- 28 10月, 2012 18 次提交
-
-
由 Osier Yang 提交于
It might need some time till the LUN's stable path shows up on initiator host, and although the time window is not foreseeable, as a better than nothing fix, this patch adds timeout for the stable path discovery process. (cherry picked from commit de7f0774)
-
由 Cole Robinson 提交于
If building on a 64bit host, rename the affected tapsets to <name>-64.stp. This is similar to what the python package does in fedora. https://bugzilla.redhat.com/show_bug.cgi?id=831425 (cherry picked from commit 18d0632d)
-
由 Cole Robinson 提交于
We were just installing them in the top level html directory, which broke navigation and overwrote other pages. https://bugzilla.redhat.com/show_bug.cgi?id=837825 (cherry picked from commit 7146d416)
-
由 Osier Yang 提交于
'snaps' is used after free()'ed. (cherry picked from commit e0ad4669)
-
由 Cole Robinson 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=860004 (cherry picked from commit 2143ced7)
-
由 Cole Robinson 提交于
On F17 at least, every time libvirtd starts we get this in syslog: libvirtd: Could not find keytab file: /etc/libvirt/krb5.tab: No such file or directory This comes from cyrus-sasl, and happens regardless of whether the gssapi plugin is requested, which is what actually uses /etc/libvirt/krb5.tab. While cyrus-sasl shouldn't complain, we can easily make it shut up by commenting out the keytab value by default. Also update the keytab comment to the more modern one from qemu's sasl config file. (cherry picked from commit fe772f24)
-
由 Laine Stump 提交于
This resolves: https://bugzilla.redhat.com/show_bug.cgi?id=868483 virNetworkUpdate, virNetworkDefine, and virNetworkCreate all three allow network definitions to contain multiple <portgroup> elements with default='yes'. Only a single default portgroup should be allowed for each network. This patch updates networkValidate() (called by both virNetworkCreate() and virNetworkDefine()) and virNetworkDefUpdatePortGroup (called by virNetworkUpdate() to not allow multiple default portgroups. (cherry picked from commit 6f8a8b30)
-
由 Laine Stump 提交于
This fixes the problem reported in: https://bugzilla.redhat.com/show_bug.cgi?id=868389 Previously, the dnsmasq hosts file (used for static dhcp entries, and addnhosts file (used for additional dns host entries) were only created/referenced on the dnsmasq commandline if there was something to put in them at the time the network was started. Once we can update a network definition while it's active (which is now possible with virNetworkUpdate), this is no longer a valid strategy - if there were 0 dhcp static hosts (resulting in no reference to the hosts file on the commandline), then one was later added, the commandline wouldn't have linked dnsmasq up to the file, so even though we create it, dnsmasq doesn't pay any attention. The solution is to just always create these files and reference them on the dnsmasq commandline (almost always, anyway). That way dnsmasq can notice when a new entry is added at runtime (a SIGHUP is sent to dnsmasq by virNetworkUdpate whenever a host entry is added or removed) The exception to this is that the dhcp static hosts file isn't created if there are no lease ranges *and* no static hosts. This is because in this case dnsmasq won't be setup to listen for dhcp requests anyway - in that case, if the count of dhcp hosts goes from 0 to 1, dnsmasq will need to be restarted anyway (to get it listening on the dhcp port). Likewise, if the dhcp hosts count goes from 1 to 0 (and there are no dhcp ranges) we need to restart dnsmasq so that it will stop listening on port 67. These special situations are handled in the bridge driver's networkUpdate() by checking for ((bool) nranges||nhosts) both before and after the update, and triggering a dnsmasq restart if the before and after don't match. (cherry picked from commit 1cb1f9da)
-
由 Laine Stump 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=866364 pointed out a crash due to virNetworkObjAssignDef free'ing network->newDef without NULLing it afterward. A fix for this is in upstream commit b7e92024. While the NULLing of newDef was a legitimate fix, newDef should have already been empty (NULL) anyway (as indicated in the comment that was deleted by that commit). The reason that newDef had a non-NULL value (i.e. the root cause) was that networkStartNetwork() had failed after populating network->newDef, but then neglected to free/NULL newDef in the cleanup. (A bit of background here: network->newDef should contain the persistent config of a network when a network is active (and of course only when it is persisten), and NULL at all other times. There is also a network->def which should contain the persistent definition of the network when it is inactive, and the current live state at all other times. The idea is that you can make changes to network->newDef which will take effect the next time the network is restarted, but won't mess with the current state of the network (virDomainObj has a similar pair of virDomainDefs that behave in the same fashion). Personally I think there should be a network->live and network->config, and the location of the persistent config should *always* be in network->config, but that's for a later cleanup). Since I love things to be symmetric, I created a new function called virNetworkObjUnsetDefTransient(), which reverses the effects of virNetworkObjSetDefTransient(). I don't really like the name of the new function, but then I also didn't really like the name of the old one either (it's just named that way to match a similar function in the domain conf code). (cherry picked from commit 78fab277)
-
由 Cole Robinson 提交于
AUTHORS.in tracks the maintainers, as well as some folks who were previously in AUTHORS but don't have a git commit with proper attribution. Generated output is sorted alphabetically and lacks pretty spacing, so tweak AUTHORS.in to follow the same format. Additionally, drop the syntax-check rule that previously validated AUTHORS against git log. (cherry picked from commit 7b21981c) Conflicts: .mailmap AUTHORS
-
由 Eric Blake 提交于
Several people have reported that if the .gnulib submodule is dirty, then 'make' will go into an infinite loop attempting to rerun bootstrap, because that never cleans up the dirty submodule. By default, we should halt and make the user investigate, but if the user doesn't know why or care that the submodule is dirty, I also added the ability to 'make CLEAN_SUBMODULE=1' to get things going again. Also, while testing this, I noticed that when a submodule update was needed, 'make' would first run autoreconf, then bootstrap (which reruns autoreconf); adding a strategic dependency allows for less work. * .gnulib: Update to latest, for maint.mk improvements. * cfg.mk (_autogen): Also hook maint.mk, to run before autoreconf. * autogen.sh (bootstrap): Refuse to run if gnulib is dirty, unless user requests discarding gnulib changes. (cherry picked from commit c5f16220)
-
由 Guannan Ren 提交于
Relabeling tapfd right after the tap device is created. qemuPhysIfaceConnect is common function called both for static netdevs and for hotplug netdevs. (cherry picked from commit 4492ef7f)
-
由 Michal Privoznik 提交于
which frees all allocated memory but doesn't set the passed pointer to NULL. Therefore, we must do it ourselves. This is causing actual libvirtd crash: Basically, when doing 'virsh net-edit' the newDef should be dropped. And the memory is freed, indeed. However, the pointer is not set to NULL but kept instead. And the next duo of calls 'virsh net-start' and 'virsh net-destroy' starts the disaster. The latter one does the same as 'virsh destroy'; it sees that newDef is nonNULL so it replaces def with newDef (which has been freed already as said a few lines above). Therefore any subsequent call accessing def will hit the ground. (cherry picked from commit b7e92024)
-
由 Guannan Ren 提交于
(cherry picked from commit d37a3a1d)
-
由 Guannan Ren 提交于
It should relabel tapfd of virtual network of type VIR_DOMAIN_NET_TYPE_DIRECT rather than VIR_DOMAIN_NET_TYPE_NETWORK and VIR_DOMAIN_NET_TYPE_BRIDGE (commit ae368ebf introduced this bug) Caution: The context of the two hunks is identical other than indentation. Please be extremely cautious of where the patch gets applied. (cherry picked from commit 89b63f0a)
-
由 Martin Kletzander 提交于
In commit 9674f2c6, I forgot to change selabel_lookup with the other functions, so this one-liner does exactly that. (cherry picked from commit 6676c1fc)
-
由 Guannan Ren 提交于
BZ:https://bugzilla.redhat.com/show_bug.cgi?id=851981 When using macvtap, a character device gets first created by kernel with name /dev/tapN, its selinux context is: system_u:object_r:device_t:s0 Shortly, when udev gets notification when new file is created in /dev, it will then jump in and relabel this file back to the expected default context: system_u:object_r:tun_tap_device_t:s0 There is a time gap happened. Sometimes, it will have migration failed, AVC error message: type=AVC msg=audit(1349858424.233:42507): avc: denied { read write } for pid=19926 comm="qemu-kvm" path="/dev/tap33" dev=devtmpfs ino=131524 scontext=unconfined_u:system_r:svirt_t:s0:c598,c908 tcontext=system_u:object_r:device_t:s0 tclass=chr_file This patch will label the tapfd device before qemu process starts: system_u:object_r:tun_tap_device_t:MCS(MCS from seclabel->label) (cherry picked from commit ae368ebf)
-
由 Martin Kletzander 提交于
We are currently able to work only with non-translated SELinux contexts, but we are using functions that work with translated contexts throughout the code. This patch swaps all SELinux context translation relative calls with their raw sisters to avoid parsing problems. The problems can be experienced with mcstrans for example. The difference is that if you have translations enabled (yum install mcstrans; service mcstrans start), fgetfilecon_raw() will get you something like 'system_u:object_r:virt_image_t:s0', whereas fgetfilecon() will return 'system_u:object_r:virt_image_t:SystemLow' that we cannot parse. I was trying to confirm that the _raw variants were here since the dawn of time, but the only thing I see now is that it was imported together in the upstream repo [1] from svn, so before 2008. Thanks Laurent Bigonville for finding this out. [1] http://oss.tresys.com/git/selinux.git (cherry picked from commit 9674f2c6)
-
- 24 10月, 2012 1 次提交
-
-
由 Benjamin Cama 提交于
I hit this problem recently when trying to create a bridge with an IPv6 address on a 3.2 kernel: dnsmasq (and, further, radvd) would not bind to the given address, waiting 20s and then giving up with -EADDRNOTAVAIL (resp. exiting immediately with "error parsing or activating the config file", without libvirt noticing it, BTW). This can be reproduced with (I think) any kernel >= 2.6.39 and the following XML (to be used with "virsh net-create"): <network> <name>test-bridge</name> <bridge name='testbr0' /> <ip family='ipv6' address='fd00::1' prefix='64'> </ip> </network> (it happens even when you have an IPv4, too) The problem is that since commit [1] (which, ironically, was made to “help IPv6 autoconfiguration”) the linux bridge code makes bridges behave like “real” devices regarding carrier detection. This makes the bridges created by libvirt, which are started without any up devices, stay with the NO-CARRIER flag set, and thus prevents DAD (Duplicate address detection) from happening, thus letting the IPv6 address flagged as “tentative”. Such addresses cannot be bound to (see RFC 2462), so dnsmasq fails binding to it (for radvd, it detects that "interface XXX is not RUNNING", thus that "interface XXX does not exist, ignoring the interface" (sic)). It seems that this behavior was enhanced somehow with commit [2] by avoiding setting NO-CARRIER on empty bridges, but I couldn't reproduce this behavior on my kernel. Anyway, with the “dummy tap to set MAC address” trick, this wouldn't work. To fix this, the idea is to get the bridge's attached device to be up so that DAD can happen (deactivating DAD altogether is not a good idea, I think). Currently, libvirt creates a dummy TAP device to set the MAC address of the bridge, keeping it down. But even if we set this device up, it is not RUNNING as soon as the tap file descriptor attached to it is closed, thus still preventing DAD. So, we must modify the API a bit, so that we can get the fd, keep the tap device persistent, run the daemons, and close it after DAD has taken place. After that, the bridge will be flagged NO-CARRIER again, but the daemons will be running, even if not happy about the device's state (but we don't really care about the bridge's daemons doing anything when no up interface is connected to it). Other solutions that I envisioned were: * Keeping the *-nic interface up: this would waste an fd for each bridge during all its life. May be acceptable, I don't really know. * Stop using the dummy tap trick, and set the MAC address directly on the bridge: it is possible since quite some time it seems, even if then there is the problem of the bridge not being RUNNING when empty, contrary to what [2] says, so this will need fixing (and this fix only happened in 3.1, so it wouldn't work for 2.6.39) * Using the --interface option of dnsmasq, but I saw somewhere that it's not used by libvirt for backward compatibility. I am not sure this would solve this problem, though, as I don't know how dnsmasq binds itself to it with this option. This is why this patch does what's described earlier. This patch also makes radvd start even if the interface is “missing” (i.e. it is not RUNNING), as it daemonizes before binding to it, and thus sometimes does it after the interface has been brought down by us (by closing the tap fd), and then originally stops. This also makes it stop yelling about it in the logs when the interface is down at a later time. [1] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=1faa4356a3bd89ea11fb92752d897cff3a20ec0e [2] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=b64b73d7d0c480f75684519c6134e79d50c1b341 (cherry picked from commit db488c79)
-
- 19 10月, 2012 21 次提交
-
-
由 Jiri Denemark 提交于
When p2p migration fails early because qemuMigrationIsAllowed or qemuMigrationIsSafe say migration should be cancelled, we fail to clear the migration-out async job. As a result of that, further APIs called for the same domain may fail with Timed out during operation: cannot acquire state change lock. Reported by Guido Winkelmann. (cherry picked from commit 837993d8)
-
由 Cole Robinson 提交于
On F17 at least, this command fails: $ sudo /usr/sbin/lvcreate --name sparsetest -L 0K --virtualsize 16384K vgvirt Unable to create new logical volume with no extents Which is unfortunate since allocation=0 is what virt-manager tries to use by default. Rather than telling the user 'don't do that', let's just give them the smallest allocation possible if alloc=0 is requested. https://bugzilla.redhat.com/show_bug.cgi?id=866481 (cherry picked from commit 9f0e9cba)
-
由 Cole Robinson 提交于
Before: $ sudo virsh vol-create-as --pool vgvirt sparsetest --capacity 16M --allocation 0 error: Failed to create vol sparsetest error: internal error Child process (/usr/sbin/lvchange -aln vgvirt/sparsetest) unexpected exit status 5: One or more specified logical volume(s) not found. After: $ sudo virsh vol-create-as --pool vgvirt sparsetest --capacity 16M --allocation 0 error: Failed to create vol sparsetest error: internal error Child process (/usr/sbin/lvcreate --name sparsetest -L 0K --virtualsize 16384K vgvirt) unexpected exit status 5: Unable to create new logical volume with no extents (cherry picked from commit 01df6f2b)
-
由 Peter Krempa 提交于
libssh2 unfortunately doesn't support symbol versioning so RPM can't figure out what version is needed for the currently installed libvirt package. This patch adds a runtime requirement, so that the correct version of libssh2 can be installed along with libvirt. (cherry picked from commit cb4f41b8)
-
由 Peter Krempa 提交于
Libssh2 transport support was enabled lately but the spec file wasn't updated to take this into account. This caused libvirt to be built without libssh2 support in Red Hat based OSes. (cherry picked from commit 1e25c54f)
-
由 Martin Kletzander 提交于
There was a crash possible when both <boot dev... and <boot order... were specified due to virDomainDefParseBootXML() erroring out before setting *tmp (which was free'd in cleanup). As a fix, I created this cleanup that uses one pointer for all the temporary stored XPath strings and values, plus this pointer is correctly initialized to NULL. (cherry picked from commit 280b8c9e)
-
由 Guido Günther 提交于
This fixes problems on platforms where sizeof(long) != sizeof(long long) like ia32. (cherry picked from commit d78035d0)
-
由 Zeeshan Ali (Khattak) 提交于
(cherry picked from commit 0ec6aebb)
-
由 Cole Robinson 提交于
Done with: sed -i -e "s/no pool with matching uuid/no storage pool with matching uuid/g" src/storage/storage_driver.c sed -i -e 's/"%s", _("no storage pool with matching uuid")/_("no storage pool with matching uuid %s"), obj->uuid/g' src/storage/storage_driver.c sed -i -e 's/"%s", _("storage pool is not active")/_("storage pool '%s' is not active"), pool->def->name/g' src/storage/storage_driver.c And a couple fixups before, during, and after, and a manual inspection pass to make sure nothing was wonky. (cherry picked from commit 3af8280b)
-
由 Daniel P. Berrange 提交于
When adding variants of parameter setting APIs which accepted flags, the existing APIs were all adapted internally to pass VIR_DOMAIN_AFFECT_CURRENT to the new API. The QEMU impl qemuSetSchedularParameters was an exception, which instead used VIR_DOMAIN_AFFECT_LIVE. Change this to match other compatibility scenarios, so that calling virDomainSetSchedularParameters(dom, params, nparams); Has the same semantics as virDomainSetSchedularParametersFlags(dom, params, nparams, 0); And virDomainSetSchedularParametersFlags(dom, params, nparams, VIR_DOMAIN_AFFECT_CURRENT); Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit 4da9b2c1)
-
由 Michal Privoznik 提交于
With our latest s/[a-z]+ReportError/virReportError/ rewrite (47ab34e2) we forgot to update arm part of the code. (cherry picked from commit 84a8917b)
-
由 Matthias Bolte 提交于
curl_global_init is not thread-safe. curl_easy_init might call curl_global_init when it was no called before. But curl_easy_init can be called from different threads by the ESX driver. Therefore, call curl_global_init from virInitialize to stop curl_easy_init from calling it. Reported by Benjamin Wang. (cherry picked from commit 458c4998)
-
由 Martin Kletzander 提交于
When both kvmclock and kvm_pv_eoi are configured (either disabled or enabled) libvirt will generate invalid CPU specification due to the fact that even though kvmclock causes the CPU to be specified, it doesn't set have_cpu flag to true (and the new kvm_pv_eoi as well). This patch fixes the issue and adds a test exactly for that to show that it is fixed correctly (and also to keep it that way in the future of course). (cherry picked from commit 5d692cc7)
-
由 Matthias Bolte 提交于
libcurl uses a SIGALRM in combination with sigsetjmp/siglongjmp to be able to abort a DNS lookup when it takes too long. The problem with this in a multi-threaded application is that the signal handler for SIGALRM and the call to siglongjmp can be executed on a thread that is different from the one that initially did the SIGALRM setup and the call to sigsetjmp. In the reported case this triggered a segfault. Disable libcurl's use of signals to avoid this situation. This has the disadvantage of losing the ability to abort synchronous DNS lookups which might result in libcurl getting stuck in a DNS lookup in the worst case. When libcurl was build with an asynchronous DNS backend such as c-ares then there is no problem because the timeout mechanism works without signals here anyway. Reported by Benjamin Wang. (cherry picked from commit 0821ea6b)
-
由 Viktor Mihajlovski 提交于
The output buffer for virFileReadAll was too small for systems with more than 30 CPUs which leads to a log entry and incorrect behavior. The new size will be sufficient for the current architectural limits. Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com> (cherry picked from commit 4bdc8606)
-
由 Eric Blake 提交于
I noticed that in two places, we require util-linux, and in a third, we require util-linux-ng. On Fedora (I tested F15 through rawhide), util-linux-ng is obsoleted by util-linux; on RHEL 6, util-linux is obsoleted by util-linux-ng. That is, on either platform, either name will get you the correct package installed (where the preferred name on fedora is util-linux, and on RHEL 6 is util-linux-ng). But on RHEL 5, there is no util-linux-ng * libvirt.spec.in (Requires): Use util-linux, not util-linux-ng. (cherry picked from commit a9087ad1)
-
由 Eric Blake 提交于
Use of the wrong attribute name caused the table of contents to be useless. Fix suggested by Daniel P. Berrange. * docs/migration.html.in: Use correct anchoring attribute. (cherry picked from commit eeb8c924)
-
由 Kyle Mestery 提交于
Correct the check for the return value of virStrcpyStatic() when copying port-profile names. Fixes Open vSwitch ports which utilize port-profiles from network definitions. Signed-off-by: NKyle Mestery <kmestery@cisco.com> (cherry picked from commit 83aebf6d)
-
由 Eric Blake 提交于
Commit c579d6b3 added a sledgehammer to silence spurious warnings from gcc 4.2, but in the process, it also silenced useful warnings from gcc 4.3 through 4.5. As a result, a bug slipped in to commit 0caccb58. Tested with FreeBSD (gcc 4.2.1), RHEL 6.3 (gcc 4.4), and F17 (gcc 4.7.2), where the former didn't trip on spurious warnings, and where the latter two detected a revert of 2b804cfa. * m4/virt-compile-warnings.m4 (-Wno-format): Probe for the actual spurious message, to once again allow gcc 4.4 to use -Wformat. (cherry picked from commit 814a8dea)
-
由 Peter Krempa 提交于
When doing snapshots, the filesystem freeze function used the agent entering function that expects the qemud_driver unlocked. This might cause a deadlock of the qemu driver if the agent does not respond. The only call path of this function has the qemud_driver locked, so this patch changes the entering functions to those expecting the driver locked. (cherry picked from commit e0316b5e)
-
由 Michal Privoznik 提交于
There was an inverted return value in lxcCgroupControllerActive(). The function assumes cgroups are active and do couple of checks to prove that. If any of them fails, false is returned. Therefore, at the end, after all checks are done we must return true, not false. (cherry picked from commit 0dddd680)
-