[libvirt] Release of libvirt-1.2.8
by Daniel Veillard
It's out ! Tagged and signed in git as well as tarball and rpms
are available from the usual place:
ftp://libvirt.org/libvirt/
I also made a release for the python bindings available from
ftp://libvirt.org/libvirt/python/
This is a rather large release (surprizingly for August !) with a lot
of refactoring, new APIs and a large set of bug fixes (seems there is a
new and more stringent Coverity release :-) . No lack of improvement
patches either so a rather balanced release:
Features:
- blockcopy: virDomainBlockCopy with XML destination, typed params (Eric Blake)
- lib: Introduce API for retrieving bulk domain stats (Peter Krempa)
- Introduce virDomainOpenGraphicsFD API (Ján Tomko)
- storage: ZFS support (Roman Bogorodskiy)
Documentation:
- fix bootmenu timeout description (Martin Kletzander)
- conf: add support for bootmenu timeout (Martin Kletzander)
- maint: fix comment typo (Eric Blake)
- formatdomain: Reformat vCPU description (John Ferlan)
- virsh: Fix help info for freepages (Li Yang)
- virsh: man: Add LXC format info for domxml-from/to-native (Li Yang)
- virsh: Fix comment for net-undefine (Li Yang)
- man: virsh: add missing auto-converge option for 'migrate' (Pradipta Kr. Banerjee)
- nwfilter: add missing dscp attribute (Jianwei Hu)
- virsh: man: Crosslink "desc" and "metadata" sections (Peter Krempa)
- man: virsh: Add 'vcpu_period' and 'vcpu_quota' support info for LXC (Li Yang)
- man: virsh: Add man page for "virsh metadata" (Peter Krempa)
- fix missing forward slash (Jianwei Hu)
- use correct hints per bus type in <disk> examples (Eric Blake)
- use unique dev names in <disk> examples (Eric Blake)
- virsh: clean up attach-interface paragraph in man page (Laine Stump)
- audit: Fix some comments (Wang Rui)
Portability:
- spec: drop anything older than Fedora 13 (Eric Blake)
- fix mingw build (Pavel Hrdina)
- build: fix mingw build with virCommandReorderFDs (Martin Kletzander)
- build: force configure failed when perl is missing (Jincheng Miao)
- Include param.h in case of HAVE_BSD_CPU_AFFINITY (Guido Günther)
Bug Fixes:
- blockcopy: allow larger buf-size (Eric Blake)
- selinux: properly label tap FDs with imagelabel (Martin Kletzander)
- Fix connection to already running session libvirtd (Christophe Fergeau)
- storage: zfs: fix double listing of new volumes (Roman Bogorodskiy)
- qemu_driver: Resolve Coverity FORWARD_NULL (John Ferlan)
- virnetserverservice: Resolve Coverity ARRAY_VS_SINGLETON (John Ferlan)
- libxl_migration: Resolve Coverity NULL_RETURNS (John Ferlan)
- qemu_command: Resolve Coverity DEADCODE (John Ferlan)
- qemu_driver: Resolve Coverity DEADCODE (John Ferlan)
- domain_conf: Resolve Coverity DEADCODE (John Ferlan)
- qemu_monitor: Resolve Coverity NESTING_INDENT_MISMATCH (John Ferlan)
- storage_conf: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- qemu_driver: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- phyp_driver: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- libxl_migration: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- bridge_driver: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- virsh-network: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- network_conf: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- qemu_capabilities: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- libxl_domain: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- qemu_agent: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- qemu_command: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- cpu_x86: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- domain_conf: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- daemon: Resolve Coverity NEGATIVE_RETURNS (John Ferlan)
- qemu_capabilities: Resolve Coverity RESOURCE_LEAK (Wang Rui)
- tests: Resolve Coverity RESOURCE_LEAK (Wang Rui)
- util: Resolve Coverity RESOURCE_LEAK (Wang Rui)
- virsh: fix keepalive error msg (Erik Skultety)
- qemu_capabilities: Resolve Coverity NULL_RETURNS (John Ferlan)
- qemu_driver: Resolve Coverity CONSTANT_EXPRESSION_RESULT (John Ferlan)
- domain_conf: Resolve Coverity REVERSE_INULL (John Ferlan)
- qemu_command: Resolve Coverity REVERSE_INULL (John Ferlan)
- domain_conf: Resolve Coverity REVERSE_INULL (John Ferlan)
- storage_driver: Resolve Coverity REVERSE_INULL (John Ferlan)
- xen_xm: Resolve Coverity USE_AFTER_FREE (John Ferlan)
- xen_common: Resolve Coverity USE_AFTER_FREE (John Ferlan)
- parallels: Resolve Coverity USE_AFTER_FREE (John Ferlan)
- conf: fix leak with def->mem.hugepages (Martin Kletzander)
- qemu: call endjob in RevertToSnapshot (Jincheng Miao)
- virsh: Initialize vshData in cmdMigrate (Ján Tomko)
- libxl: fix memory corruption introduced by commit b55cc5f4e (Jim Fehlig)
- iotune: setting an invalid value now reports error (Erik Skultety)
- xenconfig: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- virnetsocket: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- commandtest: Resolve Coverity RESOURCE_LEAK (John Ferlan)
- numatune: setting --mode does not work well (Erik Skultety)
- qemu: min_guarantee: Parameter 'min_guarantee' not supported (Erik Skultety)
- Parallels: fix error with video card RAM dimension (Alexander Burluka)
- util: compare floor attribute in virNetDevBandwidthEqual (Martin Kletzander)
- conf: net: Correctly switch how to format address fields (Peter Krempa)
- Perform disk config validity checking for attach-device config (John Ferlan)
- nodeCapsInitNUMA: Avoid @cpumap leak (Michal Privoznik)
- qemu: Issue rtc-reset-reinjection command after guest-set-time (Michal Privoznik)
- qemu: forbid negative blkio values (Martin Kletzander)
- lxc: forbid negative blkio values (Martin Kletzander)
- qemu: Fix build error introduced in 653137eb957a278b556c6226424aad5395a (Peter Krempa)
- qemu: blkiotune: Avoid accessing non-existing disk configuration (Peter Krempa)
- qemu: Label all TAP FDs (Michal Privoznik)
- cmdMigrate: move vshConnect before vshWatchJob (Chunyan Liu)
- qemu: cpu: unplug: Remove vcpu pinning on cold cpu unplug (Peter Krempa)
- qemu: Redundant listen address entry in quest xml (Erik Skultety)
- daemon: Fix driver registration ordering (Michal Privoznik)
- network: fix crash when starting a network with no <pf> element (Laine Stump)
- qemu_process: fix memleak found by coverity (Pavel Hrdina)
- Maximum vlanid should be 4095 in interface.rng (Jianwei Hu)
- LXC: Fix virLXCControllerSetupDevPTS() wrt user namespaces (Richard Weinberger)
- conf: fix parsing 'cmd_per_lun' and 'max_sectors' (Mo yuxiang)
- bhyve: fix error message in bhyveStateInitialize (Dmitry Guryanov)
- qemu: migration: Check domain live state after exitting the monitor (Peter Krempa)
- qemu: managedsave: Check that VM is alive after entering async job (Peter Krempa)
- numatune: Fix parsing of empty nodeset (0,^0) (Erik Skultety)
- conf: Format interface's driver more frequently (Michal Privoznik)
- network: populate interface pool immediately when network is started (Laine Stump)
- network: make networkCreateInterfacePool more robust (Laine Stump)
- Make 'uri' command a bit more prominent. (Guido Günther)
- Don't fail qemu driver intialization if we can't determine hugepage size (Guido Günther)
- blockjob: fix use-after-free in blockcopy (Eric Blake)
- blockjob: avoid memory leak during block pivot (Eric Blake)
- snapshot: conf: Enforce absolute paths on disk and memory images (Peter Krempa)
- Node Devices: Fix nodedev-list for fc_host & vports. (Prerna Saxena)
- blockjob: correctly report active commit for job info (Eric Blake)
- Fix vlanid attribute name in nwfilter d (Jianwei Hu)
- Don't overwrite errors from virNetDevBandwidthSet (Ján Tomko)
- virsh: check if domiftune parameters fit into UINT (Ján Tomko)
- storage: Refresh storage pool after upload (John Ferlan)
Improvements:
- qemu: Allow use of iothreads for disk definitions (John Ferlan)
- domain_conf: Add support for iothreads in disk definition (John Ferlan)
- qemu: Add support for iothreads (John Ferlan)
- domain_conf: Introduce iothreads XML (John Ferlan)
- qemu: Implement bulk stats API and one of the stats groups to return (Peter Krempa)
- virsh: Implement command to excercise the bulk stats APIs (Peter Krempa)
- remote: Implement bulk domain stats APIs in the remote driver (Peter Krempa)
- lib: Add few flags for the bulk stats APIs (Peter Krempa)
- conf: Add helper to free domain list (Peter Krempa)
- vbox: Register per partes (Michal Privoznik)
- virDriverLoadModule: Honor libvirt func name tranlsation (Michal Privoznik)
- virdrivermoduletest: Test all the modules (Michal Privoznik)
- domain_conf: fix internal flag verification (Eric Blake)
- API: Tweak virDomainOpenGraphics to return fd directly (Eric Blake)
- virsh: domain: Split out code to lookup domain from string (Peter Krempa)
- Wire up virDomainOpenGraphicsFD in QEMU driver (Ján Tomko)
- Add RPC implementation for virDomainOpenGraphicsFd (Ján Tomko)
- blkdeviotune: check for overflow when parsing XML (Erik Skultety)
- storage: remove unused 'canonPath' in virStorageFileGetMetadata (Chen Fan)
- Add new 'kvm' domain feature and ability to hide KVM signature (Alex Williamson)
- maint: drop spurious semicolons (Eric Blake)
- daemon: Fix option -v missing info priority log (Zhou Yimin)
- qemu: add support for splash-timeout (Martin Kletzander)
- qemu: add capability probing for splash-timeout (Martin Kletzander)
- storage: zfs: implement download and upload (Roman Bogorodskiy)
- fdstream: introduce virFDStreamOpenBlockDevice (Roman Bogorodskiy)
- fdstream: report error if virSetNonBlock fails (Roman Bogorodskiy)
- qemu: check for active domain after agent interaction (Eric Blake)
- Parallels: Change config report errors code. (Alexander Burluka)
- Parallels: add virNodeGetCPUMap(). (Alexander Burluka)
- daemon: use socket activation with systemd (Martin Kletzander)
- rpc: pass listen FD to the daemon being started (Martin Kletzander)
- util: add virCommandPassListenFDs() function (Martin Kletzander)
- tests: support dynamic prefixes in commandtest (Martin Kletzander)
- cfg.mk: allow integers to be assigned a value computed with i|j|k (Martin Kletzander)
- daemon: support passing FDs from the calling process (Martin Kletzander)
- rpc: set listen backlog on FDs as well as on other sockets (Martin Kletzander)
- remote: create virNetServerServiceNewFDOrUNIX() wrapper (Martin Kletzander)
- util: abstract parsing of passed FDs into virGetListenFDs() (Martin Kletzander)
- virsh: Don't print extra '-'s in error message for -k and -K options (Peter Krempa)
- hvsupport: Adapt to vbox driver rewrite (Michal Privoznik)
- qemu: hotplug: Sanitize shared device removal on media change (Peter Krempa)
- qemu: conf: Split out code to retrieve hostdev key and reuse it (Peter Krempa)
- qemu: conf: Split up qemuRemoveSharedDevice into per-device-type functions (Peter Krempa)
- qemu: conf: Split up qemuAddSharedDevice into per-device-type functions (Peter Krempa)
- qemu: conf: rename qemuCheckSharedDevice to qemuCheckSharedDisk (Peter Krempa)
- qemu: shared: Split out shared device list remove code (Peter Krempa)
- qemu: shared: Split out insertion code to the shared device list (Peter Krempa)
- qemu: hotplug: Format proper source string for cdrom media change (Peter Krempa)
- qemu: hotplug: Change arguments for qemuDomainChangeEjectableMedia (Peter Krempa)
- qemu: hotplug: Add helper to initialize/teardown new disks for VMs (Peter Krempa)
- qemu: hotplug: Untangle cleanup paths in qemuDomainChangeEjectableMedia (Peter Krempa)
- conf: Pass virStorageSource into virDomainDiskSourceIsBlockType (Peter Krempa)
- qemu: Explicitly state that hotplugging cdroms and floppies doesn't work (Peter Krempa)
- conf: fix comment (Giuseppe Scrivano)
- conf, virDomainFSDefPtr: rename "path" argument to "target" (Giuseppe Scrivano)
- bhyve: add volumes support (Roman Bogorodskiy)
- storage: make disk source pool translation generic (Roman Bogorodskiy)
- driver: Move virDrvNetworkGetDHCPLeases to the appropriate section (Peter Krempa)
- qemu: allow device block I/O tuning in session mode (Martin Kletzander)
- src/xenconfig: move common parsing/formatting to xen_common (Jim Fehlig)
- src/xenconfig: wrap common formatting code (Kiarie Kahurani)
- src/xenconfig: wrap common parsing code (Kiarie Kahurani)
- xen: rename xenxs to xenconfig (Jim Fehlig)
- qemu: process: Pin on per-vcpu basis instead of per-vcpupin element (Peter Krempa)
- conf: Refactor virDomainVcpuPinDefParseXML (Peter Krempa)
- conf: cpupin: Remove useless checking of vcpupin element count (Peter Krempa)
- qemu: process: Remove unnecessary argument and rename function (Peter Krempa)
- vbox: Introducing vboxCommonDriver (Taowei)
- vbox: Add registerDomainEvent (Taowei)
- vbox: Rewrite vboxNode functions (Taowei)
- vbox: Rewrite vboxConnectListAllDomains (Taowei)
- vbox: Rewrite vboxDomainScreenshot (Taowei)
- vbox: Rewrite vboxDomainSnapshotDelete (Taowei)
- vbox: Rewrite vboxDomainRevertToSnapshot (Taowei)
- vbox: Rewrite vboxDomainSnapshotHasMetadata (Taowei)
- vbox: Rewrite vboxDomainSnapshotIsCurrent (Taowei)
- vbox: Rewrite vboxDomainSnapshotCurrent (Taowei)
- vbox: Rewrite vboxDomainSnapshotGetParent (Taowei)
- vbox: Rewrite vboxDomainHasCurrentSnapshot (Taowei)
- vbox: Rewrite vboxSnapshotLookupByName (Taowei)
- vbox: Rewrite vboxDomainSnapshotListNames (Taowei)
- vbox: Rewrite vboxDomainSnapshotNum (Taowei)
- vbox: Rewrite vboxDomainSnapshotGetXMLDesc (Taowei)
- vbox: Rewrite vboxDomainSnapshotCreateXML (Taowei)
- vbox: Add API for vboxDomainSnapshotCreateXML (Taowei)
- vbox: Rewrite vboxDomainDetachDeviceFlags (Taowei)
- vbox: Rewrite vboxDomainDetachDevice (Taowei)
- vbox: Rewrite vboxDomainUpdateDeviceFlags (Taowei)
- vbox: Rewrite vboxDomainAttachDeviceFlags (Taowei)
- vbox: Rewrite vboxDomainAttachDevice (Taowei)
- vbox: Rewrite vboxDomainUndefine (Taowei)
- vbox: Rewrite vboxConnectNumOfDefinedDomains (Taowei)
- vbox: Rewrite vboxConnectListDefinedDomains (Taowei)
- vbox: Rewrite vboxDomainGetXMLDesc (Taowei)
- vbox: Add API for vboxDomainGetXMLDesc (Taowei)
- vbox: Rewrite vboxDomainGetMaxVcpus (Taowei)
- vbox: Rewrite vboxDomainGetVcpusFlags (Taowei)
- vbox: Rewrite vboxDomainSetVcpus (Taowei)
- vbox: Rewrite vboxDomainSetVcpusFlags (Taowei)
- vbox: Rewrite vboxDomainGetState (Taowei)
- vbox: Rewrite vboxDomainGetInfo (Taowei)
- vbox: Rewrite vboxDomainSetMemory (Taowei)
- vbox: Rewrite vboxDomainGetOSType (Taowei)
- vbox: Rewrite vboxDomainDestroy (Taowei)
- vbox: Rewrite vboxDomainDestroyFlags (Taowei)
- vbox: Rewrite vboxDomainReboot (Taowei)
- vbox: Rewrite vboxDomainShutdown (Taowei)
- vbox: Rewrite vboxDomainShutdownFlags (Taowei)
- vbox: Rewrite vboxDomainResume (Taowei)
- vbox: Rewrite vboxDomainSuspend (Taowei)
- vbox: Rewrite vboxDomainIsUpdated (Taowei)
- vbox: Rewrite vboxDomainIsPersistent (Taowei)
- vbox: Rewrite vboxDomainIsActive (Taowei)
- vbox: Rewrite vboxDomainLookupByName (Taowei)
- vbox: Rewrite vboxDomainCreateXML (Taowei)
- vbox: Rewrite vboxDomainCreate (Taowei)
- vbox: Rewrite vboxDomainCreateWithFlags (Taowei)
- vbox: Rewrite vboxDomainDefineXML (Taowei)
- vbox: Rewrite vboxDomainUndefineFlags (Taowei)
- vbox: Rewrite vboxDomainLookupByUUID (Taowei)
- vbox: Rewrite vboxDomainLookupById (Taowei)
- vbox: Rewrite vboxConnectNumOfDomains (Taowei)
- vbox: Rewrite vboxConnectListDomains (Taowei)
- vbox: Rewrite vboxConnectGetCapabilities (Taowei)
- vbox: Rewrite vboxConnectGetMaxVcpus (Taowei)
- vbox: Rewrite vboxConnectIsAlive (Taowei)
- vbox: Rewrite vboxConnectIsEncrypted (Taowei)
- vbox: Rewrite vboxConnectIsSecure (Taowei)
- vbox: Rewrite vboxConnectGetHostname (Taowei)
- vbox: Rewrite vboxConnectGetVersion (Taowei)
- vbox: Rewrite vboxDomainSave (Taowei)
- vbox: Rewrite vboxConnectClose (Taowei)
- vbox: Begin to rewrite, vboxConnectOpen (Taowei)
- src/xenxs: Refactor code formating vif device config (Jim Fehlig)
- src/xenxs: Refactor code formating peripheral device config (Kiarie Kahurani)
- src/xenxs: Refactor code formating Vfb config (Kiarie Kahurani)
- src/xenxs: Refactor code formating OS config (Kiarie Kahurani)
- src/xenxs: Refactor code formating CPU config (Kiarie Kahurani)
- src/xenxs: Refactor code formating xm disk config (Kiarie Kahurani)
- src/xenxs: Refactor code formating Char devices config (Kiarie Kahurani)
- src/xenxs: Refactor code formating event actions config (Kiarie Kahurani)
- src/xenxs: Refactor code formating virtual time config (Kiarie Kahurani)
- src/xenxs: Refactor code formating memory config (Kiarie Kahurani)
- src/xenxs: Refactor code formating general VM config (Kiarie Kahurani)
- qemu: Tidy up job handling during live migration (Sam Bobroff)
- LXC: resolve issues in lxcDomainSetMaxMemory (Chen Hanxiao)
- daemon: Limit default log level to journald to VIR_LOG_INFO (Peter Krempa)
- libvirtd: conf: Mention support for logging into journald (Peter Krempa)
- maint: improve syntax check for space around = (Eric Blake)
- qemu_conf: Undefine the correct symbol (Michal Privoznik)
- qemu: process: Fix header format of qemuProcessSetVcpuAffinities (Peter Krempa)
- qemu: use guest-fsfreeze-freeze-list command if mountpoints to freeze specified (Tomoki Sekiyama)
- qemu: Actually clear bandwidth settings (Jianwei Hu)
- src/xenxs: Refactor code parsing OS config (Kiarie Kahurani)
- src/xenxs: Refactor code parsing general config (Kiarie Kahurani)
- src/xenxs: Refactor code parsing emulated hardware config (Kiarie Kahurani)
- src/xenxs: Refactor code parsing Vif config (Kiarie Kahurani)
- src/xenxs: Refactor code parsing Char devices config (Kiarie Kahurani)
- src/xenxs: Refactor code parsing Vfb config (Kiarie Kahurani)
- src/xenxs: Refactor code parsing xm disk config (Kiarie Kahurani)
- src/xenxs: Refactor code parsing CPU features (Kiarie Kahurani)
- src/xenxs: Refactor code parsing PCI config (Kiarie Kahurani)
- src/xenxs: Refactor code parsing event actions (Kiarie Kahurani)
- src/xenxs: Refactor code parsing virtual time config (Kiarie Kahurani)
- src/xenxs: Refactor code parsing memory config (Kiarie Kahurani)
- conf: Add USB sound card support and implement it for qemu (Peter Krempa)
- hostdev: Add iSCSI hostdev XML (John Ferlan)
- domain_conf: Common routine to handle network storage host xml def (John Ferlan)
- qemu: Make virFileFindHugeTLBFS fault tolerant (Michal Privoznik)
- qemu: reword caps-related error (Martin Kletzander)
- domtop: Turn parse_argv into void (Michal Privoznik)
- qemu: fix comment in qemu.conf (Martin Kletzander)
Cleanups:
- virsh: drop unused variable (Eric Blake)
- Fix spacing around commas (Michal Privoznik)
- examples: test: Kill unsupported maxMemory element (Peter Krempa)
- cleanup spaces between parentheses and braces (Martin Kletzander)
- qemu_command: fix block indentation (Giuseppe Scrivano)
- qemu: Remove extraneous space in function prototypes (John Ferlan)
- daemon: Fix indentation in libvirtd.c (Wang Rui)
- domtop: Remove unused variable (Michal Privoznik)
thanks everybody for your contribution to this new release, be it with
reports, ideas, patches, reviews or help on the localization !
Daniel
--
Daniel Veillard | Open Source and Standards, Red Hat
veillard(a)redhat.com | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
http://veillard.com/ | virtualization library http://libvirt.org/
10 years, 7 months
[libvirt] [python PATCH v2 0/5] Implement new APIs
by Pavel Hrdina
new in v2:
- moved function to appropriate place in libvirt-override.c
- fixed generator to resolve enum reference
- fixed memory leak in virDomainListGetStats and sanyti test
- implemented API for virDomainBlockCopy
Pavel Hrdina (3):
generator: resolve one level of enum reference
API: Implement bindings for virDomainListGetStats
Implement API bindings for virDomainBlockCopy
Peter Krempa (2):
API: Skip 'virDomainStatsRecordListFree'
API: Implement bindings for virConnectGetAllDomainStats
generator.py | 20 ++++-
libvirt-override-api.xml | 10 +++
libvirt-override-virConnect.py | 100 +++++++++++++++++++++++
libvirt-override.c | 180 +++++++++++++++++++++++++++++++++++++++++
sanitytest.py | 6 ++
5 files changed, 315 insertions(+), 1 deletion(-)
--
1.8.5.5
10 years, 7 months
[libvirt] [python PATCH 0/5] Implement bindings for bulk stats API
by Peter Krempa
The last patch is to ease review to be able to build the series.
Peter Krempa (5):
generator: enum: Don't sort enums by names
API: Skip 'virDomainStatsRecordListFree'
API: Implement bindings for virConnectGetAllDomainStats
API: Implement bindings for virDomainListGetStats
DO NOT APPLY: Fix build with missing virDomainBlockCopy API
generator.py | 6 +-
libvirt-override-virConnect.py | 100 ++++++++++++++++++++++++++++
libvirt-override.c | 144 +++++++++++++++++++++++++++++++++++++++++
3 files changed, 248 insertions(+), 2 deletions(-)
--
2.0.2
10 years, 7 months
[libvirt] [PATCH for 1.2.8] selinux: properly label tap FDs with imagelabel
by Martin Kletzander
The cleanup in commit cf976d9d used secdef->label to label the tap
FDs, but that is not possible since it's process-only label (svirt_t)
and not a object label (e.g. svirt_image_t). Starting a domain failed
with EPERM, but simply using secdef->label instead fixes it.
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
src/security/security_selinux.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 5d18493..e8c13db 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -2340,7 +2340,7 @@ virSecuritySELinuxSetTapFDLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
if (!secdef || !secdef->label)
return 0;
- return virSecuritySELinuxFSetFilecon(fd, secdef->label);
+ return virSecuritySELinuxFSetFilecon(fd, secdef->imagelabel);
}
static char *
--
2.1.0
10 years, 7 months
[libvirt] [PATCH v4 0/3] OVMF exposure
by Michal Privoznik
diff to v3:
-Pure rebae & resend
diff to v2:
-Adapted to Laszlo's review on v2
Michal Privoznik (3):
conf: Extend <loader/> and introduce <nvram/>
qemu: Implement extended loader and nvram
qemu: Automatically create NVRAM store
docs/formatdomain.html.in | 19 ++-
docs/schemas/domaincommon.rng | 21 ++++
libvirt.spec.in | 2 +
src/Makefile.am | 1 +
src/conf/domain_conf.c | 87 +++++++++++++-
src/conf/domain_conf.h | 22 +++-
src/libvirt_private.syms | 3 +
src/qemu/libvirtd_qemu.aug | 3 +
src/qemu/qemu.conf | 14 +++
src/qemu/qemu_command.c | 97 ++++++++++++++-
src/qemu/qemu_conf.c | 93 +++++++++++++++
src/qemu/qemu_conf.h | 5 +
src/qemu/qemu_process.c | 132 +++++++++++++++++++++
src/qemu/test_libvirtd_qemu.aug.in | 3 +
src/security/security_dac.c | 8 ++
src/security/security_selinux.c | 8 ++
src/security/virt-aa-helper.c | 4 +-
src/vbox/vbox_common.c | 7 +-
src/xenapi/xenapi_driver.c | 3 +-
src/xenconfig/xen_common.c | 7 +-
src/xenconfig/xen_sxpr.c | 16 +--
.../qemuxml2argvdata/qemuxml2argv-bios-nvram.args | 10 ++
tests/qemuxml2argvdata/qemuxml2argv-bios-nvram.xml | 40 +++++++
tests/qemuxml2argvtest.c | 2 +
.../qemuxml2xmlout-pci-bridge-many-disks.xml | 2 +-
tests/qemuxml2xmltest.c | 2 +
tests/sexpr2xmldata/sexpr2xml-fv-autoport.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-empty-kernel.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-force-hpet.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-force-nohpet.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-kernel.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-legacy-vfb.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-localtime.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-net-ioemu.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-net-netfront.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-parallel-tcp.xml | 2 +-
.../sexpr2xml-fv-serial-dev-2-ports.xml | 2 +-
.../sexpr2xml-fv-serial-dev-2nd-port.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-serial-file.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-serial-null.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-serial-pipe.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-serial-pty.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-serial-stdio.xml | 2 +-
.../sexpr2xml-fv-serial-tcp-telnet.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-serial-tcp.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-serial-udp.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-serial-unix.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-sound-all.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-sound.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-usbmouse.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-usbtablet.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-utc.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv-v2.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-fv.xml | 2 +-
tests/sexpr2xmldata/sexpr2xml-no-source-cdrom.xml | 2 +-
tests/xmconfigdata/test-escape-paths.xml | 2 +-
tests/xmconfigdata/test-fullvirt-force-hpet.xml | 2 +-
tests/xmconfigdata/test-fullvirt-force-nohpet.xml | 2 +-
tests/xmconfigdata/test-fullvirt-localtime.xml | 2 +-
tests/xmconfigdata/test-fullvirt-net-ioemu.xml | 2 +-
tests/xmconfigdata/test-fullvirt-net-netfront.xml | 2 +-
tests/xmconfigdata/test-fullvirt-new-cdrom.xml | 2 +-
tests/xmconfigdata/test-fullvirt-old-cdrom.xml | 2 +-
tests/xmconfigdata/test-fullvirt-parallel-tcp.xml | 2 +-
.../test-fullvirt-serial-dev-2-ports.xml | 2 +-
.../test-fullvirt-serial-dev-2nd-port.xml | 2 +-
tests/xmconfigdata/test-fullvirt-serial-file.xml | 2 +-
tests/xmconfigdata/test-fullvirt-serial-null.xml | 2 +-
tests/xmconfigdata/test-fullvirt-serial-pipe.xml | 2 +-
tests/xmconfigdata/test-fullvirt-serial-pty.xml | 2 +-
tests/xmconfigdata/test-fullvirt-serial-stdio.xml | 2 +-
.../test-fullvirt-serial-tcp-telnet.xml | 2 +-
tests/xmconfigdata/test-fullvirt-serial-tcp.xml | 2 +-
tests/xmconfigdata/test-fullvirt-serial-udp.xml | 2 +-
tests/xmconfigdata/test-fullvirt-serial-unix.xml | 2 +-
tests/xmconfigdata/test-fullvirt-sound.xml | 2 +-
tests/xmconfigdata/test-fullvirt-usbmouse.xml | 2 +-
tests/xmconfigdata/test-fullvirt-usbtablet.xml | 2 +-
tests/xmconfigdata/test-fullvirt-utc.xml | 2 +-
tests/xmconfigdata/test-no-source-cdrom.xml | 2 +-
tests/xmconfigdata/test-pci-devs.xml | 2 +-
81 files changed, 639 insertions(+), 82 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-bios-nvram.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-bios-nvram.xml
--
1.8.5.5
10 years, 7 months
[libvirt] (no subject)
by Raghavendra K T
Bcc: Raghavendra K T <raghavendra.kt(a)linux.vnet.ibm.com>
Subject: Re: [libvirt] [RFC] exclusive vcpu-cpu pinning
Reply-To: Raghavendra K T <raghavendra.kt(a)linux.vnet.ibm.com>
In-Reply-To: <53DA24CF.8030600(a)redhat.com>
* J?n Tomko <jtomko(a)redhat.com> [2014-07-31 13:13:19]:
> Hello developers!
>
> Currently, our default cgroup layout is:
> -top level cgroup
> \-machine (machine.slice with systemd)
> `-vm1.libvirt-qemu (machine-qemu\x2dvm1.scope with systemd)
> `-emulator
> `-vcpu0
> \-vcpu1
> \-vm2.libvirt-qemu
> `-emulator
> `-vcpu0
> `-vcpu1
>
> To free some CPUs for exclusive use, either all processes from the top level
> cgroup should be moved to another one (which does not seem like a great idea)
> or isolcpus= should be specified on the kernel command line.
>
> The cpuset.cpu_exclusive option can be set on a cgroup if
> * all the groups up to the top level group have it set
> * the cpuset of the current group is a subset of the parent group
> and no siblings use any cpus from the current cpuset
>
> This would mean that to keep the existing nested structure, all vcpus and the
> emulator thread would need to have an exclusive CPU, e.g:
> <vcpu placement='static' cpuset='4-6'>2</vcpu>
> <cputune exclusive='yes'>
> <vcpupin vcpu='0' cpuset='5'/>
> <vcpupin vcpu='1' cpuset='6'/>
> <emulatorpin cpuset='4'/>
> </cputune>
>
> (The only two issues I found:
> 1) libvirt would have to mess with systemd's 'machine-scope' behind it's back
> (setting cpu_exclusive)
> 2) creating machines without explicit cpu pinning fails, as libvirt tries to
> write all the cpus to the cpuset, even those the other machine uses
> exclusively)
>
> I've also thought about just keeping track of the 'exclusived' CPUs in
> libvirt. This would not work across drivers. And it could possibly be needed
> to solve issue 2).
>
> Do you think any of these options would be useful?
>
> Bug: https://bugzilla.redhat.com/show_bug.cgi?id=996758
>
> Jan
>
Hi Jan,
I am not familiar with libvirt internals, but eager to solve the problem
(I also tried to solve the same problem, I had POC kernel solution which was
rightly rejected because we could solve with userspace).
Could we have a dedicated cpuset for vms (which asks for dedicated
cpuset may be via xml tag? <description>dedicated</description>)
[ This is very similar to what you have proposed ]
suppose we have 2 vms of 8 vcpus (vm1 dedicated, vm2 non-dedicated) on
a 16 pcpu machine,
the modified cpuset cgroup hierarchy looks like this (for cpuset only):
| root (cpuset.cpus = 0-15)
|
\_ machine (tasks = system tasks) (cpuset.cpus = 0-7, exclusive=1)
\_ vm2.libvirt-qemu (cpuset.cpus = 0-7, exclusive=1)
|
\_ vm2.libvirt-qemu (cpuset.cpus = 8-15, exclusive=1)
But as you have mentioned above libvirt will have to
1. modify the cpuset hierarchy behind systemd
2. move all the system tasks to machine (only for cpuset)
3. assign all the non dedicated cpuset to /machine hierarchy
4. assign dedicated/exclusive cpus to vms automatically.
ofcourse we cannot have 100% of cpus to be dedicated and we will have to
ensure that we do have some cpus left for system tasks/non dedicated vms
etc.
I see we could achieve above requirement with a userspace daemon,
But I think libvirt way of solving would be ideal. Do you think the
above solution is too intrusive? Please let us know your
thoughts.
10 years, 7 months
[libvirt] [PATCH 00/11] bulk stats: QEMU implementation
by Francesco Romani
This patchset enhances the QEMU support for the new bulk stats API.
What is added is the equivalent of these APIs:
virDomainBlockInfo
virDomainGetInfo - for balloon stats
virDomainGetCPUStats
virDomainBlockStatsFlags
virDomainInterfaceStats
virDomainGetVcpusFlags
virDomainGetVcpus
This subset of API is the one oVirt relies on.
The patchset is organized as follows:
- the first 4 patches do refactoring to extract internal helper
functions to be used by the old API and by the new bulk one.
For block stats on helper is actually added instead of extracted.
- since some groups require access to the QEMU monitor, one patch
extend the internal interface to easily accomodate that
- finally, the last six patches implement the support for the
bulk API.
Francesco Romani (11):
qemu: extract helper to get the current balloon
qemu: extract helper to gather vcpu data
qemu: add helper to get the block stats
qemu: extract helper to get block info
qemu: bulk stats: pass connection to workers
qemu: bulk stats: implement CPU stats group
qemu: bulk stats: implement balloon group
qemu: bulk stats: implement VCPU group
qemu: bulk stats: implement interface group
qemu: bulk stats: implement block group
qemu: bulk stats: implement blockinfo group
include/libvirt/libvirt.h.in | 6 +
src/qemu/qemu_driver.c | 558 ++++++++++++++++++++++++++++++++++++++-----
2 files changed, 502 insertions(+), 62 deletions(-)
--
1.9.3
10 years, 7 months
[libvirt] [PATCH] Fix connection to already running session libvirtd
by Christophe Fergeau
Since 1b807f92, connecting with virsh to an already running session
libvirtd fails with:
$ virsh list --all
error: failed to connect to the hypervisor
error: no valid connection
error: Failed to connect socket to
'/run/user/1000/libvirt/libvirt-sock': Transport endpoint is already
connected
This is caused by a logic error in virNetSocketNewConnectUnix: even if
the connection to the daemon socket succeeded, we still try to spawn the
daemon and then connect to it.
This commit changes the logic to not try to spawn libvirtd if we
successfully connected to its socket.
With whitespace changes removed, this patch becomes just this:
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index f913365..79540b3 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -574,7 +574,8 @@ int virNetSocketNewConnectUNIX(const char *path,
remoteAddr.data.un.sun_path[0] = '\0';
retry:
- if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0 &&
!spawnDaemon) {
+ if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
+ if (!spawnDaemon) {
virReportSystemError(errno, _("Failed to connect socket to
'%s'"),
path);
goto error;
@@ -634,6 +635,7 @@ int virNetSocketNewConnectUNIX(const char *path,
if (virNetSocketForkDaemon(binary, passfd) < 0)
goto error;
}
+ }
localAddr.len = sizeof(localAddr.data);
if (getsockname(fd, &localAddr.data.sa, &localAddr.len) < 0) {
---
src/rpc/virnetsocket.c | 102 +++++++++++++++++++++++++------------------------
1 file changed, 52 insertions(+), 50 deletions(-)
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index 79258ef..8fc5d80 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -573,65 +573,67 @@ int virNetSocketNewConnectUNIX(const char *path,
remoteAddr.data.un.sun_path[0] = '\0';
retry:
- if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0 && !spawnDaemon) {
- virReportSystemError(errno, _("Failed to connect socket to '%s'"),
- path);
- goto error;
- } else if (spawnDaemon) {
- int status = 0;
- pid_t pid = 0;
-
- if ((passfd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
- virReportSystemError(errno, "%s", _("Failed to create socket"));
+ if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
+ if (!spawnDaemon) {
+ virReportSystemError(errno, _("Failed to connect socket to '%s'"),
+ path);
goto error;
- }
+ } else if (spawnDaemon) {
+ int status = 0;
+ pid_t pid = 0;
- /*
- * We have to fork() here, because umask() is set
- * per-process, chmod() is racy and fchmod() has undefined
- * behaviour on sockets according to POSIX, so it doesn't
- * work outside Linux.
- */
- if ((pid = virFork()) < 0)
- goto error;
+ if ((passfd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
+ virReportSystemError(errno, "%s", _("Failed to create socket"));
+ goto error;
+ }
- if (pid == 0) {
- umask(0077);
- if (bind(passfd, &remoteAddr.data.sa, remoteAddr.len) < 0)
- _exit(EXIT_FAILURE);
+ /*
+ * We have to fork() here, because umask() is set
+ * per-process, chmod() is racy and fchmod() has undefined
+ * behaviour on sockets according to POSIX, so it doesn't
+ * work outside Linux.
+ */
+ if ((pid = virFork()) < 0)
+ goto error;
- _exit(EXIT_SUCCESS);
- }
+ if (pid == 0) {
+ umask(0077);
+ if (bind(passfd, &remoteAddr.data.sa, remoteAddr.len) < 0)
+ _exit(EXIT_FAILURE);
- if (virProcessWait(pid, &status, false) < 0)
- goto error;
+ _exit(EXIT_SUCCESS);
+ }
- if (status != EXIT_SUCCESS) {
- /*
- * OK, so the subprocces failed to bind() the socket. This may mean
- * that another daemon was starting at the same time and succeeded
- * with its bind(). So we'll try connecting again, but this time
- * without spawning the daemon.
- */
- spawnDaemon = false;
- goto retry;
- }
+ if (virProcessWait(pid, &status, false) < 0)
+ goto error;
- if (listen(passfd, 0) < 0) {
- virReportSystemError(errno, "%s",
- _("Failed to listen on socket that's about "
- "to be passed to the daemon"));
- goto error;
- }
+ if (status != EXIT_SUCCESS) {
+ /*
+ * OK, so the subprocces failed to bind() the socket. This may mean
+ * that another daemon was starting at the same time and succeeded
+ * with its bind(). So we'll try connecting again, but this time
+ * without spawning the daemon.
+ */
+ spawnDaemon = false;
+ goto retry;
+ }
- if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
- virReportSystemError(errno, _("Failed to connect socket to '%s'"),
- path);
- goto error;
- }
+ if (listen(passfd, 0) < 0) {
+ virReportSystemError(errno, "%s",
+ _("Failed to listen on socket that's about "
+ "to be passed to the daemon"));
+ goto error;
+ }
- if (virNetSocketForkDaemon(binary, passfd) < 0)
- goto error;
+ if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
+ virReportSystemError(errno, _("Failed to connect socket to '%s'"),
+ path);
+ goto error;
+ }
+
+ if (virNetSocketForkDaemon(binary, passfd) < 0)
+ goto error;
+ }
}
localAddr.len = sizeof(localAddr.data);
--
1.9.3
10 years, 7 months
[libvirt] [PATCH v2] Fix connection to already running session libvirtd
by Christophe Fergeau
Since 1b807f92, connecting with virsh to an already running session
libvirtd fails with:
$ virsh list --all
error: failed to connect to the hypervisor
error: no valid connection
error: Failed to connect socket to
'/run/user/1000/libvirt/libvirt-sock': Transport endpoint is already
connected
This is caused by a logic error in virNetSocketNewConnectUnix: even if
the connection to the daemon socket succeeded, we still try to spawn the
daemon and then connect to it.
This commit changes the logic to not try to spawn libvirtd if we
successfully connected to its socket.
Most of this commit is whitespace changes, use of -w is used to look at
it.
---
Changes since v1:
- Removed now redundant test in the else branch
src/rpc/virnetsocket.c | 102 +++++++++++++++++++++++++------------------------
1 file changed, 52 insertions(+), 50 deletions(-)
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index 79258ef..9780e17 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -573,65 +573,67 @@ int virNetSocketNewConnectUNIX(const char *path,
remoteAddr.data.un.sun_path[0] = '\0';
retry:
- if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0 && !spawnDaemon) {
- virReportSystemError(errno, _("Failed to connect socket to '%s'"),
- path);
- goto error;
- } else if (spawnDaemon) {
- int status = 0;
- pid_t pid = 0;
-
- if ((passfd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
- virReportSystemError(errno, "%s", _("Failed to create socket"));
+ if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
+ if (!spawnDaemon) {
+ virReportSystemError(errno, _("Failed to connect socket to '%s'"),
+ path);
goto error;
- }
+ } else {
+ int status = 0;
+ pid_t pid = 0;
- /*
- * We have to fork() here, because umask() is set
- * per-process, chmod() is racy and fchmod() has undefined
- * behaviour on sockets according to POSIX, so it doesn't
- * work outside Linux.
- */
- if ((pid = virFork()) < 0)
- goto error;
+ if ((passfd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
+ virReportSystemError(errno, "%s", _("Failed to create socket"));
+ goto error;
+ }
- if (pid == 0) {
- umask(0077);
- if (bind(passfd, &remoteAddr.data.sa, remoteAddr.len) < 0)
- _exit(EXIT_FAILURE);
+ /*
+ * We have to fork() here, because umask() is set
+ * per-process, chmod() is racy and fchmod() has undefined
+ * behaviour on sockets according to POSIX, so it doesn't
+ * work outside Linux.
+ */
+ if ((pid = virFork()) < 0)
+ goto error;
- _exit(EXIT_SUCCESS);
- }
+ if (pid == 0) {
+ umask(0077);
+ if (bind(passfd, &remoteAddr.data.sa, remoteAddr.len) < 0)
+ _exit(EXIT_FAILURE);
- if (virProcessWait(pid, &status, false) < 0)
- goto error;
+ _exit(EXIT_SUCCESS);
+ }
- if (status != EXIT_SUCCESS) {
- /*
- * OK, so the subprocces failed to bind() the socket. This may mean
- * that another daemon was starting at the same time and succeeded
- * with its bind(). So we'll try connecting again, but this time
- * without spawning the daemon.
- */
- spawnDaemon = false;
- goto retry;
- }
+ if (virProcessWait(pid, &status, false) < 0)
+ goto error;
- if (listen(passfd, 0) < 0) {
- virReportSystemError(errno, "%s",
- _("Failed to listen on socket that's about "
- "to be passed to the daemon"));
- goto error;
- }
+ if (status != EXIT_SUCCESS) {
+ /*
+ * OK, so the subprocces failed to bind() the socket. This may mean
+ * that another daemon was starting at the same time and succeeded
+ * with its bind(). So we'll try connecting again, but this time
+ * without spawning the daemon.
+ */
+ spawnDaemon = false;
+ goto retry;
+ }
- if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
- virReportSystemError(errno, _("Failed to connect socket to '%s'"),
- path);
- goto error;
- }
+ if (listen(passfd, 0) < 0) {
+ virReportSystemError(errno, "%s",
+ _("Failed to listen on socket that's about "
+ "to be passed to the daemon"));
+ goto error;
+ }
- if (virNetSocketForkDaemon(binary, passfd) < 0)
- goto error;
+ if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
+ virReportSystemError(errno, _("Failed to connect socket to '%s'"),
+ path);
+ goto error;
+ }
+
+ if (virNetSocketForkDaemon(binary, passfd) < 0)
+ goto error;
+ }
}
localAddr.len = sizeof(localAddr.data);
--
1.9.3
10 years, 7 months
[libvirt] [PATCH] conf: Check migration_host is valid or not during libvirt restarts
by Chen Fan
if user specified an invalid strings as migration hostname,
like setting: migration_host = "XXXXXXX", libvirt should check
it and return error during lbivirt restart.
Signed-off-by: Chen Fan <chen.fan.fnst(a)cn.fujitsu.com>
---
src/qemu/qemu_conf.c | 40 ++++++++++++++++++++++++++++++++++++++++
1 file changed, 40 insertions(+)
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index e2ec54f..450ac5b 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -33,6 +33,7 @@
#include <fcntl.h>
#include <sys/wait.h>
#include <arpa/inet.h>
+#include <netdb.h>
#include "virerror.h"
#include "qemu_conf.h"
@@ -650,6 +651,45 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg,
GET_VALUE_LONG("seccomp_sandbox", cfg->seccompSandbox);
GET_VALUE_STR("migration_host", cfg->migrateHost);
+ if (cfg->migrateHost) {
+ struct addrinfo hints;
+ struct addrinfo *res;
+
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_flags = AI_ADDRCONFIG;
+ hints.ai_family = AF_UNSPEC;
+
+ if (getaddrinfo(cfg->migrateHost, NULL, &hints, &res) != 0) {
+ virReportError(VIR_ERR_CONF_SYNTAX,
+ _("migration_host: '%s' is not a valid hostname"),
+ cfg->migrateHost);
+ goto cleanup;
+ }
+
+ if (res == NULL) {
+ virReportError(VIR_ERR_CONF_SYNTAX,
+ _("No IP address for host '%s' found"),
+ cfg->migrateHost);
+ goto cleanup;
+ }
+
+ freeaddrinfo(res);
+
+ if (STRPREFIX(cfg->migrateHost, "localhost")) {
+ virReportError(VIR_ERR_CONF_SYNTAX, "%s",
+ _("setting migration_host to 'localhost' is not allowed"));
+ goto cleanup;
+ }
+
+ if (STREQ(cfg->migrateHost, "127.0.0.1") ||
+ STREQ(cfg->migrateHost, "::1")) {
+ virReportError(VIR_ERR_CONF_SYNTAX, "%s",
+ _("setting migration_host to '127.0.0.1' or '::1' "
+ "is not allowed"));
+ goto cleanup;
+ }
+ }
+
GET_VALUE_STR("migration_address", cfg->migrationAddress);
GET_VALUE_BOOL("log_timestamp", cfg->logTimestamp);
--
1.9.3
10 years, 7 months
