- 21 3月, 2013 7 次提交
-
-
由 Michal Privoznik 提交于
The VIR_ERR_NO_SUPPORT error code is reserved for cases where an API is not implemented in a driver. It definitely should not be used when an API execution fails due to unsupported operation.
-
由 Daniel P. Berrange 提交于
The recent commit moved some of the use of libnuma out of the driver code, and into src/util/. It did not, however, update libvirt_util.la to link against libnuma. This caused linkage failure with virt-aa-helper, since nothing else caused libnuma to be pulled onto the linker command line. The fix removes all reference to NUMACTL_LIBS/CFLAGS from the various modules in src/Makefile.am and just adds them to the libvirt_util.la module, which everything else depends on. Technically a build-breaker fix, but wanted to wait for feedback on this Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Osier Yang 提交于
We should record the new disk src in the shared disk table for updating disk (CD-ROM or Floppy) API. Fortunately, we only allow to update the disk source now, otherwise we might also want to set the unpriv_sgio setting.
-
由 Paolo Bonzini 提交于
This plumbs in the XML description of iSCSI shares. The next patches will add support for the libiscsi userspace initiator. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Li Zhang 提交于
Now that VCPU number are removed from qemu_monitor_text.c (commit cc78d7ba), VCPU string checking also should be removed. Report-by: NJohn Ferlan <jferlan@redhat.com> Signed-off-by: NLi Zhang <zhlcindy@linux.vnet.ibm.com>
-
由 Gao feng 提交于
We will use virCgroupRemoveRecursively to remove cgroup directories in the coming patch. Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
由 Guido Günther 提交于
but libvirt is built with --with-selinux. In this case getpeercon returns ENOPROTOOPT so don't return an error in that case but simply don't set seccon.
-
- 20 3月, 2013 11 次提交
-
-
由 Daniel P. Berrange 提交于
The virNetSocket & virIdentity classes accidentally got some conditionals using HAVE_SELINUX instead of WITH_SELINUX. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Gao feng 提交于
This patch adds cpuset cgroup support for LXC. Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
由 Gao feng 提交于
Intend to reduce the redundant code,use virNumaSetupMemoryPolicy to replace virLXCControllerSetupNUMAPolicy and qemuProcessInitNumaMemoryPolicy. This patch also moves the numa related codes to the file virnuma.c and virnuma.h Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
由 Olivia Yin 提交于
Compilation error when WITH_GNUTLS is 0, introduced in commit d5e83ad9.
-
由 Gao feng 提交于
Allow lxc using the advisory nodeset from querying numad, this means if user doesn't specify the numa nodes that the lxc domain should assign to, libvirt will automatically bind the lxc domain to the advisory nodeset which queried from numad. Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
由 Gao feng 提交于
qemuGetNumadAdvice will be used by LXC driver, rename it to virNumaGetAutoPlacementAdvice and move it to virnuma.c Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
由 Olivia Yin 提交于
-
由 Olivia Yin 提交于
The "dtb" option sets the filename for the device tree. If without this option support, "-dtb file" will be converted into <qemu:commandline> in domain XML file. For example, '-dtb /media/ram/test.dtb' will be converted into <qemu:commandline> <qemu:arg value='-dtb'/> <qemu:arg value='/media/ram/test.dtb'/> </qemu:commandline> This is not very friendly. This patchset add special <dtb> tag like <kernel> and <initrd> which is easier for user to write domain XML file. <os> <type arch='ppc' machine='ppce500v2'>hvm</type> <kernel>/media/ram/uImage</kernel> <initrd>/media/ram/ramdisk</initrd> <dtb>/media/ram/test.dtb</dtb> <cmdline>root=/dev/ram rw console=ttyS0,115200</cmdline> </os> Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Olivia Yin 提交于
-
由 Doug Goldstein 提交于
When building with --without-libvirtd and udev support is detected we will fail to build with the following error: node_device/node_device_udev.c:1608:37: error: unknown type name 'virStateInhibitCallback'
-
由 Laine Stump 提交于
virStorageBackendRBDRefreshPool() first allocates an array big enough to hold 1024 names, then calls rbd_list(), which returns ERANGE if the array isn't big enough. When that happens, the VIR_ALLOC_N is called again with a larger size. Unfortunately, the original array isn't freed before allocating a new one.
-
- 19 3月, 2013 8 次提交
-
-
由 Daniel P. Berrange 提交于
The LXC controller is closing loop devices as soon as the container has started. This is fine if the loop device was setup as a mounted filesystem, but if we're just passing through the loop device as a disk, nothing else is keeping it open. Thus we must keep the loop device FDs open for as long the libvirt_lxc process is running. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Currently the LXC controller creates the cgroup, configures the resources and adds the task all in one go. This is not sufficiently flexible for the forthcoming NBD integration. We need to make sure the NBD process gets into the right cgroup immediately, but we can not have limits (in particular the device ACL) applied at the point where we start qemu-nbd. So create a virLXCCgroupCreate method which creates the cgroup and adds the current task to be called early, and leave virLXCCgroupSetup to only do resource config. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
When dispatching an RPC API call, setup the current identity to hold the identity of the network client associated with the RPC message being dispatched. The setting is thread-local, so only affects the API call in this thread Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Add APIs which allow creation of a virIdentity from the info associated with a virNetServerClientPtr instance. This is done based on the results of client authentication processes like TLS, x509, SASL, SO_PEERCRED Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
If no user identity is available, some operations may wish to use the system identity. ie the identity of the current process itself. Add an API to get such an identity. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
To allow any internal API to get the current identity, add APIs to associate a virIdentityPtr with the current thread, via a thread local Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Introduce a local object virIdentity for managing security attributes used to form a client application's identity. Instances of this object are intended to be used as if they were immutable, once created & populated with attributes Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
A socket object has various pieces of security data associated with it, such as the SELinux context, the SASL username and the x509 distinguished name. Add new APIs to virNetServerClient and related modules to access this data. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 18 3月, 2013 1 次提交
-
-
由 Jiri Denemark 提交于
Commit 82d5fe54 qemu: check backing chains even when cgroup is omitted added backing file checks just before the code that removes optional disks if they are not present. However, the backing chain code fails in case the disk file does not exist, which makes qemuProcessStart fail regardless on configured startupPolicy. Note that startupPolicy implementation is still wrong after this patch since it only check the first file in a possible chain. It should rather check the complete backing chain. But this is an existing limitation that can be solved later. After all, startupPolicy is most useful for CDROM images and they won't make use of backing files in most cases.
-
- 16 3月, 2013 5 次提交
-
-
由 Paolo Bonzini 提交于
QEMU 1.3 and newer support an alternative URI-based syntax to specify the location of an NBD server. Libvirt can keep on using the old syntax in general, but only the URI syntax supports IPv6 addresses. The URI syntax also supports relative paths to Unix sockets. These should never be used but aren't explicitly blocked either by the parser, so support it just in case. The URI syntax is intentionally compatible with Gluster's, and the code can be reused. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Paolo Bonzini 提交于
This reuses the XML format that was introduced for Gluster. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Paolo Bonzini 提交于
These are supported by nbd-server and by the NBD server that QEMU embeds for live image access. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Paolo Bonzini 提交于
Move the code to an external function, and structure it to prepare the addition of new features in the next few patches. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
We've already scrubbed for comparisons of 'uid_t == -1' (which fail on platforms where uid_t is a u16), but another one snuck in. * src/util/virutil.c (virSetUIDGIDWithCaps): Correct uid comparison. * cfg.mk (sc_prohibit_risky_id_promotion): New rule.
-
- 15 3月, 2013 6 次提交
-
-
由 Paolo Bonzini 提交于
QEMU added -drive in 2007, and NBD in 2008. Both appeared first in release 0.10.0. Thus the code to support network disks without -drive is dead, and in fact it incorrectly escapes commas. Drop it. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Li Zhang 提交于
When getting CPUs' information, it assumes that CPU indexes are not contiguous. But for ppc64 platform, CPU indexes are not contiguous because SMT is needed to be disabled, so CPU information is not right on ppc64 and vpuinfo, vcpupin can't work corretly. This patch is to remove the assumption to be compatible with ppc64. Test: 4 vcpus are assigned to one VM and execute vcpuinfo command. Without patch: There is only one vcpu informaion can be listed. With patch: All vcpus' information can be listed correctly. Signed-off-by: NLi Zhang <zhlcindy@linux.vnet.ibm.com>
-
由 Peter Krempa 提交于
This patch adds auditing of resources used by Virtio RNG devices. Only resources on the local filesystems are audited. The audit logs look like: For the 'random' backend: type=VIRT_RESOURCE msg=audit(1363099126.643:31): pid=995252 uid=0 auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" new-rng="/dev/random": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" hostname=? addr=? terminal=pts/0 res=success' For local character device source: type=VIRT_RESOURCE msg=audit(1363100164.240:96): pid=995252 uid=0 auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" new-rng="/tmp/unix.sock": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" hostname=? addr=? terminal=pts/0 res=success'
-
由 Viktor Mihajlovski 提交于
Newer versions of QEMU support virtio-scsi and virtio-rng devices on the virtio-s390 and ccw buses. Adding capability detection, address assignment and command line generation for that. Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
-
由 Viktor Mihajlovski 提交于
QEMU_CAPS_VIRTIO_SCSI_PCI implies that virtio-scsi is only supported for the PCI bus, which is not the case. Remove the _PCI suffix. Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
-
由 Laine Stump 提交于
My commit 7a2e845a (and its prerequisites) managed to effectively ignore the clear_emulator_capabilities setting in qemu.conf (visible in the code as the VIR_EXEC_CLEAR_CAPS flag when qemu is being exec'ed), with the result that the capabilities are always cleared regardless of the qemu.conf setting. This patch fixes it by passing the flag through to virSetUIDGIDWithCaps(), which uses it to decide whether or not to clear existing capabilities before adding in those that were requested. Note that the existing capabilities are *always* cleared if the new process is going to run as non-root, since the whole point of running non-root is to have the capabilities removed (it's still possible to maintain individual capabilities as needed using the capBits argument though).
-
- 14 3月, 2013 2 次提交
-
-
由 Eric Blake 提交于
Multi-head QXL support is so useful that distros have started to backport it to qemu earlier than 1.2. After discussion with Alon Levy, we determined that the existence of the qxl-vga.surfaces property is a reliable indicator of whether '-device qxl-vga' works, or whether we have to stick to the older '-vga qxl'. I'm leaving in the existing check for QEMU_CAPS_DEVICE_VIDEO_PRIMARY tied to qemu 1.2 and newer (in case qemu is built without qxl support), but for those distros that backport qxl, this additional capability check will allow the correct command line for both RHEL 6.3 (which lacks the feature) and RHEL 6.4 (where qemu still claims to be version 0.12.2.x, but has backported multi-head qxl). * src/qemu/qemu_capabilities.c (virQEMUCapsObjectPropsQxlVga): New property test. (virQEMUCapsExtractDeviceStr): Probe for backport of new capability to qemu earlier than 1.2. * tests/qemuhelpdata/qemu-kvm-1.2.0-device: Update test. * tests/qemuhelpdata/qemu-1.2.0-device: Likewise. * tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel62-beta-device: Likewise.
-
由 Daniel P. Berrange 提交于
The src/lxc/lxc_*_dispatch.h files only had deps on the RPC generator script & the XDR definition file. So when the Makefile.am args passed to the generator were change, the disaptch code was not re-generated. This caused a build failure CC libvirt_lxc-lxc_controller.o lxc/lxc_controller.c: In function 'virLXCControllerSetupServer': lxc/lxc_controller.c:718:47: error: 'virLXCMonitorProcs' undeclared (first use in this function) lxc/lxc_controller.c:718:47: note: each undeclared identifier is reported only once for each function it appears in lxc/lxc_controller.c:719:47: error: 'virLXCMonitorNProcs' undeclared (first use in this function) make[3]: *** [libvirt_lxc-lxc_controller.o] Error 1 For added fun, the generated files were not listed in CLEANFILES, so only a 'git clean -f' would fix the build Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-