- 07 2月, 2014 1 次提交
-
-
由 Matthieu Coudron 提交于
With this change the code gets shorter and more readable. Signed-off-by: NMatthieu Coudron <mattator@gmail.com>
-
- 06 2月, 2014 11 次提交
-
-
由 Michal Privoznik 提交于
With my recent work on the test, both time() and localtime() are used. While mocking the former one, we get predictable result for UTC. But since the latter function uses timezone to get local time, the result of localtime() is not so predictive. Therefore, we must set the TZ variable at the beginning of the test. To be able to catch some things that work just by a blind chance, I'm choosing a virtual timezone that (hopefully) no libvirt developer resides in.
-
由 Michal Privoznik 提交于
The qemuxml2argvtest is run on more platforms than linux. For instance FreeBSD. On these platforms we are, however, not mocking time() which results in current time being fetched from system and hence tests number 32 and 33 failing. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Ján Tomko 提交于
Rewrite the function to use an array instead of a struct, translating the field names to int via an enum.
-
由 Roman Bogorodskiy 提交于
Implementation obtains CPU usage information using kern.cp_time and kern.cp_times sysctl(8)s and reports CPU utilization.
-
由 Jiri Denemark 提交于
If virDomainMemoryStats was run on a domain with virtio balloon driver running on an old qemu which supports QMP but does not support qom-list QMP command, libvirtd would crash. The reason is we did not check if qemuMonitorJSONGetObjectListPaths failed and moreover we even stored its result in an unsigned integer type.
-
由 Peter Krempa 提交于
When attempting a blockcommit from the top layer, the base argument passed is NULL. This will be dereferenced when attempting a commit with an empty image chain. Output the real volume path instead: virsh blockcommit --verbose --path vda --domain DOMNAME --wait error: invalid argument: top '/path/somefile' in chain for 'vda' has no backing file instead of: error: invalid argument: top '(null)' in chain for 'vda' has no backing file
-
由 Peter Krempa 提交于
Eric Blake suggested to change this message to be different from the glibc's NULL deref protection message in printf to be able to differentiate errors.
-
由 Michal Privoznik 提交于
When trying to introduce a test for previous patch, I've noticed that the command line is constructed using current time. This won't work in our test suite (unless you guys wants to set a specific time prior to each test run :) ). Therefore we need to mock calls to time(2) to return the same value every time it's called. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1046192 Commit b8bf79aa, which adds clock='variable', forgets to check localtime basis in qemuBuildClockArgStr(). So that localtime basis could not be used. Reported-by: NJincheng Miao <jmiao@redhat.com> Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Ján Tomko 提交于
Commit 2ce63c16 added imagelabel generation when relabeling is turned off. But we weren't filling out the sensitivity for type 'none' labels, resulting in an invalid label: $ virsh managedsave domain error: unable to set security context 'system_u:object_r:svirt_image_t' on fd 28: Invalid argument
-
由 Eric Blake 提交于
Noticed a misuse of 'to' while testing my event regression under polkit ACLs, and decided to review the entire conf files for other legibility bugs. * daemon/libvirtd.conf: Use correct grammar. * src/qemu/qemu.conf: Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 05 2月, 2014 4 次提交
-
-
由 Eric Blake 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1058839 Commit f9f56340 for CVE-2014-0028 almost had the right idea - we need to check the ACL rules to filter which events to send. But it overlooked one thing: the event dispatch queue is running in the main loop thread, and therefore does not normally have a current virIdentityPtr. But filter checks can be based on current identity, so when libvirtd.conf contains access_drivers=["polkit"], we ended up rejecting access for EVERY event due to failure to look up the current identity, even if it should have been allowed. Furthermore, even for events that are triggered by API calls, it is important to remember that the point of events is that they can be copied across multiple connections, which may have separate identities and permissions. So even if events were dispatched from a context where we have an identity, we must change to the correct identity of the connection that will be receiving the event, rather than basing a decision on the context that triggered the event, when deciding whether to filter an event to a particular connection. If there were an easy way to get from virConnectPtr to the appropriate virIdentityPtr, then object_event.c could adjust the identity prior to checking whether to dispatch an event. But setting up that back-reference is a bit invasive. Instead, it is easier to delay the filtering check until lower down the stack, at the point where we have direct access to the RPC client object that owns an identity. As such, this patch ends up reverting a large portion of the framework of commit f9f56340. We also have to teach 'make check' to special-case the fact that the event registration filtering is done at the point of dispatch, rather than the point of registration. Note that even though we don't actually use virConnectDomainEventRegisterCheckACL (because the RegisterAny variant is sufficient), we still generate the function for the purposes of documenting that the filtering takes place. Also note that I did not entirely delete the notion of a filter from object_event.c; I still plan on using that for my upcoming patch series for qemu monitor events in libvirt-qemu.so. In other words, while this patch changes ACL filtering to live in remote.c and therefore we have no current client of the filtering in object_event.c, the notion of filtering in object_event.c is still useful down the road. * src/check-aclrules.pl: Exempt event registration from having to pass checkACL filter down call stack. * daemon/remote.c (remoteRelayDomainEventCheckACL) (remoteRelayNetworkEventCheckACL): New functions. (remoteRelay*Event*): Use new functions. * src/conf/domain_event.h (virDomainEventStateRegister) (virDomainEventStateRegisterID): Drop unused parameter. * src/conf/network_event.h (virNetworkEventStateRegisterID): Likewise. * src/conf/domain_event.c (virDomainEventFilter): Delete unused function. * src/conf/network_event.c (virNetworkEventFilter): Likewise. * src/libxl/libxl_driver.c: Adjust caller. * src/lxc/lxc_driver.c: Likewise. * src/network/bridge_driver.c: Likewise. * src/qemu/qemu_driver.c: Likewise. * src/remote/remote_driver.c: Likewise. * src/test/test_driver.c: Likewise. * src/uml/uml_driver.c: Likewise. * src/vbox/vbox_tmpl.c: Likewise. * src/xen/xen_driver.c: Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
On Fedora 20, with wireshark-devel installed, 'make rpm' failed due to installed but unpackaged files related to wireshark. As F20 is already released without wireshark, I chose to add a new sub-package that is enabled only for F21 and later. Furthermore, all existing wireshark plugins belong to the wireshark package, so I got to invent behavior of how the first third-party wireshark module will behave. * libvirt.spec.in (with_wireshark): Add new conditional. * configure.ac (ws-plugindir): Improve wording. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Laine Stump 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1057321 pointed out that we weren't honoring the <bandwidth> element in libvirt networks using <forward mode='bridge'/>. In fact, these networks are just a method of giving a libvirt network name to an existing Linux host bridge on the system, and libvirt doesn't have enough information to know where to set such limits. We are working on a method of supporting network bandwidths for some specific cases of <forward mode='bridge'/>, but currently libvirt doesn't support it. So the proper thing to do now is just log an error when someone tries to put a <bandwidth> element in that type of network. (It's unclear if we will be able to do proper bandwidth limiting for macvtap networks, and most definitely we will not be able to support it for hostdev networks). While looking through the network XML documentation and comparing it to the networkValidate function, I noticed that we also ignore the presence of a mac address in the config in the same cases, rather than failing so that the user will understand that their desired action has not been taken. This patch updates networkValidate() (which is called any time a persistent network is defined, or a transient network created) to log an error and fail if it finds either a <bandwidth> or <mac> element and the network forward mode is anything except 'route'. 'nat', or nothing. (Yes, neither of those elements is acceptable for any macvtap mode, nor for a hostdev network). NB: This does *not* cause failure to start any existing network that contains one of those elements, so someone might have erroneously defined such a network in the past, and that network will continue to function unmodified. I considered it too disruptive to suddenly break working configs on the next reboot after a libvirt upgrade.
-
由 Justin Clift 提交于
While at it, also relinquish active commit rights: [x years between commits] is probably a poster child example of inactivity :) Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 04 2月, 2014 10 次提交
-
-
由 John Ferlan 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1045124 When loading modules, libvirt does not honor the modprobe blacklist. Use the new virKModLoad() API in order to attempt load with blacklist check. Use the new virKModIsBlacklisted() API to check if the failure to load was due to the blacklist Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
-
由 John Ferlan 提交于
Adding tests for new virKMod{Config|Load|Unload}() API's. A test for virKModIsBlacklisted() would require some setup which cannot be assumed.
-
由 John Ferlan 提交于
virKModConfig() - Return a buffer containing kernel module configuration virKModLoad() - Load a specific module into the kernel configuration virKModUnload() - Unload a specific module from the kernel configuration virKModIsBlacklisted() - Determine whether a module is blacklisted within the kernel configuration
-
由 Laine Stump 提交于
commit f094aaac changed qemuPrepareHostdevPCIDevices() such that it may modify the "backend" (vfio vs. legacy kvm) setting in the virHostdevDef. However, qemuDomainAttachHostPciDevice() (used by hotplug) copies the backend setting into a local *before* calling qemuPrepareHostdevPCIDevices(), and then later makes a decision based on that pre-change value. The result is that, if the backend had been set to "default" (i.e. not specified in the config) and was later updated to "VFIO" by qemuPrepareHostdevPCIDevices(), the qemu process' MacMemLock is not increased (as is required for VFIO device assignment). This patch delays making the local copy of backend until after its potential modification.
-
由 Daniel P. Berrange 提交于
The project has historically operated as a meritocratic consensus based community. Formally document what has always been an unwritten assumption amongst the community participants. Also include an explicit code of conduct to preempt any potential, but unlikely, future problems. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Laine Stump 提交于
The previous patch fixed "forwardPlainNames" so that it really is doing only what is intended, but left the default to be "forwardPlainNames='no'". Discussion around the initial version of that patch led to the decision that the default should instead be "forwardPlainNames='yes'" (i.e. the original behavior before commit f3886825). This patch makes that change to the default.
-
由 Laine Stump 提交于
In commit f3868259 we began adding the options --domain-needed --local=/$mydomain/ to all dnsmasq commandlines with the stated reason of preventing forwarding of DNS queries for names that weren't fully qualified domain names ("FQDN", i.e. a name that included some "."s and a domain name). This was later changed to domain-needed local=/$mydomain/ when we moved the options from the dnsmasq commandline to a conf file. The original patch on the list, and discussion about it, is here: https://www.redhat.com/archives/libvir-list/2012-August/msg01594.html When a domain name isn't specified (mydomain == ""), the addition of "domain-needed local=//" will prevent forwarding of domain-less requests to the virtualization host's DNS resolver, but if a domain *is* specified, the addition of "local=/domain/" will prevent forwarding of any requests for *qualified* names within that domain that aren't resolvable by libvirt's dnsmasq itself. An example of the problems this causes - let's say a network is defined with: <domain name='example.com'/> <dhcp> .. <host mac='52:54:00:11:22:33' ip='1.2.3.4' name='myguest'/> </dhcp> This results in "local=/example.com/" being added to the dnsmasq options. If a guest requests "myguest" or "myguest.example.com", that will be resolved by dnsmasq. If the guest asks for "www.example.com", dnsmasq will not know the answer, but instead of forwarding it to the host, it will return NOT FOUND to the guest. In most cases that isn't the behavior an admin is looking for. A later patch (commit 4f595ba6) attempted to remedy this by adding a "forwardPlainNames" attribute to the <dns> element. The idea was that if forwardPlainNames='yes' (default is 'no'), we would allow unresolved names to be forwarded. However, that patch was botched, in that it only removed the "domain-needed" option when forwardPlainNames='yes', and left the "local=/mydomain/". Really we should have been just including the option "--domain-needed --local=//" (note the lack of domain name) regardless of the configured domain of the network, so that requests for names without a domain would be treated as "local to dnsmasq" and not forwarded, but all others (including those in the network's configured domain) would be forwarded. We also shouldn't include *either* of those options if forwardPlainNames='yes'. This patch makes those corrections. This patch doesn't remedy the fact that default behavior was changed by the addition of this feature. That will be handled in a subsequent patch.
-
由 Martin Kletzander 提交于
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Ján Tomko 提交于
Mark the shm-merge-across-nodes parameter of node-memory-tune command as optional in the virsh man page.
-
由 Michal Privoznik 提交于
I've received a notice over IRC that on some systems, the virnetdevbandwidthtest is not linked with libxml: /usr/bin/ld: virnetdevbandwidthtest.o: undefined reference to symbol 'xmlStrEqual@@LIBXML2_2.4.30' /usr/lib/x86_64-linux-gnu/libxml2.so.2: error adding symbols: DSO missing from command line Trivial way avoiding this is to add LIBXML_LIBS to virnetdevbandwidthtest_LDADD.
-
- 03 2月, 2014 1 次提交
-
-
由 Martin Kletzander 提交于
We support only one spicevmc channel name anyway and the code is prepared to use the default one, there's only one check missing. It is also mentioned in the documentation already and helps defining domains with spice vdagent for people using virsh. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
- 01 2月, 2014 1 次提交
-
-
由 John Ferlan 提交于
Coverity complains about default: label in libxl_driver.c not be able to be reached. It's by design for the code and since it's not necessary in the code nor does it elicit any compiler/make check warnings - just remove it rather than adding a coverity[dead_error_begin] tag. While I'm at it, lxc_driver.c and nodeinfo.c have the same design, so I removed the default labels and the existing coverity tags.
-
- 31 1月, 2014 7 次提交
-
-
由 Michal Privoznik 提交于
And while doing this, fix one error raised by coverity. With current code, @actual_cmd is allowed to be NULL for the whole run of testVirNetDevBandwidthSet. However, if something else was expected, the @actal_cmd is passed to virtTestDifference which dereference it immediately. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Cédric Bosdonnat 提交于
On openSuse, (and possibly other distros), tc isn't located in /sbin/tc. To get rid of that problem, use TC constant instead of hard coded /sbin/tc in the expected string
-
由 Daniel P. Berrange 提交于
The NWFilter code has as a deadlock race condition between the virNWFilter{Define,Undefine} APIs and starting of guest VMs due to mis-matched lock ordering. In the virNWFilter{Define,Undefine} codepaths the lock ordering is 1. nwfilter driver lock 2. virt driver lock 3. nwfilter update lock 4. domain object lock In the VM guest startup paths the lock ordering is 1. virt driver lock 2. domain object lock 3. nwfilter update lock As can be seen the domain object and nwfilter update locks are not acquired in a consistent order. The fix used is to push the nwfilter update lock upto the top level resulting in a lock ordering for virNWFilter{Define,Undefine} of 1. nwfilter driver lock 2. nwfilter update lock 3. virt driver lock 4. domain object lock and VM start using 1. nwfilter update lock 2. virt driver lock 3. domain object lock This has the effect of serializing VM startup once again, even if no nwfilters are applied to the guest. There is also the possibility of deadlock due to a call graph loop via virNWFilterInstantiate and virNWFilterInstantiateFilterLate. These two problems mean the lock must be turned into a read/write lock instead of a plain mutex at the same time. The lock is used to serialize changes to the "driver->nwfilters" hash, so the write lock only needs to be held by the define/undefine methods. All other methods can rely on a read lock which allows good concurrency. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
There are a number of pthreads impls available on Win32 these days, in particular the mingw64 project has a good impl. Delete the native windows thread implementation and rely on using pthreads everywhere. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
On Fedora 19 and older the pthreads impl provided with mingw does not have any pthread_sigmask impl at all. The configure.ac check was not distinguishing this scenario from that of a broken pthread_sigmask impl, so was mistakenly enabling the libvirt workaround even when it was not needed. This in turn conflicted with the gnulib provided pthread_sigmask impl. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Add virRWLock backed up by a POSIX rwlock primitive Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The check-augeas-lockd test depends on the file locking/qemu-lockd.conf, so must be skipped when QEMU is disabled. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 30 1月, 2014 5 次提交
-
-
由 Osier Yang 提交于
Add tests/virscsidata/sg0 and tests/virscsidata/sg8 as the test input for constructing scsi->sg_path. And change the scsi generic number of "1:0:0:0", because it's easy to hide the problem (assuming most machines have a CDROM drive). Signed-off-by: NOsier Yang <jyang@redhat.com>
-
由 Osier Yang 提交于
Commit 10c9ceff intended to introduce new argument for the testing purpose, but it missed the similar changing of the device's sg_path. The problem was hidden since my laptop has the /dev/sg0 and /dev/sg1. A later patch will modify the tests accordingly. Signed-off-by: NOsier Yang <jyang@redhat.com> Reported-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Pavel Hrdina 提交于
It breaks the build on RHEL-5.10 and because it's only optional we could remove it from the code. The default namespace will be used. This hunk was introduced by commit 237a088b. Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Osier Yang 提交于
This fixes the wrong argument order.
-
由 Osier Yang 提交于
This creates the basic unit tests for the scsi utils. Signed-off-by: NOsier Yang <jyang@redhat.com>
-