[libvirt] [PATCH] Conditionally compile storagevolxml2argvtest
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
Only compile storagevolxml2argvtest if WITH_STORAGE is
set, because it links to that driver
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
Pushed as a Win32 build breaker fix
---
tests/Makefile.am | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 888968d..7689453 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -174,7 +174,9 @@ endif
test_programs += nwfilterxml2xmltest
+if WITH_STORAGE
test_programs += storagevolxml2argvtest
+endif
test_programs += storagevolxml2xmltest storagepoolxml2xmltest
@@ -472,11 +474,15 @@ nwfilterxml2xmltest_SOURCES = \
testutils.c testutils.h
nwfilterxml2xmltest_LDADD = $(LDADDS)
+if WITH_STORAGE
storagevolxml2argvtest_SOURCES = \
storagevolxml2argvtest.c \
testutils.c testutils.h
storagevolxml2argvtest_LDADD = \
../src/libvirt_driver_storage_impl.la $(LDADDS)
+else
+EXTRA_DIST += storagevolxml2argvtest.c
+endif
storagevolxml2xmltest_SOURCES = \
storagevolxml2xmltest.c \
--
1.8.1.4
11 years, 7 months
[libvirt] [PATCH] Conditionalize use of symlink() function in test suite
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
On Win32 symlink() is not available, so virstoragetest.c
must be conditionalized to avoid compile failures.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
Pushed as a win32 build breaker fix
---
configure.ac | 2 +-
tests/virstoragetest.c | 6 ++++++
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 11b332f..789d1c9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -194,7 +194,7 @@ dnl Availability of various common functions (non-fatal if missing),
dnl and various less common threadsafe functions
AC_CHECK_FUNCS_ONCE([cfmakeraw geteuid getgid getgrnam_r getmntent_r \
getpwuid_r getuid initgroups kill mmap newlocale posix_fallocate \
- posix_memalign regexec sched_getaffinity setns])
+ posix_memalign regexec sched_getaffinity setns symlink])
dnl Availability of pthread functions (if missing, win32 threading is
dnl assumed). Because of $LIB_PTHREAD, we cannot use AC_CHECK_FUNCS_ONCE.
diff --git a/tests/virstoragetest.c b/tests/virstoragetest.c
index d495e6a..0e6ba9e 100644
--- a/tests/virstoragetest.c
+++ b/tests/virstoragetest.c
@@ -161,12 +161,14 @@ testPrepImages(void)
if (virCommandRun(cmd, NULL) < 0)
goto skip;
+#ifdef HAVE_SYMLINK
/* Create some symlinks in a sub-directory. */
if (symlink("../qcow2", datadir "/sub/link1") < 0 ||
symlink("../wrap", datadir "/sub/link2") < 0) {
fprintf(stderr, "unable to create symlink");
goto cleanup;
}
+#endif
ret = 0;
cleanup:
@@ -364,6 +366,7 @@ mymain(void)
canonraw, absraw, datadir, VIR_STORAGE_FILE_RAW,
true, 1024, false,
};
+#if HAVE_SYMLINK
const testFileData link1_rel = {
canonraw, "../raw", "sub/../sub/..", VIR_STORAGE_FILE_RAW,
true, 1024, false,
@@ -380,6 +383,7 @@ mymain(void)
canonqcow2, "../sub/link1", datadir "/sub/../sub",
VIR_STORAGE_FILE_QCOW2, true, 1024, false,
};
+#endif
/* The actual tests, in several groups. */
@@ -522,6 +526,7 @@ mymain(void)
chain12a, EXP_PASS,
chain12b, ALLOW_PROBE | EXP_PASS);
+#ifdef HAVE_SYMLINK
/* Rewrite qcow2 and wrap file to use backing names relative to a
* symlink from a different directory */
virCommandFree(cmd);
@@ -545,6 +550,7 @@ mymain(void)
chain13a, ALLOW_PROBE | EXP_PASS,
chain13c, EXP_PASS,
chain13c, ALLOW_PROBE | EXP_PASS);
+#endif
/* Final cleanup */
testCleanupImages();
--
1.8.1.4
11 years, 7 months
[libvirt] [PATCH] Fix signature of dummy virNetlinkCommand stub
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
The second param of virNetlinkCommand should be
struct nlmsghdr, not unsigned char.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
Pushed as a Win32 build breaker fix
---
src/util/virnetlink.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/util/virnetlink.c b/src/util/virnetlink.c
index af1985c..d340eda 100644
--- a/src/util/virnetlink.c
+++ b/src/util/virnetlink.c
@@ -752,7 +752,7 @@ virNetlinkShutdown(void)
}
int virNetlinkCommand(struct nl_msg *nl_msg ATTRIBUTE_UNUSED,
- unsigned char **respbuf ATTRIBUTE_UNUSED,
+ struct nlmsghdr **resp ATTRIBUTE_UNUSED,
unsigned int *respbuflen ATTRIBUTE_UNUSED,
uint32_t src_pid ATTRIBUTE_UNUSED,
uint32_t dst_pid ATTRIBUTE_UNUSED,
--
1.8.1.4
11 years, 7 months
[libvirt] [PATCH] Add empty stub for virThreadCancel on Win32
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
Win32 does not like undefined symbols, so define an
empty virThreadCancel impl.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
Pushed as a Win32 build breaker fix
---
src/util/virthreadwin32.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/util/virthreadwin32.c b/src/util/virthreadwin32.c
index 0ad7e5c..4543ad8 100644
--- a/src/util/virthreadwin32.c
+++ b/src/util/virthreadwin32.c
@@ -357,6 +357,8 @@ void virThreadJoin(virThreadPtr thread)
}
}
+void virThreadCancel(virThreadPtr thread ATTRIBUTE_UNUSED)
+{}
int virThreadLocalInit(virThreadLocalPtr l,
virThreadLocalCleanup c)
--
1.8.1.4
11 years, 7 months
[libvirt] [PATCH] Don't enable -fPIE on Win32 platforms
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
On win32, all code is position independent and adding -fPIE
to the compiler flags results in warnings being printed
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
Pushed as a Win32 build breaker fix
---
m4/virt-compile-pie.m4 | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/m4/virt-compile-pie.m4 b/m4/virt-compile-pie.m4
index 1b62041..cceb495 100644
--- a/m4/virt-compile-pie.m4
+++ b/m4/virt-compile-pie.m4
@@ -21,10 +21,15 @@ dnl
AC_DEFUN([LIBVIRT_COMPILE_PIE],[
PIE_CFLAGS=
PIE_LDFLAGS=
- gl_COMPILER_OPTION_IF([-fPIE -DPIE], [
+ case "$host" in
+ *-*-mingw* | *-*-msvc* | *-*-cygwin* )
+ ;; dnl All code is position independent on Win32 target
+ *)
+ gl_COMPILER_OPTION_IF([-fPIE -DPIE], [
PIE_CFLAGS="-fPIE -DPIE"
PIE_LDFLAGS="-pie"
- ])
+ ])
+ esac
AC_SUBST([PIE_CFLAGS])
AC_SUBST([PIE_LDFLAGS])
])
--
1.8.1.4
11 years, 7 months
[libvirt] [PATCH v3 00/16]
by Daniel P. Berrange
This is an update of
https://www.redhat.com/archives/libvir-list/2013-April/msg00352.html
Currently libvirt creates a cgroups hiearchy at
$LOCATION-OF-LIBVIRTD/libvirt/{qemu,lxc}/$GUEST-NAME
eg
/sys/fs/cgroup
├── blkio
│ └── libvirt
│ ├── lxc
│ │ └── busy
│ └── qemu
│ └── vm1
├── cpu,cpuacct
│ ├── libvirt
│ │ ├── lxc
│ │ │ └── busy
│ │ └── qemu
│ │ └── vm1
│ │ ├── emulator
│ │ └── vcpu0
│ └── system
│ ├── abrtd.service
│ ....snip....
│ └── upower.service
├── cpuset
│ └── libvirt
│ ├── lxc
│ │ └── busy
│ └── qemu
│ └── vm1
│ ├── emulator
│ └── vcpu0
├── devices
│ └── libvirt
│ ├── lxc
│ │ └── busy
│ └── qemu
│ └── vm1
├── freezer
│ └── libvirt
│ ├── lxc
│ │ └── busy
│ └── qemu
│ └── vm1
├── memory
│ └── libvirt
│ ├── lxc
│ │ └── busy
│ └── qemu
│ └── vm1
├── net_cls
├── perf_event
This series changes it so that libvirt creates cgroups at
/system/$VMNAME.{qemu,lxc}.libvirt
and allows configuration of the "resource partition" (ie the
"/system" bit) via the XML. So we get a layout like this:
/sys/fs/cgroup
├── blkio
│ └── system
│ ├── demo.lxc.libvirt
│ └── vm1.qemu.libvirt
├── cpu,cpuacct
│ └── system
│ ├── abrtd.service
│ ....snip....
│ ├── demo.lxc.libvirt
│ ....snip....
│ └── vm1.qemu.libvirt
│ ├── emulator
│ └── vcpu0
├── cpuset
│ └── system
│ ├── demo.lxc.libvirt
│ └── vm1.qemu.libvirt
│ ├── emulator
│ └── vcpu0
├── devices
│ └── system
│ ├── demo.lxc.libvirt
│ └── vm1.qemu.libvirt
├── freezer
│ └── system
│ ├── demo.lxc.libvirt
│ └── vm1.qemu.libvirt
├── memory
│ └── system
│ ├── demo.lxc.libvirt
│ └── vm1.qemu.libvirt
├── net_cls
├── perf_event
Flattening out the libvirt created hiearchy has serious
performance wins, due to poor kernel scalability with
deep hierarchies. It also makes it easier to configure
system wide policy for resource usage across system
services and virtual machines / containers, since they
all live at the top level in comon resource partitions.
Changes since v2:
- Merge previously ACKed patches
- Incorporate Gao Feng's changes to LXC cgroup mount setup
11 years, 7 months
[libvirt] [PATCH] maint: update to latest gnulib
by Eric Blake
Upstream gnulib determined that we were needlessly compiling in
gnulib's regex instead of glibc's when targetting new-enough glibc,
because the m4 test was being too strict in requiring a particular
answer to undefined behavior.
https://lists.gnu.org/archive/html/bug-gnulib/2013-04/msg00032.html
* .gnulib: Update to latest, for regex.
---
I verified that on F18, the final size of libvirtd shrinks after
applying this patch, because of this change to config.cache:
-gl_cv_func_re_compile_pattern_working=${gl_cv_func_re_compile_pattern_working=no}
+gl_cv_func_re_compile_pattern_working=${gl_cv_func_re_compile_pattern_working=yes}
Pushing under the agreement that gnulib fixes outside of freeze
are generally trivial.
* .gnulib 076ac82...92f3a4c (1):
> regex-tests, regex: allow glibc re_search behavior
.gnulib | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.gnulib b/.gnulib
index 076ac82..92f3a4c 160000
--- a/.gnulib
+++ b/.gnulib
@@ -1 +1 @@
-Subproject commit 076ac82d1d7f4df54630f1b4917b3c14f227f032
+Subproject commit 92f3a4c8e52e64c233e260431d095dbf88554c14
--
1.8.1.4
11 years, 7 months
[libvirt] [PATCH] Use unsigned int instead of unsigned
by Osier Yang
Though they are the same thing, mixed use of them is uncomfortable.
"unsigned" is used a lot in old codes, this just tries to change the
ones in utils.
---
src/util/virpci.c | 65 +++++++++++++++++++++++++++++--------------------------
src/util/virpci.h | 24 ++++++++++----------
2 files changed, 46 insertions(+), 43 deletions(-)
diff --git a/src/util/virpci.c b/src/util/virpci.c
index caf1d40..d94ff54 100644
--- a/src/util/virpci.c
+++ b/src/util/virpci.c
@@ -51,18 +51,18 @@
#define SRIOV_ERROR -1
struct _virPCIDevice {
- unsigned domain;
- unsigned bus;
- unsigned slot;
- unsigned function;
+ unsigned int domain;
+ unsigned int bus;
+ unsigned int slot;
+ unsigned int function;
char name[PCI_ADDR_LEN]; /* domain:bus:slot.function */
char id[PCI_ID_LEN]; /* product vendor */
char *path;
const char *used_by; /* The domain which uses the device */
- unsigned pcie_cap_pos;
- unsigned pci_pm_cap_pos;
+ unsigned int pcie_cap_pos;
+ unsigned int pci_pm_cap_pos;
bool has_flr;
bool has_pm_reset;
bool managed;
@@ -76,7 +76,7 @@ struct _virPCIDevice {
struct _virPCIDeviceList {
virObjectLockable parent;
- unsigned count;
+ unsigned int count;
virPCIDevicePtr *devs;
};
@@ -222,9 +222,9 @@ virPCIDeviceConfigClose(virPCIDevicePtr dev, int cfgfd)
static int
virPCIDeviceRead(virPCIDevicePtr dev,
int cfgfd,
- unsigned pos,
+ unsigned int pos,
uint8_t *buf,
- unsigned buflen)
+ unsigned int buflen)
{
memset(buf, 0, buflen);
@@ -239,7 +239,7 @@ virPCIDeviceRead(virPCIDevicePtr dev,
}
static uint8_t
-virPCIDeviceRead8(virPCIDevicePtr dev, int cfgfd, unsigned pos)
+virPCIDeviceRead8(virPCIDevicePtr dev, int cfgfd, unsigned int pos)
{
uint8_t buf;
virPCIDeviceRead(dev, cfgfd, pos, &buf, sizeof(buf));
@@ -247,7 +247,7 @@ virPCIDeviceRead8(virPCIDevicePtr dev, int cfgfd, unsigned pos)
}
static uint16_t
-virPCIDeviceRead16(virPCIDevicePtr dev, int cfgfd, unsigned pos)
+virPCIDeviceRead16(virPCIDevicePtr dev, int cfgfd, unsigned int pos)
{
uint8_t buf[2];
virPCIDeviceRead(dev, cfgfd, pos, &buf[0], sizeof(buf));
@@ -255,7 +255,7 @@ virPCIDeviceRead16(virPCIDevicePtr dev, int cfgfd, unsigned pos)
}
static uint32_t
-virPCIDeviceRead32(virPCIDevicePtr dev, int cfgfd, unsigned pos)
+virPCIDeviceRead32(virPCIDevicePtr dev, int cfgfd, unsigned int pos)
{
uint8_t buf[4];
virPCIDeviceRead(dev, cfgfd, pos, &buf[0], sizeof(buf));
@@ -265,9 +265,9 @@ virPCIDeviceRead32(virPCIDevicePtr dev, int cfgfd, unsigned pos)
static int
virPCIDeviceWrite(virPCIDevicePtr dev,
int cfgfd,
- unsigned pos,
+ unsigned int pos,
uint8_t *buf,
- unsigned buflen)
+ unsigned int buflen)
{
if (lseek(cfgfd, pos, SEEK_SET) != pos ||
safewrite(cfgfd, buf, buflen) != buflen) {
@@ -280,14 +280,14 @@ virPCIDeviceWrite(virPCIDevicePtr dev,
}
static void
-virPCIDeviceWrite16(virPCIDevicePtr dev, int cfgfd, unsigned pos, uint16_t val)
+virPCIDeviceWrite16(virPCIDevicePtr dev, int cfgfd, unsigned int pos, uint16_t val)
{
uint8_t buf[2] = { (val >> 0), (val >> 8) };
virPCIDeviceWrite(dev, cfgfd, pos, &buf[0], sizeof(buf));
}
static void
-virPCIDeviceWrite32(virPCIDevicePtr dev, int cfgfd, unsigned pos, uint32_t val)
+virPCIDeviceWrite32(virPCIDevicePtr dev, int cfgfd, unsigned int pos, uint32_t val)
{
uint8_t buf[4] = { (val >> 0), (val >> 8), (val >> 16), (val >> 24) };
virPCIDeviceWrite(dev, cfgfd, pos, &buf[0], sizeof(buf));
@@ -370,7 +370,9 @@ virPCIDeviceIterDevices(virPCIDeviceIterPredicate predicate,
}
static uint8_t
-virPCIDeviceFindCapabilityOffset(virPCIDevicePtr dev, int cfgfd, unsigned capability)
+virPCIDeviceFindCapabilityOffset(virPCIDevicePtr dev,
+ int cfgfd,
+ unsigned int capability)
{
uint16_t status;
uint8_t pos;
@@ -407,7 +409,7 @@ virPCIDeviceFindCapabilityOffset(virPCIDevicePtr dev, int cfgfd, unsigned capabi
static unsigned int
virPCIDeviceFindExtendedCapabilityOffset(virPCIDevicePtr dev,
int cfgfd,
- unsigned capability)
+ unsigned int capability)
{
int ttl;
unsigned int pos;
@@ -496,7 +498,7 @@ virPCIDeviceDetectFunctionLevelReset(virPCIDevicePtr dev, int cfgfd)
* and that a D3hot->D0 transition will results in a full
* internal reset, not just a soft reset.
*/
-static unsigned
+static unsigned int
virPCIDeviceDetectPowerManagementReset(virPCIDevicePtr dev, int cfgfd)
{
if (dev->pci_pm_cap_pos) {
@@ -1341,10 +1343,10 @@ virPCIDeviceReadID(virPCIDevicePtr dev, const char *id_name)
}
int
-virPCIGetAddrString(unsigned domain,
- unsigned bus,
- unsigned slot,
- unsigned function,
+virPCIGetAddrString(unsigned int domain,
+ unsigned int bus,
+ unsigned int slot,
+ unsigned int function,
char **pciConfigAddr)
{
virPCIDevicePtr dev = NULL;
@@ -1365,10 +1367,10 @@ cleanup:
}
virPCIDevicePtr
-virPCIDeviceNew(unsigned domain,
- unsigned bus,
- unsigned slot,
- unsigned function)
+virPCIDeviceNew(unsigned int domain,
+ unsigned int bus,
+ unsigned int slot,
+ unsigned int function)
{
virPCIDevicePtr dev;
char *vendor = NULL;
@@ -1458,12 +1460,13 @@ void virPCIDeviceSetManaged(virPCIDevicePtr dev, bool managed)
dev->managed = managed;
}
-unsigned virPCIDeviceGetManaged(virPCIDevicePtr dev)
+unsigned int
+virPCIDeviceGetManaged(virPCIDevicePtr dev)
{
return dev->managed;
}
-unsigned
+unsigned int
virPCIDeviceGetUnbindFromStub(virPCIDevicePtr dev)
{
return dev->unbind_from_stub;
@@ -1475,7 +1478,7 @@ virPCIDeviceSetUnbindFromStub(virPCIDevicePtr dev, bool unbind)
dev->unbind_from_stub = unbind;
}
-unsigned
+unsigned int
virPCIDeviceGetRemoveSlot(virPCIDevicePtr dev)
{
return dev->remove_slot;
@@ -1487,7 +1490,7 @@ virPCIDeviceSetRemoveSlot(virPCIDevicePtr dev, bool remove_slot)
dev->remove_slot = remove_slot;
}
-unsigned
+unsigned int
virPCIDeviceGetReprobe(virPCIDevicePtr dev)
{
return dev->reprobe;
diff --git a/src/util/virpci.h b/src/util/virpci.h
index 0c4a8d2..67bee3d 100644
--- a/src/util/virpci.h
+++ b/src/util/virpci.h
@@ -41,10 +41,10 @@ struct _virPCIDeviceAddress {
unsigned int function;
};
-virPCIDevicePtr virPCIDeviceNew(unsigned domain,
- unsigned bus,
- unsigned slot,
- unsigned function);
+virPCIDevicePtr virPCIDeviceNew(unsigned int domain,
+ unsigned int bus,
+ unsigned int slot,
+ unsigned int function);
void virPCIDeviceFree(virPCIDevicePtr dev);
const char *virPCIDeviceGetName(virPCIDevicePtr dev);
@@ -62,17 +62,17 @@ int virPCIDeviceReset(virPCIDevicePtr dev,
void virPCIDeviceSetManaged(virPCIDevice *dev,
bool managed);
-unsigned virPCIDeviceGetManaged(virPCIDevice *dev);
+unsigned int virPCIDeviceGetManaged(virPCIDevice *dev);
void virPCIDeviceSetUsedBy(virPCIDevice *dev,
const char *used_by);
const char *virPCIDeviceGetUsedBy(virPCIDevice *dev);
-unsigned virPCIDeviceGetUnbindFromStub(virPCIDevicePtr dev);
+unsigned int virPCIDeviceGetUnbindFromStub(virPCIDevicePtr dev);
void virPCIDeviceSetUnbindFromStub(virPCIDevice *dev,
bool unbind);
-unsigned virPCIDeviceGetRemoveSlot(virPCIDevicePtr dev);
+unsigned int virPCIDeviceGetRemoveSlot(virPCIDevicePtr dev);
void virPCIDeviceSetRemoveSlot(virPCIDevice *dev,
bool remove_slot);
-unsigned virPCIDeviceGetReprobe(virPCIDevicePtr dev);
+unsigned int virPCIDeviceGetReprobe(virPCIDevicePtr dev);
void virPCIDeviceSetReprobe(virPCIDevice *dev,
bool reprobe);
void virPCIDeviceReattachInit(virPCIDevice *dev);
@@ -135,10 +135,10 @@ int virPCIGetSysfsFile(char *virPCIDeviceName,
char **pci_sysfs_device_link)
ATTRIBUTE_RETURN_CHECK;
-int virPCIGetAddrString(unsigned domain,
- unsigned bus,
- unsigned slot,
- unsigned function,
+int virPCIGetAddrString(unsigned int domain,
+ unsigned int bus,
+ unsigned int slot,
+ unsigned int function,
char **pciConfigAddr)
ATTRIBUTE_NONNULL(5) ATTRIBUTE_RETURN_CHECK;
--
1.8.1.4
11 years, 7 months
[libvirt] [PATCH] Do more complete initialization of libgcrypt
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
If libvirt makes any gcry_control() calls, then this
prevents gnutls for doing any initialization. As such
we must take care to do full initialization of libcrypt
on a par with what gnutls would have done. In particular
we must disable "sec mem" for cases where the user does
not have mlock() permission. We also skip our init of
libgcrypt if something else (ie the app using libvirt)
has beaten us to it.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
src/libvirt.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/libvirt.c b/src/libvirt.c
index c5221f5..7c0a873 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -409,8 +409,14 @@ virGlobalInit(void)
goto error;
#ifdef WITH_GNUTLS
- gcry_control(GCRYCTL_SET_THREAD_CBS, &virTLSThreadImpl);
- gcry_check_version(NULL);
+ if (gcry_control(GCRYCTL_ANY_INITIALIZATION_P) == 0) {
+ gcry_control(GCRYCTL_SET_THREAD_CBS, &virTLSThreadImpl);
+ gcry_check_version(NULL);
+
+ gcry_control(GCRYCTL_DISABLE_SECMEM, NULL, 0);
+ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, NULL, 0);
+ gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0);
+ }
#endif
virLogSetFromEnv();
--
1.8.1.4
11 years, 7 months
[libvirt] [PATCH 0/1] qemu: Add Secure Shell (ssh) network block device.
by Richard W.M. Jones
This patch allows you to use the qemu Secure Shell (ssh) block device.
This is not upstream yet, but you can find my latest version here:
http://lists.nongnu.org/archive/html/qemu-devel/2013-04/threads.html#01703
This patch lets you specify a ssh device like this:
<disk type='network' device='disk'>
<source protocol='ssh' name='/remote/path/to/disk/image'>
<host name='remote-server.example.com'/>
</source>
<driver name='qemu' type='raw'/>
<target dev='vda' bus='virtio'/>
</disk>
Patched qemu will connect to remote-server.example.com using libssh2,
and access /remote/path/to/disk/image using the sftp protocol. This
works for both read and write.
Of course, since you'll have to use a patched qemu, you will also need
to fiddle with the <emulator> setting.
One current problem with this patch is that you have to manually set
the SSH_AUTH_SOCK environment variable to point at your ssh-agent
(since qemu's ssh block device requires ssh-agent authentication). I
added the following to my XML, your value will be different:
<qemu:commandline>
<qemu:env name="SSH_AUTH_SOCK" value="/tmp/ssh-DThteVfEeOq3/agent.1773" />
</qemu:commandline>
Some shortcomings:
- Does not allow you to specify the host_key_check parameter.
- No tests.
- Not sure how best to deal with the ssh-agent authentication socket
problem. Use libvirt secrets? If so, how?
- I did not test if you can specify an alternate remote user.
- I did not test (or care) if parsing qemu command lines works.
Rich.
11 years, 7 months