[libvirt] [PATCH] docs: domain: Document network <filterref>
by Cole Robinson
The proper nwfilter docs go into full detail, but we should still
have a brief bit about domain XML in the domain documentation
---
docs/formatdomain.html.in | 41 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 41 insertions(+)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 9bcef6a..f6ce22d 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -4908,6 +4908,47 @@ qemu-kvm -net nic,model=? /dev/null
<code><model></code> element is mandatory.
</p>
+ <h5><a name="elementNwfilter">Traffic filtering with NWFilter</a></h5>
+
+ <p>
+ <span class="since">Since 0.8.0</span> an <code>nwfilter</code> profile
+ can be assigned to an interface device, which allows configuring
+ traffic filter rules for the virtual machine.
+
+ See the <a href="formatnwfilter.html">nwfilter</a> documentation for more
+ complete details.
+ </p>
+
+<pre>
+ ...
+ <devices>
+ <interface ...>
+ ...
+ <filterref filter='clean-traffic'/>
+ </interface>
+ <interface ...>
+ ...
+ <filterref filter='myfilter'>
+ <parameter name='IP' value='104.207.129.11'/>
+ <parameter name='IP6_ADDR' value='2001:19f0:300:2102::'/>
+ <parameter name='IP6_MASK' value='64'/>
+ ...
+ </filterref>
+ </interface>
+ </devices>
+ ...</pre>
+
+ <p>
+ The <code><filterref></code> <code>filter</code> attribute
+ specifies the name of the <a href="formatnwfilter.html">nwfilter</a>
+ to use. Optional <code><parameter></code> values may be
+ specified for passing additional info to the nwfilter via the
+ <code>name</code> and <code>value</code> attributes. See
+ the <a href="formatnwfilter.html#nwfconceptsvars">nwfilter</a>
+ docs for info on parameters.
+ </p>
+
+
<h4><a name="elementsInput">Input devices</a></h4>
<p>
--
2.7.3
9 years
[libvirt] [ 0/5] netdev ethernet allow to set ip, route and peer address
by Vasiliy Tolstov
Some minor improvements and patch split as suggested by Laine Stump
Vasiliy Tolstov (5):
virnetdev allow to set peer address
libvirt domain xml allow to set peer address
lxc domain allow to set peer address
bridge network ignore peer address
qemu domain allow to set ip address, peer address and route
docs/formatdomain.html.in | 12 +++++++++-
docs/schemas/domaincommon.rng | 5 ++++
src/conf/domain_conf.c | 14 ++++++++++-
src/conf/domain_conf.h | 1 +
src/lxc/lxc_container.c | 2 +-
src/network/bridge_driver.c | 2 +-
src/qemu/qemu_interface.c | 39 +++++++++++++++++++++++++++++++
src/util/virnetdev.c | 54 ++++++++++++++++++++++++++++++-------------
src/util/virnetdev.h | 1 +
9 files changed, 110 insertions(+), 20 deletions(-)
--
2.7.3
9 years
[libvirt] [PATCH 0/4] Make uninstall clean again
by Michal Privoznik
It's been a while since 'make uninstall' cleaned up everything
that 'make install' created. I've noticed this while trying to
figure out why some build test on *BSD is failing (fix for that
is in the first patch btw).
Michal Privoznik (4):
nss: Try harder to uninstall
examples: Try harder to uninstall nwfilter
docs: Uninstall libvirt logo too
docs: Don't leave any documentation behind
docs/Makefile.am | 7 +++++++
examples/Makefile.am | 2 +-
tools/Makefile.am | 2 +-
3 files changed, 9 insertions(+), 2 deletions(-)
--
2.7.3
9 years
[libvirt] [PATCH REBASE 0/2] vz: fix handling inputs in config
by Nikolay Shirokovskiy
Input devices are not stored in SDK but we report them
on dumpxml if vnc is on. Thus we need to handle input devices
on define xml as well. The latter part have some problems.
Let's fix them.
Nikolay Shirokovskiy (2):
vz: add default input devices on post parse
vz: fix config input device check
src/vz/vz_driver.c | 26 +++++++++++++++++++++++++-
src/vz/vz_sdk.c | 27 ++++++++++++++++++---------
2 files changed, 43 insertions(+), 10 deletions(-)
--
1.8.3.1
9 years
[libvirt] [libvirt-php][PATCH 0/2] Fix some build issues
by Michal Privoznik
While trying to make 'distcheck' work again, this is where I got so far.
Unfortunately, distcheck is still not working.
Michal Privoznik (2):
tools: Compile generate-api-docs into builddir
configure.ac: Slightly rework
configure.ac | 11 ++++++-----
tools/Makefile.am | 2 +-
2 files changed, 7 insertions(+), 6 deletions(-)
--
2.7.3
9 years
[libvirt] [PATCH] virt-aa-helper: disallow VNC socket read permissions
by Cole Robinson
From: Simon Arlott <bugzilla.redhat.simon(a)arlott.org>
The VM does not need read permission for its own VNC socket to create(),
bind(), accept() connections or to receive(), send(), etc. on connections.
https://bugzilla.redhat.com/show_bug.cgi?id=1312573
---
src/security/virt-aa-helper.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 50d2a08..a4cb409 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -1062,7 +1062,7 @@ get_files(vahControl * ctl)
for (i = 0; i < ctl->def->ngraphics; i++) {
if (ctl->def->graphics[i]->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC &&
ctl->def->graphics[i]->data.vnc.socket &&
- vah_add_file(&buf, ctl->def->graphics[i]->data.vnc.socket, "rw"))
+ vah_add_file(&buf, ctl->def->graphics[i]->data.vnc.socket, "w"))
goto cleanup;
}
--
2.5.5
9 years
[libvirt] [PATCH] man: Clarify virsh vol-clone works within a single pool
by Cole Robinson
virsh vol-clone is expected to clone a volume within a single
pool; it doesn't work for cloning across pools. Clarify the docs
https://bugzilla.redhat.com/show_bug.cgi?id=1103714
---
tools/virsh-volume.c | 2 +-
tools/virsh.pod | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/tools/virsh-volume.c b/tools/virsh-volume.c
index 36dd0ed..9cc8e52 100644
--- a/tools/virsh-volume.c
+++ b/tools/virsh-volume.c
@@ -546,7 +546,7 @@ static const vshCmdInfo info_vol_clone[] = {
.data = N_("clone a volume.")
},
{.name = "desc",
- .data = N_("Clone an existing volume.")
+ .data = N_("Clone an existing volume within the parent pool.")
},
{.name = NULL}
};
diff --git a/tools/virsh.pod b/tools/virsh.pod
index 6c9d4ec..e1c0d8e 100644
--- a/tools/virsh.pod
+++ b/tools/virsh.pod
@@ -3530,10 +3530,10 @@ only slightly higher initial disk space usage.
=item B<vol-clone> [I<--pool> I<pool-or-uuid>] I<vol-name-or-key-or-path>
I<name> [I<--prealloc-metadata>] [I<--reflink>]
-Clone an existing volume. Less powerful, but easier to type, version of
-B<vol-create-from>.
+Clone an existing volume within the parent pool. Less powerful,
+but easier to type, version of B<vol-create-from>.
I<--pool> I<pool-or-uuid> is the name or UUID of the storage pool to create
-the volume in.
+that contains the source volume, and will contain the new volume.
I<vol-name-or-key-or-path> is the name or key or path of the source volume.
I<name> is the name of the new volume.
[I<--prealloc-metadata>] preallocate metadata (for qcow2 images which don't
--
2.7.3
9 years
[libvirt] [PATCH 0/3] storage: drop support for qcow-create, kvm-img
by Cole Robinson
I don't think we need to try and support qcow-create or kvm-img
binaries anymore; everywhere we care about should have a
/usr/bin/qemu-img. See patches for more details
Cole Robinson (3):
storage: remove support for /usr/bin/qcow-create
storage: remove support for /usr/bin/kvm-img
storage: drop the plumbing needed for kvm-img/qcow-create
src/qemu/qemu_domain.c | 2 +-
src/qemu/qemu_driver.c | 4 +-
src/storage/storage_backend.c | 131 ++-------------------------------------
src/storage/storage_backend.h | 9 ++-
src/storage/storage_backend_fs.c | 21 ++-----
src/util/virfile.c | 2 +-
tests/virstoragetest.c | 4 +-
7 files changed, 18 insertions(+), 155 deletions(-)
--
2.7.3
9 years
[libvirt] [PATCH] tests: Fix enumeration value
by Andrea Bolognani
Commit 3a773c43c801 introduced the testCompareNetXML2XMLResult
enumeration; however, in one instance the result variable was
assigned a value from the very similar testCompareDocXML2XMLResult
enumeration, leading to a build error.
networkxml2xmltest.c:33:42: error:
implicit conversion from enumeration type 'testCompareDomXML2XMLResult'
to different enumeration type 'testCompareNetXML2XMLResult'
[-Werror,-Wenum-conversion]
testCompareNetXML2XMLResult result = TEST_COMPARE_DOM_XML2XML_RESULT_SUCCESS;
~~~~~~ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Use the proper value (TEST_COMPARE_NET_XML2XML_RESULT_SUCCESS) instead.
---
Pushed as build breaker.
tests/networkxml2xmltest.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/networkxml2xmltest.c b/tests/networkxml2xmltest.c
index a52b350..c069f3d 100644
--- a/tests/networkxml2xmltest.c
+++ b/tests/networkxml2xmltest.c
@@ -30,7 +30,7 @@ testCompareXMLToXMLFiles(const char *inxml, const char *outxml,
{
char *actual = NULL;
int ret;
- testCompareNetXML2XMLResult result = TEST_COMPARE_DOM_XML2XML_RESULT_SUCCESS;
+ testCompareNetXML2XMLResult result = TEST_COMPARE_NET_XML2XML_RESULT_SUCCESS;
virNetworkDefPtr dev = NULL;
if (!(dev = virNetworkDefParseFile(inxml))) {
--
2.5.5
9 years
[libvirt] [PATCH 0/7] Probe and expose GIC capabilities
by Andrea Bolognani
Changes from [RFC]:
* Fix issues pointed out during review (see patches
1 and 2 for details)
* Add documentation
The only thing missing AFAIK is some test cases... I'm not sure
whether it's possible to include QMP replies for QEMU 2.6 even
though it hasn't been released yet, and I wouldn't know how to
generate a .replies file anyway. Any pointers?
Cheers.
[RFC] https://www.redhat.com/archives/libvir-list/2016-March/msg00956.html
Andrea Bolognani (7):
conf: Get rid of virDomainCapsDevice
qemu: Probe GIC capabilities
schema: Validate GIC capabilities
conf: Expose GIC capabilities
qemu: Fill in GIC capabilities
qemu: Cache GIC capabilities
docs: Document the new XML elements
docs/formatdomain.html.in | 3 +-
docs/formatdomaincaps.html.in | 43 ++++-
docs/schemas/domaincaps.rng | 18 ++
src/conf/domain_capabilities.c | 42 ++++-
src/conf/domain_capabilities.h | 24 +--
src/qemu/qemu_capabilities.c | 194 ++++++++++++++++++++-
src/qemu/qemu_monitor.c | 17 ++
src/qemu/qemu_monitor.h | 4 +
src/qemu/qemu_monitor_json.c | 115 ++++++++++++
src/qemu/qemu_monitor_json.h | 4 +
src/util/virgic.h | 13 ++
tests/domaincapsschemadata/domaincaps-basic.xml | 3 +
tests/domaincapsschemadata/domaincaps-full.xml | 3 +
.../domaincaps-qemu_1.6.50-1.xml | 3 +
tests/domaincapstest.c | 8 +-
15 files changed, 470 insertions(+), 24 deletions(-)
--
2.5.5
9 years
