Commit 6cb4acce reintroduced the bug fixed in commit d145fe3b.

* docs/formatdomain.html.in (elementsDisks): Fix again.

The blocks to extract node information on a per-arch
basis wasn't well balanced leading to a compilation
failure if not on one of the handled arches (PCs and PPCs)

This wires up the XML changes in the previous patch to let SELinux
labeling honor user overrides, as well as affecting the live XML
configuration in one case where the user didn't specify anything
in the offline XML.

I noticed that the logs contained messages like this:

2011-12-05 23:32:40.382+0000: 26569: warning : SELinuxRestoreSecurityFileLabel:533 : cannot lookup default selinux label for /nfs/libvirt/images/dom.img

for all my domain images living on NFS.  But if we would just remember
that on domain creation that we were unable to set a SELinux label (due to
NFSv3 lacking labels, or NFSv4 not being configured to expose attributes),
then we could avoid wasting the time trying to clear the label on
domain shutdown.  This in turn is one less point of NFS failure,
especially since there have been documented cases of virDomainDestroy
hanging during an attempted operation on a failed NFS connection.

* src/security/security_selinux.c (SELinuxSetFilecon): Move guts...
(SELinuxSetFileconHelper): ...to new function.
(SELinuxSetFileconOptional): New function.
(SELinuxSetSecurityFileLabel): Honor override label, and remember
if labeling failed.
(SELinuxRestoreSecurityImageLabelInt): Skip relabeling based on
override.

Implement the parsing and formatting of the XML addition of
the previous commit.  The new XML doesn't affect qemu command
line, so we can now test round-trip XML->memory->XML handling.

I chose to reuse the existing structure, even though per-device
override doesn't use all of those fields, rather than create a
new structure, in order to reuse more code.

* src/conf/domain_conf.h (_virDomainDiskDef): Add seclabel member.
* src/conf/domain_conf.c (virDomainDiskDefFree): Free it.
(virSecurityLabelDefFree): New function.
(virDomainDiskDefFormat): Print it.
(virSecurityLabelDefFormat): Reduce output if model not present.
(virDomainDiskDefParseXML): Alter signature, and parse seclabel.
(virSecurityLabelDefParseXML): Split...
(virSecurityLabelDefParseXMLHelper): ...into new helper.
(virDomainDeviceDefParse, virDomainDefParseXML): Update callers.
* tests/qemuxml2argvdata/qemuxml2argv-seclabel-dynamic-override.args:
New file.
* tests/qemuxml2xmltest.c (mymain): Enhance test.
* tests/qemuxml2argvtest.c (mymain): Likewise.

When doing security relabeling, there are cases where a per-file
override might be appropriate.  For example, with a static label
and relabeling, it might be appropriate to skip relabeling on a
particular disk, where the backing file lives on NFS that lacks
the ability to track labeling.  Or with dynamic labeling, it might
be appropriate to use a custom (non-dynamic) label for a disk
specifically intended to be shared across domains.

The new XML resembles the top-level <seclabel>, but with fewer
options (basically relabel='no', or <label>text</label>):

<domain ...>
  ...
  <devices>
    <disk type='file' device='disk'>
      <source file='/path/to/image1'>
        <seclabel relabel='no'/> <!-- override for just this disk -->
      </source>
      ...
    </disk>
    <disk type='file' device='disk'>
      <source file='/path/to/image1'>
        <seclabel relabel='yes'> <!-- override for just this disk -->
          <label>system_u:object_r:shared_content_t:s0</label>
        </seclabel>
      </source>
      ...
    </disk>
    ...
  </devices>
  <seclabel type='dynamic' model='selinux'>
    <baselabel>text</baselabel> <!-- used for all devices without override -->
  </seclabel>
</domain>

This patch only introduces the XML and documentation; future patches
will actually parse and make use of it.  The intent is that we can
further extend things as needed, adding a per-device <seclabel> in
more places (such as the source of a console device), and possibly
allowing a <baselabel> instead of <label> for labeling where we want
to reuse the cNNN,cNNN pair of a dynamically labeled domain but a
different base label.

First suggested by Daniel P. Berrange here:
https://www.redhat.com/archives/libvir-list/2011-December/msg00258.html

* docs/schemas/domaincommon.rng (devSeclabel): New define.
(disk): Use it.
* docs/formatdomain.html.in (elementsDisks, seclabel): Document
the new XML.
* tests/qemuxml2argvdata/qemuxml2argv-seclabel-dynamic-override.xml:
New test, to validate RNG.

Pure code motion; no semantic change.

* src/conf/domain_conf.h (virDomainSeclabelType)
(virSecurityLabelDefPtr): Declare earlier.
* src/conf/domain_conf.c (virSecurityLabelDefClear)
(virSecurityLabelDefParseXML): Move earlier.
(virDomainDefParseXML): Move seclabel parsing earlier.

A future patch will parse and output <seclabel> in more than one
location in a <domain> xml; make it easier to reuse code.

* src/conf/domain_conf.c (virSecurityLabelDefFree): Rename...
(virSecurityLabelDefClear): ...and make static.
(virSecurityLabelDefParseXML): Alter signature.
(virDomainDefParseXML, virDomainDefFree): Adjust callers.
(virDomainDefFormatInternal): Split output...
(virSecurityLabelDefFormat): ...into new helper.

The RNG for <seclabel> was too strict - if it was present, then it
had to have sub-elements, even if those didn't make sense for the
given attributes.  Also, we didn't have any tests of <seclabel>
parsing or XML output.

In this patch, I added more parsing tests than output tests (since
the output populates and/or reorders fields not present in certain
inputs).  Making the RNG reliable is a precursor to using <seclabel>
variants in more places in the XML in later patches.

See also:
http://berrange.com/posts/2011/09/29/two-small-improvements-to-svirt-guest-configuration-flexibility-with-kvmlibvirt/

* docs/schemas/domaincommon.rng (seclabel): Tighten rules.
* tests/qemuxml2argvtest.c (mymain): New tests.
* tests/qemuxml2xmltest.c (mymain): Likewise.
* tests/qemuxml2argvdata/qemuxml2argv-seclabel-*.*: New files.

As seen in https://bugzilla.redhat.com/show_bug.cgi?id=746111

If compiled with the daemon and avahi support, then it's better
to require avahi at the rpm level to avoid daemon startup errors.

Add a new command domiftune to get/set interface parameters.

* tools/virsh.c: implement the new command
* tools/virsh.pod: documentation of the new command

* src/qemu/qemu_driver.c: implement the qemu driver support

Add a util function virDomainNetFind to find a domain's net def.

* daemon/remote.c: implement the server side support
* src/remote/remote_driver.c: implement the client side support
* src/remote/remote_protocol.x: definitions for the new entry points
* src/remote_protocol-structs: structure definitions

* src/libvirt.c: implement the main entry points

The APIs are used to set/get domain's network interface's parameters.
Currently supported parameters are bandwidth settings.

* include/libvirt/libvirt.h.in: new API and parameters definition
* python/generator.py: skip the Python API generation
* src/driver.h: add new entry to the driver structure
* src/libvirt_public.syms: export symbols

* python/libvirt-override.c: remove the predefined array in the
  virConnectListDomainsID binding and call virConnectNumOfDomains
  to do a proper allocation

The parameter 'params' is useless for virDomainGetBlockIoTune API,
and the return value type should be a virTypedParameterPtr but not
integer. And "PyArg_ParseTuple" in functions
libvirt_virDomain{Set,Get}BlockIoTune misses format unit for "format"
argument.

* libvirt-override-api.xml: Remove useless the parameter 'params'
from virDomainGetBlockIoTune API, and change return value type from
integer to virTypedParameterPtr.

* python/libvirt-override.c: Add the missed format units.

RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=770683Signed-off-by: NAlex Jia <ajia@redhat.com>

https://bugzilla.redhat.com/show_bug.cgi?id=770520

We had two nested loops both trying to use 'i' as the iteration
variable, which can result in an infinite loop when the inner
loop interferes with the outer loop.  Introduced in commit 93ab5859.

* src/qemu/qemu_driver.c (qemuDomainSetBlkioParameters): Don't
reuse iteration variable across two loops.

Trivial patch, move version command to host commands group.

It has no any related with any domain.

It may connect to the daemon, so the flag is 0 but not VSH_CMD_FLAG_NOCONNECT.

Valgrind detected a pipe fd leak before the parent exits on success,
introduced in commit 4296cea2; by itself, the leak is not bad, since
we immediately called _exit(), but we might as well be clean to make
valgrind analysis easier.  Meanwhile, if the daemon grandchild detects
an error, the parent failed to flush the error message before exiting.
Also, we had the possibility of both parent and child returning to the
caller, such that the user could see duplicated reports of failure
from the two return paths.  And we might as well be robust to the
(unlikely) situation of being started with stdin closed.

* daemon/libvirtd.c (daemonForkIntoBackground): Use exit if an
error message was generated, avoid fd leaks for valgrind's sake,
avoid returning to caller in both parent and child, and don't
close a just-dup'd stdin.
Based on a report by Alex Jia.

* How to reproduce?
  % service libvirtd stop
  % valgrind -v --track-fds=yes /usr/sbin/libvirtd --daemon

* Actual valgrind result:

==16804== FILE DESCRIPTORS: 7 open at exit.
==16804== Open file descriptor 7:
==16804==    at 0x321FAD8B87: pipe (in /lib64/libc-2.12.so)
==16804==    by 0x41F34D: daemonForkIntoBackground (libvirtd.c:186)
==16804==    by 0x4207A0: main (libvirtd.c:1420)
Signed-off-by: NAlex Jia <ajia@redhat.com>
Signed-off-by: NEric Blake <eblake@redhat.com>

Virsh's echo command looks not having any relations with domains and its
description should go into the generic commands section instead of the
domain commands section (current).

Virsh's send-key command manipulates domains and its description should
go into the domain commands section instead of generic commands section
(current).

In order to avoid situation where a USB device is
in use by two domains, we must keep a list of already
attached devices like we do for PCI.

Commit e5a84d74 added a new attribute in the wrong location;
commit c8b9fa74 fixed the missing / at the end but not the extra
/ in the middle.

* docs/formatdomain.html.in (elementsDisks): Fix another typo.

* docs/formatdomain.html.in: Fix typos in examples.

Commit 6fdbce12 attempted to sort the list of tests, but failed
(without quotes, echo merges all the tests into a single line,
so there was nothing to sort).

* tests/schematestutils.sh: Fix thinko in previous patch.

This patch adds max_files option to qemu.conf which can be used to
override system default limit on number of opened files that are
allowed for qemu user.

This patch alters saving code, so we can report progress
and allow cancel via ^C.

This patch alters saving code, so we can report progress
and allow cancel via ^C.

This patch alters dumping code, so we can report progress
and allow cancel via ^C.

called vshWatchJob. This can be later used in other
job oriented commands like dump, save, managedsave
to report progress and allow user to cancel via ^C.

Latest patch a1a83c58 introduces new qemu capability flag
QEMU_CAPS_FSDEV_READONLY. However, it was missing in qemuhelptest
making test for qemu-1.0 fail.

Upstream QEMU starts to support it from commit 2c74c2cb.

Remove the requirement that DHCP messages have to be broadcasted.
DHCP requests are most often sent via broadcast but can be directed
towards a specific DHCP server. For example 'dhclient' takes '-s <server>'
as a command line parameter thus allowing DHCP requests to be sent to a
specific DHCP server.

Having a test that depends on file system timestamps and/or inode
allocation order gives non-deterministic output.

* tests/schematestutils.sh: Run test in deterministic order.

Create a fake PPC64 QEMU so that we can run PPC64 QEMU tests when we
don't have a real version of the emulator available.
Signed-off-by: NMichael Ellerman <michael@ellerman.id.au>

Add logic to assign addresses for devices with spapr-vio addresses.

We also do validation of addresses specified by the user, ie. ensuring
that there are not duplicate addresses on the bus.
Signed-off-by: NMichael Ellerman <michael@ellerman.id.au>

Original patch by Bharata. Updated to use {1,16} in spaprvioReg based
on example from Eric Blake.
Signed-off-by: NBharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: NPrerna Saxena <prerna@linux.vnet.ibm.com>
Signed-off-by: NMichael Ellerman <michael@ellerman.id.au>

For QEMU PPC64 we have a machine type ("pseries") which has a virtual
bus called "spapr-vio". We need to be able to create devices on this
bus, and as such need a way to specify the address for those devices.

This patch adds a new address type "spapr-vio", which achieves this.

The addressing is specified with a "reg" property in the address
definition. The reg is optional, if it is not specified QEMU will
auto-assign an address for the device.
Signed-off-by: NMichael Ellerman <michael@ellerman.id.au>