- 21 8月, 2012 1 次提交
-
-
由 Marcelo Cerri 提交于
This patch updates the key "security_driver" in QEMU config to suport both a sigle default driver or a list of default drivers. This ensures that it will remain compatible with older versions of the config file. Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
-
- 23 7月, 2012 1 次提交
-
-
由 Osier Yang 提交于
Per the FSF address could be changed from time to time, and GNU recommends the following now: (http://www.gnu.org/licenses/gpl-howto.html) You should have received a copy of the GNU General Public License along with Foobar. If not, see <http://www.gnu.org/licenses/>. This patch removes the explicit FSF address, and uses above instead (of course, with inserting 'Lesser' before 'General'). Except a bunch of files for security driver, all others are changed automatically, the copyright for securify files are not complete, that's why to do it manually: src/security/security_selinux.h src/security/security_driver.h src/security/security_selinux.c src/security/security_apparmor.h src/security/security_apparmor.c src/security/security_driver.c
-
- 19 7月, 2012 1 次提交
-
-
由 Daniel P. Berrange 提交于
Update the QEMU driver to use virReportError instead of the qemuReportError custom macro Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 22 3月, 2012 2 次提交
-
-
由 Jiri Denemark 提交于
-
由 Jiri Denemark 提交于
Add support for registering arbitrary callback to be called for a domain when a connection gets closed.
-
- 03 2月, 2012 1 次提交
-
-
由 Daniel P. Berrange 提交于
Curently security labels can be of type 'dynamic' or 'static'. If no security label is given, then 'dynamic' is assumed. The current code takes advantage of this default, and avoids even saving <seclabel> elements with type='dynamic' to disk. This means if you temporarily change security driver, the guests can all still start. With the introduction of sVirt to LXC though, there needs to be a new default of 'none' to allow unconfined LXC containers. This patch introduces two new security label types - default: the host configuration decides whether to run the guest with type 'none' or 'dynamic' at guest start - none: the guest will run unconfined by security policy The 'none' label type will obviously be undesirable for some deployments, so a new qemu.conf option allows a host admin to mandate confined guests. It is also possible to turn off default confinement security_default_confined = 1|0 (default == 1) security_require_confined = 1|0 (default == 0) * src/conf/domain_conf.c, src/conf/domain_conf.h: Add new seclabel types * src/security/security_manager.c, src/security/security_manager.h: Set default sec label types * src/security/security_selinux.c: Handle 'none' seclabel type * src/qemu/qemu.conf, src/qemu/qemu_conf.c, src/qemu/qemu_conf.h, src/qemu/libvirtd_qemu.aug: New security config options * src/qemu/qemu_driver.c: Tell security driver about default config
-
- 01 2月, 2012 1 次提交
-
-
由 Jiri Denemark 提交于
-
- 18 1月, 2012 1 次提交
-
-
由 Osier Yang 提交于
pciTrySecondaryBusReset checks if there is active device on the same bus, however, qemu driver doesn't maintain an effective list for the inactive devices, and it passes meaningless argument for parameter "inactiveDevs". e.g. (qemuPrepareHostdevPCIDevices) if (!(pcidevs = qemuGetPciHostDeviceList(hostdevs, nhostdevs))) return -1; ..skipped... if (pciResetDevice(dev, driver->activePciHostdevs, pcidevs) < 0) goto reattachdevs; NB, the "pcidevs" used above are extracted from domain def, and thus one won't be able to attach a device of which bus has other device even detached from host (nodedev-detach). To see more details of the problem: RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=773667 This patch is to resolve the problem by introducing an inactive PCI device list (just like qemu_driver->activePciHostdevs), and the whole logic is: * Add the device to inactive list during nodedev-dettach * Remove the device from inactive list during nodedev-reattach * Remove the device from inactive list during attach-device (for non-managed device) * Add the device to inactive list after detach-device, only if the device is not managed With the above, we have a sufficient inactive PCI device list, and thus we can use it for pciResetDevice. e.g.(qemuPrepareHostdevPCIDevices) if (pciResetDevice(dev, driver->activePciHostdevs, driver->inactivePciHostdevs) < 0) goto reattachdevs;
-
- 25 12月, 2011 1 次提交
-
-
由 Michal Privoznik 提交于
In order to avoid situation where a USB device is in use by two domains, we must keep a list of already attached devices like we do for PCI.
-
- 23 12月, 2011 1 次提交
-
-
由 Michal Privoznik 提交于
This patch adds max_files option to qemu.conf which can be used to override system default limit on number of opened files that are allowed for qemu user.
-
- 24 11月, 2011 1 次提交
-
-
由 Jiri Denemark 提交于
-
- 19 11月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
Rename the macvtap.c file to virnetdevmacvlan.c to reflect its functionality. Move the port profile association code out into virnetdevvportprofile.c. Make the APIs available unconditionally to callers * src/util/macvtap.h: rename to src/util/virnetdevmacvlan.h, * src/util/macvtap.c: rename to src/util/virnetdevmacvlan.c * src/util/virnetdevvportprofile.c, src/util/virnetdevvportprofile.h: Pull in vport association code * src/Makefile.am, src/conf/domain_conf.h, src/qemu/qemu_conf.c, src/qemu/qemu_conf.h, src/qemu/qemu_driver.c: Update include paths & remove conditional compilation
-
- 10 11月, 2011 2 次提交
-
-
由 Daniel P. Berrange 提交于
Following the renaming of the bridge management APIs, we can now split the source file into 3 corresponding pieces * src/util/virnetdev.c: APIs for any type of network interface * src/util/virnetdevbridge.c: APIs for bridge interfaces * src/util/virnetdevtap.c: APIs for TAP interfaces * src/util/virnetdev.c, src/util/virnetdev.h, src/util/virnetdevbridge.c, src/util/virnetdevbridge.h, src/util/virnetdevtap.c, src/util/virnetdevtap.h: Copied from bridge.{c,h} * src/util/bridge.c, src/util/bridge.h: Split into 3 pieces * src/lxc/lxc_driver.c, src/network/bridge_driver.c, src/openvz/openvz_driver.c, src/qemu/qemu_command.c, src/qemu/qemu_conf.h, src/uml/uml_conf.c, src/uml/uml_conf.h, src/uml/uml_driver.c: Update #include directives
-
由 Daniel P. Berrange 提交于
The bridge management APIs in src/util/bridge.c require a brControl object to be passed around. This holds the file descriptor for the control socket. This extra object complicates use of the API for only a minor efficiency gain, which is in turn entirely offset by the need to fork/exec the brctl command for STP configuration. This patch removes the 'brControl' object entirely, instead opening the control socket & closing it again within the scope of each method. The parameter names for the APIs are also made to consistently use 'brname' for bridge device name, and 'ifname' for an interface device name. Finally annotations are added for non-NULL parameters and return check validation * src/util/bridge.c, src/util/bridge.h: Remove brControl object and update API parameter names & annotations. * src/lxc/lxc_driver.c, src/network/bridge_driver.c, src/uml/uml_conf.h, src/uml/uml_conf.c, src/uml/uml_driver.c, src/qemu/qemu_command.c, src/qemu/qemu_conf.h, src/qemu/qemu_driver.c: Remove reference to 'brControl' object
-
- 29 9月, 2011 1 次提交
-
-
由 Michal Privoznik 提交于
If the daemon is restarted so we reconnect to monitor, cdrom media can be ejected. In that case we don't want to show it in domain xml, or require it on migration destination. To check for disk status use 'info block' monitor command.
-
- 06 9月, 2011 1 次提交
-
-
由 Michal Privoznik 提交于
This patch creates an optional BeginJob queue size limit. When active, all other attempts above level will fail. To set this feature assign desired value to max_queued variable in qemu.conf. Setting it to 0 turns it off.
-
- 03 9月, 2011 1 次提交
-
-
由 Eric Blake 提交于
As more clients start to want to know this information, doing a PATH stat walk and malloc for every client adds up. We are only caching the location, not the capabilities, so even if qemu-img is updated in the meantime, it will still probably live in the same location. So there is no need to worry about clearing this particular cache. * src/qemu/qemu_conf.h (qemud_driver): Add member. * src/qemu/qemu_driver.c (qemudShutdown): Cleanup. (qemuFindQemuImgBinary): Add an argument, and cache result. (qemuDomainSnapshotForEachQcow2, qemuDomainSnapshotDiscard) (qemuDomainSnapshotCreateInactive, qemuDomainSnapshotRevertInactive) (qemuDomainSnapshotCreateXML, qemuDomainRevertToSnapshot): Update callers.
-
- 22 7月, 2011 1 次提交
-
-
由 Eric Blake 提交于
When auto-dumping a domain on crash events, or autostarting a domain with managed save state, let the user configure whether to imply the bypass cache flag. * src/qemu/qemu.conf (auto_dump_bypass_cache, auto_start_bypass_cache): Document new variables. * src/qemu/libvirtd_qemu.aug (vnc_entry): Let augeas parse them. * src/qemu/qemu_conf.h (qemud_driver): Store new preferences. * src/qemu/qemu_conf.c (qemudLoadDriverConfig): Parse them. * src/qemu/qemu_driver.c (processWatchdogEvent, qemuAutostartDomain): Honor them.
-
- 24 6月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
Sometimes it is useful to be able to automatically destroy a guest when a connection is closed. For example, kill an incoming migration if the client managing the migration dies. This introduces a map between guest 'uuid' strings and virConnectPtr objects. When a connection is closed, any associated guests are killed off. * src/qemu/qemu_conf.h: Add autokill hash table to qemu driver * src/qemu/qemu_process.c, src/qemu/qemu_process.h: Add APIs for performing autokill of guests associated with a connection * src/qemu/qemu_driver.c: Initialize autodestroy map
-
- 02 6月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
The QEMU integrates with the lock manager instructure in a number of key places * During startup, a lock is acquired in between the fork & exec * During startup, the libvirtd process acquires a lock before setting file labelling * During shutdown, the libvirtd process acquires a lock before restoring file labelling * During hotplug, unplug & media change the libvirtd process holds a lock while setting/restoring labels The main content lock is only ever held by the QEMU child process, or libvirtd during VM shutdown. The rest of the operations only require libvirtd to hold the metadata locks, relying on the active QEMU still holding the content lock. * src/qemu/qemu_conf.c, src/qemu/qemu_conf.h, src/qemu/libvirtd_qemu.aug, src/qemu/test_libvirtd_qemu.aug: Add config parameter for configuring lock managers * src/qemu/qemu_driver.c: Add calls to the lock manager
-
- 13 5月, 2011 1 次提交
-
-
由 Cole Robinson 提交于
v2: Drop libvirt_private.syms changes v3: Adjust for new virDomainEventStateNew argument
-
- 17 4月, 2011 1 次提交
-
-
由 Matthias Bolte 提交于
And from all related macros and functions.
-
- 06 4月, 2011 1 次提交
-
-
由 Jiri Denemark 提交于
This patch adds max_processes option to qemu.conf which can be used to override system default limit on number of processes that are allowed to be running for qemu user.
-
- 24 2月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
Remove the <stdbool.h> header from all source files / headers and just put it into internal.h * src/internal.h: Add <stdbool.h>
-
- 22 1月, 2011 1 次提交
-
-
由 Cole Robinson 提交于
If vnc_auto_unix_socket is enabled, any VNC devices without a hardcoded listen or socket value will be setup to serve over a unix socket in /var/lib/libvirt/qemu/$vmname.vnc. We store the generated socket path in the transient VM definition at CLI build time.
-
- 11 1月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
The current security driver usage requires horrible code like if (driver->securityDriver && driver->securityDriver->domainSetSecurityHostdevLabel && driver->securityDriver->domainSetSecurityHostdevLabel(driver->securityDriver, vm, hostdev) < 0) This pair of checks for NULL clutters up the code, making the driver calls 2 lines longer than they really need to be. The goal of the patchset is to change the calling convention to simply if (virSecurityManagerSetHostdevLabel(driver->securityDriver, vm, hostdev) < 0) The first check for 'driver->securityDriver' being NULL is removed by introducing a 'no op' security driver that will always be present if no real driver is enabled. This guarentees driver->securityDriver != NULL. The second check for 'driver->securityDriver->domainSetSecurityHostdevLabel' being non-NULL is hidden in a new abstraction called virSecurityManager. This separates the driver callbacks, from main internal API. The addition of a virSecurityManager object, that is separate from the virSecurityDriver struct also allows for security drivers to carry state / configuration information directly. Thus the DAC/Stack drivers from src/qemu which used to pull config from 'struct qemud_driver' can now be moved into the 'src/security' directory and store their config directly. * src/qemu/qemu_conf.h, src/qemu/qemu_driver.c: Update to use new virSecurityManager APIs * src/qemu/qemu_security_dac.c, src/qemu/qemu_security_dac.h src/qemu/qemu_security_stacked.c, src/qemu/qemu_security_stacked.h: Move into src/security directory * src/security/security_stack.c, src/security/security_stack.h, src/security/security_dac.c, src/security/security_dac.h: Generic versions of previous QEMU specific drivers * src/security/security_apparmor.c, src/security/security_apparmor.h, src/security/security_driver.c, src/security/security_driver.h, src/security/security_selinux.c, src/security/security_selinux.h: Update to take virSecurityManagerPtr object as the first param in all callbacks * src/security/security_nop.c, src/security/security_nop.h: Stub implementation of all security driver APIs. * src/security/security_manager.h, src/security/security_manager.c: New internal API for invoking security drivers * src/libvirt.c: Add missing debug for security APIs
-
- 17 12月, 2010 4 次提交
-
-
由 Daniel P. Berrange 提交于
To allow their use from other source files, move qemuDriverLock and qemuDriverUnlock to qemu_conf.h and make them non-static * src/qemu/qemu_conf.c, src/qemu/qemu_conf.h: Add qemuDriverLock qemuDriverUnlock * src/qemu/qemu_driver.c: Remove qemuDriverLock and qemuDriverUnlock
-
由 Daniel P. Berrange 提交于
Move the code for handling the QEMU virDomainObjPtr private data, and custom XML namespace into a separate file * src/qemu/qemu_domain.c, src/qemu/qemu_domain.h: New file for private data & namespace code * src/qemu/qemu_driver.c, src/qemu/qemu_driver.h: Remove private data & namespace code * src/qemu/qemu_driver.h, src/qemu/qemu_command.h: Update includes * src/Makefile.am: Add src/qemu/qemu_domain.c
-
由 Daniel P. Berrange 提交于
The qemu_conf.c code is doing three jobs, driver config file loading, QEMU capabilities management and QEMU command line management. Move the command line code into its own file * src/qemu/qemu_command.c, src/qemu/qemu_command.h: New command line management code * src/qemu/qemu_conf.c, src/qemu/qemu_conf.h: Delete command line code * src/qemu/qemu_conf.h, src/qemu_conf.c: Adapt for API renames * src/Makefile.am: add src/qemu/qemu_command.c * src/qemu/qemu_monitor_json.c, src/qemu/qemu_monitor_text.c: Add import of qemu_command.h
-
由 Daniel P. Berrange 提交于
The qemu_conf.c code is doing three jobs, driver config file loading, QEMU capabilities management and QEMU command line management. Move the capabilities code into its own file * src/qemu/qemu_capabilities.c, src/qemu/qemu_capabilities.h: New capabilities management code * src/qemu/qemu_conf.c, src/qemu/qemu_conf.h: Delete capabilities code * src/qemu/qemu_conf.h: Adapt for API renames * src/Makefile.am: add src/qemu/qemu_capabilities.c
-
- 10 12月, 2010 1 次提交
-
-
由 Hu Tao 提交于
`dump' watchdog action lets libvirtd to dump the guest when receives a watchdog event (which probably means a guest crash) Currently only qemu is supported.
-
- 08 12月, 2010 2 次提交
-
-
由 Jiri Denemark 提交于
-
由 Jiri Denemark 提交于
Commit febc5916 introduced -vga none in case no video card is included in domain XML. However, old qemu versions do not support this and such domain cannot be successfully started.
-
- 03 12月, 2010 1 次提交
-
-
由 Eric Blake 提交于
* src/qemu/qemu_conf.c (qemudExtractVersionInfo): Check for file before executing it here, rather than in callers. (qemudBuildCommandLine): Rewrite with virCommand. * src/qemu/qemu_conf.h (qemudBuildCommandLine): Update signature. * src/qemu/qemu_driver.c (qemuAssignPCIAddresses) (qemudStartVMDaemon, qemuDomainXMLToNative): Adjust callers.
-
- 01 12月, 2010 1 次提交
-
-
由 Stefan Berger 提交于
This patch introduces the usage of the pre-associate state of the IEEE 802.1Qbg standard on incoming VM migration on the target host. It is in response to bugzilla entry 632750. https://bugzilla.redhat.com/show_bug.cgi?id=632750 For being able to differentiate the exact reason as to why a macvtap device is being created, either due to a VM creation or an incoming VM migration, I needed to pass that reason as a parameter from wherever qemudStartVMDaemon is being called in order to determine whether to send an ASSOCIATE (VM creation) or a PRE-ASSOCIATE (incoming VM migration) towards lldpad. I am also fixing a problem with the virsh domainxml-to-native call on the way. Gerhard successfully tested the patch with a recent blade network 802.1Qbg-compliant switch. The patch should not have any side-effects on the 802.1Qbh support in libvirt, but Roopa (cc'ed) may want to verify this.
-
- 09 11月, 2010 3 次提交
-
-
由 Daniel P. Berrange 提交于
In common with VNC, the QEMU driver configuration file is used specify the host level TLS certificate location and a default password / listen address * src/qemu/qemu.conf: Add spice_listen, spice_tls, spice_tls_x509_cert_dir & spice_password config params * src/qemu/qemu_conf.c, src/qemu/qemu_conf.h: Parsing of spice config parameters and updating -spice arg generation to use them * tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-rhel6.args, tests/qemuxml2argvtest.c: Expand test case to cover driver level configuration
-
由 Daniel P. Berrange 提交于
This supports the -spice argument posted for review against the latest upstream QEMU/KVM. This supports the bare minimum config with port, TLS port & listen address. The x509 bits are added in a later patch. * src/qemu_conf.c, src/qemu_conf.h: Add SPICE flag. Check for -spice availability. Format -spice arg for command line * qemuhelptest.c: Add SPICE flag * qemuxml2argvdata/qemuxml2argv-graphics-spice.args: Add <graphics> for spice * qemuxml2argvdata/qemuxml2argv-graphics-spice.xml: Add -spice arg * qemuxml2argvtest.c: Add SPICE flag
-
由 Daniel P. Berrange 提交于
This supports the '-vga qxl' parameter in upstream QEMU/KVM which has SPICE support added. This isn't particularly useful until you get the next patch for -spice support. Also note that while the libvirt XML supports multiple video devices, this patch only supports a single one. A later patch can add support for 2nd, 3rd, etc PCI devices for QXL * src/qemu/qemu_conf.h: Flag for QXL support * src/qemu/qemu_conf.c: Probe for '-vga qxl' support and implement it * tests/qemuxml2argvtest.c, tests/qemuxml2xmltest.c, tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.args, tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.xml: Test case for generating spice args with RHEL6 kvm
-
- 08 11月, 2010 2 次提交
-
-
由 Daniel Veillard 提交于
The patch is based on the possiblity in the QEmu command line to add -smbios options allowing to override the default values picked by QEmu. We need to detect this first from QEmu help output. If the domain is defined with smbios to be inherited from host then we pass the values coming from the Host own SMBIOS, but if the domain is defined with smbios to come from sysinfo, we use the ones coming from the domain definition. * src/qemu/qemu_conf.h: add the QEMUD_CMD_FLAG_SMBIOS_TYPE enum value * src/qemu/qemu_conf.c: scan the help output for the smbios support, and if available add support based on the domain definitions, and host data * tests/qemuhelptest.c: add the new enum in the outputs
-
由 Daniel Veillard 提交于
Read and store the data when initializing the driver.
-