1. 21 5月, 2015 6 次提交
    • J
      Introduce virDomainSetUserPassword API · e8982c88
      Ján Tomko 提交于
      For setting passwords of users inside the domain.
      
      With the VIR_DOMAIN_PASSWORD_ENCRYPTED flag set, the password
      is assumed to be already encrypted by the method required
      by the guest OS.
      
      https://bugzilla.redhat.com/show_bug.cgi?id=1174177
      e8982c88
    • J
      threadpool: Switch to detached threads · 6cc5c33e
      Jiri Denemark 提交于
      Using joinable threads does not help anything, but it can lead to memory
      leaks.
      
      When a worker thread exits, it decreases nWorkers or nPrioWorkers and
      once both nWorkers and nPrioWorkers are zero (i.e., the last worker is
      gone), quit_cond is signaled. When freeing the pool we first tell all
      threads to die and then we are waiting for both nWorkers and
      nPrioWorkers to become zero. At this point we already know all threads
      are gone. So the only reason for calling virThreadJoin of all workers is
      to free the memory allocated for joinable threads. If we avoid
      allocating this memory, we don't need to take care of freeing it.
      
      Moreover, any memory associated with a worker thread which died before
      we asked it to die (e.g., because virCondWait failed in the thread)
      would be lost anyway since virThreadPoolFree calls virThreadJoin only
      for threads which were running at the time virThreadPoolFree was called.
      Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
      6cc5c33e
    • J
      Use virDomainDiskByName where appropriate · 82cffb58
      Jiri Denemark 提交于
      Most virDomainDiskIndexByName callers do not care about the index; what
      they really want is a disk def pointer.
      Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
      82cffb58
    • J
      Add wrappers for virDomainDiskIndexBy* · 865109b3
      Jiri Denemark 提交于
      Sometimes the only thing we need is the pointer to virDomainDiskDef and
      having to call virDomainDiskIndexBy* APIs, storing the disk index, and
      looking it up in the disks array is ugly. After this patch, we can just
      call virDomainDiskBy* and get the pointer in one step.
      Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
      865109b3
    • E
      qemu: Log error if domain uses security driver which is not loaded · fb0b9a2c
      Erik Skultety 提交于
      When starting a domain, if a domain specifies security drivers we do not have
      loaded, we fail. However we don't check for this during
      reconnect, so any operation relying on security driver functionality would fail.
      If someone e.g. starts a domain with selinux driver loaded, then they change
      the security driver to 'none' in config, restart the daemon and call dump/save/..,
      QEMU will return an error.
      As we shouldn't kill the domain, we should at least log an error to let the
      user know that domain reconnect wasn't completely clean.
      
      https://bugzilla.redhat.com/show_bug.cgi?id=1183893
      fb0b9a2c
    • L
      conf: Restore the XML parser context in virDomainMemoryDefParseXML · aef2a0a2
      Luyao Huang 提交于
      After parsing the memory device XML the function would not restore the
      XML parser context causing invalid XPath starting point for the rest of
      the elements. This is a regression since 3e4230d2.
      
      The test case addition uses the <idmap> element that is currently unused
      by qemu, but parsed after the memory device definition and formatted
      always.
      
      Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1223631Signed-off-by: NLuyao Huang <lhuang@redhat.com>
      Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
      aef2a0a2
  2. 20 5月, 2015 5 次提交
  3. 19 5月, 2015 5 次提交
    • M
      qemu: Fix numatune nodeset reporting · 9deb96f9
      Martin Kletzander 提交于
      Since af2a1f05,
      qemuDomainGetNumaParameters() returns invalid value for a running
      guest.  The problem is that it is getting the information from cgroups,
      but the parent cgroup is being left alone since the mentioned commit.
      Since the running guest's XML is in sync with cgroups, there is no need
      to look into cgroups (unless someone changes the configuration behind
      libvirt's back).  Returning the info from the definition fixes a bug and
      is also a cleanup.
      
      Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1221047Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
      9deb96f9
    • J
      xenconfig: fix spice mousemode and copypaste · a5b55bd9
      Jim Fehlig 提交于
      From xl.cfg950 man page:
      
      spiceagent_mouse=BOOLEAN
      Whether SPICE agent is used for client mouse mode. The default is
      true (1) (turn on)
      
      spicevdagent=BOOLEAN
      Enables spice vdagent. The Spice vdagent is an optional component for
      enhancing user experience and performing guest-oriented management
      tasks. Its features includes: client mouse mode (no need to grab
      mouse by client, no mouse lag), automatic adjustment of screen
      resolution, copy and paste (text and image) between client and domU.
      It also requires vdagent service installed on domU o.s. to work.
      The default is 0.
      
      spice_clipboard_sharing=BOOLEAN
      Enables Spice clipboard sharing (copy/paste). It requires spicevdagent
      enabled. The default is false (0).
      
      So if spiceagent_mouse is enabled (client mouse mode) or
      spice_clipboard_sharing is enabled, spicevdagent must be enabled.
      Along with this change, s/spicedvagent/spicevdagent, set
      spiceagent_mouse correctly, and add a test for these spice
      features.
      Signed-off-by: NJim Fehlig <jfehlig@suse.com>
      a5b55bd9
    • J
      xenconfig: fix spicepasswd handling · a460295f
      Jim Fehlig 提交于
      The logic related to spicedisable_ticketing and spicepasswd was
      inverted.  As per man xl.cfg(5), 'spicedisable_ticketing = 1'
      means no passwd is required.  On the other hand, a passwd is
      required if 'spicedisable_ticketing = 0'.  Fix the logic and
      produce and error if 'spicedisable_ticketing = 0' but spicepasswd
      is not provided.  Also fix the spice cfg test file.
      Signed-off-by: NJim Fehlig <jfehlig@suse.com>
      a460295f
    • J
      xenconfig: format spice listenAddr when formating ports · e21b1180
      Jim Fehlig 提交于
      Move formating of spice listenAddr to the section of code
      where spice ports are formatted.  It is more logical to
      format address and ports together.  Account for the change
      in spice cfg test file by moving 'spicehost'.
      Signed-off-by: NJim Fehlig <jfehlig@suse.com>
      e21b1180
    • J
      xenconfig: use local variable for graphics def · 096b39c9
      Jim Fehlig 提交于
      'graphics->' is a bit easier to read and type, and makes for
      shorter lines than 'def->graphics[0]->'.
      Signed-off-by: NJim Fehlig <jfehlig@suse.com>
      096b39c9
  4. 18 5月, 2015 8 次提交
    • L
      node_device: replace duplicated code in hal and udev backends · d52d7a64
      Laine Stump 提交于
      Both the hal and udev drivers call virPCI*() functions to the the
      SRIOV VF/PF info about PCI devices, and the UDEV backend calls
      virPCI*() to get IOMMU group info. Since there is now a single
      function call in node_device_linux_sysfs.c to do all of this, replace
      all that code in the two backends with calls to
      nodeDeviceSysfsGetPCIRelatedDevCaps().
      
      Note that this results in the HAL driver (probably) unnecessarily
      calling virPCIDevieAddressGetIOMMUGroupNum(), but in the case that the
      host doesn't support IOMMU groups, that function turns into a NOP (it
      returns -2, which causes the caller to skip the call to
      virPCIDeviceAddressGetIOMMUGroupAddresses()). So in the worst case it
      is a few extra cycles spent, and in the best case a mythical platform
      that supported IOMMU groups but used HAL rather than UDEV would gain
      proper reporting of IOMMU group info.
      d52d7a64
    • L
      node_device: update sriov/iommu info before dumpxml of a device · 601b0fa8
      Laine Stump 提交于
      Because reloading a PF driver with a different number of VFs doesn't
      result in any sort of event sent from udev to the libvirt node_device
      driver, libvirt's cache of that info can be out of date when a request
      arrives for the info about a device. To fix this, we refresh that data
      at the time of the dumpxml request, similar to what is already done
      for netdev link info and SCSI host capabilities.
      
      Since the same is true for iommu group information (for example, some
      other device in the same iommu group could have been detached from the
      host), we also create a function to update the iommu group info from
      sysfs, and a common function that does both. (a later patch will call
      this common function from the udev and hal backends).
      
      This resolves:
      
        https://bugzilla.redhat.com/show_bug.cgi?id=981546
      601b0fa8
    • L
      node_device: new functions to get sriov/iommu info from sysfs · 7349fa2e
      Laine Stump 提交于
      The udev and hal drivers both already call the same functions as these
      new functions added to node_device_linux_sysfs.c, but 1) we need to
      call them from node_device_driver.c, and 2) it would be nice to
      eliminate the duplicated code from the hal and udev backends.
      7349fa2e
    • L
      node device: prepare node_device_linux_sysfs.c to add more functions · d2a57815
      Laine Stump 提交于
      This file contains only a single function, detect_scsi_host_caps(),
      which is declared in node_device_driver.h and called from both the hal
      and udev backends. Other things common to the hal and udev drivers
      can be placed in that file though. As a prelude to adding further
      functions, this patch renames the existing function to something
      closer in line with other internal libvirt function names
      (nodeDeviceSysfsGetSCSIHostCaps()), and puts the declarations into a
      separate .h file.
      d2a57815
    • L
      nodedev: change if-else if in update_caps to switch · 3c93419b
      Laine Stump 提交于
      Makes it nicer as update bits are added for different cap types.
      3c93419b
    • L
      conf: make virNodeDevCapData an official type · ffc40b63
      Laine Stump 提交于
      For some reason a union (_virNodeDevCapData) that had only been
      declared inside the toplevel struct virNodeDevCapsDef was being used
      as an argument to functions all over the place. Since it was only a
      union, the "type" attribute wasn't necessarily sent with it. While
      this works, it just seems wrong.
      
      This patch creates a toplevel typedef for virNodeDevCapData and
      virNodeDevCapDataPtr, making it a struct that has the type attribute
      as a member, along with an anonymous union of everything that used to
      be in union _virNodeDevCapData. This way we only have to change the
      following:
      
        s/union _virNodeDevCapData */virNodeDevCapDataPtr /
      
      and
      
        s/caps->type/caps->data.type/
      
      This will make me feel less guilty when adding functions that need a
      pointer to one of these.
      ffc40b63
    • T
      libvirt: qemu: enable/disable protected key management ops · 740c83f5
      Tony Krowiak 提交于
      Introduces two new -machine option parameters to the QEMU command to
      enable/disable the CPACF protected key management operations for a guest:
      
          aes-key-wrap='on|off'
          dea-key-wrap='on|off'
      
      The QEMU code maps the corresponding domain configuration elements to the
      QEMU -machine option parameters to create the QEMU command:
      
          <cipher name='aes' state='on'>   --> aes-key-wrap=on
          <cipher name='aes' state='off'>  --> aes-key-wrap=off
          <cipher name='dea' state='on'>   --> dea-key-wrap=on
          <cipher name='dea' state='off'>  --> dea-key-wrap=off
      Signed-off-by: NTony Krowiak <akrowiak@linux.vnet.ibm.com>
      Signed-off-by: NDaniel Hansel <daniel.hansel@linux.vnet.ibm.com>
      Signed-off-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>
      Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      740c83f5
    • T
      libvirt: Introduce protected key mgmt ops · 73eda710
      Tony Krowiak 提交于
      Two new domain configuration XML elements are added to enable/disable
      the protected key management operations for a guest:
      
          <domain>
            ...
            <keywrap>
              <cipher name='aes|dea' state='on|off'/>
            </keywrap>
            ...
          </domain>
      Signed-off-by: NTony Krowiak <akrowiak@linux.vnet.ibm.com>
      Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
      Signed-off-by: NDaniel Hansel <daniel.hansel@linux.vnet.ibm.com>
      Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      73eda710
  5. 16 5月, 2015 6 次提交
    • J
      libxl: provide impl for nodeGetSecurityModel · 99a42f3c
      Jim Fehlig 提交于
      Currently, the libxl driver does not support any security drivers.
      When the qemu driver has no security driver configued,
      nodeGetSecurityModel succeeds but returns an empty virSecurityModel
      object.  Do the same in the libxl driver instead of reporting
      
      this function is not supported by the connection driver:
      virNodeGetSecurityModel
      99a42f3c
    • L
      qemu: log error when domain has an unsupported IDE controller · eadd757c
      Laine Stump 提交于
      We have previously effectively ignored all <controller type='ide'>
      elements in a domain definition.
      
      On the i440fx-based machinetypes there is an IDE controller that is
      included in the chipset and can't be removed (which is the ide
      controller with index='0'>), so it makes sense to ignore that one
      controller. However, if an i440fx domain definition has a 2nd
      controller, nothing catches this error (unless you also have a disk
      attached to it, in which case qemu will complain that you're trying to
      use the ide controller named "ide1", which doesn't exist), and if any
      other type of domain has even a single controller defined, it will be
      incorrectly ignored.
      
      Ignoring a bogus controller definition isn't such a big problem, as
      long as an error is logged when any disk is attached to that
      non-existent controller. But in the case of q35-based machinetypes,
      the hardcoded id ("alias" in libvirt terms) of its builtin SATA
      controller is "ide", which happens to be the same id as the builtin
      IDE controller on i440fx machinetypes. So libvirt creates a
      commandline believing that it is connecting the disk to the builtin
      (but actually nonexistent) IDE controller, qemu thinks that libvirt
      wanted that disk connected to the builtin SATA controller, and
      everybody is happy.
      
      Until you try to connect a 2nd disk to the IDE controller. Then qemu
      will complain that you're trying to set unit=1 on a controller that
      requires unit=0 (SATA controllers are organized differently than IDE
      controllers).
      
      After this patch, if a domain has an IDE controller defined for a
      machinetype that has no IDE controllers, libvirt will log an error
      about the controller itself as it is building the qemu commandline
      (rather than a (possible) error from qemu about disks attached to that
      controller). This is done by adding IDE to the list of controller
      types that are handled in the loop that creates controller command
      strings in qemuBuildCommandline() (previously it would *always* skip
      IDE controllers). Then qemuBuildControllerDevStr() is modified to log
      an appropriate error in the case of IDE controllers.
      
      In the future, if we add support for extra IDE controllers (piix3-ide
      and/or piix4-ide) we can just add it into the IDE case in
      qemuBuildControllerDevStr(). For now, nobody seems anxious to add
      extra support for an aging and very slow controller, when there are so
      many better options available.
      
      Resolves:
      
      https://bugzilla.redhat.com/show_bug.cgi?id=1176071 (Fedora)
      eadd757c
    • L
      qemu: clean up qemuBuildCommandline loop that builds controller args · b8f345b4
      Laine Stump 提交于
      Reorganize the loop that builds controller args to remove unnecessary
      duplicated code and superfluous else clauses. No functional change.
      b8f345b4
    • L
      qemu: use controller alias when constructing device/controller args · 0260506c
      Laine Stump 提交于
      This makes sure that that the commandlines generated for devices and
      controller devices are all using the alias that has been set in the
      controller's object as the id of the controller, rather than
      hardcoding a printf (or worse, encoding exceptions to the standard
      ${controller}${index} into the logic)
      
      Since this "fixes" the controller name used for the sata controller,
      the commandline arg for the sata controller in the sata test case had
      to be adjusted to be "sata0" instead of "ahci0". All other tests
      remain unchanged, verifying that the patch causes no other functional
      change.
      
      Because the function that finds a controller alias based on a device
      def requires a pointer to the full domainDef in order to get the list
      of controllers, the arglist of a few functions had to have this added.
      0260506c
    • L
      qemu: fix exceptions in qemuAssignDeviceControllerAlias · 75cd7d9b
      Laine Stump 提交于
      There are a few extra exceptions that weren't being accounted for when
      creating the alias for a controller. This resulted in 1) incorrect
      status XML, and 2) exceptions/printfs of what *should* have been
      directly available in the controller alias when constructing device
      commandline arguments:
      
      1) The primary (and only) IDE controller on a 440FX machinetype is
      hardcoded to be "ide" in qemu.
      
      2) The primary SATA controller on a 440FX machinetype is also
      hardcoded to be "ide" in qemu.
      
      3) On machinetypes that don't support multiple PCI buses, the PCI bus
      is hardcoded in qemu to have the name "pci".
      
      4) The first usb master controller is "usb", all others are the normal
      "usb%d". (note that usb controllers that are not a "master" will have
      the same index, and thus alias, as the master).
      
      We needed to pass in the full domainDef and qemuCaps in order to
      properly make the decisions about these exceptions.
      75cd7d9b
    • L
      conf: utility to return alias of a controller based on type/index · a3dfaf12
      Laine Stump 提交于
      Because there are multiple potential reasons for an error, this
      function logs any errors before returning NULL (since the caller won't
      have the information needed to determine which was the reason for
      failure).
      a3dfaf12
  6. 15 5月, 2015 5 次提交
  7. 14 5月, 2015 5 次提交