1. 08 4月, 2016 13 次提交
  2. 07 4月, 2016 18 次提交
    • A
      qemu: Explicitly check for gnutls_rnd() · 2d23d145
      Andrea Bolognani 提交于
      Our use of gnutls_rnd(), introduced with commit ad7520e8, is
      conditional to the availability of the <gnutls/crypto.h> header
      file.
      
      Such check, however, turns out not to be strict enough, as there
      are some versions of GnuTLS (eg. 2.8.5 from CentOS 6) that provide
      the header file, but not the function itself, which was introduced
      only in GnuTLS 2.12.0.
      
      Introduce an explicit check for the function.
      2d23d145
    • A
      configure: Always use old_CFLAGS and old_LIBS · a2e0e68c
      Andrea Bolognani 提交于
      The variables used for storing CFLAGS and LIBS before temporarily
      modifying them was consistent when it comes to the name, but not
      when it comes to the case.
      
      Make sure names are completely consistent.
      a2e0e68c
    • A
      configure: Restore CFLAGS properly after GnuTLS checks · bbb17237
      Andrea Bolognani 提交于
      The previous value of CFLAGS was saved as old_cflags but later
      restored from old_CFLAGS, which is clearly not correct.
      
      Restore CFLAGS from the right variable.
      bbb17237
    • A
      host-validate: Improve CPU flags processing · c661b675
      Andrea Bolognani 提交于
      Instead of relying on substring search, tokenize the input
      and process each CPU flag separately. This ensures CPU flag
      detection will continue to work correctly even if we start
      looking for CPU flags whose name might appear as part of
      other CPU flags' names.
      
      The result of processing is stored in a virBitmap, which
      means we don't have to parse /proc/cpuinfo in its entirety
      for each single CPU flag we want to check.
      
      Moreover, use of the newly-introduced virHostValidateCPUFlag
      enumeration ensures we don't go looking for random CPU flags
      which might actually be simple typos.
      c661b675
    • N
      vz: support boot order in domain xml dump · 032c5bf9
      Nikolay Shirokovskiy 提交于
      As usual we try to deal correctly with vz domains that were
      created by other means and thus can have all range of SDK domain
      parameters. If vz domain boot order can't be represented
      in libvirt os boot section let's give warning and make os boot section
      represent SDK to some extent.
      
      1. Os boot section supports up to 4 boot devices. Here we just
      cut SDK boot order up to this limit. Not too bad.
      
      2. If there is a floppy in boot order let's just skip it.
      Anyway we don't show it in the xml. Not too bad too.
      
      3. SDK boot order with unsupported disks order. Say we have "hdb, hda" in
      SDK. We can not present this thru os boot order. Well let's just
      give warning but leave double <boot dev='hd'/> in xml. It's
      kind of misleading but we warn you!
      
      SDK boot order have an extra parameters 'inUse' and 'sequenceIndex'
      which makes our task more complicated. In realitly however 'inUse'
      is always on and 'sequenceIndex' is not less than 'boot position index'
      which simplifies out task back again! To be on a safe side let's explicitly
      check for this conditions!
      
      We have another exercise here. We want to check for unrepresentable
      condition 3 (see above). The tricky part is that in contrast to
      domains defined thru this driver 3-rd party defined domains can
      have device ordering different from default. Thus we need
      some id to check that N-th boot disk of os boot section is same as
      N-th boot disk of SDK boot. This is what prlsdkBootOrderCheck
      for. It uses disks sources paths as id for disks and iface names
      for network devices.
      Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
      Signed-off-by: NMaxim Nestratov <mnestratov@virtuozzo.com>
      032c5bf9
    • N
      vz: fix disk order on load domain · bc281f7d
      Nikolay Shirokovskiy 提交于
      We want to report boot order in dumpxml for vz domains.
      Thus we want disks devices to be sorted in output compatible with boot
      ordering specification. So let's just use virDomainDiskInsert
      which makes appropriate sorting.
      Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
      bc281f7d
    • N
      vz: support boot order specification on define domain · 497dcafc
      Nikolay Shirokovskiy 提交于
      The patch makes some refactoring of the existing code. Current boot order spec code
      makes very simple thing in somewhat obscure way. In case of VMs
      it sets the first hdd as the only bootable device. In case of CTs it
      doesn't touch the boot order at all if one of the filesystems is mounted to root.
      Otherwise like in case of VMs it sets the first hdd as the only bootable
      device and additionally sets this device mount point to root. Refactored
      code makes all this explicit.
      
      The actual boot order support is simple. Common libvirt domain xml parsing
      code makes the exact ordering of disks devices as described in docs
      for boot ordering (disks are sorted by bus order first, device target
      second. Bus order is the order of disk buses appearence in original
      xml. Device targets order is alphabetical). We add devices in the
      same order and SDK designates device indexes sequentially for each
      device type. Thus device index is equal to its boot index. For
      example N-th cdrom in boot specification refers to sdk cdrom with
      it's device index N.
      
      If there is no boot spec in xml the parsing code will add <boot dev='hdd'>
      for HVMs automatically and we backward compatibly set fist hdd as
      bootable.
      Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
      Signed-off-by: NMaxim Nestratov <mnestratov@virtuozzo.com>
      497dcafc
    • P
      qemu: perf: Fix crash/memory corruption on failed VM start · 03e8d5fb
      Peter Krempa 提交于
      The new perf code didn't bother to clear a pointer in 'priv' causing a
      double free or other memory corruption goodness if a VM failed to start.
      
      Clear the pointer after freeing the memory.
      
      Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1324757
      03e8d5fb
    • P
      qemu: alias: Fix calculation of memory device aliases · be6e92f5
      Peter Krempa 提交于
      For device hotplug, the new alias ID needs to be checked in the list
      rather than using the count of devices. Unplugging a device that is not
      last in the array will make further hotplug impossible due to alias
      collision.
      
      Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1324551
      be6e92f5
    • P
      qemu: alias: Fix calculation of RNG device aliases · bd19b4b2
      Peter Krempa 提交于
      For device hotplug, the new alias ID needs to be checked in the list
      rather than using the count of devices. Unplugging a device that is not
      last in the array will make further hotplug impossible due to alias
      collision.
      
      Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1324551
      bd19b4b2
    • J
      secret: Introduce virSecretGetSecretString · 2844de6f
      John Ferlan 提交于
      Commit id 'fb2bd208' essentially copied the qemuGetSecretString
      creating an libxlGetSecretString.  Rather than have multiple copies
      of the same code, create src/secret/secret_util.{c,h} files and
      place the common function in there.
      
      Modify the the build in order to build the module as a library
      which is then pulled in by both the qemu and libxl drivers for
      usage from both qemu_command.c and libxl_conf.c
      2844de6f
    • J
      qemu: Introduce qemuBuildMasterKeyCommandLine · d8a8cae3
      John Ferlan 提交于
      If the -object secret capability exists, then get the path to the
      masterKey file and provide that to qemu. Checking for the existence
      of the file before passing to qemu could be done, but causes issues
      in mock test environment.
      
      Since the qemuDomainObjPrivate is not available when building the
      command line, the qemuBuildHasMasterKey API will have to suffice
      as the primary arbiter for whether the capability exists in order
      to find/return the path to the master key for usage.
      
      Created the qemuDomainGetMasterKeyAlias API which will be used by
      later patches to define the 'keyid' (eg, masterKey) to be used by
      other secrets to provide the id to qemu for the master key.
      d8a8cae3
    • J
      qemu: Create domain master key · ad7520e8
      John Ferlan 提交于
      Add a masterKey and masterKeyLen to _qemuDomainObjPrivate to store a
      random domain master key and its length in order to support the ability
      to encrypt/decrypt sensitive data shared between libvirt and qemu. The
      key will be base64 encoded and written to a file to be used by the
      command line building code to share with qemu.
      
      New API's from this patch:
      
        qemuDomainGetMasterKeyFilePath:
          Return a path to where the key is located
      
        qemuDomainWriteMasterKeyFile: (private)
          Open (create/trunc) the masterKey path and write the masterKey
      
        qemuDomainMasterKeyReadFile:
          Using the master key path, open/read the file, and store the
          masterKey and masterKeyLen. Expected use only from qemuProcessReconnect
      
        qemuDomainGenerateRandomKey: (private)
          Generate a random key using available algorithms
      
          The key is generated either from the gnutls_rnd function if it
          exists or a less cryptographically strong mechanism using
          virGenerateRandomBytes
      
         qemuDomainMasterKeyRemove:
          Remove traces of the master key, remove the *KeyFilePath
      
        qemuDomainMasterKeyCreate:
          Generate the domain master key and save the key in the location
          returned by qemuDomainGetMasterKeyFilePath.
      
          This API will first ensure the QEMU_CAPS_OBJECT_SECRET is set
          in the capabilities. If not, then there's no need to generate
          the secret or file.
      
      The creation of the key will be attempted from qemuProcessPrepareHost
      once the libDir directory structure exists.
      
      The removal of the key will handled from qemuProcessStop just prior
      to deleting the libDir tree.
      
      Since the key will not be written out to the domain object XML file,
      the qemuProcessReconnect will read the saved file and restore the
      masterKey and masterKeyLen.
      ad7520e8
    • J
      util: Introduce virRandomBytes · 6af73f53
      John Ferlan 提交于
      Using the existing virUUIDGenerateRandomBytes, move API to virrandom.c
      rename it to virRandomBytes and add it to libvirt_private.syms.
      
      This will be used as a fallback for generating a domain master key.
      6af73f53
    • J
      qemu: Add capability bit for qemu secret object · d125685a
      John Ferlan 提交于
      Add a capability bit for the qemu secret object.
      
      Adjust the 2.6.0-1 caps/replies to add the secret object. For the
      .replies it's take from the '{"execute":"qom-list-types"}' output.
      d125685a
    • J
      qemu: Tear down the cgroup before reattach device to host · 2fbf29a5
      John Ferlan 提交于
      When a hostdev is attached to the guest (and removed from the host),
      the order of operations is call qemuHostdevPreparePCIDevices to remove
      the device from the host, call qemuSetupHostdevCgroup to setup the cgroups,
      and virSecurityManagerSetHostdevLabel to set the labels.
      
      When the device is removed from the guest, the code didn't use the
      reverse order leading to possible issues (especially if the path to
      the device no longer exists). This patch will move the call to
      qemuTeardownHostdevCgroup to prior to reattaching the device to
      the host.
      2fbf29a5
    • J
      qemu: Restore label before reattach device to host · 409de00e
      John Ferlan 提交于
      When a hostdev is attached to the guest (and removed from the host),
      the order of operations is call qemuHostdevPreparePCIDevices to remove
      the device from the host, call qemuSetupHostdevCgroup to setup the cgroups,
      and virSecurityManagerSetHostdevLabel to set the labels.
      
      When the device is removed from the guest, the code didn't use the
      reverse order leading to possible issues (especially if the path to
      the device no longer exists). This patch will move the call to
      virSecurityManagerRestoreHostdevLabel to prior to reattaching the
      device to the host.
      409de00e
    • G
      Link libvirt_xenconfig instead of libvirt against libxl · 12b239a9
      Guido Günther 提交于
      to avoid the test failure
      
       7) Test driver "xen"  ... 2016-03-31 12:53:26.950+0000: 22430: debug : virDriverLoadModule:54 : Module load xen
       2016-03-31 12:53:26.950+0000: 22430: error : virDriverLoadModule:73 : failed to load module /build/libvirt-1.3.3~rc1/debian/build/src/.libs/libvirt_driver_xen.so /build/libvirt-1.3.3~rc1/debian/build/src/.libs/libvirt_driver_xen.so: undefined symbol: xlu_cfg_destroy
      FAILED
      12b239a9
  3. 06 4月, 2016 9 次提交