- 17 8月, 2013 2 次提交
-
-
由 Don Dugger 提交于
Currently the virConnectBaselineCPU API does not expose the CPU features that are part of the CPU's model. This patch adds a new flag, VIR_CONNECT_BASELINE_CPU_EXPAND_FEATURES, that causes the API to explicitly list all features that are part of that model. Signed-off-by: NDon Dugger <donald.d.dugger@intel.com> Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Jim Fehlig 提交于
Cleanup the libxl capabilities code to be a bit more extensible, splitting out the creation of host and guest capabilities. This should make it easier to implement additional capabilities in the future, such as NUMA topology reporting.
-
- 16 8月, 2013 3 次提交
-
-
由 Peter Krempa 提交于
The virBitmapParse function was calling virBitmapIsSet() function that requires the caller to check the bounds of the bitmap without checking them. This resulted into crashes when parsing a bitmap string that was exceeding the bounds used as argument. This patch refactors the function to use virBitmapSetBit without checking if the bit is set (this function does the checks internally) and then counts the bits in the bitmap afterwards (instead of keeping track while parsing the string). This patch also changes the "parse_error" label to a more common "error". The refactor should also get rid of the need to call sa_assert on the returned variable as the callpath should allow coverity to infer the possible return values. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=997367 Thanks to Alex Jia for tracking down the issue. This issue is introduced by commit 0fc89098.
-
由 Eric Blake 提交于
* src/util/virnetdevvportprofile.c: Fix typo. * src/conf/domain_conf.c: Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Jim Fehlig 提交于
There is a potential leak of a newly created libxlDomainObjPrivate when subsequent allocation of the object's chrdev field fails. Unref the object on such an error so that it is properly disposed.
-
- 15 8月, 2013 2 次提交
-
-
由 Ján Tomko 提交于
This restores the error message when QMP probing is not used. https://bugzilla.redhat.com/show_bug.cgi?id=991334
-
由 Jim Fehlig 提交于
As per HACKING, remove some unneeded curly braces in the libxl driver.
-
- 14 8月, 2013 3 次提交
-
-
由 Peter Krempa 提交于
-
由 Laine Stump 提交于
This resolves the issue that prompted the filing of https://bugzilla.redhat.com/show_bug.cgi?id=928638 (although the request there is for something much larger and more general than this patch). commit f3868259 disabled the forwarding to upstream DNS servers of unresolved DNS requests for names that had no domain, but were just simple host names (no "." character anywhere in the name). While this behavior is frowned upon by DNS root servers (that's why it was changed in libvirt), it is convenient in some cases, and since dnsmasq can be configured to allow it, it must not be strictly forbidden. This patch restores the old behavior, but since it is usually undesirable, restoring it requires specification of a new option in the network config. Adding the attribute "forwardPlainNames='yes'" to the <dns> elemnt does the trick - when that attribute is added to a network config, any simple hostnames that can't be resolved by the network's dnsmasq instance will be forwarded to the DNS servers listed in the host's /etc/resolv.conf for an attempt at resolution (just as any FQDN would be forwarded). When that attribute *isn't* specified, unresolved simple names will *not* be forwarded to the upstream DNS server - this is the default behavior.
-
由 Li Zhang 提交于
Power7+ and Power8 are supported in QEMU, so it needs to define CPUs in libvirt to support them. Signed-off-by: NLi Zhang <zhlcindy@linux.vnet.ibm.com>
-
- 13 8月, 2013 14 次提交
-
-
由 Daniel P. Berrange 提交于
If booting a container with a root FS that isn't the host's root, we must ensure that the /dev mount point exists. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The virtlockd/libvirtd daemons had listed '?' as the short option for --help. getopt_long uses '?' for any unknown option. We want to be able to distinguish unknown options (which use EXIT_FAILURE) from correct usage of help (which should use EXIT_SUCCESS). Thus we should use 'h' as a short option for --help. Also add this to the man page docs The virtlockd/libvirtd daemons did not list any short option for the --version arg. Add -V as a valid short option, since -v is already used for --verbose. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The lxcContainerMountFSBlockAuto method can be used to mount the initial root filesystem, so it cannot assume a prefix of /.oldroot. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Roman Bogorodskiy 提交于
Complete the refactoring by adding missing stubs so it compiles on platform without cgroup support. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Roman Bogorodskiy 提交于
Complete moving to VIR_CGROUP_SUPPORTED Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Roman Bogorodskiy 提交于
Continue converting to VIR_CGROUP_SUPPORTED Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Roman Bogorodskiy 提交于
- Convert virCgroupGet* to VIR_CGROUP_SUPPORTED - Convert virCgroup(Get|Set)FreezerState to VIR_CGROUP_SUPPORTED Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Roman Bogorodskiy 提交于
- Introduce VIR_CGROUP_SUPPORTED conditional - Convert virCgroupKill* to use it - Convert virCgroupIsolateMount() to use it - Convert virCgroupRemoveRecursively to VIR_CGROUP_SUPPORTED Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Make future patches smaller by matching a sane header listing in the first place. No semantic change. * src/util/vircgroup.h: Move free next to new, and controller functions next to each other. * src/util/vircgroup.c (virCgroupFree, virCgroupHasController) (virCgroupPathOfController, virCgroupRemoveRecursively) (virCgroupRemove): Sort implementation to be closer to header. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Avoid a forward declaration of a static function. * src/util/vircgroup.c (virCgroupPartitionNeedsEscaping) (virCgroupParticionEscape): Move up. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Format all functions with two blank lines between, and return type on separate line from function name. Also break some lines longer than 80 columns. This makes the subsequent macro refactoring less noisy. * src/util/vircgroup.c: Match prevailing style. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Guido Günther 提交于
otherwise having a strict --no-copy-dt-needed-entries fails in several places like: CCLD virdbustest /usr/bin/ld: virdbustest-virdbustest.o: undefined reference to symbol 'dbus_message_unref' /lib/x86_64-linux-gnu/libdbus-1.so.3: error adding symbols: DSO missing from command line collect2: error: ld returned 1 exit status
-
由 Guido Günther 提交于
to fix the kFreeBSD build. The network parameter is unused in networkCheckRouteCollision: http://honk.sigxcpu.org:8001/job/libvirt-build-debian-jessie-kfreebsd64/
-
由 Guido Günther 提交于
qemuDomainAttachVirtioDiskDevice passes NULL as domainDef which is later referenced in qemuDomainAttachVirtioDiskDevice: Program terminated with signal 11, Segmentation fault. #0 qemuBuildDeviceAddressStr (buf=buf@entry=0xb646de78, info=info@entry=0xb0a02360, qemuCaps=qemuCaps@entry=0xb8fdfdc8, domainDef=<error reading variable: Unhandled dwarf expression opcode 0xfa>, domainDef=<error reading variable: Unhandled dwarf expression opcode 0xfa>) at qemu/qemu_command.c:2869 2869 for (i = 0; i < domainDef->ncontrollers; i++) { (gdb) bt #0 qemuBuildDeviceAddressStr (buf=buf@entry=0xb646de78, info=info@entry=0xb0a02360, qemuCaps=qemuCaps@entry=0xb8fdfdc8, domainDef=<error reading variable: Unhandled dwarf expression opcode 0xfa>, domainDef=<error reading variable: Unhandled dwarf expression opcode 0xfa>) at qemu/qemu_command.c:2869 #1 0xb18ad6f8 in qemuBuildDriveDevStr (def=def@entry=0x0, disk=disk@entry=0xb0a02288, bootindex=bootindex@entry=0, qemuCaps=0xb8fdfdc8) at qemu/qemu_command.c:4316 #2 0xb18d097f in qemuDomainAttachVirtioDiskDevice (conn=conn@entry=0xb90129a8, driver=driver@entry=0xb8fe29b8, vm=vm@entry=0xb8fe0c40, disk=disk@entry=0xb0a02288) at qemu/qemu_hotplug.c:278 #3 0xb193f7ba in qemuDomainAttachDeviceDiskLive (dev=0xb0a35308, vm=0xb8fe0c40, driver=0xb8fe29b8, conn=0xb90129a8) at qemu/qemu_driver.c:6356 #4 qemuDomainAttachDeviceLive (dev=0xb0a35308, vm=0xb8fe0c40, dom=<optimized out>) at qemu/qemu_driver.c:6418 #5 qemuDomainAttachDeviceFlags (dom=dom@entry=0xb0a020b8, xml=xml@entry=0xb90953f0 "<disk type='file' device='disk'>\n <source file='/var/lib/jenkins/jobs/libvirt-tck-build/workspace/scratchdir/200-disk-hotplug/extra.img'/>\n <target dev='vdb' bus='virtio'/>\n</disk>\n", flags=3103664568, flags@entry=1) at qemu/qemu_driver.c:7079 #6 0xb193f9cb in qemuDomainAttachDevice (dom=0xb0a020b8, xml=0xb90953f0 "<disk type='file' device='disk'>\n <source file='/var/lib/jenkins/jobs/libvirt-tck-build/workspace/scratchdir/200-disk-hotplug/extra.img'/>\n <target dev='vdb' bus='virtio'/>\n</disk>\n") at qemu/qemu_driver.c:7120 #7 0xb7244827 in virDomainAttachDevice (domain=domain@entry=0xb0a020b8, xml=0xb90953f0 "<disk type='file' device='disk'>\n <source file='/var/lib/jenkins/jobs/libvirt-tck-build/workspace/scratchdir/200-disk-hotplug/extra.img'/>\n <target dev='vdb' bus='virtio'/>\n</disk>\n") at libvirt.c:10912 #8 0xb7765ddb in remoteDispatchDomainAttachDevice (args=0xb9094ef0, rerr=0xb646e1f0, client=<optimized out>, server=<optimized out>, msg=<optimized out>) at remote_dispatch.h:2296 #9 remoteDispatchDomainAttachDeviceHelper (server=0xb8fba0e8, client=0xb0a00730, msg=0xb0a350b8, rerr=0xb646e1f0, args=0xb9094ef0, ret=0xb9094dc8) at remote_dispatch.h:2274 #10 0xb72b1013 in virNetServerProgramDispatchCall (msg=0xb0a350b8, client=0xb0a00730, server=0xb8fba0e8, prog=0xb8fc21c8) at rpc/virnetserverprogram.c:435 #11 virNetServerProgramDispatch (prog=0xb8fc21c8, server=server@entry=0xb8fba0e8, client=0xb0a00730, msg=0xb0a350b8) at rpc/virnetserverprogram.c:305 #12 0xb72aa167 in virNetServerProcessMsg (msg=<optimized out>, prog=<optimized out>, client=<optimized out>, srv=0xb8fba0e8) at rpc/virnetserver.c:165 #13 virNetServerHandleJob (jobOpaque=0xb0a0a850, opaque=0xb8fba0e8) at rpc/virnetserver.c:186 #14 0xb7189108 in virThreadPoolWorker (opaque=opaque@entry=0xb8fa3250) at util/virthreadpool.c:144 #15 0xb71885e5 in virThreadHelper (data=0xb8fa32a8) at util/virthreadpthread.c:161 #16 0xb70d6954 in start_thread (arg=0xb646eb70) at pthread_create.c:304 #17 0xb704e95e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130 This was found by libvirtt-tck: http://honk.sigxcpu.org:8001/job/libvirt-tck-debian-wheezy-qemu-session/1311/console
-
- 12 8月, 2013 1 次提交
-
-
由 Eric Blake 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=951637 Newer gnutls uses nettle, rather than gcrypt, which is a lot nicer regarding initialization. Yet we were unconditionally initializing gcrypt even when gnutls wouldn't be using it, and having two crypto libraries linked into libvirt.so is pointless, but mostly harmless (it doesn't crash, but does interfere with certification efforts). There are three distinct version ranges to worry about when determining which crypto lib gnutls uses, per these gnutls mails: 2.12: http://lists.gnu.org/archive/html/gnutls-devel/2011-03/msg00034.html 3.0: http://lists.gnu.org/archive/html/gnutls-devel/2011-07/msg00035.html If pkg-config can prove version numbers and/or list the crypto library used for static linking, we have our proof; if not, it is safer (even if pointless) to continue to use gcrypt ourselves. * configure.ac (WITH_GNUTLS): Probe whether to add -lgcrypt, and define a witness WITH_GNUTLS_GCRYPT. * src/libvirt.c (virTLSMutexInit, virTLSMutexDestroy) (virTLSMutexLock, virTLSMutexUnlock, virTLSThreadImpl) (virGlobalInit): Honor the witness. * libvirt.spec.in (BuildRequires): Make gcrypt usage conditional, no longer needed in Fedora 19. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 10 8月, 2013 5 次提交
-
-
由 Jim Fehlig 提交于
Commit d72ef888 introduced a bug in the libxl driver that will segfault libvirtd if libxl reports an error message, e.g. when attempting to initialize the driver on a non-Xen system. I assumed it was valid to pass a NULL logger to libxl_ctx_alloc(), but that is not the case since any errors associated with the ctx that are emitted by libxl will dereference the logger and crash libvirtd. Errors associated with the libxl driver-wide ctx could be useful for debugging anyway, so create a 'libxl-driver.log' to capture these errors.
-
由 Daniel P. Berrange 提交于
Recentish (2011) kernels introduced a new device called /dev/loop-control, which causes libvirt's detection of loop devices to get confused since it only checks for a prefix of 'loop'. Also check that the next character is a digit Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
This adds two new pages to the website, acl.html describing the general access control framework and permissions models, and aclpolkit.html describing the use of polkit as an access control driver. page.xsl is modified to support a new syntax <div id="include" filename="somefile.htmlinc"/> which will cause the XSL transform to replace that <div> with the contents of 'somefile.htmlinc'. We use this in the acl.html.in file, to pull the table of permissions for each libvirt object. This table is autogenerated from the enums in src/access/viraccessperms.h by the genaclperms.pl script. newapi.xsl is modified so that the list of permissions checks shown against each API will link to the description of the permissions in acl.html Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The gendispatch.pl script puts comments at the top of files it creates, saying that it auto-generated them. Also include the name of the source data file which it reads when doing the auto-generation. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Dario Faggioli 提交于
introduced by cs 4b9eec50 ("libxl: implement per NUMA node free memory reporting"). What was wrong was that libxl_get_numainfo() put in nr_nodes the actual number of host NUMA nodes, not the highest node ID (like libnuma's numa_max_node() does instead). While at it, turn the failure of libxl_get_numainfo() from a simple warning to a proper error, as requested during the review of another patch of the original series. Signed-off-by: NDario Faggioli <dario.faggioli@citrix.com> Cc: Daniel P. Berrange <berrange@redhat.com>
-
- 09 8月, 2013 6 次提交
-
-
由 Eric Blake 提交于
This is a second attempt at fixing the problem first attempted in commit 2df8d991; basically undoing the fact that it was reverted in commit 43cee32f, plus fixing two more issues: the code in configure.ac has to EXACTLY match virnetdevbridge.c with regards to declaring in6 types before using if_bridge.h, and the fact that RHEL 5 has even more conflicts: In file included from util/virnetdevbridge.c:49: /usr/include/linux/in6.h:47: error: conflicting types for 'in6addr_any' /usr/include/netinet/in.h:206: error: previous declaration of 'in6addr_any' was here /usr/include/linux/in6.h:49: error: conflicting types for 'in6addr_loopback' /usr/include/netinet/in.h:207: error: previous declaration of 'in6addr_loopback' was here The rest of this commit message borrows from the original try of 2df8d991: A fresh checkout on a RHEL 6 machine with these packages: kernel-headers-2.6.32-405.el6.x86_64 glibc-2.12-1.128.el6.x86_64 failed to configure with this message: checking for linux/if_bridge.h... no configure: error: You must install kernel-headers in order to compile libvirt with QEMU or LXC support Digging in config.log, we see that the problem is identical to what we fixed earlier in commit d12c2811: configure:98831: checking for linux/if_bridge.h configure:98853: gcc -std=gnu99 -c -g -O2 conftest.c >&5 In file included from /usr/include/linux/if_bridge.h:17, from conftest.c:559: /usr/include/linux/in6.h:31: error: redefinition of 'struct in6_addr' /usr/include/linux/in6.h:48: error: redefinition of 'struct sockaddr_in6' /usr/include/linux/in6.h:56: error: redefinition of 'struct ipv6_mreq' configure:98860: $? = 1 I had not hit it earlier because I was using incremental builds, where config.cache had shielded me from the kernel-headers breakage. * configure.ac (if_bridge.h): Avoid conflicting type definitions. * src/util/virnetdevbridge.c (includes): Also sanitize for RHEL 5. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Jim Fehlig 提交于
Currently, only one log file is created by the libxl driver, with all output from libxl for all domains going to this one file. Create a per-domain log file based on domain name, making sifting through the logs a bit easier. This required deferring libxl_ctx allocation until starting the domain, which is fine since the ctx is not used when the domain is inactive. Tested-by: NDario Faggioli <dario.faggioli@citrix.com>
-
由 Daniel P. Berrange 提交于
The virtlockd daemon supports an /etc/libvirt/virtlockd.conf config file, but we never installed a default config, nor created any augeas scripts. This change addresses that omission. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 John Ferlan 提交于
Coverity complained about the usage of the uninitialized cacerts in the event(s) that "access(certFile, R_OK)" and/or "access(cacertFile, R_OK)" fail the for loop used to fill in the certs will have indeterminate data as well as the possibility that both failures would result in the gnutls_x509_crt_deinit() call having a similar fate. Initializing cacerts only would resolve the issue; however, it still would leave the indeterminate action, so rather add a parameter to the virNetTLSContextLoadCACertListFromFile() to pass the max size rather then overloading the returned count parameter. If the the call is never made, then we won't go through the for loops referencing the empty cacerts
-
由 Daniel P. Berrange 提交于
Create a virtlockd.pod.in file containing the man page content for virtlockd. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Alex Jia 提交于
Valgrind defects memory error: ==16759== 1 errors in context 1 of 8: ==16759== Invalid free() / delete / delete[] / realloc() ==16759== at 0x4A074C4: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16759== by 0x83CD329: xdr_string (in /usr/lib64/libc-2.17.so) ==16759== by 0x4D93E4D: xdr_remote_nonnull_string (remote_protocol.c:31) ==16759== by 0x4D94350: xdr_remote_nonnull_domain (remote_protocol.c:58) ==16759== by 0x4D976C8: xdr_remote_domain_create_with_flags_ret (remote_protocol.c:1762) ==16759== by 0x83CC734: xdr_free (in /usr/lib64/libc-2.17.so) ==16759== by 0x4D7F1E0: remoteDomainCreateWithFlags (remote_driver.c:2441) ==16759== by 0x4D4BF17: virDomainCreateWithFlags (libvirt.c:9499) ==16759== by 0x13127A: cmdStart (virsh-domain.c:3376) ==16759== by 0x12BF83: vshCommandRun (virsh.c:1751) ==16759== by 0x126FFB: main (virsh.c:3205) ==16759== Address 0xe1394a0 is not stack'd, malloc'd or (recently) free'd ==16759== 1 errors in context 2 of 8: ==16759== Conditional jump or move depends on uninitialised value(s) ==16759== at 0x4A07477: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16759== by 0x83CD329: xdr_string (in /usr/lib64/libc-2.17.so) ==16759== by 0x4D93E4D: xdr_remote_nonnull_string (remote_protocol.c:31) ==16759== by 0x4D94350: xdr_remote_nonnull_domain (remote_protocol.c:58) ==16759== by 0x4D976C8: xdr_remote_domain_create_with_flags_ret (remote_protocol.c:1762) ==16759== by 0x83CC734: xdr_free (in /usr/lib64/libc-2.17.so) ==16759== by 0x4D7F1E0: remoteDomainCreateWithFlags (remote_driver.c:2441) ==16759== by 0x4D4BF17: virDomainCreateWithFlags (libvirt.c:9499) ==16759== by 0x13127A: cmdStart (virsh-domain.c:3376) ==16759== by 0x12BF83: vshCommandRun (virsh.c:1751) ==16759== by 0x126FFB: main (virsh.c:3205) ==16759== Uninitialised value was created by a stack allocation ==16759== at 0x4D7F120: remoteDomainCreateWithFlags (remote_driver.c:2423) How to reproduce? # virsh start <domain> --paused RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=994855Signed-off-by: NAlex Jia <ajia@redhat.com>
-
- 08 8月, 2013 4 次提交
-
-
由 Dan Walsh 提交于
If securityfs is available on the host, we should ensure to mount it read-only in the container. This will avoid systemd trying to mount it during startup causing SELinux AVCs. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Eric Farman 提交于
Hotplugging a single SCSI device works, but adding additional ones result in an error from QEMU: [root@gpok197 ~]# virsh attach-device guest01 blah.xml Device attached successfully [root@gpok197 ~]# virsh attach-device guest01 blah2.xml error: Failed to attach device from blah2.xml error: internal error unable to execute QEMU command 'device_add': Duplicate ID 'hostdev0' for device The hostdev ID that is created is always set to zero, regardless of the contents of the XML. Changing the index in the hotplug case to a negative one so the next available index is used. Signed-off-by: NEric Farman <farman@linux.vnet.ibm.com> Reviewed-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
-
由 Daniel P. Berrange 提交于
So that app developers / admins know what access control checks are performed for each API, this patch extends the API docs generator to include details of the ACLs for each. The gendispatch.pl script is extended so that it generates a simple XML describing ACL rules, eg. <aclinfo> ... <api name='virConnectNumOfDomains'> <check object='connect' perm='search_domains'/> <filter object='domain' perm='getattr'/> </api> <api name='virDomainAttachDeviceFlags'> <check object='domain' perm='write'/> <check object='domain' perm='save' flags='!VIR_DOMAIN_AFFECT_CONFIG|VIR_DOMAIN_AFFECT_LIVE'/> <check object='domain' perm='save' flags='VIR_DOMAIN_AFFECT_CONFIG'/> </api> ... </aclinfo> The newapi.xsl template loads the XML files containing the ACL rules and generates a short block of HTML for each API describing the parameter checks and return value filters (if any). Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The code added to validate CA certificates did not take into account the possibility that the cacert.pem file can contain multiple (concatenated) cert data blocks. Extend the code for loading CA certs to use the gnutls APIs for loading cert lists. Add test cases to check that multi-level trees of certs will validate correctly. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-