1. 26 1月, 2012 2 次提交
    • D
      Introduce new API for generating random numbers · e95ef67b
      Daniel P. Berrange 提交于
      The old virRandom() API was not generating good random numbers.
      Replace it with a new API virRandomBits which instead of being
      told the upper limit, gets told the number of bits of randomness
      required.
      
      * src/util/virrandom.c, src/util/virrandom.h: Add virRandomBits,
        and move virRandomInitialize
      * src/util/util.h, src/util/util.c: Delete virRandom and
        virRandomInitialize
      * src/libvirt.c, src/security/security_selinux.c,
        src/test/test_driver.c, src/util/iohelper.c: Update for
        changes from virRandom to virRandomBits
      * src/storage/storage_backend_iscsi.c: Remove bogus call
        to virRandomInitialize & convert to virRandomBits
      e95ef67b
    • M
      storage: Support different wiping algorithms · adb99a05
      Michal Privoznik 提交于
      Currently, we support only filling a volume with zeroes on wiping.
      However, it is not enough as data might still be readable by
      experienced and equipped attacker. Many technical papers have been
      written, therefore we should support other wiping algorithms.
      adb99a05
  2. 25 1月, 2012 1 次提交
  3. 24 1月, 2012 1 次提交
    • D
      Add new virDomainShutdownFlags API · 0b7ddf9e
      Daniel P. Berrange 提交于
      Add a new API virDomainShutdownFlags and define:
      
          VIR_DOMAIN_SHUTDOWN_DEFAULT        = 0,
          VIR_DOMAIN_SHUTDOWN_ACPI_POWER_BTN = (1 << 0),
          VIR_DOMAIN_SHUTDOWN_GUEST_AGENT    = (1 << 1),
      
      Also define some flags for the reboot API
      
          VIR_DOMAIN_REBOOT_DEFAULT        = 0,
          VIR_DOMAIN_REBOOT_ACPI_POWER_BTN = (1 << 0),
          VIR_DOMAIN_REBOOT_GUEST_AGENT    = (1 << 1),
      
      Although these two APIs currently have the same flags, using
      separate enums allows them to expand separately in the future.
      
      Add stub impls of the new API for all existing drivers
      0b7ddf9e
  4. 17 1月, 2012 1 次提交
    • J
      Clarify semantics of virDomainMigrate{,ToURI}2 · 5e31e713
      Jiri Denemark 提交于
      Commit 5d784bd6 was a nice attempt to
      clarify the semantics by requiring domain name from dxml to either match
      original name or dname. However, setting dxml domain name to dname
      doesn't really work since destination host needs to know the original
      domain name to be able to use it in migration cookies. This patch
      requires domain name in dxml to match the original domain name. The
      change should be safe and backward compatible since migration would fail
      just a bit later in the process.
      5e31e713
  5. 12 1月, 2012 1 次提交
  6. 11 1月, 2012 2 次提交
    • E
      snapshot: allow reuse of existing files in disk snapshot · 4e9953a4
      Eric Blake 提交于
      When disk snapshots were first implemented, libvirt blindly refused
      to allow an external snapshot destination that already exists, since
      qemu will blindly overwrite the contents of that file during the
      snapshot_blkdev monitor command, and we don't like a default of
      data loss by default.  But VDSM has a scenario where NFS permissions
      are intentionally set so that the destination file can only be
      created by the management machine, and not the machine where the
      guest is running, so that libvirt will necessarily see the destination
      file already existing; adding a flag will allow VDSM to force the file
      reuse without libvirt complaining of possible data loss.
      
      https://bugzilla.redhat.com/show_bug.cgi?id=767104
      
      * include/libvirt/libvirt.h.in (virDomainSnapshotCreateFlags): Add
      VIR_DOMAIN_SNAPSHOT_CREATE_REUSE_EXT.
      * src/libvirt.c (virDomainSnapshotCreateXML): Document it.  Add
      note about partial failure.
      * tools/virsh.c (cmdSnapshotCreate, cmdSnapshotCreateAs): Add new
      flag.
      * tools/virsh.pod (snapshot-create, snapshot-create-as): Document
      it.
      * src/qemu/qemu_driver.c (qemuDomainSnapshotDiskPrepare)
      (qemuDomainSnapshotCreateXML): Implement the new flag.
      4e9953a4
    • E
      docs: standardize description of flags · 529e4a50
      Eric Blake 提交于
      We had loads of different styles in describing the @flags parameter
      for various APIs, as well as several APIs that didn't list which
      enums provided the bit values valid for the flags.
      
      The end result is one of two formats:
      @flags: bitwise-OR of vir...Flags
      @flags: extra flags; not used yet, so callers should always pass 0
      
      * src/libvirt.c: Use common sentences for flags.  Also,
      (virDomainGetBlockIoTune): Mention virTypedParameterFlags.
      (virConnectOpenAuth): Mention virConnectFlags.
      (virDomainMigrate, virDomainMigrate2, virDomainMigrateToURI)
      (virDomainMigrateToURI2): Mention virDomainMigrateFlags.
      (virDomainMemoryPeek): Mention virDomainMemoryFlags.
      (virStoragePoolBuild): Mention virStoragePoolBuildFlags.
      (virStoragePoolDelete): Mention virStoragePoolDeleteFlags.
      (virStreamNew): Mention virStreamFlags.
      (virDomainOpenGraphics): Mention virDomainOpenGraphicsFlags.
      529e4a50
  7. 10 1月, 2012 1 次提交
    • J
      PolicyKit: Check auth before asking client to obtain it · 9ae4ac7a
      Jim Fehlig 提交于
      I previously mentioned [1] a PolicyKit issue where libvirt would
      proceed with authentication even though polkit-auth failed:
      
      testusr xen134:~> virsh list --all
      Attempting to obtain authorization for org.libvirt.unix.manage.
      polkit-grant-helper: given auth type (8 -> yes) is bogus
      Failed to obtain authorization for org.libvirt.unix.manage.
       Id Name                 State
      ----------------------------------
        0 Domain-0             running
        - sles11sp1-pv         shut off
      
      AFAICT, libvirt attempts to obtain a privilege it already has,
      causing polkit-auth to fail with above message.  Instead of calling
      obtain and then checking auth, IMO the workflow should be for the
      server to check auth first, and if that fails ask the client to
      obtain it and check again.  This workflow also allows for checking
      only successful exit of polkit-auth in virConnectAuthGainPolkit().
      
      [1] https://www.redhat.com/archives/libvir-list/2011-December/msg00837.html
      9ae4ac7a
  8. 04 1月, 2012 1 次提交
  9. 03 1月, 2012 1 次提交
    • E
      domiftune: clean up previous patches · 269ce467
      Eric Blake 提交于
      Most severe here is a latent (but currently untriggered) memory leak
      if any hypervisor ever adds a string interface property; the
      remainder are mainly cosmetic.
      
      * include/libvirt/libvirt.h.in (VIR_DOMAIN_BANDWIDTH_*): Move
      macros closer to interface that uses them, and document type.
      * src/libvirt.c (virDomainSetInterfaceParameters)
      (virDomainGetInterfaceParameters): Formatting tweaks.
      * daemon/remote.c (remoteDispatchDomainGetInterfaceParameters):
      Avoid memory leak.
      * src/libvirt_public.syms (LIBVIRT_0.9.9): Sort lines.
      * src/libvirt_private.syms (domain_conf.h): Likewise.
      * src/qemu/qemu_driver.c (qemuDomainSetInterfaceParameters): Fix
      comments, break long lines.
      269ce467
  10. 29 12月, 2011 1 次提交
  11. 21 12月, 2011 1 次提交
  12. 08 12月, 2011 1 次提交
  13. 30 11月, 2011 3 次提交
    • D
      Fix leak build config file path · 87e8ff1b
      Daniel P. Berrange 提交于
      * src/libvirt.c: Free user directory path
      87e8ff1b
    • L
      Add new API virDomain{Set, Get}BlockIoTune · 1f8a339d
      Lei Li 提交于
      This patch add new pulic API virDomainSetBlockIoTune and
      virDomainGetBlockIoTune.
      Signed-off-by: NLei Li <lilei@linux.vnet.ibm.com>
      Signed-off-by: NZhi Yong Wu <wuzhy@linux.vnet.ibm.com>
      Signed-off-by: NEric Blake <eblake@redhat.com>
      1f8a339d
    • E
      API: prevent query of --live and --config at once · 4199f3de
      Eric Blake 提交于
      Drivers were inconsistent when presented both --live and --config
      at once.  For example, within qemu, getting memory parameters
      favored live, getting blkio tuning favored config, and getting
      scheduler parameters errored out.  Also, some, but not all,
      attempts to mix flags on query were filtered at the virsh level.
      We shouldn't have to duplicate efforts in every client app, nor
      in every driver.  So, it is simpler to just enforce that the two
      flags cannot both be used at once on query operations, which has
      precedent in libvirt.c, and which matches the documentation of
      virDomainModificationImpact.
      
      * src/libvirt.c (virDomainGetMemoryParameters)
      (virDomainGetBlkioParameters)
      (virDomainGetSchedulerParametersFlags, virDomainGetVcpuPinInfo):
      Borrow sanity checking from virDomainGetVcpusFlags.
      4199f3de
  14. 29 11月, 2011 3 次提交
    • O
      block_resize: Define the new API · caef87d5
      Osier Yang 提交于
      The new API is named as "virDomainBlockResize", intending to add
      support for qemu monitor command "block_resize" (both HMP and QMP).
      
      Similar with APIs like "virDomainSetMemoryFlags", the units for
      argument "size" is kilobytes.
      caef87d5
    • S
      Implement the core API to suspend/resume the host · 4ddb37c3
      Srivatsa S. Bhat 提交于
      Add the core functions that implement the functionality of the API.
      Suspend is done by using an asynchronous mechanism so that we can return
      the status to the caller before the host gets suspended. This asynchronous
      operation is achieved by suspending the host in a separate thread of
      execution. However, returning the status to the caller is only best-effort,
      but not guaranteed.
      
      To resume the host, an RTC alarm is set up (based on how long we want to
      suspend) before suspending the host. When this alarm fires, the host
      gets woken up.
      
      Suspend-to-RAM operation on a host running Linux can take upto more than 20
      seconds, depending on the load of the system. (Freezing of tasks, an operation
      preceding any suspend operation, is given up after a 20 second timeout).
      And Suspend-to-Disk can take even more time, considering the time required
      for compaction, creating the memory image and writing it to disk etc.
      So, we do not allow the user to specify a suspend duration of less than 60
      seconds, to be on the safer side, since we don't want to prematurely declare
      failure when we only had to wait for some more time.
      4ddb37c3
    • S
      Add a public API to invoke suspend/resume on the host · 979676e3
      Srivatsa S. Bhat 提交于
      Implement the public definitions for the new API
      virNodeSuspendForDuration() which will be subsequently used to
      do a timed suspend on the host.
      979676e3
  15. 24 11月, 2011 2 次提交
    • J
      Introduce virConnectIsAlive API · afdf014f
      Jiri Denemark 提交于
      This API can be used to check if the socket associated with
      virConnectPtr is still open or it was closed (probably because keepalive
      protocol timed out). If there the connection is local (i.e., no socket
      is associated with the connection, it is trivially always alive.
      afdf014f
    • J
      Introduce virConnectSetKeepAlive · 8d6e3edd
      Jiri Denemark 提交于
      virConnectSetKeepAlive public API can be used by a client connecting to
      remote server to start using keepalive protocol. The API is handled
      directly by remote driver and not transmitted over the wire to the
      server.
      8d6e3edd
  16. 23 11月, 2011 3 次提交
    • E
      API: prefer 'disk' over 'block' or 'path' · 3ac26e26
      Eric Blake 提交于
      Given that we can now handle the target's disk shorthand, in addition
      to an absolute path to the file or block device used on the host,
      the term 'disk' fits a bit better as the parameter name than 'path'.
      
      * include/libvirt/libvirt.h.in: Update some parameter names.
      * src/libvirt.c (virDomainBlockStats, virDomainBlockStatsFlags)
      (virDomainBlockPeek, virDomainGetBlockInfo, virDomainBlockJobAbort)
      (virDomainGetBlockJobInfo, virDomainBlockJobSetSpeed)
      (virDomainBlockPull): Likewise.
      3ac26e26
    • E
      blockstats: support lookup by path in blockstats · c725e2dc
      Eric Blake 提交于
      Commit 89b6284f made it possible to pass either a source name or
      the target device to most API demanding a disk designation, but
      forgot to update the documentation.  It also failed to update
      virDomainBlockStats to take both forms. This patch fixes both the
      documentation and the remaining function.
      
      Xen continues to use just device shorthand (that is, I did not
      implement path lookup there, since xen does not track a domain_conf
      to quickly tie a path back to the device shorthand).
      
      * src/libvirt.c (virDomainBlockStats, virDomainBlockStatsFlags)
      (virDomainGetBlockInfo, virDomainBlockPeek)
      (virDomainBlockJobAbort, virDomainGetBlockJobInfo)
      (virDomainBlockJobSetSpeed, virDomainBlockPull): Document
      acceptable disk naming conventions.
      * src/qemu/qemu_driver.c (qemuDomainBlockStats)
      (qemuDomainBlockStatsFlags): Allow lookup by source name.
      * src/test/test_driver.c (testDomainBlockStats): Likewise.
      c725e2dc
    • E
      fix error message when using wrong URI alias · 5c5e07b8
      Eli Qiao 提交于
      Signed-off-by: NEli Qiao <taget@linux.vnet.ibm.com>
      
      When configuring a URI alias like this in 'libvirt.conf':
      
      uri_aliases = [
        "jj#j=qemu+ssh://root@127.0.0.1/system",
        "sleet=qemu+ssh://root@sleet.cloud.example.com/system",
      ]
      virsh -c jj#j
      
      It will show this error message:
      'no connection driver available for No connection for URI jj#j'
      Actually,we expect this message below:
      Malformed 'uri_aliases' config entry 'jj#j=qemu+ssh://root@127.0.0.1/system', aliases may only contain 'a-Z, 0-9, _, -'
      
      Give this patch to fix this error.
      5c5e07b8
  17. 12 11月, 2011 1 次提交
    • E
      API: add VIR_TYPED_PARAM_STRING · a218c81d
      Eric Blake 提交于
      This allows strings to be transported between client and server
      in the context of name-type-value virTypedParameter functions.
      For compatibility,
      
          o new clients will not send strings to old servers, based on
            a feature check
          o new servers will not send strings to old clients without the
            flag VIR_TYPED_PARAM_STRING_OKAY; this will be enforced at
            the RPC layer in the next patch, so that drivers need not
            worry about it in general.  The one exception is that
            virDomainGetSchedulerParameters lacks a flags argument, so
            it must not return a string; drivers that forward that
            function on to virDomainGetSchedulerParametersFlags will
            have to pay attention to the flag.
          o the flag VIR_TYPED_PARAM_STRING_OKAY is set automatically,
            based on a feature check (so far, no driver implements it),
            so clients do not have to worry about it
      
      Future patches can then enable the feature on a per-driver basis.
      
      This patch also ensures that drivers can blindly strdup() field
      names (previously, a malicious client could stuff 80 non-NUL bytes
      into field and cause a read overrun).
      
      * src/libvirt_internal.h (VIR_DRV_FEATURE_TYPED_PARAM_STRING): New
      driver feature.
      * src/libvirt.c (virTypedParameterValidateSet)
      (virTypedParameterSanitizeGet): New helper functions.
      (virDomainSetMemoryParameters, virDomainSetBlkioParameters)
      (virDomainSetSchedulerParameters)
      (virDomainSetSchedulerParametersFlags)
      (virDomainGetMemoryParameters, virDomainGetBlkioParameters)
      (virDomainGetSchedulerParameters)
      (virDomainGetSchedulerParametersFlags, virDomainBlockStatsFlags):
      Use them.
      * src/util/util.h (virTypedParameterArrayClear): New helper
      function.
      * src/util/util.c (virTypedParameterArrayClear): Implement it.
      * src/libvirt_private.syms (util.h): Export it.
      Based on an initial patch by Hu Tao, with feedback from
      Daniel P. Berrange.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      a218c81d
  18. 02 11月, 2011 2 次提交
  19. 28 10月, 2011 1 次提交
    • D
      Introduce the virDomainOpenGraphics API · 9d96f1ce
      Daniel P. Berrange 提交于
      The virDomainOpenGraphics API allows a libvirt client to pass in
      a file descriptor for an open socket pair, and get it connected
      to the graphics display of the guest. This is limited to working
      with local libvirt hypervisors connected over a UNIX domain
      socket, since it will use UNIX FD passing
      
      * include/libvirt/libvirt.h.in: Define virDomainOpenGraphics
      * src/driver.h: Define driver for virDomainOpenGraphics
      * src/libvirt_public.syms, src/libvirt.c: Entry point for
        virDomainOpenGraphics
      * src/libvirt_internal.h: VIR_DRV_FEATURE_FD_PASSING
      9d96f1ce
  20. 25 10月, 2011 1 次提交
    • E
      waitpid: improve safety · 69d044c0
      Eric Blake 提交于
      Based on a report by Coverity.  waitpid() can leak resources if it
      fails with EINTR, so it should never be used without checking return
      status.  But we already have a helper function that does that, so
      use it in more places.
      
      * src/lxc/lxc_container.c (lxcContainerAvailable): Use safer
      virWaitPid.
      * daemon/libvirtd.c (daemonForkIntoBackground): Likewise.
      * tests/testutils.c (virtTestCaptureProgramOutput, virtTestMain):
      Likewise.
      * src/libvirt.c (virConnectAuthGainPolkit): Simplify with virCommand.
      69d044c0
  21. 19 10月, 2011 1 次提交
    • D
      Allow for URI aliases when connecting to libvirt · 777ffbd0
      Daniel P. Berrange 提交于
      This adds support for a libvirt client configuration file
      either /etc/libvirt/libvirt.conf for privileged clients,
      or $HOME/.libvirt/libvirt.conf for unprivileged clients.
      
      It allows one parameter
      
       uri_aliases = [
         "hail=qemu+ssh://root@hail.cloud.example.com/system",
         "sleet=qemu+ssh://root@sleet.cloud.example.com/system",
       ]
      
      Any call to virConnectOpen with a non-NULL URI will first
      attempt to match against the uri_aliases list. An application
      can disable this by using VIR_CONNECT_NO_ALIASES
      
      * docs/uri.html.in: Document URI aliases
      * include/libvirt/libvirt.h.in: Add VIR_CONNECT_NO_ALIASES
      * libvirt.spec.in, mingw32-libvirt.spec.in: Add /etc/libvirt/libvirt.conf
      * src/Makefile.am: Install default config file
      * src/libvirt.c: Add support for URI aliases
      * src/remote/remote_driver.c: Don't try to handle URIs
        with no scheme and which clearly are not paths
      * src/util/conf.c: Don't raise error on virConfFree(NULL)
      * src/xen/xen_driver.c: Don't raise error on URIs
        with no scheme
      777ffbd0
  22. 15 10月, 2011 1 次提交
  23. 13 10月, 2011 2 次提交
    • M
      virDomainCoreDump: Introduce VIR_DUMP_RESET flag · 4dadfe59
      Michal Privoznik 提交于
      This flag is intended to allow user to do so called system reset
      after dump, instead of sending ACPI reboot event.
      4dadfe59
    • E
      snapshot: add API for filtering by leaves · 8b6d1a20
      Eric Blake 提交于
      Counterpart to --roots.
      
      * include/libvirt/libvirt.h.in (VIR_DOMAIN_SNAPSHOT_LIST_LEAVES):
      New flag.
      * src/libvirt.c (virDomainSnapshotNum, virDomainSnapshotListNames)
      (virDomainSnapshotNumChildren)
      (virDomainSnapshotListChildrenNames): Document it.
      * tools/virsh.c (cmdSnapshotList): Expose it.
      * tools/virsh.pod (snapshot-list): Document --leaves.
      8b6d1a20
  24. 11 10月, 2011 1 次提交
    • E
      snapshot: new virDomainSnapshotListChildrenNames API · f2013c9d
      Eric Blake 提交于
      The previous API addition allowed traversal up the hierarchy;
      this one makes it easier to traverse down the hierarchy.
      
      In the python bindings, virDomainSnapshotNumChildren can be
      generated, but virDomainSnapshotListChildrenNames had to copy
      from the hand-written example of virDomainSnapshotListNames.
      
      * include/libvirt/libvirt.h.in (virDomainSnapshotNumChildren)
      (virDomainSnapshotListChildrenNames): New prototypes.
      (VIR_DOMAIN_SNAPSHOT_LIST_DESCENDANTS): New flag alias.
      * src/libvirt.c (virDomainSnapshotNumChildren)
      (virDomainSnapshotListChildrenNames): New functions.
      * src/libvirt_public.syms: Export them.
      * src/driver.h (virDrvDomainSnapshotNumChildren)
      (virDrvDomainSnapshotListChildrenNames): New callbacks.
      * python/generator.py (skip_impl, nameFixup): Update lists.
      * python/libvirt-override-api.xml: Likewise.
      * python/libvirt-override.c
      (libvirt_virDomainSnapshotListChildrenNames): New wrapper function.
      f2013c9d
  25. 06 10月, 2011 1 次提交
    • E
      snapshot: add REVERT_FORCE to API · 3c797404
      Eric Blake 提交于
      Although reverting to a snapshot is a form of data loss, this is
      normally expected.  However, there are two cases where additional
      surprises (failure to run the reverted state, or a break in
      connectivity to the domain) can come into play.  Requiring extra
      acknowledgment in these cases will make it less likely that
      someone can get into an unrecoverable state due to a default revert.
      
      Also create a new error code, so users can distinguish when forcing
      would make a difference, rather than having to blindly request force.
      
      * include/libvirt/libvirt.h.in (VIR_DOMAIN_SNAPSHOT_REVERT_FORCE):
      New flag.
      * src/libvirt.c (virDomainRevertToSnapshot): Document it.
      * include/libvirt/virterror.h (VIR_ERR_SNAPSHOT_REVERT_RISKY): New
      error value.
      * src/util/virterror.c (virErrorMsg): Implement it.
      * tools/virsh.c (cmdDomainSnapshotRevert): Add --force to virsh.
      * tools/virsh.pod (snapshot-revert): Document it.
      3c797404
  26. 29 9月, 2011 1 次提交
  27. 28 9月, 2011 1 次提交
    • E
      snapshot: new virDomainSnapshotGetParent API · a2f706de
      Eric Blake 提交于
      Although a client can already obtain a snapshot's parent by
      dumping and parsing the xml, then doing a snapshot lookup by
      name, it is more efficient to get the parent in one step, which
      in turn will make operations that must traverse a snapshot
      hierarchy easier to perform.
      
      * include/libvirt/libvirt.h.in (virDomainSnapshotGetParent):
      Declare.
      * src/libvirt.c (virDomainSnapshotGetParent): New function.
      * src/libvirt_public.syms: Export it.
      * src/driver.h (virDrvDomainSnapshotGetParent): New callback.
      a2f706de
  28. 21 9月, 2011 1 次提交
  29. 16 9月, 2011 1 次提交