[libvirt] [PATCH] Switch to GSSAPI (kerberos) instead of the insecure DIGEST-MD5
by Daniel P. Berrange
RFC 6331 documents a number of serious security weaknesses in
the SASL DIGEST-MD5 mechanism. As such, libvirtd should not
by using it as a default mechanism. GSSAPI is the only other
viable SASL mechanism that can provide secure session encryption
so enable that by defalt as the replacement.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
daemon/libvirtd.sasl | 44 +++++++++++++++++---------
docs/auth.html.in | 89 +++++++++++++++++++++++++++++++++++++++++-----------
libvirt.spec.in | 6 ++--
3 files changed, 102 insertions(+), 37 deletions(-)
diff --git a/daemon/libvirtd.sasl b/daemon/libvirtd.sasl
index 5e2528d..2be99ef 100644
--- a/daemon/libvirtd.sasl
+++ b/daemon/libvirtd.sasl
@@ -1,31 +1,45 @@
-# If you want to use the non-TLS socket, then you *must* include
-# the GSSAPI or DIGEST-MD5 mechanisms, because they are the only
-# ones that can offer session encryption as well as authentication.
+# If you want to use the non-TLS socket, then you *must* pick a
+# mechanism which provides session encryption as well as
+# authentication.
#
-# If you're only using TLS, then you can turn on any mechanisms
+# If you are only using TLS, then you can turn on any mechanisms
# you like for authentication, because TLS provides the encryption
#
-# Default to a simple username+password mechanism
-mech_list: digest-md5
+# If you are only using UNIX, sockets then encryption is not
+# required at all.
+#
+# Since SASL is the default for the libvirtd non-TLS socket, we
+# pick a strong mechanism by default.
+#
+# NB, previously DIGEST-MD5 was set as the default mechanism for
+# libvirt. Per RFC 6331 this is vulnerable to many serious security
+# flaws as should no longer be used. Thus GSSAPI is now the default.
+#
+# To use GSSAPI requires that a libvirtd service principal is
+# added to the Kerberos server for each host running libvirtd.
+# This principal needs to be exported to the keytab file listed below
+mech_list: gssapi
+
+# If using a TLS socket or UNIX socket only, it is possible to
+# enable plugins which don't provide session encryption. The
+# 'scram-sha-1' plugin allows plain username/password authentication
+# to be performed
+#
+#mech_list: scram-sha-1
-# Before you can use GSSAPI, you need a service principle on the
-# KDC server for libvirt, and that to be exported to the keytab
-# file listed below
-#mech_list: gssapi
#
# You can also list many mechanisms at once, then the user can choose
# by adding '?auth=sasl.gssapi' to their libvirt URI, eg
# qemu+tcp://hostname/system?auth=sasl.gssapi
-#mech_list: digest-md5 gssapi
+#mech_list: scram-sha-1 gssapi
# Some older builds of MIT kerberos on Linux ignore this option &
# instead need KRB5_KTNAME env var.
# For modern Linux, and other OS, this should be sufficient
#
-# There is no default value here, uncomment if you need this
-#keytab: /etc/libvirt/krb5.tab
+keytab: /etc/libvirt/krb5.tab
-# If using digest-md5 for username/passwds, then this is the file
+# If using scram-sha-1 for username/passwds, then this is the file
# containing the passwds. Use 'saslpasswd2 -a libvirt [username]'
# to add entries, and 'sasldblistusers2 -f [sasldb_path]' to browse it
-sasldb_path: /etc/libvirt/passwd.db
+#sasldb_path: /etc/libvirt/passwd.db
diff --git a/docs/auth.html.in b/docs/auth.html.in
index 08feacc..9f2e317 100644
--- a/docs/auth.html.in
+++ b/docs/auth.html.in
@@ -204,16 +204,71 @@ ResultActive=yes</pre>
Further examples of PolicyKit setup can be found on the
<a href="http://wiki.libvirt.org/page/SSHPolicyKitSetup">wiki page</a>.
</p>
- <h2><a name="ACL_server_username">Username/password auth</a></h2>
+ <h2><a name="ACL_server_sasl">SASL pluggable authentication</a></h2>
+
<p>
-The plain TCP socket of the libvirt daemon defaults to using SASL for authentication.
-The SASL mechanism configured by default is DIGEST-MD5, which provides a basic
-username+password style authentication. It also provides for encryption of the data
-stream, so the security of the plain TCP socket is on a par with that of the TLS
-socket. If desired the UNIX socket and TLS socket can also have SASL enabled by
-setting the <code>auth_unix_ro</code>, <code>auth_unix_rw</code>, <code>auth_tls</code>
-config params in <code>libvirt.conf</code>.
-</p>
+Libvirt integrates with the cyrus-sasl library to provide a pluggable authentication
+system using the SASL protocol. SASL can be used in combination with libvirtd's TLS
+or TCP socket listeners. When used with the TCP listener, the SASL mechanism is
+rqeuired to provide session encryption in addition to authentication. Only a very
+few SASL mechanisms are able todo this, and of those that can do it, only the
+GSSAPI plugin is considered acceptably secure by modern standards:
+ </p>
+
+ <dl>
+ <dt>GSSAPI</dt>
+ <dd><strong>This is the current default mechanism to use with libvirtd</strong>.
+ It uses the Kerberos v5 authentication protocol underneath, and assuming
+ the Kerberos client/server are configured with modern ciphers (AES),
+ it provides strong session encryption capabilities.</dd>
+
+ <dt>DIGEST-MD5</dt>
+ <dd>This was previously set as the default mechanism to use with libvirtd.
+ It provides a simple username/password based authentication mechanism
+ that includes session encryption.
+ <a href="https://tools.ietf.org/html/rfc6331">RFC 6331</a>, however,
+ documents a number of serious security flaws with DIGEST-MD5 and as a
+ result marks it as <code>OBSOLETE</code>. Specific concerns are that
+ it is vulnerable to MITM attacks and the MD5 hash can be brute-forced
+ to reveal the password. A replacement is provided via the SCRAM mechanism,
+ however, note that this is does not provide encryption, so the SCRAM
+ mechanism can only be used on the libvirtd TLS listener.
+ </dd>
+
+ <dt>PASSDSS-3DES-1</dt>
+ <dd>This provides a simple username/password based authentication
+ mechanism that includes session encryption. The current cyrus-sasl
+ implementation does not provide a way to validate the server's
+ public key identity, thus it is susceptible to a MITM attacker
+ impersonating the server.</dd>
+
+ <dt>KERBEROS_V4</dt>
+ <dd>This uses the obsolete Kerberos v4 protocol to provide both authentication
+ and session encryption. Kerberos v4 protocol has been obsolete since the
+ early 1990's and has known security vulnerabilities so this will never be
+ used in practice.</dd>
+ </dl>
+
+ <p>
+ Other SASL mechanisms, not listed above, can only be used when the libvirtd
+ TLS or UNIX socket listeners.
+ </p>
+
+ <h3><a name="ACL_server_username">Username/password auth</a></h3>
+ <p>
+As noted above, the DIGEST-MD5 mechanism is considered obsolete and should
+not be used anymore. To provide a simple username/password auth scheme on
+the libvirt UNIX socket or TLS listeners, however, it is possible to use
+the SCRAM mechanism. The <code>auth_unix_ro</code>, <code>auth_unix_rw</code>,
+<code>auth_tls</code> config params in <code>libvirt.conf</code> can be used
+to turn on SASL auth in these listeners.
+ </p>
+ <p>
+Since the libvirt SASL config file defaults to using GSSAPI (Kerberos), a
+config change is rquired to enable plain password auth. This is done by
+editting <code>/etc/sasl2/libvirt.conf</code> to set the <code>mech_list</code>
+parameter to <code>scram-sha-1</code>.
+ </p>
<p>
Out of the box, no user accounts are defined, so no clients will be able to authenticate
on the TCP socket. Adding users and setting their passwords is done with the <code>saslpasswd2</code>
@@ -241,17 +296,13 @@ again:
<pre>
# saslpasswd2 -a libvirt -d fred
</pre>
- <h2><a name="ACL_server_kerberos">Kerberos auth</a></h2>
+ <h3><a name="ACL_server_kerberos">GSSAPI/Kerberos auth</a></h3>
<p>
-The plain TCP socket of the libvirt daemon defaults to using SASL for authentication.
-The SASL mechanism configured by default is DIGEST-MD5, which provides a basic
-username+password style authentication. To enable Kerberos single-sign-on instead,
-the libvirt SASL configuration file must be changed. This is <code>/etc/sasl2/libvirt.conf</code>.
-The <code>mech_list</code> parameter must first be changed to <code>gssapi</code>
-instead of the default <code>digest-md5</code>, and keytab should be set to
-<code>/etc/libvirt/krb5.tab</code> . If SASL is enabled on the UNIX
-and/or TLS sockets, Kerberos will also be used for them. Like DIGEST-MD5, the Kerberos
-mechanism provides data encryption of the session.
+The plain TCP listener of the libvirt daemon defaults to using SASL for authentication.
+The libvirt SASL config also defaults to GSSAPI, so there is no need to edit the
+SASL config when using GSSAPI. If the libvirtd TLS or UNIX listeners are used,
+then the Kerberos session encryption will be disabled since it is not required
+in these scenarios - only the plain TCP listener needs encryption
</p>
<p>
Some operating systems do not install the SASL kerberos plugin by default. It
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 57ac88e..1d24985 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -979,9 +979,9 @@ Group: Development/Libraries
# (client invokes 'nc' against the UNIX socket on the server)
Requires: nc
Requires: cyrus-sasl
-# Not technically required, but makes 'out-of-box' config
-# work correctly & doesn't have onerous dependencies
-Requires: cyrus-sasl-md5
+# Needed by default sasl.conf - no onerous extra deps, since
+# 100's of other things on a system already pull in krb5-libs
+Requires: cyrus-sasl-gssapi
%description libs
Shared libraries for accessing the libvirt daemon.
--
2.9.3
7 years, 9 months
[libvirt] [PATCH 0/7] qemu: Report better host-model CPUs in domain caps
by Jiri Denemark
One of the main reasons for introducing host-model CPU definition in a
domain capabilities XML was the inability to express disabled features
in a host capabilities XML. That is, when a host CPU is, e.g., Haswell
without x2apic support, host capabilities XML will have to report it as
Westmere + a bunch of additional features., but we really want to use
Haswell - x2apic when creating a host-model CPU.
Unfortunately, I somehow forgot to do the last step and the code would
just copy the CPU definition found in the host capabilities XML. This
changed recently for new QEMU versions which allow us to query host CPU,
but any slightly older QEMU will not benefit from any change I did. This
patch makes sure the right CPU model is filled in the domain
capabilities even with old QEMU.
The issue was reported in
https://bugzilla.redhat.com/show_bug.cgi?id=1426456
Jiri Denemark (7):
Do not format <arch> in guest CPU XML
cpu: Replace cpuNodeData with virCPUGetHost
cpu: Add virCPUType parameter to virCPUGetHost
cpu: Add list of allowed CPU models to virCPUGetHost
qemu: Refactor virQEMUCapsInitCPU
qemu: Report better host-model CPUs in domain caps
cputest: New test for Intel Core i7-4510U
src/bhyve/bhyve_capabilities.c | 35 +---
src/conf/cpu_conf.c | 2 +-
src/cpu/cpu.c | 100 ++++++++--
src/cpu/cpu.h | 16 +-
src/cpu/cpu_arm.c | 1 -
src/cpu/cpu_ppc64.c | 30 +--
src/cpu/cpu_s390.c | 1 -
src/cpu/cpu_x86.c | 29 ++-
src/libvirt_private.syms | 2 +-
src/qemu/qemu_capabilities.c | 61 +++----
src/qemu/qemu_capspriv.h | 5 +
src/vmware/vmware_conf.c | 20 +-
src/vz/vz_driver.c | 22 +--
tests/Makefile.am | 11 +-
tests/cputest.c | 1 +
tests/cputestdata/x86_64-cpuid-A10-5800K-guest.xml | 1 -
tests/cputestdata/x86_64-cpuid-A10-5800K-json.xml | 1 -
tests/cputestdata/x86_64-cpuid-Atom-D510-guest.xml | 1 -
tests/cputestdata/x86_64-cpuid-Atom-N450-guest.xml | 1 -
.../x86_64-cpuid-Core-i5-2500-guest.xml | 1 -
.../cputestdata/x86_64-cpuid-Core-i5-2500-json.xml | 1 -
.../x86_64-cpuid-Core-i5-2540M-guest.xml | 1 -
.../x86_64-cpuid-Core-i5-2540M-json.xml | 1 -
.../x86_64-cpuid-Core-i5-4670T-guest.xml | 1 -
.../x86_64-cpuid-Core-i5-4670T-json.xml | 1 -
.../x86_64-cpuid-Core-i5-6600-guest.xml | 1 -
.../cputestdata/x86_64-cpuid-Core-i5-6600-json.xml | 1 -
.../x86_64-cpuid-Core-i7-2600-guest.xml | 1 -
.../cputestdata/x86_64-cpuid-Core-i7-2600-json.xml | 1 -
.../x86_64-cpuid-Core-i7-3520M-guest.xml | 1 -
.../x86_64-cpuid-Core-i7-3740QM-guest.xml | 1 -
.../x86_64-cpuid-Core-i7-3740QM-json.xml | 1 -
.../x86_64-cpuid-Core-i7-3770-guest.xml | 1 -
.../cputestdata/x86_64-cpuid-Core-i7-3770-json.xml | 1 -
.../x86_64-cpuid-Core-i7-4510U-guest.xml | 29 +++
.../x86_64-cpuid-Core-i7-4510U-host.xml | 44 +++++
.../x86_64-cpuid-Core-i7-4510U-json.xml | 15 ++
tests/cputestdata/x86_64-cpuid-Core-i7-4510U.json | 203 +++++++++++++++++++++
tests/cputestdata/x86_64-cpuid-Core-i7-4510U.xml | 34 ++++
.../x86_64-cpuid-Core-i7-4600U-guest.xml | 1 -
.../x86_64-cpuid-Core-i7-4600U-json.xml | 1 -
.../x86_64-cpuid-Core-i7-5600U-guest.xml | 1 -
.../x86_64-cpuid-Core-i7-5600U-json.xml | 1 -
.../cputestdata/x86_64-cpuid-Core2-E6850-guest.xml | 1 -
.../cputestdata/x86_64-cpuid-Core2-E6850-json.xml | 1 -
.../cputestdata/x86_64-cpuid-Core2-Q9500-guest.xml | 1 -
tests/cputestdata/x86_64-cpuid-FX-8150-guest.xml | 1 -
.../x86_64-cpuid-Opteron-1352-guest.xml | 1 -
.../x86_64-cpuid-Opteron-2350-guest.xml | 1 -
.../cputestdata/x86_64-cpuid-Opteron-2350-json.xml | 1 -
.../x86_64-cpuid-Opteron-6234-guest.xml | 1 -
.../cputestdata/x86_64-cpuid-Opteron-6234-json.xml | 1 -
.../x86_64-cpuid-Opteron-6282-guest.xml | 1 -
.../x86_64-cpuid-Pentium-P6100-guest.xml | 1 -
.../cputestdata/x86_64-cpuid-Phenom-B95-guest.xml | 1 -
tests/cputestdata/x86_64-cpuid-Phenom-B95-json.xml | 1 -
tests/cputestdata/x86_64-cpuid-Xeon-5110-guest.xml | 1 -
.../x86_64-cpuid-Xeon-E3-1245-guest.xml | 1 -
.../cputestdata/x86_64-cpuid-Xeon-E3-1245-json.xml | 1 -
.../x86_64-cpuid-Xeon-E5-2630-guest.xml | 1 -
.../cputestdata/x86_64-cpuid-Xeon-E5-2630-json.xml | 1 -
.../x86_64-cpuid-Xeon-E5-2650-guest.xml | 1 -
.../cputestdata/x86_64-cpuid-Xeon-E5-2650-json.xml | 1 -
.../x86_64-cpuid-Xeon-E7-4820-guest.xml | 1 -
.../cputestdata/x86_64-cpuid-Xeon-E7-4820-json.xml | 1 -
.../x86_64-cpuid-Xeon-E7-8890-guest.xml | 1 -
.../cputestdata/x86_64-cpuid-Xeon-W3520-guest.xml | 1 -
tests/cputestdata/x86_64-cpuid-Xeon-W3520-json.xml | 1 -
.../cputestdata/x86_64-cpuid-Xeon-X5460-guest.xml | 1 -
tests/domaincapstest.c | 6 +
tests/qemucpumock.c | 35 ++++
tests/qemuxml2argvtest.c | 6 +-
72 files changed, 560 insertions(+), 197 deletions(-)
create mode 100644 tests/cputestdata/x86_64-cpuid-Core-i7-4510U-guest.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-Core-i7-4510U-host.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-Core-i7-4510U-json.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-Core-i7-4510U.json
create mode 100644 tests/cputestdata/x86_64-cpuid-Core-i7-4510U.xml
create mode 100644 tests/qemucpumock.c
--
2.12.0
7 years, 9 months
[libvirt] [PATCH] qemuDomainBuildNamespace: Handle file mount points
by Michal Privoznik
https://bugzilla.redhat.com/show_bug.cgi?id=1431112
Yeah, that's right. A mount point doesn't have to be a directory.
It can be a file too. However, the code that tries to preserve
mount points under /dev for new namespace for qemu does not count
with that option.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/qemu/qemu_domain.c | 37 +++++++++++++++++++++++++++++++++----
1 file changed, 33 insertions(+), 4 deletions(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index d5833b026..07ce22417 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -7741,10 +7741,21 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg,
/* Save some mount points because we want to share them with the host */
for (i = 0; i < ndevMountsPath; i++) {
+ struct stat sb;
+
if (devMountsSavePath[i] == devPath)
continue;
- if (virFileMakePath(devMountsSavePath[i]) < 0) {
+ if (stat(devMountsPath[i], &sb) < 0) {
+ virReportSystemError(errno,
+ _("Unable to stat: %s"),
+ devMountsPath[i]);
+ goto cleanup;
+ }
+
+ /* At this point, devMountsPath is either a regular file or a directory. */
+ if ((S_ISDIR(sb.st_mode) && virFileMakePath(devMountsSavePath[i]) < 0) ||
+ (S_ISREG(sb.st_mode) && virFileTouch(devMountsSavePath[i], sb.st_mode) < 0)) {
virReportSystemError(errno,
_("Failed to create %s"),
devMountsSavePath[i]);
@@ -7780,15 +7791,33 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg,
goto cleanup;
for (i = 0; i < ndevMountsPath; i++) {
+ struct stat sb;
+
if (devMountsSavePath[i] == devPath)
continue;
- if (virFileMakePath(devMountsPath[i]) < 0) {
- virReportSystemError(errno, _("Cannot create %s"),
- devMountsPath[i]);
+ if (stat(devMountsSavePath[i], &sb) < 0) {
+ virReportSystemError(errno,
+ _("Unable to stat: %s"),
+ devMountsSavePath[i]);
goto cleanup;
}
+ if (S_ISDIR(sb.st_mode)) {
+ if (virFileMakePath(devMountsPath[i]) < 0) {
+ virReportSystemError(errno, _("Cannot create %s"),
+ devMountsPath[i]);
+ goto cleanup;
+ }
+ } else {
+ if (virFileMakeParentPath(devMountsPath[i]) < 0 ||
+ virFileTouch(devMountsPath[i], sb.st_mode) < 0) {
+ virReportSystemError(errno, _("Cannot create %s"),
+ devMountsPath[i]);
+ goto cleanup;
+ }
+ }
+
if (virFileMoveMount(devMountsSavePath[i], devMountsPath[i]) < 0)
goto cleanup;
}
--
2.11.0
7 years, 9 months
[libvirt] [PATCH] Enable forgotten VIR_CONNECT_LIST_STORAGE_POOLS_* flags
by Jiri Denemark
VIR_CONNECT_LIST_STORAGE_POOLS_VSTORAGE and
VIR_CONNECT_LIST_STORAGE_POOLS_ZFS were added to libvirt but the listing
API was not properly updated to use them.
https://bugzilla.redhat.com/show_bug.cgi?id=1431543
Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com>
---
src/conf/storage_conf.c | 6 +++++-
src/conf/storage_conf.h | 3 ++-
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/conf/storage_conf.c b/src/conf/storage_conf.c
index a52eeba07..3cfaf2b9b 100644
--- a/src/conf/storage_conf.c
+++ b/src/conf/storage_conf.c
@@ -2671,7 +2671,11 @@ virStoragePoolMatch(virStoragePoolObjPtr poolobj,
(MATCH(VIR_CONNECT_LIST_STORAGE_POOLS_SHEEPDOG) &&
(poolobj->def->type == VIR_STORAGE_POOL_SHEEPDOG)) ||
(MATCH(VIR_CONNECT_LIST_STORAGE_POOLS_GLUSTER) &&
- (poolobj->def->type == VIR_STORAGE_POOL_GLUSTER))))
+ (poolobj->def->type == VIR_STORAGE_POOL_GLUSTER)) ||
+ (MATCH(VIR_CONNECT_LIST_STORAGE_POOLS_ZFS) &&
+ poolobj->def->type == VIR_STORAGE_POOL_ZFS) ||
+ (MATCH(VIR_CONNECT_LIST_STORAGE_POOLS_VSTORAGE) &&
+ poolobj->def->type == VIR_STORAGE_POOL_VSTORAGE)))
return false;
}
diff --git a/src/conf/storage_conf.h b/src/conf/storage_conf.h
index 1723afc0a..c3a88d284 100644
--- a/src/conf/storage_conf.h
+++ b/src/conf/storage_conf.h
@@ -544,7 +544,8 @@ VIR_ENUM_DECL(virStoragePartedFs)
VIR_CONNECT_LIST_STORAGE_POOLS_RBD | \
VIR_CONNECT_LIST_STORAGE_POOLS_SHEEPDOG | \
VIR_CONNECT_LIST_STORAGE_POOLS_GLUSTER | \
- VIR_CONNECT_LIST_STORAGE_POOLS_ZFS)
+ VIR_CONNECT_LIST_STORAGE_POOLS_ZFS | \
+ VIR_CONNECT_LIST_STORAGE_POOLS_VSTORAGE)
# define VIR_CONNECT_LIST_STORAGE_POOLS_FILTERS_ALL \
(VIR_CONNECT_LIST_STORAGE_POOLS_FILTERS_ACTIVE | \
--
2.12.0
7 years, 9 months
[libvirt] [PATCH 7/7] docs: moved 'timestamps' and 'encryption' sub-element description in formatstorage doc
by Alexander Vasilenko
---
docs/formatstorage.html.in | 36 ++++++++++++++++++------------------
1 file changed, 18 insertions(+), 18 deletions(-)
diff --git a/docs/formatstorage.html.in b/docs/formatstorage.html.in
index c787a059d..225e19000 100644
--- a/docs/formatstorage.html.in
+++ b/docs/formatstorage.html.in
@@ -456,24 +456,6 @@
will be filled with the values used by the existing directory.
<span class="since">Since 1.2.16</span>
</dd>
- <dt><code>timestamps</code></dt>
- <dd>Provides timing information about the volume. Up to four
- sub-elements are present,
- where <code>atime</code>, <code>btime</code>, <code>ctime</code>
- and <code>mtime</code> hold the access, birth, change and
- modification time of the volume, where known. The used time
- format is <seconds>.<nanoseconds> since the
- beginning of the epoch (1 Jan 1970). If nanosecond resolution
- is 0 or otherwise unsupported by the host OS or filesystem,
- then the nanoseconds part is omitted. This is a readonly
- attribute and is ignored when creating a volume.
- <span class="since">Since 0.10.0</span>
- </dd>
- <dt><code>encryption</code></dt>
- <dd>If present, specifies how the volume is encrypted. See
- the <a href="formatstorageencryption.html">Storage Encryption</a> page
- for more information.
- </dd>
</dl>
<h3><a name="StoragePoolExtents">Device extents</a></h3>
@@ -658,6 +640,24 @@
will be filled with the values used by the existing file.
<span class="since">Since 0.4.1</span>
</dd>
+ <dt><code>timestamps</code></dt>
+ <dd>Provides timing information about the volume. Up to four
+ sub-elements are present,
+ where <code>atime</code>, <code>btime</code>, <code>ctime</code>
+ and <code>mtime</code> hold the access, birth, change and
+ modification time of the volume, where known. The used time
+ format is <seconds>.<nanoseconds> since the
+ beginning of the epoch (1 Jan 1970). If nanosecond resolution
+ is 0 or otherwise unsupported by the host OS or filesystem,
+ then the nanoseconds part is omitted. This is a readonly
+ attribute and is ignored when creating a volume.
+ <span class="since">Since 0.10.0</span>
+ </dd>
+ <dt><code>encryption</code></dt>
+ <dd>If present, specifies how the volume is encrypted. See
+ the <a href="formatstorageencryption.html">Storage Encryption</a> page
+ for more information.
+ </dd>
<dt><code>compat</code></dt>
<dd>Specify compatibility level. So far, this is only used for
<code>type='qcow2'</code> volumes. Valid values are <code>0.10</code>
--
2.12.0
7 years, 9 months
[libvirt] [PATCH 0/6] bhyve UEFI and graphics support
by Roman Bogorodskiy
Fabian Freyer (5):
bhyve: virBhyveProbeCaps: BHYVE_CAP_LPC_BOOTROM
bhyve: add support for booting from UEFI
bhyve: test cases for UEFI bhyvexml2argvtest
bhyve: enumerate UEFI firmwares
bhyve: add video support
Roman Bogorodskiy (1):
bhyve: test cases for VNC
docs/formatdomain.html.in | 3 +-
docs/schemas/domaincommon.rng | 1 +
po/POTFILES.in | 1 +
src/bhyve/bhyve_capabilities.c | 93 ++++++++++++++++
src/bhyve/bhyve_capabilities.h | 2 +
src/bhyve/bhyve_command.c | 130 +++++++++++++++++++++-
src/bhyve/bhyve_device.c | 11 ++
src/bhyve/bhyve_driver.c | 27 ++++-
src/bhyve/bhyve_process.c | 55 ++++-----
src/conf/domain_conf.c | 5 +-
src/conf/domain_conf.h | 1 +
src/qemu/qemu_command.c | 9 +-
src/qemu/qemu_domain_address.c | 1 +
tests/bhyvexml2argvdata/bhyvexml2argv-uefi.args | 11 ++
tests/bhyvexml2argvdata/bhyvexml2argv-uefi.ldargs | 1 +
tests/bhyvexml2argvdata/bhyvexml2argv-uefi.xml | 23 ++++
tests/bhyvexml2argvdata/bhyvexml2argv-vnc.args | 12 ++
tests/bhyvexml2argvdata/bhyvexml2argv-vnc.ldargs | 1 +
tests/bhyvexml2argvdata/bhyvexml2argv-vnc.xml | 26 +++++
tests/bhyvexml2argvtest.c | 18 ++-
tests/domaincapsschemadata/full.xml | 1 +
21 files changed, 394 insertions(+), 38 deletions(-)
create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-uefi.args
create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-uefi.ldargs
create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-uefi.xml
create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-vnc.args
create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-vnc.ldargs
create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-vnc.xml
--
2.11.0
7 years, 9 months
[libvirt] [PATCH] virt-host-validate: add bhyve support
by Roman Bogorodskiy
Add bhyve support to virt-host-validate(1). It checks for the
essential kernel modules to be available so that user can actually
start VMs, have networking and console access.
It uses the kldnext(2)/kldstat(2) routines to retrieve modules list.
As bhyve is only available on FreeBSD and these routines were available
long before bhyve appeared, not adding any specific configure checks
for that.
---
po/POTFILES.in | 1 +
tools/Makefile.am | 1 +
tools/virt-host-validate-bhyve.c | 78 ++++++++++++++++++++++++++++++++++++++++
tools/virt-host-validate-bhyve.h | 27 ++++++++++++++
tools/virt-host-validate.c | 12 +++++++
tools/virt-host-validate.pod | 4 +--
6 files changed, 121 insertions(+), 2 deletions(-)
create mode 100644 tools/virt-host-validate-bhyve.c
create mode 100644 tools/virt-host-validate-bhyve.h
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 9f66697d7..51b5859cb 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -306,6 +306,7 @@ tools/virsh-snapshot.c
tools/virsh-volume.c
tools/virsh.c
tools/virt-admin.c
+tools/virt-host-validate-bhyve.c
tools/virt-host-validate-common.c
tools/virt-host-validate-lxc.c
tools/virt-host-validate-qemu.c
diff --git a/tools/Makefile.am b/tools/Makefile.am
index e6ae15025..a8bd3d1c2 100644
--- a/tools/Makefile.am
+++ b/tools/Makefile.am
@@ -142,6 +142,7 @@ virt_host_validate_SOURCES = \
virt-host-validate-common.c virt-host-validate-common.h \
virt-host-validate-qemu.c virt-host-validate-qemu.h \
virt-host-validate-lxc.c virt-host-validate-lxc.h \
+ virt-host-validate-bhyve.c virt-host-validate-bhyve.h \
$(NULL)
virt_host_validate_LDFLAGS = \
diff --git a/tools/virt-host-validate-bhyve.c b/tools/virt-host-validate-bhyve.c
new file mode 100644
index 000000000..c7bf96f05
--- /dev/null
+++ b/tools/virt-host-validate-bhyve.c
@@ -0,0 +1,78 @@
+/*
+ * virt-host-validate-bhyve.c: Sanity check a bhyve hypervisor host
+ *
+ * Copyright (C) 2017 Roman Bogorodskiy
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include <config.h>
+
+#include <sys/param.h>
+#include <sys/linker.h>
+#include <stdio.h>
+
+#include "virt-host-validate-bhyve.h"
+#include "virt-host-validate-common.h"
+
+#define MODULE_STATUS(mod, err_msg, err_code) \
+ virHostMsgCheck("BHYVE", _("for %s module"), #mod); \
+ if (mod ## _loaded) { \
+ virHostMsgPass(); \
+ } else { \
+ virHostMsgFail(err_code, \
+ _("%s module is not loaded, " err_msg), \
+ #mod); \
+ ret = -1; \
+ } \
+
+#define MODULE_STATUS_FAIL(mod, err_msg) \
+ MODULE_STATUS(mod, err_msg, VIR_HOST_VALIDATE_FAIL)
+
+#define MODULE_STATUS_WARN(mod, err_msg) \
+ MODULE_STATUS(mod, err_msg, VIR_HOST_VALIDATE_WARN)
+
+
+int virHostValidateBhyve(void)
+{
+ int ret = 0;
+ int fileid = 0;
+ struct kld_file_stat stat;
+ bool vmm_loaded = false, if_tap_loaded = false;
+ bool if_bridge_loaded = false, nmdm_loaded = false;
+
+ for (fileid = kldnext(0); fileid > 0; fileid = kldnext(fileid)) {
+ stat.version = sizeof(struct kld_file_stat);
+ if (kldstat(fileid, &stat) < 0)
+ continue;
+
+ if (STREQ(stat.name, "vmm.ko"))
+ vmm_loaded = true;
+ else if (STREQ(stat.name, "if_tap.ko"))
+ if_tap_loaded = true;
+ else if (STREQ(stat.name, "if_bridge.ko"))
+ if_bridge_loaded = true;
+ else if (STREQ(stat.name, "nmdm.ko"))
+ nmdm_loaded = true;
+ }
+
+ MODULE_STATUS_FAIL(vmm, "will not be able to start VMs");
+ MODULE_STATUS_WARN(if_tap, "networking will not work");
+ MODULE_STATUS_WARN(if_bridge, "bridged networking will not work");
+ MODULE_STATUS_WARN(nmdm, "nmdm console will not work");
+
+ return ret;
+}
diff --git a/tools/virt-host-validate-bhyve.h b/tools/virt-host-validate-bhyve.h
new file mode 100644
index 000000000..290d4336f
--- /dev/null
+++ b/tools/virt-host-validate-bhyve.h
@@ -0,0 +1,27 @@
+/*
+ * virt-host-validate-bhyve.h: Sanity check a bhyve hypervisor host
+ *
+ * Copyright (C) 2017 Roman Bogorodskiy
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#ifndef __VIRT_HOST_VALIDATE_BHYVE_H__
+# define __VIRT_HOST_VALIDATE_BHYVE_H__
+
+int virHostValidateBhyve(void);
+
+#endif /* __VIRT_HOST_VALIDATE_BHYVE_H__ */
diff --git a/tools/virt-host-validate.c b/tools/virt-host-validate.c
index f09282412..29d2482b6 100644
--- a/tools/virt-host-validate.c
+++ b/tools/virt-host-validate.c
@@ -36,6 +36,9 @@
#if WITH_LXC
# include "virt-host-validate-lxc.h"
#endif
+#if WITH_BHYVE
+# include "virt-host-validate-bhyve.h"
+#endif
static void
show_help(FILE *out, const char *argv0)
@@ -48,6 +51,7 @@ show_help(FILE *out, const char *argv0)
"\n"
" - qemu\n"
" - lxc\n"
+ " - bhyve\n"
"\n"
" Options:\n"
" -h, --help Display command line help\n"
@@ -130,6 +134,14 @@ main(int argc, char **argv)
}
#endif
+#if WITH_BHYVE
+ if (!hvname || STREQ(hvname, "bhyve")) {
+ usedHvname = true;
+ if (virHostValidateBhyve() < 0)
+ ret = EXIT_FAILURE;
+ }
+#endif
+
if (hvname && !usedHvname) {
fprintf(stderr, _("%s: unsupported hypervisor name %s\n"),
argv[0], hvname);
diff --git a/tools/virt-host-validate.pod b/tools/virt-host-validate.pod
index 84917c83b..910114175 100644
--- a/tools/virt-host-validate.pod
+++ b/tools/virt-host-validate.pod
@@ -12,8 +12,8 @@ This tool validates that the host is configured in a suitable
way to run libvirt hypervisor drivers. If invoked without any
arguments it will check support for all hypervisor drivers it
is aware of. Optionally it can be given a particular hypervisor
-type ('qemu' or 'lxc') to restrict the checks to those relevant
-for that virtualization technology
+type ('qemu', 'lxc' or 'bhyve') to restrict the checks
+to those relevant for that virtualization technology
=head1 OPTIONS
--
2.11.0
7 years, 9 months
[libvirt] [REPOST PATCHv2 0/6] Converge Storage Pool vHBA logic with Node Device
by John Ferlan
Repost to merge in recent changes (thru commit id 'dec6d9df')
v1: http://www.redhat.com/archives/libvir-list/2017-February/msg00963.html
Changes since v1:
NB: Former Patch 1 - was pushed
Patch 1 - Was the old patch 2... Similar for rest of series...
Altered to match the adjusted testNodeDeviceMockCreateVport
from commit 2a862092
Patch 2 - reworked the code to not place the new module in src/util, but
rather in src/conf as storage_adapter_conf.{c,h}. The concepts
didn't change - only the name/location. Removed the changes for
util/virvirscsi.c since virSCSIHostGetNameByParentaddr wouldn't
be allowed to use virStorageAdapterSCSIHostPtr since it's a conf
definition.
Patch 3 - Unchanged, ACK'd in v1
Patch 4 - Unchanged, ACK'd in v1
Patch 5 - Unchanged...
Even though there is concern over usage of API's in this manner
(e.g. calling virNodeDeviceLookupSCSIHostByWWN as well as
virNodeDeviceCreateXML) - the "purpose" of the exercise is
a means to have the StoragePool code use the same algorithms
as the node device code instead of what could be a potentially
long slow journey through the sysfs file system. The key piece
being the replication of the API's that find the parent in the
node device object list. I suppose it would be possible to add
even more API's to get that answer, but I'm not sure it'd be
worthwhile at this point. As for the concern about deadlock -
I understand it, but since the whole purpose of the API is
to essentially utilize the nodedev create algorithm there'd
be no reason for nodedev to call it.
If it doesn't get ACK'd - that's OK - I can hold onto it and
reconsider some other means at some point in time in the future
(probably distant future too).
Patch 6 - Unchanged
The former patch 8 is dropped for now - needs some more "discussion" as
to viability and/or need.
John Ferlan (6):
tests: Add createVHBAByStoragePool-by-parent to fchosttest
conf: Convert virStoragePoolSourceAdapter to virStorageAdapter
util: Rename virFileWaitForDevices
conf: Move/rename createVport and deleteVport
util: Alter virNodeDevice{Create|Delete}Vport to use nodedev APIs
tests: Add more storage pool vHBA tests
po/POTFILES.in | 1 +
src/Makefile.am | 1 +
src/conf/node_device_conf.c | 332 +++++++++++++++++++++++++++++++++
src/conf/node_device_conf.h | 9 +
src/conf/storage_adapter_conf.c | 291 +++++++++++++++++++++++++++++
src/conf/storage_adapter_conf.h | 89 +++++++++
src/conf/storage_conf.c | 333 ++++++++--------------------------
src/conf/storage_conf.h | 35 +---
src/libvirt_private.syms | 20 +-
src/node_device/node_device_driver.c | 2 +-
src/phyp/phyp_driver.c | 3 +-
src/storage/storage_backend_disk.c | 6 +-
src/storage/storage_backend_iscsi.c | 2 +-
src/storage/storage_backend_logical.c | 4 +-
src/storage/storage_backend_mpath.c | 2 +-
src/storage/storage_backend_scsi.c | 267 +++++----------------------
src/storage/storage_util.c | 2 +-
src/test/test_driver.c | 99 +++++++++-
src/util/virfile.h | 2 -
src/util/virutil.c | 4 +-
src/util/virutil.h | 2 +
tests/fchosttest.c | 111 ++++++++++++
22 files changed, 1087 insertions(+), 530 deletions(-)
create mode 100644 src/conf/storage_adapter_conf.c
create mode 100644 src/conf/storage_adapter_conf.h
--
2.9.3
7 years, 9 months
[libvirt] [PATCH for-2.9 v3 0/3] Use non-blacklisted family/model/stepping for Haswell CPU model
by Eduardo Habkost
I plan to merge this bug fix into 2.9.
Changes v2 -> v3:
* Rebase to latest master
* Don't touch max_x86_cpu_initfn() to reduce risk post
hard freeze
Changes v1 -> v2:
* Coding style fixes
* Make series simpler:
* Don't use trick: char vendor[static (CPUID_VENDOR_SZ + 1)]
because it confuses checkpatch.pl
* Removed patch "Add explicit array size to x86_cpu_vendor_words2str()"
* Rebased on top of my x86-next branch:
https://github.com/ehabkost/qemu x86-next
Git branch for testing:
https://github.com/ehabkost/qemu-hacks work/x86-rtm-blacklist
Diff from v1:
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index cd94726e43..647435a1d9 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1431,7 +1431,7 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
void cpu_clear_apic_feature(CPUX86State *env);
void host_cpuid(uint32_t function, uint32_t count,
uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx);
-void host_vendor_fms(char vendor[static (CPUID_VENDOR_SZ + 1)], int *family, int *model, int *stepping);
+void host_vendor_fms(char *vendor, int *family, int *model, int *stepping);
/* helper.c */
int x86_cpu_handle_mmu_fault(CPUState *cpu, vaddr addr,
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 25c6c5e115..eab1ad7935 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -682,7 +682,7 @@ void host_cpuid(uint32_t function, uint32_t count,
*edx = vec[3];
}
-void host_vendor_fms(char vendor[static (CPUID_VENDOR_SZ + 1)], int *family, int *model, int *stepping)
+void host_vendor_fms(char *vendor, int *family, int *model, int *stepping)
{
uint32_t eax, ebx, ecx, edx;
@@ -1570,7 +1570,8 @@ static void host_x86_cpu_class_init(ObjectClass *oc, void *data)
xcc->kvm_required = true;
xcc->ordering = 9;
- host_vendor_fms(host_cpudef.vendor, &host_cpudef.family, &host_cpudef.model, &host_cpudef.stepping);
+ host_vendor_fms(host_cpudef.vendor, &host_cpudef.family,
+ &host_cpudef.model, &host_cpudef.stepping);
cpu_x86_fill_model_id(host_cpudef.model_id);
---
A recent glibc commit[1] added a blacklist to ensure it won't use
TSX on hosts that are known to have a broken TSX implementation.
Our existing Haswell CPU model has a blacklisted
family/model/stepping combination, so it has to be updated to
make sure guests will really use TSX. This is done by patch 5/5.
However, to do this safely we need to ensure the host CPU is not
a blacklisted one, so we won't mislead guests by exposing
known-to-be-good FMS values on a known-to-be-broken host. This is
done by patch 3/5.
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=2702856bf45c82cf8e69f2...
---
Cc: dgilbert(a)redhat.com
Cc: fweimer(a)redhat.com
Cc: carlos(a)redhat.com
Cc: triegel(a)redhat.com
Cc: berrange(a)redhat.com
Cc: jdenemar(a)redhat.com
Cc: pbonzini(a)redhat.com
Eduardo Habkost (3):
i386: host_vendor_fms() helper function
i386/kvm: Blacklist TSX on known broken hosts
i386: Change stepping of Haswell to non-blacklisted value
include/hw/i386/pc.h | 5 +++++
target/i386/cpu.h | 1 +
target/i386/cpu.c | 21 ++++++++++++++++++++-
target/i386/kvm.c | 17 +++++++++++++++++
4 files changed, 43 insertions(+), 1 deletion(-)
--
2.11.0.259.g40922b1
7 years, 9 months
[libvirt] [PATCH v3] Document preferred naming conventions
by Daniel P. Berrange
This documents the preferred conventions for naming files,
structs, enums, typedefs and functions.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
Changed in v3:
- Clarify function naming wrt verb & subject
- Simplify macro naming, since in practice libvirt code doesn't follow any
rules consistently aside from having a VIR_ prefix.
HACKING | 80 ++++++++++++++++++++++++++++++++++++++++++++
docs/hacking.html.in | 93 ++++++++++++++++++++++++++++++++++++++++++++++++++++
docs/hacking2.xsl | 4 +++
3 files changed, 177 insertions(+)
diff --git a/HACKING b/HACKING
index fff003b..2c65985 100644
--- a/HACKING
+++ b/HACKING
@@ -239,6 +239,86 @@ on the subject, on Richard Jones' guide to working with open source projects
<http://people.redhat.com/rjones/how-to-supply-code-to-open-source-projects/>.
+Naming conventions
+==================
+When reading libvirt code, a number of different naming conventions will be
+evident due to various changes in thinking over the course of the project's
+lifetime. The conventions documented below should be followed when creating
+any entirely new files in libvirt. When working on existing files, while it is
+desirable to apply these conventions, keeping a consistent style with existing
+code in that particular file is generally more important. The overall guiding
+principal is that every file, enum, struct, function, macro and typedef name
+must have a 'vir' or 'VIR' prefix. All local scope variable names are exempt,
+and global variables are exempt, unless exported in a header file.
+
+*File names*
+
+File naming varies depending on the subdirectory. The preferred style is to
+have a 'vir' prefix, followed by a name which matches the name of the
+functions / objects inside the file. For example, a file containing an object
+'virHashtable' is stored in files 'virhashtable.c' and 'virhashtable.h'.
+Sometimes, methods which would otherwise be declared 'static' need to be
+exported for use by a test suite. For this purpose a second header file should
+be added with a suffix of 'priv'. e.g. 'virhashtablepriv.h'. Use of
+underscores in file names is discouraged when using the 'vir' prefix style.
+The 'vir' prefix naming applies to src/util, src/rpc and tests/ directories.
+Most other directories do not follow this convention.
+
+
+
+*Enum type & field names*
+
+All enums should have a 'vir' prefix in their typedef name, and each following
+word should have its first letter in uppercase. The enum name should match the
+typedef name with a leading underscore. The enum member names should be in all
+uppercase, and use an underscore to separate each word. The enum member name
+prefix should match the enum typedef name.
+
+ typedef enum _virSocketType virSocketType;
+ enum _virSocketType {
+ VIR_SOCKET_TYPE_IPV4,
+ VIR_SOCKET_TYPE_IPV6,
+ };
+
+
+*Struct type names*
+
+All structs should have a 'vir' prefix in their typedef name, and each
+following word should have its first letter in uppercase. The struct name
+should be the same as the typedef name with a leading underscore. A second
+typedef should be given for a pointer to the struct with a 'Ptr' suffix.
+
+ typedef struct _virHashTable virHashTable;
+ typedef virHashTable *virHashTablePtr;
+ struct _virHashTable {
+ ...
+ };
+
+
+*Function names*
+
+All functions should have a 'vir' prefix in their name, followed by one or
+more words with first letter of each word capitalized. Underscores should not
+be used in function names. If the function is operating on an object, then the
+function name prefix should match the object typedef name, otherwise it should
+match the filename. Following this comes the verb / action name, and finally
+an optional subject name. For example, given an object 'virHashTable', all
+functions should have a name 'virHashTable$VERB' or
+'virHashTable$VERB$SUBJECT". e.g. 'virHashTableLookup' or
+'virHashTableGetValue'.
+
+
+
+*Macro names*
+
+All macros should have a "VIR" prefix in their name, followed by one or more
+uppercase words separated by underscores. The macro argument names should be
+in lowercase. Aside from having a "VIR" prefix there are no common practices
+for the rest of the macro name.
+
+
+
+
Code indentation
================
Libvirt's C source code generally adheres to some basic code-formatting
diff --git a/docs/hacking.html.in b/docs/hacking.html.in
index b1bb149..d904c3a 100644
--- a/docs/hacking.html.in
+++ b/docs/hacking.html.in
@@ -314,6 +314,99 @@
Richard Jones' guide to working with open source projects</a>.
</p>
+ <h2><a name="naming">Naming conventions</a></h2>
+
+ <p>
+ When reading libvirt code, a number of different naming conventions will
+ be evident due to various changes in thinking over the course of the
+ project's lifetime. The conventions documented below should be followed
+ when creating any entirely new files in libvirt. When working on existing
+ files, while it is desirable to apply these conventions, keeping a
+ consistent style with existing code in that particular file is generally
+ more important. The overall guiding principal is that every file, enum,
+ struct, function, macro and typedef name must have a 'vir' or 'VIR' prefix.
+ All local scope variable names are exempt, and global variables are exempt,
+ unless exported in a header file.
+ </p>
+
+ <dl>
+ <dt>File names</dt>
+ <dd>
+ <p>
+ File naming varies depending on the subdirectory. The preferred
+ style is to have a 'vir' prefix, followed by a name which matches
+ the name of the functions / objects inside the file. For example,
+ a file containing an object 'virHashtable' is stored in files
+ 'virhashtable.c' and 'virhashtable.h'. Sometimes, methods which
+ would otherwise be declared 'static' need to be exported for use
+ by a test suite. For this purpose a second header file should be
+ added with a suffix of 'priv'. e.g. 'virhashtablepriv.h'. Use of
+ underscores in file names is discouraged when using the 'vir'
+ prefix style. The 'vir' prefix naming applies to src/util,
+ src/rpc and tests/ directories. Most other directories do not
+ follow this convention.
+ </p>
+ </dd>
+ <dt>Enum type & field names</dt>
+ <dd>
+ <p>
+ All enums should have a 'vir' prefix in their typedef name,
+ and each following word should have its first letter in
+ uppercase. The enum name should match the typedef name with
+ a leading underscore. The enum member names should be in all
+ uppercase, and use an underscore to separate each word. The
+ enum member name prefix should match the enum typedef name.
+ </p>
+ <pre>
+ typedef enum _virSocketType virSocketType;
+ enum _virSocketType {
+ VIR_SOCKET_TYPE_IPV4,
+ VIR_SOCKET_TYPE_IPV6,
+ };</pre>
+ </dd>
+ <dt>Struct type names</dt>
+ <dd>
+ <p>
+ All structs should have a 'vir' prefix in their typedef name,
+ and each following word should have its first letter in
+ uppercase. The struct name should be the same as the typedef
+ name with a leading underscore. A second typedef should be
+ given for a pointer to the struct with a 'Ptr' suffix.
+ </p>
+ <pre>
+ typedef struct _virHashTable virHashTable;
+ typedef virHashTable *virHashTablePtr;
+ struct _virHashTable {
+ ...
+ };</pre>
+ </dd>
+ <dt>Function names</dt>
+ <dd>
+ <p>
+ All functions should have a 'vir' prefix in their name,
+ followed by one or more words with first letter of each
+ word capitalized. Underscores should not be used in function
+ names. If the function is operating on an object, then the
+ function name prefix should match the object typedef name,
+ otherwise it should match the filename. Following this
+ comes the verb / action name, and finally an optional
+ subject name. For example, given an object 'virHashTable',
+ all functions should have a name 'virHashTable$VERB' or
+ 'virHashTable$VERB$SUBJECT". e.g. 'virHashTableLookup'
+ or 'virHashTableGetValue'.
+ </p>
+ </dd>
+ <dt>Macro names</dt>
+ <dd>
+ <p>
+ All macros should have a "VIR" prefix in their name, followed
+ by one or more uppercase words separated by underscores. The
+ macro argument names should be in lowercase. Aside from having
+ a "VIR" prefix there are no common practices for the rest of
+ the macro name.
+ </p>
+ </dd>
+ </dl>
<h2><a name="indent">Code indentation</a></h2>
<p>
diff --git a/docs/hacking2.xsl b/docs/hacking2.xsl
index 3595b7e..7e5ac82 100644
--- a/docs/hacking2.xsl
+++ b/docs/hacking2.xsl
@@ -114,6 +114,10 @@ from docs/hacking.html.in!
<xsl:template match="html:li/html:ul/html:li">-- <xsl:apply-templates/><xsl:value-of select="$newline"/><xsl:value-of select="$newline"/>
</xsl:template>
+<xsl:template match="html:dl/html:dt">*<xsl:apply-templates/>*<xsl:value-of select="$newline"/><xsl:value-of select="$newline"/>
+</xsl:template>
+<xsl:template match="html:dl/html:dd"><xsl:apply-templates/><xsl:value-of select="$newline"/><xsl:value-of select="$newline"/>
+</xsl:template>
<!-- add newline before nested <ul> -->
--
2.9.3
7 years, 9 months