[libvirt] [PATCH] blockdev: preserve readonly and snapshot states across media changes
by Kevin Shanahan
If readonly=on is given at device creation time, the ->readonly flag
needs to be set in the block driver state for this device so that
readonly-ness is preserved across media changes (qmp change command).
Similarly, to preserve the snapshot property requires ->open_flags to
be correct.
Signed-off-by: Kevin Shanahan <kmshanah(a)disenchant.net>
---
blockdev.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/blockdev.c b/blockdev.c
index 8669142..84f9a2e 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -526,6 +526,8 @@ DriveInfo *drive_init(QemuOpts *opts, int default_to_scsi)
if_name[type], mediastr, unit_id);
}
dinfo->bdrv = bdrv_new(dinfo->id);
+ dinfo->bdrv->open_flags = snapshot ? BDRV_O_SNAPSHOT : 0;
+ dinfo->bdrv->read_only = ro;
dinfo->devaddr = devaddr;
dinfo->type = type;
dinfo->bus = bus_id;
--
1.7.12
12 years, 2 months
[libvirt] [PATCH] Remove a redundant line in src/qemu/qemu_driver.c
by Tang Chen
Signed-off-by: Tang Chen <tangchen(a)cn.fujitsu.com>
---
src/qemu/qemu_driver.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 12ac15c..2f58eca 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -4050,7 +4050,6 @@ qemudDomainPinEmulator(virDomainPtr dom,
if (VIR_ALLOC(newVcpuPin) < 0) {
virReportOOMError();
goto cleanup;
- newVcpuPinNum = 0;
}
if (virDomainVcpuPinAdd(&newVcpuPin, &newVcpuPinNum, cpumap, maplen, -1) < 0) {
--
1.7.10.1
12 years, 2 months
[libvirt] [PATCH 0/2] network: virNetworkUpdate section backends
by Laine Stump
These patches are the backends for ip-dhcp-range and portgroups. Since
virsh, the bridge driver, and the toplevel of the NetworkObj function
of virNetworkUpdate already support all sections, only the lowest
level routine in network_conf.c needs to be modified (an "unsupported"
error log is replaced with real functionality).
These functions are self-contained (each updates the contents of a
single static function) and only used by the new virNetworkUpdate API;
no other code is touched by the patches, so they are fairly safe to
add.
12 years, 2 months
[libvirt] [PATCH] simplify xenXMDomainPinVcpu function
by liguang
supersede tedious statements getting cpu bitmap
from parameter cpumap by virBitmapNewData function
Signed-off-by: liguang <lig.fnst(a)cn.fujitsu.com>
---
src/xen/xm_internal.c | 38 +++-----------------------------------
1 files changed, 3 insertions(+), 35 deletions(-)
diff --git a/src/xen/xm_internal.c b/src/xen/xm_internal.c
index a4dec62..97c19ef 100644
--- a/src/xen/xm_internal.c
+++ b/src/xen/xm_internal.c
@@ -827,12 +827,7 @@ int xenXMDomainPinVcpu(virDomainPtr domain,
xenUnifiedPrivatePtr priv;
const char *filename;
xenXMConfCachePtr entry;
- virBuffer mapbuf = VIR_BUFFER_INITIALIZER;
- char *mapstr = NULL, *mapsave = NULL;
- int i, j, n, comma = 0;
int ret = -1;
- virBitmapPtr cpuset = NULL;
- int maxcpu = XEN_MAX_PHYSICAL_CPU;
if (domain == NULL || domain->conn == NULL || domain->name == NULL
|| cpumap == NULL || maplen < 1 || maplen > (int)sizeof(cpumap_t)) {
@@ -863,43 +858,16 @@ int xenXMDomainPinVcpu(virDomainPtr domain,
goto cleanup;
}
- /* from bit map, build character string of mapped CPU numbers */
- for (i = 0; i < maplen; i++)
- for (j = 0; j < 8; j++)
- if ((cpumap[i] & (1 << j))) {
- n = i*8 + j;
-
- if (comma)
- virBufferAddLit (&mapbuf, ",");
- comma = 1;
-
- virBufferAsprintf (&mapbuf, "%d", n);
- }
-
- if (virBufferError(&mapbuf)) {
- virBufferFreeAndReset(&mapbuf);
- virReportOOMError();
- goto cleanup;
- }
-
- mapstr = virBufferContentAndReset(&mapbuf);
- mapsave = mapstr;
-
- if (virBitmapParse(mapstr, 0, &cpuset, maxcpu) < 0)
- goto cleanup;
-
virBitmapFree(entry->def->cpumask);
- entry->def->cpumask = cpuset;
- cpuset = NULL;
-
+ entry->def->cpumask = virBitmapNewData(cpumap, maplen);
+ if (!entry->def->cpumask)
+ goto cleanup;
if (xenXMConfigSaveFile(domain->conn, entry->filename, entry->def) < 0)
goto cleanup;
ret = 0;
cleanup:
- VIR_FREE(mapsave);
- VIR_FREE(cpuset);
xenUnifiedUnlock(priv);
return ret;
}
--
1.7.2.5
12 years, 2 months
[libvirt] [PATCHv2 0/2] two different possibilities for virsh net-update command
by Laine Stump
The two following patches are alternate approaches that each have a
slightly different commandline syntax.
In V1 of the net-update patch, I tried having a single string option
that could contain either an xml string, or the name of a file
containing an xml string, then two options that would be used to make the decision of file vs. xml:
net-update netname add ip-dhcp-host --xml "<host mac='xx..' .../>"
net-update netname add ip-dhcp-host /tmp/myfile.xml
(or 'net-update netname add ip-dhcp-host --file /tmp/myfile.xml')
(the trick here is that "--xml" is a boolean option, *not* a string
option that gets set to "<host...", and the string itself goes into a
generic, usually unnamed option called xmldata. Likewise, the filename
is being put into xmldata, and if the "--xml" boolean option isn't
given on the commandline, it's assumed that it is a file. The ability
to specifically say it is a file was just added for completeness, but
really is semantically useless.)
The problem with this is that someone looking at the syntax in the
help might come up with a confusing commandline like this:
net-update netname add --xmldata /tmp/myfile.xml --file \
--section ip-dhcp-host --live
or
net-update netname add --xmldata "<host mac='x:x...'/>" --xml \
--section ip-dhcp-host --live
or even worse, they would specify "--xmldata", but leave out --xml,
and virsh would attempt to interpret the text as a filename.
On the other hand, if I named the string option "file" and the boolean
option --xmldata, that would make things confusing even in the case
that the command was *correct*:
net-update netname add --file "<host mac='x:x...'/>" --xmldata \
--section ip-dhcp-host --live
Of course, in any of those cases, if the user followed the "normal"
command specification, it would look just fine, but it seems like
there is a lot of room to cause confusion.
So, for V2, I'm trying two different approaches:
PATCHv2 1/2: Have a single required "xml" arg, and "auto-detect"
whether it is xml text or a filename by looking at the first character
- if the first character is "<", interpret it as an xml element. If
not, interpret it as a filename. This leads to the simplest
commandlines, since you *never* need to specify "--file" or "--xml"
(unless you really want to):
net-update netname add ip-dhcp-host "<host mac='xx..' .../>"
net-update netname add ip-dhcp-host /tmp/myfile.xml
(The ambiguous case of a filename starting with "<" can be avoided by
specifying the filename as "./<....")
There may be some circumstance I'm not aware of where a fully formed XML element doesn't necessarily start with a "<" though, or someone may be 100% against auto-disambiguating the string type, so I'm also sending a different version:
PATCHv2 2/2: Have two separate optional string args, "file" and
"xml". Manually check in the code that only one of them has been
specified. Since both are optional, you must *always* provide the
option name on the commandline ("--file" or "--xml"). In this case, the commandlines look like this:
net-update netname add ip-dhcp-host --xml "<host mac='xx..' .../>"
net-update netname add ip-dhcp-host --file /tmp/myfile.xml
I'm (as usual) completely undecided about which of these versions to
go with (including the first, which should still be considered,
although I don't really like the possibility of creating confusing
commandlines that it creates), so all votes/opinions/etc are welcome!
12 years, 2 months
[libvirt] [PATCH] docs: fix typo in filesystem docs
by Eric Blake
Noticed this by reading the page. It would be so much nicer if our
tools could automatically flag things like this as part of 'make'.
* docs/formatdomain.html.in: Remove extra '>'.
---
Pushing under the trivial rule.
docs/formatdomain.html.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index f05350e..04de870 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -1772,7 +1772,7 @@
which gives the memory usage limit in kibibytes. Only used
by LXC driver.
<span class="since"> (since 0.9.13)</span></dd>
- <dt><code>type='bind'></code></dt>
+ <dt><code>type='bind'</code></dt>
<dd>
A directory inside the guest will be bound to another
directory inside the guest. Only used by LXC driver
--
1.7.11.4
12 years, 2 months
[libvirt] [PATCH] maint: fix up copyright notice inconsistencies
by Eric Blake
https://www.gnu.org/licenses/gpl-howto.html recommends that
the 'If not, see <url>.' phrase be a separate sentence.
* tests/securityselinuxhelper.c: Remove doubled line.
* tests/securityselinuxtest.c: Likewise.
* globally: s/; If/. If/
---
Pushing under the trivial rule. Eliding most of this email, since
it is rather mechanical:
git grep -l '; If' | xargs sed -i 's/; If/. If/'
bootstrap.conf | 2 +-
build-aux/augeas-gentest.pl | 2 +-
daemon/libvirtd-config.c | 2 +-
daemon/libvirtd-config.h | 2 +-
daemon/libvirtd.c | 2 +-
daemon/libvirtd.h | 2 +-
daemon/remote.c | 2 +-
daemon/remote.h | 2 +-
daemon/stream.c | 2 +-
daemon/stream.h | 2 +-
examples/systemtap/events.stp | 2 +-
examples/systemtap/qemu-monitor.stp | 2 +-
examples/systemtap/rpc-monitor.stp | 2 +-
include/libvirt/libvirt-qemu.h | 2 +-
include/libvirt/libvirt.h.in | 2 +-
include/libvirt/virterror.h | 2 +-
src/conf/capabilities.c | 2 +-
src/conf/capabilities.h | 2 +-
src/conf/cpu_conf.c | 2 +-
src/conf/cpu_conf.h | 2 +-
src/conf/device_conf.c | 2 +-
src/conf/device_conf.h | 2 +-
src/conf/domain_audit.c | 2 +-
src/conf/domain_audit.h | 2 +-
src/conf/domain_conf.c | 2 +-
src/conf/domain_conf.h | 2 +-
src/conf/domain_event.c | 2 +-
src/conf/domain_event.h | 2 +-
src/conf/domain_nwfilter.c | 2 +-
src/conf/domain_nwfilter.h | 2 +-
src/conf/interface_conf.c | 2 +-
src/conf/interface_conf.h | 2 +-
src/conf/netdev_bandwidth_conf.c | 2 +-
src/conf/netdev_bandwidth_conf.h | 2 +-
src/conf/netdev_vlan_conf.c | 2 +-
src/conf/netdev_vlan_conf.h | 2 +-
src/conf/netdev_vport_profile_conf.c | 2 +-
src/conf/netdev_vport_profile_conf.h | 2 +-
src/conf/network_conf.c | 2 +-
src/conf/network_conf.h | 2 +-
src/conf/node_device_conf.c | 2 +-
src/conf/node_device_conf.h | 2 +-
src/conf/nwfilter_conf.c | 2 +-
src/conf/nwfilter_conf.h | 2 +-
src/conf/nwfilter_ipaddrmap.c | 2 +-
src/conf/nwfilter_ipaddrmap.h | 2 +-
src/conf/nwfilter_params.c | 2 +-
src/conf/nwfilter_params.h | 2 +-
src/conf/secret_conf.c | 2 +-
src/conf/secret_conf.h | 2 +-
src/conf/snapshot_conf.c | 2 +-
src/conf/snapshot_conf.h | 2 +-
src/conf/storage_conf.c | 2 +-
src/conf/storage_conf.h | 2 +-
src/conf/storage_encryption_conf.c | 2 +-
src/conf/storage_encryption_conf.h | 2 +-
src/conf/virconsole.c | 2 +-
src/conf/virconsole.h | 2 +-
src/cpu/cpu.c | 2 +-
src/cpu/cpu.h | 2 +-
src/cpu/cpu_arm.c | 2 +-
src/cpu/cpu_arm.h | 2 +-
src/cpu/cpu_generic.c | 2 +-
src/cpu/cpu_generic.h | 2 +-
src/cpu/cpu_map.c | 2 +-
src/cpu/cpu_map.h | 2 +-
src/cpu/cpu_powerpc.c | 2 +-
src/cpu/cpu_powerpc.h | 2 +-
src/cpu/cpu_s390.c | 2 +-
src/cpu/cpu_s390.h | 2 +-
src/cpu/cpu_x86.c | 2 +-
src/cpu/cpu_x86.h | 2 +-
src/cpu/cpu_x86_data.h | 2 +-
src/datatypes.c | 2 +-
src/datatypes.h | 2 +-
src/driver.c | 2 +-
src/dtrace2systemtap.pl | 2 +-
src/esx/esx_device_monitor.c | 2 +-
src/esx/esx_device_monitor.h | 2 +-
src/esx/esx_driver.c | 2 +-
src/esx/esx_driver.h | 2 +-
src/esx/esx_interface_driver.c | 2 +-
src/esx/esx_interface_driver.h | 2 +-
src/esx/esx_network_driver.c | 2 +-
src/esx/esx_network_driver.h | 2 +-
src/esx/esx_nwfilter_driver.c | 2 +-
src/esx/esx_nwfilter_driver.h | 2 +-
src/esx/esx_private.h | 2 +-
src/esx/esx_secret_driver.c | 2 +-
src/esx/esx_secret_driver.h | 2 +-
src/esx/esx_storage_driver.c | 2 +-
src/esx/esx_storage_driver.h | 2 +-
src/esx/esx_util.c | 2 +-
src/esx/esx_util.h | 2 +-
src/esx/esx_vi.c | 2 +-
src/esx/esx_vi.h | 2 +-
src/esx/esx_vi_generator.py | 2 +-
src/esx/esx_vi_methods.c | 2 +-
src/esx/esx_vi_methods.h | 2 +-
src/esx/esx_vi_types.c | 2 +-
src/esx/esx_vi_types.h | 2 +-
src/fdstream.c | 2 +-
src/fdstream.h | 2 +-
src/gnutls_1_0_compat.h | 2 +-
src/hyperv/hyperv_device_monitor.c | 2 +-
src/hyperv/hyperv_device_monitor.h | 2 +-
src/hyperv/hyperv_driver.c | 2 +-
src/hyperv/hyperv_driver.h | 2 +-
src/hyperv/hyperv_interface_driver.c | 2 +-
src/hyperv/hyperv_interface_driver.h | 2 +-
src/hyperv/hyperv_network_driver.c | 2 +-
src/hyperv/hyperv_network_driver.h | 2 +-
src/hyperv/hyperv_nwfilter_driver.c | 2 +-
src/hyperv/hyperv_nwfilter_driver.h | 2 +-
src/hyperv/hyperv_private.h | 2 +-
src/hyperv/hyperv_secret_driver.c | 2 +-
src/hyperv/hyperv_secret_driver.h | 2 +-
src/hyperv/hyperv_storage_driver.c | 2 +-
src/hyperv/hyperv_storage_driver.h | 2 +-
src/hyperv/hyperv_util.c | 2 +-
src/hyperv/hyperv_util.h | 2 +-
src/hyperv/hyperv_wmi.c | 2 +-
src/hyperv/hyperv_wmi.h | 2 +-
src/hyperv/hyperv_wmi_classes.c | 2 +-
src/hyperv/hyperv_wmi_classes.h | 2 +-
src/hyperv/hyperv_wmi_generator.py | 2 +-
src/hyperv/openwsman.h | 2 +-
src/interface/interface_backend_netcf.c | 2 +-
src/interface/interface_driver.h | 2 +-
src/libvirt-qemu.c | 2 +-
src/libvirt.c | 2 +-
src/libvirt_internal.h | 2 +-
src/libxl/libxl_conf.c | 2 +-
src/libxl/libxl_conf.h | 2 +-
src/libxl/libxl_driver.c | 2 +-
src/libxl/libxl_driver.h | 2 +-
src/locking/domain_lock.c | 2 +-
src/locking/domain_lock.h | 2 +-
src/locking/lock_driver.h | 2 +-
src/locking/lock_driver_nop.c | 2 +-
src/locking/lock_driver_nop.h | 2 +-
src/locking/lock_driver_sanlock.c | 2 +-
src/locking/lock_manager.c | 2 +-
src/locking/lock_manager.h | 2 +-
src/lxc/lxc_cgroup.c | 2 +-
src/lxc/lxc_cgroup.h | 2 +-
src/lxc/lxc_conf.c | 2 +-
src/lxc/lxc_conf.h | 2 +-
src/lxc/lxc_container.c | 2 +-
src/lxc/lxc_container.h | 2 +-
src/lxc/lxc_controller.c | 2 +-
src/lxc/lxc_domain.c | 2 +-
src/lxc/lxc_domain.h | 2 +-
src/lxc/lxc_driver.c | 2 +-
src/lxc/lxc_driver.h | 2 +-
src/lxc/lxc_monitor.c | 2 +-
src/lxc/lxc_monitor.h | 2 +-
src/lxc/lxc_process.c | 2 +-
src/lxc/lxc_process.h | 2 +-
src/network/bridge_driver.c | 2 +-
src/network/bridge_driver.h | 2 +-
src/node_device/node_device_driver.c | 2 +-
src/node_device/node_device_driver.h | 2 +-
src/node_device/node_device_hal.c | 2 +-
src/node_device/node_device_hal.h | 2 +-
src/node_device/node_device_linux_sysfs.c | 2 +-
src/node_device/node_device_udev.c | 2 +-
src/node_device/node_device_udev.h | 2 +-
src/nodeinfo.c | 2 +-
src/nodeinfo.h | 2 +-
src/nwfilter/nwfilter_dhcpsnoop.c | 2 +-
src/nwfilter/nwfilter_dhcpsnoop.h | 2 +-
src/nwfilter/nwfilter_driver.c | 2 +-
src/nwfilter/nwfilter_driver.h | 2 +-
src/nwfilter/nwfilter_ebiptables_driver.c | 2 +-
src/nwfilter/nwfilter_ebiptables_driver.h | 2 +-
src/nwfilter/nwfilter_gentech_driver.c | 2 +-
src/nwfilter/nwfilter_gentech_driver.h | 2 +-
src/nwfilter/nwfilter_learnipaddr.c | 2 +-
src/nwfilter/nwfilter_learnipaddr.h | 2 +-
src/openvz/openvz_conf.c | 2 +-
src/openvz/openvz_conf.h | 2 +-
src/openvz/openvz_driver.c | 2 +-
src/openvz/openvz_driver.h | 2 +-
src/openvz/openvz_util.c | 2 +-
src/openvz/openvz_util.h | 2 +-
src/parallels/parallels_driver.c | 2 +-
src/parallels/parallels_driver.h | 2 +-
src/parallels/parallels_storage.c | 2 +-
src/phyp/phyp_driver.c | 2 +-
src/phyp/phyp_driver.h | 2 +-
src/qemu/qemu_agent.c | 2 +-
src/qemu/qemu_agent.h | 2 +-
src/qemu/qemu_bridge_filter.c | 2 +-
src/qemu/qemu_bridge_filter.h | 2 +-
src/qemu/qemu_capabilities.c | 2 +-
src/qemu/qemu_capabilities.h | 2 +-
src/qemu/qemu_cgroup.c | 2 +-
src/qemu/qemu_cgroup.h | 2 +-
src/qemu/qemu_command.c | 2 +-
src/qemu/qemu_command.h | 2 +-
src/qemu/qemu_conf.c | 2 +-
src/qemu/qemu_conf.h | 2 +-
src/qemu/qemu_domain.c | 2 +-
src/qemu/qemu_domain.h | 2 +-
src/qemu/qemu_driver.c | 2 +-
src/qemu/qemu_driver.h | 2 +-
src/qemu/qemu_hostdev.c | 2 +-
src/qemu/qemu_hostdev.h | 2 +-
src/qemu/qemu_hotplug.c | 2 +-
src/qemu/qemu_hotplug.h | 2 +-
src/qemu/qemu_migration.c | 2 +-
src/qemu/qemu_migration.h | 2 +-
src/qemu/qemu_monitor.c | 2 +-
src/qemu/qemu_monitor.h | 2 +-
src/qemu/qemu_monitor_json.c | 2 +-
src/qemu/qemu_monitor_json.h | 2 +-
src/qemu/qemu_monitor_text.c | 2 +-
src/qemu/qemu_monitor_text.h | 2 +-
src/qemu/qemu_process.c | 2 +-
src/qemu/qemu_process.h | 2 +-
src/remote/qemu_protocol.x | 2 +-
src/remote/remote_driver.c | 2 +-
src/remote/remote_driver.h | 2 +-
src/remote/remote_protocol.x | 2 +-
src/rpc/gensystemtap.pl | 2 +-
src/rpc/virkeepalive.c | 2 +-
src/rpc/virkeepalive.h | 2 +-
src/rpc/virnetclient.c | 2 +-
src/rpc/virnetclient.h | 2 +-
src/rpc/virnetclientprogram.c | 2 +-
src/rpc/virnetclientprogram.h | 2 +-
src/rpc/virnetclientstream.c | 2 +-
src/rpc/virnetclientstream.h | 2 +-
src/rpc/virnetmessage.c | 2 +-
src/rpc/virnetmessage.h | 2 +-
src/rpc/virnetprotocol.x | 2 +-
src/rpc/virnetsaslcontext.c | 2 +-
src/rpc/virnetsaslcontext.h | 2 +-
src/rpc/virnetserver.c | 2 +-
src/rpc/virnetserver.h | 2 +-
src/rpc/virnetserverclient.c | 2 +-
src/rpc/virnetserverclient.h | 2 +-
src/rpc/virnetservermdns.c | 2 +-
src/rpc/virnetservermdns.h | 2 +-
src/rpc/virnetserverprogram.c | 2 +-
src/rpc/virnetserverprogram.h | 2 +-
src/rpc/virnetserverservice.c | 2 +-
src/rpc/virnetserverservice.h | 2 +-
src/rpc/virnetsocket.c | 2 +-
src/rpc/virnetsocket.h | 2 +-
src/rpc/virnetsshsession.c | 2 +-
src/rpc/virnetsshsession.h | 2 +-
src/rpc/virnettlscontext.c | 2 +-
src/rpc/virnettlscontext.h | 2 +-
src/secret/secret_driver.c | 2 +-
src/secret/secret_driver.h | 2 +-
src/security/security_apparmor.c | 2 +-
src/security/security_apparmor.h | 2 +-
src/security/security_dac.c | 2 +-
src/security/security_dac.h | 2 +-
src/security/security_driver.c | 2 +-
src/security/security_driver.h | 2 +-
src/security/security_manager.c | 2 +-
src/security/security_manager.h | 2 +-
src/security/security_nop.c | 2 +-
src/security/security_nop.h | 2 +-
src/security/security_selinux.c | 2 +-
src/security/security_selinux.h | 2 +-
src/security/security_stack.c | 2 +-
src/security/security_stack.h | 2 +-
src/security/virt-aa-helper.c | 2 +-
src/storage/parthelper.c | 2 +-
src/storage/storage_backend.c | 2 +-
src/storage/storage_backend.h | 2 +-
src/storage/storage_backend_disk.c | 2 +-
src/storage/storage_backend_disk.h | 2 +-
src/storage/storage_backend_fs.c | 2 +-
src/storage/storage_backend_fs.h | 2 +-
src/storage/storage_backend_iscsi.c | 2 +-
src/storage/storage_backend_iscsi.h | 2 +-
src/storage/storage_backend_logical.c | 2 +-
src/storage/storage_backend_logical.h | 2 +-
src/storage/storage_backend_mpath.c | 2 +-
src/storage/storage_backend_mpath.h | 2 +-
src/storage/storage_backend_rbd.c | 2 +-
src/storage/storage_backend_rbd.h | 2 +-
src/storage/storage_backend_scsi.c | 2 +-
src/storage/storage_backend_scsi.h | 2 +-
src/storage/storage_backend_sheepdog.c | 2 +-
src/storage/storage_backend_sheepdog.h | 2 +-
src/storage/storage_driver.c | 2 +-
src/storage/storage_driver.h | 2 +-
src/test/test_driver.c | 2 +-
src/test/test_driver.h | 2 +-
src/uml/uml_conf.c | 2 +-
src/uml/uml_conf.h | 2 +-
src/uml/uml_driver.c | 2 +-
src/uml/uml_driver.h | 2 +-
src/util/bitmap.c | 2 +-
src/util/bitmap.h | 2 +-
src/util/buf.c | 2 +-
src/util/buf.h | 2 +-
src/util/cgroup.c | 2 +-
src/util/cgroup.h | 2 +-
src/util/command.c | 2 +-
src/util/command.h | 2 +-
src/util/conf.c | 2 +-
src/util/conf.h | 2 +-
src/util/dnsmasq.c | 2 +-
src/util/dnsmasq.h | 2 +-
src/util/ebtables.c | 2 +-
src/util/ebtables.h | 2 +-
src/util/event.c | 2 +-
src/util/event.h | 2 +-
src/util/event_poll.c | 2 +-
src/util/event_poll.h | 2 +-
src/util/hooks.c | 2 +-
src/util/hooks.h | 2 +-
src/util/hostusb.c | 2 +-
src/util/hostusb.h | 2 +-
src/util/iohelper.c | 2 +-
src/util/iptables.c | 2 +-
src/util/iptables.h | 2 +-
src/util/json.c | 2 +-
src/util/json.h | 2 +-
src/util/logging.c | 2 +-
src/util/logging.h | 2 +-
src/util/memory.c | 2 +-
src/util/memory.h | 2 +-
src/util/pci.c | 2 +-
src/util/pci.h | 2 +-
src/util/processinfo.c | 2 +-
src/util/processinfo.h | 2 +-
src/util/stats_linux.c | 2 +-
src/util/stats_linux.h | 2 +-
src/util/storage_file.c | 2 +-
src/util/storage_file.h | 2 +-
src/util/sysinfo.c | 2 +-
src/util/sysinfo.h | 2 +-
src/util/threadpool.c | 2 +-
src/util/threadpool.h | 2 +-
src/util/threads-pthread.c | 2 +-
src/util/threads-pthread.h | 2 +-
src/util/threads-win32.c | 2 +-
src/util/threads-win32.h | 2 +-
src/util/threads.c | 2 +-
src/util/threads.h | 2 +-
src/util/util.c | 2 +-
src/util/util.h | 2 +-
src/util/uuid.c | 2 +-
src/util/uuid.h | 2 +-
src/util/viratomic.c | 2 +-
src/util/viratomic.h | 2 +-
src/util/viraudit.c | 2 +-
src/util/viraudit.h | 2 +-
src/util/virauth.c | 2 +-
src/util/virauth.h | 2 +-
src/util/virauthconfig.c | 2 +-
src/util/virauthconfig.h | 2 +-
src/util/virdbus.c | 2 +-
src/util/virdbus.h | 2 +-
src/util/virfile.c | 2 +-
src/util/virfile.h | 2 +-
src/util/virhashcode.c | 2 +-
src/util/virhashcode.h | 2 +-
src/util/virkeycode.c | 2 +-
src/util/virkeycode.h | 2 +-
src/util/virkeyfile.c | 2 +-
src/util/virkeyfile.h | 2 +-
src/util/virmacaddr.c | 2 +-
src/util/virmacaddr.h | 2 +-
src/util/virnetdev.c | 2 +-
src/util/virnetdev.h | 2 +-
src/util/virnetdevbandwidth.c | 2 +-
src/util/virnetdevbandwidth.h | 2 +-
src/util/virnetdevbridge.c | 2 +-
src/util/virnetdevbridge.h | 2 +-
src/util/virnetdevmacvlan.c | 2 +-
src/util/virnetdevmacvlan.h | 2 +-
src/util/virnetdevopenvswitch.c | 2 +-
src/util/virnetdevopenvswitch.h | 2 +-
src/util/virnetdevtap.c | 2 +-
src/util/virnetdevtap.h | 2 +-
src/util/virnetdevveth.c | 2 +-
src/util/virnetdevveth.h | 2 +-
src/util/virnetdevvlan.c | 2 +-
src/util/virnetdevvlan.h | 2 +-
src/util/virnetdevvportprofile.c | 2 +-
src/util/virnetdevvportprofile.h | 2 +-
src/util/virnetlink.c | 2 +-
src/util/virnetlink.h | 2 +-
src/util/virnodesuspend.c | 2 +-
src/util/virnodesuspend.h | 2 +-
src/util/virobject.c | 2 +-
src/util/virobject.h | 2 +-
src/util/virpidfile.c | 2 +-
src/util/virpidfile.h | 2 +-
src/util/virrandom.c | 2 +-
src/util/virrandom.h | 2 +-
src/util/virsocketaddr.c | 2 +-
src/util/virsocketaddr.h | 2 +-
src/util/virterror.c | 2 +-
src/util/virterror_internal.h | 2 +-
src/util/virtime.c | 2 +-
src/util/virtime.h | 2 +-
src/util/virtypedparam.c | 2 +-
src/util/virtypedparam.h | 2 +-
src/util/viruri.c | 2 +-
src/util/viruri.h | 2 +-
src/util/xml.c | 2 +-
src/vbox/vbox_MSCOMGlue.c | 2 +-
src/vbox/vbox_MSCOMGlue.h | 2 +-
src/vbox/vbox_glue.c | 2 +-
src/vbox/vbox_glue.h | 2 +-
src/vmware/vmware_conf.c | 2 +-
src/vmware/vmware_conf.h | 2 +-
src/vmware/vmware_driver.c | 2 +-
src/vmware/vmware_driver.h | 2 +-
src/vmx/vmx.c | 2 +-
src/vmx/vmx.h | 2 +-
src/xen/block_stats.c | 2 +-
src/xen/block_stats.h | 2 +-
src/xen/xen_driver.c | 2 +-
src/xen/xen_driver.h | 2 +-
src/xen/xen_hypervisor.c | 2 +-
src/xen/xen_hypervisor.h | 2 +-
src/xen/xen_inotify.c | 2 +-
src/xen/xen_inotify.h | 2 +-
src/xen/xm_internal.c | 2 +-
src/xen/xm_internal.h | 2 +-
src/xen/xs_internal.c | 2 +-
src/xen/xs_internal.h | 2 +-
src/xenapi/xenapi_driver.c | 2 +-
src/xenapi/xenapi_driver.h | 2 +-
src/xenapi/xenapi_driver_private.h | 2 +-
src/xenapi/xenapi_utils.c | 2 +-
src/xenapi/xenapi_utils.h | 2 +-
src/xenxs/xen_sxpr.c | 2 +-
src/xenxs/xen_sxpr.h | 2 +-
src/xenxs/xen_xm.c | 2 +-
src/xenxs/xen_xm.h | 2 +-
src/xenxs/xenxs_private.h | 2 +-
tests/commandhelper.c | 2 +-
tests/commandtest.c | 2 +-
tests/cputest.c | 2 +-
tests/eventtest.c | 2 +-
tests/libvirtdconftest.c | 2 +-
tests/object-locking.ml | 2 +-
tests/qemumonitorjsontest.c | 2 +-
tests/qemumonitortestutils.c | 2 +-
tests/qemumonitortestutils.h | 2 +-
tests/securityselinuxhelper.c | 3 +--
tests/securityselinuxtest.c | 3 +--
tests/shunloadhelper.c | 2 +-
tests/shunloadtest.c | 2 +-
tests/sockettest.c | 2 +-
tests/ssh.c | 2 +-
tests/storagebackendsheepdogtest.c | 2 +-
tests/testutils.c | 2 +-
tests/testutils.h | 2 +-
tests/viratomictest.c | 2 +-
tests/virauthconfigtest.c | 2 +-
tests/virbitmaptest.c | 2 +-
tests/virdrivermoduletest.c | 2 +-
tests/virkeyfiletest.c | 2 +-
tests/virnetmessagetest.c | 2 +-
tests/virnetsockettest.c | 2 +-
tests/virnettlscontexttest.c | 2 +-
tests/virtimetest.c | 2 +-
tests/viruritest.c | 2 +-
tests/xmconfigtest.c | 2 +-
tools/console.c | 2 +-
tools/console.h | 2 +-
tools/virsh-domain-monitor.c | 2 +-
tools/virsh-domain-monitor.h | 2 +-
tools/virsh-domain.c | 2 +-
tools/virsh-domain.h | 2 +-
tools/virsh-edit.c | 2 +-
tools/virsh-host.c | 2 +-
tools/virsh-host.h | 2 +-
tools/virsh-interface.c | 2 +-
tools/virsh-interface.h | 2 +-
tools/virsh-network.c | 2 +-
tools/virsh-network.h | 2 +-
tools/virsh-nodedev.c | 2 +-
tools/virsh-nodedev.h | 2 +-
tools/virsh-nwfilter.c | 2 +-
tools/virsh-nwfilter.h | 2 +-
tools/virsh-pool.c | 2 +-
tools/virsh-pool.h | 2 +-
tools/virsh-secret.c | 2 +-
tools/virsh-secret.h | 2 +-
tools/virsh-snapshot.c | 2 +-
tools/virsh-snapshot.h | 2 +-
tools/virsh-volume.c | 2 +-
tools/virsh-volume.h | 2 +-
tools/virsh.c | 2 +-
tools/virsh.h | 2 +-
tools/virt-host-validate-common.c | 2 +-
tools/virt-host-validate-common.h | 2 +-
tools/virt-host-validate-lxc.c | 2 +-
tools/virt-host-validate-lxc.h | 2 +-
tools/virt-host-validate-qemu.c | 2 +-
tools/virt-host-validate-qemu.h | 2 +-
tools/virt-host-validate.c | 2 +-
tools/virt-xml-validate.in | 2 +-
507 files changed, 507 insertions(+), 509 deletions(-)
diff --git a/bootstrap.conf b/bootstrap.conf
index 23000ac..f8b7c4d 100644
--- a/bootstrap.conf
+++ b/bootstrap.conf
@@ -13,7 +13,7 @@
# GNU General Public License for more details.
# You should have received a copy of the GNU Lesser General Public
-# License along with this library; if not, see
+# License along with this library. If not, see
# <http://www.gnu.org/licenses/>.
# gnulib modules used by this package.
...
Lots more like this...
diff --git a/tests/securityselinuxhelper.c b/tests/securityselinuxhelper.c
index 98472a6..43676de 100644
--- a/tests/securityselinuxhelper.c
+++ b/tests/securityselinuxhelper.c
@@ -12,8 +12,7 @@
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * License along with this library; If not, see
+ * License along with this library. If not, see
* <http://www.gnu.org/licenses/>.
*
*/
diff --git a/tests/securityselinuxtest.c b/tests/securityselinuxtest.c
index b3e4c89..848a390 100644
--- a/tests/securityselinuxtest.c
+++ b/tests/securityselinuxtest.c
@@ -12,8 +12,7 @@
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * License along with this library; If not, see
+ * License along with this library. If not, see
* <http://www.gnu.org/licenses/>.
*
*/
...
--
1.7.11.4
12 years, 2 months
[libvirt] [PATCH] security: also parse user/group names instead of just IDs for DAC labels
by Marcelo Cerri
The DAC driver is missing parsing of group and user names for DAC labels
and currently just parses uid and gid. This patch extends it to support
names, so the following security label definition is now valid:
<seclabel type='static' model='dac' relabel='yes'>
<label>qemu:qemu</label>
<imagelabel>qemu:qemu</imagelabel>
</seclabel>
---
src/security/security_dac.c | 49 ++++++++++++++++++++++++++++++++++++---------
1 file changed, 40 insertions(+), 9 deletions(-)
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index be65d6e..7e11e31 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -66,28 +66,59 @@ void virSecurityDACSetDynamicOwnership(virSecurityManagerPtr mgr,
}
static
+int parseId(const char *str, unsigned int *id)
+{
+ char *endptr = NULL;
+
+ if (str == NULL || id == NULL)
+ return -1;
+
+ if (virStrToLong_ui(str, &endptr, 10, id) || endptr != NULL)
+ return -1;
+
+ return 0;
+}
+
+static
int parseIds(const char *label, uid_t *uidPtr, gid_t *gidPtr)
{
+ int rc = -1;
unsigned int theuid;
unsigned int thegid;
- char *endptr = NULL;
+ char *sep = NULL;
+ char *tmp_label = NULL;
if (label == NULL)
- return -1;
+ goto done;
- if (virStrToLong_ui(label, &endptr, 10, &theuid) ||
- endptr == NULL || *endptr != ':') {
- return -1;
- }
+ tmp_label = strdup(label);
+ if (tmp_label == NULL)
+ goto done;
- if (virStrToLong_ui(endptr + 1, NULL, 10, &thegid))
- return -1;
+ sep = strchr(tmp_label, ':');
+ if (sep == NULL)
+ goto done;
+ *sep = '\0';
+
+ if (virGetUserID(tmp_label, &theuid) < 0 &&
+ parseId(tmp_label, &theuid) < 0)
+ goto done;
+
+ if (virGetGroupID(sep + 1, &thegid) < 0 &&
+ parseId(sep + 1, &thegid) < 0)
+ goto done;
if (uidPtr)
*uidPtr = theuid;
if (gidPtr)
*gidPtr = thegid;
- return 0;
+
+ rc = 0;
+
+done:
+ VIR_FREE(tmp_label);
+
+ return rc;
}
/* returns 1 if label isn't found, 0 on success, -1 on error */
--
1.7.12
12 years, 2 months
