- 27 3月, 2010 12 次提交
-
-
由 Stefan Berger 提交于
This patch adds support for L3/L4 filtering using iptables. This adds support for 'tcp', 'udp', 'icmp', 'igmp', 'sctp' etc. filtering. As mentioned in the introduction, a .c file provided by this patch is #include'd into a .c file. This will need work, but should be alright for review. Signed-off-by: NStefan Berger <stefanb@us.ibm.com>
-
由 Stefan Berger 提交于
This patch adds IPv6 support for the ebtables layer. Since the parser etc. are all parameterized, it was fairly easy to add this... Signed-off-by: NStefan Berger <stefanb@us.ibm.com>
-
由 Stefan Berger 提交于
Add support for Qemu to have firewall rules applied and removed on VM startup and shutdown respectively. This patch also provides support for the updating of a filter that causes all VMs that reference the filter to have their ebtables/iptables rules updated. Signed-off-by: NStefan Berger <stefanb@us.ibm.com>
-
由 Stefan Berger 提交于
This patch implements the core driver and provides - management functionality for managing the filter XMLs - compiling the internal filter representation into ebtables rules - applying ebtables rules on a network (tap,macvtap) interface - tearing down ebtables rules that were applied on behalf of an interface - updating of filters while VMs are running and causing the firewalls to be rebuilt - other bits and pieces Signed-off-by: NStefan Berger <stefanb@us.ibm.com>
-
由 Stefan Berger 提交于
This patch adds XML processing for the network filter schema and extends the domain XML processing to parse the top level referenced filter along with potentially provided parameters Signed-off-by: NStefan Berger <stefanb@us.ibm.com> Signed-off-by: NGerhard Stenzel <gerhard.stenzel@de.ibm.com>
-
由 Stefan Berger 提交于
This patch adds the definition of the wire format for RPC calls and implementation of the RPC client & server code Signed-off-by: NStefan Berger <stefanb@us.ibm.com>
-
由 Stefan Berger 提交于
This patch adds the implementation of the public API for the network filtering (ACL) extensions to libvirt.c . Signed-off-by: NStefan Berger <stefanb@us.ibm.com>
-
由 Stefan Berger 提交于
This patch adds the internal API extensions for network filtering (ACL) support. Signed-off-by: NStefan Berger <stefanb@us.ibm.com>
-
由 Stefan Berger 提交于
This patch adds recursive locks necessary due to the processing of network filter XML that can reference other network filters, including references that cause looks. Loops in the XML are prevented but their detection requires recursive locks. Signed-off-by: NStefan Berger <stefanb@us.ibm.com>
-
由 David Allan 提交于
* Add types to switch; the switch is only exectuted for known types because of a preceding conditional, so this fix is merely to placate the compiler.
-
由 Stefan Berger 提交于
To find out where the net type 'direct' needs to be handled I introduced the 'enum virDomainNetType' in the virDomainNetDef structure and let the compiler tell me where the case statement is missing. Then I added the unhandled device statement to the UML driver. * src/conf/domain_conf.h: change _virDomainNetDef type from int to virDomainNetType enum * src/conf/domain_conf.c src/lxc/lxc_driver.c src/qemu/qemu_conf.c src/uml/uml_conf.c: make sure all enum cases are properly handled in switches
-
由 Daniel Veillard 提交于
-
- 26 3月, 2010 18 次提交
-
-
由 Daniel P. Berrange 提交于
Use the new virDomainUpdateDeviceFlags API to allow the VNC password to be changed on the fly * src/internal.h: Define STREQ_NULLABLE() which is like STREQ() but does not crash if either argument is NULL, and treats two NULLs as equal. * src/libvirt_private.syms: Export virDomainGraphicsTypeToString * src/qemu/qemu_driver.c: Support VNC password change on a live machine * src/qemu/qemu_monitor.c: Disable crazy debugging info. Treat a NULL password as "" (empty string), allowing passwords to be disabled in the monitor
-
由 Daniel P. Berrange 提交于
Expand the parser for the standalone <device> XML format to allow inclusion of the <graphics> device type * src/conf/domain_conf.h: Add virDomainGraphicsDef to the virDomainDeviceDef struct * src/conf/domain_conf.c: Wire up parser for virDomainGraphicsDef to virDomainDeviceDefParse method
-
由 Daniel P. Berrange 提交于
To allow the new virDomainUpdateDeviceFlags() API to be universally used with all drivers, this patch adds an impl to all the current drivers which support CDROM or Floppy disk media change via the current virDomainAttachDeviceFlags API * src/qemu/qemu_driver.c, src/vbox/vbox_tmpl.c, src/xen/proxy_internal.c, src/xen/xen_driver.c, src/xen/xend_internal.c: Implement media change via the virDomainUpdateDeviceFlags API * src/xen/xen_driver.h, src/xen/xen_hypervisor.c, src/xen/xen_inotify.c, src/xen/xm_internal.c, src/xen/xs_internal.c: Stubs for Xen driver entry points
-
由 Daniel P. Berrange 提交于
This defines the wire format for the new virDomainUpdateDeviceFlags() API, and implements the server & client side of the marshalling code. * daemon/remote.c: Server side dispatch for virDomainUpdateDeviceFlags * src/remote/remote_driver.c: Client side serialization for virDomainUpdateDeviceFlags * src/remote/remote_protocol.x: Define wire format for virDomainUpdateDeviceFlags * daemon/remote_dispatch_args.h, daemon/remote_dispatch_prototypes.h, daemon/remote_dispatch_table.h, src/remote/remote_protocol.c, src/remote/remote_protocol.h: Re-generate code
-
由 Daniel P. Berrange 提交于
The current virDomainAttachDevice API can be (ab)used to change the media of an existing CDROM/Floppy device. Going forward there will be more devices that can be configured on the fly and overloading virDomainAttachDevice for this is not too pleasant. This patch adds a new virDomainUpdateDeviceFlags() explicitly just for modifying existing devices. * include/libvirt/libvirt.h.in: Add virDomainUpdateDeviceFlags * src/driver.h: Internal API for virDomainUpdateDeviceFlags * src/libvirt.c, src/libvirt_public.syms: Glue public API to driver API * src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/opennebula/one_driver.c, src/openvz/openvz_driver.c, src/phyp/phyp_driver.c, src/qemu/qemu_driver.c, src/remote/remote_driver.c, src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c, src/xen/xen_driver.c, src/xenapi/xenapi_driver.c: Add stubs for new driver entry point
-
由 Daniel P. Berrange 提交于
This introduces a new event type VIR_DOMAIN_EVENT_ID_GRAPHICS The same event can be emitted in 3 scenarios typedef enum { VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0, VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE, VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT, } virDomainEventGraphicsPhase; Connect/disconnect are triggered at socket accept/close. The initialize phase is immediately after the protocol setup and authentication has completed. ie when the client is authorized and about to start interacting with the graphical desktop This event comes with *a lot* of potential information - IP address, port & address family of client - IP address, port & address family of server - Authentication scheme (arbitrary string) - Authenticated subject identity. A subject may have multiple identities with some authentication schemes. For example, vencrypt+sasl results in a x509dname and saslUsername identities. This results in a very complicated callback :-( typedef enum { VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4, VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6, } virDomainEventGraphicsAddressType; struct _virDomainEventGraphicsAddress { int family; const char *node; const char *service; }; typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress; typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr; struct _virDomainEventGraphicsSubject { int nidentity; struct { const char *type; const char *name; } *identities; }; typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject; typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr; typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn, virDomainPtr dom, int phase, virDomainEventGraphicsAddressPtr local, virDomainEventGraphicsAddressPtr remote, const char *authScheme, virDomainEventGraphicsSubjectPtr subject, void *opaque); The wire protocol is similarly complex struct remote_domain_event_graphics_address { int family; remote_nonnull_string node; remote_nonnull_string service; }; const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20; struct remote_domain_event_graphics_identity { remote_nonnull_string type; remote_nonnull_string name; }; struct remote_domain_event_graphics_msg { remote_nonnull_domain dom; int phase; remote_domain_event_graphics_address local; remote_domain_event_graphics_address remote; remote_nonnull_string authScheme; remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>; }; This is currently implemented in QEMU for the VNC graphics protocol, but designed to be usable with SPICE graphics in the future too. * daemon/remote.c: Dispatch graphics events to client * examples/domain-events/events-c/event-test.c: Watch for graphics events * include/libvirt/libvirt.h.in: Define new graphics event ID and callback signature * src/conf/domain_event.c, src/conf/domain_event.h, src/libvirt_private.syms: Extend API to handle graphics events * src/qemu/qemu_driver.c: Connect to the QEMU monitor event for VNC events and emit a libvirt graphics event * src/remote/remote_driver.c: Receive and dispatch graphics events to application * src/remote/remote_protocol.x: Wire protocol definition for graphics events * src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h, src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED, VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
-
由 Daniel P. Berrange 提交于
This introduces a new event type VIR_DOMAIN_EVENT_ID_IO_ERROR This event includes the action that is about to be taken as a result of the watchdog triggering typedef enum { VIR_DOMAIN_EVENT_IO_ERROR_NONE = 0, VIR_DOMAIN_EVENT_IO_ERROR_PAUSE, VIR_DOMAIN_EVENT_IO_ERROR_REPORT, } virDomainEventIOErrorAction; In addition it has the source path of the disk that had the error and its unique device alias. It does not include the target device name (/dev/sda), since this would preclude triggering IO errors from other file backed devices (eg serial ports connected to a file) Thus there is a new callback definition for this event type typedef void (*virConnectDomainEventIOErrorCallback)(virConnectPtr conn, virDomainPtr dom, const char *srcPath, const char *devAlias, int action, void *opaque); This is currently wired up to the QEMU block IO error events * daemon/remote.c: Dispatch IO error events to client * examples/domain-events/events-c/event-test.c: Watch for IO error events * include/libvirt/libvirt.h.in: Define new IO error event ID and callback signature * src/conf/domain_event.c, src/conf/domain_event.h, src/libvirt_private.syms: Extend API to handle IO error events * src/qemu/qemu_driver.c: Connect to the QEMU monitor event for block IO errors and emit a libvirt IO error event * src/remote/remote_driver.c: Receive and dispatch IO error events to application * src/remote/remote_protocol.x: Wire protocol definition for IO error events * src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h, src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event from QEMU monitor
-
由 Daniel P. Berrange 提交于
This introduces a new event type VIR_DOMAIN_EVENT_ID_WATCHDOG This event includes the action that is about to be taken as a result of the watchdog triggering typedef enum { VIR_DOMAIN_EVENT_WATCHDOG_NONE = 0, VIR_DOMAIN_EVENT_WATCHDOG_PAUSE, VIR_DOMAIN_EVENT_WATCHDOG_RESET, VIR_DOMAIN_EVENT_WATCHDOG_POWEROFF, VIR_DOMAIN_EVENT_WATCHDOG_SHUTDOWN, VIR_DOMAIN_EVENT_WATCHDOG_DEBUG, } virDomainEventWatchdogAction; Thus there is a new callback definition for this event type typedef void (*virConnectDomainEventWatchdogCallback)(virConnectPtr conn, virDomainPtr dom, int action, void *opaque); * daemon/remote.c: Dispatch watchdog events to client * examples/domain-events/events-c/event-test.c: Watch for watchdog events * include/libvirt/libvirt.h.in: Define new watchdg event ID and callback signature * src/conf/domain_event.c, src/conf/domain_event.h, src/libvirt_private.syms: Extend API to handle watchdog events * src/qemu/qemu_driver.c: Connect to the QEMU monitor event for watchdogs and emit a libvirt watchdog event * src/remote/remote_driver.c: Receive and dispatch watchdog events to application * src/remote/remote_protocol.x: Wire protocol definition for watchdog events * src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h, src/qemu/qemu_monitor_json.c: Watch for WATCHDOG event from QEMU monitor
-
由 Daniel P. Berrange 提交于
This introduces a new event type VIR_DOMAIN_EVENT_ID_RTC_CHANGE This event includes the new UTC offset measured in seconds. Thus there is a new callback definition for this event type typedef void (*virConnectDomainEventRTCChangeCallback)(virConnectPtr conn, virDomainPtr dom, long long utcoffset, void *opaque); If the guest XML configuration for the <clock> is set to offset='variable', then the XML will automatically be updated with the new UTC offset value. This ensures that during migration/save/restore the new offset is preserved. * daemon/remote.c: Dispatch RTC change events to client * examples/domain-events/events-c/event-test.c: Watch for RTC change events * include/libvirt/libvirt.h.in: Define new RTC change event ID and callback signature * src/conf/domain_event.c, src/conf/domain_event.h, src/libvirt_private.syms: Extend API to handle RTC change events * src/qemu/qemu_driver.c: Connect to the QEMU monitor event for RTC changes and emit a libvirt RTC change event * src/remote/remote_driver.c: Receive and dispatch RTC change events to application * src/remote/remote_protocol.x: Wire protocol definition for RTC change events * src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h, src/qemu/qemu_monitor_json.c: Watch for RTC_CHANGE event from QEMU monitor
-
由 Daniel P. Berrange 提交于
The reboot event is not a normal lifecycle event, since the virtual machine on the host does not change state. Rather the guest OS is resetting the virtual CPUs. ie, the QEMU process does not restart. Thus, this does not belong in the current lifecycle events callback. This introduces a new event type VIR_DOMAIN_EVENT_ID_REBOOT It takes no parameters, besides the virDomainPtr, so it can use the generic callback signature. * daemon/remote.c: Dispatch reboot events to client * examples/domain-events/events-c/event-test.c: Watch for reboot events * include/libvirt/libvirt.h.in: Define new reboot event ID * src/conf/domain_event.c, src/conf/domain_event.h, src/libvirt_private.syms: Extend API to handle reboot events * src/qemu/qemu_driver.c: Connect to the QEMU monitor event for reboots and emit a libvirt reboot event * src/remote/remote_driver.c: Receive and dispatch reboot events to application * src/remote/remote_protocol.x: Wire protocol definition for reboot events
-
由 Daniel P. Berrange 提交于
To avoid confusion, rename the current REMOTE_PROC_DOMAIN_EVENT message to REMOTE_PROC_DOMAIN_EVENT_LIFECYCLE. This does not cause ABI problems, since the names are only relevant at the source code level. On the wire they encoding is a plain integer whose value does not change * src/remote/remote_protocol.x: Rename REMOTE_PROC_DOMAIN_EVENT to REMOTE_PROC_DOMAIN_EVENT_LIFECYCLE. * daemon/remote.c, src/remote/remote_driver.c: Update code for renamed event
-
由 Daniel P. Berrange 提交于
This wires up the remote driver to handle the new events APIs. The public API allows an application to request a callback filters events to a specific domain object, and register multiple callbacks for the same event type. On the wire there are two strategies for this - Register multiple callbacks with the remote daemon, each with filtering as needed - Register only one callback per event type, with no filtering Both approaches have potential inefficiency. In the first scheme, the same event gets sent over the wire many times if multiple callbacks are registered. With the second scheme, unneccessary events get sent over the wire if a per-domain filter is set on the client. The second scheme is far easier to implement though, so this patch takes that approach. * daemon/dispatch.h: Don't export remoteRelayDomainEvent since it is no longer needed for unregistering callbacks, instead the unique callback ID is used * daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister callbacks based on callback ID, instead of function pointer * daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny instead of legacy virConnectDomainEventRegister function. Refactor remoteDispatchDomainEventSend() to cope with arbitrary event types * src/driver.h, src/driver.c: Move verify() call into source file instead of header, to avoid polluting the global namespace with the verify function name * src/remote/remote_driver.c: Implement new APIs for event registration. Refactor processCallDispatchMessage() to cope with arbitrary incoming event types. Merge remoteDomainQueueEvent() into processCallDispatchMessage() to avoid duplication of code. Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle() * src/remote/remote_protocol.x: Define wire format for the new virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny functions
-
由 Daniel P. Berrange 提交于
The libvirtd daemon impl will need to switch over to using the new event APIs. To make this simpler, ensure all drivers currently providing events support both the new APIs and old APIs. * src/lxc/lxc_driver.c, src/qemu/qemu_driver.c, src/test/test_driver.c, src/vbox/vbox_tmpl.c, src/xen/xen_driver.c: Implement the new virConnectDomainEvent(Dereg|Reg)isterAny driver entry points
-
由 Daniel P. Berrange 提交于
The current internal domain events API tracks callbacks based on the function pointer, and only supports lifecycle events. This adds new internal APIs for registering callbacks for other event types. These new APIs are postfixed with the word 'ID' to indicate that they operated based on event ID, instead of hardcoded to lifecycle events * src/conf/domain_event.c, src/conf/domain_event.h, src/libvirt_private.syms: Add new APIs for handling callbacks for non-lifecycle events
-
由 Daniel P. Berrange 提交于
The internal domain events APIs are designed to handle the lifecycle events. This needs to be refactored to allow arbitrary new event types to be handled. * The signature of virDomainEventDispatchFunc changes to use virConnectDomainEventGenericCallback instead of the lifecycle event specific virConnectDomainEventCallback * Every registered callback gains a unique ID to allow its removal based on ID, instead of function pointer * Every registered callback gains an 'eventID' to allow callbacks for different types of events to be distinguished * virDomainEventDispatch is adapted to filter out callbacks whose eventID does not match the eventID of the event being dispatched * virDomainEventDispatch is adapted to filter based on the domain name and uuid, if this filter is set for a callback. * virDomainEvent type/detail fields are moved into a union to allow different data fields for other types of events to be added later * src/conf/domain_event.h, src/conf/domain_event.c: Refactor to allow handling of different types of events * src/lxc/lxc_driver.c, src/qemu/qemu_driver.c, src/remote/remote_driver.c, src/test/test_driver.c, src/xen/xen_driver.c: Change dispatch function signature to use virConnectDomainEventGenericCallback
-
由 Daniel P. Berrange 提交于
The virtual box driver was directly accesing the domain events structs instead of using the APIs provided. To prevent this kind of abuse, make the struct definitions private, forcing use of the internal APIs. This requires adding one extra internal API. * src/conf/domain_event.h, src/conf/domain_event.c: Move virDomainEventCallback and virDomainEvent structs into the source file instead of header * src/vbox/vbox_tmpl.c: Use official APIs for dispatching domain events instead of accessing structs directly.
-
由 Daniel P. Berrange 提交于
The current API for domain events has a number of problems - Only allows for domain lifecycle change events - Does not allow the same callback to be registered multiple times - Does not allow filtering of events to a specific domain This introduces a new more general purpose domain events API typedef enum { VIR_DOMAIN_EVENT_ID_LIFECYCLE = 0, /* virConnectDomainEventCallback */ ...more events later.. } int virConnectDomainEventRegisterAny(virConnectPtr conn, virDomainPtr dom, /* Optional, to filter */ int eventID, virConnectDomainEventGenericCallback cb, void *opaque, virFreeCallback freecb); int virConnectDomainEventDeregisterAny(virConnectPtr conn, int callbackID); Since different event types can received different data in the callback, the API is defined with a generic callback. Specific events will each have a custom signature for their callback. Thus when registering an event it is neccessary to cast the callback to the generic signature eg int myDomainEventCallback(virConnectPtr conn, virDomainPtr dom, int event, int detail, void *opaque) { ... } virConnectDomainEventRegisterAny(conn, NULL, VIR_DOMAIN_EVENT_ID_LIFECYCLE, VIR_DOMAIN_EVENT_CALLBACK(myDomainEventCallback) NULL, NULL); The VIR_DOMAIN_EVENT_CALLBACK() macro simply does a "bad" cast to the generic signature * include/libvirt/libvirt.h.in: Define new APIs for registering domain events * src/driver.h: Internal driver entry points for new events APIs * src/libvirt.c: Wire up public API to driver API for events APIs * src/libvirt_public.syms: Export new APIs * src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/opennebula/one_driver.c, src/openvz/openvz_driver.c, src/phyp/phyp_driver.c, src/qemu/qemu_driver.c, src/remote/remote_driver.c, src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c, src/xen/xen_driver.c, src/xenapi/xenapi_driver.c: Stub out new API entries
-
由 Jim Meyering 提交于
* cfg.mk (useless_free_options): Add virDomainDefFree to the list of free-like functions. * src/test/test_driver.c (testDomainCreateXML): Remove useless-if- before-virDomainDefFree. * src/conf/domain_conf.c (virDomainAssignDef): Likewise
-
- 25 3月, 2010 3 次提交
-
-
由 Jiri Denemark 提交于
-
由 Matthias Bolte 提交于
The keys of entries in a VMX file are case insensitive. Both scsi0:1.fileName and scsi0:1.filename are valid. Therefore, make the conf parser compare names case insensitive in VMX mode to accept every capitalization variation. Also add test cases for this.
-
由 Matthias Bolte 提交于
<source file=''/> results in def->disks[i]->src == NULL. But vboxDomainDefineXML and vboxDomainAttachDevice didn't check def->disks[i]->src for NULL and expected it to be a valid string. Add checks for def->disks[i]->src != NULL to fix the segfault.
-
- 24 3月, 2010 1 次提交
-
-
由 Jim Meyering 提交于
* src/Makefile.am (augeas-check): New target, just to give the existing rule a name. At the same time, prefix the commands with $(AM_V_GEN), to avoid unexpected build output with V=0 which is the default.
-
- 23 3月, 2010 6 次提交
-
-
由 Jiri Denemark 提交于
-
由 Jiri Denemark 提交于
-
由 Jiri Denemark 提交于
-
由 Jim Meyering 提交于
Before, this function would blindly accept an invalid def->dst and then abuse the idx=-1 it would get from virDiskNameToIndex, when passing it invalid strings like "xvda:disk" and "sda1". Now, this function returns -1 upon failure. * src/conf/domain_conf.c (virDomainDiskDefAssignAddress): as above. Update callers. * src/conf/domain_conf.h: Update prototype. * src/qemu/qemu_conf.c: Update callers.
-
由 Jim Meyering 提交于
* src/util/util.c (virDiskNameToIndex): Accept sda1, and map it to "sda". I.e., accept and ignore any string of trailing digits.
-
由 Matthias Bolte 提交于
virSetCloseExec and virExecDaemonize were missing a body on Windows.
-