1. 13 9月, 2013 3 次提交
  2. 12 9月, 2013 13 次提交
    • G
      LXC: don't try to mount selinux filesystem when user namespace enabled · 1c7037cf
      Gao feng 提交于
      Right now we mount selinuxfs even user namespace is enabled and
      ignore the error. But we shouldn't ignore these errors when user
      namespace is not enabled.
      
      This patch skips mounting selinuxfs when user namespace enabled.
      Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
      1c7037cf
    • P
      qemu: Fix checking of guest ABI compatibility when reverting snapshots · 53c39f58
      Peter Krempa 提交于
      When reverting a live internal snapshot with a live guest the ABI
      compatiblity check was comparing a "migratable" definition with a normal
      one. This resulted in the check failing with:
      
      revert requires force: Target device address type none does not match source pci
      
      This patch generates a "migratable" definition from the actual one to
      check against the definition from the snapshot to avoid this problem.
      
      Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1006886
      53c39f58
    • L
      netcf driver: use a single netcf handle for all connections · 822fe136
      Laine Stump 提交于
      This resolves: https://bugzilla.redhat.com/show_bug.cgi?id=983026
      
      The netcf interface driver previously had no state driver associated
      with it - as a connection was opened, it would create a new netcf
      instance just for that connection, and close it when it was
      finished. the problem with this is that each connection to libvirt
      used up a netlink socket, and there is a per process maximum of ~1000
      netlink sockets.
      
      The solution is to create a state driver to go along with the netcf
      driver. The state driver will opens a netcf instance, then all
      connections share that same netcf instance, thus only a single
      netlink socket will be used no matter how many connections are mde to
      libvirtd.
      
      This was rather simple to do - a new virObjectLockable class is
      created for the single driverState object, which is created in
      netcfStateInitialize and contains the single netcf handle; instead of
      creating a new object for each client connection, netcfInterfaceOpen
      now just increments the driverState object's reference count and puts
      a pointer to it into the connection's privateData. Similarly,
      netcfInterfaceClose() just un-refs the driverState object (as does
      netcfStateCleanup()), and virNetcfInterfaceDriverStateDispose()
      handles closing the netcf instance. Since all the functions already
      have locking around them, the static lock functions used by all
      functions just needed to be changed to call virObjectLock() and
      virObjectUnlock() instead of directly calling the virMutex* functions.
      822fe136
    • L
      rename "struct interface_driver" to virNetcfDriverState · 4c5fa430
      Laine Stump 提交于
      This better fits the modern naming scheme in libvirt, and anticipates
      an upcoming change where a single instance of this state will be
      maintained by a separate state driver, and every instance of the netcf
      driver will share the same state.
      4c5fa430
    • D
      Ensure root filesystem is recursively mounted readonly · 75235a52
      Daniel P. Berrange 提交于
      If the guest is configured with
      
          <filesystem type='mount'>
            <source dir='/'/>
            <target dir='/'/>
            <readonly/>
          </filesystem>
      
      Then any submounts under / should also end up readonly, except
      for those setup as basic mounts. eg if the user has /home on a
      separate volume, they'd expect /home to be readonly, but we
      should not touch the /sys, /proc, etc dirs we setup ourselves.
      
      Users can selectively make sub-mounts read-write again by
      simply listing them as new mounts without the <readonly>
      flag set
      
          <filesystem type='mount'>
            <source dir='/home'/>
            <target dir='/home'/>
          </filesystem>
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      75235a52
    • D
      Move array of mounts out of lxcContainerMountBasicFS · f27f5f7e
      Daniel P. Berrange 提交于
      Move the array of basic mounts out of the lxcContainerMountBasicFS
      function, to a global variable. This is to allow it to be referenced
      by other methods wanting to know what the basic mount paths are.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      f27f5f7e
    • D
      Add some notes about security considerations when using LXC · 5e6a85c7
      Daniel P. Berrange 提交于
      Describe some of the issues to be aware of when configuring LXC
      guests with security isolation as a goal.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      5e6a85c7
    • D
      Fix launching of VMs on when only logind part of systemd is present · a48838ad
      Daniel P. Berrange 提交于
      Debian systems may run the 'systemd-logind' daemon, which causes the
      /sys/fs/cgroup/systemd  mount to be setup, but no other cgroup
      controllers are created. While the LXC driver considers cgroups to
      be mandatory, the QEMU driver is supposed to accept them as optional.
      
      We detect whether they are present by looking in /proc/mounts for
      any mounts of type 'cgroups', but this is not sufficient. We need to
      skip any named mounts (as seen by a name=XXX string in the mount
      options), so that we only detect actual resource controllers.
      
      http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721979Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      a48838ad
    • D
      Fix polkit permission names for storage pools, vols & node devices · 62184938
      Daniel P. Berrange 提交于
      The polkit access driver used the wrong permission names for checks
      on storage pools, volumes and node devices. This led to them always
      being denied access.
      
      The 'dettach' permission was also mis-spelt and should have been
      'detach'. While permission names are ABI sensitive, the fact that
      the code used the wrong object name for checking node device
      permissions, means that no one could have used the mis-spelt
      'dettach' permission.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      62184938
    • J
      virsh domjobinfo: Do not return 1 if job is NONE · f084caae
      Jiri Denemark 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=1006864
      
      Commit 38ab1225 changed the default value of ret from true to false but
      forgot to set ret = true when job is NONE. Thus, virsh domjobinfo
      returned 1 when there was no job running for a domain but it used to
      (and should) return 0 in this case.
      f084caae
    • D
      Repair the search on libvirt.org · a41e95db
      Daniel Veillard 提交于
      First make sure that the input is xhtml as the stylesheets expect
      namespaced element, then use a span element instead of a as a
      is treated specially, finally adjust the makefile to check for
      the new span element and replace it with the PHP code
      a41e95db
    • M
      api-docs: Fix description of virConnectGetType() API function · 25b133e7
      Michal Novotny 提交于
      This fixes the description of virConnectGetType() API function in
      API documentation to match the real functionality that it can be
      used to get driver name, and provide a hint on how to learn about
      full capabilities.
      Signed-off-by: NMichal Novotny <minovotn@redhat.com>
      Signed-off-by: NEric Blake <eblake@redhat.com>
      25b133e7
    • E
      build: require libnl-3 if netcf uses it · cf83adfb
      Eric Blake 提交于
      Commits 9298bfbc and f6c29515 both tried to make it possible to
      select the correct libnl (1 vs. 3) according to what netcf
      used, when both libraries are installed.  This works to avoid
      libnl-3 when netcf used libnl-1.  But on the converse side, if
      only libnl-1 development code is installed, while netcf uses
      libnl-3, then configure happily uses libnl-1 anyways, leading
      to a test failure:
      
      $ VIR_TEST_DEBUG=1 ./virdrivermoduletest
      TEST: virdrivermoduletest
       1) Test driver "network"                                             ... OK
       2) Test driver "storage"                                             ... OK
       3) Test driver "nodedev"                                             ... OK
       4) Test driver "secret"                                              ... OK
       5) Test driver "nwfilter"                                            ... OK
       6) Test driver "interface"
      ... lt-virdrivermoduletest: route/tc.c:973: rtnl_tc_register: Assertion
      `0' failed.
      Aborted
      
      It's much nicer to prevent this at configure time, by requiring that
      if we know what netcf used, then we want the same libnl version.  As
      before, this can be bypassed by someone who knows what they are doing
      by setting LIBNL_CFLAGS (perhaps useful to the rare person where the
      build box has a different version of netcf than the installation box).
      
      * configure.ac (LIBNL): If we can prove netcf used libnl-3, then
      don't let configure succeed with libnl-1.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      cf83adfb
  3. 11 9月, 2013 10 次提交
  4. 10 9月, 2013 7 次提交
    • E
      build: avoid obsolete AC_HELP_STRING · ff777421
      Eric Blake 提交于
      Autoconf states that AC_HELP_STRING is obsolete, and that new
      programs should use AS_HELP_STRING.  We also had instances of
      not properly quoting the macro usage, and not relying on autoconf's
      word-wrapping abilities to avoid long lines.  I validated that this
      commit has no impact to the generated configure file.
      
      * configure.ac (AC_ARG_WITH, AC_ARG_ENABLE): Autoconf recommends
      the use of AS_HELP_STRING.  Also, use proper quoting and wrap long
      lines.
      * m4/virt-apparmor.m4 (LIBVIRT_CHECK_APPARMOR): Likewise.
      * m4/virt-selinux.m4 (LIBVIRT_CHECK_SELINUX): Likewise.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      ff777421
    • E
      qemu: endjob returns a bool · 6cd15482
      Eric Blake 提交于
      Osier Yang pointed out that ever since commit 31cb030a, the
      signature of qemuDomainObjEndJob was changed to return a bool.
      While comparison against 0 or > 0 still gives the right results,
      it looks fishy; we also had one place that was comparing < 0
      which is effectively dead code.
      
      * src/qemu/qemu_migration.c (qemuMigrationPrepareAny): Fix dead
      code bug.
      (qemuMigrationBegin): Use more canonical form of bool check.
      * src/qemu/qemu_driver.c (qemuAutostartDomain)
      (qemuDomainCreateXML, qemuDomainSuspend, qemuDomainResume)
      (qemuDomainShutdownFlags, qemuDomainReboot, qemuDomainReset)
      (qemuDomainDestroyFlags, qemuDomainSetMemoryFlags)
      (qemuDomainSetMemoryStatsPeriod, qemuDomainInjectNMI)
      (qemuDomainSendKey, qemuDomainGetInfo, qemuDomainScreenshot)
      (qemuDomainSetVcpusFlags, qemuDomainGetVcpusFlags)
      (qemuDomainRestoreFlags, qemuDomainGetXMLDesc)
      (qemuDomainCreateWithFlags, qemuDomainAttachDeviceFlags)
      (qemuDomainUpdateDeviceFlags, qemuDomainDetachDeviceFlags)
      (qemuDomainBlockResize, qemuDomainBlockStats)
      (qemuDomainBlockStatsFlags, qemuDomainMemoryStats)
      (qemuDomainMemoryPeek, qemuDomainGetBlockInfo)
      (qemuDomainAbortJob, qemuDomainMigrateSetMaxDowntime)
      (qemuDomainMigrateGetCompressionCache)
      (qemuDomainMigrateSetCompressionCache)
      (qemuDomainMigrateSetMaxSpeed)
      (qemuDomainSnapshotCreateActiveInternal)
      (qemuDomainRevertToSnapshot, qemuDomainSnapshotDelete)
      (qemuDomainQemuMonitorCommand, qemuDomainQemuAttach)
      (qemuDomainBlockJobImpl, qemuDomainBlockCopy)
      (qemuDomainBlockCommit, qemuDomainOpenGraphics)
      (qemuDomainGetBlockIoTune, qemuDomainGetDiskErrors)
      (qemuDomainPMSuspendForDuration, qemuDomainPMWakeup)
      (qemuDomainQemuAgentCommand, qemuDomainFSTrim): Likewise.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      6cd15482
    • E
      build: use automake subdir-objects · 7f626e47
      Eric Blake 提交于
      Automake 2.0 will enable subdir-objects by default; in preparation
      for that change, automake 1.14 outputs LOADS of warnings:
      
      daemon/Makefile.am:38: warning: source file '../src/remote/remote_protocol.c' is in a subdirectory,
      daemon/Makefile.am:38: but option 'subdir-objects' is disabled
      automake-1.14: warning: possible forward-incompatibility.
      automake-1.14: At least a source file is in a subdirectory, but the 'subdir-objects'
      automake-1.14: automake option hasn't been enabled.  For now, the corresponding output
      automake-1.14: object file(s) will be placed in the top-level directory.  However,
      automake-1.14: this behaviour will change in future Automake versions: they will
      automake-1.14: unconditionally cause object files to be placed in the same subdirectory
      automake-1.14: of the corresponding sources.
      automake-1.14: You are advised to start using 'subdir-objects' option throughout your
      automake-1.14: project, to avoid future incompatibilities.
      daemon/Makefile.am:38: warning: source file '../src/remote/lxc_protocol.c' is in a subdirectory,
      daemon/Makefile.am:38: but option 'subdir-objects' is disabled
      ...
      
      As automake 1.9 also supported this option, and the previous patches
      fixed up the code base to work with it, it is safe to now turn it on
      unconditionally.
      
      * configure.ac (AM_INIT_AUTOMAKE): Enable subdir-objects.
      * .gitignore: Ignore .dirstamp directories.
      * src/Makefile.am (PDWTAGS, *-protocol-struct): Adjust to
      new subdir-object location of .lo files.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      7f626e47
    • E
      tests: check remaining .x files · e561951d
      Eric Blake 提交于
      We have been adding new .x files without keeping the list of
      *-structs files up-to-date.  This adds the support for the
      recent additions.
      
      In the process of testing this, I also noticed that Fedora 19's
      use of dwarves-1.10 (providing pdwtags version 1.9) was producing
      a single line on stderr but still giving enough useful info on
      stdout that we could check structs; the real goal of checking
      stderr separately from stdout was to avoid the bug in dwarves-1.9
      where stdout was empty (see bug http://bugzilla.redhat.com/772358).
      
      * src/Makefile.am (struct_prefix, PROTOCOL_STRUCTS): Add missing
      struct tests.
      (PDWTAGS): Work with Fedora 19 pdwtags.
      (lxc_monitor_protocol-struct, lock_protocol-struct): New rules.
      * src/lxc_monitor_protocol-structs: New file.
      * src/lock_protocol-structs): Likewise.
      * cfg.mk (generated_files): Enlarge list.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      e561951d
    • E
      build: use library rather than cross-directory compilation · 012c25e8
      Eric Blake 提交于
      If we use subdir-objects with automake, any reference to a
      cross-directory .c file will result in automake creating
      rules that track dependency in the cross directory.  But this
      presents a problem during 'make distclean' - if the cross
      directory is cleaned up first, then the daemon directory will
      be left with dangling references to .Po dependency files that
      no longer exist.
      
      Meanwhile, referring to the cross-directory .c file means
      that we are compiling the file twice - once in src, and once
      in daemon.  Better is to compile just once in src into a
      convenience library, and then use that library from daemon.
      
      The tests directory had a similar situation of a cross-directory
      .c file; to solve that, we actually need a convenience library.
      
      * daemon/Makefile.am (DAEMON_SOURCES): Drop .c files...
      (libvirtd_LDADD): ...and instead use library.
      (libvirtd_conf_la_SOURCES): Declare a new convenience library.
      (libvirtd_LDFLAGS): Drop duplicate flag.
      * tests/Makefile.am (libvirtdconftest_SOURCES): Drop .c file...
      (libvirtdconftest_LDADD): ..and instead use library.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      012c25e8
    • E
      build: avoid $(srcdir) in *_SOURCES · 073e1575
      Eric Blake 提交于
      Trying to enable automake's subdir-objects option resulted in
      the creation of literal directories such as src/$(srcdir)/remote/.
      I traced this to the fact that we had used a literal $(srcdir)
      in a location that later fed an automake *_SOURCES variable.
      This has also been reported as an automake bug:
      http://debbugs.gnu.org/cgi/bugreport.cgi?bug=13928
      but it's better to fix our code than to wait for an automake fix.
      
      Some things to remember that affect VPATH builds, and where an
      in-tree build is blissfully unaware of the issues: if a VPATH
      build fails to find a file that was used as a prereq of any
      other target, then the rule for that file will expand $@ to
      prefer the current build dir (bad because a VPATH build on a
      fresh checkout will then stick $@ in the current directory
      instead of the desired srcdir); conversely, if a VPATH build
      finds the file in srcdir but decides it needs to be rebuilt,
      then the rule for that file will expand $@ to include the
      directory where it was found out-of-date (bad for an explicit
      listing of $(srcdir)/$@ because an incremental VPATH build will
      then expand srcdir twice).  As we want these files to go into
      srcdir unconditionally, we have to massage or avoid $@ for any
      recipe that involves one of these files.
      
      Therefore, this patch removes all uses of $(srcdir) from any
      generated file name that later feeds a *_SOURCES variable, and
      then rewrites all the recipes to generate those files to
      hard-code their creation into srcdir without the use of $@.
      
      * src/Makefile.am (REMOTE_DRIVER_GENERATED): Drop $(srcdir); VPATH
      builds know how to find the files, and automake subdir-objects
      fails with it in place.
      (LXC_MONITOR_PROTOCOL_GENERATED, (LXC_MONITOR_GENERATED)
      (ACCESS_DRIVER_GENERATED, LOCK_PROTOCOL_GENERATED): Likewise.
      (*_client_bodies.h): Hard-code rules to write into srcdir, as
      VPATH tries to build $@ locally if missing.
      (util/virkeymaps.h): Likewise.
      (lxc/lxc_monitor_dispatch.h): Likewise.
      (access/viraccessapi*): Likewise.
      (locking/lock_daemon_dispatch_stubs.h): Likewise.
      * daemon/Makeflie.am (DAEMON_GENERATED, remote_dispatch.h):
      Likewise.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      
      fixup DAEMON_GENERATED
      073e1575
    • L
      cpu: Cleanup ppcCompute to avoid memory leak · 76fb8ccd
      Li Zhang 提交于
      This patch is to Cleanup ppcCompute to avoid memory leak to make
      the code better.
      Signed-off-by: NLi Zhang <zhlcindy@linux.vnet.ibm.com>
      76fb8ccd
  5. 09 9月, 2013 4 次提交
    • E
      qemu: don't leak vm on failure · d047b2d9
      Eric Blake 提交于
      Failure to attach to a domain during 'virsh qemu-attach' left
      the list of domains in an odd state:
      
      $ virsh qemu-attach 4176
      error: An error occurred, but the cause is unknown
      
      $ virsh list --all
       Id    Name                           State
      ----------------------------------------------------
       2     foo                            shut off
      
      $ virsh qemu-attach 4176
      error: Requested operation is not valid: domain is already active as 'foo'
      
      $ virsh undefine foo
      error: Failed to undefine domain foo
      error: Requested operation is not valid: cannot undefine transient domain
      
      $ virsh shutdown foo
      error: Failed to shutdown domain foo
      error: invalid argument: monitor must not be NULL
      
      It all stems from leaving the list of domains unmodified on
      the initial failure; we should follow the lead of createXML
      which removes vm on failure (the actual initial failure still
      needs to be fixed in a later patch, but at least this patch
      gets us to the point where we aren't getting stuck with an
      unremovable "shut off" transient domain).
      
      While investigating, I also found a leak in qemuDomainCreateXML;
      the two functions should behave similarly.  Note that there are
      still two unusual paths: if dom is not allocated, the user will
      see an OOM error even though the vm remains registered (but oom
      errors already indicate tricky cleanup); and if the vm starts
      and then quits again all before the job ends, it is possible
      to return a non-NULL dom even though the dom will no longer be
      useful for anything (but this at least lets the user know their
      short-lived vm ran).
      
      * src/qemu/qemu_driver.c (qemuDomainCreateXML): Don't leak vm on
      failure to obtain job.
      (qemuDomainQemuAttach): Match cleanup of qemuDomainCreateXML.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      d047b2d9
    • Y
      Add ARM v7 big-endian architecture (armv7b) · ea3534fc
      Yogesh Tillu 提交于
      ARM v7 can operate in either little or big endian modes. Add
      support for the big-endian version known as armv7b from uname.
      Signed-off-by: NYogesh Tillu <tillu.yogesh@gmail.com>
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      ea3534fc
    • L
      qemu: avoid users specifying CPU features for non-x86 plaftorm. · 7b0ce42c
      Li Zhang 提交于
      Currently, only X86 provides users CPU features with CPUID instruction.
      If users specify the features for non-x86, it should tell users to
      remove them.
      
      This patch is to report one error if features are specified by
      users for non-x86 platform.
      Signed-off-by: NLi Zhang <zhlcindy@linux.vnet.ibm.com>
      7b0ce42c
    • H
      LXC: Free variable vroot in lxcDomainDetachDeviceHostdevUSBLive() · 46c9bce4
      Hongwei Bi 提交于
      The variable vroot should be freed in label cleanup.
      46c9bce4
  6. 07 9月, 2013 1 次提交
    • E
      qemu: don't leave shutdown inhibited on attach failure · 93e59975
      Eric Blake 提交于
      While debugging a failure of 'virsh qemu-attach', I noticed that
      we were leaking the count of active domains on failure.  This
      means that a libvirtd session that is supposed to quit after
      active domains disappear will hang around forever.
      
      * src/qemu/qemu_process.c (qemuProcessAttach): Undo count of
      active domains on failure.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      93e59975
  7. 06 9月, 2013 2 次提交
    • E
      qemu: recognize -machine accel=kvm when parsing native · 2b1ef11c
      Eric Blake 提交于
      In Fedora 19, 'qemu-kvm' is a simple wrapper that calls
      'qemu-system-x86_64 -machine accel=kvm'.  Attempting
      to use 'virsh qemu-attach $pid' to a machine started as:
      
      qemu-kvm -cdrom /var/lib/libvirt/images/foo.img \
       -monitor unix:/tmp/demo,server,nowait -name foo \
       --uuid cece4f9f-dff0-575d-0e8e-01fe380f12ea
      
      was failing with:
      error: XML error: No PCI buses available
      
      because we did not see 'kvm' in the executable name read from
      /proc/$pid/cmdline, and tried to assign os.machine as
      "accel=kvm" instead of "pc"; this in turn led to refusal to
      recognize the pci bus.
      
      Noticed while investigating https://bugzilla.redhat.com/995312
      although there are still other issues to fix before that bug
      will be completely solved.
      
      I've concluded that the existing parser code for native-to-xml
      is a horrendous hodge-podge of ad-hoc approaches; I basically
      rewrote the -machine section to be a bit saner.
      
      * src/qemu/qemu_command.c (qemuParseCommandLine): Don't assume
      -machine argument is always appropriate for os.machine; set
      virtType if accel is present.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      2b1ef11c
    • E
      qemu: only parse basename when determining emulator properties · 6a373fb2
      Eric Blake 提交于
      'virsh domxml-from-native' and 'virsh qemu-attach' could misbehave
      for an emulator installed in (a somewhat unlikely) location
      such as /usr/local/qemu-1.6/qemu-system-x86_64 or (an even less
      likely) /opt/notxen/qemu-system-x86_64.  Limit the strstr seach
      to just the basename of the file where we are assuming details
      about the binary based on its name.
      
      While testing, I accidentally triggered a core dump during strcmp
      when I forgot to set os.type on one of my code paths; this patch
      changes such a coding error to raise a nicer internal error instead.
      
      * src/qemu/qemu_command.c (qemuParseCommandLine): Compute basename
      earlier.
      * src/conf/domain_conf.c (virDomainDefPostParseInternal): Avoid
      NULL deref.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      6a373fb2