- 27 2月, 2020 4 次提交
-
-
由 Peter Krempa 提交于
We document steps how to fix images if they are rejected for missing the 'backing file format' field. Document also how to securely probe the image format if it's unknown. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Pavel Hrdina 提交于
The default memlock limit is 64k which is not enough to start a single VM. The requirements for one VM are 12k, 8k for eBPF map and 4k for eBPF program, however, it fails to create eBPF map and program with 64k limit. By testing I figured out that the minimal limit is 80k to start a single VM with functional eBPF and if I add 12k I can start another one. This leads into following calculation: 80k as memlock limit worked to start a VM with eBPF which means there is 68k of lock memory that I was not able to figure out what was using it. So to get a number for 4096 VMs: 68 + 12 * 4096 = 49220 If we round it up we will get 64M of memory lock limit to support 4096 VMs with default map size which can hold 64 entries for devices. This should be good enough as a sane default and users can change it if the need to. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1807090Signed-off-by: NPavel Hrdina <phrdina@redhat.com> Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Laine Stump 提交于
Signed-off-by: NLaine Stump <laine@redhat.com> Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Daniel P. Berrangé 提交于
We now support setting bandwidth on networks with type bridge. Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
- 26 2月, 2020 12 次提交
-
-
由 Jiri Denemark 提交于
Whenever there is a guest CPU configured in domain XML, we will call some CPU driver APIs to validate the CPU definition and check its compatibility with the hypervisor. Thus domains with guest CPU specification can only be started if the guest architecture is supported by the CPU driver. But we would add a default CPU to any domain as long as QEMU reports it causing failures to start any domain on affected architectures. https://bugzilla.redhat.com/show_bug.cgi?id=1805755Signed-off-by: NJiri Denemark <jdenemar@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Peter Krempa 提交于
Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Peter Krempa 提交于
Allow format probing to work around lazy clients which did not specify their format in the overlay. Format probing will be allowed only, if we are able to probe the image, the probing result was successful and the probed image does not have any backing or data file. This relaxes the restrictions which were imposed in commit 3615e8b3 in cases when we know that the image probing will not result in security issues or data corruption. We perform the image format detection and in the case that we were able to probe the format and the format does not specify a backing store (or doesn't support backing store) we can use this format. With pre-blockdev configurations this will restore the previous behaviour for the images mentioned above as qemu would probe the format anyways. It also improves error reporting compared to the old state as we now report that the backing chain will be broken in case when there is a backing file. In blockdev configurations this ensures that libvirt will not cause data corruption by ending the chain prematurely without notifying the user, but still allows the old semantics when the users forgot to specify the format. Users thus don't have to re-invent when image format detection is safe to do. The price for this is that libvirt will need to keep the image format detector still current and working or replace it by invocation of qemu-img. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Peter Krempa 提交于
While our code can detect ISO as a separate format, qemu does not use it as such and just passes it through as raw. Add conversion for detected parts of the backing chain so that the validation code does not reject it right away. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Ján Tomko 提交于
Now that this file no longer transitively includes domain_conf.h, it can be included here. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Ján Tomko 提交于
All the _conf includes are only needed in the C file. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Ján Tomko 提交于
This function only uses the domain definition. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Ján Tomko 提交于
Make the header easier to read and let the compiler inline what it wants. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Ján Tomko 提交于
Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NPavel Mores <pmores@redhat.com> Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Ján Tomko 提交于
This is pulled in via domain_conf.h somehow, but it is directly used. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Ján Tomko 提交于
This file uses the virNetDevBandwidth*Floor helpers without including the correct include, relying on virnetworkportdef.h to include it. Signed-off-by: NJán Tomko <jtomko@redhat.com> Fixes: 17f430ebReviewed-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Ján Tomko 提交于
The ParseNode function takes arguments with types from libxml. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 25 2月, 2020 24 次提交
-
-
由 Daniel P. Berrangé 提交于
The network port XML files were not including any usage of vlan tags or port options, and one of the files was not even processed. Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Julio Faracco 提交于
There are a lots of strings being handled inside some LXC functions. They can be moved to g_autofree to avoid declaring a return value to get proper code cleanups. This commit is changing functions from lxc_{controller,cgroup,fuse} only. Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com> Signed-off-by: NJulio Faracco <jcfaracco@gmail.com>
-
由 Ján Tomko 提交于
Ever since commit c5a00350 the libxl parser invokes the emulator to probe which device model to use. Commit b90c4b5f introduced a workaround that used a stable path which was very likely to result in the answer matching the default. However the test is still affected by the host state and the binary gets invoked if present. Mock the libxlDomainGetEmulatorType function to stop wasting CPU cycles every time a 'make check' is run on a system with xen installed. For example xlconfigtest gets faster by 90 % Signed-off-by: NJán Tomko <jtomko@redhat.com> Fixes: b90c4b5fReviewed-by: NJim Fehlig <jfehlig@suse.com>
-
由 Ján Tomko 提交于
This lets us mock functions from the libxl driver. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NJim Fehlig <jfehlig@suse.com>
-
由 Ján Tomko 提交于
Point the logDir to abs_builddir instead. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NJim Fehlig <jfehlig@suse.com>
-
由 Ján Tomko 提交于
Take the parts affected by the host state out of DriverConfigNew and put them into a separate function. Adjust all the callers to call both functions. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NJim Fehlig <jfehlig@suse.com>
-
由 Ján Tomko 提交于
Use g_autofree to free the driver config file path. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NJim Fehlig <jfehlig@suse.com>
-
由 Ján Tomko 提交于
These hardcoded defaults do not need to be read from the file. Move them out of libxlDriverConfigLoadFile. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NJim Fehlig <jfehlig@suse.com>
-
由 Ján Tomko 提交于
libxlDriverConfigNew can possibly fail on wrong firmware values (unlikely) or on failure to create the log directory (possible if you're debugging tests with VIR_FILE_ACCESS) Signed-off-by: NJán Tomko <jtomko@redhat.com> Fixes: 4a4132b4Reviewed-by: NJim Fehlig <jfehlig@suse.com>
-
由 Michal Privoznik 提交于
The way that our file locking works is that we open() the file we want to lock and then use fcntl(fd, F_SETLKW, ...) to lock it. The problem is, we are doing all of these as root which doesn't work if the file lives on root squashed NFS, because if it does then the open() fails. The way to resolve this is to make this a non fatal error and leave callers deal with this (i.e. disable remembering) - implemented in the previous commit. https://bugzilla.redhat.com/show_bug.cgi?id=1804672Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Michal Privoznik 提交于
There are some cases where we want to remember the original owner of a file but we fail to lock it for XATTR change (e.g. root squashed NFS). If that is the case we error out and refuse to start a domain. Well, we can do better if we disable remembering for paths we haven't locked successfully. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Michal Privoznik 提交于
So far, in the lock state we are storing only the file descriptors of the files we've locked. Therefore, when unlocking them and something does wrong the only thing we can report is FD number, which is not user friendly at all. But if we store paths among with FDs we can do better error reporting. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Daniel P. Berrangé 提交于
The virutil.h header defines a geteuid() macro for Windows platforms. This fixes a few missed cases from: commit b11e8ccc Author: Ján Tomko <jtomko@redhat.com> Date: Sun Feb 16 23:09:15 2020 +0100 Remove virutil.h from all header files Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
The autoreconf script will already run aclocal for us, so there's no need to do that ahead of time. Reviewed-by: NJán Tomko <jtomko@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Ján Tomko 提交于
Signed-off-by: NJán Tomko <jtomko@redhat.com> Fixes: b11e8ccc
-
由 Jim Fehlig 提交于
Commit fb01e1a4 missed including virutil.h, causing the following compilation error ../../src/security/virt-aa-helper.c:1055:43: error: implicit declaration of function 'virHostGetDRMRenderNode' [-Werror=implicit-function-declaration] 1055 | char *defaultRenderNode = virHostGetDRMRenderNode(); Signed-off-by: NJim Fehlig <jfehlig@suse.com>
-
由 Ján Tomko 提交于
After the split of enum functions into virenum.h, this function does not contain anything worth including in another header file. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
-
由 Ján Tomko 提交于
Include virutil.h in all files that use it, instead of relying on it being pulled in somehow. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
-
由 Ján Tomko 提交于
Include unistd.h in all files that use it, instead of relying on it being pulled in via virutil.h Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
-
由 Ján Tomko 提交于
After the introduction of virenum.h in commit 285c5f28, it is only needed in the C file. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
-
由 Ján Tomko 提交于
Include both virutil.h and unistd.h. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
-
由 Ján Tomko 提交于
There is nothing in the vircgroup.h header file requiring virutil.h. Remove it and include unistd.h in the C files. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
-
由 Ján Tomko 提交于
These tests do not use anything from virutil.h apart from the transitive include. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
-
由 Ján Tomko 提交于
Historically, this file was a dump for most of our helper functions and needed almost everywhere. With the introduction of virfile.h and virstring.h, and more importantly, virenum.h and the introduction of GLib, that is no longer true. Remove its include from C files that don't even use it. Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
-