhat.com/show_bug.cgi?id=1138221
      de0aeafe
    • M
      tests: Add test cases for previous commit · 36cc189a
      Michal Privoznik 提交于
      This commit is rather big. Firstly, the in memory config
      representation is adjusted like if security_driver was set to "none".
      The rest is then just adaptation to the new code that will generate
      different seclabels.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      36cc189a
    • M
      conf: Fix even implicit labels · d869a6ea
      Michal Privoznik 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=1027096#c8
      
      There are two ways in which security model can make it way into
      <seclabel/>. One is as the @model attribute, the second one is
      via security_driver knob in qemu.conf. Then, while parsing
      <seclabel/> several checks and fix ups of old, stale combinations
      are performed. However, iff @model is specified. They are not
      done in the latter case. So it's still possible to feed libvirt
      with senseless combinations (if qemu.conf is adjusted correctly).
      
      One example of a seclabel that needs some adjustment (in case
      security_driver=none in qemu.conf) is:
      
          <seclabel type='dynamic' relabel='yes'/>
      
      The fixup code is copied from virSecurityLabelDefParseXML
      (covering the former case) into virSecurityLabelDefsParseXML
      (which handles the latter case).
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      d869a6ea
    • E
      blockjob: split out block info driver handling · cefe0ba3
      Eric Blake 提交于
      The qemu implementation for virDomainGetBlockJobInfo() has a
      minor bug: it grabs the qemu job with intent to QEMU_JOB_MODIFY,
      which means it cannot be run in parallel with any other
      domain-modifying command.  Among others, virDomainBlockJobAbort()
      is such a modifying command, and it defaults to being
      synchronous, and can wait as long as several seconds to ensure
      that the job has actually finished.  Due to the job rules, this
      means a user cannot obtain status about the job during that
      timeframe, even though we know that some client management code
      exists which is using a polling loop on status to see when a job
      finishes.
      
      This bug has been present ever since blockpull support was first
      introduced (commit b976165c, v0.9.4 in Jul 2011), all because we
      stupidly tried to cram too much multiplexing through a single
      helper routine, but was made worse in 97c59b9c (v1.2.7) when
      BlockJobAbort was fixed to wait longer.  It's time to disentangle
      some of the mess in qemuDomainBlockJobImpl, and in the process
      relax block job query to use QEMU_JOB_QUERY, since it can safely
      be used in parallel with any long running modify command.
      
      Technically, there is one case where getting block job info can
      modify domain XML - we do snooping to see if a 2-phase job has
      transitioned into the second phase, for an optimization in the
      case of old qemu that lacked an event for the transition.  I
      claim this optimization is safe (the jobs are all about modifying
      qemu state, not necessarily xml state); but if it proves to be
      a problem, we could use the difference between the capabilities
      QEMU_CAPS_BLOCKJOB_{ASYNC,SYNC} to determine whether we even
      need snooping, and only request a modifying job in the case of
      older qemu.
      
      * src/qemu/qemu_driver.c (qemuDomainBlockJobImpl): Move info
      handling...
      (qemuDomainGetBlockJobInfo): ...here, and relax job type.
      (qemuDomainBlockJobAbort, qemuDomainBlockJobSetSpeed)
      (qemuDomainBlockRebase, qemuDomainBlockPull): Adjust callers.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      cefe0ba3
    • E
      blockjob: shuffle block rebase code · 02d2bd7d
      Eric Blake 提交于
      The existing virDomainBlockRebase code rejected the combination of
      _RELATIVE and _COPY flags, but only by accident.  It makes sense
      to add support for the combination someday, at least for the case
      of _SHALLOW and not _REUSE_EXT; but to implement it, libvirt would
      have to pre-create the file with a relative backing name, and I'm
      not ready to code that in yet.
      
      Meanwhile, the code to forward on to the block copy code is getting
      longer, and reorganizing the function to have the block pull done
      early makes it easier to add even more block copy prep code.
      
      This patch should have no semantic difference other than the quality
      of the error message on the unsupported flag combination.  Pre-patch:
      
      error: unsupported flags (0x10) in function qemuDomainBlockCopy
      
      Post-patch:
      
      error: argument unsupported: Relative backing during copy not supported yet
      
      * src/qemu/qemu_driver.c (qemuDomainBlockRebase): Reorder code,
      and improve error message of relative copy.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      02d2bd7d
    • E
      maint: tighten curly brace syntax checking · bc7e63d3
      Eric Blake 提交于
      Now that hanging brace offenders have been fixed, we can automate
      the check, and document our style.  Done as a separate commit from
      code changes, to make it easier to just backport code changes, if
      that is ever needed.
      
      * cfg.mk (sc_curly_braces_style): Catch hanging braces.
      * docs/hacking.html.in: Document it.
      * HACKING: Regenerate.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      bc7e63d3
    • E
      maint: use hanging curly braces · 625e04a8
      Eric Blake 提交于
      Our style overwhelmingly uses hanging braces (the open brace
      hangs at the end of the compound condition, rather than on
      its own line), with the primary exception of the top level function
      body.  Fix the few remaining outliers, before adding a syntax
      check in a later patch.
      
      * src/interface/interface_backend_netcf.c (netcfStateReload)
      (netcfInterfaceClose, netcf_to_vir_err): Correct use of { in
      compound statement.
      * src/conf/domain_conf.c (virDomainHostdevDefFormatSubsys)
      (virDomainHostdevDefFormatCaps): Likewise.
      * src/network/bridge_driver.c (networkAllocateActualDevice):
      Likewise.
      * src/util/virfile.c (virBuildPathInternal): Likewise.
      * src/util/virnetdev.c (virNetDevGetVirtualFunctions): Likewise.
      * src/util/virnetdevmacvlan.c
      (virNetDevMacVLanVPortProfileCallback): Likewise.
      * src/util/virtypedparam.c (virTypedParameterAssign): Likewise.
      * src/util/virutil.c (virGetWin32DirectoryRoot)
      (virFileWaitForDevices): Likewise.
      * src/vbox/vbox_common.c (vboxDumpNetwork): Likewise.
      * tests/seclabeltest.c (main): Likewise.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      625e04a8
    • E
      maint: enforce previous if-else {} cleanups · 143cfa8e
      Eric Blake 提交于
      Done as a separate commit in case earlier cleanups are backported
      independently.
      
      * cfg.mk (sc_require_space_before_label): New rule.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      143cfa8e
    • E
      maint: use consistent if-else braces in remaining spots · d194d6e7
      Eric Blake 提交于
      I'm about to add a syntax check that enforces our documented
      HACKING style of always using matching {} on if-else statements.
      
      This patch focuses on all remaining problems, where there weren't
      enough issues to warrant splitting it further.
      
      * src/remote/remote_driver.c (doRemoteOpen): Correct use of {}.
      * src/security/virt-aa-helper.c (vah_add_path, valid_path, main):
      Likewise.
      * src/rpc/virnetsocket.c (virNetSocketNewConnectLibSSH2):
      Likewise.
      * src/esx/esx_vi_types.c (esxVI_Type_FromString): Likewise.
      * src/uml/uml_driver.c (umlDomainDetachDevice): Likewise.
      * src/util/viralloc.c (virShrinkN): Likewise.
      * src/util/virbuffer.c (virBufferURIEncodeString): Likewise.
      * src/util/virdbus.c (virDBusCall): Likewise.
      * src/util/virnetdev.c (virNetDevValidateConfig): Likewise.
      * src/util/virnetdevvportprofile.c
      (virNetDevVPortProfileGetNthParent): Likewise.
      * src/util/virpci.c (virPCIDeviceIterDevices)
      (virPCIDeviceWaitForCleanup)
      (virPCIDeviceIsBehindSwitchLackingACS): Likewise.
      * src/util/virsocketaddr.c (virSocketAddrGetNumNetmaskBits):
      Likewise.
      * src/util/viruri.c (virURIParseParams): Likewise.
      * daemon/stream.c (daemonStreamHandleAbort): Likewise.
      * tests/testutils.c (virtTestResult): Likewise.
      * tests/cputest.c (cpuTestBaseline): Likewise.
      * tools/virsh-domain.c (cmdDomPMSuspend): Likewise.
      * tools/virsh-host.c (cmdNodeSuspend): Likewise.
      * src/esx/esx_vi_generator.py (Type.generate_typefromstring):
      Tweak generated code.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      d194d6e7
  5. 04 9月, 2014 12 次提交
    • E
      maint: use consistent if-else braces in lxc, vbox, phyp · 279b1b10
      Eric Blake 提交于
      I'm about to add a syntax check that enforces our documented
      HACKING style of always using matching {} on if-else statements.
      
      This patch focuses on drivers that had several issues.
      
      * src/lxc/lxc_fuse.c (lxcProcGetattr, lxcProcReadMeminfo): Correct
      use of {}.
      * src/lxc/lxc_driver.c (lxcDomainMergeBlkioDevice): Likewise.
      * src/phyp/phyp_driver.c (phypConnectNumOfDomainsGeneric)
      (phypUUIDTable_Init, openSSHSession, phypStoragePoolListVolumes)
      (phypConnectListStoragePools, phypDomainSetVcpusFlags)
      (phypStorageVolGetXMLDesc, phypStoragePoolGetXMLDesc)
      (phypConnectListDefinedDomains): Likewise.
      * src/vbox/vbox_common.c (vboxAttachSound, vboxDumpDisplay)
      (vboxDomainRevertToSnapshot, vboxDomainSnapshotDelete): Likewise.
      * src/vbox/vbox_tmpl.c (vboxStorageVolGetXMLDesc): Likewise.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      279b1b10
    • E
      maint: use consistent if-else braces in xen and friends · fb6d6507
      Eric Blake 提交于
      I'm about to add a syntax check that enforces our documented
      HACKING style of always using matching {} on if-else statements.
      
      This patch focuses on code related to xen.
      
      * src/libxl/libxl_conf.c (libxlCapsInitGuests)
      (libxlMakeDomBuildInfo): Correct use of {}.
      * src/xen/xen_hypervisor.c (virXen_getvcpusinfo)
      (xenHypervisorMakeCapabilitiesInternal): Likewise.
      * src/xen/xend_internal.c (xenDaemonOpen)
      (xenDaemonDomainMigratePerform, xend_detect_config_version)
      (xenDaemonDetachDeviceFlags, xenDaemonDomainMigratePerform)
      (xenDaemonDomainBlockPeek): Likewise.
      * src/xenapi/xenapi_driver.c (xenapiConnectListDomains)
      (xenapiDomainLookupByUUID, xenapiDomainGetOSType): Likewise.
      * src/xenconfig/xen_common.c (xenParseCPUFeatures, xenFormatNet):
      Likewise.
      * src/xenconfig/xen_sxpr.c (xenParseSxpr, xenFormatSxprNet)
      (xenFormatSxpr): Likewise.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      fb6d6507
    • E
      maint: use consistent if-else braces in qemu · 44e30277
      Eric Blake 提交于
      I'm about to add a syntax check that enforces our documented
      HACKING style of always using matching {} on if-else statements.
      
      This commit focuses on the qemu driver.
      
      * src/qemu/qemu_command.c (qemuParseISCSIString)
      (qemuParseCommandLineDisk, qemuParseCommandLine)
      (qemuBuildSmpArgStr, qemuBuildCommandLine)
      (qemuParseCommandLineDisk, qemuParseCommandLineSmp): Correct use
      of {}.
      * src/qemu/qemu_capabilities.c (virQEMUCapsProbeCPUModels):
      Likewise.
      * src/qemu/qemu_driver.c (qemuDomainCoreDumpWithFormat)
      (qemuDomainRestoreFlags, qemuDomainGetInfo)
      (qemuDomainMergeBlkioDevice): Likewise.
      * src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
      * src/qemu/qemu_monitor_text.c (qemuMonitorTextCreateSnapshot)
      (qemuMonitorTextLoadSnapshot, qemuMonitorTextDeleteSnapshot):
      Likewise.
      * src/qemu/qemu_process.c (qemuProcessStop): Likewise.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      44e30277
    • E
      maint: use consistent if-else braces in conf and friends · ff78ff7c
      Eric Blake 提交于
      I'm about to add a syntax check that enforces our documented
      HACKING style of always using matching {} on if-else statements.
      
      This patch focuses on code shared between multiple drivers.
      
      * src/conf/domain_conf.c (virDomainFSDefParseXML)
      (virSysinfoParseXML, virDomainNetDefParseXML)
      (virDomainWatchdogDefParseXML)
      (virDomainRedirFilterUSBDevDefParseXML): Correct use of {}.
      * src/conf/interface_conf.c (virInterfaceDefParseDhcp)
      (virInterfaceDefParseIp, virInterfaceVlanDefFormat)
      (virInterfaceDefParseStartMode, virInterfaceDefParseBondMode)
      (virInterfaceDefParseBondMiiCarrier)
      (virInterfaceDefParseBondArpValid): Likewise.
      * src/conf/node_device_conf.c (virNodeDevCapStorageParseXML):
      Likewise.
      * src/conf/nwfilter_conf.c (virNWFilterRuleDetailsParse)
      (virNWFilterRuleParse, virNWFilterDefParseXML): Likewise.
      * src/conf/secret_conf.c (secretXMLParseNode): Likewise.
      * src/cpu/cpu_x86.c (x86Baseline, x86FeatureLoad, x86ModelLoad):
      Likewise.
      * src/network/bridge_driver.c (networkKillDaemon)
      (networkDnsmasqConfContents): Likewise.
      * src/node_device/node_device_hal.c (dev_refresh): Likewise.
      * src/nwfilter/nwfilter_gentech_driver.c (virNWFilterInstantiate):
      Likewise.
      * src/nwfilter/nwfilter_ebiptables_driver.c
      (_iptablesCreateRuleInstance): Likewise.
      * src/storage/storage_backend_disk.c
      (virStorageBackendDiskBuildPool): Likewise.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      ff78ff7c
    • C
      LXC: add HOME environment variable · 3020594a
      Chen Hanxiao 提交于
      We lacked of HOME environment variable,
      set 'HOME=/' as default.
      
      The kernel sets up $HOME for the init process.
      Therefore any init can assume that $HOME is set.
      libvirt currently violates that implicit rule.
      Signed-off-by: NChen Hanxiao <chenhanxiao@cn.fujitsu.com>
      Signed-off-by: NEric Blake <eblake@redhat.com>
      3020594a
    • F
      apparmor: allow reading cap_last_cap · 2311e5c4
      Felix Geyer 提交于
      libcap-ng >= 0.7.4 fails when it can't read /sys/kernel/cap_last_cap
      and thus running a qemu guest fails.
      
      Allow reading cap_last_cap in the libvirt-qemu apparmor abstraction.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      2311e5c4
    • G
    • G
      security: fix DH key generation when FIPS mode is on · ab220967
      Giuseppe Scrivano 提交于
      When FIPS mode is on, gnutls_dh_params_generate2 will fail if 1024 is
      specified as the prime's number of bits, a bigger value works in both
      cases.
      Signed-off-by: NGiuseppe Scrivano <gscrivan@redhat.com>
      ab220967
    • W
      lxc_container: Resolve Coverity RESOURCE_LEAK · 5bb47e0c
      Wang Rui 提交于
      Memory is allocated for 'mnt_src' by VIR_STRDUP in the loop. Next
      loop it will be allocated again. So we need to free 'mnt_src'
      before continue the loop.
      Signed-off-by: NWang Rui <moon.wangrui@huawei.com>
      5bb47e0c
    • W
      vircgroup: Resolve Coverity RESOURCE_LEAK · d01a062b
      Wang Rui 提交于
      Need to free 'root' and 'opts' before 'return -1' if symlink fails.
      Signed-off-by: NWang Rui <moon.wangrui@huawei.com>
      d01a062b
    • W
      qemu_process: Resolve Coverity RESOURCE_LEAK · 4f2ad084
      Wang Rui 提交于
      If virSecurityManagerClearSocketLabel() fails, 'agent' won't
      be freed before jumping to cleanup.
      Signed-off-by: NWang Rui <moon.wangrui@huawei.com>
      4f2ad084
    • W
      remote: Resolve Coverity RESOURCE_LEAK · 3bd46c81
      Wang Rui 提交于
      Need to free 'uri_out' on error path.
      Signed-off-by: NWang Rui <moon.wangrui@huawei.com>
      3bd46c81