1. 30 4月, 2010 12 次提交
    • S
      Clean all tables before applying 'basic' rules · 59fe163f
      Stefan Berger 提交于
      The functions invoked by the IP address learning thread
      that apply some basic filtering rules did not clean up
      any previous filtering rules that may still be there
      (due to a libvirt restart for example). With the
      patch below all the rules are cleaned up first.
      
      Also, I am introducing a function to drop all traffic
      in case the IP address learning thread could not apply
      the rules.
      59fe163f
    • D
      MAke virFileHasSuffix case insensitive · b9efc7dc
      Daniel Veillard 提交于
      * src/util/util.c: as it's used for checking things like .iso suffixes
      b9efc7dc
    • S
      nwfilter: Also pick IP address from a DHCP ACK message · 7c66c033
      Stefan Berger 提交于
      The local DHCP server on virtbr0 sends DHCP ACK messages when a VM is
      started and requests an IP address while the initial DHCP lease on the
      VM's MAC address hasn't expired. So, also pick the IP address of the VM
      if that type of message is seen.
      Thanks to Gerhard Stenzel for providing a test case for this.
      
      Changes from V1 to V2:
      - cleanup: replacing DHCP option numbers through constants
      7c66c033
    • D
      Fix virt-pki-validate's determination of CN · c179a0f6
      Dustin Kirkland 提交于
      Ubuntu's gntls package generates an Issuer line that looks like this:
              Issuer: C=US,ST=NY,L=Rochester,O=example.com,CN=example.com CA,EMAIL=hostmaster@example.com
      
      While Red Hat's looks like this
      Issuer: CN=Red Hat Emerging Technologies
      
      Note the leading whitespace, and the additional fields in the former.
      
      This patch updates the regular expression to:
       * trim leading characters before "Issuer:"
       * trim anything between Issuer: and CN=
       * trim anything after the next ,
      
      I've tested this against the certool output of both RH and Ubuntu
      generated certs.
      Signed-off-by: NDustin Kirkland <kirkland@canonical.com>
      Signed-off-by: NEric Blake <eblake@redhat.com>
      c179a0f6
    • J
      qemudDomainSaveFlag: remove dead store · 5b0aed68
      Jim Meyering 提交于
      * src/qemu/qemu_driver.c (qemudDomainSaveFlag): Remove dead store to "rc".
      5b0aed68
    • D
      Fix detection of disk in IO events · 0eecdd68
      Daniel P. Berrange 提交于
      When using -device syntax, the IO event will have a different
      prefix, 'drive-' that needs to be skipped over before matching
      against the libvirt disk alias
      
      * src/qemu/qemu_driver.c: Skip QEMU_DRIVE_HOST_PREFIX in IO event
      0eecdd68
    • D
      Implement python binding for virDomainGetBlockInfo · 05776e09
      Daniel P. Berrange 提交于
      This binds the virDomainGetBlockInfo API to python's blockInfo
      method on the domain object
      
      >>> c = libvirt.openReadOnly('qemu:///session')
      >>> d = c.lookupByName('demo')
      >>> f = d.blockInfo("/dev/loop0", 0)
      >>> print f
      [1048576000L, 104857600L, 104857600L]
      
      * python/libvirt-override-api.xml: Define override signature
      * python/generator.py: Skip C impl generator for virDomainGetBlockInfo
      * python/libvirt-override.c: Manual impl of virDomainGetBlockInfo
      05776e09
    • D
      Add new domblkinfo command to virsh · 7703c2c9
      Daniel P. Berrange 提交于
        virsh # domblkinfo demoguest /dev/hda2
        Capacity:       1048576000
        Allocation:     104857600
        Physical:       104857600
      
      * tools/virsh.c: Implement domblkinfo command mapping to the
        new virDomainGetBlockInfo API
      7703c2c9
    • D
      Implement virDomainGetBlockInfo in QEMU driver · db57a7be
      Daniel P. Berrange 提交于
      * src/qemu/qemu_driver.c: Implementation of virDomainGetBlockInfo
      * src/util/storage_file.h: Add DEV_BSIZE
      * src/storage/storage_backend.c: Remove DEV_BSIZE
      db57a7be
    • D
      Remote protocol impl for virDomainGetBlockInfo · 84a3269a
      Daniel P. Berrange 提交于
      * daemon/remote.c: Server side dispatcher
      * daemon/remote_dispatch_args.h, daemon/remote_dispatch_prototypes.h,
        daemon/remote_dispatch_ret.h, daemon/remote_dispatch_table.h: Update
        with new API
      * src/remote/remote_driver.c: Client side dispatcher
      * src/remote/remote_protocol.c, src/remote/remote_protocol.h: Update
      * src/remote/remote_protocol.x: Define new wire protocol
      84a3269a
    • D
      Internal driver API infrastructure for virDomainGetBlockInfo · 46bad512
      Daniel P. Berrange 提交于
      This defines the internal driver API and stubs out each driver
      
      * src/driver.h: Define virDrvDomainGetBlockInfo signature
      * src/libvirt.c, src/libvirt_public.syms: Glue public API to drivers
      * src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/opennebula/one_driver.c,
        src/openvz/openvz_driver.c, src/phyp/phyp_driver.c,
        src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
        src/xen/xen_driver.c, src/xenapi/xenapi_driver.c: Stub out driver
      46bad512
    • D
      Add virDomainGetBlockInfo API to query disk sizing · 24aad9f7
      Daniel P. Berrange 提交于
      Some applications need to be able to query a guest's disk info,
      even for paths not managed by the storage pool APIs. This adds
      a very simple API to get this information, modelled on the
      virStorageVolGetInfo API, but with an extra field 'physical'.
      Normally 'physical' and 'allocation' will be identical, but
      in the case of a qcow2-like file stored inside a block device
      'physical' will give the block device size, while 'allocation'
      will give the qcow2 image size
      
      * include/libvirt/libvirt.h.in: Define virDomainGetBlockInfo
      24aad9f7
  2. 29 4月, 2010 10 次提交
  3. 28 4月, 2010 11 次提交
    • E
      build: fix autogen rule for VPATH build · 5fe816ec
      Eric Blake 提交于
      * cfg.mk (gnulib_srcdir): Override maint.mk default.
      (_update_required): Run in correct directory.
      5fe816ec
    • D
      Move dnsmasq host file to a separate directory · 4e041189
      Daniel Veillard 提交于
      use /var/lib/libvirt/dnsmasq since /var/lib/libvirt/network is
      unreadable by the dnsmasq binary
      
      * src/network/bridge_driver.c: update DNSMASQ_STATE_DIR
      * src/Makefile.am: create it on make install
      * libvirt.spec.in: take the new directory into account
      4e041189
    • S
      nwfilter: allow to mix filterrefs and rules in the schema · 42f8b25b
      Stefan Berger 提交于
      So far the references to other filters needed to appear before filtering
      rules. With the below patch they can now appear in any order.
      
      Also I forgot to add a couple of 'rarp's.
      42f8b25b
    • D
      Fix handling of security driver restore failures in QEMU domain save · 51cd0196
      Daniel P. Berrange 提交于
      In cases where the security driver failed to restore a label after a
      guest has saved, we mistakenly jumped to the error cleanup paths.
      This is not good, because the operation has in fact completed and
      cannot be rolled back completely. Label restore is non-critical, so
      just log the problem instead. Also add a missing restore call in
      the error cleanup path
      
      * src/qemu/qemu_driver.c: Fix handling of security driver
        restore failures in QEMU domain save
      51cd0196
    • D
      Fix QEMU domain save to block devices with cgroups enabled · 712048bd
      Daniel P. Berrange 提交于
      When cgroups is enabled, access to block devices is likely to be
      restricted to a whitelist. Prior to saving a guest to a block device,
      it is necessary to add the block device to the whitelist. This is
      not required upon restore, since QEMU reads from stdin
      
      * src/qemu/qemu_driver.c: Add block device to cgroups whitelist
        if neccessary during domain save.
      712048bd
    • D
      Fix QEMU save/restore with block devices · 93e0b3c8
      Daniel P. Berrange 提交于
      The save process was relying on use of the shell >> append
      operator to ensure the save data was placed after the libvirt
      header + XML. This doesn't work for block devices though.
      Replace this code with use of 'dd' and its 'seek' parameter.
      This means that we need to pad the header + XML out to a
      multiple of dd block size (in this case we choose 512).
      
      The qemuMonitorMigateToCommand() monitor API is used for both
      save/coredump, and migration via UNIX socket. We can't simply
      switch this to use 'dd' since this causes problems with the
      migration usage. Thus, create a dedicated qemuMonitorMigateToFile
      which can accept an filename + offset, and remove the filename
      from the current qemuMonitorMigateToCommand() API
      
      * src/qemu/qemu_driver.c: Switch to qemuMonitorMigateToFile
        for save and core dump
      * src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
        src/qemu/qemu_monitor_json.c, src/qemu/qemu_monitor_json.h,
        src/qemu/qemu_monitor_text.c, src/qemu/qemu_monitor_text.h: Create
        a new qemuMonitorMigateToFile, separate from the existing
        qemuMonitorMigateToCommand to allow handling file offsets
      93e0b3c8
    • D
      Avoid create/unlink with block devs used for QEMU save · ae42979a
      Daniel P. Berrange 提交于
      It is possible to use block devices with domain save/restore. Upon
      failure QEMU unlinks the path being saved to. This isn't good when
      it is a block device !
      
      * src/qemu/qemu_driver.c: Don't unlink block devices if save fails
      ae42979a
    • D
      Fix crash when cleaning up from failed save attempt · d7e0fe6e
      Daniel P. Berrange 提交于
      If a transient QEMU crashes during save attempt, then the virDomainPtr
      object may be freed. If a persistent QEMU crashes during save, then
      the 'priv->mon' field is no longer valid since it will be inactive.
      
      * src/qemu/qemu_driver.c: Fix two crashes when QEMU exits
        during a save attempt
      d7e0fe6e
    • S
      nwfilter: let qemu's after-migration packet pass · ed7813d2
      Stefan Berger 提交于
      Qemu currently sends an Ethernet packet with protocol id 0x835 once a VM
      was successfully migrated. The content of the packet looks like a
      gratuitous RARP, just with the wrong protocol ID, which should be
      0x8035. I wrote some filters to let either one of the packets pass and
      am adapting the clean-traffic sample filter to use it. I am also
      doing some changes on the existing ARP filter which was lacking a
      test for source MAC address.
      ed7813d2
    • C
    • K
      75d88455
  4. 27 4月, 2010 7 次提交
    • C
      Fix up the locking in the snapshot code. · b69bbebb
      Chris Lalancette 提交于
      In particular I was forgetting to take the qemuMonitorPrivatePtr
      lock (via qemuDomainObjBeginJob), which would cause problems
      if two users tried to access the same domain at the same time.
      This patch also fixes a problem where I was forgetting to remove
      a transient domain from the list of domains.
      
      Thanks to Stephen Shaw for pointing out the problem and testing
      out the initial patch.
      Signed-off-by: NChris Lalancette <clalance@redhat.com>
      b69bbebb
    • D
      cleanup the download section of the documentation · 0c4010a1
      Daniel Veillard 提交于
      Just removing reverences to the deprecated CVS server and the old git
      on et.redhat.com
      0c4010a1
    • S
      nwfilter: add support for RAPR protocol · aea68ce9
      Stefan Berger 提交于
      This patch adds support for the RARP protocol. This may be needed due to
      qemu sending out a RARP packet (at least that's what it seems to want to
      do even though the protocol id is wrong) when migration finishes and
      we'd need a rule to let the packets pass.
      
      Unfortunately my installation of ebtables does not understand -p RARP
      and also seems to otherwise depend on strings in /etc/ethertype
      translated to protocol identifiers. Therefore I need to pass -p 0x8035
      for RARP. To generally get rid of the dependency of that file I switch
      all so far supported protocols to use their protocol identifier in the
      -p parameter rather than the string.
      
      I am also extending the schema and added a test case.
      
      changes from v1 to v2:
      - added test case into patch
      aea68ce9
    • J
      Ignore qemu STOP event when stopping CPUs · 35b61376
      Jiri Denemark 提交于
      With JSON qemu monitor, we get a STOP event from qemu whenever qemu
      stops guests CPUs. The downside of it is that vm->state is changed to
      PAUSED and a new generic paused event is send to applications. However,
      when we ask qemu to stop the CPUs we are not really interested in qemu
      event and we usually want to issue a more specific event.
      
      By setting vm->status to PAUSED before actually sending the request to
      qemu (and resetting it back if the request fails) we can ignore the
      event since the event handler does nothing when the guest is already
      paused. This solution is quite hacky but unfortunately it's the best
      solution which I was able to come up with and it doesn't introduce a
      race condition.
      35b61376
    • J
      Fix build with DEBUG_RAW_IO=1 · 29bca037
      Jiri Denemark 提交于
      29bca037
    • D
      Fix indentation for storage conf XML · 1b9347b5
      David Allan 提交于
      * virStorageEncryptionFormat is called from both
        virDomainDiskDefFormat and virStorageVolTargetDefFormat.  The proper
        indentation in the generated XML depends on the caller.  My earlier
        patch to fix the incorrect indentation for the domain XML broke the
        indentation for the storage XML.  This patch adopts Laine's
        suggestion of requring the caller of virStorageEncryptionFormat to
        provide an unsigned int with the number of spaces the output should
        be indented.  The patch modifies both callers to provide the
        additional argument.
      
      * Add a regression test for the domain XML
      
      * src/conf/domain_conf.c src/conf/storage_conf.c
        src/conf/storage_encryption_conf.c src/conf/storage_encryption_conf.h:
        change the indentation code
      * tests/qemuxml2xmltest.c
        tests/qemuxml2argvdata/qemuxml2argv-encrypted-disk.args
        tests/qemuxml2argvdata/qemuxml2argv-encrypted-disk.xml: add a regression test
      1b9347b5
    • D
      Don't try to build qemu and lxc on non-Linux platforms · 6b3ce82d
      Daniel Veillard 提交于
      as their drivers requires linux only headers
      6b3ce82d