[libvirt] understanding managedsave
by Nicolas Sebrecht
Hi,
I'm trying to understand how the managedsave and restoration features
work at the libvirt/qemu level.
I'd like to write a little python script to reproduce the feature to
learn how it works. So, I start a kvm guest by hand with
qemu-kvm [...] -qmp tcp:localhost:4444,server
and connect to the QMP with telnet or the qemu qmp-shell for my tests.
>From what I've read, libvirt internally does a migration to a file:
qemuDomainSaveMemory() -> qemuMonitorToFile() -> qemuMonitorMigrateToFd().
Why do a migration instead of QMP stop/memsave?
What whould be the whole QMP/Monitor sequence of commands to handle the
process?
--
Nicolas Sebrecht
11 years, 7 months
[libvirt] [PATCH] Apply security label when entering LXC namespaces
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
Add a new virDomainLxcEnterSecurityLabel() function as a
counterpart to virDomainLxcEnterNamespaces(), which can
change the current calling process to have a new security
context. This call runs client side, not in libvirtd
so we can't use the security driver infrastructure.
When entering a namespace, the process spawned from virsh
will default to running with the security label of virsh.
The actual desired behaviour is to run with the security
label of the container most of the time. So this changes
virsh lxc-enter-namespace command to invoke the
virDomainLxcEnterSecurityLabel method.
The current behaviour is:
LABEL PID TTY TIME CMD
system_u:system_r:svirt_lxc_net_t:s0:c0.c1023 1 pts/0 00:00:00 systemd
system_u:system_r:svirt_lxc_net_t:s0:c0.c1023 3 pts/1 00:00:00 sh
system_u:system_r:svirt_lxc_net_t:s0:c0.c1023 24 ? 00:00:00 systemd-journal
system_u:system_r:svirt_lxc_net_t:s0:c0.c1023 29 ? 00:00:00 dhclient
staff_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 47 ? 00:00:00 ps
Note the ps command is running as unconfined_t, After this patch,
The new behaviour is this:
virsh -c lxc:/// lxc-enter-namespace dan -- /bin/ps -eZ
LABEL PID TTY TIME CMD
system_u:system_r:svirt_lxc_net_t:s0:c0.c1023 1 pts/0 00:00:00 systemd
system_u:system_r:svirt_lxc_net_t:s0:c0.c1023 3 pts/1 00:00:00 sh
system_u:system_r:svirt_lxc_net_t:s0:c0.c1023 24 ? 00:00:00 systemd-journal
system_u:system_r:svirt_lxc_net_t:s0:c0.c1023 32 ? 00:00:00 dhclient
system_u:system_r:svirt_lxc_net_t:s0:c0.c1023 38 ? 00:00:00 ps
The '--noseclabel' flag can be used to skip security labelling.
---
include/libvirt/libvirt-lxc.h | 4 ++
python/generator.py | 1 +
src/libvirt-lxc.c | 96 +++++++++++++++++++++++++++++++++++++++++++
tools/virsh-domain.c | 32 +++++++++++++++
4 files changed, 133 insertions(+)
diff --git a/include/libvirt/libvirt-lxc.h b/include/libvirt/libvirt-lxc.h
index f2c87fb..5021813 100644
--- a/include/libvirt/libvirt-lxc.h
+++ b/include/libvirt/libvirt-lxc.h
@@ -42,6 +42,10 @@ int virDomainLxcEnterNamespace(virDomainPtr domain,
unsigned int *noldfdlist,
int **oldfdlist,
unsigned int flags);
+int virDomainLxcEnterSecurityLabel(virSecurityModelPtr model,
+ virSecurityLabelPtr label,
+ virSecurityLabelPtr oldlabel,
+ unsigned int flags);
# ifdef __cplusplus
}
diff --git a/python/generator.py b/python/generator.py
index 8236bd2..6a25c2d 100755
--- a/python/generator.py
+++ b/python/generator.py
@@ -557,6 +557,7 @@ skip_function = (
lxc_skip_function = (
"virDomainLxcEnterNamespace",
+ "virDomainLxcEnterSecurityLabel",
)
qemu_skip_function = (
#"virDomainQemuAttach",
diff --git a/src/libvirt-lxc.c b/src/libvirt-lxc.c
index f580c3c..c1bf168 100644
--- a/src/libvirt-lxc.c
+++ b/src/libvirt-lxc.c
@@ -29,6 +29,9 @@
#include "virlog.h"
#include "virprocess.h"
#include "datatypes.h"
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#endif
#define VIR_FROM_THIS VIR_FROM_NONE
@@ -163,3 +166,96 @@ error:
virDispatchError(domain->conn);
return -1;
}
+
+
+/**
+ * virDomainLxcEnterSecurityLabel:
+ * @model: the security model to set
+ * @label: the security label to apply
+ * @oldlabel: filled with old security label
+ * @flags: currently unused, pass 0
+ *
+ * This API is LXC specific, so it will only work with hypervisor
+ * connections to the LXC driver.
+ *
+ * Attaches the process to the security label specified
+ * by @label. @label is interpreted relative to @model
+ * Depending on the security driver, this may
+ * not take effect until the next call to exec().
+ *
+ * If @oldlabel is not NULL, it will be filled with info
+ * about the current security label. This may let the
+ * process be moved back to the previous label if no
+ * exec() has yet been performed.
+ *
+ * Returns 0 on success, -1 on error
+ */
+int
+virDomainLxcEnterSecurityLabel(virSecurityModelPtr model,
+ virSecurityLabelPtr label,
+ virSecurityLabelPtr oldlabel,
+ unsigned int flags)
+{
+ virCheckFlagsGoto(0, error);
+
+ virCheckNonNullArgGoto(model, error);
+ virCheckNonNullArgGoto(label, error);
+
+ if (oldlabel)
+ memset(oldlabel, 0, sizeof(*oldlabel));
+
+ if (STREQ(model->model, "selinux")) {
+#ifdef WITH_SELINUX
+ if (oldlabel) {
+ security_context_t ctx;
+
+ if (getcon(&ctx) < 0) {
+ virReportSystemError(errno,
+ _("unable to get PID %d security context"),
+ getpid());
+ goto error;
+ }
+
+ if (strlen((char *) ctx) >= VIR_SECURITY_LABEL_BUFLEN) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("security label exceeds "
+ "maximum length: %d"),
+ VIR_SECURITY_LABEL_BUFLEN - 1);
+ freecon(ctx);
+ goto error;
+ }
+
+ strcpy(oldlabel->label, (char *) ctx);
+ freecon(ctx);
+
+ if ((oldlabel->enforcing = security_getenforce()) < 0) {
+ virReportSystemError(errno, "%s",
+ _("error calling security_getenforce()"));
+ goto error;
+ }
+ }
+
+ if (setexeccon(label->label) < 0) {
+ virReportSystemError(errno,
+ _("Cannot set context %s"),
+ label->label);
+ goto error;
+ }
+#else
+ virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED, "%s",
+ _("Support for SELinux is not enabled"));
+ goto error;
+#endif
+ } else {
+ virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED,
+ _("Security model %s cannot be entered"),
+ model->model);
+ goto error;
+ }
+
+ return 0;
+
+error:
+ virDispatchError(NULL);
+ return -1;
+}
diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
index 7caa364..f85e74d 100644
--- a/tools/virsh-domain.c
+++ b/tools/virsh-domain.c
@@ -7992,6 +7992,7 @@ static const vshCmdInfo info_lxc_enter_namespace[] = {
static const vshCmdOptDef opts_lxc_enter_namespace[] = {
{"domain", VSH_OT_DATA, VSH_OFLAG_REQ, N_("domain name, id or uuid")},
+ {"noseclabel", VSH_OT_BOOL, 0, N_("Do not change process security label")},
{"cmd", VSH_OT_ARGV, VSH_OFLAG_REQ, N_("namespace")},
{NULL, 0, 0, NULL}
};
@@ -8008,11 +8009,17 @@ cmdLxcEnterNamespace(vshControl *ctl, const vshCmd *cmd)
int nfdlist;
int *fdlist;
size_t i;
+ bool setlabel = true;
+ virSecurityModelPtr secmodel = NULL;
+ virSecurityLabelPtr seclabel = NULL;
dom = vshCommandOptDomain(ctl, cmd, NULL);
if (dom == NULL)
goto cleanup;
+ if (vshCommandOptBool(cmd, "noseclabel"))
+ setlabel = false;
+
while ((opt = vshCommandOptArgv(cmd, opt))) {
if (VIR_EXPAND_N(cmdargv, ncmdargv, 1) < 0) {
vshError(ctl, _("%s: %d: failed to allocate argv"),
@@ -8029,12 +8036,35 @@ cmdLxcEnterNamespace(vshControl *ctl, const vshCmd *cmd)
if ((nfdlist = virDomainLxcOpenNamespace(dom, &fdlist, 0)) < 0)
goto cleanup;
+ if (setlabel) {
+ fprintf(stderr, "Getr sec\n");
+ if (VIR_ALLOC(secmodel) < 0) {
+ vshError(ctl, "%s", _("Failed to allocate security model"));
+ goto cleanup;
+ }
+ if (VIR_ALLOC(seclabel) < 0) {
+ vshError(ctl, "%s", _("Failed to allocate security label"));
+ goto cleanup;
+ }
+ if (virNodeGetSecurityModel(ctl->conn, secmodel) < 0)
+ goto cleanup;
+ if (virDomainGetSecurityLabel(dom, seclabel) < 0)
+ goto cleanup;
+ }
+
/* Fork once because we don't want to affect
* virsh's namespace itself
*/
if (virFork(&pid) < 0)
goto cleanup;
if (pid == 0) {
+ if (setlabel &&
+ virDomainLxcEnterSecurityLabel(secmodel,
+ seclabel,
+ NULL,
+ 0) < 0)
+ _exit(255);
+
if (virDomainLxcEnterNamespace(dom,
nfdlist,
fdlist,
@@ -8067,6 +8097,8 @@ cmdLxcEnterNamespace(vshControl *ctl, const vshCmd *cmd)
ret = true;
cleanup:
+ VIR_FREE(seclabel);
+ VIR_FREE(secmodel);
if (dom)
virDomainFree(dom);
VIR_FREE(cmdargv);
--
1.8.1.4
11 years, 7 months
[libvirt] [PATCH] Fix query of LXC security label
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
The virDomainGetSecurityLabel method is currently (mistakenly)
showing the label of the libvirt_lxc process:
...snip...
Security model: selinux
Security DOI: 0
Security label: system_u:system_r:virtd_t:s0-s0:c0.c1023 (permissive)
when it should be showing the init process label
...snip...
Security model: selinux
Security DOI: 0
Security label: system_u:system_r:svirt_t:s0:c724,c995 (permissive)
---
src/lxc/lxc_driver.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index 338b8eb..7791966 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -1162,8 +1162,16 @@ static int lxcDomainGetSecurityLabel(virDomainPtr dom, virSecurityLabelPtr secla
* LXC monitor hasn't seen SIGHUP/ERR on poll().
*/
if (virDomainObjIsActive(vm)) {
+ virLXCDomainObjPrivatePtr priv = vm->privateData;
+
+ if (!priv->initpid) {
+ virReportError(VIR_ERR_OPERATION_INVALID, "%s",
+ _("Init pid is not yet available"));
+ goto cleanup;
+ }
+
if (virSecurityManagerGetProcessLabel(driver->securityManager,
- vm->def, vm->pid, seclabel) < 0) {
+ vm->def, priv->initpid, seclabel) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("Failed to get security label"));
goto cleanup;
--
1.8.1.4
11 years, 7 months
[libvirt] [PATCHv5] virtio-rng: Add rate limiting options for virtio-RNG
by Peter Krempa
Qemu's implementation of virtio RNG supports rate limiting of the
entropy used. This patch exposes the option to tune this functionality.
This patch is based on qemu commit 904d6f588063fb5ad2b61998acdf1e73fb4
The rate limiting is exported in the XML as:
<devices>
...
<rng model='virtio'>
<rate period='1234'>4321</rate>
<backend model='random'/>
</rng>
...
---
Notes:
Version 5:
- adjust after forbiding arbitrary name passthrough
- rebase to master
Version 4:
- Reword docs
- state it is available since 1.0.4 as the tree is frozen and this was actually never acked before
Version 3:
- State the time unit in docs
Version 2:
- qemu uses bytes/period, adapt the value according to that
docs/formatdomain.html.in | 14 ++++++++++++++
docs/schemas/domaincommon.rng | 18 +++++++++++++++++-
src/conf/domain_conf.c | 17 +++++++++++++++++
src/conf/domain_conf.h | 2 ++
src/qemu/qemu_command.c | 9 +++++++++
.../qemuxml2argv-virtio-rng-random.args | 2 +-
.../qemuxml2argv-virtio-rng-random.xml | 1 +
7 files changed, 61 insertions(+), 2 deletions(-)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 4cafc92..b8eb53d 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -4280,6 +4280,7 @@ qemu-kvm -net nic,model=? /dev/null
...
<devices>
<rng model='virtio'>
+ <rate period="2000">1234</rate>
<backend model='random'>/dev/random</backend>
<!-- OR -->
<backend model='egd' type='udp'>
@@ -4302,6 +4303,19 @@ qemu-kvm -net nic,model=? /dev/null
<li>'virtio' — supported by qemu and virtio-rng kernel module</li>
</ul>
</dd>
+ <dt><code>rate</code></dt>
+ <dd>
+ <p>
+ The optional <code>rate</code> element allows limiting the rate at
+ which entropy can be consumed from the source. An optional
+ <code>period</code> attribute specifies the duration of a period in
+ milliseconds; if omitted, the period is taken as 1000 milliseconds
+ (1 second). The element contents specify how many bits are permitted
+ per period. Drivers may enforce a minimum rate, and may round the
+ rate down to a minimum granularity.
+ <span class='since'>Since 1.0.4</span>
+ </p>
+ </dd>
<dt><code>backend</code></dt>
<dd>
<p>
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 4b60885..dc45af1 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -3500,7 +3500,12 @@
<value>virtio</value>
</choice>
</attribute>
- <ref name="rng-backend"/>
+ <interleave>
+ <ref name="rng-backend"/>
+ <optional>
+ <ref name="rng-rate"/>
+ </optional>
+ </interleave>
</element>
</define>
@@ -3527,6 +3532,17 @@
</element>
</define>
+ <define name="rng-rate">
+ <element name="rate">
+ <optional>
+ <attribute name="period">
+ <ref name="positiveInteger"/>
+ </attribute>
+ </optional>
+ <ref name="positiveInteger"/>
+ </element>
+ </define>
+
<define name="usbmaster">
<element name="master">
<attribute name="startport">
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 739bd72..8a02375 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -7400,6 +7400,17 @@ virDomainRNGDefParseXML(const xmlNodePtr node,
ctxt->node = node;
+ if (virXPathUInt("string(./rate)", ctxt, &def->rate) < -1) {
+ virReportError(VIR_ERR_XML_ERROR, "%s", _("invalid RNG rate value"));
+ goto error;
+ }
+
+ if (def->rate > 0 &&
+ virXPathUInt("string(./rate/@period)", ctxt, &def->period) < -1) {
+ virReportError(VIR_ERR_XML_ERROR, "%s", _("invalid RNG period value"));
+ goto error;
+ }
+
if ((nbackends = virXPathNodeSet("./backend", ctxt, &backends)) < 0)
goto error;
@@ -13715,6 +13726,12 @@ virDomainRNGDefFormat(virBufferPtr buf,
const char *backend = virDomainRNGBackendTypeToString(def->backend);
virBufferAsprintf(buf, " <rng model='%s'>\n", model);
+ if (def->rate) {
+ virBufferAddLit(buf, " <rate");
+ if (def->period)
+ virBufferAsprintf(buf, " period='%u'", def->period);
+ virBufferAsprintf(buf, ">%u</rate>\n", def->rate);
+ }
virBufferAsprintf(buf, " <backend model='%s'", backend);
switch ((enum virDomainRNGBackend) def->backend) {
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 2509193..e19b5c0 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1721,6 +1721,8 @@ enum virDomainRNGBackend {
struct _virDomainRNGDef {
int model;
int backend;
+ unsigned int rate; /* bits per period */
+ unsigned int period; /* milliseconds */
union {
char *file; /* file name for 'random' source */
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 201fac1..c0f8dd2 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -4255,6 +4255,15 @@ qemuBuildRNGDeviceArgs(virCommandPtr cmd,
virBufferAsprintf(&buf, "virtio-rng-pci,rng=%s", dev->info.alias);
+ if (dev->rate > 0) {
+ /* qemu uses bytes */
+ virBufferAsprintf(&buf, ",max-bytes=%u", dev->rate / 8);
+ if (dev->period)
+ virBufferAsprintf(&buf, ",period=%u", dev->period);
+ else
+ virBufferAddLit(&buf, ",period=1000");
+ }
+
if (qemuBuildDeviceAddressStr(&buf, &dev->info, qemuCaps) < 0)
goto cleanup;
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-random.args b/tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-random.args
index 7ab9dbc..33b5adc 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-random.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-random.args
@@ -3,4 +3,4 @@ LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test /usr/bin/qemu \
-monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -usb \
-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3 \
-object rng-random,id=rng0,filename=/dev/hwrng \
--device virtio-rng-pci,rng=rng0,bus=pci.0,addr=0x4
+-device virtio-rng-pci,rng=rng0,max-bytes=100,period=1234,bus=pci.0,addr=0x4
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-random.xml b/tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-random.xml
index 1e2c4be..813e42e 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-random.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-random.xml
@@ -17,6 +17,7 @@
<controller type='usb' index='0'/>
<memballoon model='virtio'/>
<rng model='virtio'>
+ <rate period='1234'>800</rate>
<backend model='random'>/dev/hwrng</backend>
</rng>
</devices>
--
1.8.1.1
11 years, 7 months
[libvirt] [PATCH] Use separate symbol file for GNUTLS symbols
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
A number of symbols are only present when GNUTLS is enabled.
Thus we must use a separate libvirt_gnutls.syms file for them
instead of libvirt_private.syms
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
src/Makefile.am | 7 +++++++
src/libvirt_gnutls.syms | 46 ++++++++++++++++++++++++++++++++++++++++++++++
src/libvirt_private.syms | 23 -----------------------
3 files changed, 53 insertions(+), 23 deletions(-)
create mode 100644 src/libvirt_gnutls.syms
diff --git a/src/Makefile.am b/src/Makefile.am
index 60935f4..a6cc839 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1458,6 +1458,12 @@ else
SYM_FILES += $(srcdir)/libvirt_sasl.syms
endif
+if WITH_GNUTLS
+USED_SYM_FILES += $(srcdir)/libvirt_gnutls.syms
+else
+SYM_FILES += $(srcdir)/libvirt_gnutls.syms
+endif
+
if WITH_SSH2
USED_SYM_FILES += $(srcdir)/libvirt_libssh2.syms
else
@@ -1481,6 +1487,7 @@ EXTRA_DIST += \
libvirt_openvz.syms \
libvirt_qemu.syms \
libvirt_sasl.syms \
+ libvirt_gnutls.syms \
libvirt_vmx.syms \
libvirt_xenxs.syms \
libvirt_libssh2.syms
diff --git a/src/libvirt_gnutls.syms b/src/libvirt_gnutls.syms
new file mode 100644
index 0000000..bd4f950
--- /dev/null
+++ b/src/libvirt_gnutls.syms
@@ -0,0 +1,46 @@
+#
+# GNUTLS-specific symbols
+#
+
+# rpc/virnetclient.h
+virNetClientGetTLSKeySize;
+virNetClientSetTLSSession;
+
+
+# rpc/virnetserver.h
+virNetServerSetTLSContext;
+
+
+# rpc/virnetserverclient.h
+virNetServerClientGetTLSKeySize;
+virNetServerClientHasTLSSession;
+
+
+# rpc/virnetserverservice.h
+virNetServerServiceGetTLSContext;
+
+
+# rpc/virnetsocket.h
+virNetSocketSetTLSSession;
+
+
+# rpc/virnettlscontext.h
+virNetTLSContextCheckCertificate;
+virNetTLSContextNewClient;
+virNetTLSContextNewClientPath;
+virNetTLSContextNewServer;
+virNetTLSContextNewServerPath;
+virNetTLSInit;
+virNetTLSSessionGetHandshakeStatus;
+virNetTLSSessionGetKeySize;
+virNetTLSSessionHandshake;
+virNetTLSSessionNew;
+virNetTLSSessionRead;
+virNetTLSSessionSetIOCallbacks;
+virNetTLSSessionWrite;
+
+
+# Let emacs know we want case-insensitive sorting
+# Local Variables:
+# sort-fold-case: t
+# End:
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 0e8fcbf..fbd540a 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -762,7 +762,6 @@ virNetClientAddStream;
virNetClientClose;
virNetClientDupFD;
virNetClientGetFD;
-virNetClientGetTLSKeySize;
virNetClientHasPassFD;
virNetClientIsEncrypted;
virNetClientIsOpen;
@@ -784,7 +783,6 @@ virNetClientSendNoReply;
virNetClientSendWithReply;
virNetClientSendWithReplyStream;
virNetClientSetCloseCallback;
-virNetClientSetTLSSession;
# rpc/virnetclientprogram.h
@@ -844,7 +842,6 @@ virNetServerPreExecRestart;
virNetServerQuit;
virNetServerRemoveShutdownInhibition;
virNetServerRun;
-virNetServerSetTLSContext;
virNetServerUpdateServices;
@@ -856,9 +853,7 @@ virNetServerClientGetAuth;
virNetServerClientGetFD;
virNetServerClientGetPrivateData;
virNetServerClientGetReadonly;
-virNetServerClientGetTLSKeySize;
virNetServerClientGetUNIXIdentity;
-virNetServerClientHasTLSSession;
virNetServerClientImmediateClose;
virNetServerClientInit;
virNetServerClientInitKeepAlive;
@@ -910,7 +905,6 @@ virNetServerServiceClose;
virNetServerServiceGetAuth;
virNetServerServiceGetMaxRequests;
virNetServerServiceGetPort;
-virNetServerServiceGetTLSContext;
virNetServerServiceIsReadonly;
virNetServerServiceNewFD;
virNetServerServiceNewPostExecRestart;
@@ -952,27 +946,10 @@ virNetSocketRemoteAddrString;
virNetSocketRemoveIOCallback;
virNetSocketSendFD;
virNetSocketSetBlocking;
-virNetSocketSetTLSSession;
virNetSocketUpdateIOCallback;
virNetSocketWrite;
-# rpc/virnettlscontext.h
-virNetTLSContextCheckCertificate;
-virNetTLSContextNewClient;
-virNetTLSContextNewClientPath;
-virNetTLSContextNewServer;
-virNetTLSContextNewServerPath;
-virNetTLSInit;
-virNetTLSSessionGetHandshakeStatus;
-virNetTLSSessionGetKeySize;
-virNetTLSSessionHandshake;
-virNetTLSSessionNew;
-virNetTLSSessionRead;
-virNetTLSSessionSetIOCallbacks;
-virNetTLSSessionWrite;
-
-
# security/security_driver.h
virSecurityDriverLookup;
--
1.8.1.4
11 years, 7 months
[libvirt] [PATCH] qemu_driver: Try KVM_CAP_MAX_VCPUS only if defined
by Michal Privoznik
With our recent patch (1715c83b5f) we thrive to get the correct
number of maximal VCPUs. However, we are using a constant from
linux/kvm.h which may be not defined in every distro. Hence, we
should guard usage of the constant with ifdef preprocessor
directive.
---
src/qemu/qemu_driver.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index de53a1b..c3a8f24 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -1122,9 +1122,11 @@ kvmGetMaxVCPUs(void) {
return -1;
}
+#ifdef KVM_CAP_MAX_VCPUS
/* at first try KVM_CAP_MAX_VCPUS to determine the maximum count */
if ((ret = ioctl(fd, KVM_CHECK_EXTENSION, KVM_CAP_MAX_VCPUS)) > 0)
goto cleanup;
+#endif /* KVM_CAP_MAX_VCPUS */
/* as a fallback get KVM_CAP_NR_VCPUS (the recommended maximum number of
* vcpus). Note that on most machines this is set to 160. */
--
1.8.1.5
11 years, 7 months
[libvirt] [PATCHv3 00/27] Driver XML conf adjustment callbacks [READ FIRST]
by Peter Krempa
This series implements the driver XML parsing callbacks as
Dan suggested.
This series may appear to be monstrous but I chose to split some patches
to separate ones although the code does not compile afterwards to ease review.
!! READ THIS: !!
!! The patches starting with the word "fix" will need to be squashed into the
!! non "fix" patches predceeding them otherwise it will not compile cleanly.
This new version fixes the review comments by Dan, Michal and Laine.
There's still outstanding work to do to get rid of all the irrelevant data
from virCaps, but I'd like to stabilize the design before doing so.
In this series the callback now supports passing opaque data to the callback
functions and it's demonstrated in "virCaps: get rid of defaultDiskDriverName".
There's also a patch demonstrating doing check that is not covered by the XML
schema and thus shouldn't be part of the parser, but is docummented for all
drivers and thus should be enforced. This demonstrates the use of the verification
function.
Peter Krempa (27):
virCaps: conf: start splitting out irrelevat data
fix fallout in src/conf/
fix fallout in src/esx
fix fallout in src/lxc
fix fallout in src/openvz
fix fallout in src/parallels
fix fallout in phyp driver
fix fallout in src/qemu/
fix fallout in tests/
fix fallout in src/xen
fix fallout in src/vmware
fix fallout in src/uml
fix fallout in test driver
fix fallout in vbox driver
fix fallout in aahelper code
fix fallout in src/libxl
fix fallout in src/xenapi
fix fallout in selinux test
conf: Add separate defaults addition and validation for XML parsing
fix fallout from adding new parameter to internal APIs
conf: Add argument to support use of the driver adjust callbacks
qemu: Record the default NIC model in the domain XML
fix fallout of the change of the network device default
virCaps: get rid of "defaultInitPath" value in the virCaps struct
virCaps: get rid of defaultDiskDriverName
virCaps: get rid of emulatorRequired
conf: Enforce ranges on cputune variables
src/Makefile.am | 1 +
src/conf/capabilities.c | 10 -
src/conf/capabilities.h | 17 +-
src/conf/domain_conf.c | 387 +++++++++++++++++----
src/conf/domain_conf.h | 71 +++-
src/conf/snapshot_conf.c | 3 +-
src/conf/snapshot_conf.h | 1 +
src/esx/esx_driver.c | 14 +-
src/esx/esx_private.h | 2 +
src/libvirt_private.syms | 5 +-
src/libxl/libxl_conf.h | 1 +
src/libxl/libxl_driver.c | 57 +--
src/lxc/lxc_conf.c | 13 +-
src/lxc/lxc_conf.h | 2 +
src/lxc/lxc_controller.c | 7 +-
src/lxc/lxc_domain.c | 26 +-
src/lxc/lxc_domain.h | 3 +-
src/lxc/lxc_driver.c | 49 +--
src/lxc/lxc_process.c | 9 +-
src/openvz/openvz_conf.c | 5 +-
src/openvz/openvz_conf.h | 1 +
src/openvz/openvz_driver.c | 45 ++-
src/parallels/parallels_driver.c | 12 +-
src/parallels/parallels_utils.h | 1 +
src/phyp/phyp_driver.c | 12 +-
src/phyp/phyp_driver.h | 1 +
src/qemu/qemu_capabilities.c | 3 -
src/qemu/qemu_command.c | 9 +-
src/qemu/qemu_command.h | 3 +
src/qemu/qemu_conf.c | 14 +-
src/qemu/qemu_conf.h | 5 +
src/qemu/qemu_domain.c | 108 ++++--
src/qemu/qemu_domain.h | 7 +-
src/qemu/qemu_driver.c | 134 ++++---
src/qemu/qemu_migration.c | 22 +-
src/qemu/qemu_process.c | 109 +-----
src/security/virt-aa-helper.c | 10 +-
src/test/test_driver.c | 61 +++-
src/uml/uml_conf.h | 1 +
src/uml/uml_driver.c | 32 +-
src/vbox/vbox_tmpl.c | 27 +-
src/vmware/vmware_conf.c | 3 +-
src/vmware/vmware_conf.h | 1 +
src/vmware/vmware_driver.c | 25 +-
src/xen/xen_driver.c | 8 +-
src/xen/xen_driver.h | 1 +
src/xen/xend_internal.c | 14 +-
src/xen/xm_internal.c | 4 +-
src/xenapi/xenapi_driver.c | 34 +-
src/xenapi/xenapi_driver_private.h | 1 +
tests/domainsnapshotxml2xmltest.c | 5 +
tests/lxcxml2xmldata/lxc-hostdev.xml | 1 +
tests/lxcxml2xmldata/lxc-systemd.xml | 1 +
tests/lxcxml2xmltest.c | 7 +-
tests/qemuargv2xmltest.c | 8 +-
tests/qemumonitorjsontest.c | 29 +-
tests/qemumonitortestutils.c | 4 +-
tests/qemumonitortestutils.h | 5 +-
.../qemuxml2argv-net-bandwidth.xml | 1 +
.../qemuxml2argvdata/qemuxml2argv-net-client.args | 4 +-
.../qemuxml2argv-net-eth-ifname.args | 4 +-
.../qemuxml2argv-net-eth-ifname.xml | 1 +
.../qemuxml2argv-net-eth-names.args | 8 +-
tests/qemuxml2argvdata/qemuxml2argv-net-eth.args | 4 +-
tests/qemuxml2argvdata/qemuxml2argv-net-eth.xml | 1 +
.../qemuxml2argvdata/qemuxml2argv-net-hostdev.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-net-mcast.args | 4 +-
.../qemuxml2argv-net-openvswitch.xml | 1 +
.../qemuxml2argvdata/qemuxml2argv-net-server.args | 4 +-
tests/qemuxml2argvdata/qemuxml2argv-net-user.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-net-user.xml | 1 +
.../qemuxml2argv-net-virtio-network-portgroup.xml | 2 +
tests/qemuxml2argvtest.c | 5 +-
.../qemuxml2xmlout-graphics-spice-timeout.xml | 1 +
tests/qemuxml2xmltest.c | 6 +-
tests/qemuxmlnstest.c | 5 +-
tests/securityselinuxlabeltest.c | 6 +-
tests/testutilsqemu.c | 3 +-
tests/testutilsqemu.h | 2 +
tests/testutilsxen.c | 6 +
tests/testutilsxen.h | 2 +
tests/xmconfigtest.c | 8 +-
tests/xml2sexprtest.c | 8 +-
tests/xml2vmxtest.c | 8 +-
84 files changed, 1034 insertions(+), 516 deletions(-)
--
1.8.1.5
11 years, 7 months
[libvirt] failed to mount cgroup
by Yin Olivia-R63875
Hi,
I tried to run libvirt-1.0.2 with LXC as below, but it failed to mount cgroup.
1). mount /cgroup
# mkdir /cgroup
# mount -t cgroup cgroup /cgroup
# vi vm1.xml
<domain type='lxc'>
<name>vm1</name>
<memory>32768</memory>
<os>
<type>exe</type>
<init>/bin/sh</init>
</os>
<vcpu>1</vcpu>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
<emulator>/usr/libexec/libvirt_lxc</emulator>
<console type='pty' tty='/dev/pts/3'>
<source path='/dev/pts/3'/>
<target port='0'/>
</console>
</devices>
</domain>
# virsh -c lxc:/// define vm1.xml
# virsh -c lxc:/// start vm1
error: Failed to start domain vm1
error: internal error guest failed to start: 2013-03-05 02:13:03.639+0000: 2403: info : libvirt version: 1.0.2
2013-03-05 02:13:03.639+0000: 2403: warning : lxcCapsInit:73 : Failed to get host power management capabilities
PATH=/bin:/sbin TERM=linux container=lxc-libvirt container_uuid=d50aec75-4566-62b3-ed81-adf3e8705efe LIBVIRT_LXC_UUID=d50aec75-4566-62b3-ed81-adf3e8705efe LIBVIRT_LXC_NAME=vm1 /bin/sh
2013-03-05 02:13:03.779+0000: 1: error : lxcContainerIdentifyCGroups:1775 : Unable to read directory : No such file or directory
2013-03-05 02:13:03.779+0000: 2404: error : virLXCControllerRun:1468 : error receiving signal from container: Input/output error
# ps aux | grep libvirtd
root 2314 0.1 0.4 108320 4876 ? Sl 02:47 0:00 libvirtd -d
root 2383 0.0 0.0 4116 452 ttyS0 S+ 02:52 0:00 grep libvirtd
# cat /proc/2314/status
Name: libvirtd
State: S (sleeping)
Tgid: 2314
Pid: 2314
PPid: 1
TracerPid: 0
Uid: 0 0 0 0
Gid: 0 0 0 0
FDSize: 32
Groups: 0
VmPeak: 112420 kB
VmSize: 108320 kB
VmLck: 0 kB
VmHWM: 4884 kB
VmRSS: 4876 kB
VmData: 91540 kB
VmStk: 136 kB
VmExe: 348 kB
VmLib: 13092 kB
VmPTE: 96 kB
VmSwap: 0 kB
Threads: 11
SigQ: 0/7760
SigPnd: 0000000000000000
ShdPnd: 0000000000000000
SigBlk: 0000000000000000
SigIgn: 0000000000001000
SigCgt: 0000000180004cef
CapInh: 0000000000000000
CapPrm: ffffffffffffffff
CapEff: ffffffffffffffff
CapBnd: ffffffffffffffff
Cpus_allowed: 3
Cpus_allowed_list: 0-1
Mems_allowed: 1
Mems_allowed_list: 0
voluntary_ctxt_switches: 59
nonvoluntary_ctxt_switches: 24
# cat /proc/2314/cgroup
1:freezer,devices,memory,cpuacct,cpuset:/
# mount | grep cgroup
cgroup on /cgroup type cgroup (rw,relatime,freezer,devices,memory,cpuacct,cpuset)
# vi /var/log/libvirt/lxc/vm1.log
2013-03-05 02:48:39.218+0000: starting up
PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin LIBVIRT_DEBUG=3 LIBVIRT_LOG_OUTPUTS=3:stderr /usr/libexec/libvirt_lxc --name vm1 --console 17 --security=none --handshake 20 --background
2013-03-05 02:48:39.229+0000: 2365: info : libvirt version: 1.0.2
2013-03-05 02:48:39.229+0000: 2365: warning : lxcCapsInit:73 : Failed to get host power management capabilities
PATH=/bin:/sbin TERM=linux container=lxc-libvirt container_uuid=523492fb-36c8-3662-c61e-91697d5ad0ab LIBVIRT_LXC_UUID=523492fb-36c8-3662-c61e-91697d5ad0ab LIBVIRT_LXC_NAME=vm1 /bin/sh
2013-03-05 02:48:39.299+0000: 1: error : lxcContainerIdentifyCGroups:1775 : Unable to read directory : No such file or directory
2013-03-05 02:48:39.300+0000: 2366: error : virLXCControllerRun:1468 : error receiving signal from container: Input/output error
But if mount cgroup on another poinit, the error message is different.
2). mount /dev/cgroups
# mkdir /dev/cgroups
# mount -t cgroup cgroup /dev/cgroups
# virsh -c lxc:/// start vm1
# vi /var/log/libvirt/lxc/vm1.log
2013-03-05 03:15:49.660+0000: starting up
PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin LIBVIRT_DEBUG=3 LIBVIRT_LOG_OUTPUTS=3:stderr /usr/libexec/libvirt_lxc --name vm1 --console
2013-03-05 03:15:49.666+0000: 2430: info : libvirt version: 1.0.2
2013-03-05 03:15:49.666+0000: 2430: warning : lxcCapsInit:73 : Failed to get host power management capabilities
PATH=/bin:/sbin TERM=linux container=lxc-libvirt container_uuid=518d6735-42d5-90b0-3780-d41a651385fc LIBVIRT_LXC_UUID=518d6735-42d5-90b0-3780-d41a651385fc LI
2013-03-05 03:15:49.749+0000: 1: error : lxcContainerMountCGroups:1892 : Failed to mount cgroup on '/dev/cgroups': No such file or directory
2013-03-05 03:15:49.749+0000: 2431: error : virLXCControllerRun:1468 : error receiving signal from container: Input/output error
Best Regards,
Olivia
11 years, 7 months
[libvirt] [libvirt-sandbox][PATCH] docs: correct libvirt sandbox command naming
by Alex Jia
Signed-off-by: Alex Jia <ajia(a)redhat.com>
---
docs/testing.txt | 12 ++++++------
1 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/docs/testing.txt b/docs/testing.txt
index 54106bb..13724b3 100644
--- a/docs/testing.txt
+++ b/docs/testing.txt
@@ -11,27 +11,27 @@ For all tests, repeat with both KVM and LXC, eg
a. No I/O, with TTY
- libvirt-sandbox /bin/false
+ virt-sandbox /bin/false
b. Output only, with TTY
- libvirt-sandbox /bin/date
+ virt-sandbox /bin/date
c. Input/output, with TTY
- libvirt-sandbox /bin/sh
+ virt-sandbox /bin/sh
d. No I/O, without TTY
- libvirt-sandbox /bin/false < /dev/null > /dev/null
+ virt-sandbox /bin/false < /dev/null > /dev/null
e. Output only, without TTY
- libvirt-sandbox /bin/date > date.txt
+ virt-sandbox /bin/date > date.txt
f. Input/output, without TTY
- libvirt-sandbox /bin/cat < src.txt > dst.txt
+ virt-sandbox /bin/cat < src.txt > dst.txt
2. Filesystem config
--
1.7.1
11 years, 7 months
[libvirt] [libvirt-glib] gconfig: API for SPICE image compression options
by Zeeshan Ali (Khattak)
From: "Zeeshan Ali (Khattak)" <zeeshanak(a)gnome.org>
This patch adds API to set/get image compression options on
domain/graphics[@type='spice'] nodes.
Also included are simple tests for this API.
---
libvirt-gconfig/Makefile.am | 2 +
.../libvirt-gconfig-domain-graphics-spice-image.c | 139 +++++++++++++++++++++
.../libvirt-gconfig-domain-graphics-spice-image.h | 86 +++++++++++++
.../libvirt-gconfig-domain-graphics-spice.c | 34 +++++
.../libvirt-gconfig-domain-graphics-spice.h | 7 ++
libvirt-gconfig/libvirt-gconfig.h | 1 +
libvirt-gconfig/libvirt-gconfig.sym | 14 +++
libvirt-gconfig/tests/test-domain-create.c | 14 +++
8 files changed, 297 insertions(+)
create mode 100644 libvirt-gconfig/libvirt-gconfig-domain-graphics-spice-image.c
create mode 100644 libvirt-gconfig/libvirt-gconfig-domain-graphics-spice-image.h
diff --git a/libvirt-gconfig/Makefile.am b/libvirt-gconfig/Makefile.am
index 6b3b2cb..7158bbd 100644
--- a/libvirt-gconfig/Makefile.am
+++ b/libvirt-gconfig/Makefile.am
@@ -41,6 +41,7 @@ GCONFIG_HEADER_FILES = \
libvirt-gconfig-domain-graphics.h \
libvirt-gconfig-domain-graphics-sdl.h \
libvirt-gconfig-domain-graphics-spice.h \
+ libvirt-gconfig-domain-graphics-spice-image.h \
libvirt-gconfig-domain-graphics-vnc.h \
libvirt-gconfig-domain-input.h \
libvirt-gconfig-domain-interface.h \
@@ -118,6 +119,7 @@ GCONFIG_SOURCE_FILES = \
libvirt-gconfig-domain-graphics.c \
libvirt-gconfig-domain-graphics-sdl.c \
libvirt-gconfig-domain-graphics-spice.c \
+ libvirt-gconfig-domain-graphics-spice-image.c \
libvirt-gconfig-domain-graphics-vnc.c \
libvirt-gconfig-domain-input.c \
libvirt-gconfig-domain-interface.c \
diff --git a/libvirt-gconfig/libvirt-gconfig-domain-graphics-spice-image.c b/libvirt-gconfig/libvirt-gconfig-domain-graphics-spice-image.c
new file mode 100644
index 0000000..e4a964a
--- /dev/null
+++ b/libvirt-gconfig/libvirt-gconfig-domain-graphics-spice-image.c
@@ -0,0 +1,139 @@
+/*
+ * libvirt-gconfig-domain-graphics-spice-image.c: libvirt domain SPICE image compression configuration
+ *
+ * Copyright (C) 2013 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * Author: Zeeshan Ali (Khattak) <zeeshanak(a)gnome.org>
+ */
+
+#include <config.h>
+#include <string.h>
+
+#include "libvirt-gconfig/libvirt-gconfig.h"
+#include "libvirt-gconfig/libvirt-gconfig-private.h"
+
+#define GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_GET_PRIVATE(obj) \
+ (G_TYPE_INSTANCE_GET_PRIVATE((obj), GVIR_CONFIG_TYPE_DOMAIN_GRAPHICS_SPICE_IMAGE, GVirConfigDomainGraphicsSpiceImagePrivate))
+
+struct _GVirConfigDomainGraphicsSpiceImagePrivate
+{
+ gboolean unused;
+};
+
+G_DEFINE_TYPE(GVirConfigDomainGraphicsSpiceImage, gvir_config_domain_graphics_spice_image, GVIR_CONFIG_TYPE_OBJECT);
+
+
+static void gvir_config_domain_graphics_spice_image_class_init(GVirConfigDomainGraphicsSpiceImageClass *klass)
+{
+ g_type_class_add_private(klass, sizeof(GVirConfigDomainGraphicsSpiceImagePrivate));
+}
+
+
+static void gvir_config_domain_graphics_spice_image_init(GVirConfigDomainGraphicsSpiceImage *image)
+{
+ g_debug("Init GVirConfigDomainGraphicsSpiceImage=%p", image);
+
+ image->priv = GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_GET_PRIVATE(image);
+}
+
+
+GVirConfigDomainGraphicsSpiceImage *gvir_config_domain_graphics_spice_image_new(void)
+{
+ GVirConfigObject *object;
+
+ object = gvir_config_object_new(GVIR_CONFIG_TYPE_DOMAIN_GRAPHICS_SPICE_IMAGE,
+ "image", NULL);
+ return GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE(object);
+}
+
+GVirConfigDomainGraphicsSpiceImage *
+gvir_config_domain_graphics_spice_image_new_from_xml(const gchar *xml,
+ GError **error)
+{
+ GVirConfigObject *object;
+
+ object = gvir_config_object_new_from_xml
+ (GVIR_CONFIG_TYPE_DOMAIN_GRAPHICS_SPICE_IMAGE,
+ "image", NULL, xml, error);
+ return GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE(object);
+}
+
+void gvir_config_domain_graphics_spice_image_set_compression
+ (GVirConfigDomainGraphicsSpiceImage *image,
+ GVirConfigDomainGraphicsSpiceImageCompression compression)
+{
+ const char *str;
+ char *value;
+ guint8 i;
+
+ g_return_if_fail(GVIR_CONFIG_IS_DOMAIN_GRAPHICS_SPICE_IMAGE(image));
+
+ str = gvir_config_genum_get_nick(GVIR_CONFIG_TYPE_DOMAIN_GRAPHICS_SPICE_IMAGE_COMPRESSION,
+ compression);
+ g_return_if_fail(str != NULL);
+
+ value = g_strdup(str);
+ /* glib-mkenum replaces '_' by default '-' in enum nicks and in this case
+ * we don't want that as libvirt use '_' rather than '-' for SPICE image
+ * compression attribute (unlike other attributes).
+ */
+ for (i = 0; i < strlen(str); i++) {
+ if (value[i] == '-')
+ value[i] = '_';
+ }
+
+ gvir_config_object_set_attribute(GVIR_CONFIG_OBJECT(image),
+ "compression", value,
+ NULL);
+ g_free(value);
+}
+
+int
+gvir_config_domain_graphics_spice_image_get_compression
+ (GVirConfigDomainGraphicsSpiceImage *image)
+{
+ const char *str;
+ char *str_value;
+ int value;
+ guint8 i;
+
+ g_return_val_if_fail(GVIR_CONFIG_IS_DOMAIN_GRAPHICS_SPICE_IMAGE(image),
+ GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_COMPRESSION_OFF);
+
+ str = gvir_config_object_get_attribute(GVIR_CONFIG_OBJECT(image),
+ NULL,
+ "compression");
+ if (str == NULL)
+ return GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_COMPRESSION_AUTO_GLZ;
+
+ str_value = g_strdup(str);
+ /* See comment in gvir_config_domain_graphics_spice_image_set_compression()
+ * for why we are doing this.
+ */
+ for (i = 0; i < strlen(str); i++) {
+ if (str_value[i] == '_')
+ str_value[i] = '-';
+ }
+
+ value = gvir_config_genum_get_value
+ (GVIR_CONFIG_TYPE_DOMAIN_GRAPHICS_SPICE_IMAGE_COMPRESSION,
+ str_value,
+ GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_COMPRESSION_OFF);
+ g_free(str_value);
+
+ return value;
+}
diff --git a/libvirt-gconfig/libvirt-gconfig-domain-graphics-spice-image.h b/libvirt-gconfig/libvirt-gconfig-domain-graphics-spice-image.h
new file mode 100644
index 0000000..6a28d1f
--- /dev/null
+++ b/libvirt-gconfig/libvirt-gconfig-domain-graphics-spice-image.h
@@ -0,0 +1,86 @@
+/*
+ * libvirt-gconfig-domain-graphics-spice-image.h: libvirt domain SPICE image compression configuration
+ *
+ * Copyright (C) 2013 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * Author: Zeeshan Ali (Khattak) <zeeshanak(a)gnome.org>
+ */
+
+#if !defined(__LIBVIRT_GCONFIG_H__) && !defined(LIBVIRT_GCONFIG_BUILD)
+#error "Only <libvirt-gconfig/libvirt-gconfig.h> can be included directly."
+#endif
+
+#ifndef __LIBVIRT_GCONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_H__
+#define __LIBVIRT_GCONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_H__
+
+#include <libvirt-gconfig/libvirt-gconfig-domain-timer.h>
+
+G_BEGIN_DECLS
+
+#define GVIR_CONFIG_TYPE_DOMAIN_GRAPHICS_SPICE_IMAGE (gvir_config_domain_graphics_spice_image_get_type ())
+#define GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), GVIR_CONFIG_TYPE_DOMAIN_GRAPHICS_SPICE_IMAGE, GVirConfigDomainGraphicsSpiceImage))
+#define GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), GVIR_CONFIG_TYPE_DOMAIN_GRAPHICS_SPICE_IMAGE, GVirConfigDomainGraphicsSpiceImageClass))
+#define GVIR_CONFIG_IS_DOMAIN_GRAPHICS_SPICE_IMAGE(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), GVIR_CONFIG_TYPE_DOMAIN_GRAPHICS_SPICE_IMAGE))
+#define GVIR_CONFIG_IS_DOMAIN_GRAPHICS_SPICE_IMAGE_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), GVIR_CONFIG_TYPE_DOMAIN_GRAPHICS_SPICE_IMAGE))
+#define GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), GVIR_CONFIG_TYPE_DOMAIN_GRAPHICS_SPICE_IMAGE, GVirConfigDomainGraphicsSpiceImageClass))
+
+typedef struct _GVirConfigDomainGraphicsSpiceImage GVirConfigDomainGraphicsSpiceImage;
+typedef struct _GVirConfigDomainGraphicsSpiceImagePrivate GVirConfigDomainGraphicsSpiceImagePrivate;
+typedef struct _GVirConfigDomainGraphicsSpiceImageClass GVirConfigDomainGraphicsSpiceImageClass;
+
+struct _GVirConfigDomainGraphicsSpiceImage
+{
+ GVirConfigObject parent;
+
+ GVirConfigDomainGraphicsSpiceImagePrivate *priv;
+
+ /* Do not add fields to this struct */
+};
+
+struct _GVirConfigDomainGraphicsSpiceImageClass
+{
+ GVirConfigObjectClass parent_class;
+
+ gpointer padding[20];
+};
+
+typedef enum {
+ GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_COMPRESSION_AUTO_GLZ,
+ GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_COMPRESSION_AUTO_LZ,
+ GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_COMPRESSION_QUIC,
+ GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_COMPRESSION_GLZ,
+ GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_COMPRESSION_LZ,
+ GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_COMPRESSION_OFF
+} GVirConfigDomainGraphicsSpiceImageCompression;
+
+GType gvir_config_domain_graphics_spice_image_get_type(void);
+
+GVirConfigDomainGraphicsSpiceImage *
+gvir_config_domain_graphics_spice_image_new(void);
+GVirConfigDomainGraphicsSpiceImage *
+gvir_config_domain_graphics_spice_image_new_from_xml(const gchar *xml,
+ GError **error);
+void gvir_config_domain_graphics_spice_image_set_compression
+ (GVirConfigDomainGraphicsSpiceImage *image,
+ GVirConfigDomainGraphicsSpiceImageCompression compression);
+int
+gvir_config_domain_graphics_spice_image_get_compression
+ (GVirConfigDomainGraphicsSpiceImage *image);
+
+G_END_DECLS
+
+#endif /* __LIBVIRT_GCONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_H__ */
diff --git a/libvirt-gconfig/libvirt-gconfig-domain-graphics-spice.c b/libvirt-gconfig/libvirt-gconfig-domain-graphics-spice.c
index d090a3a..f9e13e5 100644
--- a/libvirt-gconfig/libvirt-gconfig-domain-graphics-spice.c
+++ b/libvirt-gconfig/libvirt-gconfig-domain-graphics-spice.c
@@ -122,3 +122,37 @@ void gvir_config_domain_graphics_spice_set_tls_port(GVirConfigDomainGraphicsSpic
"tlsPort", G_TYPE_INT, port,
NULL);
}
+
+/**
+ * gvir_config_domain_graphics_spice_get_image:
+ * @graphics: a #GVirConfigDomainGraphicsSpice
+ *
+ * Gets the image compression configuration of @graphics
+ *
+ * Returns: (transfer full): A #GVirConfigDomainGraphicsSpiceImage. The returned
+ * object should be unreffed with g_object_unref() when no longer needed.
+ */
+GVirConfigDomainGraphicsSpiceImage *
+gvir_config_domain_graphics_spice_get_image(GVirConfigDomainGraphicsSpice *graphics)
+{
+ GVirConfigObject *object;
+
+ g_return_val_if_fail(GVIR_CONFIG_IS_DOMAIN_GRAPHICS_SPICE(graphics), NULL);
+
+ object = gvir_config_object_get_child_with_type(GVIR_CONFIG_OBJECT(graphics),
+ "image",
+ GVIR_CONFIG_TYPE_DOMAIN_GRAPHICS_SPICE_IMAGE);
+
+ return GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE(object);
+}
+
+void gvir_config_domain_graphics_spice_set_image(GVirConfigDomainGraphicsSpice *graphics,
+ GVirConfigDomainGraphicsSpiceImage *image)
+{
+ g_return_if_fail(GVIR_CONFIG_IS_DOMAIN_GRAPHICS_SPICE(graphics));
+ g_return_if_fail(GVIR_CONFIG_IS_DOMAIN_GRAPHICS_SPICE_IMAGE(image));
+
+ gvir_config_object_attach_replace(GVIR_CONFIG_OBJECT(graphics),
+ "image",
+ GVIR_CONFIG_OBJECT(image));
+}
diff --git a/libvirt-gconfig/libvirt-gconfig-domain-graphics-spice.h b/libvirt-gconfig/libvirt-gconfig-domain-graphics-spice.h
index c82615b..7b1596d 100644
--- a/libvirt-gconfig/libvirt-gconfig-domain-graphics-spice.h
+++ b/libvirt-gconfig/libvirt-gconfig-domain-graphics-spice.h
@@ -27,6 +27,8 @@
#ifndef __LIBVIRT_GCONFIG_DOMAIN_GRAPHICS_SPICE_H__
#define __LIBVIRT_GCONFIG_DOMAIN_GRAPHICS_SPICE_H__
+#include "libvirt-gconfig-domain-graphics-spice-image.h"
+
G_BEGIN_DECLS
#define GVIR_CONFIG_TYPE_DOMAIN_GRAPHICS_SPICE (gvir_config_domain_graphics_spice_get_type ())
@@ -75,6 +77,11 @@ void gvir_config_domain_graphics_spice_set_port(GVirConfigDomainGraphicsSpice *g
void gvir_config_domain_graphics_spice_set_tls_port(GVirConfigDomainGraphicsSpice *graphics,
int port);
+GVirConfigDomainGraphicsSpiceImage *
+gvir_config_domain_graphics_spice_get_image(GVirConfigDomainGraphicsSpice *graphics);
+void gvir_config_domain_graphics_spice_set_image(GVirConfigDomainGraphicsSpice *graphics,
+ GVirConfigDomainGraphicsSpiceImage *image);
+
G_END_DECLS
#endif /* __LIBVIRT_GCONFIG_DOMAIN_GRAPHICS_SPICE_H__ */
diff --git a/libvirt-gconfig/libvirt-gconfig.h b/libvirt-gconfig/libvirt-gconfig.h
index 9feaba2..df9399b 100644
--- a/libvirt-gconfig/libvirt-gconfig.h
+++ b/libvirt-gconfig/libvirt-gconfig.h
@@ -58,6 +58,7 @@
#include <libvirt-gconfig/libvirt-gconfig-domain-graphics.h>
#include <libvirt-gconfig/libvirt-gconfig-domain-graphics-sdl.h>
#include <libvirt-gconfig/libvirt-gconfig-domain-graphics-spice.h>
+#include <libvirt-gconfig/libvirt-gconfig-domain-graphics-spice-image.h>
#include <libvirt-gconfig/libvirt-gconfig-domain-graphics-vnc.h>
#include <libvirt-gconfig/libvirt-gconfig-domain-input.h>
#include <libvirt-gconfig/libvirt-gconfig-domain-interface.h>
diff --git a/libvirt-gconfig/libvirt-gconfig.sym b/libvirt-gconfig/libvirt-gconfig.sym
index d9cff90..a9d8066 100644
--- a/libvirt-gconfig/libvirt-gconfig.sym
+++ b/libvirt-gconfig/libvirt-gconfig.sym
@@ -504,4 +504,18 @@ LIBVIRT_GCONFIG_0.1.5 {
gvir_config_domain_smartcard_passthrough_set_source;
} LIBVIRT_GCONFIG_0.1.4;
+LIBVIRT_GCONFIG_0.1.6 {
+ global:
+ gvir_config_domain_graphics_spice_get_image;
+ gvir_config_domain_graphics_spice_set_image;
+
+ gvir_config_domain_graphics_spice_image_get_type;
+ gvir_config_domain_graphics_spice_image_compression_get_type;
+
+ gvir_config_domain_graphics_spice_image_new;
+ gvir_config_domain_graphics_spice_image_new_from_xml;
+ gvir_config_domain_graphics_spice_image_set_compression;
+ gvir_config_domain_graphics_spice_image_get_compression;
+} LIBVIRT_GCONFIG_0.1.5;
+
# .... define new API here using predicted next version number ....
diff --git a/libvirt-gconfig/tests/test-domain-create.c b/libvirt-gconfig/tests/test-domain-create.c
index 4c94b2a..d8466c8 100644
--- a/libvirt-gconfig/tests/test-domain-create.c
+++ b/libvirt-gconfig/tests/test-domain-create.c
@@ -288,6 +288,20 @@ int main(int argc, char **argv)
graphics = gvir_config_domain_graphics_spice_new();
gvir_config_domain_graphics_spice_set_port(graphics, 1234);
g_assert(gvir_config_domain_graphics_spice_get_port(graphics) == 1234);
+
+ /* SPICE image compression configuration */
+ GVirConfigDomainGraphicsSpiceImage *image;
+
+ image = gvir_config_domain_graphics_spice_image_new();
+ gvir_config_domain_graphics_spice_image_set_compression
+ (image, GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_COMPRESSION_AUTO_GLZ);
+ gvir_config_domain_graphics_spice_set_image(graphics, image);
+ g_object_unref(G_OBJECT(image));
+ image = gvir_config_domain_graphics_spice_get_image(graphics);
+ g_assert(gvir_config_domain_graphics_spice_image_get_compression(image) ==
+ GVIR_CONFIG_DOMAIN_GRAPHICS_SPICE_IMAGE_COMPRESSION_AUTO_GLZ);
+ g_object_unref(G_OBJECT(image));
+
devices = g_list_append(devices, GVIR_CONFIG_DOMAIN_DEVICE(graphics));
/* video node */
--
1.8.1.4
11 years, 7 months