- 11 12月, 2018 5 次提交
-
-
由 Daniel P. Berrangé 提交于
The virt-pki-validate tool is extracting components in the x509 certificate Subject field. Unfortunately the regex it is is using is far too strict, and so truncating valid data. It needs to consider ',' as a field separator, and if that's not there take all data until the EOL. With the broken regex: $ echo " Subject: O=Test,CN=guestHyp1ver" | sed 's+.*CN=\(.[a-zA-Z \._-]*\).*+\1+' guestHyp And with the fixed regex $ echo "Subject: O=Test,CN=guestHyp1ver" | sed 's+.*CN=\([^,]*\).*+\1+' guestHyp1ver Reported-by: NKashyap Chamarthy <kchamart@redhat.com> Reviewed-by: NKashyap Chamarthy <kchamart@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Erik Skultety 提交于
Commit 255e0732 introduced a few graphics-related helpers. The problem is that virDomainGraphicsNeedsAutoRenderNode returns true if it gets NULL as a response from virDomainGraphicsNeedsAutoRenderNode. That's okay for egl-headless because that one always needs a DRM render node, the same is not true for SPICE though, and unless the XML specifies <gl enable='yes'> for SPICE, there's no need for any renderer. Signed-off-by: NErik Skultety <eskultet@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Nikolay Shirokovskiy 提交于
Disable external snapshot of a readonly disk for domains as this operation is not very useful. Such a snapshot is not possible for active domains but the error message from QEMU is more cryptic: error: internal error: unable to execute QEMU command 'transaction': Could not create file: Permission denied This error at least makes the error more understandable for active domains and disallows for inactive domains as well. Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
If domain is killed with `xl destroy`, libvirt will not notice it and still report the domain as running. Also trying to destroy the domain through libvirt will fail. The only way to recover from such a situation is to restart libvirt daemon. The problem is that even though libxl report LIBXL_EVENT_TYPE_DOMAIN_DEATH, libvirt ignore it as all the domain cleanup is done in a function actually destroying the domain. If destroy is done outside of libvirt, there is no place where it would be handled. Fix this by doing domain cleanup in LIBXL_EVENT_TYPE_DOMAIN_DEATH too. To avoid doing it twice, add a ignoreDeathEvent flag libxlDomainObjPrivate, set when the domain death is triggered by libvirt itself. Signed-off-by: NMarek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Reviewed-by: NJim Fehlig <jfehlig@suse.com>
-
Since domain was suspended before and on failed wakeup is destroyed, send an event. Also, add missing libxlDomainCleanup. Signed-off-by: NMarek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Reviewed-by: NJim Fehlig <jfehlig@suse.com>
-
- 09 12月, 2018 2 次提交
-
-
由 Laine Stump 提交于
Commit 017dfa27 changed a few switch statements in the LXC code to have all possible enum values, and in the process changed the switch statement in virLXCControllerGetNICIndexes() to return an error status for unsupported interface types, but it erroneously put type='direct' on the list of unsupported types. type='direct' (implemented with a macvlan interface) is supported on LXC, but it's interface shouldn't be placed on the list of interfaces given to CreateMachineWithNetwork() because the interface is put inside the container, while CreateMachineWithNetwork() only wants to know about the parent veths of veth pairs (the parent veth remains on the host side, while the child veth is put into the container). Resolves: https://bugzilla.redhat.com/1656463Signed-off-by: NLaine Stump <laine@laine.org> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Laine Stump 提交于
virLXCControllerGetNICIndexes() was deciding whether or not to add the ifindex for an interface's ifname to the list of ifindexes sent to CreateMachineWithNetwork based on the interface type stored in the config. This would be incorrect in the case of <interface type='network'> where the network was giving out macvlan interfaces tied to a physical device (i.e. when the actual interface type was "direct"). Instead of checking the setting of "net->type", we should be checking the setting of virDomainNetGetActualType(net). I don't think this caused any actual misbehavior, it was just technically wrong. Signed-off-by: NLaine Stump <laine@laine.org> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
- 07 12月, 2018 8 次提交
-
-
由 Daniel P. Berrangé 提交于
The networkxml2firewalltest sets virCommand to dry run mode but doesn't provide a callback to fill in stdout/stderr. As a result when the firewall code queries rules it gets a NULL output and so never triggers the callback to process output. This trivial change just returns an empty string for the command output in order to ensure the callback gets triggered. It has no effect right now, but in future patches this will trigger greater test coverage. Reviewed-by: NLaine Stump <laine@laine.org> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
Reviewed-by: NLaine Stump <laine@laine.org> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
Most of the iptables APIs share code for the add/delete paths, but a couple were separated. Merge the remaining APIs to facilitate future changes. Reviewed-by: NLaine Stump <laine@laine.org> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Jim Fehlig 提交于
Signed-off-by: NJim Fehlig <jfehlig@suse.com> ACKed-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Jim Fehlig 提交于
Add support for converting openvswitch interface configuration to/from libvirt domXML and xl.cfg(5). The xl config syntax for virtual interfaces is described in detail in the xl-network-configuration(5) man page. The Xen Networking wiki also contains information and examples for using openvswitch in xl.cfg config format https://wiki.xenproject.org/wiki/Xen_Networking#Open_vSwitch Tests are added to check conversions of openvswitch tagged and trunked VLAN configuration. Signed-off-by: NJim Fehlig <jfehlig@suse.com> ACKed-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Jim Fehlig 提交于
It is currently possible to use <interface>s of type openvswitch with the libxl driver in a non-standard way, e.g. <interface type='bridge'> <source bridge='ovsbr0'/> <mac address='00:16:3e:7a:35:ce'/> <script path='vif-openvswitch'/> </interface> This patch adds support for openvswitch <interface>s specified in typical libvirt config <interface type='bridge'> <source bridge='ovsbr0'/> <mac address='00:16:3e:7a:35:ce'/> <virtualport type='openvswitch'/> </interface> VLAN tags and trunking are also supported using the extended syntax for specifying an openvswitch bridge in libxl BRIDGE_NAME[.VLAN][:TRUNK:TRUNK] See Xen's networking wiki for more details on openvswitch support https://wiki.xenproject.org/wiki/Xen_Networking#Open_vSwitchSigned-off-by: NJim Fehlig <jfehlig@suse.com> ACKed-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 John Ferlan 提交于
Commit 212dc928 made a generic qemuDomainGetIOThreadsMon which would fail if the QEMU_CAPS_OBJECT_IOTHREAD didn't exist. Then commit d1eac927 used that helper for the collection of all domain stats. However, if the capability doesn't exist, then the entire stats collection fails. Since the IOThread stats were meant to be if available only, thus rather than failing if the capability doesn't exist, let's just not collect the stats. Restore the caps failure logic for qemuDomainGetIOThreadsLive. Signed-off-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 John Ferlan 提交于
During qemuConnectGetAllDomainStats if qemuDomainGetStats causes a failure, then when collecting more than one domain's worth of statistics the loop in virDomainStatsRecordListFree would call virDomainFree which would call virResetLastError effectively wiping out the reason we failed leaving the caller with no idea why the collection failed. To fix this, let's Preserve the error and Restore it prior to return so that a caller such as 'virsh domstats' doesn't get the generic "error: An error occurred, but the cause is unknown". Signed-off-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
- 06 12月, 2018 5 次提交
-
-
由 Peter Krempa 提交于
Remove the disk from tests focusing on other aspects so that change to -blockdev will touch less tests. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
We already have a way stricter check in the code which is doing the snapshot so duplicating it in the parser does not make much sense. Also gets rid of an ugly ternary operator. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
We are preparing a certain disk source passed in as '@src' so the individual functions should use that rather than disk->src which corresponds to the top level element of the chain only. Without this change TLS and persistent reservations would not work for backing images of a chain when using -blockdev. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
The function clears and frees the passed buffers on success, but not in one case of failure. Modify the control flow that the args are always consumed, record it in the docs and remove few pointless cleanup paths in callers. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Add markers for allowing test debugging if one of the steps fails without setting a proper error. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
- 05 12月, 2018 2 次提交
-
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1656014 An RNG device can consists of more devices than RND device itself. For instance, in case of EGD there is a chardev that connects to EGD daemon and feeds the qemu with random data. When doing RNG device removal we have to remove the associated chardev as well. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Yuri Chornoivan 提交于
Signed-off-by: NYuri Chornoivan <yurchor@ukr.net> Reviewed-by: NJán Tomko <jtomko@redhat.com> Signed-off-by: NJán Tomko <jtomko@redhat.com>
-
- 04 12月, 2018 4 次提交
-
-
由 Michal Privoznik 提交于
The way that the code is currently written makes my eyes hurt. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Erik Skultety 提交于
Caused by commit 39480969Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
由 Michal Privoznik 提交于
The indentation of the code in this function is a bit off. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
There are two functions called from syncNicRxFilterMultiMode: virNetDevSetRcvAllMulti() and virNetDevSetRcvMulti(). Both of them return 0 on success and -1 on error. However, currently their return value is checked for != 0 which conflicts with our assumptions on retvals: a positive value is still considered success but with current check it would lead to failure. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 03 12月, 2018 14 次提交
-
-
由 Erik Skultety 提交于
Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
由 Erik Skultety 提交于
Depending on whether QEMU actually supports the option, we can put the 'rendernode' on the '-display egl-headless' cmdline. https://bugzilla.redhat.com/show_bug.cgi?id=1628892Signed-off-by: NErik Skultety <eskultet@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Erik Skultety 提交于
Just like for SPICE, we need to change the permissions on the DRI device used as the @rendernode for egl-headless graphics type. Signed-off-by: NErik Skultety <eskultet@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Erik Skultety 提交于
Just like for SPICE, we need to put the render node DRI device into the device cgroup list so that users don't need to add it manually via qemu.conf file. Signed-off-by: NErik Skultety <eskultet@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Erik Skultety 提交于
Just like for SPICE, we need to put the DRI device into the namespace, otherwise it will be left out from the DAC relabeling process. Signed-off-by: NErik Skultety <eskultet@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Erik Skultety 提交于
Unlike with SPICE and SDL which use the <gl> subelement to enable OpenGL acceleration, specifying egl-headless graphics in the XML has essentially the same meaning, thus in case of egl-headless we don't have a need for the 'enable' element attribute and we'll only be interested in the 'rendernode' one further down the road. Signed-off-by: NErik Skultety <eskultet@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Erik Skultety 提交于
Since we need to specify the rendernode option onto QEMU cmdline, we need this union member to retain consistency in how we build the cmdline. Signed-off-by: NErik Skultety <eskultet@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Erik Skultety 提交于
Now that we have QAPI introspection of display types in QEMU upstream, we can check whether the 'rendernode' option is supported with egl-headless display type. Signed-off-by: NErik Skultety <eskultet@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Erik Skultety 提交于
We're going to need a bit more logic for egl-headless down the road so prepare a helper just like for the other display types. Signed-off-by: NErik Skultety <eskultet@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Erik Skultety 提交于
Up until now, we formatted 'rendernode=' onto QEMU cmdline only if the user specified it in the XML, otherwise we let QEMU do it for us. This causes permission issues because by default the /dev/dri/renderDX permissions are as follows: crw-rw----. 1 root video There's literally no reason why it shouldn't be libvirt picking the DRM render node instead of QEMU, that way (and because we're using namespaces by default), we can safely relabel the device within the namespace. Signed-off-by: NErik Skultety <eskultet@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Erik Skultety 提交于
A few simple helpers that allow us to determine whether a graphics can and will need to make use of a DRM render node. Signed-off-by: NErik Skultety <eskultet@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Erik Skultety 提交于
This is the first step towards libvirt picking the first available render node instead of QEMU. It also makes sense for us to be able to do that, since we allow specifying the node directly for SPICE, so if there's no render node specified by the user, we should pick the first available one. The algorithm used for that is essentially the same as the one QEMU uses. Signed-off-by: NErik Skultety <eskultet@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Jason Baron 提交于
Guest network devices can set 'overflow' when there are a number of multicast ips configured. For virtio_net, the limit is only 64. In this case, the list of mac addresses is empty and the 'overflow' condition is set. Thus, the guest will currently receive no multicast traffic in this state. When 'overflow' is set in the guest, let's turn this into ALLMULTI on the host. Signed-off-by: NJason Baron <jbaron@akamai.com> Acked-by: NMichael S. Tsirkin <mst@redhat.com> Acked-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Stefan Schallenberg 提交于
Signed-off-by: NStefan Schallenberg <infos@nafets.de> Reviewed-by: NAndrea Bolognani <abologna@redhat.com>
-