- 21 8月, 2012 6 次提交
-
-
由 Marcelo Cerri 提交于
This patch updates libvirt's API to allow applications to inspect the full list of security labels of a domain. Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
-
由 Marcelo Cerri 提交于
This patch updates the key "security_driver" in QEMU config to suport both a sigle default driver or a list of default drivers. This ensures that it will remain compatible with older versions of the config file. Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
-
由 Marcelo Cerri 提交于
These changes make the security drivers able to find and handle the correct security label information when more than one label is available. They also update the DAC driver to be used as an usual security driver. Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
-
由 Marcelo Cerri 提交于
This patch updates the domain and capability XML parser and formatter to support more than one "seclabel" element for each domain and device. The RNG schema and the tests related to this are also updated by this patch. Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
-
由 Marcelo Cerri 提交于
This patch updates the structures that store information about each domain and each hypervisor to support multiple security labels and drivers. It also updates all the remaining code to use the new fields. Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
-
由 Viktor Mihajlovski 提交于
This is a fix for the object label generation. It uses a new flag for virSecuritySELinuxGenNewContext that specifies whether the context is for an object. If so the context role remains unchanged. Without this fix it is not possible to start domains with image file or block device backed storage when selinux is enabled. Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
-
- 20 8月, 2012 3 次提交
-
-
由 Daniel P. Berrange 提交于
In order to support systemd socket based activation, it needs to be possible to create virNetSocketPtr and virNetServerServicePtr instance from a pre-opened file descriptor
-
由 Daniel P. Berrange 提交于
In preparation for adding further constructors, refactor the virNetServerClientNew method to move most of the code into a common virNetServerClientNewInternal helper API. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Currently the virNetServerDispatchNewClient both creates the virNetServerClientPtr instance and registers it with the virNetServerPtr internal state. Split the client registration code out into a separate virNetServerAddClient method to allow future reuse from other contexts Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 18 8月, 2012 8 次提交
-
-
由 Shradha Shah 提交于
For network devices allocated from a network with <forward mode='hostdev'>, there is a need to add the newly minted hostdev to the hostdevs array. In this case we also need to call qemuPrepareHostDevices just for this one device, as the standard call to initialize all the hostdevs that were defined directly in the domain's configuration has already been made by the time we allocate a device from a libvirt network, and thus have something that needs initializing. Signed-off-by: NShradha Shah <sshah@solarflare.com>
-
由 Shradha Shah 提交于
This patch updates the network driver to properly utilize the new attributes/elements that are now in virNetworkDef Signed-off-by: NShradha Shah <sshah@solarflare.com> Signed-off-by: NLaine Stump <laine@laine.org>
-
由 Shradha Shah 提交于
This function is needed by the network driver in a later commit. It is useful in functions like networkNotifyActualDevice and networkReleaseActualDevice
-
由 Shradha Shah 提交于
The network pool should be able to keep track of both network device names and PCI addresses, and return the appropriate one in the actualDevice when networkAllocateActualDevice is called. Signed-off-by: NShradha Shah <sshah@solarflare.com>
-
由 Shradha Shah 提交于
This patch introduces the new forward mode='hostdev' along with attribute managed. Includes updates to the network RNG and new xml parser/formatter code. Signed-off-by: NShradha Shah <sshah@solarflare.com>
-
由 Shradha Shah 提交于
Existing code that creates a list of forwardIfs from a single PF was moved to the new utility function networkCreateInterfacePool. No functional change. Signed-off-by: NShradha Shah <sshah@solarflare.com>
-
由 Shradha Shah 提交于
Move the functions the parse/format, and validate PCI addresses to their own file so they can be conveniently used in other places besides device_conf.c Refactoring existing code without causing any functional changes to prepare for new code. This patch makes the code reusable. Signed-off-by: NShradha Shah <sshah@solarflare.com>
-
由 Jiri Denemark 提交于
Change device type of a virtio channel from/to spicevmc is not a user visible change. However, spicevmc channels use different default target name than other virtio channels. To maintain ABI stability during this change target name must be explicitly specified (and equal) in both configurations.
-
- 17 8月, 2012 3 次提交
-
-
由 Kyle Mestery 提交于
Add the ability to support VLAN tags for Open vSwitch virtual port types. To accomplish this, modify virNetDevOpenvswitchAddPort and virNetDevTapCreateInBridgePort to take a virNetDevVlanPtr argument. When adding the port to the OVS bridge, setup either a single VLAN or a trunk port based on the configuration from the virNetDevVlanPtr. Signed-off-by: NKyle Mestery <kmestery@cisco.com>
-
由 Osier Yang 提交于
Setting hard_limit larger than previous swap_hard_limit must fail, it's not that good if one wants to change the swap_hard_limit and hard_limit together. E.g. % virsh memtune rhel6 hard_limit : 1000000 soft_limit : 1000000 swap_hard_limit: 1000000 % virsh memtune rhel6 --hard-limit 1000020 --soft-limit 1000020 \ --swap-hard-limit 1000020 --live This patch reorder the limits setting to set the swap_hard_limit first, hard_limit then, and soft_limit last if it's greater than current swap_hard_limit. And soft_limit first, hard_limit then, swap_hard_limit last, if not.
-
由 Eric Blake 提交于
'make distcheck' fails because the generated ESX and HyperV files are (intentionally) marked read-only, but since the stamp file was missing, make assumes they need to be rebuilt. Shipping the stamp file solves the problem. * src/Makefile.am (EXTRA_DIST): Ship stamp files.
-
- 16 8月, 2012 7 次提交
-
-
由 Laine Stump 提交于
The underlying function to set the vlan tag of an SR-IOV network device was already in place (although an extra patch to save/restore the original vlan tag was needed), and recent patches added the ability to configure a vlan tag. This patch just ties those two together. An SR-IOV device doesn't support vlan trunking, so if anyone tries to configure more than a single tag, or set the trunk flag, and error is logged.
-
由 Laine Stump 提交于
When a network device that is a VF of an SR-IOV card was assigned to a guest using <interface type='hostdev'>, only the MAC address was being saved/restored, but the VLAN tag was left untouched. Up to now we haven't actually used vlan tags on SR-IOV devices, so the guest would have used whatever was set, and left it the same at the end. The patch following this one will hook up the <vlan> element from the interface config, so save/restore of the device state needs to also include the vlan tag. MAC address is being saved as a simple ASCII string in a file named for the device under /var/run. The VLAN tag is now just added at the end of that file, after a newline. It might be nicer if the file was XML (in case it ever gets more complicated) but at the moment there's nothing else on the horizon, and this makes backward compatibility easier.
-
由 Osier Yang 提交于
The parameter value for cpuset could be in special format like "0-10,^7", which is not recognized by cgroup. This patch is to ensure the cpuset is formatted as expected before passing it to cgroup. As a side effect, after the patch, it parses the cpuset early before cgroup setting, to avoid the rollback if cpuset parsing fails afterwards.
-
由 Daniel P. Berrange 提交于
Previous commit: commit 9093ab77 Author: Daniel P. Berrange <berrange@redhat.com> Date: Wed Jul 18 17:03:17 2012 +0100 Add lots of internal symbols to libvirt_private.syms mistakenly put some conditional SASL symbols in libvirt_private.syms instead of libvirt_sasl.syms
-
由 Laine Stump 提交于
The network driver now looks for the vlan element in network and portgroup objects, and logs an error at network define time if a vlan is requested for a network type that doesn't support it. (Currently vlan configuration is only supported for openvswitch networks, and networks used to do hostdev assignment of SR-IOV VFs.) At runtime, the three potential sources of vlan information are examined in this order: interface, chosen portgroup, network, and the first that is non-empty is used. Another check for valid network type is made at this time, since the interface may have requested a vlan (a legal thing to have in the interface config, since it's not known until runtime if the chosen network will actually support it). Since we must also check for domains requesting vlans for unsupported connection types even if they are type='network', and since networkAllocateActualDevice() is being called in exactly the correct places, and has all of the necessary information to check, I slightly modified the logic of that function so that interfaces that aren't type='network' don't just return immediately. Instead, they also perform all the same validation for supported features. Because of this, it's not necessary to make this identical check in the other three places that would normally require it: 1) qemu domain startup, 2) qemu device hotplug, 3) lxc domain startup. This can be seen as a first step in consolidating network-related functionality into the network driver, rather than having copies of the same code spread around in multiple places; this will make it easier to split the network parts off into a separate daemon, as we've discussed recently.
-
由 Laine Stump 提交于
The following config elements now support a <vlan> subelements: within a domain: <interface>, and the <actual> subelement of <interface> within a network: the toplevel, as well as any <portgroup> Each vlan element must have one or more <tag id='n'/> subelements. If there is more than one tag, it is assumed that vlan trunking is being requested. If trunking is required with only a single tag, the attribute "trunk='yes'" should be added to the toplevel <vlan> element. Some examples: <interface type='hostdev'/> <vlan> <tag id='42'/> </vlan> <mac address='52:54:00:12:34:56'/> ... </interface> <network> <name>vlan-net</name> <vlan trunk='yes'> <tag id='30'/> </vlan> <virtualport type='openvswitch'/> </network> <interface type='network'/> <source network='vlan-net'/> ... </interface> <network> <name>trunk-vlan</name> <vlan> <tag id='42'/> <tag id='43'/> </vlan> ... </network> <network> <name>multi</name> ... <portgroup name='production'/> <vlan> <tag id='42'/> </vlan> </portgroup> <portgroup name='test'/> <vlan> <tag id='666'/> </vlan> </portgroup> </network> <interface type='network'/> <source network='multi' portgroup='test'/> ... </interface> IMPORTANT NOTE: As of this patch there is no backend support for the vlan element for *any* network device type. When support is added in later patches, it will only be for those select network types that support setting up a vlan on the host side, without the guest's involvement. (For example, it will be possible to configure a vlan for a guest connected to an openvswitch bridge, but it won't be possible to do that for one that is connected to a standard Linux host bridge.)
-
由 Laine Stump 提交于
To allow for the possibility of vlan "trunks", which have more than one vlan tag associated with them, we need a vlan struct. Since it will be used by multiple files in src/util, src/conf, src/network, and src/qemu, it must be defined in src/util. Unfortunately there isn't currently a common file for simple netdev data definitions, so I created a new file.
-
- 15 8月, 2012 13 次提交
-
-
由 Laine Stump 提交于
This caused compilation of virnetdevvportprofile.c to fail on systems without IFLA support in netlink (these are netlink commands used to configure the VF's of SR-IOV network devices).
-
由 Daniel P. Berrange 提交于
Fix build on platforms lacking YAJL library by adding missing 'bool pretty' parameter to virJSONValueToString.
-
由 Daniel P. Berrange 提交于
Currently there is a hook function that is invoked when a new client connection comes in, which allows an app to setup private data. This setup will make it difficult to serialize client state during process re-exec(). Change to a model where the app registers a callback when creating the virNetServerPtr instance, which is used to allocate the client private data immediately during virNetClientPtr construction. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Currently the virNetClientPtr constructor will always register the async IO event handler and the keepalive objects. In the case of the lock manager, there will be no event loop available nor keepalive support required. Split this setup out of the constructor and into separate methods. The remote driver will enable async IO and keepalives, while the LXC driver will only enable async IO Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Currently the virNetServerServicePtr is responsible for creating the virNetServerClientPtr instance when accepting a new connection. Change this so that the virNetServerServicePtr merely gives virNetServerPtr a virNetSocketPtr instance. The virNetServerPtr can then create the virNetServerClientPtr as it desires Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
It is desirable to be able to query the config params of the thread pool, in order to save the server state. Add virThreadPoolGetMinWorkers, virThreadPoolGetMaxWorkers and virThreadPoolGetPriorityWorkers APIs. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
While the QEMU monitor/agent do not want JSON strings pretty printed, other parts of libvirt might. Instead of hardcoding QEMU's desired behaviour in virJSONValueToString(), add a boolean flag to control pretty printing Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
To allow a virLockManagerPtr to be created directly from a driver table struct, replace the virLockManagerPluginPtr parameter with a virLockDriverPtr parameter. * src/locking/domain_lock.c, src/locking/lock_manager.c, src/locking/lock_manager.h: Replace plugin param with a driver in virLockManagerNew Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The qemuProcessAutoDestroyRun function was removed in an earlier commit, but the header file declaration was not deleted
-
由 Dmitry Guryanov 提交于
Do some cleanup of parallelsOpen, STREQ_NULLABLE can replace a lot of checks. Also fix error message to be VIR_ERR_INTERNAL_ERROR, the same as in other drivers. Signed-off-by: NDmitry Guryanov <dguryanov@parallels.com>
-
parallels:///system由 Dmitry Guryanov 提交于
Let's change URI to parallels:///system. Parallels Server supports creating VMs from non-privileged accounts, but it's not main usage scenario and it may be forbidden in the future. Also containers, which will be supported by the driver, can be managed only by root, so /system path is more suitable for this driver. Signed-off-by: NDmitry Guryanov <dguryanov@parallels.com>
-
由 Laine Stump 提交于
Each interface has a single pointer to a filterref object. That filterref can itself point to multiple other filterrefs, but at the toplevel there is only one. The parser had previously just silently overwritten earlier filterrefs when a new one was encountered, so the interface was left with whichever was the last filterref in the xml, ignoring all the others. This patch logs an error when it sees more than one filterref.
-