- 01 1月, 2012 1 次提交
-
-
由 Eric Blake 提交于
Leak detected by Coverity, and introduced in commit 93ab5859. Reported by Alex Jia. * src/qemu/qemu_driver.c (qemuDomainSetBlkioParameters): Free devices array on error.
-
- 31 12月, 2011 1 次提交
-
-
由 Eric Blake 提交于
Commit 6cb4acce reintroduced the bug fixed in commit d145fe3b. * docs/formatdomain.html.in (elementsDisks): Fix again.
-
- 30 12月, 2011 7 次提交
-
-
由 Daniel Veillard 提交于
The blocks to extract node information on a per-arch basis wasn't well balanced leading to a compilation failure if not on one of the handled arches (PCs and PPCs)
-
由 Eric Blake 提交于
This wires up the XML changes in the previous patch to let SELinux labeling honor user overrides, as well as affecting the live XML configuration in one case where the user didn't specify anything in the offline XML. I noticed that the logs contained messages like this: 2011-12-05 23:32:40.382+0000: 26569: warning : SELinuxRestoreSecurityFileLabel:533 : cannot lookup default selinux label for /nfs/libvirt/images/dom.img for all my domain images living on NFS. But if we would just remember that on domain creation that we were unable to set a SELinux label (due to NFSv3 lacking labels, or NFSv4 not being configured to expose attributes), then we could avoid wasting the time trying to clear the label on domain shutdown. This in turn is one less point of NFS failure, especially since there have been documented cases of virDomainDestroy hanging during an attempted operation on a failed NFS connection. * src/security/security_selinux.c (SELinuxSetFilecon): Move guts... (SELinuxSetFileconHelper): ...to new function. (SELinuxSetFileconOptional): New function. (SELinuxSetSecurityFileLabel): Honor override label, and remember if labeling failed. (SELinuxRestoreSecurityImageLabelInt): Skip relabeling based on override.
-
由 Eric Blake 提交于
Implement the parsing and formatting of the XML addition of the previous commit. The new XML doesn't affect qemu command line, so we can now test round-trip XML->memory->XML handling. I chose to reuse the existing structure, even though per-device override doesn't use all of those fields, rather than create a new structure, in order to reuse more code. * src/conf/domain_conf.h (_virDomainDiskDef): Add seclabel member. * src/conf/domain_conf.c (virDomainDiskDefFree): Free it. (virSecurityLabelDefFree): New function. (virDomainDiskDefFormat): Print it. (virSecurityLabelDefFormat): Reduce output if model not present. (virDomainDiskDefParseXML): Alter signature, and parse seclabel. (virSecurityLabelDefParseXML): Split... (virSecurityLabelDefParseXMLHelper): ...into new helper. (virDomainDeviceDefParse, virDomainDefParseXML): Update callers. * tests/qemuxml2argvdata/qemuxml2argv-seclabel-dynamic-override.args: New file. * tests/qemuxml2xmltest.c (mymain): Enhance test. * tests/qemuxml2argvtest.c (mymain): Likewise.
-
由 Eric Blake 提交于
When doing security relabeling, there are cases where a per-file override might be appropriate. For example, with a static label and relabeling, it might be appropriate to skip relabeling on a particular disk, where the backing file lives on NFS that lacks the ability to track labeling. Or with dynamic labeling, it might be appropriate to use a custom (non-dynamic) label for a disk specifically intended to be shared across domains. The new XML resembles the top-level <seclabel>, but with fewer options (basically relabel='no', or <label>text</label>): <domain ...> ... <devices> <disk type='file' device='disk'> <source file='/path/to/image1'> <seclabel relabel='no'/> <!-- override for just this disk --> </source> ... </disk> <disk type='file' device='disk'> <source file='/path/to/image1'> <seclabel relabel='yes'> <!-- override for just this disk --> <label>system_u:object_r:shared_content_t:s0</label> </seclabel> </source> ... </disk> ... </devices> <seclabel type='dynamic' model='selinux'> <baselabel>text</baselabel> <!-- used for all devices without override --> </seclabel> </domain> This patch only introduces the XML and documentation; future patches will actually parse and make use of it. The intent is that we can further extend things as needed, adding a per-device <seclabel> in more places (such as the source of a console device), and possibly allowing a <baselabel> instead of <label> for labeling where we want to reuse the cNNN,cNNN pair of a dynamically labeled domain but a different base label. First suggested by Daniel P. Berrange here: https://www.redhat.com/archives/libvir-list/2011-December/msg00258.html * docs/schemas/domaincommon.rng (devSeclabel): New define. (disk): Use it. * docs/formatdomain.html.in (elementsDisks, seclabel): Document the new XML. * tests/qemuxml2argvdata/qemuxml2argv-seclabel-dynamic-override.xml: New test, to validate RNG.
-
由 Eric Blake 提交于
Pure code motion; no semantic change. * src/conf/domain_conf.h (virDomainSeclabelType) (virSecurityLabelDefPtr): Declare earlier. * src/conf/domain_conf.c (virSecurityLabelDefClear) (virSecurityLabelDefParseXML): Move earlier. (virDomainDefParseXML): Move seclabel parsing earlier.
-
由 Eric Blake 提交于
A future patch will parse and output <seclabel> in more than one location in a <domain> xml; make it easier to reuse code. * src/conf/domain_conf.c (virSecurityLabelDefFree): Rename... (virSecurityLabelDefClear): ...and make static. (virSecurityLabelDefParseXML): Alter signature. (virDomainDefParseXML, virDomainDefFree): Adjust callers. (virDomainDefFormatInternal): Split output... (virSecurityLabelDefFormat): ...into new helper.
-
由 Eric Blake 提交于
The RNG for <seclabel> was too strict - if it was present, then it had to have sub-elements, even if those didn't make sense for the given attributes. Also, we didn't have any tests of <seclabel> parsing or XML output. In this patch, I added more parsing tests than output tests (since the output populates and/or reorders fields not present in certain inputs). Making the RNG reliable is a precursor to using <seclabel> variants in more places in the XML in later patches. See also: http://berrange.com/posts/2011/09/29/two-small-improvements-to-svirt-guest-configuration-flexibility-with-kvmlibvirt/ * docs/schemas/domaincommon.rng (seclabel): Tighten rules. * tests/qemuxml2argvtest.c (mymain): New tests. * tests/qemuxml2xmltest.c (mymain): Likewise. * tests/qemuxml2argvdata/qemuxml2argv-seclabel-*.*: New files.
-
- 29 12月, 2011 9 次提交
-
-
由 Daniel Veillard 提交于
As seen in https://bugzilla.redhat.com/show_bug.cgi?id=746111 If compiled with the daemon and avahi support, then it's better to require avahi at the rpm level to avoid daemon startup errors.
-
由 Hu Tao 提交于
Add a new command domiftune to get/set interface parameters. * tools/virsh.c: implement the new command * tools/virsh.pod: documentation of the new command
-
由 Hu Tao 提交于
* src/qemu/qemu_driver.c: implement the qemu driver support
-
由 Hu Tao 提交于
Add a util function virDomainNetFind to find a domain's net def.
-
由 Hu Tao 提交于
* daemon/remote.c: implement the server side support * src/remote/remote_driver.c: implement the client side support * src/remote/remote_protocol.x: definitions for the new entry points * src/remote_protocol-structs: structure definitions
-
由 Hu Tao 提交于
* src/libvirt.c: implement the main entry points
-
由 Hu Tao 提交于
The APIs are used to set/get domain's network interface's parameters. Currently supported parameters are bandwidth settings. * include/libvirt/libvirt.h.in: new API and parameters definition * python/generator.py: skip the Python API generation * src/driver.h: add new entry to the driver structure * src/libvirt_public.syms: export symbols
-
由 Daniel Veillard 提交于
* python/libvirt-override.c: remove the predefined array in the virConnectListDomainsID binding and call virConnectNumOfDomains to do a proper allocation
-
由 Alex Jia 提交于
The parameter 'params' is useless for virDomainGetBlockIoTune API, and the return value type should be a virTypedParameterPtr but not integer. And "PyArg_ParseTuple" in functions libvirt_virDomain{Set,Get}BlockIoTune misses format unit for "format" argument. * libvirt-override-api.xml: Remove useless the parameter 'params' from virDomainGetBlockIoTune API, and change return value type from integer to virTypedParameterPtr. * python/libvirt-override.c: Add the missed format units. RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=770683Signed-off-by: NAlex Jia <ajia@redhat.com>
-
- 28 12月, 2011 3 次提交
-
-
由 Eric Blake 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=770520 We had two nested loops both trying to use 'i' as the iteration variable, which can result in an infinite loop when the inner loop interferes with the outer loop. Introduced in commit 93ab5859. * src/qemu/qemu_driver.c (qemuDomainSetBlkioParameters): Don't reuse iteration variable across two loops.
-
由 Lai Jiangshan 提交于
Trivial patch, move version command to host commands group. It has no any related with any domain. It may connect to the daemon, so the flag is 0 but not VSH_CMD_FLAG_NOCONNECT.
-
由 Eric Blake 提交于
Valgrind detected a pipe fd leak before the parent exits on success, introduced in commit 4296cea2; by itself, the leak is not bad, since we immediately called _exit(), but we might as well be clean to make valgrind analysis easier. Meanwhile, if the daemon grandchild detects an error, the parent failed to flush the error message before exiting. Also, we had the possibility of both parent and child returning to the caller, such that the user could see duplicated reports of failure from the two return paths. And we might as well be robust to the (unlikely) situation of being started with stdin closed. * daemon/libvirtd.c (daemonForkIntoBackground): Use exit if an error message was generated, avoid fd leaks for valgrind's sake, avoid returning to caller in both parent and child, and don't close a just-dup'd stdin. Based on a report by Alex Jia. * How to reproduce? % service libvirtd stop % valgrind -v --track-fds=yes /usr/sbin/libvirtd --daemon * Actual valgrind result: ==16804== FILE DESCRIPTORS: 7 open at exit. ==16804== Open file descriptor 7: ==16804== at 0x321FAD8B87: pipe (in /lib64/libc-2.12.so) ==16804== by 0x41F34D: daemonForkIntoBackground (libvirtd.c:186) ==16804== by 0x4207A0: main (libvirtd.c:1420) Signed-off-by: NAlex Jia <ajia@redhat.com> Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 26 12月, 2011 2 次提交
-
-
由 Satoru SATOH 提交于
Virsh's echo command looks not having any relations with domains and its description should go into the generic commands section instead of the domain commands section (current).
-
由 Satoru SATOH 提交于
Virsh's send-key command manipulates domains and its description should go into the domain commands section instead of generic commands section (current).
-
- 25 12月, 2011 1 次提交
-
-
由 Michal Privoznik 提交于
In order to avoid situation where a USB device is in use by two domains, we must keep a list of already attached devices like we do for PCI.
-
- 24 12月, 2011 1 次提交
-
-
由 Eric Blake 提交于
Commit e5a84d74 added a new attribute in the wrong location; commit c8b9fa74 fixed the missing / at the end but not the extra / in the middle. * docs/formatdomain.html.in (elementsDisks): Fix another typo.
-
- 23 12月, 2011 3 次提交
-
-
由 Eric Blake 提交于
* docs/formatdomain.html.in: Fix typos in examples.
-
由 Eric Blake 提交于
Commit 6fdbce12 attempted to sort the list of tests, but failed (without quotes, echo merges all the tests into a single line, so there was nothing to sort). * tests/schematestutils.sh: Fix thinko in previous patch.
-
由 Michal Privoznik 提交于
This patch adds max_files option to qemu.conf which can be used to override system default limit on number of opened files that are allowed for qemu user.
-
- 22 12月, 2011 6 次提交
-
-
由 Michal Privoznik 提交于
This patch alters saving code, so we can report progress and allow cancel via ^C.
-
由 Michal Privoznik 提交于
This patch alters saving code, so we can report progress and allow cancel via ^C.
-
由 Michal Privoznik 提交于
This patch alters dumping code, so we can report progress and allow cancel via ^C.
-
由 Michal Privoznik 提交于
called vshWatchJob. This can be later used in other job oriented commands like dump, save, managedsave to report progress and allow user to cancel via ^C.
-
由 Michal Privoznik 提交于
Latest patch a1a83c58 introduces new qemu capability flag QEMU_CAPS_FSDEV_READONLY. However, it was missing in qemuhelptest making test for qemu-1.0 fail.
-
由 Osier Yang 提交于
Upstream QEMU starts to support it from commit 2c74c2cb.
-
- 21 12月, 2011 6 次提交
-
-
由 Stefan Berger 提交于
Remove the requirement that DHCP messages have to be broadcasted. DHCP requests are most often sent via broadcast but can be directed towards a specific DHCP server. For example 'dhclient' takes '-s <server>' as a command line parameter thus allowing DHCP requests to be sent to a specific DHCP server.
-
由 Osier Yang 提交于
-
由 Eric Blake 提交于
Having a test that depends on file system timestamps and/or inode allocation order gives non-deterministic output. * tests/schematestutils.sh: Run test in deterministic order.
-
由 Michael Ellerman 提交于
Create a fake PPC64 QEMU so that we can run PPC64 QEMU tests when we don't have a real version of the emulator available. Signed-off-by: NMichael Ellerman <michael@ellerman.id.au>
-
由 Michael Ellerman 提交于
Add logic to assign addresses for devices with spapr-vio addresses. We also do validation of addresses specified by the user, ie. ensuring that there are not duplicate addresses on the bus. Signed-off-by: NMichael Ellerman <michael@ellerman.id.au>
-
由 Bharata B Rao 提交于
Original patch by Bharata. Updated to use {1,16} in spaprvioReg based on example from Eric Blake. Signed-off-by: NBharata B Rao <bharata@linux.vnet.ibm.com> Signed-off-by: NPrerna Saxena <prerna@linux.vnet.ibm.com> Signed-off-by: NMichael Ellerman <michael@ellerman.id.au>
-