- 03 9月, 2013 17 次提交
-
-
由 Peter Krempa 提交于
-
由 Michal Privoznik 提交于
Currently, kernel supports up to 8 queues for a multiqueue tap device. However, if user tries to enter a huge number (e.g. one million) the tap allocation fails, as expected. But what is not expected is the log full of warnings: warning : virFileClose:83 : Tried to close invalid fd 0 The problem is, upon error we iterate over an array of FDs (handlers to queues) and VIR_FORCE_CLOSE() over each item. However, the array is pre-filled with zeros. Hence, we repeatedly close stdin. Ouch. But there's more. The queues allocation is done in virNetDevTapCreate() which cleans up the FDs in case of error. Then, its caller, the virNetDevTapCreateInBridgePort() iterates over the FD array and tries to close them too. And so does qemuNetworkIfaceConnect() and qemuBuildInterfaceCommandLine().
-
-
由 Peter Krempa 提交于
The vshWatchJob function registers a SIGINT handler that is used to abort the active job and does not terminate virsh. Unfortunately, this breaks when using the ssh transport as SIGINT is sent to the foreground process group including the ssh transport processes which terminate. This breaks the connection and migration is left in a insane state. With this patch the terminal is modified to ignore key binding that sends SIGINT and does the handling manually. Resoves: https://bugzilla.redhat.com/show_bug.cgi?id=983348
-
由 Peter Krempa 提交于
This patch adds instrumentation to allow modification of config of the terminal in virsh and successful reset of the state afterwards. The added helpers allow to disable receiving of SIGINT when pressing the key sequence (Ctrl+C usualy). This normally sends SIGINT to the foreground process group which kills ssh processes used for transport of the data.
-
由 Doug Goldstein 提交于
According to VMWare's documentation 'cdrom-raw' is an acceptable value for deviceType for a CD-ROM drive. The documentation states that the VMX configuration for a CD-ROM deviceType is as follows: ide|scsi(n):(n).deviceType = "cdrom-raw|atapi-cdrom|cdrom-image" From the documentation it appears the following is true: - cdrom-image = Provides the ISO to the VM - atapi-cdrom = Provides a NEC emulated ATAPI CD-ROM on top of the host CD-ROM - cdrom-raw = Passthru for a host CD-ROM drive. Allows CD-R burning from within the guest. A CD-ROM prior to this patch would always provide an 'atapi-cdrom' is modeled as: <disk type='block' device='cdrom'> <source dev='/dev/scd0'/> <target dev='hda' bus='ide'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> This patch allows the 'device' attribute to be set to 'lun' for a raw acccess CD-ROM such as: <disk type='block' device='lun'> <source dev='/dev/scd0'/> <target dev='hda' bus='ide'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk>
-
由 Doug Goldstein 提交于
Sometimes a serial port might not be actually wired to a device when the user does not have the VM powered on and we should not consider this a fatal error.
-
由 Cole Robinson 提交于
Starting with qemu 1.6, the qemu-system-arm vexpress-a9 model has a hardcoded virtio-mmio transport which enables attaching all virtio devices. On the command line, we have to use virtio-XXX-device rather than virtio-XXX-pci, thankfully s390 already set the precedent here so it's fairly straight forward. At the XML level, this adds a new device address type virtio-mmio. The controller and addressing don't have any subelements at the moment because we they aren't needed for this usecase, but could be added later if needed. Add a test case for an ARM guest with one of every virtio device enabled.
-
由 Cole Robinson 提交于
Similar to the chardev bit, ARM boards depend on the old style '-net nic' for actually instantiating net devices. But we can't block out -netdev altogether since it's needed for upcoming virtio support. And add tests for working ARM XML with console, disk, and networking.
-
由 Cole Robinson 提交于
This corresponds to '-sd' and '-drive if=sd' on the qemu command line. Needed for many ARM boards which don't provide any other way to pass in storage.
-
由 Cole Robinson 提交于
-
由 Cole Robinson 提交于
QEMU ARM boards don't give us any way to explicitly wire in a -chardev, so use the old style -serial options. Unfortunately this isn't as simple as just turning off the CHARDEV flag for qemu-system-arm, as upcoming virtio support _will_ use device/chardev.
-
由 Cole Robinson 提交于
And add test cases for a basic working ARM guest.
-
由 Cole Robinson 提交于
This should be a no-op change for now.
-
由 Cole Robinson 提交于
On my machine, a guest fails to boot if it has a sound card, but not graphical device/display is configured, because pulseaudio fails to initialize since it can't access $HOME. A workaround is removing the audio device, however on ARM boards there isn't any option to do that, so -nographic always fails. Set QEMU_AUDIO_DRV=none if no <graphics> are configured. Unfortunately this has massive test suite fallout. Add a qemu.conf parameter nographics_allow_host_audio, that if enabled will pass through QEMU_AUDIO_DRV from sysconfig (similar to vnc_allow_host_audio)
-
由 Guido Günther 提交于
This gives us a RO got, otherwise Debian's lintian complains: W: libvirt-bin: hardening-no-relro usr/lib/libvirt/connection-driver/libvirt_driver_qemu.so W: libvirt-bin: hardening-no-relro usr/lib/libvirt/connection-driver/libvirt_driver_storage.so W: libvirt-bin: hardening-no-relro usr/lib/libvirt/connection-driver/libvirt_driver_uml.so W: libvirt-bin: hardening-no-relro usr/lib/libvirt/connection-driver/libvirt_driver_vbox.so W: libvirt-bin: hardening-no-relro usr/lib/libvirt/connection-driver/libvirt_driver_xen.so W: libvirt-bin: hardening-no-relro usr/lib/libvirt/connection-driver/libvirt_driver_nwfilter.so W: libvirt-bin: hardening-no-relro usr/lib/libvirt/connection-driver/libvirt_driver_storage.so W: libvirt-bin: hardening-no-relro usr/lib/libvirt/connection-driver/libvirt_driver_uml.so W: libvirt-sanlock: hardening-no-relro usr/lib/libvirt/lock-driver/sanlock.so
-
由 Guido Günther 提交于
-
- 02 9月, 2013 5 次提交
-
-
由 Fred A. Kemp 提交于
Add an attribute named 'removable' to the 'target' element of disks, which controls the removable flag. For instance, on a Linux guest it controls the value of /sys/block/$dev/removable. This option is only valid for USB disks (i.e. bus='usb'), and its default value is 'off', which is the same behaviour as before. To achieve this, 'removable=on' (or 'off') is appended to the '-device usb-storage' parameter sent to qemu when adding a USB disk via '-disk'. A capability flag QEMU_CAPS_USB_STORAGE_REMOVABLE was added to keep track if this option is supported by the qemu version used. Bug: https://bugzilla.redhat.com/show_bug.cgi?id=922495Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Fred A. Kemp 提交于
Allow use of the usb-storage device only if the new capability flag QEMU_CAPS_DEVICE_USB_STORAGE is set, which it is for qemu(-kvm) versions >= 0.12.1.2-rhel62-beta. Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Doug Goldstein 提交于
virVMXFormatHardDisk() and virVMXFormatCDROM() duplicated a lot of code from each other and made a lot of nested if checks to build each part of the VMX file. This hopefully simplifies the code path while combining the two functions with no net difference.
-
由 Daniel Veillard 提交于
* configure.ac docs/news.html.in libvirt.spec.in: update for the release * po/*.po*: merged new localizations and regenerated
-
由 John Ferlan 提交于
Remove unused 'cgroup' variable in qemuDomainAttachDeviceDiskLive() to resolve coverity DEADCODE complaint
-
- 01 9月, 2013 1 次提交
-
-
由 Hongwei Bi 提交于
When virBufferError is ok in cmdAttachDisk, the latter should 'goto cleanup', instead of returning a false to prevent memory leaking. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 31 8月, 2013 5 次提交
-
-
由 Eric Blake 提交于
Since virtlockd is only built when libvirtd is built, we should not install its auxiliary files unconditionally. This solves two failures. 1. 'make distcheck' complains: rm -f Makefile ERROR: files left in build directory after distclean: ./src/virtlockd.8 2. './autobuild.sh' complains: Checking for unpackaged file(s): /usr/lib/rpm/check-files /home/eblake/rpmbuild/BUILDROOT/mingw-libvirt-1.1.1-1.fc19.eblake1377879911.x86_64 error: Installed (but unpackaged) file(s) found: /usr/i686-w64-mingw32/sys-root/mingw/etc/libvirt/virtlockd.conf /usr/i686-w64-mingw32/sys-root/mingw/share/augeas/lenses/tests/test_virtlockd.aug /usr/i686-w64-mingw32/sys-root/mingw/share/augeas/lenses/virtlockd.aug /usr/i686-w64-mingw32/sys-root/mingw/share/man/man8/virtlockd.8 /usr/x86_64-w64-mingw32/sys-root/mingw/etc/libvirt/virtlockd.conf /usr/x86_64-w64-mingw32/sys-root/mingw/share/augeas/lenses/tests/test_virtlockd.aug /usr/x86_64-w64-mingw32/sys-root/mingw/share/augeas/lenses/virtlockd.aug /usr/x86_64-w64-mingw32/sys-root/mingw/share/man/man8/virtlockd.8 * src/Makefile.am (CLEANFILES): Add virtlockd.8. (man8_MANS, conf_DATA, augeas_DATA, augeastest_DATA): Only install virtlockd files when daemon is built. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
'make distcheck' was failing with: make[3]: Entering directory `/home/eblake/libvirt-tmp2/libvirt-1.1.1/_build/docs' perl ../../docs/genaclperms.pl ../../src/access/viraccessperm.h > ../../docs/aclperms.htmlinc /bin/sh: ../../docs/aclperms.htmlinc: Permission denied when simulating the case of a user doing a VPATH build from a read-only source tree. The culprit? BUILT_SOURCES are _always_ built, and so must NOT be built into srcdir and need not be part of the tarball. On the other hand, shipped files must never depend on files in the builddir. While it would be possible to fix the problem by generating aclperms.htmlinc into builddir, we then have the problem that we ship acl.html - we'd have to rejigger a lot of things to not ship pre-built html. So this patch goes the other direction - we don't need BUILT_SOURCES, but instead ensure that we have proper dependencies so that all files in srcdir are up-to-date at the time the tarball is created. And because we ship html files in the tarball, that implies we don't expect users to be able to rebuild them, so we must not clean any files that would trigger a rebuild except under the maintainer rules. * docs/Makefile.am (BUILT_SOURCES): Delete. (CLEANFILES): Downgrade aclperms.htmlinc cleanup... (maintainer-clean-local): ...and move hvsupport.html.in... (MAINTAINERCLEANFILES): ...to a maintainer action. (hvsupport.html.in): Write into srcdir. (hvsupport.html): Ensure files are built in order. (aclperms.htmlinc): Honor silent make. (EXTRA_DIST): Ship aclperms.htmlinc. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
With the 1.1.1 tarball, if a user does 'make && make distcheck', things pass, but if they do 'make distcheck' after 'make clean', there is an odd failure: GEN ../../docs/devhelp/index.html I/O error : Permission denied I/O error : Permission denied runtime error: file ../../docs/devhelp/devhelp.xsl line 43 element document xsltDocumentElem: unable to save to ../../docs/devhelp/libvirt-virterror.html I/O error : Permission denied I/O error : Permission denied This implies that the rules for 'make dist' are missing a dependency - the generated documentation needs to be up-to-date before creating the tarball, or else the tarball will be missing files, where the end user will end up trying to rebuild files in srcdir, and that fails when srcdir is read-only. 1.1.1 plus this patch now works without issues (other issues have crept in to 1.1.2-rc1 that prevent 'make distcheck' from working, but those will be cleaned up in later patches). * docs/Makefile.am (dist-local): New dependency. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
I noticed from an ./autobuild.sh run that we were installing a virt-login-shell.exe binary when cross-building for mingw, even though such a binary is necessarily worthless since the code depends on lxc which is a Linux-only concept. * tools/Makefile.am (conf_DATA, bin_PROGRAMS, dist_man1_MANS): Make virt-login-shell installation conditional. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Cole Robinson 提交于
vhost only works in KVM mode at the moment, and is infact compiled out if the emulator is built for non-native architecture. While it may work at some point in the future for plain qemu, for now it's just noise on the command line (and which contributes to arm cli breakage).
-
- 30 8月, 2013 4 次提交
-
-
由 Guido Günther 提交于
-
由 Daniel P. Berrange 提交于
Ubuntu libdbus.so links with -Bsymbolic-functions, which means that we can only LD_PRELOAD functions that we directly call. Functions which libdbus.so calls internally can not be replaced. Thus we cannot use dbus_message_new_error or dbus_message_new_method_return Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Eric Blake 提交于
FreeBSD 10 recently changed their definition of RAND_MAX, to try and cover the fact that their evenly distributed results of rand() really are a smaller range than a full power of 2. As a result, I did some investigation, and learned: 1. POSIX requires random() to be evenly distributed across exactly 31 bits. glibc also guarantees this for rand(), but the two are unrelated, and POSIX only associates RAND_MAX with rand(). Avoiding RAND_MAX altogether thus avoids a build failure on FreeBSD 10. 2. Concatenating random bits from a PRNG will NOT provide uniform coverage over the larger value UNLESS the period of the original PRNG is at least as large as the number of bits being concatenated. Simple example: suppose that RAND_MAX were 1 with a period of 2**1 (which means that the PRNG merely alternates between 0 and 1). Concatenating two successive rand() calls would then invariably result in 01 or 10, which is a rather non-uniform distribution (00 and 11 are impossible) and an even worse period (2**0, since our second attempt will get the same number as our first attempt). But a RAND_MAX of 1 with a period of 2**2 (alternating between 0, 1, 1, 0) provides sane coverage of all four values, if properly tempered. (Back-to-back calls would still only see half the values if we don't do some tempering). We therefore want to guarantee a period of at least 2**64, preferably larger (as a tempering factor); POSIX only makes this guarantee for random() with 256 bytes of info. * src/util/virrandom.c (virRandomBits): Use constants that are accurate for the PRNG we are using, not an unrelated PRNG. (randomState): Ensure the period of our PRNG exceeds our usage. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Peter Krempa 提交于
-
- 29 8月, 2013 8 次提交
-
-
由 Eric Blake 提交于
Commit 29fe5d74 (released in 1.1.1) introduced a latent problem for any caller of virSecurityManagerSetProcessLabel and where the domain already had a uid:gid label to be parsed. Such a setup would collect the list of supplementary groups during virSecurityManagerPreFork, but then ignores that information, and thus fails to call setgroups() to adjust the supplementary groups of the process. Upstream does not use virSecurityManagerSetProcessLabel for qemu (it uses virSecurityManagerSetChildProcessLabel instead), so this problem remained latent until backporting the initial commit into v0.10.2-maint (commit c061ff5e, released in 0.10.2.7), where virSecurityManagerSetChildProcessLabel has not been backported. As a result of using a different code path in the backport, attempts to start a qemu domain that runs as qemu:qemu will end up with supplementary groups unchanged from the libvirtd parent process, rather than the desired supplementary groups of the qemu user. This can lead to failure to start a domain (typical Fedora setup assigns user 107 'qemu' to both group 107 'qemu' and group 36 'kvm', so a disk image that is only readable under kvm group rights is locked out). Worse, it is a security hole (the qemu process will inherit supplemental group rights from the parent libvirtd process, which means it has access rights to files owned by group 0 even when such files should not normally be visible to user qemu). LXC does not use the DAC security driver, so it is not vulnerable at this time. Still, it is better to plug the latent hole on the master branch first, before cherry-picking it to the only vulnerable branch v0.10.2-maint. * src/security/security_dac.c (virSecurityDACGetIds): Always populate groups and ngroups, rather than only when no label is parsed. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Daniel P. Berrange 提交于
The use of <> is a security issue for RPC parameters, since a malicious client can set a huge array length causing arbitrary memory allocation in the daemon. It is also a robustness issue for RPC return values, because if the stream is corrupted, it can cause the client to also allocate arbitrary memory. Use a syntax-check rule to prohibit any use of <> Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The return values for the virConnectListAllSecrets call were not bounds checked. This is a robustness issue for clients if something where to cause corruption of the RPC stream data. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The return values for the virConnectListAllNWFilters call were not bounds checked. This is a robustness issue for clients if something where to cause corruption of the RPC stream data. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The return values for the virConnectListAllNodeDevices call were not bounds checked. This is a robustness issue for clients if something where to cause corruption of the RPC stream data. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The return values for the virConnectListAllInterfaces call were not bounds checked. This is a robustness issue for clients if something where to cause corruption of the RPC stream data. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The return values for the virConnectListAllNetworks call were not bounds checked. This is a robustness issue for clients if something where to cause corruption of the RPC stream data. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The return values for the virStoragePoolListAllVolumes call were not bounds checked. This is a robustness issue for clients if something where to cause corruption of the RPC stream data. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-