- 11 2月, 2014 11 次提交
-
-
由 Pradipta Kr. Banerjee 提交于
On some platforms like IBM PowerNV the NUMA node numbers can be non-sequential. For eg. numactl --hardware o/p from such a machine looks as given below node distances: node 0 1 16 17 0: 10 40 40 40 1: 40 10 40 40 16: 40 40 10 40 17: 40 40 40 10 The NUMA nodes are 0,1,16,17 Libvirt uses sequential index as NUMA node numbers and this can result in crash or incorrect results. Signed-off-by: NShivaprasad G Bhat <sbhat@linux.vnet.ibm.com> Signed-off-by: NPradipta Kr. Banerjee <bpradip@in.ibm.com>
-
由 Peter Krempa 提交于
Extract the metadata setting code into a separate function for future use.
-
由 Martin Kletzander 提交于
Add a new backend for any character device. This backend uses channel in spice connection. This channel is similar to spicevmc, but all-purpose in contrast to spicevmc. Apart from spicevmc, spiceport-backed chardev will not be formatted into the command-line if there is no spice to use (with test for that as well). For this I moved the def->graphics counting to the start of the function so its results can be used in rest of the code even in the future. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Martin Kletzander 提交于
This patch is here just to ease the code review and make related changes look more sensible. Apart from removing the condition this is merely a whitespace (indentation) change. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Martin Kletzander 提交于
Limiting ourselves to qemu without QEMU_CAPS_DEVICE capability, we used '-serial none' only if there was no serial device defined in the domain XML. This means that if we want to have a possibility of the device being defined in XML, but not used in the command-line (e.g. when it's pointless), we'll fail to attach '-serial none' to the command-line (when skipping the device's command-line building and the device being the only one). Since there is no such device, this patch doesn't actually do anything, but enables easier future additions in this manner. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Martin Kletzander 提交于
Add a new character device backend called 'spiceport' that uses spice's channel for communications and apart from spicevmc can be used as a backend for any character device from libvirt's point of view. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Wido den Hollander 提交于
This new RBD format supports snapshotting and cloning. By having libvirt create images in format 2 end-users of the created images can benefit from the new RBD format. Older versions of libvirt can work with this new RBD format as long as librbd supports format 2. RBD format is supported by librbd since version 0.56 (Ceph Bobtail). Signed-off-by: NWido den Hollander <wido@widodh.nl>
-
由 Joel SIMOES 提交于
When restarting sheepdog pool, all volumes are missing. This patch add automatically all volume from the added pool. Adding last Daniel P. Berrange's syntaxes correction. Adding vol on separeted function 'inspired' from parallels_storage : parallelsAddDiskVolume
-
由 Laine Stump 提交于
In order to make a client-only build successful on RHEL4 (yes, you read that correctly!), commit 3ed2e545 modified src/util/virnetdev.c so that the functional version of virNetDevGetVLanID() was only compiled if GET_VLAN_VID_CMD was defined. However, it is *never* defined, but is only an enum value, so the proper version was no longer compiled even on platforms that support it. This resulted in the vlan tag not being properly set for guest traffic on VEPA mode guest macvtap interfaces that were bound to a vlan interface (that's the only place that libvirt currently uses virNetDevGetVLanID) Since there is no way to compile conditionally based on the presence of an enum value, this patch modifies configure.ac to check for said enum value with AC_CHECK_DECLS(), which #defines HAVE_DECL_GET_VLAN_VID_CMD to 1 if it's successful compiling a test program that uses GET_VLAN_VID_CMD (and still #defines it, but to 0, if it's not successful). We can then make the compilation of virNetDevGetVLanID() conditional on the value of HAVE_DECL_GET_VLAN_VID_CMD.
-
由 Yuri Myasoedov 提交于
Reset line numbering on each input file in check-aclrules.pl. Otherwise it reports wrong line numbers in its error messages. Signed-off-by: NYuri Myasoedov <ymyasoedov@yandex.ru> Signed-off-by: NRoman Bogorodskiy <bogorodskiy@gmail.com> Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Michal Privoznik 提交于
In the network status XML we may have the <floor/> element with the 'sum' attribute. The attribute represents sum of all 'floor'-s of computed over each interface connected to the network (this is needed to guarantee certain bandwidth for certain domain). The sum is therefore a number. However, if the number was mangled (e.g. by an user's interference to network status file), we've just ignored it without refusing to parse such file. This was all due to 'goto error' missing. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 10 2月, 2014 5 次提交
-
-
由 Peter Krempa 提交于
The code took into account only the global permissions. The domains now support per-vm DAC labels and per-image DAC labels. Use the most specific label available.
-
由 Michal Privoznik 提交于
The lack of debug printings might be frustrating in the future. Moreover, this function doesn't follow the usual pattern we have in the rest of the code: int ret = -1; /* do some work */ ret = 0; cleanup: /* some cleanup work */ return ret; Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Peter Krempa 提交于
Add a new <timer> for the HyperV reference time counter enlightenment and the iTSC reference page for Windows guests. This feature provides a paravirtual approach to track timer events for the guest (similar to kvmclock) with the option to use real hardware clock on systems with a iTSC with compensation across various hosts.
-
由 Peter Krempa 提交于
According to the documentation various timer options are only supported by certain timer types. Add a post parse check to verify that the user didn't specify invalid options. Also fix the qemu command line parsing function to set correct default values for the kvmclock timer so that it passes the new check.
-
由 Peter Krempa 提交于
According to the documentation describing various tunables for domain timers not all the fields are supported by all the driver types. Express these in the RNG: - rtc, platform: Only these support the "track" attribute. - tsc: only one to support "frequency" and "mode" attributes - hpet, pit: tickpolicy/catchup attribute/element - kvmclock: no extra attributes are supported Additionally the attributes of the <catchup> element for tickpolicy='catchup' are optional according to the parsing code. Express this in the XML and fix a spurious space added while formatting the <catchup> element and add tests for it.
-
- 07 2月, 2014 10 次提交
-
-
由 John Ferlan 提交于
Coverity complains about "USE_AFTER_FREE" due to how virPCIDeviceSetStubDriver "could" return either -1, 0, or 1 from the VIR_STRDUP() and then possibly makes a call to virPCIDeviceDetach(). The only way this could happen is if NULL were passed as the "driver" name and virStrdup() returned 0. Since the calling functions check < 0 on the initial function call, the 0 possibility causes Coverity to complain. To fix this - enforce that the second parameter is not NULL using ATTRIBUTE_NONNULL(2) for the function prototype, then in virPCIDeviceDetach add an sa_assert(dev->stubDriver). This will result in Coverity not complaining any more.
-
由 Christophe Fergeau 提交于
If it's not present in this list, we won't be able to get only glusterfs pools when using virConnectListAllStoragePools.
-
由 Martin Kletzander 提交于
Couple of codepaths shared the same code which can be moved out to a function and on one of such places, qemuMigrationConfirmPhase(), the domain was resumed even if it wasn't running before the migration started. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1057407Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Jim Fehlig 提交于
libxlDomainRestoreFlags acquires the driver lock while reading the domain config from the save file and adding it to libxlDriverPrivatePtr->domains. But virDomainObjList provides self-locking APIs, so remove the needless driver locking. Signed-off-by: NJim Fehlig <jfehlig@suse.com>
-
由 Jim Fehlig 提交于
If available, let libxl handle reaping any children it creates by specifying libxl_sigchld_owner_libxl_always_selective_reap. This feature was added to improve subprocess handling in libxl when used in an application that does not install a SIGCHLD handler like libvirt http://lists.xen.org/archives/html/xen-devel/2014-01/msg01555.html Prior to this patch, it is possible to hit asserts in libxl when reaping subprocesses, particularly during simultaneous operations on multiple domains. With this patch, and the corresponding changes to libxl, I no longer see the asserts. Note that the libxl changes will be included in Xen 4.4.0. Previous Xen versions will be susceptible to hitting the asserts even with this patch applied to the libvirt libxl driver. Signed-off-by: NJim Fehlig <jfehlig@suse.com>
-
由 Jim Fehlig 提交于
Handling the domain shutdown event within the event handler seems a bit unfair to libxl's event machinery. Domain "shutdown" could take considerable time. E.g. if the shutdown reason is reboot, the domain must be reaped and then started again. Spawn a shutdown handler thread to do this work, allowing libxl's event machinery to go about its business. Signed-off-by: NJim Fehlig <jfehlig@suse.com>
-
由 Jim Fehlig 提交于
Due to some misunderstanding of requirements libxl places on timer handling, I introduced the half-brained idea of maintaining a list of timeouts that the driver could force to expire before freeing a libxlDomainObjPrivate (and hence libxl_ctx). But testing all the latest versions of Xen supported by the libxl driver (4.2.3, 4.3.1, 4.4.0 RC3), I see that libxl will handle this just fine and there is no need to force expiration behind libxl's back. Indeed it may be harmful to do so. This patch removes the timer list, allowing libxl to handle cleanup of its timer registrations. Signed-off-by: NJim Fehlig <jfehlig@suse.com>
-
由 Jim Fehlig 提交于
When libxl registers an FD with the libxl driver, the refcnt of the associated libxlDomainObjPrivate object is incremented. The refcnt is decremented when libxl deregisters the FD. But some FDs are only deregistered when their libxl ctx is freed, which unfortunately is done in the libxlDomainObjPrivate dispose function. With references held by the FDs, libxlDomainObjPrivate is never disposed. I added the ref/unref in FD registration/deregistration when adding the same in timer registration/deregistration. For timers, this is a simple approach to ensuring the libxlDomainObjPrivate is not disposed prior to their expirtation, which libxl guarantees will occur. It is not needed for FDs, and only causes libxlDomainObjPrivate to leak. This patch removes the reference on libxlDomainObjPrivate for FD registrations, but retains them for timer registrations. Tested on the latest releases of Xen supported by the libxl driver: 4.2.3, 4.3.1, and 4.4.0 RC3. Signed-off-by: NJim Fehlig <jfehlig@suse.com>
-
由 Matthieu Coudron 提交于
This commit allows to attach/detach a <filesystem> device in qemu. For this purpose I'm introducing two new functions: virDomainFSInsert() and virDomainFSRemove() and adding necessary code in the qemu driver. It compares filesystems based on their "destination" folder. So if two filesystems share the same destination, they are considered equal and the qemu driver would reject the insertion. Signed-off-by: NMatthieu Coudron <mattator@gmail.com>
-
由 Matthieu Coudron 提交于
With this change the code gets shorter and more readable. Signed-off-by: NMatthieu Coudron <mattator@gmail.com>
-
- 06 2月, 2014 7 次提交
-
-
由 Roman Bogorodskiy 提交于
Implementation obtains CPU usage information using kern.cp_time and kern.cp_times sysctl(8)s and reports CPU utilization.
-
由 Jiri Denemark 提交于
If virDomainMemoryStats was run on a domain with virtio balloon driver running on an old qemu which supports QMP but does not support qom-list QMP command, libvirtd would crash. The reason is we did not check if qemuMonitorJSONGetObjectListPaths failed and moreover we even stored its result in an unsigned integer type.
-
由 Peter Krempa 提交于
When attempting a blockcommit from the top layer, the base argument passed is NULL. This will be dereferenced when attempting a commit with an empty image chain. Output the real volume path instead: virsh blockcommit --verbose --path vda --domain DOMNAME --wait error: invalid argument: top '/path/somefile' in chain for 'vda' has no backing file instead of: error: invalid argument: top '(null)' in chain for 'vda' has no backing file
-
由 Peter Krempa 提交于
Eric Blake suggested to change this message to be different from the glibc's NULL deref protection message in printf to be able to differentiate errors.
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1046192 Commit b8bf79aa, which adds clock='variable', forgets to check localtime basis in qemuBuildClockArgStr(). So that localtime basis could not be used. Reported-by: NJincheng Miao <jmiao@redhat.com> Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Ján Tomko 提交于
Commit 2ce63c16 added imagelabel generation when relabeling is turned off. But we weren't filling out the sensitivity for type 'none' labels, resulting in an invalid label: $ virsh managedsave domain error: unable to set security context 'system_u:object_r:svirt_image_t' on fd 28: Invalid argument
-
由 Eric Blake 提交于
Noticed a misuse of 'to' while testing my event regression under polkit ACLs, and decided to review the entire conf files for other legibility bugs. * daemon/libvirtd.conf: Use correct grammar. * src/qemu/qemu.conf: Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 05 2月, 2014 2 次提交
-
-
由 Eric Blake 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1058839 Commit f9f56340 for CVE-2014-0028 almost had the right idea - we need to check the ACL rules to filter which events to send. But it overlooked one thing: the event dispatch queue is running in the main loop thread, and therefore does not normally have a current virIdentityPtr. But filter checks can be based on current identity, so when libvirtd.conf contains access_drivers=["polkit"], we ended up rejecting access for EVERY event due to failure to look up the current identity, even if it should have been allowed. Furthermore, even for events that are triggered by API calls, it is important to remember that the point of events is that they can be copied across multiple connections, which may have separate identities and permissions. So even if events were dispatched from a context where we have an identity, we must change to the correct identity of the connection that will be receiving the event, rather than basing a decision on the context that triggered the event, when deciding whether to filter an event to a particular connection. If there were an easy way to get from virConnectPtr to the appropriate virIdentityPtr, then object_event.c could adjust the identity prior to checking whether to dispatch an event. But setting up that back-reference is a bit invasive. Instead, it is easier to delay the filtering check until lower down the stack, at the point where we have direct access to the RPC client object that owns an identity. As such, this patch ends up reverting a large portion of the framework of commit f9f56340. We also have to teach 'make check' to special-case the fact that the event registration filtering is done at the point of dispatch, rather than the point of registration. Note that even though we don't actually use virConnectDomainEventRegisterCheckACL (because the RegisterAny variant is sufficient), we still generate the function for the purposes of documenting that the filtering takes place. Also note that I did not entirely delete the notion of a filter from object_event.c; I still plan on using that for my upcoming patch series for qemu monitor events in libvirt-qemu.so. In other words, while this patch changes ACL filtering to live in remote.c and therefore we have no current client of the filtering in object_event.c, the notion of filtering in object_event.c is still useful down the road. * src/check-aclrules.pl: Exempt event registration from having to pass checkACL filter down call stack. * daemon/remote.c (remoteRelayDomainEventCheckACL) (remoteRelayNetworkEventCheckACL): New functions. (remoteRelay*Event*): Use new functions. * src/conf/domain_event.h (virDomainEventStateRegister) (virDomainEventStateRegisterID): Drop unused parameter. * src/conf/network_event.h (virNetworkEventStateRegisterID): Likewise. * src/conf/domain_event.c (virDomainEventFilter): Delete unused function. * src/conf/network_event.c (virNetworkEventFilter): Likewise. * src/libxl/libxl_driver.c: Adjust caller. * src/lxc/lxc_driver.c: Likewise. * src/network/bridge_driver.c: Likewise. * src/qemu/qemu_driver.c: Likewise. * src/remote/remote_driver.c: Likewise. * src/test/test_driver.c: Likewise. * src/uml/uml_driver.c: Likewise. * src/vbox/vbox_tmpl.c: Likewise. * src/xen/xen_driver.c: Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Laine Stump 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1057321 pointed out that we weren't honoring the <bandwidth> element in libvirt networks using <forward mode='bridge'/>. In fact, these networks are just a method of giving a libvirt network name to an existing Linux host bridge on the system, and libvirt doesn't have enough information to know where to set such limits. We are working on a method of supporting network bandwidths for some specific cases of <forward mode='bridge'/>, but currently libvirt doesn't support it. So the proper thing to do now is just log an error when someone tries to put a <bandwidth> element in that type of network. (It's unclear if we will be able to do proper bandwidth limiting for macvtap networks, and most definitely we will not be able to support it for hostdev networks). While looking through the network XML documentation and comparing it to the networkValidate function, I noticed that we also ignore the presence of a mac address in the config in the same cases, rather than failing so that the user will understand that their desired action has not been taken. This patch updates networkValidate() (which is called any time a persistent network is defined, or a transient network created) to log an error and fail if it finds either a <bandwidth> or <mac> element and the network forward mode is anything except 'route'. 'nat', or nothing. (Yes, neither of those elements is acceptable for any macvtap mode, nor for a hostdev network). NB: This does *not* cause failure to start any existing network that contains one of those elements, so someone might have erroneously defined such a network in the past, and that network will continue to function unmodified. I considered it too disruptive to suddenly break working configs on the next reboot after a libvirt upgrade.
-
- 04 2月, 2014 5 次提交
-
-
由 John Ferlan 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1045124 When loading modules, libvirt does not honor the modprobe blacklist. Use the new virKModLoad() API in order to attempt load with blacklist check. Use the new virKModIsBlacklisted() API to check if the failure to load was due to the blacklist Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
-
由 John Ferlan 提交于
virKModConfig() - Return a buffer containing kernel module configuration virKModLoad() - Load a specific module into the kernel configuration virKModUnload() - Unload a specific module from the kernel configuration virKModIsBlacklisted() - Determine whether a module is blacklisted within the kernel configuration
-
由 Laine Stump 提交于
commit f094aaac changed qemuPrepareHostdevPCIDevices() such that it may modify the "backend" (vfio vs. legacy kvm) setting in the virHostdevDef. However, qemuDomainAttachHostPciDevice() (used by hotplug) copies the backend setting into a local *before* calling qemuPrepareHostdevPCIDevices(), and then later makes a decision based on that pre-change value. The result is that, if the backend had been set to "default" (i.e. not specified in the config) and was later updated to "VFIO" by qemuPrepareHostdevPCIDevices(), the qemu process' MacMemLock is not increased (as is required for VFIO device assignment). This patch delays making the local copy of backend until after its potential modification.
-
由 Laine Stump 提交于
The previous patch fixed "forwardPlainNames" so that it really is doing only what is intended, but left the default to be "forwardPlainNames='no'". Discussion around the initial version of that patch led to the decision that the default should instead be "forwardPlainNames='yes'" (i.e. the original behavior before commit f3886825). This patch makes that change to the default.
-
由 Laine Stump 提交于
In commit f3868259 we began adding the options --domain-needed --local=/$mydomain/ to all dnsmasq commandlines with the stated reason of preventing forwarding of DNS queries for names that weren't fully qualified domain names ("FQDN", i.e. a name that included some "."s and a domain name). This was later changed to domain-needed local=/$mydomain/ when we moved the options from the dnsmasq commandline to a conf file. The original patch on the list, and discussion about it, is here: https://www.redhat.com/archives/libvir-list/2012-August/msg01594.html When a domain name isn't specified (mydomain == ""), the addition of "domain-needed local=//" will prevent forwarding of domain-less requests to the virtualization host's DNS resolver, but if a domain *is* specified, the addition of "local=/domain/" will prevent forwarding of any requests for *qualified* names within that domain that aren't resolvable by libvirt's dnsmasq itself. An example of the problems this causes - let's say a network is defined with: <domain name='example.com'/> <dhcp> .. <host mac='52:54:00:11:22:33' ip='1.2.3.4' name='myguest'/> </dhcp> This results in "local=/example.com/" being added to the dnsmasq options. If a guest requests "myguest" or "myguest.example.com", that will be resolved by dnsmasq. If the guest asks for "www.example.com", dnsmasq will not know the answer, but instead of forwarding it to the host, it will return NOT FOUND to the guest. In most cases that isn't the behavior an admin is looking for. A later patch (commit 4f595ba6) attempted to remedy this by adding a "forwardPlainNames" attribute to the <dns> element. The idea was that if forwardPlainNames='yes' (default is 'no'), we would allow unresolved names to be forwarded. However, that patch was botched, in that it only removed the "domain-needed" option when forwardPlainNames='yes', and left the "local=/mydomain/". Really we should have been just including the option "--domain-needed --local=//" (note the lack of domain name) regardless of the configured domain of the network, so that requests for names without a domain would be treated as "local to dnsmasq" and not forwarded, but all others (including those in the network's configured domain) would be forwarded. We also shouldn't include *either* of those options if forwardPlainNames='yes'. This patch makes those corrections. This patch doesn't remedy the fact that default behavior was changed by the addition of this feature. That will be handled in a subsequent patch.
-