- 15 11月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
The src/lxc/veth.c file contains APIs for managing veth devices, but some of the APIs duplicate stuff from src/util/virnetdev.h. Delete thed duplicate APIs and rename the remaining ones to follow virNetDevVethXXXX * src/lxc/veth.c, src/lxc/veth.h: Rename APIs & delete duplicates * src/lxc/lxc_container.c, src/lxc/lxc_controller.c, src/lxc/lxc_driver.c: Update for API renaming
-
- 03 11月, 2011 3 次提交
-
-
由 Eric Blake 提交于
Based on a Coverity report - the return value of waitpid() should always be checked, to avoid problems with leaking resources. * src/lxc/lxc_controller.c (lxcControllerRun): Use simpler virPidAbort.
-
由 Daniel P. Berrange 提交于
Currently the LXC controller only supports setup of a single text console. This is wired up to the container init's stdio, as well as /dev/console and /dev/tty1. Extending support for multiple consoles, means wiring up additional PTYs to /dev/tty2, /dev/tty3, etc, etc. The LXC controller is passed multiple open file handles, one for each console requested. * src/lxc/lxc_container.c, src/lxc/lxc_container.h: Wire up all the /dev/ttyN links required to symlink to /dev/pts/NN * src/lxc/lxc_container.h: Open more container side /dev/pts/NN devices, and adapt event loop to handle I/O from all consoles * src/lxc/lxc_driver.c: Setup multiple host side PTYs
-
由 Daniel P. Berrange 提交于
The current I/O code for LXC uses a hand crafted event loop to forward I/O between the container & host app, based on epoll to handle EOF on PTYs. This event loop is not easily extensible to add more consoles, or monitor other types of file descriptors. Remove the custom event loop and replace it with a normal libvirt event loop. When detecting EOF on a PTY, disable the event watch on that FD, and fork off a background thread that does a edge-triggered epoll() on the FD. When the FD finally shows new incoming data, the thread re-enables the watch on the FD and exits. When getting EOF from a read() on the PTY, the existing code would do waitpid(WNOHANG) to see if the container had exited. Unfortunately there is a race condition, because even though the process has closed its stdio handles, it might still exist. To deal with this the new event loop uses a SIG_CHILD handler to perform the waitpid only when the container is known to have actually exited. * src/lxc/lxc_controller.c: Rewrite the event loop to use the standard APIs.
-
- 27 10月, 2011 2 次提交
-
-
由 Peter Krempa 提交于
Previous commit clears number of items alocated in lxcSetupLoopDevices if VIR_REALLOC_N fails. In that case, the pointer is not NULL, and causes leaking FDs that have been allocated. * src/lxc/lxc_controller.c: revert zeroing array size
-
由 Alex Jia 提交于
If the function lxcSetupLoopDevices(def, &nloopDevs, &loopDevs) failed, the variable loopDevs will keep a initial NULL value, however, the function VIR_FORCE_CLOSE(loopDevs[i]) will directly deref it. This patch also fixes returning a bogous number of devices from lxcSetupLoopDevices on an error path. * rc/lxc/lxc_controller.c: fixed a null pointer dereference. Signed-off-by: NAlex Jia <ajia@redhat.com>
-
- 20 10月, 2011 1 次提交
-
-
由 Serge E. Hallyn 提交于
The glibc ones (intentionally) cannot handle ptys opened in a devpts not mounted at /dev/pts. Drop the (un-exported, unused) virFileOpenTtyAt. Signed-off-by: NSerge Hallyn <serge.hallyn@canonical.com> Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 13 10月, 2011 1 次提交
-
-
由 Serge E. Hallyn 提交于
s/Mouting/Mounting. Signed-off-by: NSerge Hallyn <serge.hallyn@canonical.com>
-
- 08 10月, 2011 1 次提交
-
-
由 Eric Blake 提交于
Detected by Coverity. We want to increment the size_t counter, not the pointer to the counter. Bug present since 5f5c6fde (0.9.5). * src/lxc/lxc_controller.c (lxcSetupLoopDevices): Use correct precedence.
-
- 16 9月, 2011 1 次提交
-
-
由 Peter Krempa 提交于
/usr/lib/stdlib.h in Mac OS X and probably also in BSD's exports this symbol :(
-
- 13 8月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
The functions for manipulating pidfiles are in util/util.{c,h}. We will shortly be adding some further pidfile related functions. To avoid further growing util.c, this moves the pidfile related functions into a dedicated virpidfile.{c,h}. The functions are also all renamed to have 'virPidFile' as their name prefix * util/util.h, util/util.c: Remove all pidfile code * util/virpidfile.c, util/virpidfile.h: Add new APIs for pidfile handling. * lxc/lxc_controller.c, lxc/lxc_driver.c, network/bridge_driver.c, qemu/qemu_process.c: Add virpidfile.h include and adapt for API renames
-
- 08 8月, 2011 3 次提交
-
-
由 Daniel P. Berrange 提交于
A previous commit gave the LXC driver the ability to mount block devices for the container filesystem. Through use of the loopback device functionality, we can build on this to support use of plain file images for LXC filesytems. By setting the LO_FLAGS_AUTOCLEAR flag we can ensure that the loop device automatically disappears when the container dies / shuts down * src/lxc/lxc_container.c: Raise error if we see a file based filesystem, since it should have been turned into a loopback device already * src/lxc/lxc_controller.c: Rewrite any filesystems of type=file, into type=block, by binding the file image to a free loop device
-
由 Daniel P. Berrange 提交于
* src/lxc/lxc_controller.c: s/PYT/PTY/
-
由 Daniel P. Berrange 提交于
Currently the LXC driver can only populate filesystems from host filesystems, using bind mounts. This patch allows host block devices to be mounted. It autodetects the filesystem format at mount time, and adds the block device to the cgroups ACL. Example usage is <filesystem type='block' accessmode='passthrough'> <source dev='/dev/sda1'/> <target dir='/home'/> </filesystem> * src/lxc/lxc_container.c: Mount block device filesystems * src/lxc/lxc_controller.c: Add block device filesystems to cgroups ACL
-
- 26 7月, 2011 1 次提交
-
-
由 Laine Stump 提交于
Although most functions in libvirt return 0 on success and < 0 on failure, there are a few functions lingering around that return errno (a positive value) on failure, and sometimes code calling those functions incorrectly assumes the <0 standard. I noticed one of these the other day when auditing networkStartDhcpDaemon after Guido Gunther found a place where success was improperly returned on failure (that patch has been acked and is pending a push). The problem was that it expected the return value from virFileReadPid to be < 0 on failure, but it was actually positive (it was also neglected to set the return code in this case, similar to the bug found by Guido). This all led to the fact that *all* of the virFile*Pid functions in util.c are returning errno on failure. This patch remedies that problem by changing them all to return -errno on failure, and makes any necessary changes to callers of the functions. (In the meantime, I also properly set the return code on failure of virFileReadPid in networkStartDhcpDaemon).
-
- 22 7月, 2011 1 次提交
-
-
由 Eric Blake 提交于
In preparation for a future patch adding new virFile APIs. * src/util/files.h, src/util/files.c: Move... * src/util/virfile.h, src/util/virfile.c: ...here, and rename functions to virFile prefix. Macro names are intentionally left alone. * *.c: All '#include "files.h"' uses changed. * src/Makefile.am (UTIL_SOURCES): Reflect rename. * cfg.mk (exclude_file_name_regexp--sc_prohibit_close): Likewise. * src/libvirt_private.syms: Likewise. * docs/hacking.html.in: Likewise. * HACKING: Regenerate.
-
- 12 7月, 2011 1 次提交
-
-
由 Matthias Bolte 提交于
The drivers were accepting domain configs without checking if those were actually meant for them. For example the LXC driver happily accepts configs with type QEMU. Add a check for the expected domain types to the virDomainDefParse* functions.
-
- 06 7月, 2011 1 次提交
-
-
由 Matthias Bolte 提交于
Some callers expected virFileMakePath to set errno, some expected it to return an errno value. Unify this to return 0 on success and -1 on error. Set errno to report detailed error information. Also optimize virFileMakePath if stat fails with an errno different from ENOENT.
-
- 08 6月, 2011 4 次提交
-
-
由 Cole Robinson 提交于
Otherwise the following virFileMakePath will create the directory for us and fail further ahead, which probably isn't intended.
-
由 Cole Robinson 提交于
Add a handshake with the cloned container process to try and detect if it fails to start.
-
由 Cole Robinson 提交于
Add a simple handshake with the lxc_controller process so we can detect process startup failures. We do this by adding a new --handshake cli arg to lxc_controller for passing a file descriptor. If the process fails to launch, we scrape all output from the logfile and report it to the user.
-
由 Cole Robinson 提交于
We will reuse these shortly, and each use should have a different error message.
-
- 12 5月, 2011 1 次提交
-
-
由 Lai Jiangshan 提交于
These VIR_XXXX0 APIs make us confused, use the non-0-suffix APIs instead. How do these coversions works? The magic is using the gcc extension of ##. When __VA_ARGS__ is empty, "##" will swallow the "," in "fmt," to avoid compile error. example: origin after CPP high_level_api("%d", a_int) low_level_api("%d", a_int) high_level_api("a string") low_level_api("a string") About 400 conversions. 8 special conversions: VIR_XXXX0("") -> VIR_XXXX("msg") (avoid empty format) 2 conversions VIR_XXXX0(string_literal_with_%) -> VIR_XXXX(%->%%) 0 conversions VIR_XXXX0(non_string_literal) -> VIR_XXXX("%s", non_string_literal) (for security) 6 conversions Signed-off-by: NLai Jiangshan <laijs@cn.fujitsu.com>
-
- 29 3月, 2011 1 次提交
-
-
由 Osier Yang 提交于
LXC driver doesn't support vcpu affinity yet, so just need to modify it to support cpu shares.
-
- 18 3月, 2011 1 次提交
-
-
由 Nikunj A. Dadhania 提交于
* Correct the documentation for cgroup: the swap_hard_limit indicates mem+swap_hard_limit. * Change cgroup private apis to: virCgroupGet/SetMemSwapHardLimit Signed-off-by: NNikunj A. Dadhania <nikunj@linux.vnet.ibm.com>
-
- 15 3月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
The current LXC I/O controller looks for HUP to detect when a guest has quit. This isn't reliable as during initial bootup it is possible that 'init' will close the console and let mingetty re-open it. The shutdown of containers was also flakey because it only killed the libvirt I/O controller and expected container processes to gracefully follow. Change the I/O controller such that when it see HUP or an I/O error, it uses kill($PID, 0) to see if the process has really quit. Change the container shutdown sequence to use the virCgroupKillPainfully function to ensure every really goes away This change makes the use of the 'cpu', 'devices' and 'memory' cgroups controllers compulsory with LXC * docs/drvlxc.html.in: Document that certain cgroups controllers are now mandatory * src/lxc/lxc_controller.c: Check if PID is still alive before quitting on I/O error/HUP * src/lxc/lxc_driver.c: Use virCgroupKillPainfully
-
- 10 3月, 2011 1 次提交
-
-
由 Eric Blake 提交于
Adding audit points showed that we were granting too much privilege to qemu; it should not need any mknod rights to recreate any devices. On the other hand, lxc should have all device privileges. The solution is adding a flag parameter. This also lets us restrict write access to read-only disks. * src/util/cgroup.h (virCgroup*Device*): Adjust prototypes. * src/util/cgroup.c (virCgroupAllowDevice) (virCgroupAllowDeviceMajor, virCgroupAllowDevicePath) (virCgroupDenyDevice, virCgroupDenyDeviceMajor) (virCgroupDenyDevicePath): Add parameter. * src/qemu/qemu_driver.c (qemudDomainSaveFlag): Update clients. * src/lxc/lxc_controller.c (lxcSetContainerResources): Likewise. * src/qemu/qemu_cgroup.c: Likewise. (qemuSetupDiskPathAllow): Also, honor read-only disks.
-
- 24 2月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
Using the 'personality(2)' system call, we can make a container on an x86_64 host appear to be i686. Likewise for most other Linux 64bit arches. * src/lxc/lxc_conf.c: Fill in 32bit capabilities for x86_64 hosts * src/lxc/lxc_container.h, src/lxc/lxc_container.c: Add API to check if an arch has a 32bit alternative * src/lxc/lxc_controller.c: Set the process personality when starting guest
-
- 23 2月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
Normal practice for /dev/pts is to have it mode=620,gid=5 but LXC was leaving mode=000,gid=0 preventing unprivilegd users in the guest use of PTYs * src/lxc/lxc_controller.c: Fix /dev/pts setup
-
- 21 2月, 2011 1 次提交
-
-
由 Eric Blake 提交于
Done mechanically with: $ git grep -l '\bDEBUG0\? *(' | xargs -L1 sed -i 's/\bDEBUG0\? *(/VIR_&/' followed by manual deletion of qemudDebug in daemon/libvirtd.c, along with a single 'make syntax-check' fallout in the same file, and the actual deletion in src/util/logging.h. * src/util/logging.h (DEBUG, DEBUG0): Delete. * daemon/libvirtd.h (qemudDebug): Likewise. * global: Change remaining clients over to VIR_DEBUG counterpart.
-
- 09 2月, 2011 1 次提交
-
-
由 Gui Jianfeng 提交于
LXC Blkio weight configuration support. Reviewed-by: N"Nikunj A. Dadhania" <nikunj@linux.vnet.ibm.com> Signed-off-by: NGui Jianfeng <guijianfeng@cn.fujitsu.com>
-
- 18 11月, 2010 1 次提交
-
-
由 Eric Blake 提交于
Per the gettext developer: http://lists.gnu.org/archive/html/bug-gnu-utils/2010-10/msg00019.html http://lists.gnu.org/archive/html/bug-gnu-utils/2010-10/msg00021.html gettext() doesn't work correctly on all platforms unless you have called setlocale(). Furthermore, gnulib's gettext.h has provisions for setting up a default locale, which is the preferred method for libraries to use gettext without having to call textdomain() and override the main program's default domain (virInitialize already calls bindtextdomain(), but this is insufficient without the setlocale() added in this patch; and a redundant bindtextdomain() in this patch doesn't hurt, but serves as a good example for other packages that need to bind a second translation domain). This patch is needed to silence a new gnulib 'make syntax-check' rule in the next patch. * daemon/libvirtd.c (main): Setup locale and gettext. * src/lxc/lxc_controller.c (main): Likewise. * src/security/virt-aa-helper.c (main): Likewise. * src/storage/parthelper.c (main): Likewise. * tools/virsh.c (main): Fix exit status. * src/internal.h (DEFAULT_TEXT_DOMAIN): Define, for gettext.h. (_): Simplify definition accordingly. * po/POTFILES.in: Add src/storage/parthelper.c.
-
- 11 11月, 2010 1 次提交
-
-
由 Daniel P. Berrange 提交于
The /dev/console device inside the container must NOT map to the real /dev/console device node, since this allows the container control over the current host console. A fun side effect of this is that starting a container containing a real Fedora OS will kill off your X server. Remove the /dev/console node, and replace it with a symlink to the primary console TTY * src/lxc/lxc_container.c: Replace /dev/console with a symlink to /dev/pty/0 * src/lxc/lxc_controller.c: Remove /dev/console from cgroups ACL
-
- 10 11月, 2010 1 次提交
-
-
由 Stefan Berger 提交于
Using automated replacement with sed and editing I have now replaced all occurrences of close() with VIR_(FORCE_)CLOSE() except for one, of course. Some replacements were straight forward, others I needed to pay attention. I hope I payed attention in all the right places... Please have a look. This should have at least solved one more double-close error.
-
- 20 10月, 2010 1 次提交
-
-
由 Guido Günther 提交于
Debian stock kernel has CONFIG_CGROUP_MEM_RES_CTLR disabled due to the overhead [1]. Allow to start containers if the corresponding files in the cgroup filesystem are missing. This fixes Debian bug #566180 [2]. [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534964 [2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566180
-
- 13 10月, 2010 2 次提交
-
-
由 Nikunj A. Dadhania 提交于
libvirt-lxc now configures the hardlimit, softlimit and swaplimit, if specified in the domain xml file or picks up the defaults.
-
由 Nikunj A. Dadhania 提交于
Adding parsing code for memory tunables in the domain xml file also change the internal define structures used for domain memory informations Adds a new specific test
-
- 30 7月, 2010 1 次提交
-
-
由 Ryota Ozaki 提交于
Previously, the functions in src/lxc/veth.c could sometimes return positive values on failure rather than -1. This made accurate error reporting difficult, and led to one failure to catch an error in a calling function. This patch makes all the functions in veth.c consistently return 0 on success, and -1 on failure. It also fixes up the callers to the veth.c functions where necessary. Note that this patch may be related to the bug: https://bugzilla.redhat.com/show_bug.cgi?id=607496. It will not fix the bug, but should unveil what happens. * po/POTFILES.in - add veth.c, which previously had no translatable strings * src/lxc/lxc_controller.c * src/lxc/lxc_container.c * src/lxc/lxc_driver.c - fixup callers to veth.c, and remove error logs, as they are now done in veth.c * src/lxc/veth.c - make all functions consistently return -1 on error. * src/lxc/veth.h - use ATTRIBUTE_NONNULL to protect against NULL args.
-
- 23 7月, 2010 1 次提交
-
-
由 Ryota Ozaki 提交于
Init process may remain after sending SIGTERM for some reason. For example, if original init program is used, it is definitely not killed by SIGTERM. * src/lxc/lxc_controller.c: kill with SIGKILL if SIGTERM wasn't sufficient
-
- 29 6月, 2010 1 次提交
-
-
由 Ryota Ozaki 提交于
The message is actually not of error but of debugging. 02:22:56.091: error : lxcControllerMain:316 : monitor=3 client=4 appPty=19 contPty=7
-