1. 01 1月, 2011 1 次提交
    • L
      Utility functions to produce an IPv4 broadcast address · 86387878
      Laine Stump 提交于
      These functions work only for IPv4, becasue IPv6 doesn't have the same
      concept of "broadcast address" as IPv4. They merely OR the inverse of
      the netmask with the given host address, thus turning on all the host
      bits.
      86387878
  2. 30 12月, 2010 1 次提交
  3. 28 12月, 2010 3 次提交
    • M
      vbox: Add support for VirtualBox 4.0 · 8d2e24d6
      Matthias Bolte 提交于
      Add vboxArrayGetWithUintArg to handle new signature variations. Also
      refactor vboxArrayGet* implementation to use a common helper function.
      
      Deal with the incompatible changes in the VirtualBox 4.0 API. This
      includes major changes in virtual machine and storage medium lookup,
      in RDP server property handling, in session/lock handling and other
      minor areas.
      
      VirtualBox 4.0 also dropped the old event API and replaced it with a
      completely new one. This is not fixed yet and will be addressed in
      another patch. Therefore, currently the domain events are supported
      for VirtualBox 3.x only.
      
      Based on initial work from Jean-Baptiste Rouault.
      8d2e24d6
    • M
      Fix misuse of VIR_ERR_INVALID_DOMAIN · c4ce8333
      Matthias Bolte 提交于
      VIR_ERR_INVALID_DOMAIN is meant for invalid domain pointers.
      VIR_ERR_NO_DOMAIN is meant for non-existing domains.
      c4ce8333
    • M
      vbox: Handle different IID representation in Version 2.2 on Windows · 30a13736
      Matthias Bolte 提交于
      On Windows IID's are represented as GUID by value, instead of nsID
      by reference on non-Windows platforms.
      
      Patch the vbox_CAPI_v2_2.h header to deal with this difference.
      
      Rewrite vboxIID abstraction that deals with the different IID
      representations. Add support for the GUID representation. Also unify
      the four context dependent free functions for vboxIIDs
      
        vboxIIDUnalloc, vboxIIDFree, vboxIIDUtf8Free, vboxIIDUtf16Free
      
      into vboxIIDUnalloc that is now safe to be called (even multiple
      times) on a vboxIID independent of the source and context of the
      vboxIID.
      
      The new vboxIID is designed to be used as a stack allocated variable.
      It has a value member that represents the actual IID value.
      30a13736
  4. 24 12月, 2010 17 次提交
    • E
      qemu: add -incoming fd:n capability checking · abff0290
      Eric Blake 提交于
      * src/qemu/qemu_capabilities.h (QEMUD_CMD_FLAG_MIGRATE_QEMU_FD):
      New enum value.
      * src/qemu/qemu_capabilities.c (qemuCapsComputeCmdFlags): Populate
      flags according to qemu version.
      * tests/qemuhelptest.c (mymain): Adjust test.
      abff0290
    • J
      bridge: Fix uninitialized variable · 0ecac8aa
      Jiri Denemark 提交于
      0ecac8aa
    • L
      Replace setuid/setgid/initgroups with virSetUIDGID() · f42cf7cb
      Laine Stump 提交于
      This patch fixes https://bugzilla.redhat.com/show_bug.cgi?id=664406
      
      If qemu is run as a different uid, it has been unable to access mode
      0660 files that are owned by a different user, but with a group that
      the qemu is a member of (aside from the one group listed in the passwd
      file), because initgroups() is not being called prior to the
      exec. initgroups will change the group membership of the process (and
      its children) to match the new uid.
      
      To make this happen, the setregid()/setreuid() code in
      qemuSecurityDACSetProcessLabel has been replaced with a call to
      virSetUIDGID(), which does both of those, plus calls initgroups.
      
      Similar, but not identical, code in qemudOpenAsUID() has been replaced
      with virSetUIDGID(). This not only consolidates the functionality to a
      single location, but also potentially fixes some as-yet unreported
      bugs.
      f42cf7cb
    • L
      new virSetUIDGID() utility function · d596c6dc
      Laine Stump 提交于
      virSetUIDGID() sets both the real and effective group and user of the
      process, and additionally calls initgroups() to assure that the
      process joins all the auxiliary groups that the given uid is a member
      of.
      d596c6dc
    • L
      Preserve errno across calls to error reporting functions & VIR_FREE · 17e19add
      Laine Stump 提交于
      There are cases when we want log an error message, and possibly free
      some memory as part of the cleanup, while still preserving errno for a
      caller, but the functions that log errors, and virFree (VIR_FREE) make
      system calls that will clear errno. This patch preserves errno during
      those most basic functions (corresponding to virReportSystemError(),
      virReportOOMError(), networkReportError(), etc, as well as
      virStrError()). It does *not preserve errno across calls to higher
      level items such as virDispatchError(), as it's assumed the caller is
      all finished with any need for errno by the time it dispatches the
      error.
      17e19add
    • L
      Run radvd for virtual networks with IPv6 addresses · 8090a568
      Laine Stump 提交于
      Running an instance of the router advertisement daemon (radvd) allows
      guests using the virtual network to automatically acquire an IPv6
      address and default route. Note that acquiring an address only works
      for networks with a prefix length of exactly 64 - radvd is still run
      in other circumstances, and still advertises routes, but autoconf will
      not work because it requires exactly 64 bits of address info from the
      network prefix.
      
      This patch avoids a race condition with the pidfile by manually
      daemonizing radvd rather than allowing it to daemonize itself, then
      creating our own pidfile (in addition to radvd's own file, which is
      unnecessary, but there is no way to tell radvd to not create it). This
      is accomplished by exec'ing it with "--debug 1" in the commandline,
      and using virCommand's features to fork, create a pidfile, and detach
      from the newly forked process.
      8090a568
    • L
      Turn on IPv6 support in the bridge_driver.c virtual network driver · 6ccce752
      Laine Stump 提交于
      At this point everything is already in place to make IPv6 happen, we just
      need to add a few rules, remove some checks for IPv4-only, and document
      the changes to the XML on the website.
      6ccce752
    • L
      Update iptables.c to also support ip6tables. · 537e65e7
      Laine Stump 提交于
      All of the iptables functions eventually call down to a single
      bottom-level function, and fortunately, ip6tables syntax (for all the
      args that we use) is identical to iptables format (except the
      addresses), so all we need to do is:
      
      1) Get an address family down to the lowest level function in each
         case, either implied through an address, or explicitly when no
         address is in the parameter list, and
      
      2) At the lowest level, just decide whether to call "iptables" or
         "ip6tables" based on the family.
      
      The location of the ip6tables binary is determined at build time by
      autoconf. If a particular target system happens to not have ip6tables
      installed, any attempts to run it will generate an error, but that
      won't happen unless someone tries to define an IPv6 address for a
      network. This is identical behavior to IPv4 addresses and iptables.
      537e65e7
    • L
      Support multiple IP addresses on one network in bridge_driver.c · ad48dfa1
      Laine Stump 提交于
      This patch reorganizes the code in bridge_driver.c to account for the
      concept of a single network with multiple IP addresses, without adding
      in the extra variable of IPv6. A small bit of code has been
      temporarily added that checks all given addresses to verify they are
      IPv4 - this will be removed when full IPv6 support is turned on.
      ad48dfa1
    • L
      Change virtual network XML parsing/formatting to support IPv6 · a950dd2a
      Laine Stump 提交于
      This commit adds support for IPv6 parsing and formatting to the
      virtual network XML parser, including moving around data definitions
      to allow for multiple <ip> elements on a single network, but only
      changes the consumers of this API to accommodate for the changes in
      API/structure, not to add any actual IPv6 functionality. That will
      come in a later patch - this patch attempts to maintain the same final
      functionality in both drivers that use the network XML parser - vbox
      and "bridge" (the Linux bridge-based driver used by the qemu
      hypervisor driver).
      
      * src/libvirt_private.syms: Add new private API functions.
      * src/conf/network_conf.[ch]: Change C data structure and
        parsing/formatting.
      * src/network/bridge_driver.c: Update to use new parser/formatter.
      * src/vbox/vbox_tmpl.c: update to use new parser/formatter
      * docs/schemas/network.rng: changes to the schema -
        * there can now be more than one <ip> element.
        * ip address is now an ip-addr (ipv4 or ipv6) rather than ipv4-addr
        * new optional "prefix" attribute that can be used in place of "netmask"
        * new optional "family" attribute - "ipv4" or "ipv6"
          (will default to ipv4)
        * define data types for the above
      * tests/networkxml2xml(in|out)/nat-network.xml: add multiple <ip> elements
        (including IPv6) to a single network definition to verify they are being
        correctly parsed and formatted.
      a950dd2a
    • L
      Replace brSetInetAddress/brSetInetNetmask with brAddInetAddress · 20718b8b
      Laine Stump 提交于
      brSetInetAddress can only set a single IP address on the bridge, and
      uses a method (ioctl(SIOCSETIFADDR)) that only works for IPv4. Replace
      it and brSetInetNetmask with a single function that uses the external
      "ip addr add" command to add an address/prefix to the interface - this
      supports IPv6, and allows adding multiple addresses to the interface.
      
      Although it isn't currently used in the code, we also add a
      brDelInetAddress for completeness' sake.
      
      Also, while we're modifying bridge.c, we change brSetForwardDelay and
      brSetEnableSTP to use the new virCommand API rather than the
      deprecated virRun, and also log an error message in bridge_driver.c if
      either of those fail (previously the failure would be completely
      silent).
      20718b8b
    • L
      Make virtual network netmasks optional · 4713f074
      Laine Stump 提交于
      When a netmask isn't specified for an IPv4 address, one can be implied
      based on what network class range the address is in. The
      virNetworkDefPrefix function does this for us, so netmask isn't
      required.
      4713f074
    • L
      Pass prefix rather than netmask into iptables functions · b23d417c
      Laine Stump 提交于
      IPv6 will use prefix exclusively, and IPv4 will also optionally be
      able to use it, and the iptables functions really need a prefix
      anyway, so use the new virNetworkDefPrefix() function to send prefixes
      into iptables functions instead of netmasks.
      
      Also, in a couple places where a netmask is actually needed, use the
      new private API function for it rather than getting it directly. This
      will allow for cases where no netmask or prefix is specified (it
      returns the default for the current class of network.)
      b23d417c
    • L
      Consistently return 0 on success, -1 on failure in bridge_driver.c · 6e3e6db1
      Laine Stump 提交于
      Some functions in this file were returning 1 on success and 0 on
      failure, and others were returning 0 on success and -1 on
      failure. Switch them all to return the libvirt-preferred 0/-1.
      6e3e6db1
    • L
      Fix logging of failed iptables commands · cf731189
      Laine Stump 提交于
      The functions in iptables.c all return -1 on failure, but all their
      callers (which all happen to be in bridge_driver.c) assume that they
      are returning an errno, and the logging is done accordingly. This
      patch fixes all the error checking and logging to assume < 0 is an
      error, and nothing else.
      cf731189
    • L
      New virNetworkDef utility functions · 8322863f
      Laine Stump 提交于
      Later patches will add the possibility to define a network's netmask
      as a prefix (0-32, or 0-128 in the case of IPv6). To make it easier to
      deal with definition of both kinds (prefix or netmask), add two new
      functions:
      
      virNetworkDefNetmask: return a copy of the netmask into a
      virSocketAddr. If no netmask was specified in the XML, create a
      default netmask based on the network class of the virNetworkDef's IP
      address.
      
      virNetworkDefPrefix: return the netmask as numeric prefix (or the
      default prefix for the network class of the virNetworkDef's IP
      address, if no netmask was specified in the XML)
      8322863f
    • L
      New virSocketAddr utility functions · 1ab80f32
      Laine Stump 提交于
      virSocketPrefixToNetmask: Given a 'prefix', which is the number of 1
      bits in a netmask, fill in a virSocketAddr object with a netmask as an
      IP address (IPv6 or IPv4).
      
      virSocketAddrMask: Mask off the host bits in one virSocketAddr
      according to the netmask in another virSocketAddr.
      
      virSocketAddrMaskByPrefix, Mask off the host bits in a virSocketAddr
      according to a prefix (number of 1 bits in netmask).
      
      VIR_SOCKET_FAMILY: return the family of a virSocketAddr
      1ab80f32
  5. 23 12月, 2010 6 次提交
    • M
      qemu: Reparent children when deleting a snapshot · 2412babe
      Matthias Bolte 提交于
      Shorten qemuDomainSnapshotWriteSnapshotMetadata function name
      and make it take a snapshot pointer instead of dealing with
      the current snapshot. Update other functions accordingly.
      
      Add a qemuDomainSnapshotReparentChildren hash iterator to
      reparent the children of a snapshot that is being deleted. Use
      qemuDomainSnapshotWriteMetadata to write updated metadata
      to disk.
      
      This fixes a problem where outdated parent information breaks
      the snapshot tree and hinders the deletion of child snapshots.
      
      Reported by Philipp Hahn.
      2412babe
    • J
      Set bitmap size when allocating a bitmap · c58b1056
      Jim Fehlig 提交于
      I began noticing a race when reserving VNC ports as described here
      
      https://www.redhat.com/archives/libvir-list/2010-November/msg00379.html
      
      Turns out that we were not initializing the size field of bitmap
      struct when allocating the bitmap.  This subsequently caused
      virBitmapSetBit() to fail since bitmap->size is 0, hence we never
      actually reserved the port.
      c58b1056
    • M
      esx: Add support for storage volume wiping · 37f869da
      Matthias Bolte 提交于
      37f869da
    • M
      esx: Add support for storage volume deletion · f770c7b8
      Matthias Bolte 提交于
      f770c7b8
    • J
      qemu: Return SPICE ports on domain shutdown · e6cf98ce
      Jiri Denemark 提交于
      Commit ed0d9f6c added support for
      automatic port allocation for SPICE but forgot to mark such ports as
      unused when they are not used anymore.
      e6cf98ce
    • E
      virterror: avoid API breakage with vmware · 2deb32ae
      Eric Blake 提交于
      Fix glitch in commit cddd2a06 (thankfully post-0.8.6, so no
      released version has the glitch).
      
      Document and try to workaround glitch in commit 46e9b0fb (in 0.8.0),
      which invalidated 6 virErrorNumber values dating as far back as 0.7.1.
      
      My audit did not find any other glitches until pre-0.1.0 days.  I'm
      not sure how to add a syntax-check off the top of my head, but
      hopefully the explicit numbering will make people think twice about
      renumbering in the future.
      
      * include/libvirt/virterror.h (virErrorDomain): Avoid inserting
      new values in the middle, and add explicit numbering to help avoid
      this in the future.
      (virErrorNumber): Add explicit numbering, and document the snafu.
      * src/remote/remote_driver.c (remoteIO): Compensate for the snafu.
      2deb32ae
  6. 22 12月, 2010 6 次提交
    • M
      Distribute libvirt_vmx.syms · a5b36323
      Matthias Bolte 提交于
      This fixes the build from a tarball and makes autobuild.sh
      work again.
      
      This should actually have been part of this earlier commit:
      
        esx: Move VMX handling code out of the driver directory
        42b2f35d
      
      Reported by Eric Blake.
      a5b36323
    • M
      vmware: Fix undefine symbol with loadable drivers enabled · e2c13e03
      Matthias Bolte 提交于
      All other drivers are explicitly linked to gnulib. The VMware
      driver lacked this, resulting in mdir_name being an undefine
      symbol.
      
      Explicitly link the VMware driver to gnulib to fix this.
      e2c13e03
    • M
      esx: Move VMX handling code out of the driver directory · 42b2f35d
      Matthias Bolte 提交于
      Now the VMware driver doesn't depend on the ESX driver anymore.
      
      Add a WITH_VMX option that depends on WITH_ESX and WITH_VMWARE.
      Also add a libvirt_vmx.syms file.
      
      Move some escaping functions from esx_util.c to vmx.c.
      
      Adapt the test suite, ESX and VMware driver to the new code layout.
      42b2f35d
    • M
      esx: Fix cluster resource lookup when connecting to a vCenter · 8cd4ca45
      Matthias Bolte 提交于
      Connecting to a ESX(i) server that is part of a cluster failed
      when the connection also involved a vCenter.
      
      Accept ClusterComputeResource type in addition to ComputeResource
      type in the object lookup function.
      
      Reported by Guillaume Le Louët.
      8cd4ca45
    • E
      maint: avoid space-tab · 831aaf4a
      Eric Blake 提交于
      * daemon/Makefile.am: Avoid spurious space before tabs.
      * src/Makefile.am: Likewise.
      * examples/dominfo/Makefile.am: Likewise.
      * examples/domsuspend/Makefile.am: Likewise.
      * tools/Makefile.am: Likewise.
      * src/datatypes.h (VIR_CONNECT_MAGIC): Likewise.
      * src/internal.h (TODO): Likewise.
      * src/qemu/qemu_monitor.h (QEMU_MONITOR_MIGRATE): Likewise.
      * src/xen/xen_hypervisor.c (XEN_V2_OP_GETAVAILHEAP): Likewise.
      * src/xen/xs_internal.h: Likewise.
      831aaf4a
    • E
      command: avoid hanging on daemon processes · c7f28dec
      Eric Blake 提交于
      * src/util/command.c (virCommandRun): Don't capture output on
      daemons.
      * tests/commandtest.c (test18): Expose the bug.
      Reported by Laine Stump.
      c7f28dec
  7. 21 12月, 2010 6 次提交
    • O
      storage: Ignore dangling symbolic link for filesystem pool · 76965b80
      Osier Yang 提交于
      If there is a dangling symbolic link in filesystem pool, the pool
      will fail to start or refresh, this patch is to fix it by ignoring
      it with a warning log.
      76965b80
    • J
      Skip file-based security checks for network disks · ee3efc41
      Josh Durgin 提交于
      Network disks are accessed by qemu directly, and have no
      associated file on the host, so checking for file ownership etc.
      is unnecessary.
      Signed-off-by: NJosh Durgin <joshd@hq.newdream.net>
      ee3efc41
    • E
      build: make building on cygwin easier · da24a892
      Eric Blake 提交于
      * configure.ac (dlopen): Cygwin dlopen is in libc; avoid spurious
      failure.
      (XDR_CFLAGS): Define when needed.
      * src/Makefile.am (libvirt_driver_remote_la_CFLAGS): Use it.
      da24a892
    • E
      qemu: use virAsprintf instead of PATH_MAX · 450e8405
      Eric Blake 提交于
      * src/qemu/qemu_driver.c (qemudLogFD, qemudLogReadFD)
      (qemudStartup, qemudGetProcessInfo): Use heap instead of stack.
      450e8405
    • E
      tests: avoid spurious failure of nodeinfotest · bb11c553
      Eric Blake 提交于
      When running 'make check' under a multi-cpu Dom0 xen machine,
      nodeinfotest had a spurious failure it was reading from
      /sys/devices/system/cpu, but xen has no notion of topology.  The test
      was intended to be isolated from reading any real system files; the
      regression was introduced in Mar 2010 with commit aa2f6f96.
      
      Fix things by allowing an early exit for the testsuite.
      
      * src/nodeinfo.c (linuxNodeInfoCPUPopulate): Add parameter.
      (nodeGetInfo): Adjust caller.
      * tests/nodeinfotest.c (linuxTestCompareFiles): Likewise.
      bb11c553
    • E
      build: allow older libselinux again · 8e2b26db
      Eric Blake 提交于
      * configure.ac (with_selinux): Check for <selinux/label.h>.
      * src/security/security_selinux.c (getContext): New function.
      (SELinuxRestoreSecurityFileLabel): Use it to restore compilation
      when using older libselinux.
      8e2b26db