[libvirt] [libvirt-glib] [PATCH v4 0/3] Add API to fetch snapshots
by Timm Bäder
Argh, sorry about the earlier version, die last mail didn't get through
the smtp server.
This patchset replaces the old one and includes
gvir_domain_fetch_snapshots_async as well as a version of
gvir_domain_fetch_snapshots that works with it.
Timm Bäder (3):
libvirt-gobject-domain: Add _fetch_snapshots
libvirt-gobject-domain: Add _get_snapshots
GVirDomain: Add async version of _fetch_snapshots
libvirt-gobject/libvirt-gobject-domain.c | 164 +++++++++++++++++++++++++++++++
libvirt-gobject/libvirt-gobject-domain.h | 51 ++++++++++
libvirt-gobject/libvirt-gobject.sym | 5 +
3 files changed, 220 insertions(+)
--
2.0.1
10 years, 4 months
[libvirt] [PATCH] qemu: don't error out when cgroups don't exist
by Martin Kletzander
When creating cgroups for vcpu and emulator threads whilst starting a
domain, we explicitly skip creating those cgroups in case priv->cgroup
is NULL (cgroups not supported) because SetAffinity() serves the same
purpose. If the host supports only some cgroups (the ones we need are
either unmounted or disabled in qemu.conf), we error out with weird
message even though we could continue starting the domain.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1097028
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
src/qemu/qemu_cgroup.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c
index 3394c68..0af6ac5 100644
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -949,7 +949,11 @@ qemuSetupCgroupForVcpu(virDomainObjPtr vm)
virCgroupFree(&cgroup_vcpu);
}
- return -1;
+ if (period || quota)
+ return -1;
+
+ virResetLastError();
+ return 0;
}
int
@@ -1016,7 +1020,11 @@ qemuSetupCgroupForEmulator(virQEMUDriverPtr driver,
virCgroupFree(&cgroup_emulator);
}
- return -1;
+ if (period || quota)
+ return -1;
+
+ virResetLastError();
+ return 0;
}
int
--
2.0.0
10 years, 4 months
[libvirt] [PATCH] check for cfg->spiceTLS earlier in qemuProcessSPICEAllocatePorts
by Ján Tomko
This saves a few lines of code and catches the error when:
<spice autoport ='yes' defaultMode='any' ..>
<channel name='main' mode='secure'/>
</spice>
is specified with spice_tls = 0 in qemu.conf.
Instead of this error in qemuBuildGraphicsSPICECommandLine:
error: unsupported configuration: spice secure channels set in XML
configuration, but TLS port is not provided
an error is reported in qemuProcessSPICEAllocatePorts:
error: unsupported configuration: Auto allocation of spice TLS port
requested but spice TLS is disabled in qemu.conf
Inspired by:
https://www.redhat.com/archives/libvir-list/2014-June/msg01408.html
---
src/qemu/qemu_process.c | 33 +++++++++++----------------------
1 file changed, 11 insertions(+), 22 deletions(-)
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 570960e..ccc571b 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -3534,7 +3534,8 @@ qemuProcessSPICEAllocatePorts(virQEMUDriverPtr driver,
break;
case VIR_DOMAIN_GRAPHICS_SPICE_CHANNEL_MODE_ANY:
- needTLSPort = true;
+ if (cfg->spiceTLS)
+ needTLSPort = true;
needPort = true;
break;
}
@@ -3552,28 +3553,16 @@ qemuProcessSPICEAllocatePorts(virQEMUDriverPtr driver,
if (needTLSPort || graphics->data.spice.tlsPort == -1) {
if (!cfg->spiceTLS) {
- /* log an error and fail if tls was specifically
- * requested, or simply ignore (don't allocate a port)
- * if we're here due to "defaultMode='any'"
- * (aka unspecified).
- */
- if ((graphics->data.spice.tlsPort == -1) ||
- (graphics->data.spice.defaultMode
- == VIR_DOMAIN_GRAPHICS_SPICE_CHANNEL_MODE_SECURE)) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("Auto allocation of spice TLS port requested "
- "but spice TLS is disabled in qemu.conf"));
- goto error;
- }
- } else {
- /* cfg->spiceTLS *is* in place, so it makes sense to
- * allocate a port.
- */
- if (virPortAllocatorAcquire(driver->remotePorts, &tlsPort) < 0)
- goto error;
-
- graphics->data.spice.tlsPort = tlsPort;
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Auto allocation of spice TLS port requested "
+ "but spice TLS is disabled in qemu.conf"));
+ goto error;
}
+
+ if (virPortAllocatorAcquire(driver->remotePorts, &tlsPort) < 0)
+ goto error;
+
+ graphics->data.spice.tlsPort = tlsPort;
}
return 0;
--
1.8.5.5
10 years, 4 months
[libvirt] [PATCH] util: storage: Fix build after 25924dec0f9329d429aadae14e273602307e2214
by Peter Krempa
The commit referenced above changed function arguments of
virStorageFileGetMetadataFromBuf() but didn't tweak the
ATTRIBUTE_NONNULL tied to them. This was caught by coverity as it
actually obeys them. We disabled them for GCC and thus it didn't show
up.
Additionally in commit 3ea661deeabadc3c114dfb6f662b9fd17d714a01 I passed
NULL to the backingFormat argument which was also marked as nonnull. Use
a dummy int's address when the argument isn't supplied so that the code
doesn't need to change much.
---
src/util/virstoragefile.c | 4 ++++
src/util/virstoragefile.h | 3 +--
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
index 505b652..de0e27a 100644
--- a/src/util/virstoragefile.c
+++ b/src/util/virstoragefile.c
@@ -955,6 +955,10 @@ virStorageFileGetMetadataFromBuf(const char *path,
int *backingFormat)
{
virStorageSourcePtr ret = NULL;
+ int dummy;
+
+ if (!backingFormat)
+ backingFormat = &dummy;
if (!(ret = virStorageFileMetadataNew(path, format)))
return NULL;
diff --git a/src/util/virstoragefile.h b/src/util/virstoragefile.h
index 744a6ba..528cfad 100644
--- a/src/util/virstoragefile.h
+++ b/src/util/virstoragefile.h
@@ -301,8 +301,7 @@ virStorageSourcePtr virStorageFileGetMetadataFromBuf(const char *path,
size_t len,
int format,
int *backingFormat)
- ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(4)
- ATTRIBUTE_NONNULL(5);
+ ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2);
int virStorageFileChainGetBroken(virStorageSourcePtr chain,
char **broken_file);
--
2.0.0
10 years, 4 months
[libvirt] [PATCH 0/3] Couple of seclabels improvements
by Michal Privoznik
Yes, the first two patches basically revert 693eac388f1759d.
Only the last one fixes a real problem.
Michal Privoznik (3):
virSecurityLabelDef: substitute 'norelabel' with 'relabel'
virSecurityDeviceLabelDef: substitute 'norelabel' with 'relabel'
conf: Disallow <seclabel type='none' relabel='yes'/>
src/conf/domain_conf.c | 40 +++++++++++++++++++++++-----------------
src/security/security_apparmor.c | 10 +++++-----
src/security/security_dac.c | 22 +++++++++++-----------
src/security/security_manager.c | 2 +-
src/security/security_selinux.c | 32 ++++++++++++++------------------
src/util/virseclabel.c | 2 +-
src/util/virseclabel.h | 4 ++--
7 files changed, 57 insertions(+), 55 deletions(-)
--
1.8.5.5
10 years, 4 months
[libvirt] [PATCHv2] conf: Improve metadata type verification
by Peter Krempa
Split out checking of invalid metadata type from the switch statement so
that we can use the typecasted enum value to allow tracking addition of
new items by the compliler.
Also avoids two dead-code break statements.
---
Version 2:
- move the check back to the original function so that we don't break forward compat
src/conf/domain_conf.c | 22 ++++++++++++++--------
1 file changed, 14 insertions(+), 8 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index b80e7cf..fa76eb4 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -19575,6 +19575,12 @@ virDomainObjGetMetadata(virDomainObjPtr vm,
virCheckFlags(VIR_DOMAIN_AFFECT_LIVE |
VIR_DOMAIN_AFFECT_CONFIG, NULL);
+ if (type >= VIR_DOMAIN_METADATA_LAST) {
+ virReportError(VIR_ERR_INVALID_ARG,
+ _("unknown metadata type '%d'"), type);
+ goto cleanup;
+ }
+
if (virDomainLiveConfigHelperMethod(caps, xmlopt, vm, &flags, &def) < 0)
goto cleanup;
@@ -19601,10 +19607,7 @@ virDomainObjGetMetadata(virDomainObjPtr vm,
goto cleanup;
break;
- default:
- virReportError(VIR_ERR_INVALID_ARG, "%s",
- _("unknown metadata type"));
- goto cleanup;
+ case VIR_DOMAIN_METADATA_LAST:
break;
}
@@ -19630,6 +19633,12 @@ virDomainDefSetMetadata(virDomainDefPtr def,
char *tmp;
int ret = -1;
+ if (type >= VIR_DOMAIN_METADATA_LAST) {
+ virReportError(VIR_ERR_INVALID_ARG,
+ _("unknown metadata type '%d'"), type);
+ goto cleanup;
+ }
+
switch ((virDomainMetadataType) type) {
case VIR_DOMAIN_METADATA_DESCRIPTION:
if (VIR_STRDUP(tmp, metadata) < 0)
@@ -19683,10 +19692,7 @@ virDomainDefSetMetadata(virDomainDefPtr def,
}
break;
- default:
- virReportError(VIR_ERR_INVALID_ARG, "%s",
- _("unknown metadata type"));
- goto cleanup;
+ case VIR_DOMAIN_METADATA_LAST:
break;
}
--
2.0.0
10 years, 4 months
[libvirt] [PATCH] virsh: document the possibility of accepting integers for numatune mode
by Martin Kletzander
According to the code, 'virsh numatune' supports integers for
specifying --mode as well as the string definitions "strict",
"interleave", and "preferred". However, this possibility was not
documented anywhere, so this patch adds it to both the man page and
command help.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1085706
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
tools/virsh-domain.c | 3 ++-
tools/virsh.pod | 8 +++++---
2 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
index b5b9f91..5a17aff 100644
--- a/tools/virsh-domain.c
+++ b/tools/virsh-domain.c
@@ -7823,7 +7823,8 @@ static const vshCmdOptDef opts_numatune[] = {
},
{.name = "mode",
.type = VSH_OT_DATA,
- .help = N_("NUMA mode, one of strict, preferred and interleave")
+ .help = N_("NUMA mode, one of strict, preferred and interleave \n"
+ "or a number from the virDomainNumatuneMemMode enum")
},
{.name = "nodeset",
.type = VSH_OT_DATA,
diff --git a/tools/virsh.pod b/tools/virsh.pod
index 99d0b74..a5e8406 100644
--- a/tools/virsh.pod
+++ b/tools/virsh.pod
@@ -1402,9 +1402,11 @@ Set or get a domain's numa parameters, corresponding to the <numatune>
element of domain XML. Without flags, the current settings are
displayed.
-I<mode> can be one of `strict', `interleave' and `preferred'. For a
-running domain, the mode can't be changed, and the nodeset can be
-changed only if the domain was started with a mode of `strict'.
+I<mode> can be one of `strict', `interleave' and `preferred' or any
+valid number from the virDomainNumatuneMemMode enum in case the daemon
+supports it. For a running domain, the mode can't be changed, and the
+nodeset can be changed only if the domain was started with a mode of
+`strict'.
I<nodeset> is a list of numa nodes used by the host for running the domain.
Its syntax is a comma separated list, with '-' for ranges and '^' for
--
2.0.0
10 years, 4 months
[libvirt] Build failed in Jenkins: libvirt-syntax-check #2465
by Jenkins CI
See <http://honk.sigxcpu.org:8001/job/libvirt-syntax-check/2465/>
------------------------------------------
[...truncated 148 lines...]
0.43 prohibit_empty_lines_at_EOF
prohibit_error_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.48 prohibit_error_without_use
prohibit_exit_in_tests
0.53 prohibit_exit_in_tests
prohibit_fork_wrappers
0.72 prohibit_fork_wrappers
prohibit_getenv
0.63 prohibit_getenv
prohibit_gethostby
0.61 prohibit_gethostby
prohibit_gethostname
0.62 prohibit_gethostname
prohibit_getopt_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.45 prohibit_getopt_without_use
prohibit_gettext_markup
0.66 prohibit_gettext_markup
prohibit_gettext_noop
0.62 prohibit_gettext_noop
prohibit_hash_pjw_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 60 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.43 prohibit_hash_pjw_without_use
prohibit_have_config_h
0.65 prohibit_have_config_h
prohibit_ignore_value_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.50 prohibit_ignore_value_without_use
prohibit_include_public_headers_brackets
0.60 prohibit_include_public_headers_brackets
prohibit_include_public_headers_quote
0.44 prohibit_include_public_headers_quote
prohibit_int_ijk
0.84 prohibit_int_ijk
prohibit_internal_functions
0.78 prohibit_internal_functions
prohibit_intprops_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.40 prohibit_intprops_without_use
prohibit_inttostr_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.43 prohibit_inttostr_without_use
prohibit_libgen
0.83 prohibit_libgen
prohibit_long_lines
0.56 prohibit_long_lines
prohibit_long_options_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.44 prohibit_long_options_without_use
prohibit_loop_iijjkk
0.80 prohibit_loop_iijjkk
prohibit_loop_var_decl
0.46 prohibit_loop_var_decl
prohibit_magic_number_exit
0.98 prohibit_magic_number_exit
prohibit_mixed_case_abbreviations
0.49 prohibit_mixed_case_abbreviations
prohibit_mkstemp
0.58 prohibit_mkstemp
prohibit_newline_at_end_of_diagnostic
0.61 prohibit_newline_at_end_of_diagnostic
prohibit_nonreentrant
27.36 prohibit_nonreentrant
prohibit_openat_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.43 prohibit_openat_without_use
prohibit_path_max_allocation
0.62 prohibit_path_max_allocation
prohibit_posixver_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.42 prohibit_posixver_without_use
prohibit_raw_allocation
0.68 prohibit_raw_allocation
prohibit_readdir
0.56 prohibit_readdir
prohibit_readlink
0.63 prohibit_readlink
prohibit_return_as_function
0.61 prohibit_return_as_function
prohibit_reversed_compare_failure
0.49 prohibit_reversed_compare_failure
prohibit_risky_id_promotion
0.65 prohibit_risky_id_promotion
prohibit_root_dev_ino_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.40 prohibit_root_dev_ino_without_use
prohibit_safe_read_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 43 items to stdout: Broken pipe
sed: couldn't write 60 items to stdout: Broken pipe
0.38 prohibit_safe_read_without_use
prohibit_same_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 1 item to stdout: Broken pipe
sed: couldn't write 60 items to stdout: Broken pipe
0.39 prohibit_same_without_use
prohibit_select
0.64 prohibit_select
prohibit_semicolon_at_eol_in_python
0.30 prohibit_semicolon_at_eol_in_python
prohibit_setuid
0.64 prohibit_setuid
prohibit_signal_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 60 items to stdout: Broken pipe
0.42 prohibit_signal_without_use
prohibit_sprintf
0.65 prohibit_sprintf
prohibit_stddef_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.40 prohibit_stddef_without_use
prohibit_stdio--_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.40 prohibit_stdio--_without_use
prohibit_stdio-safer_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.37 prohibit_stdio-safer_without_use
prohibit_strcmp
0.59 prohibit_strcmp
prohibit_strdup
0.61 prohibit_strdup
prohibit_strings_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.36 prohibit_strings_without_use
prohibit_strncmp
0.66 prohibit_strncmp
prohibit_strncpy
0.59 prohibit_strncpy
prohibit_strtol
1.19 prohibit_strtol
prohibit_test_double_equal
0.44 prohibit_test_double_equal
prohibit_test_minus_ao
0.67 prohibit_test_minus_ao
prohibit_unbounded_arrays_in_rpc
0.24 prohibit_unbounded_arrays_in_rpc
prohibit_undesirable_word_seq
31.97 prohibit_undesirable_word_seq
prohibit_useless_translation
1.09 prohibit_useless_translation
prohibit_verify_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.42 prohibit_verify_without_use
prohibit_virBufferAdd_with_string_literal
0.57 prohibit_virBufferAdd_with_string_literal
prohibit_virBufferAsprintf_with_string_literal
0.55 prohibit_virBufferAsprintf_with_string_literal
prohibit_virConnectOpen_in_virsh
0.25 prohibit_virConnectOpen_in_virsh
prohibit_windows_special_chars_in_filename
0.15 prohibit_windows_special_chars_in_filename
prohibit_wrong_filename_in_comment
0.70 prohibit_wrong_filename_in_comment
prohibit_xalloc_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.37 prohibit_xalloc_without_use
prohibit_xfreopen_without_use
grep: write error
grep: write error
/bin/sed: couldn't write 25 items to stdout: Broken pipe
sed: couldn't write 1 item to stdout: Broken pipe
0.36 prohibit_xfreopen_without_use
prohibit_xmlGetProp
0.54 prohibit_xmlGetProp
prohibit_xmlURI
0.59 prohibit_xmlURI
proper_name_utf8_requires_ICONV
0.38 proper_name_utf8_requires_ICONV
redundant_const
0.61 redundant_const
require_config_h
0.30 require_config_h
require_config_h_first
grep: write error
grep: write error
/bin/sed: couldn't write 43 items to stdout: Broken pipe
sed: couldn't write 60 items to stdout: Broken pipe
7.92 require_config_h_first
require_enum_last_marker
0.46 require_enum_last_marker
require_locale_h
0.47 require_locale_h
require_space_before_label
0.43 require_space_before_label
require_whitespace_in_translation
1.00 require_whitespace_in_translation
size_of_brackets
0.63 size_of_brackets
spec_indentation
cppi: libvirt.spec.in: line 771: not properly indented
cppi: libvirt.spec.in: line 773: not properly indented
cppi: libvirt.spec.in: line 788: not properly indented
cppi: libvirt.spec.in: line 790: not properly indented
maint.mk: incorrect preprocessor indentation
make: *** [sc_spec_indentation] Error 1
Build step 'Execute shell' marked build as failure
10 years, 4 months
[libvirt] [PATCHv5 00/28] Refactor changing of domain disk source
by Peter Krempa
v4 wasn't reviewed, but recent patches caused pretty serious conflicts
thus I'm posting a rebased version.
Note that one of the patches was already pushed as a part of a different series.
This series is also a preparation for fixing issue with libvirt
not setting correct permissions on gluster volumes.
Peter Krempa (28):
storage: Implement virStorageFileCreate for local and gluster files
qemu: Don't propagate whole disk definition into qemuDomainGetImageIds
qemu: Add helper to initialize storage file backend with correct
uid/gid
storage: file: Tolerate NULL src when uninitializing the backend
conf: Don't output seclabels for backingStore elements
storage: Move readonly and shared flags to disk source from disk def
util: storagefile: Add deep copy for struct virStorageSource
util: storage: Add function to transfer config parts to new chain
element
util: storage: Copy parent's disk metadata to backing chain elements
util: cgroup: Add helper to convert device mode to string
qemu: cgroup: Add functions to set cgroup image stuff on individual
imgs
qemu: cgroup: Setup only the top level disk image for read-write
access
locking: Add APIs to lock individual image files
security: Introduce APIs to label single images
security: selinux: Implement per-image seclabel restore
security: selinux: Implement per-image seclabel set
security: DAC: Implement per-image seclabel restore
security: DAC: Implement per-image seclabel set
security: AppArmor: Implement per-image seclabel restore
security: AppArmor: Implement per-image seclabel set
util: storage: Make virStorageFileChainLookup more network storage
aware
util: storage: Return complete parent info from
virStorageFileChainLookup
qemu: blockcopy: Use the mirror disk source to label the files
qemu: block: Properly track disk source while pivotting to new image
qemu: snapshot: Improve approach to deal with snapshot metadata
qemu: Refactor qemuDomainPrepareDiskChainElement
qemu: snapshot: Refactor image labelling of new snapshot files
qemu: snapshot: Use storage driver to pre-create snapshot file
src/conf/domain_conf.c | 77 +++++---
src/conf/domain_conf.h | 2 -
src/libvirt_private.syms | 7 +
src/libxl/libxl_conf.c | 2 +-
src/locking/domain_lock.c | 65 ++++---
src/locking/domain_lock.h | 8 +
src/lxc/lxc_cgroup.c | 2 +-
src/lxc/lxc_controller.c | 2 +-
src/lxc/lxc_driver.c | 2 +-
src/qemu/qemu_cgroup.c | 109 ++++++-----
src/qemu/qemu_cgroup.h | 3 +
src/qemu/qemu_command.c | 14 +-
src/qemu/qemu_conf.c | 4 +-
src/qemu/qemu_domain.c | 29 ++-
src/qemu/qemu_domain.h | 4 +
src/qemu/qemu_driver.c | 350 +++++++++++-----------------------
src/qemu/qemu_migration.c | 16 +-
src/security/security_apparmor.c | 55 ++++--
src/security/security_dac.c | 111 +++++------
src/security/security_driver.h | 10 +
src/security/security_manager.c | 56 ++++++
src/security/security_manager.h | 7 +
src/security/security_nop.c | 19 ++
src/security/security_selinux.c | 150 +++++++++------
src/security/security_stack.c | 38 ++++
src/security/virt-aa-helper.c | 2 +-
src/storage/storage_backend_fs.c | 17 ++
src/storage/storage_backend_gluster.c | 28 +++
src/storage/storage_driver.c | 2 +-
src/util/vircgroup.c | 62 ++++--
src/util/vircgroup.h | 2 +
src/util/virstoragefile.c | 280 ++++++++++++++++++++++++---
src/util/virstoragefile.h | 14 +-
src/vbox/vbox_tmpl.c | 30 +--
src/xenxs/xen_sxpr.c | 10 +-
src/xenxs/xen_xm.c | 10 +-
tests/virstoragetest.c | 86 ++++-----
37 files changed, 1075 insertions(+), 610 deletions(-)
--
1.9.3
10 years, 4 months
[libvirt] [PATCH] qemu: fix domxml-to-native failing when spice_tls is not enabled
by Jincheng Miao
The default graphics channel mode is 'any', so as to defaultMode attribute.
If defaultMode and channel mode are all the default value 'any',
qemuConnectDomainXMLToNative will set TLSPort.
But in qemuBuildGraphicsSPICECommandLine, if spice_tls is not enabled, libvirtd
will report an error to tell the user that spice TLS is disabled in qemu.conf.
So qemuConnectDomainXMLToNative should check spice_tls is enabled,
then decide to allocate an tlsPort number to this graphics.
If user specified defaultMode is 'secure', qemuConnectDomainXMLToNative
could allocate tlsPort, and then let qemuBuildGraphicsSPICECommandLine reports
the spice_tls disabled error.
The related bug is:
https://bugzilla.redhat.com/show_bug.cgi?id=1113868
Signed-off-by: Jincheng Miao <jmiao(a)redhat.com>
---
src/qemu/qemu_driver.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index d34da6f..d1e3b2f 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -6013,7 +6013,8 @@ static char *qemuConnectDomainXMLToNative(virConnectPtr conn,
break;
case VIR_DOMAIN_GRAPHICS_SPICE_CHANNEL_MODE_ANY:
- needTLSPort = true;
+ if (cfg->spiceTLS)
+ needTLSPort = true;
needPort = true;
break;
}
--
1.7.1
10 years, 4 months
