- 11 1月, 2012 4 次提交
-
-
由 Daniel P. Berrange 提交于
When sVirt is integrated with the LXC driver, it will be neccessary to invoke the security driver APIs using only a virDomainDefPtr since the lxc_container.c code has no virDomainObjPtr available. Aside from two functions which want obj->pid, every bit of the security driver code only touches obj->def. So we don't need to pass a virDomainObjPtr into the security drivers, a virDomainDefPtr is sufficient. Two functions also gain a 'pid_t pid' argument. * src/qemu/qemu_driver.c, src/qemu/qemu_hotplug.c, src/qemu/qemu_migration.c, src/qemu/qemu_process.c, src/security/security_apparmor.c, src/security/security_dac.c, src/security/security_driver.h, src/security/security_manager.c, src/security/security_manager.h, src/security/security_nop.c, src/security/security_selinux.c, src/security/security_stack.c: Change all security APIs to use a virDomainDefPtr instead of virDomainObjPtr
-
由 Eric Blake 提交于
When disk snapshots were first implemented, libvirt blindly refused to allow an external snapshot destination that already exists, since qemu will blindly overwrite the contents of that file during the snapshot_blkdev monitor command, and we don't like a default of data loss by default. But VDSM has a scenario where NFS permissions are intentionally set so that the destination file can only be created by the management machine, and not the machine where the guest is running, so that libvirt will necessarily see the destination file already existing; adding a flag will allow VDSM to force the file reuse without libvirt complaining of possible data loss. https://bugzilla.redhat.com/show_bug.cgi?id=767104 * include/libvirt/libvirt.h.in (virDomainSnapshotCreateFlags): Add VIR_DOMAIN_SNAPSHOT_CREATE_REUSE_EXT. * src/libvirt.c (virDomainSnapshotCreateXML): Document it. Add note about partial failure. * tools/virsh.c (cmdSnapshotCreate, cmdSnapshotCreateAs): Add new flag. * tools/virsh.pod (snapshot-create, snapshot-create-as): Document it. * src/qemu/qemu_driver.c (qemuDomainSnapshotDiskPrepare) (qemuDomainSnapshotCreateXML): Implement the new flag.
-
由 Eric Blake 提交于
We had loads of different styles in describing the @flags parameter for various APIs, as well as several APIs that didn't list which enums provided the bit values valid for the flags. The end result is one of two formats: @flags: bitwise-OR of vir...Flags @flags: extra flags; not used yet, so callers should always pass 0 * src/libvirt.c: Use common sentences for flags. Also, (virDomainGetBlockIoTune): Mention virTypedParameterFlags. (virConnectOpenAuth): Mention virConnectFlags. (virDomainMigrate, virDomainMigrate2, virDomainMigrateToURI) (virDomainMigrateToURI2): Mention virDomainMigrateFlags. (virDomainMemoryPeek): Mention virDomainMemoryFlags. (virStoragePoolBuild): Mention virStoragePoolBuildFlags. (virStoragePoolDelete): Mention virStoragePoolDeleteFlags. (virStreamNew): Mention virStreamFlags. (virDomainOpenGraphics): Mention virDomainOpenGraphicsFlags.
-
由 Laine Stump 提交于
This *kind of* addresses: https://bugzilla.redhat.com/show_bug.cgi?id=772395 (it doesn't eliminate the failure to start, but causes libvirt to give a better idea about the cause of the failure). If a guest uses a kvm emulator (e.g. /usr/bin/qemu-kvm) and the guest is started when kvm isn't available (either because virtualization is unavailable / has been disabled in the BIOS, or the kvm modules haven't been loaded for some reason), a semi-cryptic error message is logged: libvirtError: internal error Child process (LC_ALL=C PATH=/sbin:/usr/sbin:/bin:/usr/bin /usr/bin/qemu-kvm -device ? -device pci-assign,? -device virtio-blk-pci,? -device virtio-net-pci,?) status unexpected: exit status 1 This patch notices at process start that a guest needs kvm, and checks for the presence of /dev/kvm (a reasonable indicator that kvm is available) before trying to execute the qemu binary. If kvm isn't available, a more useful (too verbose??) error is logged.
-
- 10 1月, 2012 3 次提交
-
-
由 Alex Jia 提交于
It should be a copy-paste error, the result is programming will result in an infinite loop again due to without iterating 'j' variable. * src/qemu/qemu_driver.c: fix a typo on qemuDomainSetBlkioParameters. RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=770520Signed-off-by: NAlex Jia <ajia@redhat.com>
-
由 Michal Privoznik 提交于
This is actually a patch for VM Manager for Android. https://www.redhat.com/archives/libvirt-users/2011-November/msg00076.html
-
由 Jim Fehlig 提交于
I previously mentioned [1] a PolicyKit issue where libvirt would proceed with authentication even though polkit-auth failed: testusr xen134:~> virsh list --all Attempting to obtain authorization for org.libvirt.unix.manage. polkit-grant-helper: given auth type (8 -> yes) is bogus Failed to obtain authorization for org.libvirt.unix.manage. Id Name State ---------------------------------- 0 Domain-0 running - sles11sp1-pv shut off AFAICT, libvirt attempts to obtain a privilege it already has, causing polkit-auth to fail with above message. Instead of calling obtain and then checking auth, IMO the workflow should be for the server to check auth first, and if that fails ask the client to obtain it and check again. This workflow also allows for checking only successful exit of polkit-auth in virConnectAuthGainPolkit(). [1] https://www.redhat.com/archives/libvir-list/2011-December/msg00837.html
-
- 09 1月, 2012 2 次提交
-
-
由 Laine Stump 提交于
In the past, generic SCSI commands issued from a guest to a virtio disk were always passed through to the underlying disk by qemu, and the kernel would also pass them on. As a result of CVE-2011-4127 (see: http://seclists.org/oss-sec/2011/q4/536), qemu now honors its scsi=on|off device option for virtio-blk-pci (which enables/disables passthrough of generic SCSI commands), and the kernel will only allow the commands for physical devices (not for partitions or logical volumes). The default behavior of qemu is still to allow sending generic SCSI commands to physical disks that are presented to a guest as virtio-blk-pci devices, but libvirt prefers to disable those commands in the standard virtio block devices, enabling it only when specifically requested (hopefully indicating that the requester understands what they're asking for). For this purpose, a new libvirt disk device type (device='lun') has been created. device='lun' is identical to the default device='disk', except that: 1) It is only allowed if bus='virtio', type='block', and the qemu version is "new enough" to support it ("new enough" == qemu 0.11 or better), otherwise the domain will fail to start and a CONFIG_UNSUPPORTED error will be logged). 2) The option "scsi=on" will be added to the -device arg to allow SG_IO commands (if device !='lun', "scsi=off" will be added to the -device arg so that SG_IO commands are specifically forbidden). Guests which continue to use disk device='disk' (the default) will no longer be able to use SG_IO commands on the disk; those that have their disk device changed to device='lun' will still be able to use SG_IO commands. *docs/formatdomain.html.in - document the new device attribute value. *docs/schemas/domaincommon.rng - allow it in the RNG *tests/* - update the args of several existing tests to add scsi=off, and add one new test that will test scsi=on. *src/conf/domain_conf.c - update domain XML parser and formatter *src/qemu/qemu_(command|driver|hotplug).c - treat VIR_DOMAIN_DISK_DEVICE_LUN *almost* identically to VIR_DOMAIN_DISK_DEVICE_DISK, except as indicated above. Note that no support for this new device value was added to any hypervisor drivers other than qemu, because it's unclear what it might mean (if anything) to those drivers.
-
由 Laine Stump 提交于
This patch adds two capabilities flags to deal with various aspects of supporting SG_IO commands on virtio-blk-pci devices: QEMU_CAPS_VIRTIO_BLK_SCSI set if -device virtio-blk-pci accepts the scsi="on|off" option When present, this is on by default, but can be set to off to disable SG_IO functions. QEMU_CAPS_VIRTIO_BLK_SG_IO set if SG_IO commands are supported in the virtio-blk-pci driver (present since qemu 0.11 according to a qemu developer, if I understood correctly)
-
- 08 1月, 2012 1 次提交
-
-
由 Laine Stump 提交于
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=638633 Although scripts are not used by interfaces of type other than "ethernet" in qemu, due to the fact that the parser stores the script name in a union that is only valid when type is ethernet or bridge, there is no way for anyone except the parser itself to catch the problem of specifying an interface script for an inappropriate interface type (by the time the parsed data gets back to the code that called the parser, all evidence that a script was specified is forgotten). Since the parser itself should be agnostic to which type of interface allows scripts (an example of why: a script specified for an interface of type bridge is valid for xen domains, but not for qemu domains), the solution here is to move the script out of the union(s) in the DomainNetDef, always populate it when specified (regardless of interface type), and let the driver decide whether or not it is appropriate. Currently the qemu, xen, libxml, and uml drivers recognize the script parameter and do something with it (the uml driver only to report that it isn't supported). Those drivers have been updated to log a CONFIG_UNSUPPORTED error when a script is specified for an interface type that's inappropriate for that particular hypervisor. (NB: There was earlier discussion of solving this problem by adding a VALIDATE flag to all libvirt APIs that accept XML, which would cause the XML to be validated against the RNG files. One statement during that discussion was that the RNG shouldn't contain hypervisor-specific things, though, and a proper solution to this problem would require that (again, because a script for an interface of type "bridge" is accepted by xen, but not by qemu).
-
- 07 1月, 2012 5 次提交
-
-
由 Eric Blake 提交于
Commit ae523427 missed one pair of functions that could use the helper routine. * src/qemu/qemu_driver.c (qemuSetSchedulerParametersFlags) (qemuGetSchedulerParametersFlags): Simplify.
-
由 Daniel Veillard 提交于
* configure.ac docs/news.html.in libvirt.spec.in: update for the release * po/*.po*: updated localizations from transifex and regenerated
-
由 Eric Blake 提交于
On rawhide, gcc is new enough to output new DWARF information that pdwtags has not yet learned, but the resulting 'make check' output was rather confusing: $ make -C src check ... GEN virkeepaliveprotocol-structs die__process_function: DW_TAG_INVALID (0x4109) @ <0x58c> not handled! WARNING: your pdwtags program is too old WARNING: skipping the virkeepaliveprotocol-structs test WARNING: install dwarves-1.3 or newer ... $ pdwtags --version v1.9 I've filed the pdwtags deficiency as https://bugzilla.redhat.com/show_bug.cgi?id=772358 * src/Makefile.am (PDWTAGS): Don't leave -t file behind on version mismatch. Soften warning message, since 1.9 is newer than 1.3. Don't leak stderr from broken version.
-
由 Eric Blake 提交于
Commit db371a21 mistakenly added new functions inside a #ifndef WIN32 guard, even though they are needed on all platforms. * src/util/command.c (virCommandFDSet): Move outside WIN32 conditional.
-
由 Eric Blake 提交于
I hit a VERY weird testsuite failure on rawhide, which included _binary_ output to stderr, followed by a hang waiting for me to type something! (Here, using ^@ for NUL): $ ./commandtest TEST: commandtest WARNING: gnome-keyring:: couldn't send data: Bad file descriptor .WARNING: gnome-keyring:: couldn't send data: Bad file descriptor .WARNING: gnome-keyring:: couldn't send data: Bad file descriptor WARNING: gnome-keyring:: couldn't send data: Bad file descriptor .8^@^@^@8^@^@^@^A^@^@^@^Bay^A^@^@^@)PRIVATE-GNOME-KEYRING-PKCS11-PROTOCOL-V-1 I finally traced it to the fact that gnome-keyring, called via gnutls_global_init which is turn called by virNetTLSInit, opens an internal fd that it expects to communicate to via a pthread_atfork handler (never mind that it violates POSIX by using non-async-signal-safe functions in that handler: https://bugzilla.redhat.com/show_bug.cgi?id=772320). Our problem stems from the fact that we pulled the rug out from under the library's expectations by closing an fd that it had just opened. While we aren't responsible for fixing the bugs in that pthread_atfork handler, we can at least avoid the bugs by not closing the fd in the first place. * tests/commandtest.c (mymain): Avoid closing fds that were opened by virInitialize.
-
- 06 1月, 2012 4 次提交
-
-
由 Alex Jia 提交于
Detected by valgrind. Leak introduced in commit 5745dc12. * src/qemu/qemu_command.c: fix memory leak on failure and successful path. * How to reproduce? % valgrind -v --leak-check=full ./qemuargv2xmltest * Actual result: ==2196== 80 bytes in 1 blocks are definitely lost in loss record 3 of 4 ==2196== at 0x4A05FDE: malloc (vg_replace_malloc.c:236) ==2196== by 0x39CF07F6E1: strdup (in /lib64/libc-2.12.so) ==2196== by 0x419823: qemuParseRBDString (qemu_command.c:1657) ==2196== by 0x4221ED: qemuParseCommandLine (qemu_command.c:5934) ==2196== by 0x422AFB: qemuParseCommandLineString (qemu_command.c:7561) ==2196== by 0x416864: testCompareXMLToArgvHelper (qemuargv2xmltest.c:48) ==2196== by 0x417DB1: virtTestRun (testutils.c:141) ==2196== by 0x415CAF: mymain (qemuargv2xmltest.c:175) ==2196== by 0x4174A7: virtTestMain (testutils.c:696) ==2196== by 0x39CF01ECDC: (below main) (in /lib64/libc-2.12.so) ==2196== ==2196== LEAK SUMMARY: ==2196== definitely lost: 80 bytes in 1 blocks Signed-off-by: NAlex Jia <ajia@redhat.com>
-
由 Eric Blake 提交于
Using automake.git (will become 1.12 someday), I got this error: configure.ac:90: error: automatic de-ANSI-fication support has been removed /usr/local/share/aclocal-1.11a/protos.m4:13: AM_C_PROTOTYPES is expanded from... configure.ac:90: the top level autom4te: /usr/bin/m4 failed with exit status: 1 In short, pre-C89 compilers are no longer a viable portability target. Besides, our code base already requires C99, so worrying about pre-C89 seems pointless. * configure.ac (AM_C_PROTOTYPES): Drop, since newer automake no longer provides it.
-
由 Hu Tao 提交于
When setting numa nodeset for a domain which has no nodeset set before, libvirtd crashes by dereferencing the pointer to the old nodemask which is null in that case.
-
由 Eric Blake 提交于
Commit baade4d fixed a memory leak on failure, but in the process, introduced a use-after-free on success, which can be triggered with: 1. set bandwidth with --live 2. query bandwidth 3. set bandwidth with --live * src/qemu/qemu_driver.c (qemuDomainSetInterfaceParameters): Don't free newBandwidth on success. Reported by Hu Tao.
-
- 05 1月, 2012 4 次提交
-
-
由 Eric Blake 提交于
Commit b4343293 has a logic bug: seclabel overrides don't set def->type, but the default value is 0 (aka static). Restarting libvirtd would thus reject the XML for any domain with an override of <seclabel relabel='no'/> (which happens quite easily if a disk image lives on NFS), with a message: 2012-01-04 22:29:40.949+0000: 6769: error : virSecurityLabelDefParseXMLHelper:2593 : XML error: security label is missing Fix the logic to never read from an override's def->type, and to allow a missing <label> subelement when relabel is no. There's a lot of stupid double-negatives in the code (!norelabel) because of the way that we want the zero-initialized defaults to behave. * src/conf/domain_conf.c (virSecurityLabelDefParseXMLHelper): Use type field from correct location.
-
由 Michal Privoznik 提交于
Currently, virCommand implementation uses FD_ macros from sys/select.h. However, those cannot handle more opened files than FD_SETSIZE. Therefore switch to generalized implementation based on array of integers.
-
由 Jim Fehlig 提交于
xen-unstable c/s 23874:651aed73b39c added another member to xen_domctl_getdomaininfo struct and bumped domctl version to 8. Add a corresponding domctl v8 struct in xen hypervisor sub-driver and detect domctl v8 during initialization.
-
由 Jim Fehlig 提交于
The console path in xenstore is /local/domain/<id>/console/tty for PV guests (PV console) and /local/domain/<id>/serial/0/tty (serial console) for HVM guests. Similar to Xen's in-tree console client, read the correct path for PV vs HVM.
-
- 04 1月, 2012 4 次提交
-
-
由 Jiri Denemark 提交于
We already support CPU features with '.' in their name (e.g., sse4.1) so we should not forbid that in the schema.
-
由 Michal Privoznik 提交于
It is a good practise to set revents to zero before doing any poll(). Moreover, we should check if event we waited for really occurred or if any of fds we were polling on didn't encountered hangup.
-
由 Jiri Denemark 提交于
As a result of it, guest NUMA topology would be lost during migration.
-
- 03 1月, 2012 4 次提交
-
-
由 Eric Blake 提交于
Typo has existed since API introduction in commit ee0d8c3b. * src/qemu/qemu_driver.c (qemuDomainBlockStatsFlags): Use correct name.
-
由 Eric Blake 提交于
Most severe here is a latent (but currently untriggered) memory leak if any hypervisor ever adds a string interface property; the remainder are mainly cosmetic. * include/libvirt/libvirt.h.in (VIR_DOMAIN_BANDWIDTH_*): Move macros closer to interface that uses them, and document type. * src/libvirt.c (virDomainSetInterfaceParameters) (virDomainGetInterfaceParameters): Formatting tweaks. * daemon/remote.c (remoteDispatchDomainGetInterfaceParameters): Avoid memory leak. * src/libvirt_public.syms (LIBVIRT_0.9.9): Sort lines. * src/libvirt_private.syms (domain_conf.h): Likewise. * src/qemu/qemu_driver.c (qemuDomainSetInterfaceParameters): Fix comments, break long lines.
-
由 Peter Krempa 提交于
virshReportError() function frees the most recent error reported from libvirt. Condition that checks if connection to the daemon was broken during last command was then limited to check for SIGPIPE signal not taking into account possible errors signalized without SIGPIPE. This patch moves the check before the error is freed, to take into account code that does not emit SIGPIPE while failing. * tools/virsh.c: - move check for broken connection before error print.
-
由 Peter Krempa 提交于
-
- 02 1月, 2012 1 次提交
-
-
由 Michal Novotny 提交于
Hi, this is the fifth version of my SRV record for DNSMasq patch rebased for the current codebase to the bridge driver and libvirt XML file to include support for the SRV records in the DNS. The syntax is based on DNSMasq man page and tests for both xml2xml and xml2argv were added as well. There are some things written a better way in comparison with version 4, mainly there's no hack in tests/networkxml2argvtest.c and also the xPath context is changed to use a simpler query using the virXPathInt() function relative to the current node. Also, the patch is also fixing the networkxml2argv test to pass both checks, i.e. both unit tests and also syntax check. Please review, Michal Signed-off-by: NMichal Novotny <minovotn@redhat.com>
-
- 01 1月, 2012 2 次提交
-
-
由 Alex Jia 提交于
Detected by Coverity. Leaks introduced in commit e8d6b293. Signed-off-by: NAlex Jia <ajia@redhat.com>
-
由 Eric Blake 提交于
Leak detected by Coverity, and introduced in commit 93ab5859. Reported by Alex Jia. * src/qemu/qemu_driver.c (qemuDomainSetBlkioParameters): Free devices array on error.
-
- 31 12月, 2011 1 次提交
-
-
由 Eric Blake 提交于
Commit 6cb4acce reintroduced the bug fixed in commit d145fe3b. * docs/formatdomain.html.in (elementsDisks): Fix again.
-
- 30 12月, 2011 5 次提交
-
-
由 Daniel Veillard 提交于
The blocks to extract node information on a per-arch basis wasn't well balanced leading to a compilation failure if not on one of the handled arches (PCs and PPCs)
-
由 Eric Blake 提交于
This wires up the XML changes in the previous patch to let SELinux labeling honor user overrides, as well as affecting the live XML configuration in one case where the user didn't specify anything in the offline XML. I noticed that the logs contained messages like this: 2011-12-05 23:32:40.382+0000: 26569: warning : SELinuxRestoreSecurityFileLabel:533 : cannot lookup default selinux label for /nfs/libvirt/images/dom.img for all my domain images living on NFS. But if we would just remember that on domain creation that we were unable to set a SELinux label (due to NFSv3 lacking labels, or NFSv4 not being configured to expose attributes), then we could avoid wasting the time trying to clear the label on domain shutdown. This in turn is one less point of NFS failure, especially since there have been documented cases of virDomainDestroy hanging during an attempted operation on a failed NFS connection. * src/security/security_selinux.c (SELinuxSetFilecon): Move guts... (SELinuxSetFileconHelper): ...to new function. (SELinuxSetFileconOptional): New function. (SELinuxSetSecurityFileLabel): Honor override label, and remember if labeling failed. (SELinuxRestoreSecurityImageLabelInt): Skip relabeling based on override.
-
由 Eric Blake 提交于
Implement the parsing and formatting of the XML addition of the previous commit. The new XML doesn't affect qemu command line, so we can now test round-trip XML->memory->XML handling. I chose to reuse the existing structure, even though per-device override doesn't use all of those fields, rather than create a new structure, in order to reuse more code. * src/conf/domain_conf.h (_virDomainDiskDef): Add seclabel member. * src/conf/domain_conf.c (virDomainDiskDefFree): Free it. (virSecurityLabelDefFree): New function. (virDomainDiskDefFormat): Print it. (virSecurityLabelDefFormat): Reduce output if model not present. (virDomainDiskDefParseXML): Alter signature, and parse seclabel. (virSecurityLabelDefParseXML): Split... (virSecurityLabelDefParseXMLHelper): ...into new helper. (virDomainDeviceDefParse, virDomainDefParseXML): Update callers. * tests/qemuxml2argvdata/qemuxml2argv-seclabel-dynamic-override.args: New file. * tests/qemuxml2xmltest.c (mymain): Enhance test. * tests/qemuxml2argvtest.c (mymain): Likewise.
-
由 Eric Blake 提交于
When doing security relabeling, there are cases where a per-file override might be appropriate. For example, with a static label and relabeling, it might be appropriate to skip relabeling on a particular disk, where the backing file lives on NFS that lacks the ability to track labeling. Or with dynamic labeling, it might be appropriate to use a custom (non-dynamic) label for a disk specifically intended to be shared across domains. The new XML resembles the top-level <seclabel>, but with fewer options (basically relabel='no', or <label>text</label>): <domain ...> ... <devices> <disk type='file' device='disk'> <source file='/path/to/image1'> <seclabel relabel='no'/> <!-- override for just this disk --> </source> ... </disk> <disk type='file' device='disk'> <source file='/path/to/image1'> <seclabel relabel='yes'> <!-- override for just this disk --> <label>system_u:object_r:shared_content_t:s0</label> </seclabel> </source> ... </disk> ... </devices> <seclabel type='dynamic' model='selinux'> <baselabel>text</baselabel> <!-- used for all devices without override --> </seclabel> </domain> This patch only introduces the XML and documentation; future patches will actually parse and make use of it. The intent is that we can further extend things as needed, adding a per-device <seclabel> in more places (such as the source of a console device), and possibly allowing a <baselabel> instead of <label> for labeling where we want to reuse the cNNN,cNNN pair of a dynamically labeled domain but a different base label. First suggested by Daniel P. Berrange here: https://www.redhat.com/archives/libvir-list/2011-December/msg00258.html * docs/schemas/domaincommon.rng (devSeclabel): New define. (disk): Use it. * docs/formatdomain.html.in (elementsDisks, seclabel): Document the new XML. * tests/qemuxml2argvdata/qemuxml2argv-seclabel-dynamic-override.xml: New test, to validate RNG.
-
由 Eric Blake 提交于
Pure code motion; no semantic change. * src/conf/domain_conf.h (virDomainSeclabelType) (virSecurityLabelDefPtr): Declare earlier. * src/conf/domain_conf.c (virSecurityLabelDefClear) (virSecurityLabelDefParseXML): Move earlier. (virDomainDefParseXML): Move seclabel parsing earlier.
-