1. 06 3月, 2012 3 次提交
    • L
      conf: add device pointer to args of virDomainDeviceInfoIterate callback · 2f925c65
      Laine Stump 提交于
      There will be cases where the iterator callback will need to know the
      type of the device whose info is being operated on, and possibly even
      need to use some of the device's config. This patch adds a
      virDomainDeviceDefPtr to the args of every callback, and fills it in
      appropriately as the devices are iterated through.
      2f925c65
    • L
      conf: reorder static functions in domain_conf.c · fdad9c34
      Laine Stump 提交于
      No code change, movement only.  This is necessary to eliminate forward
      references.
      fdad9c34
    • L
      conf: add missing device types to virDomainDevice(Type|Def) · 9890b318
      Laine Stump 提交于
      Not all device types were represented in virDomainDeviceType, so some
      types of devices couldn't be represented in a virDomainDeviceDef
      (which requires a different type of pointer in the union for each
      different kind of device).
      
      Since serial, parallel, channel, and console devices are all
      virDomainChrDef, and the virDomainDeviceType is never used to produce
      a string from the type (and only used in the other direction
      internally to code, never to produce XML), I only added one "CHR"
      type, which is associated with "virDomainChrDefPtr chr" in the union.
      9890b318
  2. 28 2月, 2012 4 次提交
  3. 21 2月, 2012 1 次提交
    • C
      caps: Improve error if passed an unknown arch · e1ecba46
      Cole Robinson 提交于
      Previously we would have:
      
      "os type 'hvm' & arch 'idontexist' combination is not supported"
      
      Now we get
      
      "No guest options available for arch 'idontexist'"
      
      or if options available but guest OS type not applicable:
      
      "No os type 'xen' available for arch 'x86_64'"
      e1ecba46
  4. 16 2月, 2012 3 次提交
    • E
      snapshot: fix snapshot deletion use-after-free · 4c1c3611
      Eric Blake 提交于
      Bug introduced in commit 35abced2.  On an inactive domain,
      $ virsh snapshot-create-as dom snap
      $ virsh snapshot-create dom
      $ virsh snapshot-create dom
      $ virsh snapshot-delete --children dom snap
      could crash libvirtd, due to a use-after-free that results
      when the callback freed the current element in the iteration.
      
      * src/conf/domain_conf.c (virDomainSnapshotForEachChild)
      (virDomainSnapshotActOnDescendant): Allow iteration to delete
      current child.
      4c1c3611
    • A
      network: support Open vSwitch · df810046
      Ansis Atteka 提交于
      This patch allows libvirt to add interfaces to already
      existing Open vSwitch bridges. The following syntax in
      domain XML file can be used:
      
          <interface type='bridge'>
            <mac address='52:54:00:d0:3f:f2'/>
            <source bridge='ovsbr'/>
            <virtualport type='openvswitch'>
              <parameters interfaceid='921a80cd-e6de-5a2e-db9c-ab27f15a6e1d'/>
            </virtualport>
            <address type='pci' domain='0x0000' bus='0x00'
                                slot='0x03' function='0x0'/>
          </interface>
      
      or if libvirt should auto-generate the interfaceid use
      following syntax:
      
          <interface type='bridge'>
            <mac address='52:54:00:d0:3f:f2'/>
            <source bridge='ovsbr'/>
            <virtualport type='openvswitch'>
            </virtualport>
            <address type='pci' domain='0x0000' bus='0x00'
                                slot='0x03' function='0x0'/>
          </interface>
      
      It is also possible to pass an optional profileid. To do that
      use following syntax:
      
         <interface type='bridge'>
           <source bridge='ovsbr'/>
           <mac address='00:55:1a:65:a2:8d'/>
           <virtualport type='openvswitch'>
             <parameters interfaceid='921a80cd-e6de-5a2e-db9c-ab27f15a6e1d'
                         profileid='test-profile'/>
           </virtualport>
         </interface>
      
      To create Open vSwitch bridge install Open vSwitch and
      run the following command:
      
          ovs-vsctl add-br ovsbr
      df810046
    • L
      conf: rename virDomainNetGetActualDirectVirtPortProfile · 9368465f
      Laine Stump 提交于
      An upcoming patch will add a <virtualport> element to interfaces of
      type='bridge', so it makes sense to give this function a more generic
      name.
      9368465f
  5. 13 2月, 2012 2 次提交
  6. 10 2月, 2012 1 次提交
    • M
      domain: add implicit USB controller · 42043afc
      Marc-André Lureau 提交于
      Some tools, such as virt-manager, prefers having the default USB
      controller explicit in the XML document. This patch makes sure there
      is one. With this patch, it is now possible to switch from USB1 to
      USB2 from the release 0.9.1 of virt-manager.
      
      Fix tests to pass with this change.
      42043afc
  7. 08 2月, 2012 1 次提交
    • J
      seclabel: Do not output relabel attribute for type 'none' · f6957617
      Jiri Denemark 提交于
      Security label type 'none' requires relabel to be set to 'no' so there's
      no reason to output this extra attribute.  Moreover, since relabel is
      internally stored in a negative from (norelabel), the default value for
      relabel would be 'yes' in case there is no <seclabel> element in domain
      configuration.  In case VIR_DOMAIN_SECLABEL_DEFAULT turns into
      VIR_DOMAIN_SECLABEL_NONE, we would incorrectly output relabel='yes' for
      seclabel type 'none'.
      f6957617
  8. 07 2月, 2012 1 次提交
    • E
      seclabel: make code and RNG match · c052d8a8
      Eric Blake 提交于
      Commit b170eb99 introduced a bug: domains that had an explicit
      <seclabel type='none'/> when started would not be reparsed if
      libvirtd restarted.  It turns out that our testsuite was not
      exercising this because it never tried anything but inactive
      parsing.  Additionally, the live XML for such a domain failed
      to re-validate.  Applying just the tests/ portion of this patch
      will expose the bugs that are fixed by the other two files.
      
      * docs/schemas/domaincommon.rng (seclabel): Allow relabel under
      type='none'.
      * src/conf/domain_conf.c (virSecurityLabelDefParseXML): Per RNG,
      presence of <seclabel> with no type implies dynamic.  Don't
      require sub-elements for type='none'.
      * tests/qemuxml2xmltest.c (mymain): Add test.
      * tests/qemuxml2argvtest.c (mymain): Likewise.
      * tests/qemuxml2argvdata/qemuxml2argv-seclabel-none.xml: Add file.
      * tests/qemuxml2argvdata/qemuxml2argv-seclabel-none.args: Add file.
      Reported by Ansis Atteka.
      c052d8a8
  9. 04 2月, 2012 2 次提交
    • L
      qemu: eliminate "Ignoring open failure" when using root-squash NFS · c18a88ac
      Laine Stump 提交于
      This eliminates the warning message reported in:
      
       https://bugzilla.redhat.com/show_bug.cgi?id=624447
      
      It was caused by a failure to open an image file that is not
      accessible by root (the uid libvirtd is running as) because it's on a
      root-squash NFS share, owned by a different user, with permissions of
      660 (or maybe 600).
      
      The solution is to use virFileOpenAs() rather than open(). The
      codepath that generates the error is during qemuSetupDiskCGroup(), but
      the actual open() is in a lower-level generic function called from
      many places (virDomainDiskDefForeachPath), so some other pieces of the
      code were touched just to add dummy (or possibly useful) uid and gid
      arguments.
      
      Eliminating this warning message has the nice side effect that the
      requested operation may even succeed (which in this case isn't
      necessary, but shouldn't hurt anything either).
      c18a88ac
    • P
      virterror.c: Fix several spelling mistakes · 99d24ab2
      Philipp Hahn 提交于
      compat{a->i}bility
      erron{->e}ous
      nec{c->}essary.
      Either "the" or "a".
      Signed-off-by: NPhilipp Hahn <hahn@univention.de>
      99d24ab2
  10. 03 2月, 2012 4 次提交
    • A
      conf: Plug memory on virDomainDiskDefParseXML · d166cf76
      Alex Jia 提交于
      Detected by valgrind. Leak is introduced in commit 397e6a70.
      
      * src/conf/domain_conf.c(virDomainDiskDefParseXML): fix memory leak.
      
      How to reproduce?
      % make -C tests check TESTS=qemuxml2argvtest
      % cd tests && valgrind -v --leak-check=full ./qemuxml2argvtest
      
      * Actual result:
      
      ==16352== 4 bytes in 1 blocks are definitely lost in loss record 12 of 147
      ==16352==    at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
      ==16352==    by 0x39D90A67DD: xmlStrndup (xmlstring.c:45)
      ==16352==    by 0x4E83D5: virDomainDiskDefParseXML (domain_conf.c:2894)
      ==16352==    by 0x4F542D: virDomainDefParseXML (domain_conf.c:7626)
      ==16352==    by 0x4F8683: virDomainDefParseNode (domain_conf.c:8390)
      ==16352==    by 0x4F904E: virDomainDefParse (domain_conf.c:8340)
      ==16352==    by 0x41C626: testCompareXMLToArgvHelper (qemuxml2argvtest.c:105)
      ==16352==    by 0x41DED1: virtTestRun (testutils.c:142)
      ==16352==    by 0x418172: mymain (qemuxml2argvtest.c:486)
      ==16352==    by 0x41D5C7: virtTestMain (testutils.c:697)
      ==16352==    by 0x39CF01ECDC: (below main) (in /lib64/libc-2.12.so)
      Signed-off-by: NAlex Jia <ajia@redhat.com>
      d166cf76
    • D
      Add two new security label types · b170eb99
      Daniel P. Berrange 提交于
      Curently security labels can be of type 'dynamic' or 'static'.
      If no security label is given, then 'dynamic' is assumed. The
      current code takes advantage of this default, and avoids even
      saving <seclabel> elements with type='dynamic' to disk. This
      means if you temporarily change security driver, the guests
      can all still start.
      
      With the introduction of sVirt to LXC though, there needs to be
      a new default of 'none' to allow unconfined LXC containers.
      
      This patch introduces two new security label types
      
       - default:  the host configuration decides whether to run the
                   guest with type 'none' or 'dynamic' at guest start
       - none:     the guest will run unconfined by security policy
      
      The 'none' label type will obviously be undesirable for some
      deployments, so a new qemu.conf option allows a host admin to
      mandate confined guests. It is also possible to turn off default
      confinement
      
        security_default_confined = 1|0  (default == 1)
        security_require_confined = 1|0  (default == 0)
      
      * src/conf/domain_conf.c, src/conf/domain_conf.h: Add new
        seclabel types
      * src/security/security_manager.c, src/security/security_manager.h:
        Set default sec label types
      * src/security/security_selinux.c: Handle 'none' seclabel type
      * src/qemu/qemu.conf, src/qemu/qemu_conf.c, src/qemu/qemu_conf.h,
        src/qemu/libvirtd_qemu.aug: New security config options
      * src/qemu/qemu_driver.c: Tell security driver about default
        config
      b170eb99
    • D
      Re-add domain device seclabel parsing / formatting · 87c39f0e
      Daniel P. Berrange 提交于
      This re-introduces parsing & formatting for per device seclabels.
      There is a new virDomainDeviceSeclabelPtr struct and corresponding
      APIs for parsing/formatting.
      87c39f0e
    • D
      Revert changes to sec label parsing · ae6135bf
      Daniel P. Berrange 提交于
      Revert parsing changes:
      
        commit 302fe95f
        Author: Eric Blake <eblake@redhat.com>
        Date:   Wed Jan 4 16:01:24 2012 -0700
      
          seclabel: fix regression in libvirtd restart
      
        commit b4343293
        Author: Eric Blake <eblake@redhat.com>
        Date:   Thu Dec 22 17:47:50 2011 -0700
      
          seclabel: allow a seclabel override on a disk src
      
      These two commits changed the sec label parsing code so that
      the same code dealt with both the VM level sec label, and the
      per device label. Unfortunately, as we add more options to the
      VM level sec label, the logic required to use the same parsing
      code for the per device label becomes unintelligible.
      
      * src/conf/domain_conf.c: Remove support for parsing per
        device sec labels
      ae6135bf
  11. 02 2月, 2012 1 次提交
    • P
      xml: Add element <title> to allow short description of domains · b79ba838
      Peter Krempa 提交于
      This patch adds a new element <title> to the domain XML. This attribute
      can hold a short title defined by the user to ease the identification of
      domains. The title may not contain newlines and should be reasonably short.
      
       *docs/formatdomain.html.in
       *docs/schemas/domaincommon.rng
              - add schema grammar for the new element and documentation
        *src/conf/domain_conf.c
        *src/conf/domain_conf.h
              - add field to hold the new attribute
              - add code to parse and create XML with the new attribute
      b79ba838
  12. 01 2月, 2012 1 次提交
    • T
      conf: add rawio attribute to disk element of domain XML · 397e6a70
      Taku Izumi 提交于
       This patch adds a new attribute "rawio" to the "disk" element
       of domain XML. Valid values of "rawio" attribute are "yes"
       and "no".
       rawio='yes' indicates the disk is desirous of CAP_SYS_RAWIO.
      
       If you specify the following XML:
      
       <disk type='block' device='lun' rawio='yes'>
        ...
       </disk>
      
       the domain will be granted CAP_SYS_RAWIO.
       (of course, the domain have to be executed with root privilege)
      
      NOTE:
         - "rawio" attribute is only valid when device='lun'
         - At the moment, any other disks you won't use rawio can use rawio.
      Signed-off-by: NTaku Izumi <izumi.taku@jp.fujitsu.com>
      397e6a70
  13. 31 1月, 2012 5 次提交
    • L
      qemu: add "romfile" support to specify device boot ROM · 3801831c
      Laine Stump 提交于
      This patch addresses: https://bugzilla.redhat.com/show_bug.cgi?id=781562
      
      Along with the "rombar" option that controls whether or not a boot rom
      is made visible to the guest, qemu also has a "romfile" option that
      allows specifying a binary file to present as the ROM BIOS of any
      emulated or passthrough PCI device. This patch adds support for
      specifying romfile to both passthrough PCI devices, and emulated
      network devices that attach to the guest's PCI bus (just about
      everything other than ne2k_isa).
      
      One example of the usefulness of this option is described in the
      bugzilla report: 82576 sriov network adapters don't provide a ROM BIOS
      for the cards virtual functions (VF), but an image of such a ROM is
      available, and with this ROM visible to the guest, it can PXE boot.
      
      In libvirt's xml, the new option is configured like this:
      
         <hostdev>
           ...
           <rom file='/etc/fake/boot.bin'/>
           ...
         </hostdev
      
      (similarly for <interface>).
      3801831c
    • L
      qemu: (and conf) support rombar for network devices · 3284ac04
      Laine Stump 提交于
      When support for the rombar option was added, it was only added for
      PCI passthrough devices, configured with <hostdev>. The same option is
      available for any network device that is attached to the guest's PCI
      bus. This patch allows setting rombar for any PCI network device type.
      
      After adding cases to test this to qemuxml2argv-hostdev-pci-rombar.*,
      I decided to rename those files (to qemuxml2argv-pci-rom.*) to more
      accurately reflect the additional tests, and also noticed that up to
      now we've only been performing a domainschematest for that case, so I
      added the "pci-rom" test to both qemuxml2argv and qemuxml2xml (and in
      the process found some bugs whose fixes I squashed into previous
      commits of this series).
      3284ac04
    • L
      conf: relocate rombar and boot order parse/format · c01ba1a4
      Laine Stump 提交于
      Since these two items are now in the virDomainDeviceInfo struct, it
      makes sense to parse/format them in the functions written to
      parse/format that structure. Not all types of devices allow them, so
      two internal flags are added to indicate when it is appropriate to do
      so.
      
      I was lucky - only one test case needed to be re-ordered!
      c01ba1a4
    • L
      conf: put all guest-related HostdevDef data in one object · 159f4d0b
      Laine Stump 提交于
      To help consolidate the commonality between virDomainHostdevDef and
      virDomainNetDef into as few members as possible (and because I
      think it makes sense), this patch moves the rombar and bootIndex
      members into the "info" member that is common to both (and to all the
      other structs that use them).
      
      It's a bit problematic that this gives rombar and bootIndex to many
      device types that don't use them, but this is already the case for the
      master and mastertype members of virDomainDeviceInfo, and is properly
      commented as such in the definition.
      
      Note that this opens the door to supporting rombar for other devices
      that are attached to the guest PCI bus - virtio-blk-pci,
      virtio-net-pci, various other network adapters - which which have that
      capability in qemu, but previously had no support in libvirt.
      159f4d0b
    • L
      conf: remove duplicate call to VIR_FREE(info->alias) · aaa6210f
      Laine Stump 提交于
      There is another identical call 4 lines up in the same function.
      aaa6210f
  14. 28 1月, 2012 1 次提交
  15. 27 1月, 2012 1 次提交
  16. 25 1月, 2012 2 次提交
    • E
      metadata: group metadata next to description · 4d71ff45
      Eric Blake 提交于
      It's better to group all the metadata together.  This is a
      cosmetic output change; since the RNG allows interleave, it
      doesn't matter where the user stuck it on input, and an XPath
      query will find the same information when parsing the output.
      
      * src/conf/domain_conf.c (virDomainDefFormatInternal): Output
      metadata earlier.
      * docs/formatdomain.html.in: Update documentation.
      * tests/domainsnapshotxml2xmlout/metadata.xml: Update test.
      * tests/qemuxml2xmloutdata/qemuxml2xmlout-metadata.xml: Likewise.
      4d71ff45
    • Z
      Allow custom metadata in domain configuration XML · fa981fc9
      Zeeshan Ali (Khattak) 提交于
      Applications can now insert custom nodes and hierarchies into domain
      configuration XML. Although currently not enforced, applications are
      required to use their own namespaces on every custom node they insert,
      with only one top-level element per namespace.
      fa981fc9
  17. 21 1月, 2012 1 次提交
    • E
      maint: enforce use of _LAST marker · bb69630b
      Eric Blake 提交于
      When converting a linear enum to a string, we have checks in
      place in the VIR_ENUM_IMPL macro to ensure that there is one
      string for every value, which lets us quickly flag if a user
      added a value but forgot to add a counterpart string.  However,
      this only works if we use the _LAST marker.
      
      * cfg.mk (sc_require_enum_last_marker): New syntax check.
      * src/conf/domain_conf.h (virDomainSnapshotState): Add new marker.
      * src/conf/domain_conf.c (virDomainSnapshotState): Fix offender.
      * src/qemu/qemu_monitor_json.c (qemuMonitorWatchdogAction)
      (qemuMonitorIOErrorAction, qemuMonitorGraphicsAddressFamily):
      Likewise.
      * src/util/virtypedparam.c (virTypedParameter): Likewise.
      bb69630b
  18. 18 1月, 2012 2 次提交
    • D
      Add new attribute wrpolicy to <driver> element · d9e0d820
      Deepak C Shetty 提交于
      This introduces new attribute wrpolicy with only supported
      value as immediate. This will be an optional
      attribute with no defaults. This helps specify whether
      to skip the host page cache.
      
      When wrpolicy is specified, meaning when wrpolicy=immediate
      a writeback is explicitly initiated for the dirty pages in
      the host page cache as part of the guest file write operation.
      
      Usage:
      <filesystem type='mount' accessmode='passthrough'>
        <driver type='path' wrpolicy='immediate'/>
        <source dir='/export/to/guest'/>
        <target dir='mount_tag'/>
      </filesystem>
      
      Currently this only works with type='mount' for the QEMU/KVM driver.
      Signed-off-by: NDeepak C Shetty <deepakcs@linux.vnet.ibm.com>
      d9e0d820
    • M
      Fixed dumpxml of <iotune> parameters · e1eb9347
      Martin Kletzander 提交于
      The output of dumpxml for <iotune> settings was misformatted, this
      patch just adds missing newlines.
      e1eb9347
  19. 17 1月, 2012 2 次提交
    • J
      Taint domains configured with cpu mode=host-passthrough · c8506d66
      Jiri Denemark 提交于
      There are several reasons for doing this:
      
      - the CPU specification is out of libvirt's control so we cannot
        guarantee stable guest ABI
      - not every feature of a CPU may actually work as expected when
        advertised directly to a guest
      - migration between two machines with exactly the same CPU may work but
        no guarantees can be made
      - this mode is not supported and its use is at one's own risk
      c8506d66
    • J
      Add support for cpu mode attribute · f7dd3a4e
      Jiri Denemark 提交于
      The mode can be either of "custom" (default), "host-model",
      "host-passthrough". The semantics of each mode is described in the
      following examples:
      
      - guest CPU is a default model with specified topology:
          <cpu>
            <topology sockets='1' cores='2' threads='1'/>
          </cpu>
      
      - guest CPU matches selected model:
          <cpu mode='custom' match='exact'>
            <model>core2duo</model>
          </cpu>
      
      - guest CPU should be a copy of host CPU as advertised by capabilities
        XML (this is a short cut for manually copying host CPU specification
        from capabilities to domain XML):
          <cpu mode='host-model'/>
      
        In case a hypervisor does not support the exact host model, libvirt
        automatically falls back to a closest supported CPU model and
        removes/adds features to match host. This behavior can be disabled by
          <cpu mode='host-model'>
            <model fallback='forbid'/>
          </cpu>
      
      - the same as previous returned by virDomainGetXMLDesc with
        VIR_DOMAIN_XML_UPDATE_CPU flag:
          <cpu mode='host-model' match='exact'>
            <model fallback='allow'>Penryn</model>       --+
            <vendor>Intel</vendor>                         |
            <topology sockets='2' cores='4' threads='1'/>  + copied from
            <feature policy='require' name='dca'/>         | capabilities XML
            <feature policy='require' name='xtpr'/>        |
            ...                                          --+
          </cpu>
      
      - guest CPU should be exactly the same as host CPU even in the aspects
        libvirt doesn't model (such domain cannot be migrated unless both
        hosts contain exactly the same CPUs):
          <cpu mode='host-passthrough'/>
      
      - the same as previous returned by virDomainGetXMLDesc with
        VIR_DOMAIN_XML_UPDATE_CPU flag:
          <cpu mode='host-passthrough' match='minimal'>
            <model>Penryn</model>                        --+ copied from caps
            <vendor>Intel</vendor>                         | XML but doesn't
            <topology sockets='2' cores='4' threads='1'/>  | describe all
            <feature policy='require' name='dca'/>         | aspects of the
            <feature policy='require' name='xtpr'/>        | actual guest CPU
            ...                                          --+
          </cpu>
      f7dd3a4e
  20. 14 1月, 2012 2 次提交