[libvirt] [PATCH] maint: update to latest gnulib
by Eric Blake
Since we're about to freeze, it's time to pick up the latest
upstream gnulib. Among other changes, gnulib now guarantees the
use of some -f flags that we were previously manually adding.
* .gnulib: Update to latest, in part for warning improvements.
* m4/virt-compile-warnings.m4 (LIBVIRT_COMPILE_WARNINGS): Drop
flags that are now guaranteed by gnulib.
* bootstrap: Resync to gnulib.
Signed-off-by: Eric Blake <eblake(a)redhat.com>
---
Pushing under my gnulib maintenance rule.
* .gnulib 0ba0877...4a5ee89 (31):
> manywarnings: enable nicer gcc warning messages
> timespec: use the new TIMESPEC_RESOLUTION in a few more places
> warnings: port --enable-gcc-warnings to Solaris Studio 12.3
> configmake: support new --runstatedir option
> ctype, string: depend on extern-inline
> userspec: support optional parameters to parse_user_spec()
> timespec: new function make_timespec, and new constants
> stdio: OS X port of putc_unlocked + extern inline
> signal: OS X port of sigaddset etc. + extern inline
> extern-inline: do not always suppress extern inline on OS X
> extern-inline: document fixes for ctype and wctype macros
> fflush, freadahead, fseeko: Fix for Android
> pmccabe2html: fix portability issues
> getgroups: statement without effect
> autoupdate
> update from texinfo
> update from texinfo
> glob: fix compilation
> glob: fix build for platforms without __THROW
> autoupdate
> regex-quote: fix buffer access out of bounds
> glob: avoid -Wattribute warnings on glibc
> headers: check that _GL_INLINE_HEADER_BEGIN is defined
> bootstrap: remove the --version requirement from ancillary tools
> gc: support HMAC-SHA256 and HMAC-SHA512.
> gettext: update to version 0.18.3.1
> selinux-at: omit unnecessary include
> autoupdate
> d-ino: avoid false negative on symlink
> update from texinfo
> autoupdate
.gnulib | 2 +-
bootstrap | 19 +++++++++++--------
m4/virt-compile-warnings.m4 | 2 --
3 files changed, 12 insertions(+), 11 deletions(-)
diff --git a/.gnulib b/.gnulib
index 0ba0877..4a5ee89 160000
--- a/.gnulib
+++ b/.gnulib
@@ -1 +1 @@
-Subproject commit 0ba087759d2797c8f7d3c34bef6268ba3fd212cb
+Subproject commit 4a5ee89c8a8be7350a8fd8ca1bacb196a190e492
diff --git a/bootstrap b/bootstrap
index cc7fc1b..e31d17d 100755
--- a/bootstrap
+++ b/bootstrap
@@ -209,12 +209,16 @@ bootstrap_sync=false
# Use git to update gnulib sources
use_git=true
+check_exists() {
+ ($1 --version </dev/null) >/dev/null 2>&1
+ test $? -lt 126
+}
+
# find_tool ENVVAR NAMES...
# -------------------------
# Search for a required program. Use the value of ENVVAR, if set,
-# otherwise find the first of the NAMES that can be run (i.e.,
-# supports --version). If found, set ENVVAR to the program name,
-# die otherwise.
+# otherwise find the first of the NAMES that can be run.
+# If found, set ENVVAR to the program name, die otherwise.
#
# FIXME: code duplication, see also gnu-web-doc-update.
find_tool ()
@@ -225,7 +229,7 @@ find_tool ()
eval "find_tool_res=\$$find_tool_envvar"
if test x"$find_tool_res" = x; then
for i; do
- if ($i --version </dev/null) >/dev/null 2>&1; then
+ if check_exists $i; then
find_tool_res=$i
break
fi
@@ -463,8 +467,7 @@ check_versions() {
if [ "$req_ver" = "-" ]; then
# Merely require app to exist; not all prereq apps are well-behaved
# so we have to rely on $? rather than get_version.
- $app --version >/dev/null 2>&1 </dev/null
- if [ 126 -le $? ]; then
+ if ! check_exists $app; then
warn_ "Error: '$app' not found"
ret=1
fi
@@ -551,10 +554,10 @@ fi
echo "$0: Bootstrapping from checked-out $package sources..."
# See if we can use gnulib's git-merge-changelog merge driver.
-if $use_git && test -d .git && (git --version) >/dev/null 2>/dev/null ; then
+if $use_git && test -d .git && check_exists git; then
if git config merge.merge-changelog.driver >/dev/null ; then
:
- elif (git-merge-changelog --version) >/dev/null 2>/dev/null ; then
+ elif check_exists git-merge-changelog; then
echo "$0: initializing git-merge-changelog driver"
git config merge.merge-changelog.name 'GNU-style ChangeLog merge driver'
git config merge.merge-changelog.driver 'git-merge-changelog %O %A %B'
diff --git a/m4/virt-compile-warnings.m4 b/m4/virt-compile-warnings.m4
index 938c8bb..8f905cc 100644
--- a/m4/virt-compile-warnings.m4
+++ b/m4/virt-compile-warnings.m4
@@ -187,8 +187,6 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[
esac
wantwarn="$wantwarn -fexceptions"
wantwarn="$wantwarn -fasynchronous-unwind-tables"
- wantwarn="$wantwarn -fdiagnostics-show-option"
- wantwarn="$wantwarn -funit-at-a-time"
# Need -fipa-pure-const in order to make -Wsuggest-attribute=pure
# fire even without -O.
--
1.8.3.1
11 years, 8 months
[libvirt] [PATCH 0/2]
by Claudio Bley
Hi.
I used the rawhide RPMs to take out the DLLs for a test drive on Windows 64bit
the other day.
While trying to read the "screenshot" from the test domain using the
test:///default connection, I only received 5 Bytes of the libvirtLogo.png file.
Looking at the test driver, the condition piqued my interest, but wasn't the
cause of the short read, only a bit odd. See patch #1.
The actual cause was that the file was opened in text mode and the seventh byte
was a 0x1A which triggered EOF on the FD. See patch #2.
Claudio Bley (2):
test: fix call to virFDStreamOpenFile in testDomainScreenshot
Always open files in binary mode in virFDStreamOpenFileInternal
src/fdstream.c | 2 +-
src/test/test_driver.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
--
1.8.3.1
11 years, 8 months
[libvirt] [PATCH] conf: Fix virNetworkAssignDef's comment.
by lawrancejing
---
src/conf/network_conf.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c
index 6968e25..c877a6d 100644
--- a/src/conf/network_conf.c
+++ b/src/conf/network_conf.c
@@ -333,7 +333,7 @@ virNetworkObjAssignDef(virNetworkObjPtr network,
* def. For an existing network, use "live" and current state of the
* network to determine which to replace.
*
- * Returns -1 on failure, 0 on success.
+ * Returns NULL on error, virNetworkObjPtr on success.
*/
virNetworkObjPtr
virNetworkAssignDef(virNetworkObjListPtr nets,
--
1.7.1
11 years, 8 months
[libvirt] [PATCH 0/3] More OOM check fixes
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
More OOM fixes. These didn't cause crashes, rather invalid XML / cli
arg generation.
Daniel P. Berrange (3):
Add missing check for OOM when building boot menu args
Honour error returned by virBitmapFormat
Check return value of virDomainControllerInsert when parsing QEMU args
src/conf/domain_conf.h | 9 ++++++---
src/qemu/qemu_command.c | 38 ++++++++++++++++++++++----------------
2 files changed, 28 insertions(+), 19 deletions(-)
--
1.8.3.1
11 years, 8 months
[libvirt] [PATCH] Add --disable-securityfs configure option
by Bogdan Purcareata
Securityfs is not enabled on all kernels running libvirt containers.
This patch introduces a configure option that can specify whether
containers should mount securityfs in their rootfs.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata(a)freescale.com>
---
configure.ac | 8 ++++++++
src/lxc/lxc_container.c | 4 ++++
2 files changed, 12 insertions(+)
diff --git a/configure.ac b/configure.ac
index 553015a..b4351dd 100644
--- a/configure.ac
+++ b/configure.ac
@@ -111,6 +111,14 @@ then
[Extra package version])
fi
+dnl Enable securityfs mounts if necessary
+AC_ARG_ENABLE([securityfs],
+ AS_HELP_STRING([--disable-securityfs], [Disable mounting securityfs from container domains]))
+
+AS_IF([test "x$enable_securityfs" != "xno"],[
+ AC_DEFINE_UNQUOTED([WITH_SECURITYFS],[],[Securityfs present])
+ ])
+
dnl Required minimum versions of all libs we depend on
LIBXML_REQUIRED="2.6.0"
GNUTLS_REQUIRED="1.0.25"
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index c60f5d8..72f1e81 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -768,8 +768,10 @@ static const virLXCBasicMountInfo lxcBasicMounts[] = {
{ "/proc/sys", "/proc/sys", NULL, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY },
{ "sysfs", "/sys", "sysfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV },
{ "sysfs", "/sys", "sysfs", NULL, MS_BIND|MS_REMOUNT|MS_RDONLY },
+#if WITH_SECURITYFS
{ "securityfs", "/sys/kernel/security", "securityfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV },
{ "securityfs", "/sys/kernel/security", "securityfs", NULL, MS_BIND|MS_REMOUNT|MS_RDONLY },
+#endif
#if WITH_SELINUX
{ SELINUX_MOUNT, SELINUX_MOUNT, "selinuxfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV },
{ SELINUX_MOUNT, SELINUX_MOUNT, NULL, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY },
@@ -872,8 +874,10 @@ static int lxcContainerMountBasicFS(bool userns_enabled)
continue;
#endif
+#if WITH_SECURITYFS
if (STREQ(mnt->src, "securityfs") && userns_enabled)
continue;
+#endif
if (virFileMakePath(mnt->dst) < 0) {
virReportSystemError(errno,
--
1.7.11.7
11 years, 8 months
[libvirt] [Patch]LXC: Add support for attach/detach/update controller in config for LXC
by Chen Hanxiao
From: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com>
Add support for attach/detach/update controller
in config for LXC.
Signed-off-by: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com>
---
src/lxc/lxc_driver.c | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index 4cf0b50..9c58f67 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -2750,6 +2750,7 @@ lxcDomainAttachDeviceConfig(virDomainDefPtr vmdef,
virDomainDiskDefPtr disk;
virDomainNetDefPtr net;
virDomainHostdevDefPtr hostdev;
+ virDomainControllerDefPtr controller;
switch (dev->type) {
case VIR_DOMAIN_DEVICE_DISK:
@@ -2787,6 +2788,21 @@ lxcDomainAttachDeviceConfig(virDomainDefPtr vmdef,
ret = 0;
break;
+ case VIR_DOMAIN_DEVICE_CONTROLLER:
+ controller = dev->data.controller;
+ if (virDomainControllerFind(vmdef, controller->type,
+ controller->idx) >= 0) {
+ virReportError(VIR_ERR_OPERATION_INVALID, "%s",
+ _("Target already exists"));
+ return -1;
+ }
+
+ if (virDomainControllerInsert(vmdef, controller) < 0)
+ return -1;
+ dev->data.controller = NULL;
+ ret = 0;
+ break;
+
default:
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("persistent attach of device is not supported"));
@@ -2849,6 +2865,7 @@ lxcDomainDetachDeviceConfig(virDomainDefPtr vmdef,
virDomainDiskDefPtr disk, det_disk;
virDomainNetDefPtr net;
virDomainHostdevDefPtr hostdev, det_hostdev;
+ virDomainControllerDefPtr controller, det_cont;
int idx;
char mac[VIR_MAC_STRING_BUFLEN];
@@ -2895,6 +2912,19 @@ lxcDomainDetachDeviceConfig(virDomainDefPtr vmdef,
break;
}
+ case VIR_DOMAIN_DEVICE_CONTROLLER:
+ controller = dev->data.controller;
+ if ((idx = virDomainControllerFind(vmdef, controller->type,
+ controller->idx)) < 0) {
+ virReportError(VIR_ERR_INVALID_ARG, "%s",
+ _("device not present in domain configuration"));
+ return -1;
+ }
+ det_cont = virDomainControllerRemove(vmdef, idx);
+ virDomainControllerDefFree(det_cont);
+ ret = 0;
+ break;
+
default:
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("persistent detach of device is not supported"));
--
1.8.2.1
11 years, 8 months
Re: [libvirt] [PATCH] conf: Fix virNetworkAssignDef's comment.
by lawrance jing
OK.
2013/9/24 lawrance jing <lawrancejing(a)gmail.com>:
> OK, thanks.
>
> 2013/9/24 Osier Yang <jyang(a)redhat.com>:
>> On 24/09/13 15:57, lawrance jing wrote:
>>>
>>> I changed virNetworkAssignDef's comment,however what the patch show is
>>> "-333,7 +333,7 @@ virNetworkObjAssignDef". Please give me a hint, thank you.
>>
>>
>> Oh, it was confused, ACK and pushed. By the way, it's nicer if your reply
>> mails with text format.
>>
>> Osier
11 years, 8 months
[libvirt] How to intercept the VM start event and run the identity check
by Исаев Виталий Анатольевич
Dear developers!
We are working on the project based on Red Hat Enterprise Virtualisation and Red Hat Identity Management. RHEV environment will be deployed in protected internal enterprise network. Now we are developing special admin tools in order to extend functionality of RHEL IdM and we faced with a rather difficult problem... The system should meet the increased demands of informational security, so what we are trying to implement is:
1. Intercept the event of user's VM start on the RHEL Hypervisor;
2. Suspend the VM;
3. Mount VM's disk to Hypervisor (or some other VM, for instance, admin's VM);
4. Check the integrity of the VM's system files (count md5sum etc.)
5. Unmount disk;
6. If verification is passed, start the VM, else - power off and disable VM till the decision of administrator.
Is there any opportunity to implement this within the libvirt API?
Thank you,
Vitaly Isaev,
"Fintech" JSC, Moscow, Russia
www.fintech.ru<http://www.fintech.ru>
11 years, 8 months
[libvirt] [PATCH 00/10] Fix multiple OOM problems
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
Running out long ignored OOM injection tests identified a
number of problems. This series fixes those that I have
found so far, but more are to follow.
I'm also rewriting the OOM injection code to make it much,
much, much faster to run.
Daniel P. Berrange (10):
Fix crash on OOM when parsing disk security label
Fix crash on OOM in parsing CPU mask in domain XML
Fix crash if OOM occurs when creating virConnectPtr
Fix crash on OOM in qemuDomainCCWAddressSetCreate()
Fix crash on OOM in qemuAddRBDHost
Fix allocation of arglist in qemuStringToArgvEnv
Fix error checking of qemuParseKeywords return status
Fix missing OOM check in qemuParseCommandLine when splitting strings
Fix reporting of errors in OOM injection code
Don't ignore allocation failure in virCommandAddEnvPassCommon
src/conf/domain_conf.c | 5 ++--
src/datatypes.c | 10 +++++---
src/qemu/qemu_command.c | 59 ++++++++++++++++++++++++--------------------
src/qemu/qemu_command.h | 1 +
src/qemu/qemu_monitor_json.c | 4 +--
src/util/viralloc.c | 18 ++++++++++++--
src/util/vircommand.c | 5 +++-
7 files changed, 63 insertions(+), 39 deletions(-)
--
1.8.3.1
11 years, 8 months
[libvirt] [PATCH v4 0/7] cpu: add function to get the models for an arch
by Giuseppe Scrivano
This series adds a new API "virConnectGetCPUModelNames" that allows to
retrieve the list of CPU models known by the hypervisor for a specific
architecture.
This new function is mainly needed by virt-manager to not read
directly the cpu_map.xml file (it could also be different when
accessing a remote daemon).
*v4 main changes
- cpuGetModels translates the arch name to the driver name.
- virConnectGetCPUModelNames handles models==NULL, and
- amended all the changes reported for v3
*v3 main changes
- virConnectGetCPUModelNames returns the number of models instead of
0 on success.
- Use VIR_INSERT_ELEMENT instead of VIR_EXPAND_N.
- Fix a potential memory leak in the python bindings.
- Move virsh changes to a separate commit.
- Remove API documentation from libvirt.h.
*v2 main changes
- set a hard limit for the number of CPU models that is possible to
fetch from a remote server.
- Use VIR_EXPAND_N instead of VIR_REALLOC_N.
- s|1.1.2|1.1.3|
Giuseppe Scrivano (7):
libvirt: add new public API virConnectGetCPUModelNames
cpu: add function to get the models for an arch
virConnectGetCPUModelNames: implement the remote protocol
virConnectGetCPUModelNames: add the support for qemu
virConnectGetCPUModelNames: add the support for the test protocol
virsh: add function to get the CPU models for an arch
python: add bindings for virConnectGetCPUModelNames
daemon/remote.c | 52 ++++++++++++++++++++++++++
include/libvirt/libvirt.h.in | 4 ++
python/generator.py | 1 +
python/libvirt-override-api.xml | 7 ++++
python/libvirt-override.c | 52 ++++++++++++++++++++++++++
python/libvirt-override.py | 11 ++++++
src/cpu/cpu.c | 82 ++++++++++++++++++++++++++++++++++++++++-
src/cpu/cpu.h | 5 ++-
src/driver.h | 7 ++++
src/libvirt.c | 51 +++++++++++++++++++++++++
src/libvirt_private.syms | 1 +
src/libvirt_public.syms | 5 +++
src/qemu/qemu_driver.c | 14 +++++++
src/remote/remote_driver.c | 63 +++++++++++++++++++++++++++++++
src/remote/remote_protocol.x | 22 ++++++++++-
src/remote_protocol-structs | 13 +++++++
src/test/test_driver.c | 11 ++++++
tools/virsh-host.c | 54 +++++++++++++++++++++++++++
tools/virsh.pod | 5 +++
19 files changed, 457 insertions(+), 3 deletions(-)
--
1.8.3.1
11 years, 8 months
