1. 05 4月, 2013 5 次提交
    • P
      virCaps: get rid of "defaultInitPath" value in the virCaps struct · 4750c848
      Peter Krempa 提交于
      This gets rid of the parameter in favor of using the new callback
      infrastructure to do the same stuff.
      
      This patch implements the domain adjustment callback in the openVZ
      driver and moves the check from the parser to a new validation method in
      the callback infrastructure.
      4750c848
    • P
      qemu: Record the default NIC model in the domain XML · a68d6726
      Peter Krempa 提交于
      This patch implements the devices post parse callback and uses it to fill
      the default qemu network card model into the XML if none is specified.
      
      Libvirt assumes that the network card model for qemu is the "rtl8139".
      Record this in the XML using the new callback to avoid user
      confusion.
      a68d6726
    • P
      conf callback: Rearrange function parameters · ad0d10b2
      Peter Krempa 提交于
      Move the xmlopt and caps arguments to the end of the argument list.
      ad0d10b2
    • P
      conf: Add post XML parse callbacks and prepare for cleaning of virCaps · 43b99fc4
      Peter Krempa 提交于
      This patch adds instrumentation that will allow hypervisor drivers to
      fill and validate domain and device definitions after parsed by the XML
      parser.
      
      With this patch, after the XML is parsed, a callback to the driver is
      issued requesting to fill and validate driver specific details of the
      configuration. This allows to use sensible defaults and checks on a per
      driver basis at the time the XML is parsed.
      
      Two callback pointers are stored in the new virDomainXMLConf object:
      * virDomainDeviceDefPostParseCallback (devicesPostParseCallback)
        - called for a single device parsed and for every single device in a
          domain config. A virDomainDeviceDefPtr is passed along with the
          domain definition and virCaps.
      
      * virDomainDefPostParseCallback, (domainPostParseCallback)
        - A callback that is meant to process the domain config after it's
        parsed.  A virDomainDefPtr is passed along with virCaps.
      
      Both types of callbacks support arbitrary opaque data passed for the
      callback functions.
      
      Errors may be reported in those callbacks resulting in a XML parsing
      failure.
      43b99fc4
    • P
      maint: Rename xmlconf to xmlopt and virDomainXMLConfig to virDomainXMLOption · e84b1931
      Peter Krempa 提交于
      This patch is the result of running:
      
      for i in $(git ls-files | grep -v html | grep -v \.po$ ); do
        sed -i -e "s/virDomainXMLConf/virDomainXMLOption/g" -e "s/xmlconf/xmlopt/g" $i
      done
      
      and a few manual tweaks.
      e84b1931
  2. 04 4月, 2013 13 次提交
    • D
      Create fake NUMA info if libnuma isn't available · 8d3d05d3
      Daniel P. Berrange 提交于
      If libnuma is not compiled in, or numa_available() returns an
      error, stub out fake NUMA info consisting of one NUMA cell
      containing all CPUs and memory.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      8d3d05d3
    • D
      Cope with missing /sys/devices/system/cpu/cpu0/topology files · 4a289151
      Daniel P. Berrange 提交于
      Not all kernel builds have any entries under the location
      /sys/devices/system/cpu/cpu0/topology. We already cope with
      that being missing in some cases, but not all. Update the
      code which looks for thread_siblings to cope with the missing
      file
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      4a289151
    • D
      Add armv6l architecture to list of valid arches · 9c29c52c
      Daniel P. Berrange 提交于
      The Raspberry Pi runs the armv6l architecture and apparently
      people are trying to run libvirt LXC on it. So we should allow
      that as a valid arch
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      9c29c52c
    • D
      Implement minimal sysinfo for ARM platforms · 347081ef
      Daniel P. Berrange 提交于
      Implement the bare minimal sysinfo for ARM platforms by
      reading the CPU models from /proc/cpuinfo
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      347081ef
    • D
      Disable of unused sysinfotest functions · 0464ab18
      Daniel P. Berrange 提交于
      Certain functions in the sysinfotest.c are not used unless
      a whitelisted architecture is being built. Disable those
      functions unless required to avoid warnings about unused
      functions.
      
      sysinfotest.c:93:1: warning: 'sysinfotest_run' defined but not used [-Wunused-function]
       sysinfotest_run(const char *test,
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      0464ab18
    • D
      Wire up sysinfo for LXC driver · 6263fc5a
      Daniel P. Berrange 提交于
      The sysinfo code used by QEMU is trivially portable to the
      LXC driver
      6263fc5a
    • D
      Add support for SD cards in nodedev driver · e2b373e6
      Daniel P. Berrange 提交于
      The nodedev driver currently only detects harddisk, cdrom
      and floppy devices. This adds support for SD cards, which
      are common storage for ARM devices, eg the Google ChromeBook
      
      <device>
        <name>block_mmcblk0_0xb1c7c08b</name>
        <parent>computer</parent>
        <capability type='storage'>
          <block>/dev/mmcblk0</block>
          <drive_type>sd</drive_type>
          <serial>0xb1c7c08b</serial>
          <size>15758000128</size>
          <logical_block_size>512</logical_block_size>
          <num_blocks>30777344</num_blocks>
        </capability>
      </device>
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      e2b373e6
    • D
      Revert "lxc: Prevent shutting down the host" · edd87fa2
      Daniel P. Berrange 提交于
      This reverts commit c9c87376.
      
      Now that we force all containers to have a root filesystem,
      there is no way the host's /dev is ever exposed
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      edd87fa2
    • D
      Auto-add a root <filesystem> element to LXC containers on startup · c131525b
      Daniel P. Berrange 提交于
      Currently the LXC container code has two codepaths, depending on
      whether there is a <filesystem> element with a target path of '/'.
      If we automatically add a <filesystem> device with src=/ and dst=/,
      for any container which has not specified a root filesystem, then
      we only need one codepath for setting up the filesystem.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      c131525b
    • D
      Remove support for old kernels lacking private devpts · f7e8653f
      Daniel P. Berrange 提交于
      Early on kernel support for private devpts was not widespread,
      so we had compatibiltiy codepaths. Such old kernels are not
      seriously used for LXC these days, so the compat code can go
      away
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      f7e8653f
    • A
      storage: Fix volume cloning for logical volume. · d369e508
      Atsushi Kumagai 提交于
      When creating a logical volume with virStorageVolCreateXMLFrom,
      "qemu-img convert" is called internally if clonevol is a file volume.
      Then, vol->target.format is used as output_fmt parameter but the
      target.format of logical volumes is always 0 because logical volumes
      haven't the volume format type element.
      
      Fortunately, 0 was treated as RAW file format before commit f772b3d9,
      so there was no problem. But now, 0 is treated as the type of none,
      qemu-img fails with "Unknown file format 'none'".
      
      This patch fixes this issue by treating output block devices as RAW
      file format like for input block devices.
      Signed-off-by: NAtsushi Kumagai <kumagai-atsushi@mxc.nes.nec.co.jp>
      d369e508
    • G
      security_manager: fix comparison · ea151935
      Guido Günther 提交于
      otherwise we crash later on if we don't find a match like:
      
       #0  0xb72c2b4f in virSecurityManagerGenLabel (mgr=0xb8e42d20, vm=0xb8ef40c0) at security/security_manager.c:424
       #1  0xb18811f3 in qemuProcessStart (conn=conn@entry=0xb8eed880, driver=driver@entry=0xb8e3b1e0, vm=vm@entry=0xb8ef58f0,
           migrateFrom=migrateFrom@entry=0xb18f6088 "stdio", stdin_fd=18,
           stdin_path=stdin_path@entry=0xb8ea7798 "/var/lib/jenkins/jobs/libvirt-tck-build/workspace/tck.img", snapshot=snapshot@entry=0x0,
           vmop=vmop@entry=VIR_NETDEV_VPORT_PROFILE_OP_RESTORE, flags=flags@entry=2) at qemu/qemu_process.c:3364
       #2  0xb18d6cb2 in qemuDomainSaveImageStartVM (conn=conn@entry=0xb8eed880, driver=driver@entry=0xb8e3b1e0, vm=0xb8ef58f0, fd=fd@entry=0xb6bf3f98,
           header=header@entry=0xb6bf3fa0, path=path@entry=0xb8ea7798 "/var/lib/jenkins/jobs/libvirt-tck-build/workspace/tck.img",
           start_paused=start_paused@entry=false) at qemu/qemu_driver.c:4843
       #3  0xb18d7eeb in qemuDomainRestoreFlags (conn=conn@entry=0xb8eed880,
           path=path@entry=0xb8ea7798 "/var/lib/jenkins/jobs/libvirt-tck-build/workspace/tck.img", dxml=dxml@entry=0x0, flags=flags@entry=0)
           at qemu/qemu_driver.c:4962
       #4  0xb18d8123 in qemuDomainRestore (conn=0xb8eed880, path=0xb8ea7798 "/var/lib/jenkins/jobs/libvirt-tck-build/workspace/tck.img")
           at qemu/qemu_driver.c:4987
       #5  0xb718d186 in virDomainRestore (conn=0xb8eed880, from=0xb8ea87d8 "/var/lib/jenkins/jobs/libvirt-tck-build/workspace/tck.img") at libvirt.c:2768
       #6  0xb7736363 in remoteDispatchDomainRestore (args=<optimized out>, rerr=0xb6bf41f0, client=0xb8eedaf0, server=<optimized out>, msg=<optimized out>)
           at remote_dispatch.h:4679
       #7  remoteDispatchDomainRestoreHelper (server=0xb8e1a3e0, client=0xb8eedaf0, msg=0xb8ee72c8, rerr=0xb6bf41f0, args=0xb8ea8968, ret=0xb8ef5330)
           at remote_dispatch.h:4661
       #8  0xb720db01 in virNetServerProgramDispatchCall (msg=0xb8ee72c8, client=0xb8eedaf0, server=0xb8e1a3e0, prog=0xb8e216b0)
           at rpc/virnetserverprogram.c:439
       #9  virNetServerProgramDispatch (prog=0xb8e216b0, server=server@entry=0xb8e1a3e0, client=0xb8eedaf0, msg=0xb8ee72c8) at rpc/virnetserverprogram.c:305
       #10 0xb7206e97 in virNetServerProcessMsg (msg=<optimized out>, prog=<optimized out>, client=<optimized out>, srv=0xb8e1a3e0) at rpc/virnetserver.c:162
       #11 virNetServerHandleJob (jobOpaque=0xb8ea7720, opaque=0xb8e1a3e0) at rpc/virnetserver.c:183
       #12 0xb70f9f78 in virThreadPoolWorker (opaque=opaque@entry=0xb8e1a540) at util/virthreadpool.c:144
       #13 0xb70f94a5 in virThreadHelper (data=0xb8e0e558) at util/virthreadpthread.c:161
       #14 0xb705d954 in start_thread (arg=0xb6bf4b70) at pthread_create.c:304
       #15 0xb6fd595e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130
      
      This unbreaks libvirt-tck's domain/100-transient-save-restore.t with
      qemu:///session and selinux compiled in but disabled.
      
      Introduced by 8d68cbea
      ea151935
    • E
      qemu: fix memory leak on -machine usage error · e52a31d1
      Eric Blake 提交于
      Commit f84b92ea introduced a memory leak on error; John Ferlan reported
      that valgrind caught it during 'make check'.
      
      * src/qemu/qemu_command.c (qemuBuildMachineArgStr): Plug leak.
      e52a31d1
  3. 03 4月, 2013 9 次提交
    • D
      Enable full RELRO mode · fc8c1787
      Daniel P. Berrange 提交于
      By passing the flags -z relro -z now to the linker, we can force
      it to resolve all library symbols at startup, instead of on-demand.
      This allows it to then make the global offset table (GOT) read-only,
      which makes some security attacks harder.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      fc8c1787
    • D
      Build all binaries with PIE · 1150999c
      Daniel P. Berrange 提交于
      PIE (position independent executable) adds security to executables
      by composing them entirely of position-independent code (PIC. The
      .so libraries already build with -fPIC. This adds -fPIE which is
      the equivalent to -fPIC, but for executables. This for allows Exec
      Shield to use address space layout randomization to prevent attackers
      from knowing where existing executable code is during a security
      attack using exploits that rely on knowing the offset of the
      executable code in the binary, such as return-to-libc attacks.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      1150999c
    • P
      qemu-blockjob: Fix limit of bandwidth for block jobs to supported value · 24ca8fae
      Peter Krempa 提交于
      The JSON generator is able to represent only values less than LLONG_MAX, fix the
      bandwidth limit checks when converting to value to catch overflows before they
      reach the generator.
      24ca8fae
    • O
      rng: Add definition for network disk source · ad5298e1
      Osier Yang 提交于
      It's long enough to have a independant definition.
      ad5298e1
    • D
      Disable static libraries by default · ad42b34b
      Daniel P. Berrange 提交于
      Every source file is currently built twice by libtool, once for
      the shared library and once for the static library. Static libs
      are not commonly packaged by distros and slow down compilation
      time by more than 50% compared to a shared-only build time.
      
      Time for 'make -j 4':
      
            shared only: 2 mins  9 secs
        shared + static: 3 mins 26 secs
      
      Time for non-parallel make
      
            shared only: 3 mins 32 secs
        shared + static: 5 mins 41 secs
      
      Those few people who really want them, can pass --enable-static
      to configure
      
      Disabling them by default requires use of LT_INIT, but for
      compat with RHEL5 we can't rely on that. So we conditionally
      use LT_INIT, but fallback to AM_PROG_LIBTOOL if not present.
      ad42b34b
    • P
      virsh: Fix typo in docs · f006f195
      Peter Krempa 提交于
      s/persitent/persistent/
      f006f195
    • M
      sec_manager: Refuse to start domain with unsupported seclabel · 8d68cbea
      Michal Privoznik 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=947387
      
      If a user configures a domain to use a seclabel of a specific type,
      but the appropriate driver is not accessible, we should refuse to
      start the domain. For instance, if user requires selinux, but it is
      either non present in the system, or is just disabled, we should not
      start the domain. Moreover, since we are touching only those labels we
      have a security driver for, the other labels may confuse libvirt when
      reconnecting to a domain on libvirtd restart. In our selinux example,
      when starting up a domain, missing security label is okay, as we
      auto-generate one. But later, when libvirt is re-connecting to a live
      qemu instance, we parse a state XML, where security label is required
      and it is an error if missing:
      
        error : virSecurityLabelDefParseXML:3228 : XML error: security label
        is missing
      
      This results in a qemu process left behind without any libvirt control.
      8d68cbea
    • M
      Allow multiple parameters for schedinfo · e7cd2844
      Martin Kletzander 提交于
      virsh schedinfo was able to set only one parameter at a time (not
      counting the deprecated options), but it is useful to set more at
      once, so this patch adds the possibility to do stuff like this:
      
      virsh schedinfo <domain> cpu_shares=0 vcpu_period=0 vcpu_quota=0 \
      emulator_period=0 emulator_quota=0
      
      Invalid scheduler options are reported as well.  These were previously
      reported only if the command hadn't updated any values (when
      cmdSchedInfoUpdate returned 0).
      
      Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=810078
      Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=919372
      Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=919375
      e7cd2844
    • P
      qemu: Fix crash when updating media with shared device · 43b6f304
      Peter Krempa 提交于
      Mimic the fix done in 02b90972 to fix crash by
      accessing an already freed structure. Also copy the explaining comment why the
      pointer can't be accessed any more.
      43b6f304
  4. 02 4月, 2013 13 次提交