1. 04 9月, 2012 2 次提交
    • V
      Rename iolimit to blockio. · 72f1f220
      Viktor Mihajlovski 提交于
      After discussion with DB we decided to rename the new iolimit
      element as it creates the impression it would be there to
      limit (i.e. throttle) I/O instead of specifying immutable
      characteristics of a block device.
      This is also backed by the fact that the term I/O Limits has
      vanished from newer storage admin documentation.
      Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
      72f1f220
    • J
      qemu: Fix reboot with guest agent · 03c42a45
      Jiri Denemark 提交于
      When reboot using qemu guest agent was requested, qemu driver kept
      waiting for SHUTDOWN event from qemu. However, such event is never
      emitted during guest reboot and qemu driver would keep waiting forever.
      03c42a45
  2. 03 9月, 2012 3 次提交
  3. 01 9月, 2012 2 次提交
  4. 31 8月, 2012 15 次提交
    • E
      command: shell-quote when logging commands · 54e99644
      Eric Blake 提交于
      Without this patch, logged command executions can be ambiguous if
      the command contained any shell metacharacters.  This has caused
      more than one person to attempt to patch clients to add unnecessary
      quoting, without realizing that the command itself was run with
      correct args, and only the logged output was ambiguous.
      
      * src/util/command.c (virCommandToString): Add shell escapes.
      * tests/commandtest.c (test16): Test new behavior.
      * tests/commanddata/test16.log: Update expected output.
      * tests/qemuxml2argvdata/qemuxml2argv-*.args: Likewise.
      * tests/networkxml2argvdata/*.argv: Likewise.
      54e99644
    • M
      qemu: fix remote port searching · b805e342
      Martin Kletzander 提交于
      After fixing the last review comments on remote port searching (commit
      a14b4aea), the commit right after that
      wasn't modified accordingly, therefore two values weren't changed as
      they should and the configurable ports don't work as expected.
      
      This simple commit changes last two values missed and fixes the issue.
      b805e342
    • O
      util: Update the inconsistent and outdated comments · a2145fae
      Osier Yang 提交于
      The codes were updated to allow to reset the device as long as
      there is no devices/functions behind the same bus. However, the
      comments were kept without touched.
      a2145fae
    • M
      conf: Avoid formatting auto-generated DAC labels · 990e46c4
      Marcelo Cerri 提交于
      To avoid backward compatibility issues, this patch suppresses
      auto-generated DAC labels from XML. This change affects commands such as
      dumpxml and save.
      Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
      990e46c4
    • M
      conf: Fix parsing of seclabels without model · 86e205a2
      Marcelo Cerri 提交于
      With this patch libvirt tries to assign a model to a single seclabel
      when model is missing. Libvirt will look up at host's capabilities and
      assign the first model to seclabel.
      
      This patch fixes:
      
      1. The problem with existing guests that have a seclabel defined in its XML.
      2. A XML parse error when a guest is restored.
      Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
      86e205a2
    • J
      qemu: Don't ignore CPU tuning config if required cgroups are missing · 774eb45b
      Jiri Denemark 提交于
      When domain XML contains any of the elements for setting up CPU
      scheduling parameters (period, quota, emulator_period, or
      emulator_quota) we need cpu cgroup to enforce the configuration.
      However, the existing code would just ignore silently such settings if
      either cgroups were not available at all cpu cgroup was not available.
      Moreover, APIs for manipulating CPU scheduler parameters were already
      failing if cpu cgroup was not available. This patch makes cpu cgroup
      mandatory for all domains that use CPU scheduling elements in their XML.
      774eb45b
    • G
      cgroup: fix libvirtd crash caused by messed memory · fccab89d
      Guannan Ren 提交于
      The variable max_id is initialized again in the step of
      getting cpu mapping variable map2. But in the next for loop
      we still expect original value of max_id, the bug will
      crash libvirtd when using on NUMA machine with big number
      of cpus.
      fccab89d
    • G
      657fef14
    • G
      cgroup: read more data from cgroup cpuacct.usage_percpu · c402eebc
      Guannan Ren 提交于
      On NUMA machine, the length of string got from file
      cpuacct.usage_percpu is quite large, so expand the
      limit of 1024 bytes.
      
      errors like:
      Failed to read file \
      '/cgroup/cpuacct/libvirt/qemu/rhel6q/cpuacct.usage_percpu': \
      Value too large for defined data type
      c402eebc
    • S
      nwfilter: adapt IP learning for broadcasted DHCP replies · 4021b85f
      Stefan Berger 提交于
      Adapt the IP learning code to also accept broadcasted DHCP replies
      4021b85f
    • S
      nwfilter: accept broadcasted DHCP replies in DHCP snooping code · c828a746
      Stefan Berger 提交于
      Some DHCP servers send their DHCP replies to the broadcast MAC address
      rather than to the MAC address of the VM. The existing DHCP snooping
      code assumes that the reply always goes to the MAC address of the VM
      thus filtering the traffic of some DHCP servers' replies.
      
      The below patch adapts the code to
      
      1) filter DHCP replies by comparing the MAC address in the reply against
         the MAC address of the VM (held in the snoop request)
      
      2) adapts the pcap filter for traffic towards the VM to accept DHCP replies
         sent to any MAC address; for further filtering we rely on 1)
      
      3) creates initial rules that are active while waiting for DHCP replies;
         these rules now accept DHCP replies to the VM's MAC address or to the
         MAC broadcast address
      c828a746
    • S
      Implement virMacAddrIsBroadcastRaw · 46b2cafb
      Stefan Berger 提交于
      Add function for testing for Ethernet broadcast address
      46b2cafb
    • K
      Fix adding ports to OVS bridges without VLAN tags · 7b9d55e6
      Kyle Mestery 提交于
      The introduction of the new VLAN code, along with the fix
      from 5e465df6, caused the
      addition of OVS ports to fail with the following message:
      
      ovs-vsctl: 00002|vsctl|ERR|: missing column name
      
      This fix takes into account the VLAN arguments are optional,
      and correctly sets up the command line to run the "ovs-vsctl"
      command to add ports to the OVS bridge.
      Signed-off-by: NKyle Mestery <kmestery@cisco.com>
      CC: Eric Blake <eblake@redhat.com>
      7b9d55e6
    • N
      Fix issue of PF brought down if VF is 8021.Qbh and pci passthrough · 3044433f
      Nishank Trivedi 提交于
      If a 8021.Qbh network device supports SRIOV and its VF is being used
      in pci passthrough mode, when the guest is shutdown or destroyed, the
      PF inteface is also brought down. qemuDomainHostdevNetConfigRestore()
      finds out the PF for provided hostdev (which is VF) and passes it to
      virNetDevPortProfileDisassociate() as linkdev. Later, linkdev gets passed
      to virNetDevSetOnline() where the interface is brought down by clearing
      IFF_UP flag.
      
      Bringing down a PF, when only VF is being brought down is not expected
      behavior. This patch adds a check so that virNetDevSetOnline() is called
      only for PF and not if device is a VF.
      Signed-off-by: NNishank Trivedi <nistrive@cisco.com>
      3044433f
    • S
      nwfilter: loop generated too many rules · 9e995c9a
      Stefan Berger 提交于
      The loop processing the trusted DHCP server generated one too
      many rules and added one final rules that accepted responses
      from all DHCP servers. Below patch fixes this.
      9e995c9a
  5. 30 8月, 2012 11 次提交
    • P
      security: Re-apply commit ce53382b · 1497e36d
      Peter Krempa 提交于
      Recent changes in the security driver discarded changes that fixed
      labeling un-confined guests.
      1497e36d
    • P
      vcpupin: Fix returning of arrays from virDomainVcpuPinAdd · 077e7bf5
      Peter Krempa 提交于
      virDomainVcpuPinAdd does a realloc on vcpupin_list if the new vcpu pin
      definition doesn't fit into the array. The list is an array of pointers
      but the function definition didn't support returning the changed pointer
      to the caller if it was realloced. This caused segfaults if realloc
      would change the base pointer.
      077e7bf5
    • P
      qemu: Fix possible infinite loop and segfault on error path. · 40dfb525
      Peter Krempa 提交于
      virDomainVcpuPinDefCopy when the control flow reaches out of memory
      cleanup code, the flow would end in a infinite loop as the loop variable
      wasn't decremented.
      
      Also a dereference of NULL pointers was possible if allocation of the
      Vcpu pinning definiton structure failed.
      40dfb525
    • P
      qemu: Clean up security driver initialisation and config file · 46514ff7
      Peter Krempa 提交于
      Commit d0c0e79a left behind some dead
      code (hasDAC can't be efectively set to true, because
      virSecurityManagerNew fails to load the "dac" driver).
      
      This patch also enhances the condition for adding the default
      auto-detected security manager if the manager array is allocated but
      empty.
      
      Also the configuration file for qemu driver still contains reference to
      the DAC driver that can't be enabled manualy.
      46514ff7
    • J
      qemu: Revert to blocking behavior of qemuAgentCommand · 7444ccce
      Jiri Denemark 提交于
      Before commit 05447e3a, qemuAgentCommand
      blocked until it got a reply or appropriate event. When new parameter
      was added to qemuAgentCommand in the above commit, all existing callers
      of it were updated in a wrong way changing them from blocking to
      5-seconds timeout.
      7444ccce
    • J
      qemu: Remove redundant parameter from qemuAgentSend · e360a960
      Jiri Denemark 提交于
      The @timeout parameter of qemuAgentSend is both redundant and confusing.
      This patch should not result in any functional changes.
      e360a960
    • L
      network: get vlan info for Open vSwitch interfaces from proper source · b3bd5d6c
      Laine Stump 提交于
      This bug was revealed by the crash described in
      
        https://bugzilla.redhat.com/show_bug.cgi?id=852383
      
      The vlan info pointer sent to virNetDevOpenvswitchAddPort should never
      be non-NULL unless there is at least one tag. The factthat such a vlan
      info pointer was receveid pointed out that a caller was passing the
      wrong pointer. Instead of sending &net->vlan, the result of
      virDomainNetGetActualVlan(net) should be sent - that function will
      look for vlan info in net->data.network.actual->vlan, and in cany case
      return NULL instead of a pointer if the vlan info it finds has no
      tags.
      
      Aside from causing the crash, sending a hardcoded &net->vlan has the
      effect of ignoring vlan info from a <network> or <portgroup> config.
      b3bd5d6c
    • D
      Small cleanup on previous patch · 3219cc32
      Daniel Veillard 提交于
      As pointed by Eric Blake
      3219cc32
    • K
      Fix a crash when using Open vSwitch virtual ports · 5e465df6
      Kyle Mestery 提交于
      Fixup buffer usage when handling VLANs. Also fix the logic
      used to determine if the virNetDevVlanPtr is valid or not.
      Fixes crashes in the latest code when using Open vSwitch
      virtualports.
      Signed-off-by: NKyle Mestery <kmestery@cisco.com>
      5e465df6
    • O
      qemu: Sort the numa params only when it affects the live config · 20b780ae
      Osier Yang 提交于
      As the next boot doesn't have to worry about the previous numa
      params setting (there is no).
      20b780ae
    • D
      Fix configuration of QEMU security drivers · d0c0e79a
      Daniel P. Berrange 提交于
      If no 'security_driver' config option was set, then the code
      just loaded the 'dac' security driver. This is a regression
      on previous behaviour, where we would probe for a possible
      security driver. ie default to SELinux if available.
      
      This changes things so that it 'security_driver' is not set,
      we once again do probing. For simplicity we also always
      create the stack driver, even if there is only one driver
      active.
      
      The desired semantics are:
      
       - security_driver not set
           -> probe for selinux/apparmour/nop
           -> auto-add DAC driver
       - security_driver set to a string
           -> add that one driver
           -> auto-add DAC driver
       - security_driver set to a list
           -> add all drivers in list
           -> auto-add DAC driver
      
      It is not allowed, or possible to specify 'dac' in the
      security_driver config param, since that is always
      enabled.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      d0c0e79a
  6. 29 8月, 2012 7 次提交