1. 21 8月, 2012 9 次提交
    • E
      virsh: declare more common functions · 4c10b3c7
      Eric Blake 提交于
      In preparation for splitting virsh-interface.c, I found these
      functions need to be declared in virsh.h, as well as one that
      belongs more properly in virsh-domain.h.  Also, since we
      use the VSH_BY* flags in more than one function, I improved
      how they are used.
      
      * tools/virsh.h (vshNameSorter, vshCmdHasOption): Declare.
      (VSH_BYID): Turn into enum.
      (vshCommandOptDomainBy): Move...
      * tools/virsh-domain.h): ...here.
      * tools/virsh.c: (vshNameSorter): Export.
      (cmd_has_option): Rename...
      (vshCmdHasOption): ...and export.
      (vshCommandOptDomainBy): Move...
      * tools/virsh-domain.c (vshCommandOptDomainBy): ...here, adjust
      signature, and check flags.
      * tools/virsh-network.c (vshCommandOptNetworkBy): Update callers.
      * tools/virsh-nwfilter.c (vshCommandOptNWFilterBy): Likewise.
      * tools/virsh-secret.c (vshCommandOptSecret): Likewise.
      * tools/virsh-domain-monitor.c (includes): Likewise.
      * tools/virsh-host.c (includes): Likewise.
      4c10b3c7
    • E
      virsh: split out virsh-host.c · ae8e89fb
      Eric Blake 提交于
      The splits are getting easier, with fewer cleanups needed in virsh.h.
      
      * tools/virsh-host.h: New file.
      * tools/Makefile.am (virsh_SOURCES): Build it.
      * tools/virsh-host.c: Use new header.
      * tools/virsh.c: Likewise.
      ae8e89fb
    • E
      virsh: split out virsh-domain-monitor.c · 99ae57f8
      Eric Blake 提交于
      Another file worth compiling on its own instead of by .c inclusion.
      
      * tools/virsh-domain-monitor.h: New file.
      * tools/Makefile.am (virsh_SOURCES): Build it.
      * tools/virsh.h (vshGetDomainDescription): Move to correct
      header.
      * tools/virsh-domain-monitor.c: Use new header.
      * tools/virsh.c: Likewise.
      * tools/virsh-domain.c: Likewise.
      99ae57f8
    • M
      Update the remote API · 2f8a09fb
      Marcelo Cerri 提交于
      This patch updates libvirt's API to allow applications to inspect the
      full list of security labels of a domain.
      Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
      2f8a09fb
    • M
      Support for multiple default security drivers in QEMU config · 6d6bff3a
      Marcelo Cerri 提交于
      This patch updates the key "security_driver" in QEMU config to suport
      both a sigle default driver or a list of default drivers. This ensures
      that it will remain compatible with older versions of the config file.
      Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
      6d6bff3a
    • M
      Update security layer to handle many security labels · a994ef2d
      Marcelo Cerri 提交于
      These changes make the security drivers able to find and handle the
      correct security label information when more than one label is
      available. They also update the DAC driver to be used as an usual
      security driver.
      Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
      a994ef2d
    • M
      Multiple security drivers in XML data · e9377dda
      Marcelo Cerri 提交于
      This patch updates the domain and capability XML parser and formatter to
      support more than one "seclabel" element for each domain and device. The
      RNG schema and the tests related to this are also updated by this patch.
      Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
      e9377dda
    • M
      Internal refactory of data structures · 6c3cf57d
      Marcelo Cerri 提交于
      This patch updates the structures that store information about each
      domain and each hypervisor to support multiple security labels and
      drivers. It also updates all the remaining code to use the new fields.
      Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
      6c3cf57d
    • V
      selinux: Fix incorrect object label generation. · b6ad2c23
      Viktor Mihajlovski 提交于
      This is a fix for the object label generation. It uses a new flag for
      virSecuritySELinuxGenNewContext that specifies whether the context is
      for an object. If so the context role remains unchanged.
      Without this fix it is not possible to start domains with image file or
      block device backed storage when selinux is enabled.
      Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
      b6ad2c23
  2. 20 8月, 2012 9 次提交
    • E
      virsh: drop unused headers · 521b7ab7
      Eric Blake 提交于
      The previous commit now trips up 'make syntax-check' due to a useless
      use of <signal.h>.
      
      * tools/virsh.c (includes): Drop useless includes.
      521b7ab7
    • E
      maint: prohibit translations in testsuite · cc2150d2
      Eric Blake 提交于
      Nothing in the testsuite or examples directory should be translated,
      as it is not part of the normally installed binary.  We already
      meet this rule, but enforcing it will make it easier to remember.
      
      Suggested by Daniel P. Berrange.
      
      * cfg.mk (sc_prohibit_useless_translation): Enhance rule.
      cc2150d2
    • D
      Fix build of virsh on Win32 by moving SA_SIGINFO stub · 6a481798
      Daniel P. Berrange 提交于
      On Win32 SA_SIGINFO is not defined, so virsh.c stub'd it out
      to 0, but recent changes moved the usage out of virsh.c and
      into virsh-domain.c
      6a481798
    • E
      virsh: use common namespacing · e68ee5e7
      Eric Blake 提交于
      Convert the exported items in virsh.h to use a common 'vsh' prefix.
      
      * tools/virsh.h (VIRSH_MAX_XML_FILE): Rename...
      (VSH_MAX_XML_FILE): ...and parenthesize.
      (DIFF_MSEC, CTRL_CLOSE_BRACKET): Delete.
      (vshUsage, vshInit, vshDeinit, vshParseArgv): Remove prototype.
      (editWriteToTempFile, editFile, editReadBackFile, prettyCapacity)
      (virshReportError): Rename...
      (vshEditWriteToTempFile, vshEditFile, vshEditReadBackFile)
      (vshPrettyCapacity, vshReportError): ...into vsh namespace.
      (jobWatchTimeoutFunc): Move to virsh-domain.c.
      * tools/virsh.c (vshCommandRun): Inline former DIFF_MSEC.
      (main): Inline former CTRL_CLOSE_BRACKET.
      (vshUsage, vshInit, vshDeinit, vshParseArgv): Make static.
      (prettyCapacity, virshReportError, editWriteToTempFile, editFile):
      Fix naming, and adjust usage.
      (vshAskReedit, vshCommandRun, vshEventLoop, vshInit): Adjust
      usage.
      * tools/virsh-domain.c (cmdAttachDevice, cmdCPUCompare)
      (cmdCPUBaseline, cmdCreate, cmdDefine, cmdDetachDevice)
      (cmdUpdateDevice, cmdDesc, cmdUndefine, cmdStart, cmdVcpucount)
      (cmdAttachDevice, cmdDomjobinfo): Likewise.
      * tools/virsh-edit.c (do): Likewise.
      * tools/virsh-interface.c (cmdInterfaceDefine): Likewise.
      * tools/virsh-network.c (cmdNetworkCreate, cmdNetworkDefine):
      Likewise.
      * tools/virsh-nodedev.c (cmdNodeDeviceCreate): Likewise.
      * tools/virsh-nwfilter.c (cmdNWFilterDefine): Likewise.
      * tools/virsh-pool.c (cmdPoolCreate, cmdPoolDefine)
      (cmdPoolDiscoverSources, cmdPoolList): Likewise.
      * tools/virsh-secret.c (cmdSecretDefine): Likewise.
      * tools/virsh-snapshot.c (cmdSnapshotCreate, vshSnapshotCreate)
      (vshLookupSnapshot, cmdSnapshotEdit, cmdSnapshotCurrent)
      (vshGetSnapshotParent): Likewise.
      * tools/virsh-volume.c (cmdVolCreate, cmdVolCreateFrom)
      (cmdVolInfo, cmdVolList): Likewise.
      e68ee5e7
    • D
      Add support for creating sockets & RPC servers from a pre-opened fd · 5435f17e
      Daniel P. Berrange 提交于
      In order to support systemd socket based activation, it needs to
      be possible to create virNetSocketPtr and virNetServerServicePtr
      instance from a pre-opened file descriptor
      5435f17e
    • D
      Refactor impl of the virNetServerClientNew method · 4eb6cae8
      Daniel P. Berrange 提交于
      In preparation for adding further constructors, refactor
      the virNetServerClientNew method to move most of the code
      into a common virNetServerClientNewInternal helper API.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      4eb6cae8
    • D
      Refactor the way new clients are registered with the server · 42c60a78
      Daniel P. Berrange 提交于
      Currently the virNetServerDispatchNewClient both creates the
      virNetServerClientPtr instance and registers it with the
      virNetServerPtr internal state. Split the client registration
      code out into a separate virNetServerAddClient method to
      allow future reuse from other contexts
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      42c60a78
    • D
      Make Win32 stub of vshAskReedit non-static · ee7b4e55
      Daniel P. Berrange 提交于
      The main impl of vshAskReedit is non-static, so the Win32
      stub must be the same
      ee7b4e55
    • D
      Fix syntax-check failures wrt virsh · 2a336379
      Daniel P. Berrange 提交于
      * cfg.mk: Whitelist virsh.h instead of virsh.c for strcasecmp check
      * tools/virsh-domain.h, tools/virsh.h: Fix #define indentation
      2a336379
  3. 18 8月, 2012 13 次提交
    • E
      virsh: kill some double underscores · 6d96fab9
      Eric Blake 提交于
      C99 says that __foo naming is reserved for the compiler.  Besides,
      we had several different styles in use; this consolidates things
      to set up the typedefs up front then declare the types with
      consistent naming.
      
      * tools/virsh.h: Use consistent struct naming.
      * tools/virsh.c (_vshCommandParser): Likewise.
      6d96fab9
    • E
      virsh: split out virsh-domain.c · f4a7b87d
      Eric Blake 提交于
      The virsh-domain.c file was pretty self-contained; the only
      entry point was the table of command definitions.  The bulk
      of this patch is making more functions in virsh.c reusable.
      A later patch will clean up poor naming choices.
      
      * tools/Makefile.am (virsh_SOURCES): Build virsh-domain.c.
      * tools/virsh-domain.h: New file.
      * tools/virsh.h (virshReportError, vshResetLibvirtError)
      (vshAskReedit, vshStreamSink): Declare.
      * tools/virsh.c: Switch from using .c to .h.
      (virshReportError, vshResetLibvirtError, vshAskReedit)
      (vshStreamSink, prettyCapacity): Export.
      (vshCatchInt): Move...
      * tools/virsh-domain.c: ...into sole user.  Use header.
      f4a7b87d
    • E
      virsh: split out virsh.h · c2e494cc
      Eric Blake 提交于
      Having one .c file include another does not give any compilation
      benefits; move towards modular .o files by first splitting out
      reused declarations into a new virsh.h.  This patch doesn't try
      very hard to see which functions are used or not, to make it
      easier to review the file split.  Future patches can further trim
      the header to be smaller.
      
      * tools/Makefile.am (virsh_SOURCES): List new file, and prepare
      for others.
      * tools/virsh.c: Split declarations...
      * tools/virsh.h: ...into new file, and make several functions
      non-static.
      * tools/virsh-domain-monitor.c (vshGetDomainDescription): Make
      non-static.
      c2e494cc
    • E
      virsh: move vshWatchJob earlier · 8e8809e1
      Eric Blake 提交于
      It's easier to order things in topological order than it is to
      forward declare in one file for use only by one other file.
      
      * tools/virsh.c (vshWatchJob, parseRateStr)
      (vshDomainStateToString, vshDomainStateReasonToString)
      (vshDomainControlStateToString, vshDomainVcpuStateToString): Drop
      useless prototypes.
      * tools/virsh-domain.c (vshWatchJob): Move earlier.
      8e8809e1
    • S
      qemu: support netdevs from <forward mode='hostdev'> networks · 1610b71a
      Shradha Shah 提交于
      For network devices allocated from a network with <forward
      mode='hostdev'>, there is a need to add the newly minted hostdev to
      the hostdevs array.
      
      In this case we also need to call qemuPrepareHostDevices just for this
      one device, as the standard call to initialize all the hostdevs that
      were defined directly in the domain's configuration has already been
      made by the time we allocate a device from a libvirt network, and thus
      have something that needs initializing.
      Signed-off-by: NShradha Shah <sshah@solarflare.com>
      1610b71a
    • S
      network: support <forward mode='hostdev'> in network driver · a818f8cf
      Shradha Shah 提交于
      This patch updates the network driver to properly utilize the new
      attributes/elements that are now in virNetworkDef
      Signed-off-by: NShradha Shah <sshah@solarflare.com>
      Signed-off-by: NLaine Stump <laine@laine.org>
      a818f8cf
    • S
      conf: add function virDevicePCIAddressEqual · 3ebf5484
      Shradha Shah 提交于
      This function is needed by the network driver in a later commit.
      It is useful in functions like networkNotifyActualDevice and
      networkReleaseActualDevice
      3ebf5484
    • S
      network: return netdev name or pci addr of the VF in actualDevice · 2b51a63b
      Shradha Shah 提交于
      The network pool should be able to keep track of both network device
      names and PCI addresses, and return the appropriate one in the
      actualDevice when networkAllocateActualDevice is called.
      Signed-off-by: NShradha Shah <sshah@solarflare.com>
      2b51a63b
    • S
      conf: parser/formatter/rng for <forward mode='hostdev'> · 14460034
      Shradha Shah 提交于
      This patch introduces the new forward mode='hostdev' along with
      attribute managed. Includes updates to the network RNG and new xml
      parser/formatter code.
      Signed-off-by: NShradha Shah <sshah@solarflare.com>
      14460034
    • S
      network: helper function to create interface pool from PF · 1494897b
      Shradha Shah 提交于
      Existing code that creates a list of forwardIfs from a single PF
      was moved to the new utility function networkCreateInterfacePool.
      No functional change.
      Signed-off-by: NShradha Shah <sshah@solarflare.com>
      1494897b
    • S
      conf: move DevicePCIAddress functions to separate file · f9150c81
      Shradha Shah 提交于
      Move the functions the parse/format, and validate PCI addresses to
      their own file so they can be conveniently used in other places
      besides device_conf.c
      
      Refactoring existing code without causing any functional changes to
      prepare for new code.
      
      This patch makes the code reusable.
      Signed-off-by: NShradha Shah <sshah@solarflare.com>
      f9150c81
    • J
      docs: Enhance documentation of log_filters · 395be3c2
      Jiri Denemark 提交于
      Also make sure documentation in libvirtd.conf matches the one from
      logging.html.
      395be3c2
    • J
      conf: Fix ABI stability check for spicevmc channel · d4134642
      Jiri Denemark 提交于
      Change device type of a virtio channel from/to spicevmc is not a user
      visible change. However, spicevmc channels use different default target
      name than other virtio channels. To maintain ABI stability during this
      change target name must be explicitly specified (and equal) in both
      configurations.
      d4134642
  4. 17 8月, 2012 5 次提交
    • K
      network: add support for setting VLANs on Open vSwitch ports · 7d2b91b8
      Kyle Mestery 提交于
      Add the ability to support VLAN tags for Open vSwitch virtual port
      types. To accomplish this, modify virNetDevOpenvswitchAddPort and
      virNetDevTapCreateInBridgePort to take a virNetDevVlanPtr
      argument. When adding the port to the OVS bridge, setup either a
      single VLAN or a trunk port based on the configuration from the
      virNetDevVlanPtr.
      Signed-off-by: NKyle Mestery <kmestery@cisco.com>
      7d2b91b8
    • O
      Fix the indentions of libvirt.h.in · 01aa172c
      Osier Yang 提交于
      Substitute 2 spaces with 4 spaces instead.
      01aa172c
    • O
      qemu: Set swap_hard_limit before hard_limit · 75e5bec9
      Osier Yang 提交于
      Setting hard_limit larger than previous swap_hard_limit must fail,
      it's not that good if one wants to change the swap_hard_limit
      and hard_limit together. E.g.
      
      % virsh memtune rhel6
      hard_limit     : 1000000
      soft_limit     : 1000000
      swap_hard_limit: 1000000
      
      % virsh memtune rhel6 --hard-limit 1000020 --soft-limit 1000020 \
      --swap-hard-limit 1000020 --live
      
      This patch reorder the limits setting to set the swap_hard_limit
      first, hard_limit then, and soft_limit last if it's greater than
      current swap_hard_limit. And soft_limit first, hard_limit then,
      swap_hard_limit last, if not.
      75e5bec9
    • E
      build: fix syntax check during 'make distcheck' · ca9be83d
      Eric Blake 提交于
      'make distcheck' was failing because a syntax check file,
      .sc-start-sc_vulnerable_makefile_CVE-2012-3386, got left
      behind.  I traced it to the 'distdir' rule depending on a
      shortcut syntax-check name rather than the full rule name
      normally used during 'local-check' from maint.mk.
      
      * cfg.mk (distdir): Depend on full rule, not shorthand name.
      ca9be83d
    • E
      build: ship stamp files · b44e6bef
      Eric Blake 提交于
      'make distcheck' fails because the generated ESX and HyperV files
      are (intentionally) marked read-only, but since the stamp file was
      missing, make assumes they need to be rebuilt.  Shipping the stamp
      file solves the problem.
      
      * src/Makefile.am (EXTRA_DIST): Ship stamp files.
      b44e6bef
  5. 16 8月, 2012 4 次提交
    • L
      qemu: support setting vlan tag for <interface type='hostdev'> · 3fdd85bf
      Laine Stump 提交于
      The underlying function to set the vlan tag of an SR-IOV network
      device was already in place (although an extra patch to save/restore
      the original vlan tag was needed), and recent patches added the
      ability to configure a vlan tag. This patch just ties those two
      together.
      
      An SR-IOV device doesn't support vlan trunking, so if anyone tries to
      configure more than a single tag, or set the trunk flag, and error is
      logged.
      3fdd85bf
    • L
      util: properly save/restore original vlan tag for VFs · e979226b
      Laine Stump 提交于
      When a network device that is a VF of an SR-IOV card was assigned to a
      guest using <interface type='hostdev'>, only the MAC address was being
      saved/restored, but the VLAN tag was left untouched. Up to now we
      haven't actually used vlan tags on SR-IOV devices, so the guest would
      have used whatever was set, and left it the same at the end.
      
      The patch following this one will hook up the <vlan> element from the
      interface config, so save/restore of the device state needs to also
      include the vlan tag.
      
      MAC address is being saved as a simple ASCII string in a file named
      for the device under /var/run.  The VLAN tag is now just added at the
      end of that file, after a newline. It might be nicer if the file was
      XML (in case it ever gets more complicated) but at the moment there's
      nothing else on the horizon, and this makes backward compatibility
      easier.
      e979226b
    • O
      qemu: Ensure the cpuset is formatted as expected before passing to cgroup · 29d8ed7a
      Osier Yang 提交于
      The parameter value for cpuset could be in special format like
      "0-10,^7", which is not recognized by cgroup. This patch is to
      ensure the cpuset is formatted as expected before passing it to
      cgroup. As a side effect, after the patch, it parses the cpuset
      early before cgroup setting, to avoid the rollback if cpuset
      parsing fails afterwards.
      29d8ed7a
    • D
      Fix WIN32 conditional for disabling console command · 9ef12b6f
      Daniel P. Berrange 提交于
      The '#endif' for a WIN32 conditional was placed one function
      too high, leaving the impl of the console command enabled
      and referencing functions that were disabled
      9ef12b6f