[libvirt] [PATCH 0/2]
by Claudio Bley
Hi.
I used the rawhide RPMs to take out the DLLs for a test drive on Windows 64bit
the other day.
While trying to read the "screenshot" from the test domain using the
test:///default connection, I only received 5 Bytes of the libvirtLogo.png file.
Looking at the test driver, the condition piqued my interest, but wasn't the
cause of the short read, only a bit odd. See patch #1.
The actual cause was that the file was opened in text mode and the seventh byte
was a 0x1A which triggered EOF on the FD. See patch #2.
Claudio Bley (2):
test: fix call to virFDStreamOpenFile in testDomainScreenshot
Always open files in binary mode in virFDStreamOpenFileInternal
src/fdstream.c | 2 +-
src/test/test_driver.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
--
1.8.3.1
11 years, 2 months
[libvirt] [PATCH] conf: Fix virNetworkAssignDef's comment.
by lawrancejing
---
src/conf/network_conf.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c
index 6968e25..c877a6d 100644
--- a/src/conf/network_conf.c
+++ b/src/conf/network_conf.c
@@ -333,7 +333,7 @@ virNetworkObjAssignDef(virNetworkObjPtr network,
* def. For an existing network, use "live" and current state of the
* network to determine which to replace.
*
- * Returns -1 on failure, 0 on success.
+ * Returns NULL on error, virNetworkObjPtr on success.
*/
virNetworkObjPtr
virNetworkAssignDef(virNetworkObjListPtr nets,
--
1.7.1
11 years, 2 months
[libvirt] [PATCH 0/3] More OOM check fixes
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
More OOM fixes. These didn't cause crashes, rather invalid XML / cli
arg generation.
Daniel P. Berrange (3):
Add missing check for OOM when building boot menu args
Honour error returned by virBitmapFormat
Check return value of virDomainControllerInsert when parsing QEMU args
src/conf/domain_conf.h | 9 ++++++---
src/qemu/qemu_command.c | 38 ++++++++++++++++++++++----------------
2 files changed, 28 insertions(+), 19 deletions(-)
--
1.8.3.1
11 years, 2 months
[libvirt] [PATCH] Add --disable-securityfs configure option
by Bogdan Purcareata
Securityfs is not enabled on all kernels running libvirt containers.
This patch introduces a configure option that can specify whether
containers should mount securityfs in their rootfs.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata(a)freescale.com>
---
configure.ac | 8 ++++++++
src/lxc/lxc_container.c | 4 ++++
2 files changed, 12 insertions(+)
diff --git a/configure.ac b/configure.ac
index 553015a..b4351dd 100644
--- a/configure.ac
+++ b/configure.ac
@@ -111,6 +111,14 @@ then
[Extra package version])
fi
+dnl Enable securityfs mounts if necessary
+AC_ARG_ENABLE([securityfs],
+ AS_HELP_STRING([--disable-securityfs], [Disable mounting securityfs from container domains]))
+
+AS_IF([test "x$enable_securityfs" != "xno"],[
+ AC_DEFINE_UNQUOTED([WITH_SECURITYFS],[],[Securityfs present])
+ ])
+
dnl Required minimum versions of all libs we depend on
LIBXML_REQUIRED="2.6.0"
GNUTLS_REQUIRED="1.0.25"
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index c60f5d8..72f1e81 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -768,8 +768,10 @@ static const virLXCBasicMountInfo lxcBasicMounts[] = {
{ "/proc/sys", "/proc/sys", NULL, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY },
{ "sysfs", "/sys", "sysfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV },
{ "sysfs", "/sys", "sysfs", NULL, MS_BIND|MS_REMOUNT|MS_RDONLY },
+#if WITH_SECURITYFS
{ "securityfs", "/sys/kernel/security", "securityfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV },
{ "securityfs", "/sys/kernel/security", "securityfs", NULL, MS_BIND|MS_REMOUNT|MS_RDONLY },
+#endif
#if WITH_SELINUX
{ SELINUX_MOUNT, SELINUX_MOUNT, "selinuxfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV },
{ SELINUX_MOUNT, SELINUX_MOUNT, NULL, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY },
@@ -872,8 +874,10 @@ static int lxcContainerMountBasicFS(bool userns_enabled)
continue;
#endif
+#if WITH_SECURITYFS
if (STREQ(mnt->src, "securityfs") && userns_enabled)
continue;
+#endif
if (virFileMakePath(mnt->dst) < 0) {
virReportSystemError(errno,
--
1.7.11.7
11 years, 2 months
[libvirt] [Patch]LXC: Add support for attach/detach/update controller in config for LXC
by Chen Hanxiao
From: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com>
Add support for attach/detach/update controller
in config for LXC.
Signed-off-by: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com>
---
src/lxc/lxc_driver.c | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index 4cf0b50..9c58f67 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -2750,6 +2750,7 @@ lxcDomainAttachDeviceConfig(virDomainDefPtr vmdef,
virDomainDiskDefPtr disk;
virDomainNetDefPtr net;
virDomainHostdevDefPtr hostdev;
+ virDomainControllerDefPtr controller;
switch (dev->type) {
case VIR_DOMAIN_DEVICE_DISK:
@@ -2787,6 +2788,21 @@ lxcDomainAttachDeviceConfig(virDomainDefPtr vmdef,
ret = 0;
break;
+ case VIR_DOMAIN_DEVICE_CONTROLLER:
+ controller = dev->data.controller;
+ if (virDomainControllerFind(vmdef, controller->type,
+ controller->idx) >= 0) {
+ virReportError(VIR_ERR_OPERATION_INVALID, "%s",
+ _("Target already exists"));
+ return -1;
+ }
+
+ if (virDomainControllerInsert(vmdef, controller) < 0)
+ return -1;
+ dev->data.controller = NULL;
+ ret = 0;
+ break;
+
default:
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("persistent attach of device is not supported"));
@@ -2849,6 +2865,7 @@ lxcDomainDetachDeviceConfig(virDomainDefPtr vmdef,
virDomainDiskDefPtr disk, det_disk;
virDomainNetDefPtr net;
virDomainHostdevDefPtr hostdev, det_hostdev;
+ virDomainControllerDefPtr controller, det_cont;
int idx;
char mac[VIR_MAC_STRING_BUFLEN];
@@ -2895,6 +2912,19 @@ lxcDomainDetachDeviceConfig(virDomainDefPtr vmdef,
break;
}
+ case VIR_DOMAIN_DEVICE_CONTROLLER:
+ controller = dev->data.controller;
+ if ((idx = virDomainControllerFind(vmdef, controller->type,
+ controller->idx)) < 0) {
+ virReportError(VIR_ERR_INVALID_ARG, "%s",
+ _("device not present in domain configuration"));
+ return -1;
+ }
+ det_cont = virDomainControllerRemove(vmdef, idx);
+ virDomainControllerDefFree(det_cont);
+ ret = 0;
+ break;
+
default:
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("persistent detach of device is not supported"));
--
1.8.2.1
11 years, 2 months
Re: [libvirt] [PATCH] conf: Fix virNetworkAssignDef's comment.
by lawrance jing
OK.
2013/9/24 lawrance jing <lawrancejing(a)gmail.com>:
> OK, thanks.
>
> 2013/9/24 Osier Yang <jyang(a)redhat.com>:
>> On 24/09/13 15:57, lawrance jing wrote:
>>>
>>> I changed virNetworkAssignDef's comment,however what the patch show is
>>> "-333,7 +333,7 @@ virNetworkObjAssignDef". Please give me a hint, thank you.
>>
>>
>> Oh, it was confused, ACK and pushed. By the way, it's nicer if your reply
>> mails with text format.
>>
>> Osier
11 years, 2 months
[libvirt] How to intercept the VM start event and run the identity check
by Исаев Виталий Анатольевич
Dear developers!
We are working on the project based on Red Hat Enterprise Virtualisation and Red Hat Identity Management. RHEV environment will be deployed in protected internal enterprise network. Now we are developing special admin tools in order to extend functionality of RHEL IdM and we faced with a rather difficult problem... The system should meet the increased demands of informational security, so what we are trying to implement is:
1. Intercept the event of user's VM start on the RHEL Hypervisor;
2. Suspend the VM;
3. Mount VM's disk to Hypervisor (or some other VM, for instance, admin's VM);
4. Check the integrity of the VM's system files (count md5sum etc.)
5. Unmount disk;
6. If verification is passed, start the VM, else - power off and disable VM till the decision of administrator.
Is there any opportunity to implement this within the libvirt API?
Thank you,
Vitaly Isaev,
"Fintech" JSC, Moscow, Russia
www.fintech.ru<http://www.fintech.ru>
11 years, 2 months
[libvirt] [PATCH 00/10] Fix multiple OOM problems
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
Running out long ignored OOM injection tests identified a
number of problems. This series fixes those that I have
found so far, but more are to follow.
I'm also rewriting the OOM injection code to make it much,
much, much faster to run.
Daniel P. Berrange (10):
Fix crash on OOM when parsing disk security label
Fix crash on OOM in parsing CPU mask in domain XML
Fix crash if OOM occurs when creating virConnectPtr
Fix crash on OOM in qemuDomainCCWAddressSetCreate()
Fix crash on OOM in qemuAddRBDHost
Fix allocation of arglist in qemuStringToArgvEnv
Fix error checking of qemuParseKeywords return status
Fix missing OOM check in qemuParseCommandLine when splitting strings
Fix reporting of errors in OOM injection code
Don't ignore allocation failure in virCommandAddEnvPassCommon
src/conf/domain_conf.c | 5 ++--
src/datatypes.c | 10 +++++---
src/qemu/qemu_command.c | 59 ++++++++++++++++++++++++--------------------
src/qemu/qemu_command.h | 1 +
src/qemu/qemu_monitor_json.c | 4 +--
src/util/viralloc.c | 18 ++++++++++++--
src/util/vircommand.c | 5 +++-
7 files changed, 63 insertions(+), 39 deletions(-)
--
1.8.3.1
11 years, 2 months
[libvirt] [PATCH v4 0/7] cpu: add function to get the models for an arch
by Giuseppe Scrivano
This series adds a new API "virConnectGetCPUModelNames" that allows to
retrieve the list of CPU models known by the hypervisor for a specific
architecture.
This new function is mainly needed by virt-manager to not read
directly the cpu_map.xml file (it could also be different when
accessing a remote daemon).
*v4 main changes
- cpuGetModels translates the arch name to the driver name.
- virConnectGetCPUModelNames handles models==NULL, and
- amended all the changes reported for v3
*v3 main changes
- virConnectGetCPUModelNames returns the number of models instead of
0 on success.
- Use VIR_INSERT_ELEMENT instead of VIR_EXPAND_N.
- Fix a potential memory leak in the python bindings.
- Move virsh changes to a separate commit.
- Remove API documentation from libvirt.h.
*v2 main changes
- set a hard limit for the number of CPU models that is possible to
fetch from a remote server.
- Use VIR_EXPAND_N instead of VIR_REALLOC_N.
- s|1.1.2|1.1.3|
Giuseppe Scrivano (7):
libvirt: add new public API virConnectGetCPUModelNames
cpu: add function to get the models for an arch
virConnectGetCPUModelNames: implement the remote protocol
virConnectGetCPUModelNames: add the support for qemu
virConnectGetCPUModelNames: add the support for the test protocol
virsh: add function to get the CPU models for an arch
python: add bindings for virConnectGetCPUModelNames
daemon/remote.c | 52 ++++++++++++++++++++++++++
include/libvirt/libvirt.h.in | 4 ++
python/generator.py | 1 +
python/libvirt-override-api.xml | 7 ++++
python/libvirt-override.c | 52 ++++++++++++++++++++++++++
python/libvirt-override.py | 11 ++++++
src/cpu/cpu.c | 82 ++++++++++++++++++++++++++++++++++++++++-
src/cpu/cpu.h | 5 ++-
src/driver.h | 7 ++++
src/libvirt.c | 51 +++++++++++++++++++++++++
src/libvirt_private.syms | 1 +
src/libvirt_public.syms | 5 +++
src/qemu/qemu_driver.c | 14 +++++++
src/remote/remote_driver.c | 63 +++++++++++++++++++++++++++++++
src/remote/remote_protocol.x | 22 ++++++++++-
src/remote_protocol-structs | 13 +++++++
src/test/test_driver.c | 11 ++++++
tools/virsh-host.c | 54 +++++++++++++++++++++++++++
tools/virsh.pod | 5 +++
19 files changed, 457 insertions(+), 3 deletions(-)
--
1.8.3.1
11 years, 2 months
[libvirt] [PATCHv2 1/2] VMware: Support more than 2 driver backends
by Doug Goldstein
Currently the VMware version check code only supports two types of
VMware backends, Workstation and Player. But in the near future we will
have an additional one so we need to support more. Additionally, we
discover and cache the path to the vmrun binary so we should use that
path when using the cooresponding binary from the VMware VIX SDK.
---
change from v1:
* Added default case so we don't potentially pass NULL to virCommand
---
src/vmware/vmware_conf.c | 28 +++++++++++++++++++++++++---
src/vmware/vmware_driver.c | 20 ++++++++++++++++++--
2 files changed, 43 insertions(+), 5 deletions(-)
diff --git a/src/vmware/vmware_conf.c b/src/vmware/vmware_conf.c
index 261a4f6..c11c92d 100644
--- a/src/vmware/vmware_conf.c
+++ b/src/vmware/vmware_conf.c
@@ -257,10 +257,30 @@ vmwareExtractVersion(struct vmware_driver *driver)
{
unsigned long version = 0;
int ret = -1;
- virCommandPtr cmd;
+ virCommandPtr cmd = NULL;
char * outbuf = NULL;
- const char * bin = (driver->type == VMWARE_DRIVER_PLAYER) ?
- "vmplayer" : "vmware";
+ char *bin = NULL;
+ char *vmwarePath = NULL;
+
+ if ((vmwarePath = mdir_name(driver->vmrun)) == NULL)
+ goto cleanup;
+
+ switch (driver->type) {
+ case VMWARE_DRIVER_PLAYER:
+ if (virAsprintf(&bin, "%s/%s", vmwarePath, "vmplayer"))
+ goto cleanup;
+ break;
+
+ case VMWARE_DRIVER_WORKSTATION:
+ if (virAsprintf(&bin, "%s/%s", vmwarePath, "vmware"))
+ goto cleanup;
+ break;
+
+ default:
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("invalid driver type for version detection"));
+ goto cleanup;
+ }
cmd = virCommandNewArgList(bin, "-v", NULL);
virCommandSetOutputBuffer(cmd, &outbuf);
@@ -276,6 +296,8 @@ vmwareExtractVersion(struct vmware_driver *driver)
cleanup:
virCommandFree(cmd);
VIR_FREE(outbuf);
+ VIR_FREE(bin);
+ VIR_FREE(vmwarePath);
return ret;
}
diff --git a/src/vmware/vmware_driver.c b/src/vmware/vmware_driver.c
index 4e56971..01d65ed 100644
--- a/src/vmware/vmware_driver.c
+++ b/src/vmware/vmware_driver.c
@@ -93,6 +93,7 @@ vmwareConnectOpen(virConnectPtr conn,
{
struct vmware_driver *driver;
size_t i;
+ char *tmp;
virCheckFlags(VIR_CONNECT_RO, VIR_DRV_OPEN_ERROR);
@@ -144,8 +145,23 @@ vmwareConnectOpen(virConnectPtr conn,
if (virMutexInit(&driver->lock) < 0)
goto cleanup;
- driver->type = STRNEQ(conn->uri->scheme, "vmwareplayer") ?
- VMWARE_DRIVER_WORKSTATION : VMWARE_DRIVER_PLAYER;
+ if ((tmp = STRSKIP(conn->uri->scheme, "vmware")) == NULL) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, _("unable to parse URI "
+ "scheme '%s'"), conn->uri->scheme);
+ goto cleanup;
+ }
+
+ driver->type = -1;
+ for (i = 0; i < VMWARE_DRIVER_LAST; i++) {
+ if (STREQ(tmp, vmwareDriverTypeToString(i)))
+ driver->type = i;
+ }
+
+ if (driver->type == -1) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, _("unable to find valid "
+ "requested VMware backend '%s'"), tmp);
+ goto cleanup;
+ }
if (!(driver->domains = virDomainObjListNew()))
goto cleanup;
--
1.8.1.5
11 years, 2 months
