- 11 7月, 2019 8 次提交
-
-
由 Daniel P. Berrangé 提交于
When we allow multiple instances of the driver for the same user account, using a separate root directory, we need to ensure mutual exclusion. Use a pidfile to guarantee this. In privileged libvirtd this ends up locking /var/run/libvirt/nodedev/driver.pid In unprivileged libvirtd this ends up locking /run/user/$UID/libvirt/nodedev/run/driver.pid NB, the latter can vary depending on $XDG_RUNTIME_DIR Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
When we allow multiple instances of the driver for the same user account, using a separate root directory, we need to ensure mutual exclusion. Use a pidfile to guarantee this. In privileged libvirtd this ends up locking /var/run/libvirt/storage/driver.pid In unprivileged libvirtd this ends up locking /run/user/$UID/libvirt/storage/run/driver.pid NB, the latter can vary depending on $XDG_RUNTIME_DIR Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
When we allow multiple instances of the driver for the same user account, using a separate root directory, we need to ensure mutual exclusion. Use a pidfile to guarantee this. In privileged libvirtd this ends up locking /var/run/libvirt/network/driver.pid In unprivileged libvirtd this ends up locking /run/user/$UID/libvirt/network/run/driver.pid NB, the latter can vary depending on $XDG_RUNTIME_DIR Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
When we allow multiple instances of the driver for the same user account, using a separate root directory, we need to ensure mutual exclusion. Use a pidfile to guarantee this. In privileged libvirtd this ends up locking /var/run/libvirt/secrets/driver.pid In unprivileged libvirtd this ends up locking /run/user/$UID/libvirt/secrets/run/driver.pid NB, the latter can vary depending on $XDG_RUNTIME_DIR Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
When we allow multiple instances of the driver for the same user account, using a separate root directory, we need to ensure mutual exclusion. Use a pidfile to guarantee this. In privileged libvirtd this ends up locking /var/run/libvirt/qemu/driver.pid In unprivileged libvirtd this ends up locking /run/user/$UID/libvirt/qemu/run/driver.pid NB, the latter can vary depending on $XDG_RUNTIME_DIR Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Eric Blake 提交于
We've been doing a terrible job of performing XML validation in our various API that parse XML with a corresponding schema (we started with domains back in commit dd69a14f, v1.2.12, but didn't catch all domain-related APIs, didn't document the use of the flag, and didn't cover other XML). New APIs (like checkpoints) should do the validation unconditionally, but it doesn't hurt to continue retrofitting existing APIs to at least allow the option. While there are many APIs that could be improved, this patch focuses on wiring up a new snapshot XML creation flag through all the hypervisors that support snapshots, as well as exposing it in 'virsh snapshot-create'. For 'virsh snapshot-create-as', we blindly set the flag without a command-line option, since the XML we create from the command line should generally always comply (note that validation might cause failures where it used to succeed, such as if we tighten the RNG to reject a name of '../\n'); but blindly passing the flag means we also have to add in fallback code to disable validation if the server is too old to understand the flag. Signed-off-by: NEric Blake <eblake@redhat.com> Acked-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Eric Blake 提交于
Similar to VIR_DOMAIN_DEF_PARSE_VALIDATE_SCHEMA; the next patch will put it to use with a counterpart public API flag. No need to change qemudomainsnapshotxml2xmltest to use the flag, since the testsuite already has a separate virschematest that does the same. Signed-off-by: NEric Blake <eblake@redhat.com> Acked-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Eric Blake 提交于
We no longer need to special-case xenUnified, since 1dac5fbb dropped support for that naming scheme. Signed-off-by: NEric Blake <eblake@redhat.com> Acked-by: NPeter Krempa <pkrempa@redhat.com>
-
- 10 7月, 2019 3 次提交
-
-
由 Daniel P. Berrangé 提交于
Previous commit: commit faceedaf Author: Jonathon Jongsma <jjongsma@redhat.com> Date: Tue Jun 18 11:13:12 2019 -0500 src/vz: use #pragma once in headers accidentally chomped the "#" in a "#define" when re-indenting Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
Support for the modern CPU_ALLOC macros was added 10 years ago in commit a73cd93b Author: Daniel P. Berrange <berrange@redhat.com> Date: Mon Nov 16 16:08:29 2009 +0000 Alternate CPU affinity impl to cope with NR_CPUS > 1024 This is long enough that we can assume it always exists and drop the back compat code. Reviewed-by: NMartin Kletzander <mkletzan@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
The previously added AMD SEV doc was not linked from anywhere on the website. Address this by introducing a new "Knowledge base" section that can hold task oriented guide to various features. Moving the SEV, disk locking and secure usage guides under this section. Reviewed-by: NEric Blake <eblake@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
- 09 7月, 2019 26 次提交
-
-
由 Eric Blake 提交于
Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Continuous integration caught that although 'make syntax-check' was sufficient to let me be aware that I had to change bhyve to use s/virDomainShutdownEnsureACL/virDomainShutdownFlagsEnsureACL/, it was not sufficient to note which ACL functions require 2 vs. 3 arguments for flag validation. Fixes: eded8aadSigned-off-by: NEric Blake <eblake@redhat.com>
-
由 Michal Privoznik 提交于
The @oldDef variable in libxlAddDom0() is not used really. Drop it. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Eric Blake 提交于
Even though we don't accept any flags, it is unfriendly to callers that use the modern API to have to fall back to the flag-free API. Note that virDomainBlockStats does not trivially forward to virDomainBlockStatsFlags, so that one is omitted for now. Signed-off-by: NEric Blake <eblake@redhat.com> Acked-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Eric Blake 提交于
Even though we don't accept any flags, it is unfriendly to callers that use the modern API to have to fall back to the flag-free API. Signed-off-by: NEric Blake <eblake@redhat.com> Acked-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Eric Blake 提交于
Even though we don't accept any flags, it is unfriendly to callers that use the modern API to have to fall back to the flag-free API. Signed-off-by: NEric Blake <eblake@redhat.com> Acked-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Eric Blake 提交于
Even though we don't accept any flags, it is unfriendly to callers that use the modern API to have to fall back to the flag-free API. Signed-off-by: NEric Blake <eblake@redhat.com> Acked-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Andrea Bolognani 提交于
When only geteuid() is mocked, the test crashes on Debian 10. Fatal: failed to reset uid: No such file or directory Program received signal SIGABRT, Aborted. __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) t a a bt Thread 1 (Thread 0x7ffff3b3e080 (LWP 12003)): #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 #1 0x00007ffff7798535 in __GI_abort () at abort.c:79 #2 0x00007ffff485ca20 in _gcry_logv (level=level@entry=40, fmt=fmt@entry=0x7ffff4929126 "failed to reset uid: %s\n", arg_ptr=arg_ptr@entry=0x7fffffffe4a0) at ../../src/misc.c:142 #3 0x00007ffff485cd61 in _gcry_log_fatal (fmt=fmt@entry=0x7ffff4929126 "failed to reset uid: %s\n") at ../../src/misc.c:218 #4 0x00007ffff48639d1 in lock_pool_pages (n=<optimized out>, p=<optimized out>) at ../../src/secmem.c:340 #5 _gcry_secmem_init_internal (n=<optimized out>) at ../../src/secmem.c:563 #6 0x00007ffff4863d78 in _gcry_secmem_init (n=4096) at ../../src/secmem.c:581 #7 0x00007ffff485e4e6 in _gcry_vcontrol (cmd=<optimized out>, arg_ptr=arg_ptr@entry=0x7fffffffe5e0) at ../../src/global.c:506 #8 0x00007ffff485a789 in gcry_control (cmd=cmd@entry=GCRYCTL_INIT_SECMEM) at ../../src/visibility.c:79 #9 0x00007ffff71af10f in ssh_crypto_init () at ./src/libgcrypt.c:621 #10 0x00007ffff7193796 in _ssh_init (constructor=constructor@entry=1) at ./src/init.c:79 #11 0x00007ffff71834de in libssh_constructor () at ./src/init.c:116 #12 0x00007ffff7fe437a in call_init (l=<optimized out>, argc=argc@entry=1, argv=argv@entry=0x7fffffffe778, env=env@entry=0x7fffffffe788) at dl-init.c:72 #13 0x00007ffff7fe4476 in call_init (env=0x7fffffffe788, argv=0x7fffffffe778, argc=1, l=<optimized out>) at dl-init.c:30 #14 _dl_init (main_map=0x7ffff7ffe190, argc=1, argv=0x7fffffffe778, env=0x7fffffffe788) at dl-init.c:119 #15 0x00007ffff7fd60ca in _dl_start_user () from /lib64/ld-linux-x86-64.so.2 #16 0x0000000000000001 in ?? () #17 0x00007fffffffea26 in ?? () #18 0x0000000000000000 in ?? () Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Liu Dayu 提交于
virsh snapshot-create-as supports 'file' storage type in --diskspec by default. But it doesn't support 'block' storage type in the virshParseSnapshotDiskspec(). So if a snapshot on a block device (e.g. LV) was created, the type of current running storage source in dumpxml is inconsistent with the actual backend storage source. It will check file-system type mismatch failed and return an error message of 'Migration without shared storage is unsafe' when VM performs a live migration after this snapshot. Considering virsh has to be able to work remotely that recognizing a block device by prefix /dev/ or by stat() may be not suitable, so adding a "stype" field for the --diskspec string which will be either "file" or "block". e.g. --diskspec vda,snapshot=external,driver=qcow2,stype=block,file=/dev/xxx. Signed-off-by: NLiu Dayu <liu.dayu@zte.com.cn> Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Peter Krempa 提交于
Commit 2f1c9099 forgot this change. Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Peter Krempa 提交于
Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
There are no users any more. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
The files are now completely unused. Remove them. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
It's the only place where it's used. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
It's the only place where it's used. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
The 'error' label just returned -1. Inline it. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Now that we no longer support sexpr conversion to the internal config we can drop the test. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
We've dropped old xend support over a year ago. At this point we can also drop support for parsing very old configs. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
That's the only file using the helper function. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Use new coding style to merge the only use of xenFormatSxprSound into the caller. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
It's no longer used. Remove the dead code. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
The test was the only place calling 'xenFormatSxpr'. Drop it as there are no other users of that code since we've dropped xend support in commit 1dac5fbb. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Eric Blake 提交于
The docs talked about an active snapshot when they meant an active domain; they also claimed the flag was a no-op for hypervisors with no snapshot metadata even though the flag is currently rejected as unrecognized for hypervisors with no snapshot support at all. A later patch may teach more drivers to ignore the flag as a no-op, but that shouldn't conflict with the wording chosen here (since a new client talking to an old server still runs into the same issue, even if a newer server becomes more tolerant). Reported-by: NPeter Krempa <pkrempa@redhat.com> Signed-off-by: NEric Blake <eblake@redhat.com> Acked-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Eric Blake 提交于
Make it obvious that the domainsnapshotxml2xml test is only run when compiling in support for qemu. Suggested-by: NPeter Krempa <pkrempa@redhat.com> Signed-off-by: NEric Blake <eblake@redhat.com> Acked-by: NPeter Krempa <pkrempa@redhat.com>
-
- 08 7月, 2019 3 次提交
-
-
由 Daniel P. Berrangé 提交于
The virConnectGetType() method has an unfortunate signature, returning a static string that must not be freed by the caller. The remote driver, however, gets this string dynamically over an RPC call, which raised a design discussion on the mailing list. Eventually the problem was resolved by having the remote driver cache the returned string internally and free it when the connection was closed. The link to the mailing list is thus talking about a problem that does not actually exist in the final implementation, and at best serves to confuse the reader into thinking there might be a memory leak. Reviewed-by: NJán Tomko <jtomko@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1692296#c7 This is a counterpart for ddc72f99 and implements the same check for coldplug. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
由 Daniel P. Berrangé 提交于
Neither the sasl_client_init or sasl_server_init methods are even remotely threadsafe. They do a bunch of one-time initialization and merely use a simple integer counter to avoid repeated work, not even using atomic increment/reads on the counter. This can easily race in a threaded program. Protect the calls using a virOnce initializer function which is guaranteed threadsafe at least from libvirt's POV. If the application using libvirt also uses another library that makes use of SASL then the race still exists. It is impossible to fix that fully except in SASL code itself. Reviewed-by: NMichal Privoznik <mprivozn@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-