- 22 3月, 2012 1 次提交
-
-
由 Jiri Denemark 提交于
Add support for registering arbitrary callback to be called for a domain when a connection gets closed.
-
- 20 3月, 2012 1 次提交
-
-
由 Eric Blake 提交于
If a guest is paused, we were silently ignoring the quiesce flag, which results in unclean snapshots, contrary to the intent of the flag. Since we can't quiesce without guest agent support, we should instead fail if the guest is not running. Meanwhile, if we attempt a quiesce command, but the guest agent doesn't respond, and we time out, we may have left the command pending on the guest's queue, and when the guest resumes parsing commands, it will freeze even though our command is no longer around to issue a thaw. To be safe, we must _always_ pair every quiesce call with a counterpart thaw, even if the quiesce call failed due to a timeout, so that if a guest wakes up and starts processing a command backlog, it will not get stuck in a frozen state. * src/qemu/qemu_driver.c (qemuDomainSnapshotCreateDiskActive): Always issue thaw after a quiesce, even if quiesce failed. (qemuDomainSnapshotFSThaw): Add a parameter.
-
- 16 3月, 2012 1 次提交
-
-
由 Daniel P. Berrange 提交于
A common coding pattern for changing blkio parameters is 1. virDomainGetBlkioParameters 2. change one or more params 3. virDomainSetBlkioParameters For this to work, it must be possible to roundtrip through the methods without error. Unfortunately virDomainGetBlkioParameters will return "" for the deviceWeight parameter for guests by default, which virDomainSetBlkioParameters will then reject as invalid. This fixes the handling of "" to be a no-op, and also improves the error message to tell you what was invalid
-
- 14 3月, 2012 1 次提交
-
-
由 Osier Yang 提交于
And don't allow to hotplug a usb disk with "device == lun". This is the missed pieces in previous virtio-scsi patchset: http://www.redhat.com/archives/libvir-list/2012-February/msg01052.html
-
- 13 3月, 2012 1 次提交
-
-
由 Jiri Denemark 提交于
When host-model and host-passthrouh CPU modes were introduced, qemu driver was properly modify to update guest CPU definition during migration so that we use the right CPU at the destination. However, similar treatment is needed for (managed)save and snapshots since they need to save the exact CPU so that a domain can be properly restored. To avoid repetition of such situation, all places that need live XML share the code which generates it. As a side effect, this patch fixes error reporting from qemuDomainSnapshotWriteMetadata().
-
- 12 3月, 2012 1 次提交
-
-
由 Eric Blake 提交于
Thanks to cgroups, providing user vs. system time of the overall guest is easy to add to our existing API. * include/libvirt/libvirt.h.in (VIR_DOMAIN_CPU_STATS_USERTIME) (VIR_DOMAIN_CPU_STATS_SYSTEMTIME): New constants. * src/util/virtypedparam.h (virTypedParameterArrayValidate) (virTypedParameterAssign): Enforce checking the result. * src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Fix offender. (qemuDomainGetTotalcpuStats): Implement new parameters. * tools/virsh.c (cmdCPUStats): Tweak output accordingly.
-
- 09 3月, 2012 3 次提交
-
-
由 Laine Stump 提交于
This function was freeing a virDomainNetDef with VIR_FREE(). virDomainNetDef is a complex structure with many pointers to other dynamically allocated data; to properly free it virDomainNetDefFree() must be called instead, otherwise several strings (and potentially other things) will be leaked.
-
由 Laine Stump 提交于
For some reason, although live hotplug of <hostdev> devices is supported, persistent hotplug is not. This patch adds the proper VIR_DOMAIN_DEVICE_HOSTDEV cases to the switches in qemuDomainAttachDeviceConfig and qemuDomainDetachDeviceConfig.
-
由 Laine Stump 提交于
There are several functions in domain_conf.c that remove a device object from the domain's list of that object type, but don't free the object or return it to the caller to free. In many cases this isn't a problem because the caller already had a pointer to the object and frees it afterward, but in several cases the removed object was just left floating around with no references to it. In particular, the function qemuDomainDetachDeviceConfig() calls functions to locate and remove net (virDomainNetRemoveByMac), disk (virDomainDiskRemoveByName()), and lease (virDomainLeaseRemove()) devices, but neither it nor its caller qemuDomainModifyDeviceConfig() ever obtain a pointer to the device being removed, much less free it. This patch modifies the following "remove" functions to return a pointer to the device object being removed from the domain device arrays, to give the caller the option of freeing the device object using that pointer if needed. In places where the object was previously leaked, it is now freed: virDomainDiskRemove virDomainDiskRemoveByName virDomainNetRemove virDomainNetRemoveByMac virDomainHostdevRemove virDomainLeaseRemove virDomainLeaseRemoveAt The functions that had been leaking: libxlDomainDetachConfig - leaked a virDomainDiskDef qemuDomainDetachDeviceConfig - could leak a virDomainDiskDef, a virDomainNetDef, or a virDomainLeaseDef qemuDomainDetachLease - leaked a virDomainLeaseDef
-
- 08 3月, 2012 5 次提交
-
-
由 Michal Privoznik 提交于
Some members are generated during XML parse (e.g. MAC address of an interface); However, with current implementation, if we are plugging a device both to persistent and live config, we parse given XML twice: first time for live, second for config. This is wrong then as the second time we are not guaranteed to generate same values as we did for the first time. To prevent that we need to create a copy of DeviceDefPtr; This is done through format/parse process instead of writing functions for deep copy as it is easier to maintain: adding new field to any virDomain*DefPtr doesn't require change of copying function.
-
由 Michal Privoznik 提交于
Currently, startupPolicy='requisite' was determining cold boot by migrateFrom != NULL. That means, if domain was started up with migrateFrom set we didn't require disk source path and allowed it to be dropped. However, on snapshot-revert domain wasn't migrated but according to documentation, requisite should drop disk source as well.
-
由 Eric Blake 提交于
Using 'unsigned long' for memory values is risky on 32-bit platforms, as a PAE guest can have more than 4GiB memory. Our API is (unfortunately) locked at 'unsigned long' and a scale of 1024, but the rest of our system should consistently use 64-bit values, especially since the previous patch centralized overflow checking. * src/conf/domain_conf.h (_virDomainDef): Always use 64-bit values for memory. Change hugepage_backed to a bool. * src/conf/domain_conf.c (virDomainDefParseXML) (virDomainDefCheckABIStability, virDomainDefFormatInternal): Fix clients. * src/vmx/vmx.c (virVMXFormatConfig): Likewise. * src/xenxs/xen_sxpr.c (xenParseSxpr, xenFormatSxpr): Likewise. * src/xenxs/xen_xm.c (xenXMConfigGetULongLong): New function. (xenXMConfigGetULong, xenXMConfigSetInt): Avoid truncation. (xenParseXM, xenFormatXM): Fix clients. * src/phyp/phyp_driver.c (phypBuildLpar): Likewise. * src/openvz/openvz_driver.c (openvzDomainSetMemoryInternal): Likewise. * src/vbox/vbox_tmpl.c (vboxDomainDefineXML): Likewise. * src/qemu/qemu_command.c (qemuBuildCommandLine): Likewise. * src/qemu/qemu_process.c (qemuProcessStart): Likewise. * src/qemu/qemu_monitor.h (qemuMonitorGetBalloonInfo): Likewise. * src/qemu/qemu_monitor_text.h (qemuMonitorTextGetBalloonInfo): Likewise. * src/qemu/qemu_monitor_text.c (qemuMonitorTextGetBalloonInfo): Likewise. * src/qemu/qemu_monitor_json.h (qemuMonitorJSONGetBalloonInfo): Likewise. * src/qemu/qemu_monitor_json.c (qemuMonitorJSONGetBalloonInfo): Likewise. * src/qemu/qemu_driver.c (qemudDomainGetInfo) (qemuDomainGetXMLDesc): Likewise. * src/uml/uml_conf.c (umlBuildCommandLine): Likewise.
-
由 Eric Blake 提交于
On 64-bit platforms, unsigned long and unsigned long long are identical, so we don't have to worry about overflow checks. On 32-bit platforms, anywhere we narrow unsigned long long back to unsigned long, we have to worry about overflow; it's easier to do this in one place by having most of the code use the same or wider types, and only doing the narrowing at the last minute. Therefore, the memory set commands remain unsigned long, and the memory get command now centralizes the overflow check into libvirt.c, so that drivers don't have to repeat the work. This also fixes a bug where xen returned the wrong value on failure (most APIs return -1 on failure, but getMaxMemory must return 0 on failure). * src/driver.h (virDrvDomainGetMaxMemory): Use long long. * src/libvirt.c (virDomainGetMaxMemory): Raise overflow. * src/test/test_driver.c (testGetMaxMemory): Fix driver. * src/rpc/gendispatch.pl (name_to_ProcName): Likewise. * src/xen/xen_hypervisor.c (xenHypervisorGetMaxMemory): Likewise. * src/xen/xen_driver.c (xenUnifiedDomainGetMaxMemory): Likewise. * src/xen/xend_internal.c (xenDaemonDomainGetMaxMemory): Likewise. * src/xen/xend_internal.h (xenDaemonDomainGetMaxMemory): Likewise. * src/xen/xm_internal.c (xenXMDomainGetMaxMemory): Likewise. * src/xen/xm_internal.h (xenXMDomainGetMaxMemory): Likewise. * src/xen/xs_internal.c (xenStoreDomainGetMaxMemory): Likewise. * src/xen/xs_internal.h (xenStoreDomainGetMaxMemory): Likewise. * src/xenapi/xenapi_driver.c (xenapiDomainGetMaxMemory): Likewise. * src/esx/esx_driver.c (esxDomainGetMaxMemory): Likewise. * src/libxl/libxl_driver.c (libxlDomainGetMaxMemory): Likewise. * src/qemu/qemu_driver.c (qemudDomainGetMaxMemory): Likewise. * src/lxc/lxc_driver.c (lxcDomainGetMaxMemory): Likewise. * src/uml/uml_driver.c (umlDomainGetMaxMemory): Likewise.
-
由 Eric Blake 提交于
Overflow can be user-induced, so it deserves more than being called an internal error. Note that in general, 32-bit platforms have far more places to trigger this error (anywhere the public API used 'unsigned long' but the other side of the connection is a 64-bit server); but some are possible on 64-bit platforms (where the public API computes the product of two numbers). * include/libvirt/virterror.h (VIR_ERR_OVERFLOW): New error. * src/util/virterror.c (virErrorMsg): Translate it. * src/libvirt.c (virDomainSetVcpusFlags, virDomainGetVcpuPinInfo) (virDomainGetVcpus, virDomainGetCPUStats): Use it. * daemon/remote.c (HYPER_TO_TYPE): Likewise. * src/qemu/qemu_driver.c (qemuDomainBlockResize): Likewise.
-
- 07 3月, 2012 2 次提交
-
-
由 Eric Blake 提交于
The RPC code assumed that the array returned by the driver would be fully populated; that is, ncpus on entry resulted in ncpus * return value on exit. However, while we don't support holes in the middle of ncpus, we do want to permit the case of ncpus on entry being longer than the array returned by the driver (that is, it should be safe for the caller to pass ncpus=128 on entry, and the driver will stop populating the array when it hits max_id). Additionally, a successful return implies that the caller will then use virTypedParamArrayClear on the entire array; for this to not free uninitialized memory, the driver must ensure that all skipped entries are explicitly zeroed (the RPC driver did this, but not the qemu driver). There are now three cases: server 0.9.10 and client 0.9.10 or newer: No impact - there were no hypervisor drivers that supported cpu stats server 0.9.11 or newer and client 0.9.10: if the client calls with ncpus beyond the max, then the rpc call will fail on the client side and disconnect the client, but the server is no worse for the wear server 0.9.11 or newer and client 0.9.11: the server can return a truncated array and the client will do just fine I reproduced the problem by using a host with 2 CPUs, and doing: virsh cpu-stats $dom --start 1 --count 2 * daemon/remote.c (remoteDispatchDomainGetCPUStats): Allow driver to omit tail of array. * src/remote/remote_driver.c (remoteDomainGetCPUStats): Accommodate driver that omits tail of array. * src/libvirt.c (virDomainGetCPUStats): Document this. * src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Clear all unpopulated entries.
-
由 KAMEZAWA Hiroyuki 提交于
* For now, only "cpu_time" is supported. * cpuacct cgroup is used for providing percpu cputime information. * src/qemu/qemu.conf - take care of cpuacct cgroup. * src/qemu/qemu_conf.c - take care of cpuacct cgroup. * src/qemu/qemu_driver.c - added an interface * src/util/cgroup.c/h - added interface for getting percpu cputime Signed-off-by: NKAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> Signed-off-by: NLai Jiangshan <laijs@cn.fujitsu.com>
-
- 06 3月, 2012 1 次提交
-
-
由 Eric Blake 提交于
Qemu supports sizing by bytes; we shouldn't force the user to round up if they really wanted an unaligned total size. * include/libvirt/libvirt.h.in (VIR_DOMAIN_BLOCK_RESIZE_BYTES): New flag. * src/libvirt.c (virDomainBlockResize): Document it. * src/qemu/qemu_monitor_json.c (qemuMonitorJSONBlockResize): Take size in bytes. * src/qemu/qemu_monitor_text.c (qemuMonitorTextBlockResize): Likewise. Pass bytes, not megabytes, to monitor. * src/qemu/qemu_driver.c (qemuDomainBlockResize): Implement new flag.
-
- 05 3月, 2012 1 次提交
-
-
由 Osier Yang 提交于
-
- 02 3月, 2012 1 次提交
-
-
由 Eric Blake 提交于
No thanks to 64-bit windows, with 64-bit pid_t, we have to avoid constructs like 'int pid'. Our API in libvirt-qemu cannot be changed without breaking ABI; but then again, libvirt-qemu can only be used on systems that support UNIX sockets, which rules out Windows (even if qemu could be compiled there) - so for all points on the call chain that interact with this API decision, we require a different variable name to make it clear that we audited the use for safety. Adding a syntax-check rule only solves half the battle; anywhere that uses printf on a pid_t still needs to be converted, but that will be a separate patch. * cfg.mk (sc_correct_id_types): New syntax check. * src/libvirt-qemu.c (virDomainQemuAttach): Document why we didn't use pid_t for pid, and validate for overflow. * include/libvirt/libvirt-qemu.h (virDomainQemuAttach): Tweak name for syntax check. * src/vmware/vmware_conf.c (vmwareExtractPid): Likewise. * src/driver.h (virDrvDomainQemuAttach): Likewise. * tools/virsh.c (cmdQemuAttach): Likewise. * src/remote/qemu_protocol.x (qemu_domain_attach_args): Likewise. * src/qemu_protocol-structs (qemu_domain_attach_args): Likewise. * src/util/cgroup.c (virCgroupPidCode, virCgroupKillInternal): Likewise. * src/qemu/qemu_command.c(qemuParseProcFileStrings): Likewise. (qemuParseCommandLinePid): Use pid_t for pid. * daemon/libvirtd.c (daemonForkIntoBackground): Likewise. * src/conf/domain_conf.h (_virDomainObj): Likewise. * src/probes.d (rpc_socket_new): Likewise. * src/qemu/qemu_command.h (qemuParseCommandLinePid): Likewise. * src/qemu/qemu_driver.c (qemudGetProcessInfo, qemuDomainAttach): Likewise. * src/qemu/qemu_process.c (qemuProcessAttach): Likewise. * src/qemu/qemu_process.h (qemuProcessAttach): Likewise. * src/uml/uml_driver.c (umlGetProcessInfo): Likewise. * src/util/virnetdev.h (virNetDevSetNamespace): Likewise. * src/util/virnetdev.c (virNetDevSetNamespace): Likewise. * tests/testutils.c (virtTestCaptureProgramOutput): Likewise. * src/conf/storage_conf.h (_virStoragePerms): Use mode_t, uid_t, and gid_t rather than int. * src/security/security_dac.c (virSecurityDACSetOwnership): Likewise. * src/conf/storage_conf.c (virStorageDefParsePerms): Avoid compiler warning.
-
- 01 3月, 2012 1 次提交
-
-
由 Eric Blake 提交于
This actually wires up the new optional parameter to block_stream: http://wiki.qemu.org/Features/LiveBlockMigration/ImageStreamingAPI The error checking is still sparse, since libvirt must not use qemu-img or header probing on a qcow2 file in use by qemu to check if the backing file name is valid; so for now, libvirt is relying on qemu to diagnose an incorrect backing name. Fixing this will require libvirt to track the entire backing file chain at the time qemu is started and keeps it updated with snapshot and pull operations. * src/qemu/qemu_monitor_json.c (qemuMonitorJSONBlockJob): Add parameter, and update callers. * src/qemu/qemu_monitor_json.h (qemuMonitorJSONBlockJob): Update signature. * src/qemu/qemu_monitor.h (qemuMonitorBlockJob): Likewise. * src/qemu/qemu_driver.c (qemuDomainBlockJobImpl): Update caller. * src/qemu/qemu_monitor.c (qemuMonitorBlockJob): Likewise.
-
- 27 2月, 2012 2 次提交
-
-
由 Peter Krempa 提交于
This patch fixes console corruption, that happens if two concurrent sessions are opened for a single console on a domain. Result of this corruption was that each of the console streams recieved just a part of the data written to the pipe so every console rendered unusable. New helper function for safe console handling is used to establish the console stream connection. This function ensures that no other libvirt client is using the console (with the ability to disconnect consoles of libvirt clients) and that no UUCP style lockfile is placed on the PTY device. * src/qemu/qemu_domain.h - add data structure to domain's private data dealing with console connections * src/qemu/qemu_domain.c: - allocate/free domain's console data structure * src/qemu/qemu_driver.c - use the new helper function for console handling
-
由 Michal Privoznik 提交于
using 'system-wakeup' monitor command. It is supported only in JSON, as we are enabling it if possible. Moreover, this command is available in qemu-1.1+ which definitely has JSON.
-
- 25 2月, 2012 1 次提交
-
-
由 Martin Kletzander 提交于
Function xmlParseURI does not remove square brackets around IPv6 address when parsing. One of the solutions is making wrappers around functions working with xmlURI*. This assures that uri->server will be always properly assigned and it doesn't have to be changed when used on some new place in the code. For this purpose, functions virParseURI and virSaveURI were added. These function are wrappers around xmlParseURI and xmlSaveUri respectively. Also there is one new syntax check function to prohibit these functions anywhere else. File changes: - src/util/viruri.h -- declaration - src/util/viruri.c -- definition - src/libvirt_private.syms -- symbol export - src/Makefile.am -- added source and header files - cfg.mk -- added sc_prohibit_xmlURI - all others -- ID name and include fixes
-
- 23 2月, 2012 2 次提交
-
-
由 Eric Blake 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=795656 mentions that a graceful destroy request can time out, meaning that the error message is user-visible and should be more appropriate than just internal error. * src/qemu/qemu_driver.c (qemuDomainDestroyFlags): Swap error type.
-
由 Jiri Denemark 提交于
Migrating domains with disks using cache != none is unsafe unless the disk images are stored on coherent clustered filesystem. Thus we forbid migrating such domains unless VIR_MIGRATE_UNSAFE flags is used.
-
- 16 2月, 2012 1 次提交
-
-
由 Laine Stump 提交于
This patch is based on an earlier patch by Eric Blake which was never committed: https://www.redhat.com/archives/libvir-list/2011-November/msg00243.html Aside from rebasing, this patch only drops the driver lock once (prior to the first time the function sleeps), then leaves it dropped until it returns (Eric's patch would drop and re-acquire the lock around each call to sleep). At the time Eric sent his patch, the response (from Dan Berrange) was that, while it wasn't a good thing to be holding the driver lock while sleeping, we really need to rethink locking wrt the driver object, switching to a finer-grained approach that locks individual items within the driver object separately to allow for greater concurrency. This is a good plan, and at the time it made sense to not apply the patch because there was no known bug related to the driver lock being held in this function. However, we now know that the length of the wait in qemuProcessKill is sometimes too short to allow the qemu process to fully flush its disk cache before SIGKILL is sent, so we need to lengthen the timeout (in order to improve the situation with management applications until they can be updated to use the new VIR_DOMAIN_DESTROY_GRACEFUL flag added in commit 72f8a7f1). But, if we lengthen the timeout, we also lengthen the amount of time that all other threads in libvirtd are essentially blocked from doing anything (since just about everything needs to acquire the driver lock, if only for long enough to get a pointer to a domain). The solution is to modify qemuProcessKill to drop the driver lock while sleeping, as proposed in Eric's patch. Then we can increase the timeout with a clear conscience, and thus at least lower the chances that someone running with existing management software will suffer the consequence's of qemu's disk cache not being flushed. In the meantime, we still should work on Dan's proposal to make locking within the driver object more fine grained. (NB: although I couldn't find any instance where qemuProcessKill() was called with no jobs active for the domain (or some other guarantee that the current thread had at least one refcount on the domain object), this patch still follows Eric's method of temporarily adding a ref prior to unlocking the domain object, because I couldn't convince myself 100% that this was the case.)
-
- 15 2月, 2012 1 次提交
-
-
由 Michal Privoznik 提交于
via user agent. Allow targets mem & hybrid iff system_wakeup monitor command is available.
-
- 14 2月, 2012 1 次提交
-
-
由 Eric Blake 提交于
When blkdeviotune was first committed in 0.9.8, we had the limitation that setting one value reset all others. But bytes and iops should be relatively independent. Furthermore, setting tuning values on a live domain followed by dumpxml did not output the new settings. * src/qemu/qemu_driver.c (qemuDiskPathToAlias): Add parameter, and update callers. (qemuDomainSetBlockIoTune): Don't lose previous unrelated settings. Make live changes reflect to dumpxml output. * tools/virsh.pod (blkdeviotune): Update documentation.
-
- 10 2月, 2012 1 次提交
-
-
由 Osier Yang 提交于
The auto-generated WWN comply with the new addressing schema of WWN: <quote> the first nibble is either hex 5 or 6 followed by a 3-byte vendor identifier and 36 bits for a vendor-specified serial number. </quote> We choose hex 5 for the first nibble. And for the 3-bytes vendor ID, we uses the OUI according to underlying hypervisor type, (invoking virConnectGetType to get the virt type). e.g. If virConnectGetType returns "QEMU", we use Qumranet's OUI (00:1A:4A), if returns ESX|VMWARE, we use VMWARE's OUI (00:05:69). Currently it only supports qemu|xen|libxl|xenapi|hyperv|esx|vmware drivers. The last 36 bits are auto-generated.
-
- 09 2月, 2012 2 次提交
-
-
由 Eric Blake 提交于
virsh blkiotune dom --device-weights /dev/sda,400 --config wasn't working correctly. * src/qemu/qemu_driver.c (qemuDomainSetBlkioParameters): Use correct definition.
-
由 Eric Blake 提交于
The merge code had too many indirections to easily analyze. * src/qemu/qemu_driver.c (qemuDomainMergeDeviceWeights): Pick better variable names.
-
- 08 2月, 2012 3 次提交
-
-
由 Jiri Denemark 提交于
This is probably not strictly needed as save operation is not live but we may have other reasons to avoid blocking qemu's main loop.
-
由 Jiri Denemark 提交于
Qemu uses non-blocking I/O which doesn't play nice with regular file descriptors. We need to pass a pipe to qemu instead, which can easily be done using iohelper.
-
由 Jiri Denemark 提交于
virFileDirectFd was used for accessing files opened with O_DIRECT using libvirt_iohelper. We will want to use the helper for accessing files regardless on O_DIRECT and thus virFileDirectFd was generalized and renamed to virFileWrapperFd.
-
- 04 2月, 2012 2 次提交
-
-
由 Laine Stump 提交于
virFileOpenAs previously would only try opening a file as the current user, or as a different user, but wouldn't try both methods in a single call. This made it cumbersome to use as a replacement for open(2). Additionally, it had a lot of historical baggage that led to it being difficult to understand. This patch refactors virFileOpenAs in the following ways: * reorganize the code so that everything dealing with both the parent and child sides of the "fork+setuid+setgid+open" method are in a separate function. This makes the public function easier to understand. * Allow a single call to virFileOpenAs() to first attempt the open as the current user, and if that fails to automatically re-try after doing fork+setuid (if deemed appropriate, i.e. errno indicates it would now be successful, and the file is on a networkFS). This makes it possible (in many, but possibly not all, cases) to drop-in virFileOpenAs() as a replacement for open(2). (NB: currently qemuOpenFile() calls virFileOpenAs() twice, once without forking, then again with forking. That unfortunately can't be changed without at least some discussion of the ramifications, because the requested file permissions are different in each case, which is something that a single call to virFileOpenAs() can't deal with.) * Add a flag so that any fchown() of the file to a different uid:gid is explicitly requested when the function is called, rather than it being implied by the presence of the O_CREAT flag. This just makes for less subtle surprises to consumers. (Commit b1643dc1 added the check for O_CREAT before forcing ownership. This patch just makes that restriction more explicit.) * If either the uid or gid is specified as "-1", virFileOpenAs will interpret this to mean "the current [gu]id". All current consumers of virFileOpenAs should retain their present behavior (after a few minor changes to their setup code and arguments).
-
由 Laine Stump 提交于
When libvirt's virDomainDestroy API is shutting down the qemu process, it first sends SIGTERM, then waits for 1.6 seconds and, if it sees the process still there, sends a SIGKILL. There have been reports that this behavior can lead to data loss because the guest running in qemu doesn't have time to flush its disk cache buffers before it's unceremoniously whacked. This patch maintains that default behavior, but provides a new flag VIR_DOMAIN_DESTROY_GRACEFUL to alter the behavior. If this flag is set in the call to virDomainDestroyFlags, SIGKILL will never be sent to the qemu process; instead, if the timeout is reached and the qemu process still exists, virDomainDestroy will return an error. Once this patch is in, the recommended method for applications to call virDomainDestroyFlags will be with VIR_DOMAIN_DESTROY_GRACEFUL included. If that fails, then the application can decide if and when to call virDomainDestroyFlags again without VIR_DOMAIN_DESTROY_GRACEFUL (to force the issue with SIGKILL). (Note that this does not address the issue of existing applications that have not yet been modified to use VIR_DOMAIN_DESTROY_GRACEFUL. That is a separate patch.)
-
- 03 2月, 2012 3 次提交
-
-
由 Martin Kletzander 提交于
Added RSS information gathering into qemuMemoryStats into qemu driver and the reporting into virsh dommemstat.
-
由 Martin Kletzander 提交于
One more parameter added into the function parsing /proc/<pid>/stat and the call of the function is fixed as well.
-
由 Daniel P. Berrange 提交于
Curently security labels can be of type 'dynamic' or 'static'. If no security label is given, then 'dynamic' is assumed. The current code takes advantage of this default, and avoids even saving <seclabel> elements with type='dynamic' to disk. This means if you temporarily change security driver, the guests can all still start. With the introduction of sVirt to LXC though, there needs to be a new default of 'none' to allow unconfined LXC containers. This patch introduces two new security label types - default: the host configuration decides whether to run the guest with type 'none' or 'dynamic' at guest start - none: the guest will run unconfined by security policy The 'none' label type will obviously be undesirable for some deployments, so a new qemu.conf option allows a host admin to mandate confined guests. It is also possible to turn off default confinement security_default_confined = 1|0 (default == 1) security_require_confined = 1|0 (default == 0) * src/conf/domain_conf.c, src/conf/domain_conf.h: Add new seclabel types * src/security/security_manager.c, src/security/security_manager.h: Set default sec label types * src/security/security_selinux.c: Handle 'none' seclabel type * src/qemu/qemu.conf, src/qemu/qemu_conf.c, src/qemu/qemu_conf.h, src/qemu/libvirtd_qemu.aug: New security config options * src/qemu/qemu_driver.c: Tell security driver about default config
-
- 02 2月, 2012 1 次提交
-
-
由 Eric Blake 提交于
This is a trivial implementation, which works with the current released qemu 1.0 with backports of preliminary block pull but no partial rebase. Future patches will update the monitor handling to support an optional parameter for partial rebase; but as qemu 1.1 is unreleased, it can be in later patches, designed to be backported on top of the supported API. * src/qemu/qemu_driver.c (qemuDomainBlockJobImpl): Add parameter, and adjust callers. Drop redundant check. (qemuDomainBlockPull): Move guts... (qemuDomainBlockRebase): ...to new function.
-