- 18 12月, 2012 2 次提交
-
-
由 Peter Krempa 提交于
-
由 Peter Krempa 提交于
This patch simplifies the code that parses the fallback and vendor_id attributes from the domain xml cpu definition. Changes done: - free temp variables in the cleanup section instead of local use - remove checking for presence of the attribute to directly getting the value (saving call to virXPathBoolean) - replace loop used to check for ',' in the vendor_id string with strchr
-
- 17 12月, 2012 9 次提交
-
-
由 Peter Krempa 提交于
The field was not freed from the cpu definition.
-
由 Ken ICHIKAWA 提交于
This patch fixes a problem that vendor_id attribute can not be defined when fallback attribute is not defined. If I define domain xml like below: <domain> <cpu> <model vendor_id='aaaabbbbcccc'>core2duo</model> </cpu> </domain> In dumpxml, vendor_id is not reflected: <domain> <cpu mode='custom' match='exact'> <model fallback='allow'>core2duo</model> </cpu> </domain> The expected output is: <domain> <cpu mode='custom' match='exact'> <model fallback='allow' vendor_id='aaaabbbbcccc'>core2duo</model> </cpu> </domain> If the fallback attribute and vendor_id attribute is defined at the same time, it's reflected as expected. Signed-off-by: NKen ICHIKAWA <ichikawa.ken@jp.fujitsu.com>
-
由 Daniel P. Berrange 提交于
The current SELinux policy only works for KVM guests, since TCG requires the 'execmem' privilege. There is a 'virt_use_execmem' boolean to turn this on globally, but that is unpleasant for users. This changes libvirt to automatically use a new 'svirt_tcg_t' context for TCG based guests. This obsoletes the previous boolean tunable and makes things 'just work(tm)' Since we can't assume we run with new enough policy, I also make us log a warning message (once only) if we find the policy lacks support. In this case we fallback to the normal label and expect users to set the boolean tunable Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Peter Krempa 提交于
-
由 Guannan Ren 提交于
The testcase is for testing non-fixed PCI address for primary video device and using video args to -deivce qemu option.
-
由 Guannan Ren 提交于
'-device VGA' maps to '-vga std' '-device cirrus-vga' maps to '-vga cirrus' '-device qxl-vga' maps to '-vga qxl' (there is also '-device qxl' for secondary devices) '-device vmware-svga' maps to '-vga vmware' For qemu(>=1.2), we can use -device to replace -vga for video device. For the primary video device, the patch tries to use 0x2 slot for matching old qemu. If the 0x2 slot is allocated already, the addr property could help for using any available slot. For qemu(< 1.2), we keep using -vga for primary device.
-
由 Guannan Ren 提交于
If there are multiple video devices primary = 'yes' marks this video device as the primary one. The rest are secondary video devices. No more than one could be mark as primary. If none of them has primary attribute, the first one will be the primary by default like what it was. The reason of this changing is that for qemu, only one primary video device is permitted which can be of any type. For secondary video devices, only qxl is allowd. Primary attribute removes the restriction that the first have to be the primary one. We always put the primary video device into the first position of video device structure array after parsing.
-
由 Guannan Ren 提交于
QEMU_CAPS_DEVICE_QXL -device qxl QEMU_CAPS_DEVICE_VGA -device VGA QEMU_CAPS_DEVICE_CIRRUS_VGA -device cirrus-vga QEMU_CAPS_DEVICE_VMWARE_SVGA -device vmware-svga QEMU_CAPS_DEVICE_VIDEO_PRIMARY /* safe to use -device XXX for primary video device */ Fix a typo in qemuCapsObjectTypes, the string 'qxl' here should be -device qxl rather than -vga [...|qxl|..]
-
由 Daniel Veillard 提交于
- configure.ac docs/news.html.in: update for the release - po/*.po: updated from transifex
-
- 15 12月, 2012 4 次提交
-
-
由 Eric Blake 提交于
Noticed these while building on FreeBSD. * src/qemu/qemu_monitor.c (qemuMonitorBlockInfoLookup): Rename variable to avoid 'devname' collision. * src/qemu/qemu_driver.c (qemuDomainInterfaceStats): Mark unused variable.
-
由 Roman Bogorodskiy 提交于
This adds an implementation of virNetSocketGetUNIXIdentity() using LOCAL_PEERCRED socket option and xucred struct, defined in <sys/ucred.h> on systems that have it.
-
由 Laine Stump 提交于
A forgotten "!" in recently-modified code at the top of networkRefreshDaemon() meant an improper early return, which led to 1) dnsmasq config files not being updated from the newly modified config, and 2) dnsmasq not being sent a SIGHUP so that it could learn about the changes to the config. virNetworkDefGetIpByIndex() returns NULL if there are no ip objects of the requested type, and if there are no IP elements, then dnsmasq shouldn't be running, so we can return early. Otherwise we should rewrite the config files and send a SIGHUP.
-
由 Guido Günther 提交于
since compilation breaks otherwise with older libsanlock.
-
- 14 12月, 2012 13 次提交
-
-
由 Eric Blake 提交于
As detected in https://bugzilla.redhat.com/show_bug.cgi?id=887187 * docs/formatdomain.html.in: Fix XML typos.
-
由 Michal Privoznik 提交于
Currently, if sanlock is already registering a lockspace other libvirtd instances (from other hosts) obtain -EINPROGRESS. On sufficiently new sanlock, sanlock_inq_lockspace() is called, which suspend execution until lockspace state is changed. With current libvirt implementation, we fail to retry adding the lockspace again but continue in error path. Therefore we produce meaningless error message: virLockManagerSanlockSetupLockspace:363 : Unable to add lockspace /var/lib/libvirt/sanlock/__LIBVIRT__DISKS__: Success qemudLoadDriverConfig:558 : Failed to load lock manager sanlock We should try to re-add the lockspace after its state change to be sure it was added successfully. In fact, with sufficiently new sanlock we can just avoid dummy usleep() which is used if there's no inquire API.
-
由 Eric Blake 提交于
The virtlockd daemon scripts were lousy, when compared to their counterparts in daemon/Makefile.am. In particular, when init scripts were selected, this resulted in 'make distcheck' failing due to failure to clean up src/virtlockd.init. * src/Makefile.am (install-systemd): Fix dependencies. Use MKDIR_P. (uninstall-systemd): Remove empty directory. Use fewer processes. (install-init, install-sysconfig): Use MKDIR_P. (uninstall-init): Remove correct file, and also empty directory. (uninstall-sysconfig): Remove empty directory. (DISTCLEANFILES): Clean up trivially built sources.
-
由 Michał Łomnicki 提交于
For a unprivileged user libvirt.conf and auth.conf are looked up in $XDG_CONFIG_HOME but the docs incorrectly state that it's $XDG_CONFIG_DIR.
-
由 Laine Stump 提交于
When a network device's bridge connection is changed by virDomainUpdateDevice, libvirt first removes the netdev's tap from its old bridge, then adds it to the new bridge. Sometimes, due to a network being destroyed while a guest device is still attached, the tap may already be "removed" from the old bridge (or the old bridge may not even exist any more); the existing code was needlessly failing the update when this happened, making it impossible to recover from the situation without completely detaching (i.e. removing) the netdev from the guest and re-attaching. Instead of failing the entire operation when removal of the tap from the old bridge fails, this patch changes qemuDomainChangeNetBridge to just log a warning and continue, allowing a reasonable recover from the situation. (you'll appreciate this change if you ever accidentally destroy a network while your guests are still using it).
-
由 Jiri Denemark 提交于
-
由 Jiri Denemark 提交于
With sanlock enabled, only one of those files was installed.
-
由 Eric Blake 提交于
* src/Makefile.am (libvirt.syms): Let cat loop for us.
-
由 Ján Tomko 提交于
In the case of an OOM error in virDomainDefGetSecurityLabelDef, secdef is set to NULL, then dereferenced while printing the debug message.
-
由 Jiri Denemark 提交于
-
由 Jiri Denemark 提交于
-
由 Laine Stump 提交于
This patch resolves the problem reported in: https://bugzilla.redhat.com/show_bug.cgi?id=886663 The source of the problem was the fix for CVE 2011-3411: https://bugzilla.redhat.com/show_bug.cgi?id=833033 which was originally committed upstream in commit 753ff83a. That commit improperly removed the "--except-interface lo" from dnsmasq commandlines when --bind-dynamic was used (based on comments in the latter bug). It turns out that the problem reported in the CVE could be eliminated without removing "--except-interface lo", and removing it actually caused each instance of dnsmasq to listen on localhost on port 53, which created a new problem: If another instance of dnsmasq using "bind-interfaces" (instead of "bind-dynamic") had already been started (or if another instance started later used "bind-dynamic"), this wouldn't have any immediately visible ill effects, but if you tried to start another dnsmasq instance using "bind-interfaces" *after* starting any libvirt networks, the new dnsmasq would fail to start, because there was already another process listening on port 53. (Subsequent to the CVE fix, another patch changed the network driver to put dnsmasq options in a conf file rather than directly on the dnsmasq commandline, but preserved the same options.) This patch changes the network driver to *always* add "except-interface=lo" to dnsmasq conf files, regardless of whether we use bind-dynamic or bind-interfaces. This way no libvirt dnsmasq instances are listening on localhost (and the CVE is still fixed). The actual code change is miniscule, but must be propogated through all of the test files as well.
-
由 Jiri Denemark 提交于
$(srcdir) is already part of $$file since commit f1f9a7ac.
-
- 13 12月, 2012 12 次提交
-
-
由 Ján Tomko 提交于
For non-default connections (specified by the environment variable or the command line option) we call virConnectOpenAuth without registering the vshCatchDisconnect callback. This calls vshReconnect instead which takes care of it.
-
由 Ján Tomko 提交于
Since we (ab)use vshReconnect for the default URI connection, if it fails it might print 'Failed to reconnect to the hypervisor' even if we were never connected before. This changes it to only mention reconnection on the first try after getting disconnected.
-
由 Daniel P. Berrange 提交于
-
由 Daniel P. Berrange 提交于
-
由 Daniel P. Berrange 提交于
The default lockd driver behavour is to acquire leases directly on the disk files. This introduces an alternative mode, where leases are acquire indirectly on a file that is based on a SHA256 hash of the disk filename. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
This adds a 'lockd' lock driver which is just a client which talks to the lockd daemon to perform all locking. This will be the default lock driver for any hypervisor which needs one. * src/Makefile.am: Add lockd.so plugin * src/locking/lock_driver_lockd.c: Lockd driver impl Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The virtlockd daemon maintains file locks on behalf of libvirtd and any VMs it is running. These file locks must be held for as long as any VM is running. If virtlockd itself ever quits, then it is expected that a node would be fenced/rebooted. Thus to allow for software upgrads on live systemd, virtlockd needs the ability to re-exec() itself. Upon receipt of SIGUSR1, virtlockd will save its current live state out to a file /var/run/virtlockd-restart-exec.json It then re-exec()'s itself with exactly the same argv as it originally had, and loads the state file, reconstructing any objects as appropriate. The state file contains information about all locks held and all network services and clients currently active. An example state document is { "server": { "min_workers": 1, "max_workers": 20, "priority_workers": 0, "max_clients": 20, "keepaliveInterval": 4294967295, "keepaliveCount": 0, "keepaliveRequired": false, "services": [ { "auth": 0, "readonly": false, "nrequests_client_max": 1, "socks": [ { "fd": 6, "errfd": -1, "pid": 0, "isClient": false } ] } ], "clients": [ { "auth": 0, "readonly": false, "nrequests_max": 1, "sock": { "fd": 9, "errfd": -1, "pid": 0, "isClient": true }, "privateData": { "restricted": true, "ownerPid": 1722, "ownerId": 6, "ownerName": "f18x86_64", "ownerUUID": "97586ba9-df27-9459-c806-f016c8bbd224" } }, { "auth": 0, "readonly": false, "nrequests_max": 1, "sock": { "fd": 10, "errfd": -1, "pid": 0, "isClient": true }, "privateData": { "restricted": true, "ownerPid": 1784, "ownerId": 7, "ownerName": "f16x86_64", "ownerUUID": "7b8e5e42-b875-61e9-b981-91ad8fa46979" } } ] }, "defaultLockspace": { "resources": [ { "name": "/var/lib/libvirt/images/f16x86_64.raw", "path": "/var/lib/libvirt/images/f16x86_64.raw", "fd": 14, "lockHeld": true, "flags": 0, "owners": [ 1784 ] }, { "name": "/var/lib/libvirt/images/shared.img", "path": "/var/lib/libvirt/images/shared.img", "fd": 12, "lockHeld": true, "flags": 1, "owners": [ 1722, 1784 ] }, { "name": "/var/lib/libvirt/images/f18x86_64.img", "path": "/var/lib/libvirt/images/f18x86_64.img", "fd": 11, "lockHeld": true, "flags": 0, "owners": [ 1722 ] } ] }, "lockspaces": [ ], "magic": "30199" } Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
This enhancement virtlockd so that it can receive a pre-opened UNIX domain socket from systemd at launch time, and adds the systemd service/socket unit files * daemon/libvirtd.service.in: Require virtlockd to be running * libvirt.spec.in: Add virtlockd systemd files * src/Makefile.am: Install systemd files * src/locking/lock_daemon.c: Support socket activation * src/locking/virtlockd.service.in, src/locking/virtlockd.socket.in: systemd unit files * src/rpc/virnetserverservice.c, src/rpc/virnetserverservice.h: Add virNetServerServiceNewFD() method * src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Add virNetSocketNewListenFD method Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Introduce a lock_daemon_dispatch.c file which implements the server side dispatcher the RPC APIs previously defined in the lock protocol. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The virtlockd daemon will be responsible for managing locks on virtual machines. Communication will be via the standard RPC infrastructure. This provides the XDR protocol definition * src/locking/lock_protocol.x: Wire protocol for virtlockd * src/Makefile.am: Include lock_protocol.[ch] in virtlockd Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The virtlockd daemon will maintain locks on behalf of libvirtd. There are two reasons for it to be separate - Avoid risk of other libvirtd threads accidentally releasing fcntl() locks by opening + closing a file that is locked - Ensure locks can be preserved across libvirtd restarts. virtlockd will need to be able to re-exec itself while maintaining locks. This is simpler to achieve if its sole job is maintaining locks Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Refactor virLockManagerPluginNew() so that the caller does not need to pass in the config file path itself - just the config directory and driver name. Fix QEMU to actually pass in a config file when creating the default lock manager plugin, rather than NULL. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-