- 16 1月, 2015 6 次提交
-
-
由 John Ferlan 提交于
Commit id 'aa2cc721' added calls to virSocketAddrFormat but did not check for a NULL (error) return which could lead to bad output in the XML file. Need to check for NULL return and cause failure. Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
-
由 John Ferlan 提交于
Commit id 'aa2cc721' added call to virSocketAddrFormat and did not VIR_FREE() the returned memory. Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Cédric Bosdonnat 提交于
-
由 Cédric Bosdonnat 提交于
Moving code for parsing and formatting network routes to networkcommon_conf helps reusing those routes for domains. The route definition has been hidden to help reducing the number of unnecessary checks in the format function.
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1182486 When updating a network and adding new ip-dhcp-host entry, the deamon may crash. The problem is, we iterate over existing <host/> entries trying to compare MAC addresses to see if there's already an existing rule. However, not all entries are required to have MAC address. For instance, the following is perfectly valid entry: <host id='00:04:58:fd:e4:15:1b:09:4c:0e:09:af:e4:d3:8c:b8:ca:1e' name='redhatipv6.redhat.com' ip='2001:db8:ca2:2::119'/> When the checking loop iterates over this, the entry's MAC address is accessed directly. Well, the fix is obvious - check if the address is defined before trying to compare it. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Daniel P. Berrange 提交于
The virDomainDefineXMLFlags and virDomainCreateXML APIs both gain new flags allowing them to be told to validate XML. This updates all the drivers to turn on validation in the XML parser when the flags are set
-
- 14 1月, 2015 3 次提交
-
-
由 Michal Privoznik 提交于
There's this function virNetDevBandwidthParse which parses the bandwidth XML snippet. But it's not clever much. For the following XML it allocates the virNetDevBandwidth structure even though it's completely empty: <bandwidth> </bandwidth> Later in the code there are some places where we check if bandwidth was set or not. And since we obtained pointer from the parsing function we think that it is when in fact it isn't. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Daniel P. Berrange 提交于
The virDomainDefParse* and virDomainDefFormat* methods both accept the VIR_DOMAIN_XML_* flags defined in the public API, along with a set of other VIR_DOMAIN_XML_INTERNAL_* flags defined in domain_conf.c. This is seriously confusing & error prone for a number of reasons: - VIR_DOMAIN_XML_SECURE, VIR_DOMAIN_XML_MIGRATABLE and VIR_DOMAIN_XML_UPDATE_CPU are only relevant for the formatting operation - Some of the VIR_DOMAIN_XML_INTERNAL_* flags only apply to parse or to format, but not both. This patch cleanly separates out the flags. There are two distint VIR_DOMAIN_DEF_PARSE_* and VIR_DOMAIN_DEF_FORMAT_* flags that are used by the corresponding methods. The VIR_DOMAIN_XML_* flags received via public API calls must be converted to the VIR_DOMAIN_DEF_FORMAT_* flags where needed. The various calls to virDomainDefParse which hardcoded the use of the VIR_DOMAIN_XML_INACTIVE flag change to use the VIR_DOMAIN_DEF_PARSE_INACTIVE flag.
-
由 Daniel P. Berrange 提交于
The virCPUDefFormat* methods were relying on the VIR_DOMAIN_XML_* flag definitions. It is not desirable for low level internal functions to be coupled to flags for the public API, since they may need to be called from several different contexts where the flags would not be appropriate.
-
- 13 1月, 2015 3 次提交
-
-
由 Daniel P. Berrange 提交于
The VIR_DOMAIN_XML_SECURE flag only has effect on the formatting of XML so should not be passed to virDomainDefParseNode
-
由 Luyao Huang 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1181408 When we try to hotplug a channel chr device with no target, we will get success (which should fail) in virDomainChrDefParseXML, because we use goto cleanup this place and return an incomplete definition (with no target). In qemuDomainAttachChrDevice, we add it to the domain definition, but fail to remove it from there when chardev-add fails, because virDomainChrRemove matches chardevices according to the target name. The device definition is then freed in qemuDomainAttachDeviceFlags, leaving a stale pointer in the domain definition. Signed-off-by: NLuyao Huang <lhuang@redhat.com> Signed-off-by: NJán Tomko <jtomko@redhat.com>
-
由 Martin Kletzander 提交于
QEMU supports feature specification with -cpu host and we just skip using that. Since QEMU developers themselves would like to use this feature, this patch modifies the code to work. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1178850Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
- 09 1月, 2015 1 次提交
-
-
由 Luyao Huang 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1179684 The way that we currently generate the <driver/> for <controller/> is just madness: <controller type='scsi' index='0' model='virtio-scsi'> <driver queues='12'/> <driver cmd_per_lun='123'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/> </controller> It's obvious that we should be aiming at the following: <controller type='scsi' index='0' model='virtio-scsi'> <driver queues='12' cmd_per_lun='123'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/> </controller> Signed-off-by: NLuyao Huang <lhuang@redhat.com>
-
- 08 1月, 2015 1 次提交
-
-
由 Stefan Berger 提交于
Make use of the ebtables functionality to be able to filter certain parameters of icmpv6 packets. Extend the XML parser for icmpv6 types, type ranges, codes, and code ranges. Extend the nwfilter documentation, schema, and test cases. Being able to filter icmpv6 types and codes helps extending the DHCP snooper for IPv6 and filtering at least some parameters of IPv6's NDP (Neighbor Discovery Protocol) packets. However, the filtering will not be as good as the filtering of ARP packets since we cannot check on IP addresses in the payload of the NDP packets. Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
-
- 07 1月, 2015 1 次提交
-
-
由 Luyao Huang 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1177194 When migrate a vm, we will generate a xml via qemuDomainDefFormatLive and pass this xml to target libvirtd. Libvirt will use the current network state in def->data.network.actual to generate the xml, this will make migrate failed when we set a network type guest interface use a macvtap network as a source in a vm then migrate vm to another host(which has the different macvtap network settings: different interface name, bridge name...) Add a flag check in virDomainNetDefFormat, if we set a VIR_DOMAIN_XML_MIGRATABLE flag when call virDomainNetDefFormat, we won't get the current vm interface state. Signed-off-by: NLuyao Huang <lhuang@redhat.com> Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
- 06 1月, 2015 4 次提交
-
-
由 Cédric Bosdonnat 提交于
Network interfaces devices and host devices with net capabilities can now have IPv4 and/or an IPv6 routes configured.
-
由 Cédric Bosdonnat 提交于
-
由 Cédric Bosdonnat 提交于
Add the possibility to have more than one IP address configured for a domain network interface. IP addresses can also have a prefix to define the corresponding netmask.
-
由 Cédric Bosdonnat 提交于
-
- 25 12月, 2014 1 次提交
-
-
由 Michal Privoznik 提交于
The <domain/> element under /capabilities/guest/arch/ can have no child elements. If that's the case we format: <domain type='xen'> </domain> instead of simpler: <domain type='xen'/> This commit fixes that. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 17 12月, 2014 1 次提交
-
-
由 Martin Kletzander 提交于
In commit d2632d60 we agreed taht we want the parsed uid to properly overflow but only to -1, however the value was read into long and then wrapped into uid_t. That meaned it failed on 32-bit systems. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
- 16 12月, 2014 2 次提交
-
-
由 Martin Kletzander 提交于
Currently, when there is an API that's blocking with locked domain and second API that's waiting in virDomainObjListFindByUUID() for the domain lock (with the domain list locked) no other API can be executed on any domain on the whole hypervisor because all would wait for the domain list to be locked. This patch adds new optional approach to this in which the domain is only ref'd (reference counter is incremented) instead of being locked and is locked *after* the list itself is unlocked. We might consider only ref'ing the domain in the future and leaving locking on particular APIs, but that's no tonight's fairy tale. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Martin Kletzander 提交于
Volume and pool formatting functions took different approaches to unspecified uids/gids. When unknown, it is always parsed as -1, but one of the functions formatted it as unsigned int (wrong) and one as int (better). Due to that, our two of our XML files from tests cannot be parsed on 32-bit machines. RNG schema needs to be modified as well, but because both storagepool.rng and storagevol.rng need same schema for permission element, save some space by moving it to storagecommon.rng. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
- 15 12月, 2014 4 次提交
-
-
由 Wang Rui 提交于
We can change vnc password by using virDomainUpdateDeviceFlags API with live flag. But it can't be changed with config flag. Error is reported as below. error: Operation not supported: persistent update of device 'graphics' is not supported This patch supports the graphics arguments changed with config flag. Signed-off-by: NWang Rui <moon.wangrui@huawei.com>
-
由 Luyao Huang 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1174096 When both parameter have lockspaces present, virDomainLeaseIndex always returns -1 even there is a lease the same with the one we check. This is due to broken logic in 'if-else' statement. Signed-off-by: NLuyao Huang <lhuang@redhat.com> Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Luyao Huang 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1174053 Introduced by commit id '17bddc46' - fix a libvirtd crash when matching a network iscsi hostdev with a host iscsi hostdev. When we use attach-device to coldplug a network iscsi hostdev, libvirt will check if there is already a device in XML. But if the 'b' is a host iscsi hostdev and 'a' is a network iscsi hostdev, then libvirtd will crash in virDomainHostdevMatchSubsysSCSIiSCSI because 'b' doesn't have a hostname. Add a check in virDomainHostdevMatchSubsys, if the a's protocol and b's protocol is not the same. Following is the backtrace: 0 0x00007f850d6bc307 in virDomainHostdevMatchSubsysSCSIiSCSI at conf/domain_conf.c:10889 1 virDomainHostdevMatchSubsys at conf/domain_conf.c:10911 2 virDomainHostdevMatch at conf/domain_conf.c:10973 3 virDomainHostdevFind at conf/domain_conf.c:10998 4 0x00007f84f6a10560 in qemuDomainAttachDeviceConfig at qemu/qemu_driver.c:7223 5 qemuDomainAttachDeviceFlags at qemu/qemu_driver.c:7554 Signed-off-by: NLuyao Huang <lhuang@redhat.com>
-
由 Erik Skultety 提交于
For historical reasons, only the first <console> element might be of targetType serial, but we checked for other consoles of targetType serial in our post-parse callback if and only if we knew the first console was serial, otherwise the check was skipped. This patch moves the check one level up, so first the check for secondary console of type serial is performed and then the rest of operations continue unchanged. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1170092
-
- 13 12月, 2014 2 次提交
-
-
由 Martin Kletzander 提交于
When one domain is being undefined and at the same time started, for example, there is a possibility of a rare problem occuring. - Thread 1 does virDomainUndefine(), has the lock, checks that the domain is active and because it's not, calls virDomainObjListRemove(). - Thread 2 does virDomainCreate() and tries to lock the domain. - Thread 1 needs to lock domain list in order to remove the domain from it, but must unlock domain first (proper order is to lock domain list first and the domain itself second). - Thread 2 grabs the lock, starts the domain and releases the lock. - Thread 1 grabs the lock and removes the domain from list. With this patch: - The undefining domain gets marked as "to undefine" before it is unlocked. - If domain is found in any of the search APIs, it's returned only if it is not marked as "to undefine". The check is done while the domain is locked. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1150505Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Luyao Huang 提交于
It make no sense at all to have it there. Signed-off-by: NLuyao Huang <lhuang@redhat.com>
-
- 12 12月, 2014 1 次提交
-
-
由 Luyao Huang 提交于
Output error when we try to set a too large max_sectors. Just like queues and cmd_per_lun here. Signed-off-by: NLuyao Huang <lhuang@redhat.com>
-
- 11 12月, 2014 2 次提交
-
-
由 Ján Tomko 提交于
This fixes reverting to snapshots created by older libvirt and allows libvirt not to lose track of a domain that has this in its live status XML (such as a domain restored from managedsave) https://bugzilla.redhat.com/show_bug.cgi?id=1030793 https://bugzilla.redhat.com/show_bug.cgi?id=1151885
-
由 Ján Tomko 提交于
For host-passthrough CPU we don't honor the CPU features specified in the XML, but we allow outputting them via the UPDATE_CPU flag for dumpxml, this gives user a rough idea of what features the CPU might have. After restoring a managedsave'd domain, the features might end up in the live status XML (in /var/run) without the model. This XML cannot be parsed by the daemon after restart and the domain might disappear. This fix skips formatting the features for HOST_PASSTHROUGH when UPDATE_CPU is not specified, so the newly restored domains and newly created snapshots won't be affected. Note: this doesn't fix existing snapshots or already restored running domains. https://bugzilla.redhat.com/show_bug.cgi?id=1030793 https://bugzilla.redhat.com/show_bug.cgi?id=1151885
-
- 10 12月, 2014 1 次提交
-
-
由 Martin Kletzander 提交于
It make no sense at all to have it there. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
- 09 12月, 2014 5 次提交
-
-
由 Luyao Huang 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1171582 When we edit a negative controller address number to a device, some of them will auto generate a controller with invalid index number. This will make guest disappear after restart libvirtd. Instead of allowing negative number for controller index, we should forbid negative number in these place (we did this before, but after f18c02ec, virStrToLong_ui changed to allow negative number). Therefore switch to virStrToLong_uip in these places. Signed-off-by: NLuyao Huang <lhuang@redhat.com> Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Kyle DeFrancia 提交于
This resolves: https://bugzilla.redhat.com/show_bug.cgi?id=907779 A <dhcp> element can exist in only one IPv4 address and one IPv6 address per network. This patch enforces that in virNetworkUpdate.
-
由 Laine Stump 提交于
At the time that the network driver allocates a connection to a network, the tap device that will be used hasn't yet been created - that will be done later by qemu (or lxc or whoever) - but if the network has macTableManager='libvirt', then when we do get around to creating the tap device, we will need to add an entry for it to the network bridge's fdb (forwarding database) *and* turn off learning and unicast_flood for that tap device in the bridge's sysfs settings. This means that qemu needs to know both the bridge name as well as the setting of macTableManager, so we either need to create a new API to retrieve that info, or just pass it back in the ActualNetDef that is created during networkAllocateActualDevice. We choose the latter method, since it's already done for the bridge device, and it has the side effect of making the information available in domain status. (NB: in the future, I think that the tap device should actually be created by networkAllocateActualDevice(), as that will solve several other problems, but that is a battle for another day, and this information will still be useful outside the network driver)
-
由 Laine Stump 提交于
When the actualType of a virDomainNetDef is "network", it means that we are connecting to a libvirt-managed network (routed, natted, or isolated) which does use a bridge device (created by libvirt). In the past we have required drivers such as qemu to call the public API to retrieve the bridge name in this case (even though it is available in the NetDef's ActualNetDef if the actualType is "bridge" (i.e., an externally-created bridge that isn't managed by libvirt). There is no real reason for this difference, and as a matter of fact it complicates things for qemu. Also, there is another bridge-related attribute (macTableManager) that will need to be available in both cases, so this makes things consistent. In order to avoid problems when restarting libvirtd after an update from an older version that *doesn't* store the network's bridgename in the ActualNetDef, we also need to put it in place during networkNotifyActualDevice() (this function is run for each interface of each domain whenever libvirtd is restarted). Along with making the bridge name available in the internal object, it is also now reported in the <source> element of the <interface> state XML (or the <actual> subelement in the internally-stored format). The one oddity about this change is that usually there is a separate union for every different "type" in a higher level object (e.g. in the case of a virDomainNetDef there are separate "network" and "bridge" members of the union that pivots on the type), but in this case network and bridge types both have exactly the same attributes, so the "bridge" member is used for both type==network and type==bridge.
-
由 Laine Stump 提交于
The macTableManager attribute of a network's bridge subelement tells libvirt how the bridge's MAC address table (used to determine the egress port for packets) is managed. In the default mode, "kernel", management is left to the kernel, which usually determines entries in part by turning on promiscuous mode on all ports of the bridge, flooding packets to all ports when the correct destination is unknown, and adding/removing entries to the fdb as it sees incoming traffic from particular MAC addresses. In "libvirt" mode, libvirt turns off learning and flooding on all the bridge ports connected to guest domain interfaces, and adds/removes entries according to the MAC addresses in the domain interface configurations. A side effect of turning off learning and unicast_flood on the ports of a bridge is that (with Linux kernel 3.17 and newer), the kernel can automatically turn off promiscuous mode on one or more of the bridge's ports (usually only the one interface that is used to connect the bridge to the physical network). The result is better performance (because packets aren't being flooded to all ports, and can be dropped earlier when they are of no interest) and slightly better security (a guest can still send out packets with a spoofed source MAC address, but will only receive traffic intended for the guest interface's configured MAC address). The attribute looks like this in the configuration: <network> <name>test</name> <bridge name='br0' macTableManager='libvirt'/> ... This patch only adds the config knob, documentation, and test cases. The functionality behind this knob is added in later patches.
-
- 03 12月, 2014 2 次提交
-
-
由 John Ferlan 提交于
Since virStreamFree will call virObjectUnref anyway, let's just use that directly so as to avoid the possibility that we inadvertently clear out a pending error message when using the public API.
-
由 John Ferlan 提交于
Since virStoragePoolFree will call virObjectUnref anyway, let's just use that directly so as to avoid the possibility that we inadvertently clear out a pending error message when using the public API.
-