- 03 7月, 2018 3 次提交
-
-
由 Andrea Bolognani 提交于
Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Peter Krempa 提交于
The processing code which prepares images should be executed really only for the images which were detected. The code actually tried to update the last user-specified layer as well. Thankfully we don't do anything that would be a problem at this point. Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1515533 The @prefix attribute to <ip/> element for interface type user is optional. Therefore, if left out it has value of zero in which case we should not check whether it falls into <4, 27> range. Otherwise we fail parsing domain XML for no good reason. Broken by commit b62b8090. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 02 7月, 2018 1 次提交
-
-
由 Jiri Denemark 提交于
Once we called qemuDomainObjEnterRemote to talk to the destination daemon during a peer to peer migration, the vm lock is released and we only hold an async job. If the source domain dies at this point the monitor EOF callback is allowed to do its job and (among other things) clear all private data irrelevant for stopped domain. Thus when we call qemuDomainObjExitRemote, the domain may already be gone and we should avoid touching runtime private data (such as current job info). In other words after acquiring the lock in qemuDomainObjExitRemote, we need to check the domain is still alive. Unless we're doing offline migration. https://bugzilla.redhat.com/show_bug.cgi?id=1589730Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
- 28 6月, 2018 2 次提交
-
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1541921 In TCG mode, there are no vCPU threads and thus there's nothing to be placed into resctrl group. Forbid such configuration. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Jiri Denemark 提交于
If we ever fail to properly set jobinfo->statsType, qemuDomainJobInfoToParams would return -1 without setting an error. Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
- 27 6月, 2018 1 次提交
-
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1585108 When updating a live device users might pass different alias than the one the device has. Currently, this is silently ignored which goes against our behaviour for other parts of the device where we explicitly allow only certain changes and error out loudly on anything else. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
- 26 6月, 2018 2 次提交
-
-
由 Michal Privoznik 提交于
If a thread is unable to acquire a job (e.g. because of timeout) an error is reported and the error message contains reference to the other thread holding the job. Well, the error message should report agent job too as it is yet another source of possible failure. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Andrea Bolognani 提交于
We're going to introduce a second HPT-related setting soon, at which point using a single location to store everything is no longer going to cut it. This mostly, but not completely, reverts 3dd1eb3b. Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
-
- 25 6月, 2018 1 次提交
-
-
由 Michal Privoznik 提交于
If a thread is unable to start a job (e.g. because of timeout) a warning is printed into the logs. So far, the message does not contain agent job info. Add it as it might help future debugging. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJiri Denemark <jdenemar@redhat.com>
-
- 21 6月, 2018 1 次提交
-
-
由 John Ferlan 提交于
Make it clearer what asyncJob type was passed and what was expected. Signed-off-by: NJohn Ferlan <jferlan@redhat.com> ACKed-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 20 6月, 2018 2 次提交
-
-
由 Michal Privoznik 提交于
The point is to break QEMU_JOB_* into smaller pieces which enables us to achieve higher throughput. For instance, if there are two threads, one is trying to query something on qemu monitor while the other is trying to query something on agent monitor these two threads would serialize. There is not much reason for that. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Michal Privoznik 提交于
Introduce guest agent specific job categories to allow threads to run agent monitor specific jobs while normal monitor jobs can also be running. Alter _qemuDomainJobObj in order to duplicate certain fields that will be used for guest agent specific tasks to increase concurrency and throughput and reduce serialization. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJiri Denemark <jdenemar@redhat.com>
-
- 19 6月, 2018 3 次提交
-
-
由 Michal Privoznik 提交于
The aim of this API is to allow the caller to do best effort. Some functions can work even when acquiring the job fails (e.g. qemuConnectGetAllDomainStats()). But what they can't bear is delay if they have to wait up to 30 seconds for each domain that is processing some other job. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Michal Privoznik 提交于
The variable is initialized to -1 already. There's no way it can be overwritten by the time control gets to the line I'm removing. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Michal Privoznik 提交于
Provide a small comment on the function and its parameters. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
- 13 6月, 2018 1 次提交
-
-
由 Anya Harter 提交于
And replace all calls with virObjectEventStateQueue such that: qemuDomainEventQueue(driver, event); becomes: virObjectEventStateQueue(driver->domainEventState, event); And remove NULL checking from all callers. Signed-off-by: NAnya Harter <aharter@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com> Signed-off-by: NJán Tomko <jtomko@redhat.com>
-
- 12 6月, 2018 3 次提交
-
-
由 Anya Harter 提交于
And remove NULL checking from all callers. Signed-off-by: NAnya Harter <aharter@redhat.com>
-
由 John Ferlan 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1583623 When attaching a virtio-scsi with IOThreads for the config of a live domain, allow the <address> to not be defined thus allowing post parse processing to fill in the address. This allows parsing of an individual device to succeed for attach config. Signed-off-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 John Ferlan 提交于
Make the error a bit clearer that virtio-scsi IOThreads require virtio pci or ccw controller address types. Signed-off-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
- 08 6月, 2018 5 次提交
-
-
由 Martin Kletzander 提交于
The default is stable per machine type so there should be no need to keep that. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1469338Signed-off-by: NMartin Kletzander <mkletzan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Martin Kletzander 提交于
One of the things that this is improving is the fact that instead of error message (that was wrong) you get when starting a domain with SMM and i440fx we allow the setting to go through. SMM option exists and makes sense on i440fx as well (basically whenever that _SMM_OPT capability is set). Signed-off-by: NMartin Kletzander <mkletzan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Martin Kletzander 提交于
We are still hoping all of such checks will be moved there and this is one small step in that direction. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
All callers pass 'false' now so it's no longer needed. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
The option is insecure and it has been long enough for users to migrate their disk files to use explicit format. Drop the option and related code. The config parser still parses it and rejects statup if it's still present in the config in enabled state. The augeas lens is also kept so that users can disable it. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
- 06 6月, 2018 5 次提交
-
-
由 Stefan Berger 提交于
This patch extends the TPM's device XML with TPM 2.0 support. This only works for the emulator type backend and looks as follows: <tpm model='tpm-tis'> <backend type='emulator' version='2.0'/> </tpm> The swtpm process now has --tpm2 as an additional parameter: system_u:system_r:svirt_t:s0:c597,c632 tss 18477 11.8 0.0 28364 3868 ? Rs 11:13 13:50 /usr/bin/swtpm socket --daemon --ctrl type=unixio,path=/var/run/libvirt/qemu/swtpm/testvm-swtpm.sock,mode=0660 --tpmstate dir=/var/lib/libvirt/swtpm/testvm/tpm2,mode=0640 --log file=/var/log/swtpm/libvirt/qemu/testvm-swtpm.log --tpm2 --pid file=/var/run/libvirt/qemu/swtpm/testvm-swtpm.pid The version of the TPM can be changed and the state of the TPM is preserved. Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Stefan Berger 提交于
Implement functions for managing the storage of the external swtpm as well as starting and stopping it. Also implement functions to use swtpm_setup, which simulates the manufacturing of a TPM, which includes creation of certificates for the device. Further, the external TPM needs storage on the host that we need to set up before it can be run. We can clean up the host once the domain is undefined. This patch also implements a small layer for external device support that calls into the TPM device layer if a domain has an attached TPM. This is the layer we will wire up later on. Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Stefan Berger 提交于
This patch adds support for an external swtpm TPM emulator. The XML for this type of TPM looks as follows: <tpm model='tpm-tis'> <backend type='emulator'/> </tpm> The XML will currently only define a TPM 1.2. Extend the documentation. Add a test case testing the XML parser and formatter. Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 John Ferlan 提交于
Commit id 02b031a4 added a secondary path from which the incoming @secinfo would not be free'd until the private data was freed in qemuDomainStorageSourcePrivateDispose. However, by doing this the original intention to free @*secinfo afterwards is lost and thus the pass by value of the secinfo->s.aes (or secinfo->s.plain for its method) results in not keeping the NULL setting in the various secret.{username|iv|ciphertext} fields upon return to qemuDomainSecretInfoClear and eventually will result in a double free at domain destroy: raise () abort () __libc_message () malloc_printerr () _int_free () virFree qemuDomainSecretAESClear qemuDomainSecretInfoClear qemuDomainSecretInfoFree qemuDomainStorageSourcePrivateDispose virObjectUnref virStorageSourceClear virStorageSourceFree virDomainDiskDefFree virDomainDefFree virDomainObjRemoveTransientDef qemuProcessStop qemuDomainDestroyFlags virDomainDestroy Signed-off-by: NJohn Ferlan <jferlan@redhat.com> ACKed-by: NPeter Krempa <pkrempa@redhat.com>
-
由 ramyelkest 提交于
Replace instances where we previously called virGetLastError just to either get the code or to check if an error exists with virGetLastErrorCode to avoid a validity pre-check. Signed-off-by: NRamy Elkest <ramyelkest@gmail.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
- 05 6月, 2018 10 次提交
-
-
由 Michal Privoznik 提交于
Now that virCryptoGenerateRandom() is plain wrapper over virRandomBytes() we can drop it in favour of the latter. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
To unify our vir*Random() functions we need to make virCryptoGenerateRandom NOT allocate return buffer. It should just fill given buffer with random data. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Peter Krempa 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1544869Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
The encryption was buggy and qemu actually dropped it upstream. Forbid it for all versions since it would cause other problems too. Problems with the old encryption include weak crypto, corruption of images with blockjobs and a lot of usability problems. This requires changing of the encryption type for the encrypted disk tests. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Disks are client-only so we don't need to have this variable. We also always pass false for 'isListen' to qemuBuildTLSx509BackendProps for all disk-related code-paths so the 'tlsVerify' is ignored anyways. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Move the TLS object alias setup earlier. Also make sure that the alias is not overwritten on hotplug. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Select protocol using a switch with all cases enumerated. This will simplify checking unsupported protocols and adding new support. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Remove the loop from qemuDomainPrepareDiskSourceTLS and rename it to qemuDomainPrepareStorageSourceTLS. Currently there is no backing chain to prepare so fixing one device is equivalent. In the future it will be reused in a function which will do the looping. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Split out the code into a separate function so that all steps for a storage protocol are contained and the original function is easily extendable. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-