- 08 8月, 2013 2 次提交
-
-
由 Daniel P. Berrange 提交于
The code added to validate CA certificates did not take into account the possibility that the cacert.pem file can contain multiple (concatenated) cert data blocks. Extend the code for loading CA certs to use the gnutls APIs for loading cert lists. Add test cases to check that multi-level trees of certs will validate correctly. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Eric Blake 提交于
Commit 3d0e3c1a reintroduced a problem previously squelched in commit 7e5aa78d. Add a syntax check this time around. util/virutil.c: In function 'virGetGroupList': util/virutil.c:1015: error: 'for' loop initial declaration used outside C99 mode * cfg.mk (sc_prohibit_loop_var_decl): New rule. * src/util/virutil.c (virGetGroupList): Fix offender. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 07 8月, 2013 8 次提交
-
-
由 Ján Tomko 提交于
Before, missing attributes were only OK when adding entries; modification and deletion required all of them. Now, only deletion works with missing attributes, as long as the host is uniquely identified.
-
由 Guannan Ren 提交于
Go through disks of guest, if one disk doesn't exist or its backing chain is broken, with 'optional' startupPolicy, for CDROM and Floppy we only discard its source path definition in xml, for disks we drop it from disk list and free it.
-
由 Guannan Ren 提交于
Add startupPolicy attribute for harddisk with type "file", "block" and "dir". 'requisite' is not supported currently for harddisk.
-
由 Stefan Berger 提交于
Since iptables version 1.4.16 '-m state --state NEW' is converted to '-m conntrack --ctstate NEW'. Therefore, when encountering this or later versions of iptables use '-m conntrack --ctstate'. Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
-
由 Guido Günther 提交于
The change from initgroups to virGetGroupList/setgroups in cab36cfe71ba83b71e536ba5c98e596f02b697b0 dropped the primary group from processes group list iff the passed in group to virGetGroupList differs from the user's primary group. So always include the primary group to bring back the old behaviour. Debian has the kvm group as primary group but uses libvirt-qemu:libvirt-qemu as user:group to run the kvm process so without this change the /dev/kvm is inaccessible.
-
由 Stefan Bader 提交于
Since commit 95e18efd most public interfaces (xenUnified...) obtain a virDomainDefPtr via xenGetDomainDefFor...() which take the unified lock. This is already taken before calling xenDomainUsedCpus(), so we get a deadlock for active guests. Avoid this by splitting up xenUnifiedDomainGetVcpusFlags() and xenUnifiedDomainGetVcpus() into public and private function calls (which get the virDomainDefPtr passed) and use those in xenDomainUsedCpus(). xenDomainUsedCpus ... nb_vcpu = xenUnifiedDomainGetMaxVcpus(dom); return xenUnifiedDomainGetVcpusFlags(...) ... if (!(def = xenGetDomainDefForDom(dom))) return xenGetDomainDefForUUID(dom->conn, dom->uuid); ... ret = xenHypervisorLookupDomainByUUID(conn, uuid); ... xenUnifiedLock(priv); name = xenStoreDomainGetName(conn, id); xenUnifiedUnlock(priv); ... if ((ncpus = xenUnifiedDomainGetVcpus(dom, cpuinfo, nb_vcpu, ... if (!(def = xenGetDomainDefForDom(dom))) [again like above] Signed-off-by: NStefan Bader <stefan.bader@canonical.com>
-
由 Laine Stump 提交于
This patch addresses two concerns with the error reporting when an incompatible PCI address is specified for a device: 1) It wasn't always apparent which device had the problem. With this patch applied, any error about an incompatible address will always contain the full address as given in the config, so it will be easier to determine which device's config aused the problem. 2) In some cases when the problem came from bad config, the error message was erroneously classified as VIR_ERR_INTERNAL_ERROR. With this patch applied, the same error message will be changed to indicate either "internal" or "xml" error depending on whether the address came from the config, or was automatically generated by libvirt. Note that in the case of "internal" (due to bad auto-generation) errors, the PCI address won't be of much use in finding the location in config to change (because it was automatically generated). Of course that makes perfect sense, but still the address could provide a clue about a bug in libvirt attempting to use a type of pci bus that doesn't have its flags set correctly (or something similar). In other words, it's not perfect, but it is definitely better.
-
由 Laine Stump 提交于
q35 machines have an implicit ahci (sata) controller at 00:1F.2 which has no "id" associated with it. For this reason, we can't refer to it as "ahci0". Instead, we don't give an id on the commandline, which qemu interprets as "use the first ahci controller". We then need to specify the unit with "unit=%d" rather than adding it onto the bus arg.
-
- 06 8月, 2013 7 次提交
-
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=979477 Since 1.0.3 we are using the new way to copy non shared storage during migration (the NBD way). However, whether the new or old way is used is not controllable by user but unconditionally turned on if both sides of migration support it. Moreover, the implementation is not complete: the combination for VIR_MIGRATE_TUNNELLED flag is missing (as we need to open new port on the destination) in which case we just error out. This is a deadly combination: not letting users choose their destiny and erroring out. We should not do that but VIR_WARN and turn the NBD off instead.
-
由 Laine Stump 提交于
We had been setting the device alias in the devinceinfo for pci controllers to "pci%u", but then hardcoding "pci.%u" when creating the device address for other devices using that pci bus. This all worked just fine until we encountered the built-in "pcie.0" bus (the PCIe root complex) in Q35 machines. In order to create the correct commandline for this one case, this patch: 1) sets the alias for PCI controllers correctly, to "pci.%u" (or "pcie.%u" for the pcie-root controller) 2) eliminates the hardcoded "pci.%u" for pci controllers when generatuing device address strings, and instead uses the controller's alias. 3) plumbs a pointer to the virDomainDef all the way down to qemuBuildDeviceAddressStr. This was necessary in order to make the aliase of the controller *used by a device* available (previously qemuBuildDeviceAddressStr only had the deviceinfo of the device itself, *not* of the controller it was connecting to). This made for a larger than desired diff, but at least in the future we won't have to do it again, since all the information we could possibly ever need for future enhancements is in the virDomainDef. (right?) This should be done for *all* controllers, but for now we just do it in the case of PCI controllers, to reduce the likelyhood of regression.
-
由 Laine Stump 提交于
This patch adds in special handling for a few devices that need to be treated differently for q35 domains: usb - there is no implicit/default usb controller for the q35 machinetype. This is done because normally the default usb controller is added to a domain by just adding "-usb" to the qemu commandline, and it's assumed that this will add a single piix3 usb1 controller at slot 1 function 2. That's not what happens when the machinetype is q35, though. Instead, adding -usb to the commandline adds 3 usb (version 2) controllers to the domain at slot 0x1D.{1,2,7}. Rather than having <controller type='usb' index='0'/> translate into 3 separate devices on the PCI bus, it's cleaner to not automatically add a default usb device; one can always be added explicitly if desired. Or we may decide that on q35 machines, 3 usb controllers will be automatically added when none is given. But for this initial commit, at least we aren't locking ourselves into something we later won't want. video - qemu always initializes the primary video device immediately after any integrated devices for the machinetype. Unless instructed otherwise (by using "-device vga..." instead of "-vga" which libvirt uses in many cases to work around deficiencies and bugs in various qemu versions) qemu will always pick the first unused slot. In the case of the "pc" machinetype and its derivatives, this is always slot 2, but on q35 machinetypes, the first free slot is slot 1 (since the q35's integrated peripheral devices are placed in other slots, e.g. slot 0x1f). In order to make the PCI address of the video device predictable, that slot (1 or 2, depending on machinetype) is reserved even when no video device has been specified. sata - a q35 machine always has a sata controller implicitly added at slot 0x1F, function 2. There is no way to avoid this controller, so we always add it. Note that the xml2xml tests for the pcie-root and q35 cases were changed to use DO_TEST_DIFFERENT() so that we can check for the sata controller being automatically added. This is especially important because we can't check for it in the xml2argv output (it has no effect on that output since it's an implicit device). ide - q35 has no ide controllers. isa and smbus controllers - these two are always present in a q35 (at slot 0x1F functions 0 and 3) but we have no way of modelling them in our config. We do need to reserve those functions so that the user doesn't attempt to put anything else there though. (note that the "pc" machine type also has an ISA controller, which we also ignore).
-
由 Laine Stump 提交于
This PCI controller, named "dmi-to-pci-bridge" in the libvirt config, and implemented with qemu's "i82801b11-bridge" device, connects to a PCI Express slot (e.g. one of the slots provided by the pcie-root controller, aka "pcie.0" on the qemu commandline), and provides 31 *non-hot-pluggable* PCI (*not* PCIe) slots, numbered 1-31. Any time a machine is defined which has a pcie-root controller (i.e. any q35-based machinetype), libvirt will automatically add a dmi-to-pci-bridge controller if one doesn't exist, and also add a pci-bridge controller. The reasoning here is that any useful domain will have either an immediate (startup time) or eventual (subsequent hot-plug) need for a standard PCI slot; since the pcie-root controller only provides PCIe slots, we need to connect a dmi-to-pci-bridge controller to it in order to get a non-hot-plug PCI slot that we can then use to connect a pci-bridge - the slots provided by the pci-bridge will be both standard PCI and hot-pluggable. Since pci-bridge devices themselves can not be hot-plugged into a running system (although you can hot-plug other devices into a pci-bridge's slots), any new pci-bridge controller that is added can (and will) be plugged into the dmi-to-pci-bridge as long as it has empty slots available. This patch is also changing the qemuxml2xml-pcie test from a "DO_TEST" to a "DO_DIFFERENT_TEST". This is so that the "before" xml can omit the automatically added dmi-to-pci-bridge and pci-bridge devices, and the "after" xml can include it - this way we are testing if libvirt is properly adding these devices.
-
由 Laine Stump 提交于
This controller is implicit on q35 machinetypes. It provides 31 PCIe (*not* PCI) slots as controller 0. Currently there are no devices that can connect to pcie-root, and no implicit pci controller on a q35 machine, so q35 is still unusable. For a usable q35 system, we need to add a "dmi-to-pci-bridge" pci controller, which can connect to pcie-root, and provides standard pci slots that can be used to connect other devices.
-
由 Laine Stump 提交于
Previous refactoring of the guest PCI address reservation/allocation code allowed for slot types other than basic PCI (e.g. PCI express, non-hotpluggable slots, etc) but would not auto-allocate a slot for a device that required any type other than a basic hot-pluggable PCI slot. This patch refactors the code to be aware of different slot types during auto-allocation of addresses as well - as long as there is an empty slot of the required type, it will be found and used. The piece that *wasn't* added is that we don't auto-create a new PCI bus when needed for anything except basic PCI devices. This is because there are multiple different types of controllers that can provide, for example, a PCI express slot (in addition to the pcie-root controller, these can also be found on a "root-port" or on a "downstream-switch-port"). Since we currently don't support any PCIe devices (except pending support for dmi-to-pci-bridge), we can defer any decision on what to do about this.
-
由 Jim Fehlig 提交于
Commit 632180d1 introduced memory corruption in xenDaemonListDefinedDomains by starting to populate the names array at index -1, causing all sorts of havoc in libvirtd such as aborts like the following *** Error in `/usr/sbin/libvirtd': double free or corruption (out): 0x00007fffe00ccf20 *** ======= Backtrace: ========= /lib64/libc.so.6(+0x7abf6)[0x7ffff3fa0bf6] /lib64/libc.so.6(+0x7b973)[0x7ffff3fa1973] /lib64/libc.so.6(xdr_array+0xde)[0x7ffff403cbae] /usr/sbin/libvirtd(+0x50251)[0x5555555a4251] /lib64/libc.so.6(xdr_free+0x15)[0x7ffff403ccd5] /usr/lib64/libvirt.so.0(+0x1fad34)[0x7ffff76b1d34] /usr/lib64/libvirt.so.0(virNetServerProgramDispatch+0x1fc)[0x7ffff76b16f1] /usr/lib64/libvirt.so.0(+0x1f214a)[0x7ffff76a914a] /usr/lib64/libvirt.so.0(+0x1f222d)[0x7ffff76a922d] /usr/lib64/libvirt.so.0(+0xbcc4f)[0x7ffff7573c4f] /usr/lib64/libvirt.so.0(+0xbc5e5)[0x7ffff75735e5] /lib64/libpthread.so.0(+0x7e0f)[0x7ffff48f7e0f] /lib64/libc.so.6(clone+0x6d)[0x7ffff400e7dd] Fix by initializing ret to 0 and only setting to error on failure path.
-
- 05 8月, 2013 2 次提交
-
-
由 Michal Privoznik 提交于
This configuration knob lets user to set the length of queue of connection requests waiting to be accept()-ed by the daemon. IOW, it just controls the @backlog passed to listen: int listen(int sockfd, int backlog);
-
由 Michal Privoznik 提交于
Currently, even if max_client limit is hit, we accept() incoming connection request, but close it immediately. This has disadvantage of not using listen() queue. We should accept() only those clients we know we can serve and let all other wait in the (limited) queue.
-
- 04 8月, 2013 3 次提交
-
-
由 Laine Stump 提交于
* The functions qemuDomainPCIAddressReserveAddr and qemuDomainPCIAddressReserveSlot were very similar (and should have been more similar) and were about to get more code added to them which would create even more duplicated code, so this patch gives qemuDomainPCIAddressReserveAddr a "reserveEntireSlot" arg, then replaces the body of qemuDomainPCIAddressReserveSlot with a call to qemuDomainPCIAddressReserveAddr. You will notice that addrs->lastaddr was previously set in qemuDomainPCIAddressReserveAddr (but *not* set in qemuDomainPCIAddressReserveSlot). For consistency and cleanliness of code, that bit was removed and put into the one caller of qemuDomainPCIAddressReserveAddr (there is a similar place where the caller of qemuDomainPCIAddressReserveSlot sets lastaddr). This does guarantee identical functionality to pre-patch code, but in practice isn't really critical, because lastaddr is just keeping track of where to start when looking for a free slot - if it isn't updated, we will just start looking on a slot that's already occupied, then skip up to one that isn't. * qemuCollectPCIAddress was essentially doing the same thing as qemuDomainPCIAddressReserveAddr, but with some extra special case checking at the beginning. The duplicate code has been replaced with a call to qemuDomainPCIAddressReserveAddr. This required adding a "fromConfig" boolean, which is only used to change the log error code from VIR_ERR_INTERNAL_ERROR (when the address was auto-generated by libvirt) to VIR_ERR_XML_ERROR (when the address is coming from the config); without this differentiation, it would be difficult to tell if an error was caused by something wrong in libvirt's auto-allocate code or just bad config. * the bit of code in qemuDomainPCIAddressValidate that checks the connect type flags is going to be used in a couple more places where we don't need to also check the slot limits (because we're generating the slot number ourselves), so that has been pulled out into a separate qemuDomainPCIAddressFlagsCompatible function.
-
由 Laine Stump 提交于
* qemuDomainPCIAddressSetNextAddr The name of this function was confusing because 1) other functions in the file that end in "Addr" are only operating on a single function of one PCI slot, not the entire slot, while functions that do something with the entire slot end in "Slot", and 2) it didn't contain a verb describing what it is doing (the "Set" refers to the set that contains all PCI buses in the system, used to keep track of which slots in which buses are already reserved for use). It is now renamed to qemuDomainPCIAddressReserveNextSlot, which more clearly describes what it is doing. Arguably, it could have been changed to qemuDomainPCIAddressSetReserveNextSlot, but 1) the word "set" is confusing in this context because it could be intended as a verb or as a noun, and 2) most other functions that operate on a single slot or address within this set are also named qemuDomainPCIAddress... rather than qemuDomainPCIAddressSet... Only the Create, Free, and Grow functions for an address set (which modify the entire set, not just one element) use "Set" in their name. * qemuPCIAddressAsString, qemuPCIAddressValidate All the other functions in this set are named qemuDomainPCIAddressxxxxx, so I renamed these to be consistent.
-
由 Laine Stump 提交于
The parser shouldn't be doing arch-specific things like adding in implicit controllers to the config. This should instead be done in the hypervisor's post-parse callback. This patch removes the auto-add of a usb controller from the domain parser, and puts it into the qemu driver's post-parse callback (just as is already done with the auto-add of the pci-root controller). In the future, any machine/arch that shouldn't have a default usb controller added should just set addDefaultUSB = false in this function. We've recently seen that q35 and ARMV7L domains shouldn't get a default USB controller, so I've set addDefaultUSB to false for both of those.
-
- 02 8月, 2013 4 次提交
-
-
由 Daniel P. Berrange 提交于
If upgrading from a libvirt that is older than 1.0.5, we can not assume that vm->def->resource is non-NULL. This bogus assumption caused libvirtd to crash Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The journald code would crash if a NULL was passed for the filename / funcname in the logging code. This shouldn't happen in general, but it is better to be safe, since there have been bugs triggering this. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The virLibConnError macros in libvirt-lxc.c and libvirt-qemu.c were passing NULL for the filename. This causes a crash if the logging code is configured to use journald. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Roman Bogorodskiy 提交于
* Move platform specific things (e.g. firewalling and route collision checks) into bridge_driver_platform * Create two platform specific implementations: - bridge_driver_linux: Linux implementation using iptables, it's actually the code moved from bridge_driver.c - bridge_driver_nop: dumb implementation that does nothing Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 01 8月, 2013 8 次提交
-
-
由 Guannan Ren 提交于
For disk with startupPolicy support, such as cdrom and floppy when its chain is broken, the startup policy will apply, otherwise, report an error.
-
由 Guannan Ren 提交于
*src/util/virstoragefile.c: Add a helper function to get the first name of missing backing files, if the name is NULL, it means the diskchain is not broken. *src/qemu/qemu_domain.c: qemuDiskChainCheckBroken(disk) to check if its chain is broken
-
由 Guannan Ren 提交于
Refactor this function to make it focus on disk presence checking, including diskchain checking, and not only for CDROM and Floppy. This change is good for the following patches.
-
由 Stefan Bader 提交于
The virDomainDef is allocated by the caller and also used after calling to xenDaemonCreateXML. So it must not get freed by the callee. Signed-off-by: NStefan Bader <stefan.bader@canonical.com>
-
由 Daniel P. Berrange 提交于
Make the virCgroupNewMachine method try to use systemd-machined first. If that fails, then fallback to using the traditional cgroup setup code path. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
When systemd is involved in managing processes, it may start killing off & tearing down croups associated with the process while we're still doing virCgroupKillPainfully. We must explicitly check for ENOENT and treat it as if we had finished killing processes Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Systemd uses a named cgroup mount for tracking processes. Add it as another type of controller, albeit one which we have to special case in a number of places. In particular we must never create/delete directories there, nor add tasks. Essentially the systemd mount is to be considered read-only for libvirt. With this change both the virCgroupDetectPlacement and virCgroupCopyPlacement methods must be invoked. The copy placement method will copy setup for resource controllers only. The detect placement method will probe for any named controllers, or resource controllers not already setup. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
There are some interesting escaping rules to consider when dealing with systemd slice/scope names. Thus it is helpful to have APIs for formatting names Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 31 7月, 2013 6 次提交
-
-
由 Peter Krempa 提交于
Most APIs in libvirt report errors, thus no need to state that explicitly.
-
由 Peter Krempa 提交于
To allow testing of the cpu updater function, this function needs to be available separately. Export it from qemu_agent.c where it should belong.
-
由 Peter Krempa 提交于
Although this isn't apparently needed for the guest agent itself, the test I will be adding later depends on the newline as a separator of messages to process.
-
由 Peter Krempa 提交于
-
由 Ján Tomko 提交于
parentIndex is used in virNetworkDefUpdateIPDHCPRange
-
由 Bamvor Jian Zhang 提交于
this patch introduce the console api in libxl driver for both pv and hvm guest. and import and update the libxlMakeChrdevStr function which was deleted in commit dfa1e1dd. Signed-off-by: NBamvor Jian Zhang <bjzhang@suse.com>
-