- 24 8月, 2016 7 次提交
-
-
由 Nikolay Shirokovskiy 提交于
ACL check on perform step should be in API call itself to make ACL checking script pass. Thus we need to reorganize code to obtain domain object in perform API itself. Most of this is straight forward, the only nuance is dropping locks on lengthy remote operations. The other motivation is to have only perform step ACL checks for p2p migration instead of both begin in perform if we can leave ACL check in vzDomainMigratePerformStep. Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
-
由 Nikolay Shirokovskiy 提交于
We need it to prepare the calls for ACL checks otherwise ACL checking script will fail. Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
-
由 Nikolay Shirokovskiy 提交于
Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
-
由 Nikolay Shirokovskiy 提交于
This action deserves its own function and makes main API call structure much cleaner. Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
-
由 Nikolay Shirokovskiy 提交于
Now we can use intended ACL check for both API calls. Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
-
由 Nikolay Shirokovskiy 提交于
Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
-
由 Nikolay Shirokovskiy 提交于
The original motivation is to expand API calls like start/stop etc so that the ACL checks could be added. But this patch has its own befenits. 1. functions like prlsdkStart/Stop use common routine to wait for job without domain lock. They become more self contained and do not return intermediate PRL_RESULT. 2. vzDomainManagedSave do not update cache twice. Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com> Signed-off-by: NMaxim Nestratov <mnestratov@virtuozzo.com>
-
- 23 8月, 2016 1 次提交
-
-
由 John Ferlan 提交于
Commit id '0b6336c2' formatted the 'addr', but didn't VIR_FREE it. Found by Coverity.
-
- 22 8月, 2016 1 次提交
-
-
由 JieWang 提交于
remove the dead code this patch is to remove the dead code Signed-off-by: JieWang <wangjie88@huawei.com> Signed-off-by: NJieWang <wangjie88@huawei.com>
-
- 20 8月, 2016 4 次提交
-
-
由 John Ferlan 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1367259 Crash occurs because 'secrets' is being dereferenced in call: if (qemuDomainSecretSetup(conn, priv, secinfo, disk->info.alias, VIR_SECRET_USAGE_TYPE_VOLUME, NULL, &src->encryption->secrets[0]->seclookupdef, true) < 0) (gdb) p *src->encryption $1 = {format = 2, nsecrets = 0, secrets = 0x0, encinfo = {cipher_size = 0, cipher_name = 0x0, cipher_mode = 0x0, cipher_hash = 0x0, ivgen_name = 0x0, ivgen_hash = 0x0}} (gdb) bt priv=priv@entry=0x7fffc03be160, disk=disk@entry=0x7fffb4002ae0) at qemu/qemu_domain.c:1087 disk=0x7fffb4002ae0, vm=0x7fffc03a2580, driver=0x7fffc02ca390, conn=0x7fffb00009a0) at qemu/qemu_hotplug.c:355 Upon entry to qemuDomainAttachVirtioDiskDevice, src->encryption points at a valid 'secret' buffer w/ nsecrets == 1; however, the call to qemuDomainDetermineDiskChain will call virStorageFileGetMetadata and eventually virStorageFileGetMetadataInternal where the src->encryption was overwritten when probing the volume. Commit id 'a48c7141' added code to virStorageFileGetMetadataInternal to determine if the disk/volume would use/need encryption and allocated a meta->encryption. This overwrote an existing encryption buffer already provided by the XML This patch adds a check for meta->encryption already present before just allocating and overwriting an existing buffer. It then checks the existing encryption data to ensure the XML provided format for the disk matches the expected format read from the disk and errors if there is a mismatch.
-
由 Laine Stump 提交于
For some unknown reason the original implementation of the <forwarder> element only took advantage of part of the functionality in the dnsmasq feature it exposes - it allowed specifying the ip address of a DNS server which *all* DNS requests would be forwarded to, like this: <forwarder addr='192.168.123.25'/> This is a frontend for dnsmasq's "server" option, which also allows you to specify a domain that must be matched in order for a request to be forwarded to a particular server. This patch adds support for specifying the domain. For example: <forwarder domain='example.com' addr='192.168.1.1'/> <forwarder domain='www.example.com'/> <forwarder domain='travesty.org' addr='10.0.0.1'/> would forward requests for bob.example.com, ftp.example.com and joe.corp.example.com all to the DNS server at 192.168.1.1, but would forward requests for travesty.org and www.travesty.org to 10.0.0.1. And due to the second line, requests for www.example.com, and odd.www.example.com would be resolved by the libvirt network's own DNS server (i.e. thery wouldn't be immediately forwarded) even though they also match 'example.com' - the match is given to the entry with the longest matching domain. DNS requests not matching any of the entries would be resolved by the libvirt network's own DNS server. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1331796
-
由 Laine Stump 提交于
If you define a libvirt virtual network with one or more IP addresses, it starts up an instance of dnsmasq. It's always been possible to avoid dnsmasq's dhcp server (simply don't include a <dhcp> element), but until now it wasn't possible to avoid having the DNS server listening; even if the network has no <dns> element, it is started using default settings. This patch adds a new attribute to <dns>: enable='yes|no'. For backward compatibility, it defaults to 'yes', but if you don't want a DNS server created for the network, you can simply add: <dns enable='no'/> to the network configuration, and next time the network is started there will be no dns server created (if there is dhcp configuration, dnsmasq will be started with "port=0" which disables the DNS server; if there is no dhcp configuration, dnsmasq won't be started at all).
-
由 Laine Stump 提交于
The new forward mode 'open' is just like mode='route', except that no firewall rules are added to assure that any traffic does or doesn't pass. It is assumed that either they aren't necessary, or they will be setup outside the scope of libvirt. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=846810
-
- 19 8月, 2016 7 次提交
-
-
由 Michal Privoznik 提交于
==18324== 32 bytes in 1 blocks are still reachable in loss record 41 of 114 ==18324== at 0x4C2C070: calloc (vg_replace_malloc.c:623) ==18324== by 0x4EA479B: virAlloc (viralloc.c:144) ==18324== by 0x4EA674A: virBitmapNewQuiet (virbitmap.c:77) ==18324== by 0x4EA67F7: virBitmapNew (virbitmap.c:106) ==18324== by 0x4EC777D: dnsmasqCapsNewEmpty (virdnsmasq.c:801) ==18324== by 0x4EC781B: dnsmasqCapsNewFromBuffer (virdnsmasq.c:815) ==18324== by 0x407CF4: mymain (networkxml2conftest.c:99) ==18324== by 0x409CF0: virTestMain (testutils.c:982) ==18324== by 0x4080EA: main (networkxml2conftest.c:136) Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Mikhail Feoktistov 提交于
This patch fixes a bug which occurs when we check a bus and unit number for a new attached disk. We should do this check in ValidadionCallback, not in PostParse callback. Because in PostParse we have not initialized disk->info.addr.drive struct yet. Move part of code from domainPostParseCallback to domainValidateCallback and part from devicesPostParseCallback to deviceValidateCallback. PostParse callbacks are for modification data. ValidateCallbacks are only for checks.
-
由 Olga Krishtal 提交于
While dettaching/attaching device in OpenStack, nova calls vzDomainDettachDevice twice, because the update of the internal configuration of the ct comes a bit latter than the update event. As the result, we suffer from the second call to dettach the same device. Signed-off-by: NOlga Krishtal <okrishtal@virtuozzo.com>
-
由 Maxim Nestratov 提交于
Somehow we lost this during recent refactoring Signed-off-by: NMaxim Nestratov <mnestratov@virtuozzo.com>
-
由 Maxim Nestratov 提交于
If we are going to ignore return value of a functions that can raise an error, it's not enough to use ignore_value construction. We should explicitly call virResetLastError Signed-off-by: NMaxim Nestratov <mnestratov@virtuozzo.com>
-
由 Maxim Nestratov 提交于
Signed-off-by: NMaxim Nestratov <mnestratov@virtuozzo.com>
-
由 Maxim Nestratov 提交于
First, make function logPrlEventErrorHelper be void and only print information (if any) from an event. Second, don't rewrite original error with any errors we get during parsing event info. Third, ignore PRL_ERR_NO_DATA at all. Signed-off-by: NMaxim Nestratov <mnestratov@virtuozzo.com>
-
- 18 8月, 2016 6 次提交
-
-
由 Ján Tomko 提交于
The marginally nicer error message is not worth the extra lines in cfg.mk. Also drop the excludes since there was only one offender in the tests.
-
由 Ján Tomko 提交于
Both gethostbyaddr and gethostbyname* are already checked by sc_prohibit_nonreentrant.
-
由 Ján Tomko 提交于
GNU make is able to replace characters, no need to call tr.
-
由 Ján Tomko 提交于
The script was returning success unless it failed on the last file. This went unnoticed because sc_prohibit_long_lines forbids lines longer than 90 characters in .arg[sv] files.
-
由 Ján Tomko 提交于
Pick up the new syntax-check speedups.
-
由 Ján Tomko 提交于
Check whether the disable-legacy property is present on the following devices: virtio-balloon-pci virtio-blk-pci virtio-scsi-pci virtio-serial-pci virtio-9p-pci virtio-net-pci virtio-rng-pci virtio-gpu-pci virtio-input-host-pci virtio-keyboard-pci virtio-mouse-pci virtio-tablet-pci Assuming that if QEMU knows other virtio devices where this property is applicable, it will have at least one of these devices. Added in QEMU by: commit e266d421490e0ae83044bbebb209b2d3650c0ba6 virtio-pci: add flags to enable/disable legacy/modern
-
- 17 8月, 2016 9 次提交
-
-
由 John Ferlan 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1182074 Since libvirt still uses a legacy qemu arg format to add a disk, the manner in which the 'password-secret' argument is passed to qemu needs to change to prepend a 'file.' If in the future, usage of the more modern disk format, then the prepended 'file.' can be removed. Fix based on Jim Fehlig <jfehlig@suse.com> posting and subsequent upstream list followups, see: http://www.redhat.com/archives/libvir-list/2016-August/msg00777.html for details. Introduced by commit id 'a1344f70'.
-
由 Chen Hanxiao 提交于
s/libvirt.c/libvirt-domain.c Signed-off-by: NChen Hanxiao <chenhanxiao@gmail.com>
-
由 John Ferlan 提交于
Modify virDomainDefGetVcpuSched to emit an error message if virDomainDefGetVcpu returns NULL meaning the vcpu could not be found. Prior to commit id '9cc931f0' the error message would have been issued in virDomainDefGetVcpu.
-
由 Pavel Hrdina 提交于
The code that setups listen types may change a listen type from address to socket based on configuration from qemu.conf. This needs to be done before we reserve/allocate ports that won't be used. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1364843Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Pavel Hrdina 提交于
Ports are valid only for listen types 'address' and 'network', other listen types doesn't use them so we should not try to reserve any ports. Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Pavel Hrdina 提交于
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Pavel Hrdina 提交于
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Pavel Hrdina 提交于
Signed-off-by: Pavel Hrdina <phrdina@redhat.com
-
由 Andrea Bolognani 提交于
The first argument should be const char ** instead of char **, because this is a search function and as such it doesn't, and shouldn't, alter the haystack in any way. This change means we no longer have to cast arrays of immutable strings to arrays of mutable strings; we still have to do the opposite, though, but that's reasonable.
-
- 16 8月, 2016 5 次提交
-
-
由 John Ferlan 提交于
When commit id '6dfb4507' refactored where the iothreadsched data was stored, the error message for when the virDomainIOThreadIDFind failed to find an iothreadid ("iothreadsched attribute 'iothreads' uses undefined iothread ids") was lost. This led to the possibility that someone would try to use it, but receive the generic message "An error occurred, but the cause is unknown". This patch adds the error message back so that someone will know that they have an invalid configuration. Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Peter Krempa 提交于
All other modes of qemuDomainSetVcpusFlags have helpers so finish the work by splitting the regular code into a new function. This patch also touches up the coding (spacing) style.
-
由 Peter Krempa 提交于
The live code does ugly things. Contain it in a separate function.
-
由 Peter Krempa 提交于
Setting of the maximum vcpu count is slightly semantically different thus split it into a self-contained func.
-
由 Peter Krempa 提交于
qemu uses 'url' instead of 'uri'. They unfortunately look very similar. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1367260
-