* src/vbox/vbox_CAPI_v3_0.h: this includes minor API changes for VBox
  3.0.6 released some days ago.

Integrate with QEMU monitor to provide encryption passphrase when
starting a guest using encrypted qcow volumes

* src/qemu_driver.c (findDomainDiskEncryption,
  findVolumeQcowPassphrase,
  qemudMonitorSendVolumePassphrase, qemudMonitorSendCont): Send a volume
  passphrase if qemu asks for it.

If the <encryption format='qcow'> element does not specify a secret
during volume creation, generate a suitable secret and add it to the
<encryption> tag.  The caller can view the updated <encryption> tag
using virStorageVolGetXMLDesc().

Similarly, when <encryption format='default'/> is specified while
creating a qcow or qcow2-formatted volume, change the format to "qcow"
and generate a secret as described above.

* src/storage_encryption_conf.h (VIR_STORAGE_QCOW_PASSPHRASE_SIZE,
  virStorageGenerateQcowPasphrase),
  src/storage_encryption_conf.c (virStorageGenerateQcowPasphrase),
  src/libvirt_private.syms: Add virStorageGenerateQcowPasphrase().
* src/storage_backend.c (virStoragegenerateQcowEncryption,
  virStorageBackendCreateQemuImg): Generate a passphrase and
  <encryption> when creating a qcow-formatted encrypted volume and the
  user did not supply the information.

* src/virsh.c: Add virsh commands.
* docs/virsh.pod, virsh.1: Update documentation.

This implementation stores the secrets in an unencrypted text file,
for simplicity in implementation and debugging.

(Symmetric encryption, e.g. using gpgme, will not be difficult to add.
Because the TLS private key used by libvirtd is stored unencrypted,
encrypting the secrets file does not currently provide much additional
security.)

* include/libvirt/virterror.h, src/virterror.c (VIR_ERR_NO_SECRET): New
  error number.
* po/POTFILES.in, src/Makefile.am: Add secret_driver.
* bootstrap: Use gnulib's base64 module.
* src/secret_driver.c, src.secret_driver.h, src/libvirt_private.syms:
  Add local secret driver.
* qemud/qemud.c (qemudInitialize): Use the local secret driver.

Add a <secret> XML handling API, separate from the local driver, to
avoid manually generating XML in other parts of libvirt.

* src/secret_conf.c, src/secret_conf.h: New files.
* po/POTFILES.in, src/Makefile.am: Add secret_conf.

Add a VIR_SECRET_GET_VALUE_INTERNAL_CALL flag value, replacing the
originally separate libvirt_internal_call parameter.  The flag is used
to differentiate external virSecretGetValue() calls from internal calls
by libvirt drivers that need to use the secret even if it is private.

* src/libvirt_internal.h Remove VIR_DOMAIN_XML_FLAGS_MASK
* src/driver.h Add VIR_SECRET_GET_VALUE_FLAGS_MASK constant and
  VIR_SECRET_GET_VALUE_INTERNAL_CALL. Re-add the
  VIR_DOMAIN_XML_FLAGS_MASK constant
* src/libvirt.c (virSecretGetValue): Don't allow the user to specify
  internal flags.

Remove the bogus dependancy between node_device.c & storage_backend.c
by moving the virWaitForDevices into util.h where it can be shared
safely

* src/storage_backend_disk.c, src/storage_backend_logical.c,
  src/storage_backend_mpath.c, src/storage_backend_scsi.c: Replace
  virStorageBackendWaitForDevices with virFileWaitForDevices
* src/storage_backend.c, src/storage_backend.h: Remove
  virStorageBackendWaitForDevices, virWaitForDevices
* src/util.h, src/util.c: Add virFileWaitForDevices
* configure.in: Move xmlrpc check further down after pkgconfig
  is detected
* src/Makefile.am: Add missing XMLRPC_CFLAGS/LIBS to opennebula
* src/libvirt_private.syms: Add many missing exports

The interface allows qemudMonitorSendCont() to report errors that are
not overridden by its callers.

Also fix a potential infinite loop in qemuDomainCoreDump() if sending
cont repeatedly fails.

* src/qemu_driver.c (qemudMonitorSendCont): New function.
  (qemudAutostartConfigs): Reset error before each call to
  qemudStartVMDaemon().
  (qemudInitCpus, qemudDomainResume, qemudDomainCoreDump,
  qemudDomainRestore, qemudDomainMigratePerform,
  qemudDomainMigrateFinish2): Use qemudMonitorSendCont().

* docs/formatsecret.html.in, docs/formatsecret.html: Document <usage
  type='volume'>, replacing stand-alone <volume>.
* docs/schemas/secret.rng: Update schema to require <usage
  type='volume'>

* src/security_selinux.c: Use virReportSystemError whereever an
  errno is involved
* src/qemu_driver.c: Don't overwrite error message from the
  security driver

* src/security.h: Driver API for relabelling host devices
* src/security_selinux.c: Implement relabelling of PCI and USB
  devices
* src/qemu_driver.c: Relabel USB/PCI devices before hotplug

* src/qemu_driver.c: Remove usbfs/sysfs iterator code and call
  into generic helper APIs instead when setting device permissions

* src/pci.h, src/pci.c: Helper for iterating over PCI device
  resource files
* src/libvirt_private.syms: Export pciDeviceFileIterate

* src/Makefile.am: Add usb.h and usb.h to libvirt_util.la
* src/libvirt_private.syms: Export symbols
* src/usb.c, src/usb.h: Helper APIs for USB host devices

* src/qemu_conf.c: Fix leak of values upon OOM
* src/xend_internal.c: Fix missing check for OOM failure
* tests/qemuargv2xmltest.c, tests/qemuxml2argvtest.c: Free
  stateDir upon exit to avoid leak

* src/logging.c: Fix buffer offset in logging read

Fix all thread locking bugs reported by object-locking test
case.

NB, some of the driver locking is getting too coarse. Driver
mutexes really need to be turned into RW locks instead to
significantly increase concurrency.

* src/lxc_driver.c: Fix useof driver when unlocked in the methods
  lxcDomainGetInfo, lxcSetSchedulerParameters, and
  lxcGetSchedulerParameters
* src/opennebula/one_driver.c: Fix missing unlock in oneDomainUndefine.
  Fix use of driver when unlocked in oneDomainGetInfo,
  oneGetOSType, oneDomainShutdown
* src/qemu_driver.c: Fix use of driver when unlocked in
  qemudDomainSavem, qemuGetSchedulerType, qemuSetSchedulerParameters
  and qemuGetSchedulerParameters
* src/storage_driver.c: Re-work storagePoolCreate to avoid bogus
  lock checking warning. Re-work storageVolumeCreateXMLFrom to
  remove a potential NULL de-reference & avoid bogus lock check
  warnings
* src/test.c: Remove testDomainAssignDef since it break lock chekc
  warnings.
* tests/object-locking.ml: Add oneDriverLock, oneDriverUnlock
  and one_driver_t methods/types to allow lock checking on the
   OpenNebula drivers

* tests/testutilsqemu.c: add a machine types list for /usr/bin/kvm
  which doesn't have any aliases, while the guest has aliases

* tests/qemuxml2argvdata/qemuxml2argv-machine-aliases2.*,
  tests/qemuxml2argvtest.c: add a test using /usr/bin/kvm and make
  sure that 'pc' machine type doesn't get canonicalized using the
  aliases in the guest machine type list

The algorithm is quite simple:

  If the emulator matches a guest's domain:
    if domain has machine type info:
      check the domain's machine type info
    else
      check the guest's default machine type info
  else if the emulator matches the guest's default emulator:
     check the guest's default machine type info

The previous implementation was incorrectly falling back to the default
machine type info if the domain's machine type info didn't have an
alias.

* src/qemu_driver.c: simplify and fix qemudCanonicalizeMachine()

Currently we only probe the main qemu binary for machine types, but we
should also probe the kvm binary.

* src/qemu_conf.c: probe kvm binary machines in qemudCapsInitGuest()

Rather than just looking at the default domain info, look at all
domains

* src/qemu_conf.c: look at all domains in qemudGetOldMachines()

We need to look at all the domain infos in guest capabilities, not
just the defaults.

In order to allow that, split out a qemudGetOldMachinesFromInfo()
from qemudGetOldMachines(). We'll make more use of it in the next
patch.

* src/qemu_conf.c: split out qemudGetOldMachinesFromInfo() from
  qemudGetOldMachines()

* tests/testutilsqemu.c: make 'pc' an alias for qemu-system-x86_64

* tests/qemuxml2argvdata/qemuxml2argv-machine-aliases1.*,
  tests/qemuxml2argvtest.c: add a test which uses qemu-system-x86_64
  and make sure the machine type is canonicalized.

* test/testutilsqemu.c: split out code to testQemuAllocMachines()
  and make use of the ARRAY_CARDINALITY macro

This doesn't have any affect on the current tests because we don't have
any machine aliases in the current test data.

* src/qemu_conf.h, src/qemu_driver.c: expose qemudCanonicalizeMachine()
  for the tests

* tests/qemuxml2argvtest.c: canonicalize the machine type

* src/testutils.[ch]: make testDebug externally available

* src/testutilsqemu.c: if VIR_TEST_DEBUG is set, dump the qemu
  driver capabilities to stderr

* src/capabilities.c: fix machine type formatting in
  virCapabilitiesFormatXML()

* tests/qemuhelpdata/qemu-kvm-0.11.0-rc2: add data

* tests/qemuhelptest.c: add expected output

Things added include

  - x86_64 host
  - Migration features
  - NUMA topology
  - Security model
  - Canonical machine types
  - Domain machine types
  - An arm guest
  - More machine types for mips, mipsel, sparc and ppc
  - An x86_64 xenner guest

This file was generated on a Fedora 12 machine using latest libvirt
and qemu-kvm-0.11.0-rc2

* tests/capabilityschemadata/caps-qemu-kvm.xml: add more features
  to test

* docs/schemas/capabilities.rng: add arm and sort arches

* docs/schemas/capabilities.rng: allow multiple machines per domain
  just like they are allowed for guests

* docs/schemas/capabilities.rng: include esx and tcp uri_transport

After the mentioned patch was applied, I noticed that
shutting down a kvm guest from inside (i.e. poweroff) caused
the guest to shutdown, but not removed from the list of
active guests.  DanB pointed out that the problem is that
the virEventAddHandle() call in the qemu driver was asking
to watch for 0 events, not HANGUP | ERROR as it should.  Add
these events so that shutdown works again.
Signed-off-by: NChris Lalancette <clalance@redhat.com>

* src/qemu_driver.c (qemudDomainRestore): Use the new ...TypeToString
function here, too.

* src/qemu_driver.c: avoid a leak of file descriptor when exec'ing qemu

lzop was removed due to some confusion over whether it provided functional
advantages distinct from xz. This has been addressed in the mailing list post
archived at http://permalink.gmane.org/gmane.comp.emulators.libvirt/16487, and
support for lzop is re-added here.

* libvirt.spec.in: add dependancy on lzop
* src/qemu.conf: update documentation of save_image_format
* src/qemu_driver.c: re-add lzop compression option

* src/qemu_driver.c: drop lzma and lzop images compression options
  as they are deprecated by xz
* libvirt.spec.in: add requires for xz/bzip2/gzip as they are needed
  to implement the compression options

* configure.in: phyp driver uses libssh2_session_block_directions()
  which is only available in libssh2 >= 1.0, so check for this symbol
  too when configuring

* src/qemu_driver.c (QEMUD_SAVE_FORMAT_LAST): Define.
(qemudSaveCompressionTypeFromString): Declare.
(qemudSaveCompressionTypeToString): Declare.
(qemudDomainSave): Use those functions rather than open-coding them.
Use "cat >> '%s' ..." in place of equivalent
"dd of='%s' oflag=append conv=notrunc ...".