1. 25 8月, 2016 2 次提交
  2. 24 8月, 2016 13 次提交
  3. 23 8月, 2016 1 次提交
  4. 22 8月, 2016 1 次提交
  5. 20 8月, 2016 4 次提交
    • J
      qemu: Fix crash hot plugging luks volume · b4478c16
      John Ferlan 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=1367259
      
      Crash occurs because 'secrets' is being dereferenced in call:
      
              if (qemuDomainSecretSetup(conn, priv, secinfo, disk->info.alias,
                                        VIR_SECRET_USAGE_TYPE_VOLUME, NULL,
                                        &src->encryption->secrets[0]->seclookupdef,
                                        true) < 0)
      
      (gdb) p *src->encryption
      $1 = {format = 2, nsecrets = 0, secrets = 0x0, encinfo = {cipher_size = 0,
          cipher_name = 0x0, cipher_mode = 0x0, cipher_hash = 0x0, ivgen_name = 0x0,
          ivgen_hash = 0x0}}
      (gdb) bt
          priv=priv@entry=0x7fffc03be160, disk=disk@entry=0x7fffb4002ae0)
          at qemu/qemu_domain.c:1087
          disk=0x7fffb4002ae0, vm=0x7fffc03a2580, driver=0x7fffc02ca390,
          conn=0x7fffb00009a0) at qemu/qemu_hotplug.c:355
      
      Upon entry to qemuDomainAttachVirtioDiskDevice, src->encryption points
      at a valid 'secret' buffer w/ nsecrets == 1; however, the call to
      qemuDomainDetermineDiskChain will call virStorageFileGetMetadata
      and eventually virStorageFileGetMetadataInternal where the src->encryption
      was overwritten when probing the volume.
      
      Commit id 'a48c7141' added code to virStorageFileGetMetadataInternal
      to determine if the disk/volume would use/need encryption and allocated
      a meta->encryption. This overwrote an existing encryption buffer
      already provided by the XML
      
      This patch adds a check for meta->encryption already present before
      just allocating and overwriting an existing buffer. It then checks the
      existing encryption data to ensure the XML provided format for the
      disk matches the expected format read from the disk and errors if there
      is a mismatch.
      b4478c16
    • L
      network: allow limiting a <forwarder> element to certain domains · 0b6336c2
      Laine Stump 提交于
      For some unknown reason the original implementation of the <forwarder>
      element only took advantage of part of the functionality in the
      dnsmasq feature it exposes - it allowed specifying the ip address of a
      DNS server which *all* DNS requests would be forwarded to, like this:
      
         <forwarder addr='192.168.123.25'/>
      
      This is a frontend for dnsmasq's "server" option, which also allows
      you to specify a domain that must be matched in order for a request to
      be forwarded to a particular server. This patch adds support for
      specifying the domain. For example:
      
         <forwarder domain='example.com' addr='192.168.1.1'/>
         <forwarder domain='www.example.com'/>
         <forwarder domain='travesty.org' addr='10.0.0.1'/>
      
      would forward requests for bob.example.com, ftp.example.com and
      joe.corp.example.com all to the DNS server at 192.168.1.1, but would
      forward requests for travesty.org and www.travesty.org to
      10.0.0.1. And due to the second line, requests for www.example.com,
      and odd.www.example.com would be resolved by the libvirt network's own
      DNS server (i.e. thery wouldn't be immediately forwarded) even though
      they also match 'example.com' - the match is given to the entry with
      the longest matching domain. DNS requests not matching any of the
      entries would be resolved by the libvirt network's own DNS server.
      
      Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1331796
      0b6336c2
    • L
      network: allow disabling dnsmasq's DNS server · 9065cfaa
      Laine Stump 提交于
      If you define a libvirt virtual network with one or more IP addresses,
      it starts up an instance of dnsmasq. It's always been possible to
      avoid dnsmasq's dhcp server (simply don't include a <dhcp> element),
      but until now it wasn't possible to avoid having the DNS server
      listening; even if the network has no <dns> element, it is started
      using default settings.
      
      This patch adds a new attribute to <dns>: enable='yes|no'. For
      backward compatibility, it defaults to 'yes', but if you don't want a
      DNS server created for the network, you can simply add:
      
         <dns enable='no'/>
      
      to the network configuration, and next time the network is started
      there will be no dns server created (if there is dhcp configuration,
      dnsmasq will be started with "port=0" which disables the DNS server;
      if there is no dhcp configuration, dnsmasq won't be started at all).
      9065cfaa
    • L
      network: new network forward mode 'open' · 25e8112d
      Laine Stump 提交于
      The new forward mode 'open' is just like mode='route', except that no
      firewall rules are added to assure that any traffic does or doesn't
      pass. It is assumed that either they aren't necessary, or they will be
      setup outside the scope of libvirt.
      
      Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=846810
      25e8112d
  6. 19 8月, 2016 7 次提交
  7. 18 8月, 2016 6 次提交
    • J
      cfg.mk: join not_streq and not_strneq tests · f9785569
      Ján Tomko 提交于
      The marginally nicer error message is not worth the extra lines in
      cfg.mk.
      
      Also drop the excludes since there was only one offender in the tests.
      f9785569
    • J
      cfg.mk: drop redundant sc_prohibit_gethostby · b3e3fc32
      Ján Tomko 提交于
      Both gethostbyaddr and gethostbyname* are already checked
      by sc_prohibit_nonreentrant.
      b3e3fc32
    • J
      cfg.mk: use subst instead of tr · 1fe77f9f
      Ján Tomko 提交于
      GNU make is able to replace characters, no need to call tr.
      1fe77f9f
    • J
      tests: fix the return value of test-wrap-argv · 5e045eca
      Ján Tomko 提交于
      The script was returning success unless it failed on the last file.
      This went unnoticed because sc_prohibit_long_lines forbids lines
      longer than 90 characters in .arg[sv] files.
      5e045eca
    • J
      maint: update to latest gnulib · 212564a0
      Ján Tomko 提交于
      Pick up the new syntax-check speedups.
      212564a0
    • J
      Introduce QEMU_CAPS_VIRTIO_PCI_DISABLE_LEGACY · 41f5c2ca
      Ján Tomko 提交于
      Check whether the disable-legacy property is present on the following
      devices:
        virtio-balloon-pci
        virtio-blk-pci
        virtio-scsi-pci
        virtio-serial-pci
        virtio-9p-pci
        virtio-net-pci
        virtio-rng-pci
        virtio-gpu-pci
        virtio-input-host-pci
        virtio-keyboard-pci
        virtio-mouse-pci
        virtio-tablet-pci
      
      Assuming that if QEMU knows other virtio devices where this property
      is applicable, it will have at least one of these devices.
      
      Added in QEMU by:
      commit e266d421490e0ae83044bbebb209b2d3650c0ba6
          virtio-pci: add flags to enable/disable legacy/modern
      41f5c2ca
  8. 17 8月, 2016 6 次提交