libvirt/src/libvirt_private.syms

3540 lines
82 KiB
Plaintext
Raw Normal View History

#
# General private symbols. Add symbols here, and see Makefile.am for
# more details.
#
# Keep this file sorted by header name, then by symbols with each header.
#
# access/viraccessmanager.h
virAccessManagerCheckConnect;
virAccessManagerCheckDomain;
virAccessManagerCheckInterface;
virAccessManagerCheckNetwork;
virAccessManagerCheckNodeDevice;
virAccessManagerCheckNWFilter;
virAccessManagerCheckSecret;
virAccessManagerCheckStoragePool;
virAccessManagerCheckStorageVol;
virAccessManagerGetDefault;
virAccessManagerNew;
virAccessManagerNewStack;
virAccessManagerSetDefault;
# access/viraccessperm.h
virAccessPermConnectTypeFromString;
virAccessPermConnectTypeToString;
virAccessPermDomainTypeFromString;
virAccessPermDomainTypeToString;
virAccessPermInterfaceTypeFromString;
virAccessPermInterfaceTypeToString;
virAccessPermNetworkTypeFromString;
virAccessPermNetworkTypeToString;
virAccessPermNodeDeviceTypeFromString;
virAccessPermNodeDeviceTypeToString;
virAccessPermNWFilterTypeFromString;
virAccessPermNWFilterTypeToString;
virAccessPermSecretTypeFromString;
virAccessPermSecretTypeToString;
virAccessPermStoragePoolTypeFromString;
virAccessPermStoragePoolTypeToString;
virAccessPermStorageVolTypeFromString;
virAccessPermStorageVolTypeToString;
# conf/backup_conf.h
virDomainBackupAlignDisks;
virDomainBackupDefFormat;
virDomainBackupDefFree;
virDomainBackupDefParseNode;
virDomainBackupDefParseString;
# conf/capabilities.h
virCapabilitiesAddGuest;
virCapabilitiesAddGuestDomain;
virCapabilitiesAddGuestFeature;
virCapabilitiesAddGuestFeatureWithToggle;
virCapabilitiesAddHostFeature;
virCapabilitiesAddHostMigrateTransport;
virCapabilitiesAddStoragePool;
virCapabilitiesAllocMachines;
virCapabilitiesClearHostNUMACellCPUTopology;
virCapabilitiesDomainDataLookup;
virCapabilitiesDomainSupported;
virCapabilitiesFormatXML;
virCapabilitiesFreeGuest;
virCapabilitiesFreeMachines;
virCapabilitiesGetNodeInfo;
virCapabilitiesHostInitIOMMU;
virCapabilitiesHostNUMAAddCell;
virCapabilitiesHostNUMAGetCpus;
virCapabilitiesHostNUMANew;
virCapabilitiesHostNUMANewHost;
virCapabilitiesHostNUMARef;
virCapabilitiesHostNUMAUnref;
virCapabilitiesHostSecModelAddBaseLabel;
virCapabilitiesInitCaches;
virCapabilitiesInitPages;
virCapabilitiesNew;
virCapabilitiesSetNetPrefix;
backup: Parse and output checkpoint XML Add a new file checkpoint_conf.c that performs the translation to and from new XML describing a checkpoint. The code shares a common base class with snapshots, since a checkpoint similarly represents the domain state at a moment in time. Add some basic testing of round trip XML handling through the new code. Of note - this code intentionally differs from snapshots in that XML schema validation is unconditional, rather than based on a public API flag. We have many existing interfaces that still need to add a flag for opt-in schema validation, but those interfaces have existing clients that may not have been producing strictly-compliant XML, or we may still uncover bugs where our RNG grammar is inconsistent with our code (where omitting the opt-in flag allows existing apps to keep working while waiting for an RNG patch). But since checkpoints are brand-new, it's easier to ensure the code matches the schema by always using the schema. If needed, a later patch could extend the API and add a flag to turn on to request schema validation, rather than having it forced (possibly just the validation of the <domain> sub-element during REDEFINE) - but if a user encounters XML that looks like it should be good but fails to validate with our RNG schema, they would either have to upgrade to a new libvirt that adds the new flag, or upgrade to a new libvirt that fixes the RNG schema, which implies adding such a flag won't help much. Also, the redefine flag requires the <domain> sub-element to be present, rather than catering to historical back-compat to older versions. Signed-off-by: Eric Blake <eblake@redhat.com>
2018-07-08 02:01:14 +00:00
# conf/checkpoint_conf.h
virDomainCheckpointAlignDisks;
virDomainCheckpointDefFormat;
virDomainCheckpointDefNew;
virDomainCheckpointDefParseString;
virDomainCheckpointFormatConvertXMLFlags;
virDomainCheckpointRedefinePrep;
backup: Parse and output checkpoint XML Add a new file checkpoint_conf.c that performs the translation to and from new XML describing a checkpoint. The code shares a common base class with snapshots, since a checkpoint similarly represents the domain state at a moment in time. Add some basic testing of round trip XML handling through the new code. Of note - this code intentionally differs from snapshots in that XML schema validation is unconditional, rather than based on a public API flag. We have many existing interfaces that still need to add a flag for opt-in schema validation, but those interfaces have existing clients that may not have been producing strictly-compliant XML, or we may still uncover bugs where our RNG grammar is inconsistent with our code (where omitting the opt-in flag allows existing apps to keep working while waiting for an RNG patch). But since checkpoints are brand-new, it's easier to ensure the code matches the schema by always using the schema. If needed, a later patch could extend the API and add a flag to turn on to request schema validation, rather than having it forced (possibly just the validation of the <domain> sub-element during REDEFINE) - but if a user encounters XML that looks like it should be good but fails to validate with our RNG schema, they would either have to upgrade to a new libvirt that adds the new flag, or upgrade to a new libvirt that fixes the RNG schema, which implies adding such a flag won't help much. Also, the redefine flag requires the <domain> sub-element to be present, rather than catering to historical back-compat to older versions. Signed-off-by: Eric Blake <eblake@redhat.com>
2018-07-08 02:01:14 +00:00
virDomainCheckpointTypeFromString;
virDomainCheckpointTypeToString;
# conf/cpu_conf.h
virCPUCacheModeTypeFromString;
virCPUCacheModeTypeToString;
virCPUDefAddFeature;
virCPUDefCheckFeatures;
virCPUDefCopy;
virCPUDefCopyModel;
virCPUDefCopyModelFilter;
virCPUDefCopyWithoutModel;
virCPUDefFilterFeatures;
virCPUDefFindFeature;
virCPUDefFormat;
virCPUDefFormatBuf;
virCPUDefFormatBufFull;
virCPUDefFree;
virCPUDefFreeFeatures;
virCPUDefFreeModel;
virCPUDefIsEqual;
virCPUDefListFree;
virCPUDefListParse;
virCPUDefNew;
virCPUDefParseXML;
virCPUDefParseXMLString;
virCPUDefRef;
virCPUDefStealModel;
virCPUDefUpdateFeature;
virCPUModeTypeToString;
# conf/device_conf.h
virDeviceInfoPCIAddressExtensionIsPresent;
virDeviceInfoPCIAddressExtensionIsWanted;
virDeviceInfoPCIAddressIsPresent;
virDeviceInfoPCIAddressIsWanted;
virDomainDeviceAddressIsValid;
virDomainDeviceAddressTypeToString;
virDomainDeviceCcidAddressParseXML;
virDomainDeviceCCWAddressIsValid;
virDomainDeviceCCWAddressParseXML;
virDomainDeviceDriveAddressParseXML;
virDomainDeviceInfoAddressIsEqual;
virDomainDeviceSpaprVioAddressParseXML;
virDomainDeviceUSBAddressParseXML;
virDomainDeviceVirtioSerialAddressParseXML;
virInterfaceLinkFormat;
virInterfaceLinkParseXML;
virPCIDeviceAddressFormat;
virPCIDeviceAddressParseXML;
# conf/domain_addr.h
virDomainCCWAddressAssign;
virDomainCCWAddressSetCreateFromDomain;
virDomainCCWAddressSetFree;
virDomainPCIAddressBusIsFullyReserved;
virDomainPCIAddressBusSetModel;
virDomainPCIAddressEnsureAddr;
virDomainPCIAddressExtensionReleaseAddr;
virDomainPCIAddressExtensionReserveAddr;
virDomainPCIAddressExtensionReserveNextAddr;
virDomainPCIAddressReleaseAddr;
virDomainPCIAddressReserveAddr;
virDomainPCIAddressReserveNextAddr;
virDomainPCIAddressSetAllMulti;
virDomainPCIAddressSetAlloc;
virDomainPCIAddressSetFree;
virDomainPCIAddressSlotInUse;
virDomainPCIAddressValidate;
virDomainPCIControllerModelToConnectType;
virDomainUSBAddressAssign;
virDomainUSBAddressCountAllPorts;
virDomainUSBAddressEnsure;
virDomainUSBAddressPortFormatBuf;
virDomainUSBAddressPortIsValid;
virDomainUSBAddressPresent;
virDomainUSBAddressRelease;
virDomainUSBAddressReserve;
virDomainUSBAddressSetAddControllers;
virDomainUSBAddressSetAddHub;
virDomainUSBAddressSetCreate;
virDomainUSBAddressSetFree;
virDomainVirtioSerialAddrAutoAssign;
virDomainVirtioSerialAddrAutoAssignFromCache;
virDomainVirtioSerialAddrIsComplete;
virDomainVirtioSerialAddrSetCreateFromDomain;
virDomainVirtioSerialAddrSetFree;
# conf/domain_audit.h
virDomainAuditCgroup;
virDomainAuditCgroupMajor;
virDomainAuditCgroupPath;
virDomainAuditChardev;
virDomainAuditDisk;
virDomainAuditFS;
virDomainAuditHostdev;
virDomainAuditInit;
virDomainAuditInput;
virDomainAuditIOThread;
virDomainAuditMemory;
virDomainAuditNet;
virDomainAuditNetDevice;
virDomainAuditRedirdev;
virDomainAuditRNG;
virDomainAuditSecurityLabel;
virDomainAuditShmem;
virDomainAuditStart;
virDomainAuditStop;
virDomainAuditVcpu;
# conf/domain_capabilities.h
virDomainCapsCPUModelsAdd;
virDomainCapsCPUModelsCopy;
virDomainCapsCPUModelsGet;
virDomainCapsCPUModelsNew;
virDomainCapsCPUUsableTypeFromString;
virDomainCapsCPUUsableTypeToString;
virDomainCapsDeviceDefValidate;
virDomainCapsEnumClear;
virDomainCapsEnumSet;
virDomainCapsFormat;
virDomainCapsNew;
virSEVCapabilitiesFree;
# conf/domain_conf.h
virBlkioDeviceArrayClear;
virDiskNameParse;
virDiskNameToBusDeviceIndex;
virDiskNameToIndex;
virDomainActualNetDefFree;
conf: add hypervisor agnostic, domain start-time, validation function for NetDef <interface> devices (virDomainNetDef) are a bit different from other types of devices in that their actual type may come from a network (in the form of a port connection), and that doesn't happen until the domain is started. This means that any validation of an <interface> at parse time needs to be a bit liberal in what it accepts - when type='network', you could think that something is/isn't allowed, but once the domain is started and a port is created by the configured network, the opposite might be true. To solve this problem hypervisor drivers need to do an extra validation step when the domain is being started. I recently (commit 3cff23f7, libvirt 5.7.0) added a function to peform such validation for all interfaces to the QEMU driver - qemuDomainValidateActualNetDef() - but while that function is a good single point to call for the multiple places that need to "start" an interface (domain startup, device hotplug, device update), it can't be called by the other hypervisor drivers, since 1) it's in the QEMU driver, and 2) it contains some checks specific to QEMU. For validation that applies to network devices on *all* hypervisors, we need yet another interface validation function that can be called by any hypervisor driver (not just QEMU) right after its network port has been created during domain startup or hotplug. This patch adds that function - virDomainActualNetDefValidate(), in the conf directory, and calls it in appropriate places in the QEMU, lxc, and libxl drivers. This new function is the place to put all network device validation that 1) is hypervisor agnostic, and 2) can't be done until we know the "actual type" of an interface. There is no framework for validation at domain startup as there is for post-parse validation, but I don't want to create a whole elaborate system that will only be used by one type of device. For that reason, I just made a single function that should be called directly from the hypervisors, when they are initializing interfaces to start a domain, right after conditionally allocating the network port (and regardless of whether or not that was actually needed). In the case of the QEMU driver, qemuDomainValidateActualNetDef() is already called in all the appropriate places, so we can just call the new function from there. In the case of the other hypervisors, we search for virDomainNetAllocateActualDevice() (which is the hypervisor-agnostic function that calls virNetworkPortCreateXML()), and add the call to our new function right after that. The new function itself could be plunked down into many places in the code, but we already have 3 validation functions for network devices in 2 different places (not counting any basic validation done in virDomainNetDefParseXML() itself): 1) post-parse hypervisor-agnostic (virDomainNetDefValidate() - domain_conf.c:6145) 2) post-parse hypervisor-specific (qemuDomainDeviceDefValidateNetwork() - qemu_domain.c:5498) 3) domain-start hypervisor-specific (qemuDomainValidateActualNetDef() - qemu_domain.c:5390) I placed (3) right next to (2) when I added it, specifically to avoid spreading validation all over the code. For the same reason, I decided to put this new function right next to (1) - this way if someone needs to add validation specific to qemu, they go to one location, and if they need to add validation applying to everyone, they go to the other. It looks a bit strange to have a public function in between a bunch of statics, but I think it's better than the alternative of further fragmentation. (I'm open to other ideas though, of course.) Signed-off-by: Laine Stump <laine@redhat.com> Reviewed-by: Cole Robinson <crobinso@redhat.com>
2019-10-18 19:48:13 +00:00
virDomainActualNetDefValidate;
virDomainBlockedReasonTypeFromString;
virDomainBlockedReasonTypeToString;
virDomainBlockIoTuneInfoCopy;
virDomainBlockIoTuneInfoEqual;
virDomainBlockIoTuneInfoHasAny;
virDomainBlockIoTuneInfoHasBasic;
virDomainBlockIoTuneInfoHasMax;
virDomainBlockIoTuneInfoHasMaxLength;
virDomainBootTypeFromString;
virDomainBootTypeToString;
virDomainCapabilitiesPolicyTypeToString;
virDomainCFPCTypeFromString;
virDomainCFPCTypeToString;
virDomainChrConsoleTargetTypeFromString;
virDomainChrConsoleTargetTypeToString;
virDomainChrDefForeach;
virDomainChrDefFree;
virDomainChrDefNew;
virDomainChrDeviceTypeToString;
virDomainChrEquals;
virDomainChrFind;
virDomainChrGetDomainPtrs;
virDomainChrInsertPreAlloced;
virDomainChrPreAlloc;
virDomainChrRemove;
virDomainChrSerialTargetModelTypeFromString;
virDomainChrSerialTargetModelTypeToString;
virDomainChrSerialTargetTypeFromString;
virDomainChrSerialTargetTypeToString;
virDomainChrSourceDefClear;
virDomainChrSourceDefCopy;
virDomainChrSourceDefGetPath;
virDomainChrSourceDefNew;
virDomainChrSpicevmcTypeFromString;
virDomainChrSpicevmcTypeToString;
virDomainChrTcpProtocolTypeFromString;
virDomainChrTcpProtocolTypeToString;
virDomainChrTypeFromString;
virDomainChrTypeToString;
virDomainClockBasisTypeToString;
virDomainClockOffsetTypeFromString;
virDomainClockOffsetTypeToString;
virDomainConfigFile;
virDomainControllerAliasFind;
virDomainControllerDefFree;
virDomainControllerDefNew;
virDomainControllerFind;
virDomainControllerFindByType;
virDomainControllerFindUnusedIndex;
virDomainControllerInsert;
virDomainControllerInsertPreAlloced;
virDomainControllerIsPSeriesPHB;
virDomainControllerModelIDETypeFromString;
virDomainControllerModelIDETypeToString;
qemu: set/validate slot/connection type when assigning slots for PCI devices Since PCI bridges, PCIe bridges, PCIe switches, and PCIe root ports all share the same namespace, they are all defined as controllers of type='pci' in libvirt (but with a differing model attribute). Each of these controllers has a certain connection type upstream, allows certain connection types downstream, and each can either allow a single downstream connection at slot 0, or connections from slot 1 - 31. Right now, we only support the pci-root and pci-bridge devices, both of which only allow PCI devices to connect, and both which have usable slots 1 - 31. In preparation for adding other types of controllers that have different capabilities, this patch 1) adds info to the qemuDomainPCIAddressBus object to indicate the capabilities, 2) sets those capabilities appropriately for pci-root and pci-bridge devices, and 3) validates that the controller being connected to is the proper type when allocating slots or validating that a user-selected slot is appropriate for a device.. Having this infrastructure in place will make it much easier to add support for the other PCI controller types. While it would be possible to do all the necessary checking by just storing the controller model in the qemyuDomainPCIAddressBus, it greatly simplifies all the validation code to also keep a "flags", "minSlot" and "maxSlot" for each - that way we can just check those attributes rather than requiring a nearly identical switch statement everywhere we need to validate compatibility. You may notice many places where the flags are seemingly hard-coded to QEMU_PCI_CONNECT_HOTPLUGGABLE | QEMU_PCI_CONNECT_TYPE_PCI This is currently the correct value for all PCI devices, and in the future will be the default, with small bits of code added to change to the flags for the few devices which are the exceptions to this rule. Finally, there are a few places with "FIXME" comments. Note that these aren't indicating places that are broken according to the currently supported devices, they are places that will need fixing when support for new PCI controller models is added. To assure that there was no regression in the auto-allocation of PCI addresses or auto-creation of integrated pci-root, ide, and usb controllers, a new test case (pci-bridge-many-disks) has been added to both the qemuxml2argv and qemuxml2xml tests. This new test defines a domain with several dozen virtio disks but no pci-root or pci-bridges. The .args file of the new test case was created using libvirt sources from before this patch, and the test still passes after this patch has been applied.
2013-07-15 00:09:44 +00:00
virDomainControllerModelPCITypeToString;
virDomainControllerModelSCSITypeFromString;
virDomainControllerModelSCSITypeToString;
virDomainControllerModelUSBTypeFromString;
virDomainControllerModelUSBTypeToString;
conf: add new <model> subelement with name attribute to <controller> This new subelement is used in PCI controllers: the toplevel *attribute* "model" of a controller denotes what kind of PCI controller is being described, e.g. a "dmi-to-pci-bridge", "pci-bridge", or "pci-root". But in the future there will be different implementations of some of those types of PCI controllers, which behave similarly from libvirt's point of view (and so should have the same model), but use a different device in qemu (and present themselves as a different piece of hardware in the guest). In an ideal world we (i.e. "I") would have thought of that back when the pci controllers were added, and used some sort of type/class/model notation (where class was used in the way we are now using model, and model was used for the actual manufacturer's model number of a particular family of PCI controller), but that opportunity is long past, so as an alternative, this patch allows selecting a particular implementation of a pci controller with the "name" attribute of the <model> subelement, e.g.: <controller type='pci' model='dmi-to-pci-bridge' index='1'> <model name='i82801b11-bridge'/> </controller> In this case, "dmi-to-pci-bridge" is the kind of controller (one that has a single PCIe port upstream, and 32 standard PCI ports downstream, which are not hotpluggable), and the qemu device to be used to implement this kind of controller is named "i82801b11-bridge". Implementing the above now will allow us in the future to add a new kind of dmi-to-pci-bridge that doesn't use qemu's i82801b11-bridge device, but instead uses something else (which doesn't yet exist, but qemu people have been discussing it), all without breaking existing configs. (note that for the existing "pci-bridge" type of PCI controller, both the model attribute and <model> name are 'pci-bridge'. This is just a coincidence, since it turns out that in this case the device name in qemu really is a generic 'pci-bridge' rather than being the name of some real-world chip)
2015-06-25 17:30:23 +00:00
virDomainControllerPCIModelNameTypeFromString;
virDomainControllerPCIModelNameTypeToString;
virDomainControllerRemove;
virDomainControllerTypeToString;
virDomainCpuPlacementModeTypeFromString;
virDomainCpuPlacementModeTypeToString;
virDomainDefAddController;
virDomainDefAddImplicitDevices;
virDomainDefAddUSBController;
virDomainDefCheckABIStability;
virDomainDefCheckABIStabilityFlags;
virDomainDefCompatibleDevice;
virDomainDefCopy;
virDomainDefFindDevice;
virDomainDefFormat;
virDomainDefFormatConvertXMLFlags;
virDomainDefFormatInternal;
virDomainDefFree;
virDomainDefGetDefaultEmulator;
virDomainDefGetMemoryInitial;
virDomainDefGetMemoryTotal;
virDomainDefGetOnlineVcpumap;
virDomainDefGetSecurityLabelDef;
virDomainDefGetShortName;
virDomainDefGetVcpu;
virDomainDefGetVcpuPinInfoHelper;
virDomainDefGetVcpus;
virDomainDefGetVcpusMax;
virDomainDefGetVcpusTopology;
virDomainDefHasDeviceAddress;
virDomainDefHasManagedPR;
virDomainDefHasMdevHostdev;
virDomainDefHasMemballoon;
virDomainDefHasMemoryHotplug;
virDomainDefHasNVMeDisk;
virDomainDefHasOldStyleROUEFI;
virDomainDefHasOldStyleUEFI;
virDomainDefHasUSB;
virDomainDefHasVcpusOffline;
virDomainDefHasVFIOHostdev;
virDomainDefLifecycleActionAllowed;
virDomainDefMaybeAddController;
virDomainDefMaybeAddInput;
virDomainDefNeedsPlacementAdvice;
virDomainDefNew;
virDomainDefParseFile;
virDomainDefParseNode;
virDomainDefParseString;
virDomainDefPostParse;
virDomainDefSave;
virDomainDefSetMemoryTotal;
virDomainDefSetVcpus;
virDomainDefSetVcpusMax;
virDomainDefValidate;
virDomainDefVcpuOrderClear;
virDomainDeleteConfig;
virDomainDeviceAliasIsUserAlias;
virDomainDeviceDefCopy;
virDomainDeviceDefFree;
virDomainDeviceDefParse;
virDomainDeviceFindSCSIController;
virDomainDeviceGetInfo;
virDomainDeviceInfoIterate;
virDomainDeviceSetData;
virDomainDeviceTypeToString;
virDomainDeviceValidateAliasForHotplug;
virDomainDiskBackingStoreFormat;
virDomainDiskBackingStoreParse;
virDomainDiskBusTypeToString;
virDomainDiskByAddress;
virDomainDiskByName;
virDomainDiskByTarget;
virDomainDiskCacheTypeFromString;
virDomainDiskCacheTypeToString;
virDomainDiskDefAssignAddress;
virDomainDiskDefCheckDuplicateInfo;
virDomainDiskDefFree;
virDomainDiskDefNew;
virDomainDiskDefParse;
virDomainDiskDetectZeroesTypeFromString;
virDomainDiskDetectZeroesTypeToString;
virDomainDiskDeviceTypeToString;
virDomainDiskDiscardTypeToString;
virDomainDiskEmptySource;
virDomainDiskErrorPolicyTypeFromString;
virDomainDiskErrorPolicyTypeToString;
virDomainDiskGeometryTransTypeFromString;
virDomainDiskGeometryTransTypeToString;
virDomainDiskGetDetectZeroesMode;
virDomainDiskGetDriver;
virDomainDiskGetFormat;
virDomainDiskGetSource;
virDomainDiskGetType;
virDomainDiskIndexByAddress;
virDomainDiskIndexByName;
virDomainDiskInsert;
virDomainDiskInsertPreAlloced;
virDomainDiskIoTypeFromString;
virDomainDiskIoTypeToString;
virDomainDiskMirrorStateTypeFromString;
virDomainDiskMirrorStateTypeToString;
virDomainDiskModelTypeFromString;
virDomainDiskModelTypeToString;
virDomainDiskRemove;
virDomainDiskRemoveByName;
virDomainDiskSetBlockIOTune;
virDomainDiskSetDriver;
virDomainDiskSetFormat;
virDomainDiskSetSource;
virDomainDiskSetType;
virDomainDiskSourceFormat;
virDomainDiskTranslateSourcePool;
virDomainFeatureTypeFromString;
virDomainFeatureTypeToString;
virDomainFSCacheModeTypeToString;
virDomainFSDefFree;
virDomainFSDefNew;
virDomainFSDriverTypeToString;
virDomainFSIndexByName;
virDomainFSInsert;
virDomainFSRemove;
virDomainFSTypeFromString;
virDomainFSTypeToString;
virDomainFSWrpolicyTypeFromString;
virDomainFSWrpolicyTypeToString;
virDomainGetBlkioParametersAssignFromDef;
virDomainGetFilesystemForTarget;
virDomainGraphicsAuthConnectedTypeFromString;
virDomainGraphicsAuthConnectedTypeToString;
virDomainGraphicsDefFree;
virDomainGraphicsDefHasOpenGL;
virDomainGraphicsGetListen;
virDomainGraphicsGetRenderNode;
virDomainGraphicsListenAppendAddress;
virDomainGraphicsListenAppendSocket;
virDomainGraphicsNeedsAutoRenderNode;
virDomainGraphicsSpiceChannelModeTypeFromString;
virDomainGraphicsSpiceChannelModeTypeToString;
virDomainGraphicsSpiceChannelNameTypeFromString;
virDomainGraphicsSpiceChannelNameTypeToString;
virDomainGraphicsSpiceImageCompressionTypeFromString;
virDomainGraphicsSpiceImageCompressionTypeToString;
virDomainGraphicsSpiceJpegCompressionTypeFromString;
virDomainGraphicsSpiceJpegCompressionTypeToString;
virDomainGraphicsSpiceMouseModeTypeFromString;
virDomainGraphicsSpiceMouseModeTypeToString;
virDomainGraphicsSpiceStreamingModeTypeFromString;
virDomainGraphicsSpiceStreamingModeTypeToString;
virDomainGraphicsSpiceZlibCompressionTypeFromString;
virDomainGraphicsSpiceZlibCompressionTypeToString;
virDomainGraphicsSupportsRenderNode;
virDomainGraphicsTypeFromString;
virDomainGraphicsTypeToString;
virDomainGraphicsVNCSharePolicyTypeFromString;
virDomainGraphicsVNCSharePolicyTypeToString;
virDomainHasNet;
virDomainHostdevCapsTypeToString;
virDomainHostdevDefClear;
2009-04-24 12:19:00 +00:00
virDomainHostdevDefFree;
virDomainHostdevDefNew;
virDomainHostdevFind;
virDomainHostdevInsert;
virDomainHostdevModeTypeToString;
virDomainHostdevRemove;
virDomainHostdevSubsysPCIBackendTypeToString;
virDomainHostdevSubsysSCSIVHostModelTypeFromString;
virDomainHostdevSubsysSCSIVHostModelTypeToString;
virDomainHostdevSubsysTypeToString;
virDomainHPTResizingTypeToString;
virDomainHubTypeFromString;
virDomainHubTypeToString;
virDomainHypervTypeFromString;
virDomainHypervTypeToString;
virDomainIBSTypeFromString;
virDomainIBSTypeToString;
virDomainInputBusTypeToString;
virDomainInputDefFind;
virDomainInputDefFree;
virDomainInputDefGetPath;
virDomainInputTypeToString;
virDomainIOMMUModelTypeFromString;
virDomainIOMMUModelTypeToString;
virDomainIOThreadIDAdd;
virDomainIOThreadIDDefFree;
virDomainIOThreadIDDel;
virDomainIOThreadIDFind;
virDomainKeyWrapCipherNameTypeFromString;
virDomainKeyWrapCipherNameTypeToString;
virDomainLeaseDefFree;
virDomainLeaseIndex;
virDomainLeaseInsert;
virDomainLeaseInsertPreAlloc;
virDomainLeaseInsertPreAlloced;
virDomainLeaseRemove;
virDomainLeaseRemoveAt;
virDomainLifecycleActionTypeFromString;
virDomainLifecycleActionTypeToString;
virDomainLoaderDefFree;
virDomainLoaderTypeFromString;
virDomainLoaderTypeToString;
virDomainLockFailureTypeFromString;
virDomainLockFailureTypeToString;
virDomainMemballoonModelTypeFromString;
virDomainMemballoonModelTypeToString;
virDomainMemoryDefFree;
virDomainMemoryFindByDef;
virDomainMemoryFindInactiveByDef;
virDomainMemoryInsert;
virDomainMemoryModelTypeToString;
virDomainMemoryRemove;
virDomainMemorySourceTypeFromString;
virDomainMemorySourceTypeToString;
virDomainNetAllocateActualDevice;
virDomainNetAppendIPAddress;
virDomainNetARPInterfaces;
virDomainNetBandwidthUpdate;
virDomainNetDefActualFromNetworkPort;
virDomainNetDefActualToNetworkPort;
virDomainNetDefClear;
virDomainNetDefFormat;
virDomainNetDefFree;
virDomainNetDefNew;
virDomainNetDefToNetworkPort;
virDomainNetDHCPInterfaces;
virDomainNetFind;
virDomainNetFindByName;
qemu: fix attach/detach of netdevs with matching mac addrs This resolves: https://bugzilla.redhat.com/show_bug.cgi?id=862515 which describes inconsistencies in dealing with duplicate mac addresses on network devices in a domain. (at any rate, it resolves *almost* everything, and prints out an informative error message for the one problem that isn't solved, but has a workaround.) A synopsis of the problems: 1) you can't do a persistent attach-interface of a device with a mac address that matches an existing device. 2) you *can* do a live attach-interface of such a device. 3) you *can* directly edit a domain and put in two devices with matching mac addresses. 4) When running virsh detach-device (live or config), only MAC address is checked when matching the device to remove, so the first device with the desired mac address will be removed. This isn't always the one that's wanted. 5) when running virsh detach-interface (live or config), the only two items that can be specified to match against are mac address and model type (virtio, etc) - if multiple netdevs match both of those attributes, it again just finds the first one added and assumes that is the only match. Since it is completely valid to have multiple network devices with the same MAC address (although it can cause problems in many cases, there *are* valid use cases), what is needed is: 1) remove the restriction that prohibits doing a persistent add of a netdev with a duplicate mac address. 2) enhance the backend of virDomainDetachDeviceFlags to check for something that *is* guaranteed unique (but still work with just mac address, as long as it yields only a single results. This patch does three things: 1) removes the check for duplicate mac address during a persistent netdev attach. 2) unifies the searching for both live and config detach of netdevices in the subordinate functions of qemuDomainModifyDeviceFlags() to use the new function virDomainNetFindIdx (which matches mac address and PCI address if available, checking for duplicates if only mac address was specified). This function returns -2 if multiple matches are found, allowing the callers to print out an appropriate message. Steps 1 & 2 are enough to fully fix the problem when using virsh attach-device and detach-device (which require an XML description of the device rather than a bunch of commandline args) 3) modifies the virsh detach-interface command to check for multiple matches of mac address and show an error message suggesting use of the detach-device command in cases where there are multiple matching mac addresses. Later we should decide how we want to input a PCI address on the virsh commandline, and enhance detach-interface to take a --address option, eliminating the need to use detach-device * src/conf/domain_conf.c * src/conf/domain_conf.h * src/libvirt_private.syms * added new virDomainNetFindIdx function * removed now unused virDomainNetIndexByMac and virDomainNetRemoveByMac * src/qemu/qemu_driver.c * remove check for duplicate max from qemuDomainAttachDeviceConfig * use virDomainNetFindIdx/virDomainNetRemove instead of virDomainNetRemoveByMac in qemuDomainDetachDeviceConfig * use virDomainNetFindIdx instead of virDomainIndexByMac in qemuDomainUpdateDeviceConfig * src/qemu/qemu_hotplug.c * use virDomainNetFindIdx instead of a homespun loop in qemuDomainDetachNetDevice. * tools/virsh-domain.c: modified detach-interface command as described above
2012-10-25 20:03:35 +00:00
virDomainNetFindIdx;
virDomainNetGenerateMAC;
virDomainNetGetActualBandwidth;
virDomainNetGetActualBridgeMACTableManager;
virDomainNetGetActualBridgeName;
virDomainNetGetActualDirectDev;
virDomainNetGetActualDirectMode;
conf: parse/format type='hostdev' network interfaces This is the new interface type that sets up an SR-IOV PCI network device to be assigned to the guest with PCI passthrough after initializing some network device-specific things from the config (e.g. MAC address, virtualport profile parameters). Here is an example of the syntax: <interface type='hostdev' managed='yes'> <source> <address type='pci' domain='0' bus='0' slot='4' function='3'/> </source> <mac address='00:11:22:33:44:55'/> <address type='pci' domain='0' bus='0' slot='7' function='0'/> </interface> This would assign the PCI card from bus 0 slot 4 function 3 on the host, to bus 0 slot 7 function 0 on the guest, but would first set the MAC address of the card to 00:11:22:33:44:55. NB: The parser and formatter don't care if the PCI card being specified is a standard single function network adapter, or a virtual function (VF) of an SR-IOV capable network adapter, but the upcoming code that implements the back end of this config will work *only* with SR-IOV VFs. This is because modifying the mac address of a standard network adapter prior to assigning it to a guest is pointless - part of the device reset that occurs during that process will reset the MAC address to the value programmed into the card's firmware. Although it's not supported by any of libvirt's hypervisor drivers, usb network hostdevs are also supported in the parser and formatter for completeness and consistency. <source> syntax is identical to that for plain <hostdev> devices, except that the <address> element should have "type='usb'" added if bus/device are specified: <interface type='hostdev'> <source> <address type='usb' bus='0' device='4'/> </source> <mac address='00:11:22:33:44:55'/> </interface> If the vendor/product form of usb specification is used, type='usb' is implied: <interface type='hostdev'> <source> <vendor id='0x0012'/> <product id='0x24dd'/> </source> <mac address='00:11:22:33:44:55'/> </interface> Again, the upcoming patch to fill in the backend of this functionality will log an error and fail with "Unsupported Config" if you actually try to assign a USB network adapter to a guest using <interface type='hostdev'> - just use a standard <hostdev> entry in that case (and also for single-port PCI adapters).
2012-02-15 17:37:15 +00:00
virDomainNetGetActualHostdev;
virDomainNetGetActualPortOptionsIsolated;
virDomainNetGetActualTrustGuestRxFilters;
virDomainNetGetActualType;
virDomainNetGetActualVirtPortProfile;
conf: add <vlan> element to network and domain interface elements The following config elements now support a <vlan> subelements: within a domain: <interface>, and the <actual> subelement of <interface> within a network: the toplevel, as well as any <portgroup> Each vlan element must have one or more <tag id='n'/> subelements. If there is more than one tag, it is assumed that vlan trunking is being requested. If trunking is required with only a single tag, the attribute "trunk='yes'" should be added to the toplevel <vlan> element. Some examples: <interface type='hostdev'/> <vlan> <tag id='42'/> </vlan> <mac address='52:54:00:12:34:56'/> ... </interface> <network> <name>vlan-net</name> <vlan trunk='yes'> <tag id='30'/> </vlan> <virtualport type='openvswitch'/> </network> <interface type='network'/> <source network='vlan-net'/> ... </interface> <network> <name>trunk-vlan</name> <vlan> <tag id='42'/> <tag id='43'/> </vlan> ... </network> <network> <name>multi</name> ... <portgroup name='production'/> <vlan> <tag id='42'/> </vlan> </portgroup> <portgroup name='test'/> <vlan> <tag id='666'/> </vlan> </portgroup> </network> <interface type='network'/> <source network='multi' portgroup='test'/> ... </interface> IMPORTANT NOTE: As of this patch there is no backend support for the vlan element for *any* network device type. When support is added in later patches, it will only be for those select network types that support setting up a vlan on the host side, without the guest's involvement. (For example, it will be possible to configure a vlan for a guest connected to an openvswitch bridge, but it won't be possible to do that for one that is connected to a standard Linux host bridge.)
2012-08-12 07:51:30 +00:00
virDomainNetGetActualVlan;
virDomainNetGetModelString;
virDomainNetInsert;
virDomainNetIsVirtioModel;
virDomainNetModelTypeFromString;
virDomainNetModelTypeToString;
virDomainNetNotifyActualDevice;
virDomainNetReleaseActualDevice;
virDomainNetRemove;
virDomainNetRemoveHostdev;
virDomainNetResolveActualType;
virDomainNetSetModelString;
virDomainNetTypeFromString;
virDomainNetTypeSharesHostView;
virDomainNetTypeToString;
virDomainNetUpdate;
virDomainNostateReasonTypeFromString;
virDomainNostateReasonTypeToString;
virDomainObjAssignDef;
virDomainObjBroadcast;
virDomainObjCheckActive;
virDomainObjCopyPersistentDef;
virDomainObjEndAPI;
virDomainObjFormat;
virDomainObjGetDefs;
virDomainObjGetMetadata;
virDomainObjGetOneDef;
virDomainObjGetOneDefState;
virDomainObjGetPersistentDef;
virDomainObjGetState;
virDomainObjNew;
virDomainObjParseFile;
virDomainObjParseNode;
virDomainObjRemoveTransientDef;
virDomainObjSave;
virDomainObjSetDefTransient;
virDomainObjSetMetadata;
virDomainObjSetState;
virDomainObjTaint;
virDomainObjUpdateModificationImpact;
virDomainObjWait;
virDomainObjWaitUntil;
virDomainOsDefFirmwareTypeFromString;
virDomainOsDefFirmwareTypeToString;
virDomainOSTypeFromString;
virDomainOSTypeToString;
virDomainParseMemory;
virDomainPausedReasonTypeFromString;
virDomainPausedReasonTypeToString;
virDomainPMSuspendedReasonTypeFromString;
virDomainPMSuspendedReasonTypeToString;
virDomainProcessCapsFeatureTypeToString;
virDomainRedirdevBusTypeFromString;
virDomainRedirdevBusTypeToString;
virDomainRedirdevDefFind;
virDomainRedirdevDefFree;
virDomainRedirdevDefRemove;
virDomainRNGBackendTypeToString;
virDomainRNGDefFree;
virDomainRNGFind;
virDomainRNGModelTypeToString;
virDomainRNGRemove;
virDomainRunningReasonTypeFromString;
virDomainRunningReasonTypeToString;
virDomainSBBCTypeFromString;
virDomainSBBCTypeToString;
virDomainSCSIDriveAddressIsUsed;
virDomainSeclabelTypeFromString;
virDomainSeclabelTypeToString;
virDomainShmemDefEquals;
virDomainShmemDefFind;
virDomainShmemDefFree;
virDomainShmemDefInsert;
virDomainShmemDefRemove;
virDomainShmemModelTypeFromString;
virDomainShmemModelTypeToString;
virDomainShutdownReasonTypeFromString;
virDomainShutdownReasonTypeToString;
virDomainShutoffReasonTypeFromString;
virDomainShutoffReasonTypeToString;
virDomainSmartcardDefForeach;
virDomainSmartcardDefFree;
virDomainSmartcardTypeFromString;
virDomainSmartcardTypeToString;
virDomainSmbiosModeTypeFromString;
virDomainSmbiosModeTypeToString;
virDomainSoundDefFind;
virDomainSoundDefFree;
virDomainSoundDefRemove;
virDomainSoundModelTypeFromString;
virDomainSoundModelTypeToString;
virDomainStartupPolicyTypeFromString;
virDomainStartupPolicyTypeToString;
virDomainStateReasonFromString;
virDomainStateReasonToString;
virDomainStateTypeFromString;
virDomainStateTypeToString;
virDomainStorageNetworkParseHost;
virDomainStorageSourceParse;
virDomainStorageSourceParseBase;
virDomainTaintTypeFromString;
virDomainTaintTypeToString;
virDomainTimerModeTypeFromString;
virDomainTimerModeTypeToString;
virDomainTimerNameTypeFromString;
virDomainTimerNameTypeToString;
virDomainTimerTickpolicyTypeFromString;
virDomainTimerTickpolicyTypeToString;
virDomainTimerTrackTypeFromString;
virDomainTimerTrackTypeToString;
virDomainTPMBackendTypeFromString;
virDomainTPMBackendTypeToString;
virDomainTPMDefFree;
virDomainTPMModelTypeFromString;
virDomainTPMModelTypeToString;
virDomainUSBDeviceDefForeach;
virDomainVideoDefaultRAM;
virDomainVideoDefClear;
virDomainVideoDefFree;
virDomainVideoDefNew;
virDomainVideoTypeFromString;
virDomainVideoTypeToString;
virDomainVideoVGAConfTypeFromString;
virDomainVideoVGAConfTypeToString;
virDomainVirtTypeFromString;
virDomainVirtTypeToString;
virDomainVsockDefEquals;
virDomainVsockDefFree;
virDomainVsockDefNew;
virDomainWatchdogActionTypeFromString;
virDomainWatchdogActionTypeToString;
virDomainWatchdogDefFree;
virDomainWatchdogModelTypeFromString;
virDomainWatchdogModelTypeToString;
virDomainXenPassthroughModeTypeFromString;
virDomainXenPassthroughModeTypeToString;
virDomainXMLOptionGetNamespace;
virDomainXMLOptionGetSaveCookie;
virDomainXMLOptionNew;
virDomainXMLOptionSetMomentPostParse;
# conf/domain_event.h
virDomainEventAgentLifecycleNewFromDom;
virDomainEventAgentLifecycleNewFromObj;
virDomainEventBalloonChangeNewFromDom;
virDomainEventBalloonChangeNewFromObj;
blockjob: use stable disk string in job event When the block job event was first added, it was for block pull, where the active layer of the disk remains the same name. It was also in a day where we only cared about local files, and so we always had a canonical absolute file name. But two things have changed since then: we now have network disks, where determining a single absolute string does not really make sense; and we have two-phase jobs (copy and active commit) where the name of the active layer changes between the first event (ready, on the old name) and second (complete, on the pivoted name). Adam Litke reported that having an unstable string between events makes life harder for clients. Furthermore, all of our API that operate on a particular disk of a domain accept multiple strings: not only the absolute name of the active layer, but also the destination device name (such as 'vda'). As this latter name is stable, even for network sources, it serves as a better string to supply in block job events. But backwards-compatibility demands that we should not change the name handed to users unless they explicitly request it. Therefore, this patch adds a new event, BLOCK_JOB_2 (alas, I couldn't think of any nicer name - but at least Migrate2 and Migrate3 are precedent for a number suffix). We must double up on emitting both old-style and new-style events according to what clients have registered for (see also how IOError and IOErrorReason emits double events, but there the difference was a larger struct rather than changed meaning of one of the struct members). Unfortunately, adding a new event isn't something that can easily be broken into pieces, so the commit is rather large. * include/libvirt/libvirt.h.in (virDomainEventID): Add a new id for VIR_DOMAIN_EVENT_ID_BLOCK_JOB_2. (virConnectDomainEventBlockJobCallback): Document new semantics. * src/conf/domain_event.c (_virDomainEventBlockJob): Rename field, to ensure we catch all clients. (virDomainEventBlockJobNew): Add parameter. (virDomainEventBlockJobDispose) (virDomainEventBlockJobNewFromObj) (virDomainEventBlockJobNewFromDom) (virDomainEventDispatchDefaultFunc): Adjust clients. (virDomainEventBlockJob2NewFromObj) (virDomainEventBlockJob2NewFromDom): New functions. * src/conf/domain_event.h: Add new prototypes. * src/libvirt_private.syms (domain_event.h): Export new functions. * src/qemu/qemu_driver.c (qemuDomainBlockJobImpl): Generate two different events. * src/qemu/qemu_process.c (qemuProcessHandleBlockJob): Likewise. * src/remote/remote_protocol.x (remote_domain_event_block_job_2_msg): New struct. (REMOTE_PROC_DOMAIN_EVENT_BLOCK_JOB_2): New RPC. * src/remote/remote_driver.c (remoteDomainBuildEventBlockJob2): New handler. (remoteEvents): Register new event. * daemon/remote.c (remoteRelayDomainEventBlockJob2): New handler. (domainEventCallbacks): Register new event. * tools/virsh-domain.c (vshEventCallbacks): Likewise. (vshEventBlockJobPrint): Adjust client. * src/remote_protocol-structs: Regenerate. Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-14 13:18:04 +00:00
virDomainEventBlockJob2NewFromDom;
virDomainEventBlockJob2NewFromObj;
virDomainEventBlockJobNewFromDom;
virDomainEventBlockJobNewFromObj;
virDomainEventBlockThresholdNewFromDom;
virDomainEventBlockThresholdNewFromObj;
virDomainEventControlErrorNewFromDom;
virDomainEventControlErrorNewFromObj;
virDomainEventDeviceAddedNewFromDom;
virDomainEventDeviceAddedNewFromObj;
virDomainEventDeviceRemovalFailedNewFromDom;
virDomainEventDeviceRemovalFailedNewFromObj;
virDomainEventDeviceRemovedNewFromDom;
virDomainEventDeviceRemovedNewFromObj;
virDomainEventDiskChangeNewFromDom;
virDomainEventDiskChangeNewFromObj;
virDomainEventGraphicsNewFromDom;
virDomainEventGraphicsNewFromObj;
virDomainEventIOErrorNewFromDom;
virDomainEventIOErrorNewFromObj;
virDomainEventIOErrorReasonNewFromDom;
virDomainEventIOErrorReasonNewFromObj;
virDomainEventJobCompletedNewFromDom;
virDomainEventJobCompletedNewFromObj;
virDomainEventLifecycleNew;
virDomainEventLifecycleNewFromDef;
virDomainEventLifecycleNewFromDom;
virDomainEventLifecycleNewFromObj;
virDomainEventMetadataChangeNewFromDom;
virDomainEventMetadataChangeNewFromObj;
virDomainEventMigrationIterationNewFromDom;
virDomainEventMigrationIterationNewFromObj;
virDomainEventPMSuspendDiskNewFromDom;
virDomainEventPMSuspendDiskNewFromObj;
virDomainEventPMSuspendNewFromDom;
virDomainEventPMSuspendNewFromObj;
virDomainEventPMWakeupNewFromDom;
virDomainEventPMWakeupNewFromObj;
virDomainEventRebootNew;
virDomainEventRebootNewFromDom;
virDomainEventRebootNewFromObj;
virDomainEventRTCChangeNewFromDom;
virDomainEventRTCChangeNewFromObj;
virDomainEventStateDeregister;
virDomainEventStateRegister;
virDomainEventStateRegisterID;
virDomainEventTrayChangeNewFromDom;
virDomainEventTrayChangeNewFromObj;
virDomainEventTunableNewFromDom;
virDomainEventTunableNewFromObj;
virDomainEventWatchdogNewFromDom;
virDomainEventWatchdogNewFromObj;
virDomainQemuMonitorEventNew;
virDomainQemuMonitorEventStateRegisterID;
virHostdevIsMdevDevice;
virHostdevIsSCSIDevice;
virHostdevIsVFIODevice;
# conf/domain_nwfilter.h
virDomainConfNWFilterInstantiate;
virDomainConfNWFilterTeardown;
virDomainConfVMNWFilterTeardown;
# conf/interface_conf.h
virInterfaceDefFormat;
virInterfaceDefFree;
virInterfaceDefParseFile;
virInterfaceDefParseNode;
virInterfaceDefParseString;
# conf/netdev_bandwidth_conf.h
virDomainClearNetBandwidth;
virNetDevBandwidthFormat;
virNetDevBandwidthHasFloor;
virNetDevBandwidthParse;
virNetDevBandwidthSupportsFloor;
virNetDevSupportsBandwidth;
# conf/netdev_vlan_conf.h
conf: add <vlan> element to network and domain interface elements The following config elements now support a <vlan> subelements: within a domain: <interface>, and the <actual> subelement of <interface> within a network: the toplevel, as well as any <portgroup> Each vlan element must have one or more <tag id='n'/> subelements. If there is more than one tag, it is assumed that vlan trunking is being requested. If trunking is required with only a single tag, the attribute "trunk='yes'" should be added to the toplevel <vlan> element. Some examples: <interface type='hostdev'/> <vlan> <tag id='42'/> </vlan> <mac address='52:54:00:12:34:56'/> ... </interface> <network> <name>vlan-net</name> <vlan trunk='yes'> <tag id='30'/> </vlan> <virtualport type='openvswitch'/> </network> <interface type='network'/> <source network='vlan-net'/> ... </interface> <network> <name>trunk-vlan</name> <vlan> <tag id='42'/> <tag id='43'/> </vlan> ... </network> <network> <name>multi</name> ... <portgroup name='production'/> <vlan> <tag id='42'/> </vlan> </portgroup> <portgroup name='test'/> <vlan> <tag id='666'/> </vlan> </portgroup> </network> <interface type='network'/> <source network='multi' portgroup='test'/> ... </interface> IMPORTANT NOTE: As of this patch there is no backend support for the vlan element for *any* network device type. When support is added in later patches, it will only be for those select network types that support setting up a vlan on the host side, without the guest's involvement. (For example, it will be possible to configure a vlan for a guest connected to an openvswitch bridge, but it won't be possible to do that for one that is connected to a standard Linux host bridge.)
2012-08-12 07:51:30 +00:00
virNetDevVlanFormat;
virNetDevVlanParse;
# conf/netdev_vport_profile_conf.h
virNetDevVPortProfileFormat;
virNetDevVPortProfileParse;
virNetDevVPortTypeFromString;
virNetDevVPortTypeToString;
# conf/network_conf.h
conf: new network bridge device attribute macTableManager The macTableManager attribute of a network's bridge subelement tells libvirt how the bridge's MAC address table (used to determine the egress port for packets) is managed. In the default mode, "kernel", management is left to the kernel, which usually determines entries in part by turning on promiscuous mode on all ports of the bridge, flooding packets to all ports when the correct destination is unknown, and adding/removing entries to the fdb as it sees incoming traffic from particular MAC addresses. In "libvirt" mode, libvirt turns off learning and flooding on all the bridge ports connected to guest domain interfaces, and adds/removes entries according to the MAC addresses in the domain interface configurations. A side effect of turning off learning and unicast_flood on the ports of a bridge is that (with Linux kernel 3.17 and newer), the kernel can automatically turn off promiscuous mode on one or more of the bridge's ports (usually only the one interface that is used to connect the bridge to the physical network). The result is better performance (because packets aren't being flooded to all ports, and can be dropped earlier when they are of no interest) and slightly better security (a guest can still send out packets with a spoofed source MAC address, but will only receive traffic intended for the guest interface's configured MAC address). The attribute looks like this in the configuration: <network> <name>test</name> <bridge name='br0' macTableManager='libvirt'/> ... This patch only adds the config knob, documentation, and test cases. The functionality behind this knob is added in later patches.
2014-11-20 17:40:33 +00:00
virNetworkBridgeMACTableManagerTypeFromString;
virNetworkBridgeMACTableManagerTypeToString;
virNetworkConfigFile;
virNetworkDefCopy;
virNetworkDefFormat;
virNetworkDefFormatBuf;
virNetworkDefForwardIf;
virNetworkDefFree;
virNetworkDefGetIPByIndex;
virNetworkDefGetRouteByIndex;
virNetworkDefParseFile;
virNetworkDefParseNode;
virNetworkDefParseString;
virNetworkDefParseXML;
virNetworkDefUpdateSection;
virNetworkDHCPLeaseTimeUnitTypeFromString;
virNetworkDHCPLeaseTimeUnitTypeToString;
virNetworkForwardTypeToString;
virNetworkIPDefNetmask;
virNetworkIPDefPrefix;
virNetworkSaveConfig;
Give each virtual network bridge its own fixed MAC address This fixes https://bugzilla.redhat.com/show_bug.cgi?id=609463 The problem was that, since a bridge always acquires the MAC address of the connected interface with the numerically lowest MAC, as guests are started and stopped, it was possible for the MAC address to change over time, and this change in the network was being detected by Windows 7 (it sees the MAC of the default route change), so on each reboot it would bring up a dialog box asking about this "new network". The solution is to create a dummy tap interface with a MAC guaranteed to be lower than any guest interface's MAC, and attach that tap to the bridge as soon as it's created. Since all guest MAC addresses start with 0xFE, we can just generate a MAC with the standard "0x52, 0x54, 0" prefix, and it's guaranteed to always win (physical interfaces are never connected to these bridges, so we don't need to worry about competing numerically with them). Note that the dummy tap is never set to IFF_UP state - that's not necessary in order for the bridge to take its MAC, and not setting it to UP eliminates the clutter of having an (eg) "virbr0-nic" displayed in the output of the ifconfig command. I chose to not auto-generate the MAC address in the network XML parser, as there are likely to be consumers of that API that don't need or want to have a MAC address associated with the bridge. Instead, in bridge_driver.c when the network is being defined, if there is no MAC, one is generated. To account for virtual network configs that already exist when upgrading from an older version of libvirt, I've added a %post script to the specfile that searches for all network definitions in both the config directory (/etc/libvirt/qemu/networks) and the state directory (/var/lib/libvirt/network) that are missing a mac address, generates a random address, and adds it to the config (and a matching address to the state file, if there is one). docs/formatnetwork.html.in: document <mac address.../> docs/schemas/network.rng: add nac address to schema libvirt.spec.in: %post script to update existing networks src/conf/network_conf.[ch]: parse and format <mac address.../> src/libvirt_private.syms: export a couple private symbols we need src/network/bridge_driver.c: auto-generate mac address when needed, create dummy interface if mac address is present. tests/networkxml2xmlin/isolated-network.xml tests/networkxml2xmlin/routed-network.xml tests/networkxml2xmlout/isolated-network.xml tests/networkxml2xmlout/routed-network.xml: add mac address to some tests
2011-02-09 08:28:12 +00:00
virNetworkSetBridgeMacAddr;
virNetworkTaintTypeFromString;
virNetworkTaintTypeToString;
virNetworkXMLOptionNew;
conf: support abstracted interface info in network XML The network XML is updated in the following ways: 1) The <forward> element can now contain a list of forward interfaces: <forward .... > <interface dev='eth10'/> <interface dev='eth11'/> <interface dev='eth12'/> <interface dev='eth13'/> </forward> The first of these takes the place of the dev attribute that is normally in <forward> - when defining a network you can specify either one, and on output both will be present. If you specify both on input, they must match. 2) In addition to forward modes of 'nat' and 'route', these new modes are supported: private, passthrough, vepa - when this network is referenced by a domain's interface, it will have the same effect as if the interface had been defined as type='direct', e.g.: <interface type='direct'> <source mode='${mode}' dev='${dev}> ... </interface> where ${mode} is one of the three new modes, and ${dev} is an interface selected from the list given in <forward>. bridge - if a <forward> dev (or multiple devs) is defined, and forward mode is 'bridge' this is just like the modes 'private', 'passthrough', and 'vepa' above. If there is no forward dev specified but a bridge name is given (e.g. "<bridge name='br0'/>"), then guest interfaces using this network will use libvirt's "host bridge" mode, equivalent to this: <interface type='bridge'> <source bridge='${bridge-name}'/> ... </interface> 3) A network can have multiple <portgroup> elements, which may be selected by the guest interface definition (by adding "portgroup='${name}'" in the <source> element along with the network name). Currently a portgroup can only contain a virtportprofile, but the intent is that other configuration items may be put there int the future (e.g. bandwidth config). When building a guest's interface, if the <interface> XML itself has no virtportprofile, and if the requested network has a portgroup with a name matching the name given in the <interface> (or if one of the network's portgroups is marked with the "default='yes'" attribute), the virtportprofile from that portgroup will be used by the interface. 4) A network can have a virtportprofile defined at the top level, which will be used by a guest interface when connecting in one of the 'direct' modes if the guest interface XML itself hasn't specified any virtportprofile, and if there are also no matching portgroups on the network.
2011-07-20 03:01:09 +00:00
virPortGroupFindByName;
# conf/network_event.h
virNetworkEventLifecycleNew;
virNetworkEventStateRegisterID;
# conf/networkcommon_conf.h
virNetDevIPRouteCreate;
virNetDevIPRouteFormat;
virNetDevIPRouteParseXML;
# conf/node_device_conf.h
virNodeDevCapsDefFree;
virNodeDevCapTypeFromString;
virNodeDevCapTypeToString;
virNodeDeviceCapsListExport;
virNodeDeviceDefFormat;
virNodeDeviceDefFree;
virNodeDeviceDefParseFile;
virNodeDeviceDefParseNode;
virNodeDeviceDefParseString;
virNodeDeviceGetPCIDynamicCaps;
virNodeDeviceGetSCSIHostCaps;
virNodeDeviceGetSCSITargetCaps;
virNodeDeviceGetWWNs;
virNodeDeviceUpdateCaps;
# conf/node_device_event.h
virNodeDeviceEventLifecycleNew;
virNodeDeviceEventStateRegisterID;
virNodeDeviceEventUpdateNew;
# conf/node_device_util.h
virNodeDeviceCreateVport;
virNodeDeviceDeleteVport;
virNodeDeviceGetParentName;
# conf/numa_conf.h
virDomainCacheAssociativityTypeFromString;
virDomainCacheAssociativityTypeToString;
virDomainCachePolicyTypeFromString;
virDomainCachePolicyTypeToString;
virDomainMemoryAccessTypeFromString;
virDomainMemoryAccessTypeToString;
virDomainMemoryLatencyTypeFromString;
virDomainMemoryLatencyTypeToString;
virDomainNumaCheckABIStability;
virDomainNumaEquals;
virDomainNumaFillCPUsInNode;
virDomainNumaFree;
virDomainNumaGetCPUCountTotal;
virDomainNumaGetInterconnect;
virDomainNumaGetInterconnectsCount;
virDomainNumaGetMaxCPUID;
virDomainNumaGetMemorySize;
virDomainNumaGetNodeCache;
virDomainNumaGetNodeCacheCount;
virDomainNumaGetNodeCount;
virDomainNumaGetNodeCpumask;
virDomainNumaGetNodeDiscard;
xenconfig: add domxml conversions for xen-xl This patch converts NUMA configurations between the Xen libxl configuration file format and libvirt's XML format. XML HVM domain on a 4 node (2 cores/socket) configuration: <cpu> <numa> <cell id='0' cpus='0-1' memory='2097152' unit='KiB'> <distances> <sibling id='0' value='10'/> <sibling id='1' value='21'/> <sibling id='2' value='31'/> <sibling id='3' value='21'/> </distances> </cell> <cell id='1' cpus='2-3' memory='2097152' unit='KiB'> <distances> <sibling id='0' value='21'/> <sibling id='1' value='10'/> <sibling id='2' value='21'/> <sibling id='3' value='31'/> </distances> </cell> <cell id='2' cpus='3-4' memory='2097152' unit='KiB'> <distances> <sibling id='0' value='31'/> <sibling id='1' value='21'/> <sibling id='2' value='10'/> <sibling id='3' value='21'/> </distances> </cell> <cell id='3' cpus='5-6' memory='2097152' unit='KiB'> <distances> <sibling id='0' value='21'/> <sibling id='1' value='31'/> <sibling id='2' value='21'/> <sibling id='3' value='10'/> </distances> </cell> </numa> </cpu> Xen xl.cfg domain configuration: vnuma = [["pnode=0","size=2048","vcpus=0-1","vdistances=10,21,31,21"], ["pnode=1","size=2048","vcpus=2-3","vdistances=21,10,21,31"], ["pnode=2","size=2048","vcpus=4-5","vdistances=31,21,10,21"], ["pnode=3","size=2048","vcpus=6-7","vdistances=21,31,21,10"]] If there is no XML <distances> description amongst the <cell> data the conversion schema from xml to native will generate 10 for local and 20 for all remote instances. Signed-off-by: Wim ten Have <wim.ten.have@oracle.com> Reviewed-by: Jim Fehlig <jfehlig@suse.com> Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2017-11-02 15:47:21 +00:00
virDomainNumaGetNodeDistance;
virDomainNumaGetNodeInitiator;
virDomainNumaGetNodeMemoryAccessMode;
virDomainNumaGetNodeMemorySize;
virDomainNumaHasHMAT;
virDomainNumaNew;
virDomainNumaNodeDistanceIsUsingDefaults;
virDomainNumaNodesDistancesAreBeingSet;
xenconfig: add domxml conversions for xen-xl This patch converts NUMA configurations between the Xen libxl configuration file format and libvirt's XML format. XML HVM domain on a 4 node (2 cores/socket) configuration: <cpu> <numa> <cell id='0' cpus='0-1' memory='2097152' unit='KiB'> <distances> <sibling id='0' value='10'/> <sibling id='1' value='21'/> <sibling id='2' value='31'/> <sibling id='3' value='21'/> </distances> </cell> <cell id='1' cpus='2-3' memory='2097152' unit='KiB'> <distances> <sibling id='0' value='21'/> <sibling id='1' value='10'/> <sibling id='2' value='21'/> <sibling id='3' value='31'/> </distances> </cell> <cell id='2' cpus='3-4' memory='2097152' unit='KiB'> <distances> <sibling id='0' value='31'/> <sibling id='1' value='21'/> <sibling id='2' value='10'/> <sibling id='3' value='21'/> </distances> </cell> <cell id='3' cpus='5-6' memory='2097152' unit='KiB'> <distances> <sibling id='0' value='21'/> <sibling id='1' value='31'/> <sibling id='2' value='21'/> <sibling id='3' value='10'/> </distances> </cell> </numa> </cpu> Xen xl.cfg domain configuration: vnuma = [["pnode=0","size=2048","vcpus=0-1","vdistances=10,21,31,21"], ["pnode=1","size=2048","vcpus=2-3","vdistances=21,10,21,31"], ["pnode=2","size=2048","vcpus=4-5","vdistances=31,21,10,21"], ["pnode=3","size=2048","vcpus=6-7","vdistances=21,31,21,10"]] If there is no XML <distances> description amongst the <cell> data the conversion schema from xml to native will generate 10 for local and 20 for all remote instances. Signed-off-by: Wim ten Have <wim.ten.have@oracle.com> Reviewed-by: Jim Fehlig <jfehlig@suse.com> Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2017-11-02 15:47:21 +00:00
virDomainNumaSetNodeCount;
virDomainNumaSetNodeCpumask;
virDomainNumaSetNodeDistance;
virDomainNumaSetNodeDistanceCount;
virDomainNumaSetNodeMemorySize;
virDomainNumatuneFormatNodeset;
virDomainNumatuneFormatXML;
virDomainNumatuneGetMode;
virDomainNumatuneGetNodeset;
virDomainNumatuneHasPerNodeBinding;
virDomainNumatuneHasPlacementAuto;
virDomainNumatuneMaybeFormatNodeset;
virDomainNumatuneMaybeGetNodeset;
virDomainNumatuneMemModeTypeFromString;
virDomainNumatuneMemModeTypeToString;
virDomainNumatuneNodesetIsAvailable;
virDomainNumatuneNodeSpecified;
virDomainNumatuneParseXML;
virDomainNumatunePlacementTypeFromString;
virDomainNumatunePlacementTypeToString;
virDomainNumatuneSet;
virDomainNumatuneSpecifiedMaxNode;
# conf/nwfilter_conf.h
virNWFilterChainSuffixTypeToString;
virNWFilterConfLayerInit;
virNWFilterConfLayerShutdown;
virNWFilterDefFormat;
virNWFilterDefFree;
virNWFilterDefParseFile;
virNWFilterDefParseString;
virNWFilterDeleteDef;
virNWFilterJumpTargetTypeToString;
virNWFilterPrintStateMatchFlags;
virNWFilterPrintTCPFlags;
Push nwfilter update locking up to top level The NWFilter code has as a deadlock race condition between the virNWFilter{Define,Undefine} APIs and starting of guest VMs due to mis-matched lock ordering. In the virNWFilter{Define,Undefine} codepaths the lock ordering is 1. nwfilter driver lock 2. virt driver lock 3. nwfilter update lock 4. domain object lock In the VM guest startup paths the lock ordering is 1. virt driver lock 2. domain object lock 3. nwfilter update lock As can be seen the domain object and nwfilter update locks are not acquired in a consistent order. The fix used is to push the nwfilter update lock upto the top level resulting in a lock ordering for virNWFilter{Define,Undefine} of 1. nwfilter driver lock 2. nwfilter update lock 3. virt driver lock 4. domain object lock and VM start using 1. nwfilter update lock 2. virt driver lock 3. domain object lock This has the effect of serializing VM startup once again, even if no nwfilters are applied to the guest. There is also the possibility of deadlock due to a call graph loop via virNWFilterInstantiate and virNWFilterInstantiateFilterLate. These two problems mean the lock must be turned into a read/write lock instead of a plain mutex at the same time. The lock is used to serialize changes to the "driver->nwfilters" hash, so the write lock only needs to be held by the define/undefine methods. All other methods can rely on a read lock which allows good concurrency. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-01-22 17:28:29 +00:00
virNWFilterReadLockFilterUpdates;
virNWFilterRuleActionTypeToString;
virNWFilterRuleDirectionTypeToString;
virNWFilterRuleIsProtocolEthernet;
virNWFilterRuleIsProtocolIPv4;
virNWFilterRuleIsProtocolIPv6;
virNWFilterRuleProtocolTypeToString;
virNWFilterSaveConfig;
virNWFilterTriggerRebuild;
nwfilter: Support for learning a VM's IP address This patch implements support for learning a VM's IP address. It uses the pcap library to listen on the VM's backend network interface (tap) or the physical ethernet device (macvtap) and tries to capture packets with source or destination MAC address of the VM and learn from DHCP Offers, ARP traffic, or first-sent IPv4 packet what the IP address of the VM's interface is. This then allows to instantiate the network traffic filtering rules without the user having to provide the IP parameter somewhere in the filter description or in the interface description as a parameter. This only supports to detect the parameter IP, which is for the assumed single IPv4 address of a VM. There is not support for interfaces that may have multiple IP addresses (IP aliasing) or IPv6 that may then require more than one valid IP address to be detected. A VM can have multiple independent interfaces that each uses a different IP address and in that case it will be attempted to detect each one of the address independently. So, when for example an interface description in the domain XML has looked like this up to now: <interface type='bridge'> <source bridge='mybridge'/> <model type='virtio'/> <filterref filter='clean-traffic'> <parameter name='IP' value='10.2.3.4'/> </filterref> </interface> you may omit the IP parameter: <interface type='bridge'> <source bridge='mybridge'/> <model type='virtio'/> <filterref filter='clean-traffic'/> </interface> Internally I am walking the 'tree' of a VM's referenced network filters and determine with the given variables which variables are missing. Now, the above IP parameter may be missing and this causes a libvirt-internal thread to be started that uses the pcap library's API to listen to the backend interface (in case of macvtap to the physical interface) in an attempt to determine the missing IP parameter. If the backend interface disappears the thread terminates assuming the VM was brought down. In case of a macvtap device a timeout is being used to wait for packets from the given VM (filtering by VM's interface MAC address). If the VM's macvtap device disappeared the thread also terminates. In all other cases it tries to determine the IP address of the VM and will then apply the rules late on the given interface, which would have happened immediately if the IP parameter had been explicitly given. In case an error happens while the firewall rules are applied, the VM's backend interface is 'down'ed preventing it to communicate. Reasons for failure for applying the network firewall rules may that an ebtables/iptables command failes or OOM errors. Essentially the same failure reasons may occur as when the firewall rules are applied immediately on VM start, except that due to the late application of the filtering rules the VM now is already running and cannot be hindered anymore from starting. Bringing down the whole VM would probably be considered too drastic. While a VM's IP address is attempted to be determined only limited updates to network filters are allowed. In particular it is prevented that filters are modified in such a way that they would introduce new variables. A caveat: The algorithm does not know which one is the appropriate IP address of a VM. If the VM spoofs an IP address in its first ARP traffic or IPv4 packets its filtering rules will be instantiated for this IP address, thus 'locking' it to the found IP address. So, it's still 'safer' to explicitly provide the IP address of a VM's interface in the filter description if it is known beforehand. * configure.ac: detect libpcap * libvirt.spec.in: require libpcap[-devel] if qemu is built * src/internal.h: add the new ATTRIBUTE_PACKED define * src/Makefile.am src/libvirt_private.syms: add the new modules and symbols * src/nwfilter/nwfilter_learnipaddr.[ch]: new module being added * src/nwfilter/nwfilter_driver.c src/conf/nwfilter_conf.[ch] src/nwfilter/nwfilter_ebiptables_driver.[ch] src/nwfilter/nwfilter_gentech_driver.[ch]: plu the new functionality in * tests/nwfilterxml2xmltest: extend testing
2010-04-07 21:02:18 +00:00
virNWFilterUnlockFilterUpdates;
Push nwfilter update locking up to top level The NWFilter code has as a deadlock race condition between the virNWFilter{Define,Undefine} APIs and starting of guest VMs due to mis-matched lock ordering. In the virNWFilter{Define,Undefine} codepaths the lock ordering is 1. nwfilter driver lock 2. virt driver lock 3. nwfilter update lock 4. domain object lock In the VM guest startup paths the lock ordering is 1. virt driver lock 2. domain object lock 3. nwfilter update lock As can be seen the domain object and nwfilter update locks are not acquired in a consistent order. The fix used is to push the nwfilter update lock upto the top level resulting in a lock ordering for virNWFilter{Define,Undefine} of 1. nwfilter driver lock 2. nwfilter update lock 3. virt driver lock 4. domain object lock and VM start using 1. nwfilter update lock 2. virt driver lock 3. domain object lock This has the effect of serializing VM startup once again, even if no nwfilters are applied to the guest. There is also the possibility of deadlock due to a call graph loop via virNWFilterInstantiate and virNWFilterInstantiateFilterLate. These two problems mean the lock must be turned into a read/write lock instead of a plain mutex at the same time. The lock is used to serialize changes to the "driver->nwfilters" hash, so the write lock only needs to be held by the define/undefine methods. All other methods can rely on a read lock which allows good concurrency. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-01-22 17:28:29 +00:00
virNWFilterWriteLockFilterUpdates;
# conf/nwfilter_ipaddrmap.h
virNWFilterIPAddrMapAddIPAddr;
virNWFilterIPAddrMapDelIPAddr;
virNWFilterIPAddrMapGetIPAddr;
virNWFilterIPAddrMapInit;
virNWFilterIPAddrMapShutdown;
# conf/nwfilter_params.h
virNWFilterHashTableCreate;
virNWFilterHashTableEqual;
virNWFilterHashTablePutAll;
virNWFilterVarAccessGetVarName;
virNWFilterVarAccessIsAvailable;
virNWFilterVarAccessPrint;
virNWFilterVarCombIterCreate;
virNWFilterVarCombIterFree;
virNWFilterVarCombIterGetVarValue;
virNWFilterVarCombIterNext;
virNWFilterVarValueAddValue;
virNWFilterVarValueAddValueCopy;
virNWFilterVarValueCopy;
virNWFilterVarValueCreateSimple;
virNWFilterVarValueCreateSimpleCopyValue;
virNWFilterVarValueDelValue;
virNWFilterVarValueEqual;
virNWFilterVarValueFree;
virNWFilterVarValueGetCardinality;
virNWFilterVarValueGetNthValue;
virNWFilterVarValueGetSimple;
# conf/object_event.h
virObjectEventStateDeregisterID;
virObjectEventStateEventID;
virObjectEventStateNew;
virObjectEventStateQueue;
# conf/secret_conf.h
virSecretDefFormat;
virSecretDefFree;
virSecretDefParseFile;
virSecretDefParseString;
virSecretUsageTypeFromString;
virSecretUsageTypeToString;
# conf/secret_event.h
virSecretEventLifecycleNew;
virSecretEventStateRegisterID;
virSecretEventValueChangedNew;
# conf/snapshot_conf.h
virDomainSnapshotAlignDisks;
virDomainSnapshotDefFormat;
virDomainSnapshotDefIsExternal;
virDomainSnapshotDefNew;
virDomainSnapshotDefParseString;
virDomainSnapshotDiskDefFree;
virDomainSnapshotDiskDefParseXML;
virDomainSnapshotFormatConvertXMLFlags;
virDomainSnapshotIsExternal;
virDomainSnapshotLocationTypeFromString;
virDomainSnapshotLocationTypeToString;
virDomainSnapshotRedefinePrep;
virDomainSnapshotStateTypeFromString;
virDomainSnapshotStateTypeToString;
# conf/storage_adapter_conf.h
virStorageAdapterClear;
virStorageAdapterFormat;
virStorageAdapterParseXML;
virStorageAdapterValidate;
# conf/storage_capabilities.h
virStoragePoolCapsFormat;
virStoragePoolCapsNew;
# conf/storage_conf.h
virStoragePartedFsTypeToString;
virStoragePoolDefFormat;
virStoragePoolDefFree;
virStoragePoolDefParseFile;
virStoragePoolDefParseNode;
virStoragePoolDefParseSourceString;
virStoragePoolDefParseString;
virStoragePoolFormatDiskTypeFromString;
virStoragePoolFormatDiskTypeToString;
virStoragePoolFormatFileSystemNetTypeToString;
virStoragePoolFormatFileSystemTypeToString;
virStoragePoolFormatLogicalTypeToString;
virStoragePoolOptionsFormatPool;
virStoragePoolOptionsFormatVolume;
virStoragePoolOptionsPoolTypeSetXMLNamespace;
virStoragePoolSaveConfig;
virStoragePoolSaveState;
virStoragePoolSourceClear;
virStoragePoolSourceDeviceClear;
virStoragePoolSourceFree;
virStoragePoolSourceListFormat;
virStoragePoolSourceListNewSource;
virStoragePoolTypeFromString;
virStoragePoolTypeToString;
virStorageVolDefFindByKey;
virStorageVolDefFindByName;
virStorageVolDefFindByPath;
virStorageVolDefFormat;
virStorageVolDefFree;
virStorageVolDefParseFile;
virStorageVolDefParseNode;
virStorageVolDefParseString;
virStorageVolDefRefreshAllocationTypeFromString;
virStorageVolDefRefreshAllocationTypeToString;
virStorageVolTypeFromString;
virStorageVolTypeToString;
# conf/storage_event.h
virStoragePoolEventLifecycleNew;
virStoragePoolEventRefreshNew;
virStoragePoolEventStateRegisterID;
# conf/virchrdev.h
virChrdevAlloc;
virChrdevFree;
virChrdevOpen;
# conf/virdomaincheckpointobjlist.h
virDomainCheckpointAssignDef;
virDomainCheckpointFindByName;
virDomainCheckpointForEach;
virDomainCheckpointGetCurrent;
virDomainCheckpointGetCurrentName;
virDomainCheckpointLinkParent;
virDomainCheckpointObjListFree;
virDomainCheckpointObjListNew;
virDomainCheckpointObjListRemove;
virDomainCheckpointObjListRemoveAll;
virDomainCheckpointSetCurrent;
virDomainCheckpointUpdateRelations;
virDomainListCheckpoints;
# conf/virdomainmomentobjlist.h
virDomainMomentDropChildren;
virDomainMomentDropParent;
virDomainMomentForEachChild;
virDomainMomentForEachDescendant;
virDomainMomentMoveChildren;
# conf/virdomainobjlist.h
virDomainObjListAdd;
virDomainObjListCollect;
virDomainObjListConvert;
virDomainObjListExport;
virDomainObjListFindByID;
virDomainObjListFindByName;
virDomainObjListFindByUUID;
virDomainObjListForEach;
virDomainObjListGetActiveIDs;
virDomainObjListGetInactiveNames;
virDomainObjListLoadAllConfigs;
virDomainObjListNew;
virDomainObjListNumOfDomains;
virDomainObjListRemove;
virDomainObjListRemoveLocked;
virDomainObjListRename;
# conf/virdomainsnapshotobjlist.h
virDomainListSnapshots;
virDomainSnapshotAssignDef;
virDomainSnapshotFindByName;
virDomainSnapshotForEach;
virDomainSnapshotGetCurrent;
virDomainSnapshotGetCurrentName;
virDomainSnapshotLinkParent;
virDomainSnapshotObjListFree;
virDomainSnapshotObjListGetNames;
virDomainSnapshotObjListNew;
virDomainSnapshotObjListNum;
virDomainSnapshotObjListRemove;
virDomainSnapshotObjListRemoveAll;
virDomainSnapshotSetCurrent;
virDomainSnapshotUpdateRelations;
# conf/virinterfaceobj.h
virInterfaceObjEndAPI;
virInterfaceObjGetDef;
virInterfaceObjIsActive;
virInterfaceObjListAssignDef;
virInterfaceObjListClone;
virInterfaceObjListExport;
virInterfaceObjListFindByMACString;
virInterfaceObjListFindByName;
virInterfaceObjListGetNames;
virInterfaceObjListNew;
virInterfaceObjListNumOfInterfaces;
virInterfaceObjListRemove;
virInterfaceObjSetActive;
# conf/virnetworkobj.h
virNetworkObjAddPort;
virNetworkObjAssignDef;
virNetworkObjBridgeInUse;
virNetworkObjDeleteAllPorts;
virNetworkObjDeleteConfig;
virNetworkObjDeletePort;
virNetworkObjEndAPI;
virNetworkObjFindByName;
virNetworkObjFindByUUID;
virNetworkObjGetClassIdMap;
virNetworkObjGetDef;
virNetworkObjGetDnsmasqPid;
virNetworkObjGetFloorSum;
virNetworkObjGetMacMap;
virNetworkObjGetNewDef;
virNetworkObjGetPersistentDef;
virNetworkObjGetPortStatusDir;
virNetworkObjGetRadvdPid;
virNetworkObjIsActive;
virNetworkObjIsAutostart;
virNetworkObjIsPersistent;
virNetworkObjListExport;
virNetworkObjListForEach;
virNetworkObjListGetNames;
virNetworkObjListNew;
virNetworkObjListNumOfNetworks;
virNetworkObjListPrune;
virNetworkObjLoadAllConfigs;
virNetworkObjLoadAllState;
virNetworkObjLookupPort;
virNetworkObjMacMgrAdd;
virNetworkObjMacMgrDel;
virNetworkObjNew;
virNetworkObjPortForEach;
virNetworkObjPortListExport;
virNetworkObjRemoveInactive;
virNetworkObjReplacePersistentDef;
virNetworkObjSaveStatus;
virNetworkObjSetActive;
virNetworkObjSetAutostart;
virNetworkObjSetDef;
virNetworkObjSetDefTransient;
virNetworkObjSetDnsmasqPid;
virNetworkObjSetFloorSum;
virNetworkObjSetMacMap;
virNetworkObjSetRadvdPid;
virNetworkObjTaint;
virNetworkObjUnrefMacMap;
virNetworkObjUnsetDefTransient;
virNetworkObjUpdate;
virNetworkObjUpdateAssignDef;
# conf/virnetworkportdef.h
virNetworkPortDefFormat;
virNetworkPortDefFormatBuf;
virNetworkPortDefFree;
virNetworkPortDefParseFile;
virNetworkPortDefParseNode;
virNetworkPortDefParseString;
virNetworkPortDefSaveStatus;
# conf/virnodedeviceobj.h
virNodeDeviceObjEndAPI;
virNodeDeviceObjGetDef;
virNodeDeviceObjListAssignDef;
virNodeDeviceObjListExport;
virNodeDeviceObjListFindByName;
virNodeDeviceObjListFindBySysfsPath;
virNodeDeviceObjListFindMediatedDeviceByUUID;
virNodeDeviceObjListFindSCSIHostByWWNs;
virNodeDeviceObjListFree;
virNodeDeviceObjListGetNames;
virNodeDeviceObjListGetParentHost;
virNodeDeviceObjListNew;
virNodeDeviceObjListNumOfDevices;
virNodeDeviceObjListRemove;
# conf/virnwfilterbindingdef.h
virNWFilterBindingDefCopy;
virNWFilterBindingDefFormat;
virNWFilterBindingDefFormatBuf;
virNWFilterBindingDefFree;
virNWFilterBindingDefParseFile;
virNWFilterBindingDefParseNode;
virNWFilterBindingDefParseString;
# conf/virnwfilterbindingobj.h
virNWFilterBindingObjConfigFile;
virNWFilterBindingObjDelete;
virNWFilterBindingObjEndAPI;
virNWFilterBindingObjFormat;
virNWFilterBindingObjGetDef;
virNWFilterBindingObjGetRemoving;
virNWFilterBindingObjNew;
virNWFilterBindingObjParseFile;
virNWFilterBindingObjSave;
virNWFilterBindingObjSetDef;
virNWFilterBindingObjSetRemoving;
virNWFilterBindingObjStealDef;
# conf/virnwfilterbindingobjlist.h
virNWFilterBindingObjListAdd;
virNWFilterBindingObjListExport;
virNWFilterBindingObjListFindByPortDev;
virNWFilterBindingObjListForEach;
virNWFilterBindingObjListLoadAllConfigs;
virNWFilterBindingObjListNew;
virNWFilterBindingObjListRemove;
# conf/virnwfilterobj.h
virNWFilterObjGetDef;
virNWFilterObjGetNewDef;
virNWFilterObjListAssignDef;
virNWFilterObjListExport;
virNWFilterObjListFindByName;
virNWFilterObjListFindByUUID;
virNWFilterObjListFindInstantiateFilter;
virNWFilterObjListFree;
virNWFilterObjListGetNames;
virNWFilterObjListLoadAllConfigs;
virNWFilterObjListNew;
virNWFilterObjListNumOfNWFilters;
virNWFilterObjListRemove;
virNWFilterObjLock;
virNWFilterObjTestUnassignDef;
virNWFilterObjUnlock;
virNWFilterObjWantRemoved;
# conf/virsavecookie.h
virSaveCookieFormat;
virSaveCookieFormatBuf;
virSaveCookieParse;
virSaveCookieParseString;
# conf/virsecretobj.h
virSecretLoadAllConfigs;
virSecretObjDeleteConfig;
virSecretObjDeleteData;
virSecretObjEndAPI;
virSecretObjGetDef;
virSecretObjGetValue;
virSecretObjGetValueSize;
virSecretObjListAdd;
virSecretObjListExport;
virSecretObjListFindByUsage;
virSecretObjListFindByUUID;
virSecretObjListGetUUIDs;
virSecretObjListNew;
virSecretObjListNumOfSecrets;
virSecretObjListRemove;
virSecretObjSaveConfig;
virSecretObjSaveData;
virSecretObjSetDef;
virSecretObjSetValue;
virSecretObjSetValueSize;
# conf/virstorageobj.h
virStoragePoolObjAddVol;
virStoragePoolObjClearVols;
virStoragePoolObjDecrAsyncjobs;
virStoragePoolObjDefUseNewDef;
virStoragePoolObjDeleteDef;
virStoragePoolObjEndAPI;
virStoragePoolObjFindByName;
virStoragePoolObjFindByUUID;
virStoragePoolObjForEachVolume;
virStoragePoolObjGetAsyncjobs;
virStoragePoolObjGetAutostartLink;
virStoragePoolObjGetConfigFile;
virStoragePoolObjGetDef;
virStoragePoolObjGetNames;
virStoragePoolObjGetNewDef;
virStoragePoolObjGetVolumesCount;
virStoragePoolObjIncrAsyncjobs;
virStoragePoolObjIsActive;
virStoragePoolObjIsAutostart;
virStoragePoolObjIsStarting;
virStoragePoolObjListAdd;
virStoragePoolObjListExport;
virStoragePoolObjListForEach;
virStoragePoolObjListNew;
virStoragePoolObjListSearch;
virStoragePoolObjLoadAllConfigs;
virStoragePoolObjLoadAllState;
virStoragePoolObjNew;
virStoragePoolObjNumOfStoragePools;
virStoragePoolObjNumOfVolumes;
virStoragePoolObjRemove;
virStoragePoolObjRemoveVol;
virStoragePoolObjSaveDef;
virStoragePoolObjSearchVolume;
virStoragePoolObjSetActive;
virStoragePoolObjSetAutostart;
virStoragePoolObjSetConfigFile;
virStoragePoolObjSetDef;
virStoragePoolObjSetStarting;
virStoragePoolObjVolumeGetNames;
virStoragePoolObjVolumeListExport;
# cpu/cpu.h
cpuDecode;
cpuEncode;
virCPUArchIsSupported;
virCPUBaseline;
virCPUCheckFeature;
virCPUCompare;
virCPUCompareXML;
virCPUConvertLegacy;
virCPUCopyMigratable;
virCPUDataAddFeature;
virCPUDataCheckFeature;
virCPUDataFormat;
virCPUDataFree;
virCPUDataNew;
virCPUDataParse;
virCPUExpandFeatures;
virCPUGetHost;
virCPUGetHostIsSupported;
virCPUGetModels;
virCPUProbeHost;
virCPUTranslate;
virCPUUpdate;
virCPUUpdateLive;
virCPUValidateFeatures;
# cpu/cpu_x86.h
virCPUx86DataAdd;
virCPUx86DataGetSignature;
virCPUx86DataSetSignature;
virCPUx86DataSetVendor;
virCPUx86FeatureFilterDropMSR;
virCPUx86FeatureFilterSelectMSR;
# datatypes.h
virConnectClass;
virConnectCloseCallbackDataCall;
virConnectCloseCallbackDataClass;
virConnectCloseCallbackDataGetCallback;
virConnectCloseCallbackDataRegister;
virConnectCloseCallbackDataUnregister;
virDomainCheckpointClass;
virDomainClass;
virDomainSnapshotClass;
virGetConnect;
virGetDomain;
virGetDomainCheckpoint;
virGetDomainSnapshot;
virGetInterface;
virGetNetwork;
virGetNetworkPort;
virGetNodeDevice;
virGetNWFilter;
virGetNWFilterBinding;
virGetSecret;
virGetStoragePool;
virGetStorageVol;
virGetStream;
virInterfaceClass;
virNetworkClass;
virNetworkPortClass;
virNewConnectCloseCallbackData;
virNodeDeviceClass;
virNWFilterClass;
virSecretClass;
virStoragePoolClass;
virStorageVolClass;
virStreamClass;
# driver.h
virConnectValidateURIPath;
virDriverShouldAutostart;
virGetConnectInterface;
virGetConnectNetwork;
virGetConnectNodeDev;
virGetConnectNWFilter;
virGetConnectSecret;
virGetConnectStorage;
virSetConnectInterface;
virSetConnectNetwork;
virSetConnectNodeDev;
virSetConnectNWFilter;
virSetConnectSecret;
virSetConnectStorage;
# hypervisor/domain_cgroup.h
virDomainCgroupSetMemoryLimitParameters;
virDomainCgroupSetupBlkio;
virDomainCgroupSetupDomainBlkioParameters;
virDomainCgroupSetupMemtune;
# hypervisor/domain_driver.h
virDomainDriverGenerateMachineName;
virDomainDriverGenerateRootHash;
virDomainDriverMergeBlkioDevice;
virDomainDriverParseBlkioDeviceStr;
virDomainDriverSetupPersistentDefBlkioParams;
# hypervisor/virclosecallbacks.h
virCloseCallbacksGet;
virCloseCallbacksGetConn;
virCloseCallbacksNew;
virCloseCallbacksRun;
virCloseCallbacksSet;
virCloseCallbacksUnset;
# hypervisor/virhostdev.h
virHostdevFindUSBDevice;
virHostdevManagerGetDefault;
virHostdevPCINodeDeviceDetach;
virHostdevPCINodeDeviceReAttach;
virHostdevPCINodeDeviceReset;
virHostdevPrepareDomainDevices;
virHostdevPrepareMediatedDevices;
virHostdevPrepareNVMeDevices;
virHostdevPrepareOneNVMeDevice;
virHostdevPreparePCIDevices;
virHostdevPrepareSCSIDevices;
virHostdevPrepareSCSIVHostDevices;
virHostdevPrepareUSBDevices;
virHostdevReAttachDomainDevices;
virHostdevReAttachMediatedDevices;
virHostdevReAttachNVMeDevices;
virHostdevReAttachOneNVMeDevice;
virHostdevReAttachPCIDevices;
virHostdevReAttachSCSIDevices;
virHostdevReAttachSCSIVHostDevices;
virHostdevReAttachUSBDevices;
virHostdevUpdateActiveDomainDevices;
virHostdevUpdateActiveMediatedDevices;
virHostdevUpdateActiveNVMeDevices;
virHostdevUpdateActivePCIDevices;
virHostdevUpdateActiveSCSIDevices;
virHostdevUpdateActiveUSBDevices;
# libvirt_internal.h
virConnectSupportsFeature;
virDomainMigrateBegin3;
virDomainMigrateBegin3Params;
virDomainMigrateConfirm3;
virDomainMigrateConfirm3Params;
virDomainMigrateFinish;
virDomainMigrateFinish2;
virDomainMigrateFinish3;
virDomainMigrateFinish3Params;
virDomainMigratePerform;
virDomainMigratePerform3;
virDomainMigratePerform3Params;
virDomainMigratePrepare;
virDomainMigratePrepare2;
virDomainMigratePrepare3;
virDomainMigratePrepare3Params;
virDomainMigratePrepareTunnel;
virDomainMigratePrepareTunnel3;
virDomainMigratePrepareTunnel3Params;
virRegisterConnectDriver;
virRegisterStateDriver;
virSetSharedInterfaceDriver;
virSetSharedNetworkDriver;
virSetSharedNodeDeviceDriver;
virSetSharedNWFilterDriver;
virSetSharedSecretDriver;
virSetSharedStorageDriver;
virStateCleanup;
virStateInitialize;
virStateReload;
virStateStop;
virStreamInData;
2009-01-15 19:56:05 +00:00
# locking/domain_lock.h
virDomainLockImageAttach;
virDomainLockImageDetach;
virDomainLockLeaseAttach;
virDomainLockLeaseDetach;
virDomainLockProcessInquire;
virDomainLockProcessPause;
virDomainLockProcessResume;
virDomainLockProcessStart;
# locking/lock_manager.h
virLockManagerAcquire;
virLockManagerAddResource;
virLockManagerFree;
virLockManagerInquire;
virLockManagerNew;
virLockManagerPluginGetName;
virLockManagerPluginNew;
virLockManagerPluginRef;
virLockManagerPluginUnref;
virLockManagerPluginUsesState;
virLockManagerRelease;
# logging/log_manager.h
virLogManagerDomainAppendMessage;
virLogManagerDomainGetLogFilePosition;
virLogManagerDomainOpenLogFile;
virLogManagerDomainReadLogFile;
virLogManagerFree;
virLogManagerNew;
# security/security_driver.h
virSecurityDriverLookup;
# security/security_manager.h
virSecurityManagerCheckAllLabel;
virSecurityManagerClearSocketLabel;
virSecurityManagerDomainRestorePathLabel;
virSecurityManagerDomainSetPathLabel;
virSecurityManagerDomainSetPathLabelRO;
virSecurityManagerGenLabel;
virSecurityManagerGetBaseLabel;
virSecurityManagerGetDOI;
virSecurityManagerGetModel;
virSecurityManagerGetMountOptions;
virSecurityManagerGetNested;
virSecurityManagerGetProcessLabel;
virSecurityManagerMoveImageMetadata;
virSecurityManagerNew;
virSecurityManagerNewDAC;
virSecurityManagerNewStack;
virSecurityManagerPostFork;
virSecurityManagerPreFork;
virSecurityManagerReleaseLabel;
virSecurityManagerReserveLabel;
virSecurityManagerRestoreAllLabel;
virSecurityManagerRestoreChardevLabel;
virSecurityManagerRestoreHostdevLabel;
virSecurityManagerRestoreImageLabel;
virSecurityManagerRestoreInputLabel;
virSecurityManagerRestoreMemoryLabel;
security: Label the external swtpm with SELinux labels In this patch we label the swtpm process with SELinux labels. We give it the same label as the QEMU process has. We label its state directory and files as well. We restore the old security labels once the swtpm has terminated. The file and process labels now look as follows: Directory: /var/lib/libvirt/swtpm [root@localhost swtpm]# ls -lZ total 4 rwx------. 2 tss tss system_u:object_r:svirt_image_t:s0:c254,c932 4096 Apr 5 16:46 testvm [root@localhost testvm]# ls -lZ total 8 -rw-r--r--. 1 tss tss system_u:object_r:svirt_image_t:s0:c254,c932 3648 Apr 5 16:46 tpm-00.permall The log in /var/log/swtpm/libvirt/qemu is labeled as follows: -rw-r--r--. 1 tss tss system_u:object_r:svirt_image_t:s0:c254,c932 2237 Apr 5 16:46 vtpm.log [root@localhost 485d0004-a48f-436a-8457-8a3b73e28567]# ps auxZ | grep swtpm | grep ctrl | grep -v grep system_u:system_r:svirt_t:s0:c254,c932 tss 25664 0.0 0.0 28172 3892 ? Ss 16:57 0:00 /usr/bin/swtpm socket --daemon --ctrl type=unixio,path=/var/run/libvirt/qemu/swtpm/testvm-swtpm.sock,mode=0660 --tpmstate dir=/var/lib/libvirt/swtpm/testvm/tpm1.2 --log file=/var/log/swtpm/libvirt/qemu/testvm-swtpm.log [root@localhost 485d0004-a48f-436a-8457-8a3b73e28567]# ps auxZ | grep qemu | grep tpm | grep -v grep system_u:system_r:svirt_t:s0:c254,c932 qemu 25669 99.0 0.0 3096704 48500 ? Sl 16:57 3:28 /bin/qemu-system-x86_64 [..] Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: John Ferlan <jferlan@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-04-04 16:40:32 +00:00
virSecurityManagerRestoreTPMLabels;
virSecurityManagerSetAllLabel;
virSecurityManagerSetChardevLabel;
virSecurityManagerSetChildProcessLabel;
virSecurityManagerSetDaemonSocketLabel;
virSecurityManagerSetHostdevLabel;
virSecurityManagerSetImageFDLabel;
virSecurityManagerSetImageLabel;
virSecurityManagerSetInputLabel;
virSecurityManagerSetMemoryLabel;
virSecurityManagerSetProcessLabel;
virSecurityManagerSetSocketLabel;
virSecurityManagerSetTapFDLabel;
security: Label the external swtpm with SELinux labels In this patch we label the swtpm process with SELinux labels. We give it the same label as the QEMU process has. We label its state directory and files as well. We restore the old security labels once the swtpm has terminated. The file and process labels now look as follows: Directory: /var/lib/libvirt/swtpm [root@localhost swtpm]# ls -lZ total 4 rwx------. 2 tss tss system_u:object_r:svirt_image_t:s0:c254,c932 4096 Apr 5 16:46 testvm [root@localhost testvm]# ls -lZ total 8 -rw-r--r--. 1 tss tss system_u:object_r:svirt_image_t:s0:c254,c932 3648 Apr 5 16:46 tpm-00.permall The log in /var/log/swtpm/libvirt/qemu is labeled as follows: -rw-r--r--. 1 tss tss system_u:object_r:svirt_image_t:s0:c254,c932 2237 Apr 5 16:46 vtpm.log [root@localhost 485d0004-a48f-436a-8457-8a3b73e28567]# ps auxZ | grep swtpm | grep ctrl | grep -v grep system_u:system_r:svirt_t:s0:c254,c932 tss 25664 0.0 0.0 28172 3892 ? Ss 16:57 0:00 /usr/bin/swtpm socket --daemon --ctrl type=unixio,path=/var/run/libvirt/qemu/swtpm/testvm-swtpm.sock,mode=0660 --tpmstate dir=/var/lib/libvirt/swtpm/testvm/tpm1.2 --log file=/var/log/swtpm/libvirt/qemu/testvm-swtpm.log [root@localhost 485d0004-a48f-436a-8457-8a3b73e28567]# ps auxZ | grep qemu | grep tpm | grep -v grep system_u:system_r:svirt_t:s0:c254,c932 qemu 25669 99.0 0.0 3096704 48500 ? Sl 16:57 3:28 /bin/qemu-system-x86_64 [..] Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: John Ferlan <jferlan@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-04-04 16:40:32 +00:00
virSecurityManagerSetTPMLabels;
virSecurityManagerStackAddNested;
virSecurityManagerTransactionAbort;
virSecurityManagerTransactionCommit;
virSecurityManagerTransactionStart;
virSecurityManagerVerify;
# util/glibcompat.h
vir_g_canonicalize_filename;
vir_g_fsync;
vir_g_strdup_printf;
vir_g_strdup_vprintf;
# util/viralloc.h
virAlloc;
virAllocN;
virAllocVar;
virDeleteElementsN;
virDispose;
virDisposeString;
virExpandN;
virInsertElementsN;
virReallocN;
virResizeN;
virShrinkN;
# util/virarch.h
virArchFromHost;
virArchFromString;
virArchGetEndian;
virArchGetWordSize;
virArchToString;
# util/virarptable.h
virArpTableFree;
virArpTableGet;
# util/viraudit.h
virAuditClose;
virAuditEncode;
virAuditLog;
virAuditOpen;
virAuditSend;
# util/virauth.h
virAuthGetConfigFilePath;
virAuthGetConfigFilePathURI;
virAuthGetPassword;
virAuthGetPasswordPath;
virAuthGetUsername;
virAuthGetUsernamePath;
# util/virauthconfig.h
virAuthConfigFree;
virAuthConfigLookup;
virAuthConfigNew;
virAuthConfigNewData;
# util/virbitmap.h
virBitmapClearAll;
virBitmapClearBit;
virBitmapClearBitExpand;
virBitmapCopy;
virBitmapCountBits;
virBitmapDataFormat;
virBitmapEqual;
virBitmapFormat;
virBitmapFree;
virBitmapGetBit;
virBitmapIntersect;
virBitmapIsAllClear;
virBitmapIsAllSet;
virBitmapIsBitSet;
virBitmapLastSetBit;
virBitmapNew;
virBitmapNewCopy;
virBitmapNewData;
virBitmapNewEmpty;
virBitmapNewQuiet;
virBitmapNewString;
virBitmapNextClearBit;
virBitmapNextSetBit;
virBitmapOverlaps;
virBitmapParse;
virBitmapParseSeparator;
virBitmapParseUnlimited;
virBitmapSetAll;
virBitmapSetBit;
virBitmapSetBitExpand;
virBitmapShrink;
virBitmapSize;
virBitmapSubtract;
virBitmapToData;
virBitmapToDataBuf;
virBitmapToString;
virBitmapUnion;
# util/virbpf.h
virBPFAttachProg;
virBPFCreateMap;
virBPFDeleteElem;
virBPFDetachProg;
virBPFGetMap;
virBPFGetMapInfo;
virBPFGetNextElem;
virBPFGetProg;
virBPFGetProgInfo;
virBPFLoadProg;
virBPFLookupElem;
virBPFQueryProg;
virBPFUpdateElem;
# util/virbuffer.h
virBufferAdd;
virBufferAddBuffer;
virBufferAddChar;
virBufferAddStr;
virBufferAdjustIndent;
virBufferAsprintf;
virBufferContentAndReset;
virBufferCurrentContent;
virBufferEscape;
virBufferEscapeRegex;
virBufferEscapeSexpr;
virBufferEscapeShell;
virBufferEscapeSQL;
virBufferEscapeString;
virBufferFreeAndReset;
virBufferGetEffectiveIndent;
virBufferGetIndent;
virBufferSetIndent;
virBufferStrcat;
virBufferStrcatVArgs;
virBufferTrim;
virBufferTrimChars;
virBufferTrimLen;
virBufferURIEncodeString;
virBufferUse;
virBufferVasprintf;
# util/vircgroup.h
virCgroupAddMachineProcess;
virCgroupAddProcess;
virCgroupAddThread;
virCgroupAllowAllDevices;
virCgroupAllowDevice;
virCgroupAllowDevicePath;
virCgroupAvailable;
virCgroupBindMount;
virCgroupControllerAvailable;
virCgroupControllerTypeFromString;
virCgroupControllerTypeToString;
virCgroupDelThread;
virCgroupDenyAllDevices;
virCgroupDenyDevice;
virCgroupDenyDevicePath;
virCgroupFree;
virCgroupGetBlkioIoDeviceServiced;
virCgroupGetBlkioIoServiced;
virCgroupGetBlkioWeight;
virCgroupGetCpuacctPercpuUsage;
virCgroupGetCpuacctStat;
virCgroupGetCpuacctUsage;
virCgroupGetCpuCfsPeriod;
virCgroupGetCpuCfsQuota;
virCgroupGetCpuPeriodQuota;
virCgroupGetCpusetCpus;
virCgroupGetCpusetMemoryMigrate;
virCgroupGetCpusetMems;
virCgroupGetCpuShares;
virCgroupGetDevicePermsString;
virCgroupGetDomainTotalCpuStats;
virCgroupGetFreezerState;
virCgroupGetMemoryHardLimit;
virCgroupGetMemorySoftLimit;
virCgroupGetMemoryStat;
virCgroupGetMemoryUsage;
virCgroupGetMemSwapHardLimit;
virCgroupGetMemSwapUsage;
virCgroupGetPercpuStats;
virCgroupHasController;
virCgroupHasEmptyTasks;
virCgroupKillPainfully;
virCgroupKillRecursive;
virCgroupNewDetect;
virCgroupNewDetectMachine;
virCgroupNewDomainPartition;
virCgroupNewIgnoreError;
virCgroupNewMachine;
virCgroupNewPartition;
virCgroupNewSelf;
virCgroupNewThread;
virCgroupPathOfController;
virCgroupRemove;
virCgroupSetBlkioWeight;
virCgroupSetCpuCfsPeriod;
virCgroupSetCpuCfsQuota;
virCgroupSetCpusetCpus;
virCgroupSetCpusetMemoryMigrate;
virCgroupSetCpusetMems;
virCgroupSetCpuShares;
virCgroupSetFreezerState;
virCgroupSetMemory;
virCgroupSetMemoryHardLimit;
virCgroupSetMemorySoftLimit;
virCgroupSetMemSwapHardLimit;
virCgroupSetOwner;
virCgroupSetupBlkioDeviceReadBps;
virCgroupSetupBlkioDeviceReadIops;
virCgroupSetupBlkioDeviceWeight;
virCgroupSetupBlkioDeviceWriteBps;
virCgroupSetupBlkioDeviceWriteIops;
virCgroupSetupCpuPeriodQuota;
virCgroupSetupCpusetCpus;
virCgroupSetupCpuShares;
virCgroupSupportsCpuBW;
virCgroupTerminateMachine;
# util/vircgroupbackend.h
virCgroupBackendGetAll;
virCgroupBackendRegister;
# util/vircgroupv1.h
virCgroupV1Register;
# util/vircgroupv2.h
virCgroupV2Register;
# util/vircgroupv2devices.h
virCgroupV2DevicesAvailable;
virCgroupV2DevicesCreateProg;
virCgroupV2DevicesDetectProg;
virCgroupV2DevicesGetKey;
virCgroupV2DevicesGetPerms;
virCgroupV2DevicesPrepareProg;
virCgroupV2DevicesRemoveProg;
# util/vircommand.h
virCommandAbort;
virCommandAddArg;
virCommandAddArgBuffer;
virCommandAddArgFormat;
virCommandAddArgList;
virCommandAddArgPair;
virCommandAddArgSet;
virCommandAddEnvBuffer;
virCommandAddEnvFormat;
virCommandAddEnvPair;
virCommandAddEnvPass;
virCommandAddEnvPassCommon;
virCommandAddEnvString;
virCommandAddEnvXDG;
virCommandAllowCap;
virCommandClearCaps;
virCommandDaemonize;
virCommandDoAsyncIO;
virCommandExec;
virCommandFree;
virCommandGetArgList;
virCommandGetGID;
virCommandGetUID;
virCommandHandshakeNotify;
virCommandHandshakeWait;
virCommandNew;
virCommandNewArgList;
virCommandNewArgs;
virCommandNewVAList;
virCommandNonblockingFDs;
virCommandPassFD;
virCommandPassFDGetFDIndex;
util: make it easier to grab only regular command exit Auditing all callers of virCommandRun and virCommandWait that passed a non-NULL pointer for exit status turned up some interesting observations. Many callers were merely passing a pointer to avoid the overall command dying, but without caring what the exit status was - but these callers would be better off treating a child death by signal as an abnormal exit. Other callers were actually acting on the status, but not all of them remembered to filter by WIFEXITED and convert with WEXITSTATUS; depending on the platform, this can result in a status being reported as 256 times too big. And among those that correctly parse the output, it gets rather verbose. Finally, there were the callers that explicitly checked that the status was 0, and gave their own message, but with fewer details than what virCommand gives for free. So the best idea is to move the complexity out of callers and into virCommand - by default, we return the actual exit status already cleaned through WEXITSTATUS and treat signals as a failed command; but the few callers that care can ask for raw status and act on it themselves. * src/util/vircommand.h (virCommandRawStatus): New prototype. * src/libvirt_private.syms (util/command.h): Export it. * docs/internals/command.html.in: Document it. * src/util/vircommand.c (virCommandRawStatus): New function. (virCommandWait): Adjust semantics. * tests/commandtest.c (test1): Test it. * daemon/remote.c (remoteDispatchAuthPolkit): Adjust callers. * src/access/viraccessdriverpolkit.c (virAccessDriverPolkitCheck): Likewise. * src/fdstream.c (virFDStreamCloseInt): Likewise. * src/lxc/lxc_process.c (virLXCProcessStart): Likewise. * src/qemu/qemu_command.c (qemuCreateInBridgePortWithHelper): Likewise. * src/xen/xen_driver.c (xenUnifiedXendProbe): Simplify. * tests/reconnect.c (mymain): Likewise. * tests/statstest.c (mymain): Likewise. * src/bhyve/bhyve_process.c (virBhyveProcessStart) (virBhyveProcessStop): Don't overwrite virCommand error. * src/libvirt.c (virConnectAuthGainPolkit): Likewise. * src/openvz/openvz_driver.c (openvzDomainGetBarrierLimit) (openvzDomainSetBarrierLimit): Likewise. * src/util/virebtables.c (virEbTablesOnceInit): Likewise. * src/util/viriptables.c (virIpTablesOnceInit): Likewise. * src/util/virnetdevveth.c (virNetDevVethCreate): Fix debug message. * src/qemu/qemu_capabilities.c (virQEMUCapsInitQMP): Add comment. * src/storage/storage_backend_iscsi.c (virStorageBackendISCSINodeUpdate): Likewise. Signed-off-by: Eric Blake <eblake@redhat.com>
2014-02-20 00:32:19 +00:00
virCommandRawStatus;
virCommandRequireHandshake;
virCommandRun;
virCommandRunAsync;
virCommandRunNul;
virCommandRunRegex;
virCommandSetAppArmorProfile;
virCommandSetDryRun;
virCommandSetErrorBuffer;
virCommandSetErrorFD;
virCommandSetGID;
virCommandSetInputBuffer;
virCommandSetInputFD;
virCommandSetMaxCoreSize;
virCommandSetMaxFiles;
virCommandSetMaxMemLock;
virCommandSetMaxProcesses;
virCommandSetOutputBuffer;
virCommandSetOutputFD;
virCommandSetPidFile;
virCommandSetPreExecHook;
virCommandSetSELinuxLabel;
virCommandSetSendBuffer;
virCommandSetUID;
virCommandSetUmask;
virCommandSetWorkingDirectory;
virCommandToString;
virCommandWait;
virCommandWriteArgLog;
virFork;
# util/virconf.h
virConfFree;
virConfFreeValue;
virConfGetValue;
virConfGetValueBool;
virConfGetValueInt;
virConfGetValueLLong;
virConfGetValueSizeT;
virConfGetValueSSizeT;
virConfGetValueString;
virConfGetValueStringList;
virConfGetValueType;
virConfGetValueUInt;
virConfGetValueULLong;
virConfLoadConfig;
virConfNew;
virConfReadFile;
virConfReadString;
virConfSetValue;
virConfTypeFromString;
virConfTypeToString;
virConfWalk;
virConfWriteFile;
virConfWriteMem;
# util/vircrypto.h
virCryptoEncryptData;
virCryptoHashBuf;
virCryptoHashString;
virCryptoHaveCipher;
# util/virdaemon.h
virDaemonForkIntoBackground;
virDaemonSetupLogging;
virDaemonUnixSocketPaths;
# util/virdbus.h
virDBusCallMethod;
virDBusCloseSystemBus;
virDBusCreateMethod;
virDBusCreateMethodV;
virDBusCreateReply;
virDBusCreateReplyV;
virDBusErrorIsUnknownMethod;
virDBusGetSessionBus;
virDBusGetSystemBus;
virDBusHasSystemBus;
virDBusMessageDecode;
virDBusMessageEncode;
virDBusMessageUnref;
virDBusSetSharedBus;
# util/virdevmapper.h
virDevMapperGetTargets;
virIsDevMapperDevice;
# util/virdnsmasq.h
dnsmasqAddDhcpHost;
dnsmasqAddHost;
dnsmasqCapsGet;
dnsmasqCapsGetBinaryPath;
dnsmasqCapsGetVersion;
dnsmasqCapsNewFromBinary;
dnsmasqCapsNewFromBuffer;
dnsmasqCapsNewFromFile;
dnsmasqCapsRefresh;
dnsmasqContextFree;
dnsmasqContextNew;
dnsmasqDelete;
dnsmasqDhcpHostsToString;
dnsmasqReload;
dnsmasqSave;
# util/virebtables.h
ebtablesAddForwardAllowIn;
ebtablesAddForwardPolicyReject;
ebtablesContextFree;
ebtablesContextNew;
ebtablesRemoveForwardAllowIn;
# util/virenum.h
virEnumFromString;
virEnumToString;
virTristateBoolFromBool;
virTristateBoolTypeFromString;
virTristateBoolTypeToString;
virTristateSwitchFromBool;
virTristateSwitchTypeFromString;
virTristateSwitchTypeToString;
# util/virerror.h
virDispatchError;
virErrorCopyNew;
virErrorInitialize;
virErrorMsg;
virErrorPreserveLast;
virErrorRestore;
virErrorSetErrnoFromLastError;
virLastErrorIsSystemErrno;
virLastErrorPrefixMessage;
virRaiseErrorFull;
virRaiseErrorObject;
virReportErrorHelper;
virReportOOMErrorFull;
virReportSystemErrorFull;
virSetError;
virSetErrorLogPriorityFunc;
# util/vireventglib.h
virEventGLibRegister;
virEventGLibRunOnce;
# util/vireventthread.h
virEventThreadGetContext;
virEventThreadNew;
# util/virfcp.h
virFCIsCapableRport;
virFCReadRportValue;
# util/virfdstream.h
virFDStreamConnectUNIX;
virFDStreamCreateFile;
virFDStreamOpen;
virFDStreamOpenBlockDevice;
virFDStreamOpenFile;
virFDStreamOpenPTY;
virFDStreamSetInternalCloseCb;
# util/virfile.h
saferead;
safewrite;
safezero;
virBuildPathInternal;
virDirClose;
virDirCreate;
virDirOpen;
virDirOpenIfExists;
virDirOpenQuiet;
virDirRead;
virFileAbsPath;
virFileAccessibleAs;
virFileActivateDirOverrideForLib;
virFileActivateDirOverrideForProg;
virFileBindMountDevice;
virFileBuildPath;
virFileCanonicalizePath;
virFileChownFiles;
virFileClose;
virFileComparePaths;
virFileCopyACLs;
virFileDataSync;
virFileDeleteTree;
virFileDirectFdFlag;
virFileExists;
virFileFclose;
virFileFdopen;
virFileFindHugeTLBFS;
virFileFindMountPoint;
virFileFindResource;
virFileFindResourceFull;
virFileFlock;
virFileFreeACLs;
virFileGetACLs;
virFileGetDefaultHugepage;
virFileGetHugepageSize;
virFileGetMountReverseSubtree;
virFileGetMountSubtree;
virFileGetXAttr;
virFileGetXAttrQuiet;
virFileInData;
virFileIsCDROM;
virFileIsDir;
virFileIsExecutable;
virFileIsLink;
virFileIsMountPoint;
virFileIsRegular;
virFileIsSharedFS;
virFileIsSharedFSType;
virFileLength;
virFileLinkPointsTo;
virFileLock;
virFileLoopDeviceAssociate;
virFileMakeParentPath;
virFileMakePath;
virFileMakePathWithMode;
virFileMoveMount;
virFileNBDDeviceAssociate;
virFileOpenAs;
virFileOpenTty;
virFileReadAll;
virFileReadAllQuiet;
virFileReadBufQuiet;
virFileReadHeaderFD;
virFileReadHeaderQuiet;
virFileReadLimFD;
virFileReadValueBitmap;
virFileReadValueInt;
virFileReadValueScaledInt;
virFileReadValueString;
virFileReadValueUint;
virFileReadValueUllong;
virFileRelLinkPointsTo;
virFileRemove;
virFileRemoveLastComponent;
virFileRemoveXAttr;
virFileResolveAllLinks;
virFileResolveLink;
virFileRewrite;
virFileRewriteStr;
virFileSanitizePath;
virFileSetACLs;
virFileSetupDev;
virFileSetXAttr;
virFileTouch;
virFileUnlock;
virFileUpdatePerm;
virFileWaitForExists;
virFileWrapperFdClose;
virFileWrapperFdFree;
virFileWrapperFdNew;
virFileWriteStr;
virFindFileInPath;
# util/virfilecache.h
virFileCacheGetPriv;
virFileCacheInsertData;
virFileCacheLookup;
virFileCacheLookupByFunc;
virFileCacheNew;
virFileCacheSetPriv;
# util/virfirewall.h
virFirewallAddRuleFull;
virFirewallApply;
virFirewallFree;
virFirewallNew;
virFirewallRemoveRule;
virFirewallRuleAddArg;
virFirewallRuleAddArgFormat;
virFirewallRuleAddArgList;
virFirewallRuleAddArgSet;
virFirewallRuleGetArgCount;
virFirewallSetBackend;
virFirewallSetLockOverride;
virFirewallStartRollback;
virFirewallStartTransaction;
# util/virfirewalld.h
virFirewallDApplyRule;
virFirewallDGetBackend;
virFirewallDGetVersion;
virFirewallDGetZones;
virFirewallDInterfaceSetZone;
virFirewallDIsRegistered;
virFirewallDZoneExists;
# util/virfirmware.h
virFirmwareFree;
virFirmwareFreeList;
virFirmwareParse;
virFirmwareParseList;
# util/virgettext.h
virGettextInitialize;
# util/virgic.h
virGICVersionTypeFromString;
virGICVersionTypeToString;
# util/virhash.h
virHashAddEntry;
virHashAtomicNew;
virHashAtomicSteal;
virHashAtomicUpdate;
virHashCreate;
virHashEqual;
virHashForEach;
virHashFree;
virHashGetItems;
virHashHasEntry;
virHashLookup;
virHashNew;
virHashRemoveAll;
virHashRemoveEntry;
virHashRemoveSet;
virHashSearch;
virHashSize;
virHashSteal;
virHashTableSize;
virHashUpdateEntry;
virHashValueFree;
# util/virhashcode.h
virHashCodeGen;
# util/virhook.h
virHookCall;
virHookInitialize;
virHookPresent;
# util/virhostcpu.h
virHostCPUGetAvailableCPUsBitmap;
virHostCPUGetCount;
virHostCPUGetInfo;
virHostCPUGetKVMMaxVCPUs;
virHostCPUGetMap;
virHostCPUGetMicrocodeVersion;
virHostCPUGetMSR;
virHostCPUGetOnline;
virHostCPUGetOnlineBitmap;
virHostCPUGetPresentBitmap;
virHostCPUGetSignature;
virHostCPUGetStats;
virHostCPUGetThreadsPerSubcore;
virHostCPUHasBitmap;
virHostCPUReadSignature;
virHostCPUStatsAssign;
# util/virhostmem.h
virHostMemAllocPages;
virHostMemGetCellsFree;
virHostMemGetFreePages;
virHostMemGetInfo;
virHostMemGetParameters;
virHostMemGetStats;
virHostMemSetParameters;
# util/virhostuptime.h
virHostBootTimeInit;
virHostGetBootTime;
# util/viridentity.h
virIdentityGetCurrent;
virIdentityGetGroupName;
virIdentityGetParameters;
virIdentityGetProcessID;
virIdentityGetProcessTime;
virIdentityGetSASLUserName;
virIdentityGetSELinuxContext;
virIdentityGetSystem;
virIdentityGetUNIXGroupID;
virIdentityGetUNIXUserID;
virIdentityGetUserName;
virIdentityGetX509DName;
virIdentityNew;
virIdentitySetCurrent;
virIdentitySetGroupName;
virIdentitySetParameters;
virIdentitySetProcessID;
virIdentitySetProcessTime;
virIdentitySetSASLUserName;
virIdentitySetSELinuxContext;
virIdentitySetUNIXGroupID;
virIdentitySetUNIXUserID;
virIdentitySetUserName;
virIdentitySetX509DName;
# util/virinitctl.h
virInitctlFifos;
virInitctlSetRunLevel;
# util/viriptables.h
iptablesAddDontMasquerade;
iptablesAddForwardAllowCross;
iptablesAddForwardAllowIn;
iptablesAddForwardAllowOut;
iptablesAddForwardAllowRelatedIn;
iptablesAddForwardMasquerade;
iptablesAddForwardRejectIn;
iptablesAddForwardRejectOut;
iptablesAddOutputFixUdpChecksum;
iptablesAddTcpInput;
iptablesAddTcpOutput;
iptablesAddUdpInput;
iptablesAddUdpOutput;
iptablesRemoveDontMasquerade;
iptablesRemoveForwardAllowCross;
iptablesRemoveForwardAllowIn;
iptablesRemoveForwardAllowOut;
iptablesRemoveForwardAllowRelatedIn;
iptablesRemoveForwardMasquerade;
iptablesRemoveForwardRejectIn;
iptablesRemoveForwardRejectOut;
iptablesRemoveOutputFixUdpChecksum;
iptablesRemoveTcpInput;
iptablesRemoveTcpOutput;
iptablesRemoveUdpInput;
iptablesRemoveUdpOutput;
util: move virtual network firwall rules into private chains The previous commit created new chains to hold the firewall rules. This commit changes the code that creates rules to place them in the new private chains instead of the builtin top level chains. With two networks running, the rules in the filter table now look like -N LIBVIRT_FWI -N LIBVIRT_FWO -N LIBVIRT_FWX -N LIBVIRT_INP -N LIBVIRT_OUT -A INPUT -j LIBVIRT_INP -A FORWARD -j LIBVIRT_FWX -A FORWARD -j LIBVIRT_FWI -A FORWARD -j LIBVIRT_FWO -A OUTPUT -j LIBVIRT_OUT -A LIBVIRT_FWI -d 192.168.0.0/24 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A LIBVIRT_FWI -o virbr0 -j REJECT --reject-with icmp-port-unreachable -A LIBVIRT_FWI -d 192.168.1.0/24 -o virbr1 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A LIBVIRT_FWI -o virbr1 -j REJECT --reject-with icmp-port-unreachable -A LIBVIRT_FWO -s 192.168.0.0/24 -i virbr0 -j ACCEPT -A LIBVIRT_FWO -i virbr0 -j REJECT --reject-with icmp-port-unreachable -A LIBVIRT_FWO -s 192.168.1.0/24 -i virbr1 -j ACCEPT -A LIBVIRT_FWO -i virbr1 -j REJECT --reject-with icmp-port-unreachable -A LIBVIRT_FWX -i virbr0 -o virbr0 -j ACCEPT -A LIBVIRT_FWX -i virbr1 -o virbr1 -j ACCEPT -A LIBVIRT_INP -i virbr0 -p udp -m udp --dport 53 -j ACCEPT -A LIBVIRT_INP -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT -A LIBVIRT_INP -i virbr0 -p udp -m udp --dport 67 -j ACCEPT -A LIBVIRT_INP -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A LIBVIRT_INP -i virbr1 -p udp -m udp --dport 53 -j ACCEPT -A LIBVIRT_INP -i virbr1 -p tcp -m tcp --dport 53 -j ACCEPT -A LIBVIRT_INP -i virbr1 -p udp -m udp --dport 67 -j ACCEPT -A LIBVIRT_INP -i virbr1 -p tcp -m tcp --dport 67 -j ACCEPT -A LIBVIRT_OUT -o virbr0 -p udp -m udp --dport 68 -j ACCEPT -A LIBVIRT_OUT -o virbr1 -p udp -m udp --dport 68 -j ACCEPT While in the nat table: -N LIBVIRT_PRT -A POSTROUTING -j LIBVIRT_PRT -A LIBVIRT_PRT -s 192.168.0.0/24 -d 224.0.0.0/24 -j RETURN -A LIBVIRT_PRT -s 192.168.0.0/24 -d 255.255.255.255/32 -j RETURN -A LIBVIRT_PRT -s 192.168.0.0/24 ! -d 192.168.0.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535 -A LIBVIRT_PRT -s 192.168.0.0/24 ! -d 192.168.0.0/24 -p udp -j MASQUERADE --to-ports 1024-65535 -A LIBVIRT_PRT -s 192.168.0.0/24 ! -d 192.168.0.0/24 -j MASQUERADE -A LIBVIRT_PRT -s 192.168.1.0/24 -d 224.0.0.0/24 -j RETURN -A LIBVIRT_PRT -s 192.168.1.0/24 -d 255.255.255.255/32 -j RETURN -A LIBVIRT_PRT -s 192.168.1.0/24 ! -d 192.168.1.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535 -A LIBVIRT_PRT -s 192.168.1.0/24 ! -d 192.168.1.0/24 -p udp -j MASQUERADE --to-ports 1024-65535 -A LIBVIRT_PRT -s 192.168.1.0/24 ! -d 192.168.1.0/24 -j MASQUERADE And finally the mangle table: -N LIBVIRT_PRT -A POSTROUTING -j LIBVIRT_PRT -A LIBVIRT_PRT -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill -A LIBVIRT_PRT -o virbr1 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-12-05 15:53:55 +00:00
iptablesSetDeletePrivate;
util: create private chains for virtual network firewall rules Historically firewall rules for virtual networks were added straight into the base chains. This works but has a number of bugs and design limitations: - It is inflexible for admins wanting to add extra rules ahead of libvirt's rules, via hook scripts. - It is not clear to the admin that the rules were created by libvirt - Each rule must be deleted by libvirt individually since they are all directly in the builtin chains - The ordering of rules in the forward chain is incorrect when multiple networks are created, allowing traffic to mistakenly flow between networks in one direction. To address all of these problems, libvirt needs to move to creating rules in its own private chains. In the top level builtin chains, libvirt will add links to its own private top level chains. Addressing the traffic ordering bug requires some extra steps. With everything going into the FORWARD chain there was interleaving of rules for outbound traffic and inbound traffic for each network: -A FORWARD -d 192.168.3.0/24 -o virbr1 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A FORWARD -s 192.168.3.0/24 -i virbr1 -j ACCEPT -A FORWARD -i virbr1 -o virbr1 -j ACCEPT -A FORWARD -o virbr1 -j REJECT --reject-with icmp-port-unreachable -A FORWARD -i virbr1 -j REJECT --reject-with icmp-port-unreachable -A FORWARD -d 192.168.2.0/24 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A FORWARD -s 192.168.2.0/24 -i virbr0 -j ACCEPT -A FORWARD -i virbr0 -o virbr0 -j ACCEPT -A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable -A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable The rule allowing outbound traffic from virbr1 would mistakenly allow packets from virbr1 to virbr0, before the rule denying input to virbr0 gets a chance to run. What we really need todo is group the forwarding rules into three distinct sets: * Cross rules - LIBVIRT_FWX -A FORWARD -i virbr1 -o virbr1 -j ACCEPT -A FORWARD -i virbr0 -o virbr0 -j ACCEPT * Incoming rules - LIBVIRT_FWI -A FORWARD -d 192.168.3.0/24 -o virbr1 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A FORWARD -o virbr1 -j REJECT --reject-with icmp-port-unreachable -A FORWARD -d 192.168.2.0/24 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable * Outgoing rules - LIBVIRT_FWO -A FORWARD -s 192.168.3.0/24 -i virbr1 -j ACCEPT -A FORWARD -i virbr1 -j REJECT --reject-with icmp-port-unreachable -A FORWARD -s 192.168.2.0/24 -i virbr0 -j ACCEPT -A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable There is thus no risk of outgoing rules for one network mistakenly allowing incoming traffic for another network, as all incoming rules are evalated first. With this in mind, we'll thus need three distinct chains linked from the FORWARD chain, so we end up with: INPUT --> LIBVIRT_INP (filter) OUTPUT --> LIBVIRT_OUT (filter) FORWARD +-> LIBVIRT_FWX (filter) +-> LIBVIRT_FWO \-> LIBVIRT_FWI POSTROUTING --> LIBVIRT_PRT (nat & mangle) Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-10-31 19:33:21 +00:00
iptablesSetupPrivateChains;
# util/viriscsi.h
virISCSIConnectionLogin;
virISCSIConnectionLogout;
virISCSIGetSession;
virISCSINodeNew;
virISCSINodeUpdate;
virISCSIRescanLUNs;
virISCSIScanTargets;
# util/virjson.h
virJSONStringReformat;
virJSONValueArrayAppend;
virJSONValueArrayAppendString;
virJSONValueArrayConcat;
virJSONValueArrayForeachSteal;
virJSONValueArrayGet;
virJSONValueArraySize;
virJSONValueArraySteal;
virJSONValueCopy;
virJSONValueFree;
virJSONValueFromString;
virJSONValueGetArrayAsBitmap;
virJSONValueGetBoolean;
virJSONValueGetNumberDouble;
virJSONValueGetNumberInt;
virJSONValueGetNumberLong;
virJSONValueGetNumberString;
virJSONValueGetNumberUint;
virJSONValueGetNumberUlong;
virJSONValueGetString;
virJSONValueGetType;
virJSONValueHashFree;
virJSONValueIsArray;
virJSONValueIsNull;
virJSONValueIsObject;
virJSONValueNewArray;
virJSONValueNewArrayFromBitmap;
virJSONValueNewBoolean;
virJSONValueNewNull;
virJSONValueNewNumberDouble;
virJSONValueNewNumberInt;
virJSONValueNewNumberLong;
virJSONValueNewNumberUint;
virJSONValueNewNumberUlong;
virJSONValueNewObject;
virJSONValueNewString;
virJSONValueNewStringLen;
virJSONValueObjectAdd;
virJSONValueObjectAddVArgs;
virJSONValueObjectAppend;
virJSONValueObjectAppendBoolean;
virJSONValueObjectAppendNull;
virJSONValueObjectAppendNumberDouble;
virJSONValueObjectAppendNumberInt;
virJSONValueObjectAppendNumberLong;
virJSONValueObjectAppendNumberUint;
virJSONValueObjectAppendNumberUlong;
virJSONValueObjectAppendString;
virJSONValueObjectAppendStringPrintf;
virJSONValueObjectCreate;
virJSONValueObjectCreateVArgs;
virJSONValueObjectDeflatten;
virJSONValueObjectForeachKeyValue;
virJSONValueObjectGet;
virJSONValueObjectGetArray;
virJSONValueObjectGetBoolean;
virJSONValueObjectGetByType;
virJSONValueObjectGetKey;
virJSONValueObjectGetNumberDouble;
virJSONValueObjectGetNumberInt;
virJSONValueObjectGetNumberLong;
virJSONValueObjectGetNumberUint;
virJSONValueObjectGetNumberUlong;
virJSONValueObjectGetObject;
virJSONValueObjectGetString;
virJSONValueObjectGetValue;
virJSONValueObjectHasKey;
virJSONValueObjectIsNull;
virJSONValueObjectKeysNumber;
virJSONValueObjectPrependString;
virJSONValueObjectRemoveKey;
virJSONValueObjectStealArray;
virJSONValueObjectStealObject;
virJSONValueToBuffer;
virJSONValueToString;
# util/virkeycode.h
virKeycodeSetTypeFromString;
virKeycodeSetTypeToString;
virKeycodeValueFromString;
virKeycodeValueTranslate;
# util/virkmod.h
virKModIsProhibited;
virKModLoad;
virKModUnload;
# util/virlease.h
virLeaseNew;
virLeasePrintLeases;
virLeaseReadCustomLeaseFile;
# util/virlockspace.h
Introduce an internal API for handling file based lockspaces The previously introduced virFile{Lock,Unlock} APIs provide a way to acquire/release fcntl() locks on individual files. For unknown reason though, the POSIX spec says that fcntl() locks are released when *any* file handle referring to the same path is closed. In the following sequence threadA: fd1 = open("foo") threadB: fd2 = open("foo") threadA: virFileLock(fd1) threadB: virFileLock(fd2) threadB: close(fd2) you'd expect threadA to come out holding a lock on 'foo', and indeed it does hold a lock for a very short time. Unfortunately when threadB does close(fd2) this releases the lock associated with fd1. For the current libvirt use case for virFileLock - pidfiles - this doesn't matter since the lock is acquired at startup while single threaded an never released until exit. To provide a more generally useful API though, it is necessary to introduce a slightly higher level abstraction, which is to be referred to as a "lockspace". This is to be provided by a virLockSpacePtr object in src/util/virlockspace.{c,h}. The core idea is that the lockspace keeps track of what files are already open+locked. This means that when a 2nd thread comes along and tries to acquire a lock, it doesn't end up opening and closing a new FD. The lockspace just checks the current list of held locks and immediately returns VIR_ERR_RESOURCE_BUSY. NB, the API as it stands is designed on the basis that the files being locked are not being otherwise opened and used by the application code. One approach to using this API is to acquire locks based on a hash of the filepath. eg to lock /var/lib/libvirt/images/foo.img the application might do virLockSpacePtr lockspace = virLockSpaceNew("/var/lib/libvirt/imagelocks"); lockname = md5sum("/var/lib/libvirt/images/foo.img"); virLockSpaceAcquireLock(lockspace, lockname); NB, in this example, the caller should ensure that the path is canonicalized before calculating the checksum. It is also possible to do locks directly on resources by using a NULL lockspace directory and then using the file path as the lock name eg virLockSpacePtr lockspace = virLockSpaceNew(NULL); virLockSpaceAcquireLock(lockspace, "/var/lib/libvirt/images/foo.img"); This is only safe to do though if no other part of the process will be opening the files. This will be the case when this code is used inside the soon-to-be-reposted virlockd daemon Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-08-02 16:02:40 +00:00
virLockSpaceAcquireResource;
virLockSpaceCreateResource;
virLockSpaceDeleteResource;
virLockSpaceFree;
virLockSpaceGetDirectory;
virLockSpaceNew;
virLockSpaceNewPostExecRestart;
virLockSpacePreExecRestart;
Introduce an internal API for handling file based lockspaces The previously introduced virFile{Lock,Unlock} APIs provide a way to acquire/release fcntl() locks on individual files. For unknown reason though, the POSIX spec says that fcntl() locks are released when *any* file handle referring to the same path is closed. In the following sequence threadA: fd1 = open("foo") threadB: fd2 = open("foo") threadA: virFileLock(fd1) threadB: virFileLock(fd2) threadB: close(fd2) you'd expect threadA to come out holding a lock on 'foo', and indeed it does hold a lock for a very short time. Unfortunately when threadB does close(fd2) this releases the lock associated with fd1. For the current libvirt use case for virFileLock - pidfiles - this doesn't matter since the lock is acquired at startup while single threaded an never released until exit. To provide a more generally useful API though, it is necessary to introduce a slightly higher level abstraction, which is to be referred to as a "lockspace". This is to be provided by a virLockSpacePtr object in src/util/virlockspace.{c,h}. The core idea is that the lockspace keeps track of what files are already open+locked. This means that when a 2nd thread comes along and tries to acquire a lock, it doesn't end up opening and closing a new FD. The lockspace just checks the current list of held locks and immediately returns VIR_ERR_RESOURCE_BUSY. NB, the API as it stands is designed on the basis that the files being locked are not being otherwise opened and used by the application code. One approach to using this API is to acquire locks based on a hash of the filepath. eg to lock /var/lib/libvirt/images/foo.img the application might do virLockSpacePtr lockspace = virLockSpaceNew("/var/lib/libvirt/imagelocks"); lockname = md5sum("/var/lib/libvirt/images/foo.img"); virLockSpaceAcquireLock(lockspace, lockname); NB, in this example, the caller should ensure that the path is canonicalized before calculating the checksum. It is also possible to do locks directly on resources by using a NULL lockspace directory and then using the file path as the lock name eg virLockSpacePtr lockspace = virLockSpaceNew(NULL); virLockSpaceAcquireLock(lockspace, "/var/lib/libvirt/images/foo.img"); This is only safe to do though if no other part of the process will be opening the files. This will be the case when this code is used inside the soon-to-be-reposted virlockd daemon Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-08-02 16:02:40 +00:00
virLockSpaceReleaseResource;
virLockSpaceReleaseResourcesForOwner;
# util/virlog.h
virLogDefineFilters;
virLogDefineOutputs;
virLogFilterFree;
virLogFilterListFree;
virLogFilterNew;
virLogFindOutput;
virLogGetDefaultOutput;
virLogGetDefaultPriority;
virLogGetFilters;
virLogGetNbFilters;
virLogGetNbOutputs;
virLogGetOutputs;
virLogLock;
virLogMessage;
virLogOutputFree;
virLogOutputListFree;
virLogOutputNew;
virLogParseDefaultPriority;
virLogParseFilter;
virLogParseFilters;
virLogParseOutput;
virLogParseOutputs;
virLogPriorityFromSyslog;
virLogProbablyLogMessage;
virLogReset;
virLogSetDefaultOutput;
virLogSetDefaultPriority;
virLogSetFilters;
virLogSetFromEnv;
virLogSetOutputs;
virLogUnlock;
virLogVMessage;
# util/virmacaddr.h
virMacAddrCmp;
virMacAddrCmpRaw;
virMacAddrCompare;
virMacAddrFormat;
virMacAddrGenerate;
virMacAddrGetRaw;
virMacAddrIsBroadcastRaw;
virMacAddrIsMulticast;
virMacAddrIsUnicast;
virMacAddrParse;
virMacAddrParseHex;
virMacAddrSet;
virMacAddrSetRaw;
# util/virmacmap.h
virMacMapAdd;
virMacMapDumpStr;
virMacMapFileName;
virMacMapLookup;
virMacMapNew;
virMacMapRemove;
virMacMapWriteFile;
# util/virmdev.h
virMediatedDeviceAttrFree;
virMediatedDeviceAttrNew;
virMediatedDeviceFree;
virMediatedDeviceGetIOMMUGroupDev;
virMediatedDeviceGetIOMMUGroupNum;
virMediatedDeviceGetSysfsPath;
virMediatedDeviceGetUsedBy;
virMediatedDeviceIsUsed;
virMediatedDeviceListAdd;
virMediatedDeviceListCount;
virMediatedDeviceListDel;
virMediatedDeviceListFind;
virMediatedDeviceListGet;
virMediatedDeviceListMarkDevices;
virMediatedDeviceListNew;
virMediatedDeviceListSteal;
virMediatedDeviceListStealIndex;
virMediatedDeviceModelTypeFromString;
virMediatedDeviceModelTypeToString;
virMediatedDeviceNew;
virMediatedDeviceSetUsedBy;
virMediatedDeviceTypeFree;
virMediatedDeviceTypeReadAttrs;
# util/virmodule.h
virModuleLoad;
# util/virnetdev.h
virNetDevAddMulti;
virNetDevDelMulti;
virNetDevExists;
virNetDevFeatureTypeFromString;
virNetDevFeatureTypeToString;
virNetDevGetFeatures;
virNetDevGetIndex;
virNetDevGetLinkInfo;
virNetDevGetMAC;
virNetDevGetMaster;
virNetDevGetMTU;
virNetDevGetName;
virNetDevGetOnline;
virNetDevGetPhysicalFunction;
virNetDevGetPhysPortID;
virNetDevGetPromiscuous;
virNetDevGetRcvAllMulti;
virNetDevGetRcvMulti;
virNetDevGetRxFilter;
virNetDevGetVirtualFunctionIndex;
virNetDevGetVirtualFunctionInfo;
virNetDevGetVirtualFunctions;
virNetDevGetVLanID;
virNetDevIfStateTypeFromString;
virNetDevIfStateTypeToString;
virNetDevIsVirtualFunction;
virNetDevPFGetVF;
virNetDevReadNetConfig;
virNetDevRunEthernetScript;
virNetDevRxFilterFree;
virNetDevRxFilterModeTypeFromString;
virNetDevRxFilterModeTypeToString;
virNetDevRxFilterNew;
virNetDevSaveNetConfig;
virNetDevSetCoalesce;
virNetDevSetMAC;
virNetDevSetMTU;
virNetDevSetMTUFromDevice;
virNetDevSetName;
virNetDevSetNamespace;
virNetDevSetNetConfig;
virNetDevSetOnline;
virNetDevSetPromiscuous;
virNetDevSetRcvAllMulti;
virNetDevSetRcvMulti;
virNetDevSetupControl;
virNetDevSysfsFile;
virNetDevValidateConfig;
# util/virnetdevbandwidth.h
virNetDevBandwidthClear;
virNetDevBandwidthCopy;
virNetDevBandwidthEqual;
virNetDevBandwidthFree;
virNetDevBandwidthPlug;
virNetDevBandwidthSet;
virNetDevBandwidthUnplug;
virNetDevBandwidthUpdateFilter;
virNetDevBandwidthUpdateRate;
# util/virnetdevbridge.h
virNetDevBridgeAddPort;
virNetDevBridgeCreate;
virNetDevBridgeDelete;
virNetDevBridgeFDBAdd;
virNetDevBridgeFDBDel;
virNetDevBridgeGetSTP;
virNetDevBridgeGetSTPDelay;
virNetDevBridgeGetVlanFiltering;
virNetDevBridgePortGetIsolated;
virNetDevBridgePortGetLearning;
virNetDevBridgePortGetUnicastFlood;
virNetDevBridgePortSetIsolated;
virNetDevBridgePortSetLearning;
virNetDevBridgePortSetUnicastFlood;
virNetDevBridgeRemovePort;
virNetDevBridgeSetSTP;
virNetDevBridgeSetSTPDelay;
virNetDevBridgeSetVlanFiltering;
# util/virnetdevip.h
virNetDevIPAddrAdd;
virNetDevIPAddrDel;
virNetDevIPAddrGet;
virNetDevIPCheckIPv6Forwarding;
virNetDevIPInfoAddToDev;
virNetDevIPInfoClear;
virNetDevIPRouteAdd;
virNetDevIPRouteFree;
virNetDevIPRouteGetAddress;
virNetDevIPRouteGetGateway;
virNetDevIPRouteGetMetric;
virNetDevIPRouteGetPrefix;
virNetDevIPWaitDadFinish;
# util/virnetdevmacvlan.h
virNetDevMacVLanCreate;
virNetDevMacVLanCreateWithVPortProfile;
virNetDevMacVLanDelete;
virNetDevMacVLanDeleteWithVPortProfile;
virNetDevMacVLanIsMacvtap;
virNetDevMacVLanModeTypeFromString;
2016-01-19 19:20:54 +00:00
virNetDevMacVLanReleaseName;
virNetDevMacVLanReserveName;
virNetDevMacVLanRestartWithVPortProfile;
virNetDevMacVLanTapOpen;
virNetDevMacVLanTapSetup;
virNetDevMacVLanVPortProfileRegisterCallback;
# util/virnetdevmidonet.h
virNetDevMidonetBindPort;
virNetDevMidonetUnbindPort;
# util/virnetdevopenvswitch.h
virNetDevOpenvswitchAddPort;
virNetDevOpenvswitchGetMigrateData;
virNetDevOpenvswitchGetVhostuserIfname;
virNetDevOpenvswitchInterfaceGetMaster;
virNetDevOpenvswitchInterfaceParseStats;
virNetDevOpenvswitchInterfaceStats;
virNetDevOpenvswitchRemovePort;
virNetDevOpenvswitchSetMigrateData;
virNetDevOpenvswitchSetTimeout;
virNetDevOpenvswitchUpdateVlan;
# util/virnetdevtap.h
virNetDevTapAttachBridge;
virNetDevTapCreate;
virNetDevTapCreateInBridgePort;
virNetDevTapDelete;
virNetDevTapGetName;
virNetDevTapGetRealDeviceName;
virNetDevTapInterfaceStats;
virNetDevTapReattachBridge;
# util/virnetdevveth.h
virNetDevVethCreate;
virNetDevVethDelete;
# util/virnetdevvlan.h
virNetDevVlanClear;
virNetDevVlanCopy;
virNetDevVlanEqual;
virNetDevVlanFree;
# util/virnetdevvportprofile.h
virNetDevVPortProfileAssociate;
virNetDevVPortProfileCheckComplete;
virNetDevVPortProfileCheckNoExtras;
virNetDevVPortProfileCopy;
virNetDevVPortProfileDisassociate;
virNetDevVPortProfileEqual;
virNetDevVPortProfileMerge3;
virNetDevVPortProfileOpTypeFromString;
virNetDevVPortProfileOpTypeToString;
# util/virnetlink.h
virNetlinkCommand;
virNetlinkDelLink;
virNetlinkDumpCommand;
virNetlinkDumpLink;
virNetlinkEventAddClient;
virNetlinkEventRemoveClient;
virNetlinkEventServiceIsRunning;
virNetlinkEventServiceLocalPid;
virNetlinkEventServiceStart;
virNetlinkEventServiceStop;
virNetlinkEventServiceStopAll;
virNetlinkGetErrorCode;
virNetlinkGetNeighbor;
virNetlinkNewLink;
virNetlinkShutdown;
virNetlinkStartup;
# util/virnodesuspend.h
virNodeSuspend;
virNodeSuspendGetTargetMask;
# util/virnuma.h
virNumaGetAutoPlacementAdvice;
virNumaGetDistances;
virNumaGetHostMemoryNodeset;
virNumaGetMaxNode;
virNumaGetNodeCPUs;
virNumaGetNodeMemory;
virNumaGetPageInfo;
virNumaGetPages;
virNumaIsAvailable;
virNumaNodeIsAvailable;
virNumaNodesetIsAvailable;
virNumaNodesetToCPUset;
virNumaSetPagePoolSize;
virNumaSetupMemoryPolicy;
# util/virnvme.h
virNVMeDeviceAddressGet;
virNVMeDeviceCopy;
virNVMeDeviceFree;
virNVMeDeviceListAdd;
virNVMeDeviceListCount;
virNVMeDeviceListCreateDetachList;
virNVMeDeviceListDel;
virNVMeDeviceListGet;
virNVMeDeviceListLookup;
virNVMeDeviceListLookupIndex;
virNVMeDeviceListNew;
virNVMeDeviceNew;
virNVMeDeviceUsedByClear;
virNVMeDeviceUsedByGet;
virNVMeDeviceUsedBySet;
# util/virobject.h
virClassForObject;
virClassForObjectLockable;
virClassForObjectRWLockable;
virClassIsDerivedFrom;
Add a generic reference counted virObject type This introduces a fairly basic reference counted virObject type and an associated virClass type, that use atomic operations for ref counting. In a global initializer (recommended to be invoked using the virOnceInit API), a virClass type must be allocated for each object type. This requires a class name, a "dispose" callback which will be invoked to free memory associated with the object's fields, and the size in bytes of the object struct. eg, virClassPtr connclass = virClassNew("virConnect", sizeof(virConnect), virConnectDispose); The struct for the object, must include 'virObject' as its first member eg struct _virConnect { virObject object; virURIPtr uri; }; The 'dispose' callback is only responsible for freeing fields in the object, not the object itself. eg a suitable impl for the above struct would be void virConnectDispose(void *obj) { virConnectPtr conn = obj; virURIFree(conn->uri); } There is no need to reset fields to 'NULL' or '0' in the dispose callback, since the entire object will be memset to 0, and the klass pointer & magic integer fields will be poisoned with 0xDEADBEEF before being free()d When creating an instance of an object, one needs simply pass the virClassPtr eg virConnectPtr conn = virObjectNew(connclass); if (!conn) return NULL; conn->uri = virURIParse("foo:///bar") Object references can be manipulated with virObjectRef(conn) virObjectUnref(conn) The latter returns a true value, if the object has been freed (ie its ref count hit zero) Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-11 13:35:44 +00:00
virClassName;
virClassNew;
virObjectFreeCallback;
virObjectFreeHashData;
Add a generic reference counted virObject type This introduces a fairly basic reference counted virObject type and an associated virClass type, that use atomic operations for ref counting. In a global initializer (recommended to be invoked using the virOnceInit API), a virClass type must be allocated for each object type. This requires a class name, a "dispose" callback which will be invoked to free memory associated with the object's fields, and the size in bytes of the object struct. eg, virClassPtr connclass = virClassNew("virConnect", sizeof(virConnect), virConnectDispose); The struct for the object, must include 'virObject' as its first member eg struct _virConnect { virObject object; virURIPtr uri; }; The 'dispose' callback is only responsible for freeing fields in the object, not the object itself. eg a suitable impl for the above struct would be void virConnectDispose(void *obj) { virConnectPtr conn = obj; virURIFree(conn->uri); } There is no need to reset fields to 'NULL' or '0' in the dispose callback, since the entire object will be memset to 0, and the klass pointer & magic integer fields will be poisoned with 0xDEADBEEF before being free()d When creating an instance of an object, one needs simply pass the virClassPtr eg virConnectPtr conn = virObjectNew(connclass); if (!conn) return NULL; conn->uri = virURIParse("foo:///bar") Object references can be manipulated with virObjectRef(conn) virObjectUnref(conn) The latter returns a true value, if the object has been freed (ie its ref count hit zero) Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-11 13:35:44 +00:00
virObjectIsClass;
virObjectListFree;
virObjectListFreeCount;
virObjectLock;
virObjectLockableNew;
Add a generic reference counted virObject type This introduces a fairly basic reference counted virObject type and an associated virClass type, that use atomic operations for ref counting. In a global initializer (recommended to be invoked using the virOnceInit API), a virClass type must be allocated for each object type. This requires a class name, a "dispose" callback which will be invoked to free memory associated with the object's fields, and the size in bytes of the object struct. eg, virClassPtr connclass = virClassNew("virConnect", sizeof(virConnect), virConnectDispose); The struct for the object, must include 'virObject' as its first member eg struct _virConnect { virObject object; virURIPtr uri; }; The 'dispose' callback is only responsible for freeing fields in the object, not the object itself. eg a suitable impl for the above struct would be void virConnectDispose(void *obj) { virConnectPtr conn = obj; virURIFree(conn->uri); } There is no need to reset fields to 'NULL' or '0' in the dispose callback, since the entire object will be memset to 0, and the klass pointer & magic integer fields will be poisoned with 0xDEADBEEF before being free()d When creating an instance of an object, one needs simply pass the virClassPtr eg virConnectPtr conn = virObjectNew(connclass); if (!conn) return NULL; conn->uri = virURIParse("foo:///bar") Object references can be manipulated with virObjectRef(conn) virObjectUnref(conn) The latter returns a true value, if the object has been freed (ie its ref count hit zero) Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-11 13:35:44 +00:00
virObjectNew;
virObjectRef;
virObjectRWLockableNew;
virObjectRWLockRead;
virObjectRWLockWrite;
virObjectRWUnlock;
virObjectUnlock;
Add a generic reference counted virObject type This introduces a fairly basic reference counted virObject type and an associated virClass type, that use atomic operations for ref counting. In a global initializer (recommended to be invoked using the virOnceInit API), a virClass type must be allocated for each object type. This requires a class name, a "dispose" callback which will be invoked to free memory associated with the object's fields, and the size in bytes of the object struct. eg, virClassPtr connclass = virClassNew("virConnect", sizeof(virConnect), virConnectDispose); The struct for the object, must include 'virObject' as its first member eg struct _virConnect { virObject object; virURIPtr uri; }; The 'dispose' callback is only responsible for freeing fields in the object, not the object itself. eg a suitable impl for the above struct would be void virConnectDispose(void *obj) { virConnectPtr conn = obj; virURIFree(conn->uri); } There is no need to reset fields to 'NULL' or '0' in the dispose callback, since the entire object will be memset to 0, and the klass pointer & magic integer fields will be poisoned with 0xDEADBEEF before being free()d When creating an instance of an object, one needs simply pass the virClassPtr eg virConnectPtr conn = virObjectNew(connclass); if (!conn) return NULL; conn->uri = virURIParse("foo:///bar") Object references can be manipulated with virObjectRef(conn) virObjectUnref(conn) The latter returns a true value, if the object has been freed (ie its ref count hit zero) Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-11 13:35:44 +00:00
virObjectUnref;
# util/virpci.h
virPCIDeviceAddressAsString;
virPCIDeviceAddressCopy;
virPCIDeviceAddressEqual;
virPCIDeviceAddressFree;
virPCIDeviceAddressGetIOMMUGroupAddresses;
virPCIDeviceAddressGetIOMMUGroupDev;
virPCIDeviceAddressGetIOMMUGroupNum;
virPCIDeviceAddressGetSysfsFile;
virPCIDeviceAddressIOMMUGroupIterate;
virPCIDeviceAddressIsEmpty;
virPCIDeviceAddressIsValid;
virPCIDeviceAddressParse;
virPCIDeviceCopy;
virPCIDeviceDetach;
virPCIDeviceFileIterate;
virPCIDeviceFree;
virPCIDeviceGetAddress;
virPCIDeviceGetConfigPath;
virPCIDeviceGetDriverPathAndName;
virPCIDeviceGetIOMMUGroupDev;
virPCIDeviceGetIOMMUGroupList;
virPCIDeviceGetLinkCapSta;
virPCIDeviceGetManaged;
virPCIDeviceGetName;
virPCIDeviceGetRemoveSlot;
virPCIDeviceGetReprobe;
virPCIDeviceGetStubDriver;
virPCIDeviceGetUnbindFromStub;
virPCIDeviceGetUsedBy;
virPCIDeviceHasPCIExpressLink;
virPCIDeviceIsAssignable;
virPCIDeviceIsPCIExpress;
virPCIDeviceListAdd;
virPCIDeviceListAddCopy;
virPCIDeviceListCount;
virPCIDeviceListDel;
virPCIDeviceListFind;
virPCIDeviceListFindByIDs;
virPCIDeviceListFindIndex;
virPCIDeviceListGet;
virPCIDeviceListNew;
virPCIDeviceListSteal;
virPCIDeviceListStealIndex;
virPCIDeviceNew;
virPCIDeviceReattach;
virPCIDeviceRebind;
virPCIDeviceReset;
virPCIDeviceSetManaged;
virPCIDeviceSetRemoveSlot;
virPCIDeviceSetReprobe;
virPCIDeviceSetStubDriver;
virPCIDeviceSetUnbindFromStub;
virPCIDeviceSetUsedBy;
virPCIDeviceUnbind;
virPCIEDeviceInfoFree;
virPCIELinkSpeedTypeFromString;
virPCIELinkSpeedTypeToString;
virPCIGetDeviceAddressFromSysfsLink;
virPCIGetHeaderType;
virPCIGetMdevTypes;
virPCIGetNetName;
virPCIGetPhysicalFunction;
virPCIGetSysfsFile;
virPCIGetVirtualFunctionIndex;
virPCIGetVirtualFunctionInfo;
virPCIGetVirtualFunctions;
virPCIHeaderTypeFromString;
virPCIHeaderTypeToString;
virPCIIsVirtualFunction;
virPCIStubDriverTypeFromString;
virPCIStubDriverTypeToString;
conf: fix zPCI address auto-generation on s390 Let us fix the issues with zPCI address validation and auto-generation on s390. Currently, there are two issues with handling the ZPCI address extension. Firstly, when the uid is to be auto-generated with a specified fid, .i.e.: ... <address type='pci'> <zpci fid='0x0000001f'/> </address> ... we expect uid='0x0001' (or the next available uid for the domain). However, we get a parsing error: $ virsh define zpci.xml error: XML error: Invalid PCI address uid='0x0000', must be > 0x0000 and <= 0xffff Secondly, when the uid is specified explicitly with the invalid numerical value '0x0000', we actually expect the parsing error above. However, the domain is being defined and the uid value is silently changed to a valid value. The first issue is a bug and the second one is undesired behaviour, and both issues are related to how we (in-band) signal invalid values for uid and fid. So let's fix the XML parsing to do validation based on what is actually specified in the XML. The first issue is also related to the current code behaviour, which is, if either uid or fid is specified by the user, it is incorrectly assumed that both uid and fid are specified. This bug is fixed by identifying when the user specified ZPCI address is incomplete and auto-generating the missing ZPCI address. Signed-off-by: Bjoern Walk <bwalk@linux.ibm.com> Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com> Signed-off-by: Shalini Chellathurai Saroja <shalini@linux.ibm.com> Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2020-06-18 08:25:15 +00:00
virZPCIDeviceAddressIsIncomplete;
virZPCIDeviceAddressIsPresent;
# util/virperf.h
virPerfEventDisable;
virPerfEventEnable;
virPerfEventIsEnabled;
virPerfEventTypeFromString;
virPerfEventTypeToString;
virPerfFree;
virPerfNew;
virPerfReadEvent;
# util/virpidfile.h
virPidFileAcquire;
virPidFileAcquirePath;
virPidFileBuildPath;
virPidFileConstructPath;
virPidFileDelete;
virPidFileDeletePath;
virPidFileForceCleanupPath;
virPidFileRead;
virPidFileReadIfAlive;
virPidFileReadPath;
virPidFileReadPathIfAlive;
virPidFileRelease;
virPidFileReleasePath;
virPidFileWrite;
virPidFileWritePath;
# util/virpolkit.h
virPolkitAgentCreate;
virPolkitAgentDestroy;
virPolkitCheckAuth;
# util/virportallocator.h
virPortAllocatorAcquire;
virPortAllocatorRangeFree;
virPortAllocatorRangeNew;
virPortAllocatorRelease;
virPortAllocatorSetUsed;
# util/virprocess.h
virProcessAbort;
virProcessExitWithStatus;
virProcessGetAffinity;
virProcessGetMaxMemLock;
virProcessGetNamespaces;
virProcessGetPids;
virProcessGetStartTime;
virProcessKill;
virProcessKillPainfully;
virProcessKillPainfullyDelay;
virProcessNamespaceAvailable;
virProcessRunInFork;
virProcessRunInMountNamespace;
virProcessSchedPolicyTypeFromString;
virProcessSchedPolicyTypeToString;
virProcessSetAffinity;
virProcessSetMaxCoreSize;
virProcessSetMaxFiles;
virProcessSetMaxMemLock;
virProcessSetMaxProcesses;
virProcessSetNamespaces;
virProcessSetScheduler;
virProcessSetupPrivateMountNS;
virProcessTranslateStatus;
virProcessWait;
# util/virqemu.h
virQEMUBuildBufferEscapeComma;
virQEMUBuildCommandLineJSON;
virQEMUBuildCommandLineJSONArrayBitmap;
virQEMUBuildCommandLineJSONArrayNumbered;
virQEMUBuildDriveCommandlineFromJSON;
virQEMUBuildNetdevCommandlineFromJSON;
virQEMUBuildObjectCommandlineFromJSON;
virQEMUBuildQemuImgKeySecretOpts;
# util/virrandom.h
virRandom;
virRandomBits;
virRandomBytes;
virRandomGenerateWWN;
virRandomInt;
# util/virresctrl.h
virCacheKernelTypeFromString;
virCacheKernelTypeToString;
virCacheTypeFromString;
virCacheTypeToString;
virResctrlAllocAddPID;
virResctrlAllocCreate;
virResctrlAllocDeterminePath;
virResctrlAllocForeachCache;
virResctrlAllocForeachMemory;
virResctrlAllocFormat;
virResctrlAllocGetID;
virResctrlAllocGetUnused;
virResctrlAllocIsEmpty;
virResctrlAllocNew;
virResctrlAllocRemove;
virResctrlAllocSetCacheSize;
virResctrlAllocSetID;
virResctrlAllocSetMemoryBandwidth;
virResctrlInfoGetCache;
virResctrlInfoGetMonitorPrefix;
virResctrlInfoMonFree;
virResctrlInfoNew;
virResctrlMonitorAddPID;
virResctrlMonitorCreate;
virResctrlMonitorDeterminePath;
virResctrlMonitorGetID;
virResctrlMonitorGetStats;
virResctrlMonitorNew;
virResctrlMonitorRemove;
virResctrlMonitorSetAlloc;
virResctrlMonitorSetID;
virResctrlMonitorStatsFree;
# util/virrotatingfile.h
virRotatingFileReaderConsume;
virRotatingFileReaderFree;
virRotatingFileReaderNew;
virRotatingFileReaderSeek;
virRotatingFileWriterAppend;
virRotatingFileWriterFree;
virRotatingFileWriterGetINode;
virRotatingFileWriterGetOffset;
virRotatingFileWriterGetPath;
virRotatingFileWriterNew;
# util/virscsi.h
virSCSIDeviceFileIterate;
virSCSIDeviceFree;
virSCSIDeviceGetAdapter;
virSCSIDeviceGetBus;
virSCSIDeviceGetDevName;
virSCSIDeviceGetName;
virSCSIDeviceGetPath;
virSCSIDeviceGetReadonly;
virSCSIDeviceGetSgName;
virSCSIDeviceGetShareable;
virSCSIDeviceGetTarget;
virSCSIDeviceGetUnit;
qemu: Don't fail if the SCSI host device is shareable between domains It doesn't make sense to fail if the SCSI host device is specified as "shareable" explicitly between domains (NB, it works if and only if the device is specified as "shareable" for *all* domains, otherwise it fails). To fix the problem, this patch introduces an array for virSCSIDevice struct, which records all the names of domain which are using the device (note that the recorded domains must specify the device as shareable). And the change on the data struct brings on many subsequent changes in the code. Prior to this patch, the "shareable" tag didn't work as expected, it actually work like "non-shareable". So this patch also added notes in formatdomain.html to declare the fact. * src/util/virscsi.h: - Remove virSCSIDeviceGetUsedBy - Change definition of virSCSIDeviceGetUsedBy and virSCSIDeviceListDel - Add virSCSIDeviceIsAvailable * src/util/virscsi.c: - struct virSCSIDevice: Change "used_by" to be an array; Add "n_used_by" as the array count - virSCSIDeviceGetUsedBy: Removed - virSCSIDeviceFree: frees the "used_by" array - virSCSIDeviceSetUsedBy: Copy the domain name to avoid potential memory corruption - virSCSIDeviceIsAvailable: New - virSCSIDeviceListDel: Change the logic, for device which is already in the list, just remove the corresponding entry in "used_by". And since it's only used in one place, we can safely removing the code to find out the dev in the list first. - Copyright updating * src/libvirt_private.sys: - virSCSIDeviceGetUsedBy: Remove - virSCSIDeviceIsAvailable: New * src/qemu/qemu_hostdev.c: - qemuUpdateActiveScsiHostdevs: Check if the device existing before adding it to the list; - qemuPrepareHostdevSCSIDevices: Error out if the not all domains use the device as "shareable"; Also don't try to add the device to the activeScsiHostdevs list if it already there; And make more sensible error w.r.t the current "shareable" value in driver->activeScsiHostdevs. - qemuDomainReAttachHostScsiDevices: Change the logic according to the changes on helpers. Signed-off-by: Osier Yang <jyang@redhat.com>
2014-01-29 17:22:42 +00:00
virSCSIDeviceIsAvailable;
virSCSIDeviceListAdd;
virSCSIDeviceListCount;
virSCSIDeviceListDel;
virSCSIDeviceListFind;
virSCSIDeviceListGet;
virSCSIDeviceListNew;
virSCSIDeviceListSteal;
virSCSIDeviceNew;
virSCSIDeviceSetUsedBy;
# util/virscsihost.h
virSCSIHostFindByPCI;
virSCSIHostGetNameByParentaddr;
virSCSIHostGetNumber;
virSCSIHostGetUniqueId;
# util/virscsivhost.h
virSCSIVHostDeviceFileIterate;
virSCSIVHostDeviceFree;
virSCSIVHostDeviceGetName;
virSCSIVHostDeviceGetPath;
virSCSIVHostDeviceListAdd;
virSCSIVHostDeviceListCount;
virSCSIVHostDeviceListDel;
virSCSIVHostDeviceListFind;
virSCSIVHostDeviceListGet;
virSCSIVHostDeviceListNew;
virSCSIVHostDeviceListSteal;
virSCSIVHostDeviceNew;
virSCSIVHostDeviceSetUsedBy;
virSCSIVHostOpenVhostSCSI;
# util/virseclabel.h
virSecurityDeviceLabelDefFree;
virSecurityDeviceLabelDefNew;
virSecurityLabelDefFree;
virSecurityLabelDefNew;
# util/virsecret.h
virSecretGetSecretString;
virSecretLookupDefClear;
virSecretLookupDefCopy;
virSecretLookupFormatSecret;
virSecretLookupParseSecret;
# util/virsocket.h
virSocketRecvFD;
virSocketSendFD;
# util/virsocketaddr.h
virSocketAddrBroadcast;
virSocketAddrBroadcastByPrefix;
virSocketAddrCheckNetmask;
virSocketAddrEqual;
virSocketAddrFormat;
virSocketAddrFormatFull;
virSocketAddrGetIPPrefix;
virSocketAddrGetNumNetmaskBits;
virSocketAddrGetPath;
virSocketAddrGetPort;
virSocketAddrGetRange;
virSocketAddrIsNetmask;
virSocketAddrIsNumericLocalhost;
virSocketAddrIsPrivate;
virSocketAddrIsWildcard;
virSocketAddrMask;
virSocketAddrMaskByPrefix;
virSocketAddrNumericFamily;
virSocketAddrParse;
virSocketAddrParseAny;
virSocketAddrParseIPv4;
virSocketAddrParseIPv6;
virSocketAddrPrefixToNetmask;
virSocketAddrPTRDomain;
virSocketAddrResolveService;
virSocketAddrSetIPv4Addr;
virSocketAddrSetIPv4AddrNetOrder;
virSocketAddrSetIPv6Addr;
virSocketAddrSetIPv6AddrNetOrder;
virSocketAddrSetPort;
# util/virstorageencryption.h
virStorageEncryptionFormat;
virStorageEncryptionFree;
virStorageEncryptionParseNode;
virStorageGenerateQcowPassphrase;
# util/virstoragefile.h
virStorageAuthDefCopy;
virStorageAuthDefFormat;
virStorageAuthDefFree;
virStorageAuthDefParse;
virStorageFileAccess;
virStorageFileCanonicalizePath;
virStorageFileChainGetBroken;
virStorageFileChainLookup;
virStorageFileChown;
virStorageFileCreate;
virStorageFileDeinit;
virStorageFileFeatureTypeFromString;
virStorageFileFeatureTypeToString;
virStorageFileFormatTypeFromString;
virStorageFileFormatTypeToString;
virStorageFileGetBackingStoreStr;
virStorageFileGetLVMKey;
virStorageFileGetMetadata;
virStorageFileGetMetadataFromBuf;
virStorageFileGetMetadataFromFD;
util: Introduce virStorageFileGetNPIVKey The vHBA/NPIV LUNs created via the udev processing of the VPORT_CREATE command end up using the same serial value as seen/generated by the /lib/udev/scsi_id as returned during virStorageFileGetSCSIKey. Therefore, in order to generate a unique enough key to be used when adding the LUN as a volume during virStoragePoolObjAddVol a more unique key needs to be generated for an NPIV volume. The problem is illustrated by the following example, where scsi_host5 is a vHBA used with the following LUNs: $ lsscsi -tg ... [5:0:4:0] disk fc:0x5006016844602198,0x101f00 /dev/sdh /dev/sg23 [5:0:5:0] disk fc:0x5006016044602198,0x102000 /dev/sdi /dev/sg24 ... Calling virStorageFileGetSCSIKey would return: /lib/udev/scsi_id --device /dev/sdh --whitelisted --replace-whitespace /dev/sdh 350060160c460219850060160c4602198 /lib/udev/scsi_id --device /dev/sdh --whitelisted --replace-whitespace /dev/sdi 350060160c460219850060160c4602198 Note that althrough /dev/sdh and /dev/sdi are separate LUNs, they end up with the same serial number used for the vol->key value. When virStoragePoolFCRefreshThread calls virStoragePoolObjAddVol the second LUN fails to be added with the following message getting logged: virHashAddOrUpdateEntry:341 : internal error: Duplicate key To resolve this, virStorageFileGetNPIVKey will use a similar call sequence as virStorageFileGetSCSIKey, except that it will add the "--export" option to the call. This results in more detailed output which needs to be parsed in order to formulate a unique enough key to be used. In order to be unique enough, the returned value will concatenate the target port as returned in the "ID_TARGET_PORT" field from the command to the "ID_SERIAL" value. Signed-off-by: John Ferlan <jferlan@redhat.com> ACKed-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2019-01-16 00:07:07 +00:00
virStorageFileGetNPIVKey;
virStorageFileGetRelativeBackingPath;
virStorageFileGetSCSIKey;
virStorageFileGetUniqueIdentifier;
virStorageFileInit;
virStorageFileInitAs;
virStorageFileIsClusterFS;
virStorageFileParseBackingStoreStr;
virStorageFileParseChainIndex;
virStorageFileProbeFormat;
virStorageFileRead;
virStorageFileReportBrokenChain;
virStorageFileResize;
virStorageFileStat;
virStorageFileSupportsAccess;
virStorageFileSupportsBackingChainTraversal;
virStorageFileSupportsCreate;
virStorageFileSupportsSecurityDriver;
virStorageFileUnlink;
virStorageIsFile;
virStorageIsRelative;
conf: split network host structs to util/ Continuing the refactoring of host-side storage descriptions out of conf/domain_conf and into util/virstoragefile, this patch focuses on details about a host name/port/transport as used by a network storage volume. * src/conf/domain_conf.h (virDomainDiskProtocolTransport) (virDomainDiskHostDef, virDomainDiskHostDefClear) (virDomainDiskHostDefFree, virDomainDiskHostDefCopy): Move... * src/util/virstoragefile.h (virStorageNetHostTransport) (virStorageNetHostDef, virStorageNetHostDefClear) (virStorageNetHostDefFree, virStorageNetHostDefCopy): ...here, with better names. * src/util/virstoragefile.c (virStorageNetHostDefClear) (virStorageNetHostDefFree, virStorageNetHostDefCopy): Moved from... * src/conf/domain_conf.c (virDomainDiskHostDefClear) (virDomainDiskHostDefFree, virDomainDiskHostDefCopy): ...here. (virDomainDiskSourceDefClear, virDomainDiskSourceDefParse) (virDomainDiskSourceDefFormatInternal): Adjust callers. * src/conf/snapshot_conf.h (_virDomainSnapshotDiskDef): Likewise. * src/conf/snapshot_conf.c (virDomainSnapshotDiskDefClear): Likewise. * src/qemu/qemu_command.c (qemuAddRBDHost) (qemuParseDriveURIString, qemuParseNBDString) (qemuBuildNetworkDriveURI, qemuParseCommandLineDisk) (qemuParseCommandLine, qemuGetDriveSourceString): Likewise. * src/qemu/qemu_command.h: Likewise. * src/qemu/qemu_conf.c (qemuAddISCSIPoolSourceHost) (qemuTranslateDiskSourcePool): Likewise. * src/qemu/qemu_driver.c (qemuDomainSnapshotCreateSingleDiskActive) (qemuDomainSnapshotUndoSingleDiskActive): Likewise. * src/storage/storage_backend_gluster.c (virStorageFileBackendGlusterInit): Likewise. * src/storage/storage_driver.c (virStorageFileFree) (virStorageFileInitInternal): Likewise. * src/storage/storage_driver.h (_virStorageFile): Likewise. * src/libvirt_private.syms (domain_conf.h): Move symbols... (virstoragefile.h): ...as appropriate. Signed-off-by: Eric Blake <eblake@redhat.com>
2014-03-26 22:33:08 +00:00
virStorageNetHostDefClear;
virStorageNetHostDefCopy;
virStorageNetHostDefFree;
virStorageNetHostTransportTypeFromString;
virStorageNetHostTransportTypeToString;
virStorageNetProtocolTypeToString;
virStoragePRDefFormat;
virStoragePRDefFree;
virStoragePRDefIsEqual;
virStoragePRDefIsManaged;
virStoragePRDefParseXML;
virStorageSourceBackingStoreClear;
virStorageSourceChainHasManagedPR;
virStorageSourceChainHasNVMe;
virStorageSourceClear;
virStorageSourceCopy;
virStorageSourceFindByNodeName;
virStorageSourceGetActualType;
virStorageSourceGetSecurityLabelDef;
virStorageSourceHasBacking;
virStorageSourceInitChainElement;
virStorageSourceInitiatorClear;
virStorageSourceInitiatorCopy;
virStorageSourceInitiatorFormatXML;
virStorageSourceInitiatorParseXML;
virStorageSourceIsBacking;
virStorageSourceIsBlockLocal;
virStorageSourceIsEmpty;
virStorageSourceIsLocalStorage;
virStorageSourceIsRelative;
virStorageSourceIsSameLocation;
virStorageSourceNetCookiesValidate;
virStorageSourceNetworkAssignDefaultPorts;
virStorageSourceNew;
virStorageSourceNewFromBacking;
virStorageSourceNewFromBackingAbsolute;
virStorageSourceNVMeDefFree;
virStorageSourceParseRBDColonString;
virStorageSourcePoolDefFree;
virStorageSourcePoolModeTypeFromString;
virStorageSourcePoolModeTypeToString;
virStorageSourcePrivateDataFormatRelPath;
virStorageSourcePrivateDataParseRelPath;
virStorageSourceUpdateBackingSizes;
virStorageSourceUpdateCapacity;
virStorageSourceUpdatePhysicalSize;
conf: move host disk type to util/ A continuation of the migration of disk details to virstoragefile. This patch moves a single enum, but converting the name has quite a bit of fallout. * src/conf/domain_conf.h (virDomainDiskType): Move... * src/util/virstoragefile.h (virStorageType): ...and rename. * src/bhyve/bhyve_command.c (bhyveBuildDiskArgStr) (virBhyveProcessBuildLoadCmd): Update clients. * src/conf/domain_conf.c (virDomainDiskSourceDefParse) (virDomainDiskDefParseXML, virDomainDiskSourceDefFormatInternal) (virDomainDiskDefFormat, virDomainDiskGetActualType) (virDomainDiskDefForeachPath, virDomainDiskSourceIsBlockType): Likewise. * src/conf/snapshot_conf.h (_virDomainSnapshotDiskDef): Likewise. * src/conf/snapshot_conf.c (virDomainSnapshotDiskDefParseXML) (virDomainSnapshotAlignDisks, virDomainSnapshotDiskDefFormat): Likewise. * src/esx/esx_driver.c (esxAutodetectSCSIControllerModel) (esxDomainDefineXML): Likewise. * src/locking/domain_lock.c (virDomainLockManagerAddDisk): Likewise. * src/lxc/lxc_controller.c (virLXCControllerSetupLoopDeviceDisk) (virLXCControllerSetupNBDDeviceDisk) (virLXCControllerSetupLoopDevices, virLXCControllerSetupDisk): Likewise. * src/parallels/parallels_driver.c (parallelsGetHddInfo): Likewise. * src/phyp/phyp_driver.c (phypDiskType): Likewise. * src/qemu/qemu_command.c (qemuGetDriveSourceString) (qemuDomainDiskGetSourceString, qemuBuildDriveStr) (qemuBuildCommandLine, qemuParseCommandLineDisk) (qemuParseCommandLine): Likewise. * src/qemu/qemu_conf.c (qemuCheckSharedDevice) (qemuTranslateDiskSourcePool) (qemuTranslateSnapshotDiskSourcePool): Likewise. * src/qemu/qemu_domain.c (qemuDomainDeviceDefPostParse) (qemuDomainDetermineDiskChain): Likewise. * src/qemu/qemu_driver.c (qemuDomainGetBlockInfo) (qemuDomainSnapshotPrepareDiskExternalBackingInactive) (qemuDomainSnapshotPrepareDiskExternalBackingActive) (qemuDomainSnapshotPrepareDiskExternalOverlayActive) (qemuDomainSnapshotPrepareDiskExternalOverlayInactive) (qemuDomainSnapshotPrepareDiskInternal) (qemuDomainSnapshotPrepare) (qemuDomainSnapshotCreateSingleDiskActive): Likewise. * src/qemu/qemu_hotplug.c (qemuDomainChangeEjectableMedia): Likewise. * src/qemu/qemu_migration.c (qemuMigrationIsSafe): Likewise. * src/security/security_apparmor.c (AppArmorRestoreSecurityImageLabel) (AppArmorSetSecurityImageLabel): Likewise. * src/security/security_dac.c (virSecurityDACSetSecurityImageLabel) (virSecurityDACRestoreSecurityImageLabelInt) (virSecurityDACSetSecurityAllLabel): Likewise. * src/security/security_selinux.c (virSecuritySELinuxRestoreSecurityImageLabelInt) (virSecuritySELinuxSetSecurityImageLabel) (virSecuritySELinuxSetSecurityAllLabel): Likewise. * src/storage/storage_backend.c (virStorageFileBackendForType): Likewise. * src/storage/storage_backend_fs.c (virStorageFileBackendFile) (virStorageFileBackendBlock): Likewise. * src/storage/storage_backend_gluster.c (virStorageFileBackendGluster): Likewise. * src/vbox/vbox_tmpl.c (vboxDomainGetXMLDesc, vboxAttachDrives) (vboxDomainAttachDeviceImpl, vboxDomainDetachDevice): Likewise. * src/vmware/vmware_conf.c (vmwareVmxPath): Likewise. * src/vmx/vmx.c (virVMXParseDisk, virVMXFormatDisk) (virVMXFormatFloppy): Likewise. * src/xenxs/xen_sxpr.c (xenParseSxprDisks, xenParseSxpr) (xenFormatSxprDisk): Likewise. * src/xenxs/xen_xm.c (xenParseXM, xenFormatXMDisk): Likewise. * tests/securityselinuxlabeltest.c (testSELinuxLoadDef): Likewise. * src/libvirt_private.syms (domain_conf.h): Move symbols... (virstoragefile.h): ...as appropriate. Signed-off-by: Eric Blake <eblake@redhat.com>
2014-03-27 21:57:49 +00:00
virStorageTypeFromString;
virStorageTypeToString;
# util/virstoragefilebackend.h
virStorageFileBackendRegister;
# util/virstring.h
virSkipSpaces;
virSkipSpacesAndBackslash;
virSkipSpacesBackwards;
virStrcpy;
virStringBufferIsPrintable;
virStringFilterChars;
virStringHasCaseSuffix;
virStringHasChars;
virStringHasControlChars;
virStringHasSuffix;
virStringIsEmpty;
virStringIsPrintable;
virStringListAdd;
virStringListAutoFree;
virStringListFree;
virStringListFreeCount;
virStringListGetFirstWithPrefix;
virStringListHasString;
virStringListJoin;
virStringListLength;
virStringListMerge;
virStringListRemove;
virStringMatch;
virStringMatchesNameSuffix;
virStringParsePort;
virStringParseYesNo;
virStringReplace;
virStringSearch;
virStringSortCompare;
virStringSortRevCompare;
virStringSplit;
virStringSplitCount;
virStringStripControlChars;
virStringStripIPv6Brackets;
virStringStripSuffix;
virStringToUpper;
virStringTrimOptionalNewline;
virStrncpy;
virStrToDouble;
virStrToLong_i;
virStrToLong_l;
virStrToLong_ll;
virStrToLong_ui;
virStrToLong_uip;
virStrToLong_ul;
virStrToLong_ull;
virStrToLong_ullp;
virStrToLong_ulp;
virTrimSpaces;
# util/virsysinfo.h
virSysinfoBaseBoardDefClear;
virSysinfoBIOSDefFree;
virSysinfoChassisDefFree;
virSysinfoDefFree;
virSysinfoFormat;
virSysinfoRead;
virSysinfoSetup;
virSysinfoSystemDefFree;
# util/virsysinfopriv.h
virSysinfoReadARM;
virSysinfoReadDMI;
virSysinfoReadPPC;
virSysinfoReadS390;
# util/virsystemd.h
virSystemdActivationClaimFDs;
virSystemdActivationComplete;
virSystemdActivationFree;
virSystemdActivationHasName;
virSystemdCanHibernate;
virSystemdCanHybridSleep;
virSystemdCanSuspend;
virSystemdCreateMachine;
virSystemdGetActivation;
virSystemdGetMachineNameByPID;
virSystemdHasLogind;
virSystemdHasLogindResetCachedValue;
virSystemdHasMachinedResetCachedValue;
virSystemdMakeScopeName;
virSystemdMakeSliceName;
virSystemdNotifyStartup;
virSystemdTerminateMachine;
# util/virthread.h
virCondBroadcast;
virCondDestroy;
virCondInit;
virCondSignal;
virCondWait;
virCondWaitUntil;
virMutexDestroy;
virMutexInit;
virMutexInitRecursive;
virMutexLock;
virMutexUnlock;
virOnce;
virRWLockDestroy;
virRWLockInit;
virRWLockRead;
virRWLockUnlock;
virRWLockWrite;
virThreadCancel;
virThreadCreateFull;
virThreadID;
virThreadIsSelf;
virThreadJoin;
virThreadMaxName;
virThreadSelf;
virThreadSelfID;
# util/virthreadjob.h
virThreadJobClear;
virThreadJobGet;
virThreadJobSet;
virThreadJobSetWorker;
# util/virthreadpool.h
virThreadPoolFree;
virThreadPoolGetCurrentWorkers;
virThreadPoolGetFreeWorkers;
virThreadPoolGetJobQueueDepth;
virThreadPoolGetMaxWorkers;
virThreadPoolGetMinWorkers;
virThreadPoolGetPriorityWorkers;
virThreadPoolNewFull;
virThreadPoolSendJob;
admin: Introduce virAdmServerSetThreadPoolParameters Since threadpool increments the current number of threads according to current load, i.e. how many jobs are waiting in the queue. The count however, is constrained by max and min limits of workers. The logic of this new API works like this: 1) setting the minimum a) When the limit is increased, depending on the current number of threads, new threads are possibly spawned if the current number of threads is less than the new minimum limit b) Decreasing the minimum limit has no possible effect on the current number of threads 2) setting the maximum a) Icreasing the maximum limit has no immediate effect on the current number of threads, it only allows the threadpool to spawn more threads when new jobs, that would otherwise end up queued, arrive. b) Decreasing the maximum limit may affect the current number of threads, if the current number of threads is less than the new maximum limit. Since there may be some ongoing time-consuming jobs that would effectively block this API from killing any threads. Therefore, this API is asynchronous with best-effort execution, i.e. the necessary number of workers will be terminated once they finish their previous job, unless other workers had already terminated, decreasing the limit to the requested value. 3) setting priority workers - both increase and decrease in count of these workers have an immediate impact on the current number of workers, new ones will be spawned or some of them get terminated respectively. Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-02-22 13:24:04 +00:00
virThreadPoolSetParameters;
# util/virtime.h
virTimeBackOffStart;
virTimeBackOffWait;
virTimeFieldsNow;
virTimeFieldsNowRaw;
virTimeFieldsThen;
virTimeLocalOffsetFromUTC;
virTimeMillisNow;
virTimeMillisNowRaw;
virTimeStringNow;
virTimeStringNowRaw;
virTimeStringThen;
virTimeStringThenRaw;
# util/virtpm.h
virTPMCreateCancelPath;
virTPMEmulatorInit;
virTPMGetSwtpm;
virTPMGetSwtpmIoctl;
virTPMGetSwtpmSetup;
virTPMSwtpmCapsGet;
virTPMSwtpmFeatureTypeFromString;
virTPMSwtpmSetupCapsGet;
virTPMSwtpmSetupFeatureTypeFromString;
# util/virtypedparam.h
virTypedParameterAssign;
virTypedParameterToString;
virTypedParameterTypeFromString;
virTypedParameterTypeToString;
virTypedParamListAddBoolean;
virTypedParamListAddDouble;
virTypedParamListAddInt;
virTypedParamListAddLLong;
virTypedParamListAddString;
virTypedParamListAddUInt;
virTypedParamListAddULLong;
virTypedParamListFree;
virTypedParamListStealParams;
virTypedParamsCheck;
virTypedParamsCopy;
virTypedParamsDeserialize;
virTypedParamsFilter;
virTypedParamsGetStringList;
virTypedParamsRemoteFree;
virTypedParamsReplaceString;
virTypedParamsSerialize;
virTypedParamsValidate;
# util/viruri.h
virURIFormat;
virURIFormatParams;
virURIFree;
virURIGetParam;
virURIParse;
virURIResolveAlias;
# util/virusb.h
virUSBDeviceFileIterate;
virUSBDeviceFind;
virUSBDeviceFindByBus;
virUSBDeviceFindByVendor;
virUSBDeviceFree;
virUSBDeviceGetBus;
virUSBDeviceGetDevno;
virUSBDeviceGetName;
virUSBDeviceGetPath;
virUSBDeviceGetUsedBy;
virUSBDeviceListAdd;
virUSBDeviceListCount;
virUSBDeviceListDel;
virUSBDeviceListFind;
virUSBDeviceListGet;
virUSBDeviceListNew;
virUSBDeviceListSteal;
virUSBDeviceNew;
virUSBDeviceSetUsedBy;
# util/virutil.h
virDoesGroupExist;
virDoesUserExist;
virDoubleToStr;
virFormatIntDecimal;
virFormatIntPretty;
virGetDeviceID;
virGetDeviceUnprivSGIO;
virGetGroupID;
virGetGroupList;
virGetGroupName;
virGetHostname;
virGetHostnameQuiet;
virGetPassword;
virGetSelfLastChanged;
virGetSystemPageSize;
virGetSystemPageSizeKB;
virGetUnprivSGIOSysfsPath;
virGetUserCacheDirectory;
virGetUserConfigDirectory;
virGetUserDirectory;
virGetUserDirectoryByUID;
virGetUserID;
virGetUserName;
virGetUserRuntimeDirectory;
virGetUserShell;
virHostGetDRMRenderNode;
virHostHasIOMMU;
virIndexToDiskName;
virKernelCmdlineMatchParam;
virKernelCmdlineNextParam;
virMemoryLimitIsSet;
virMemoryLimitTruncate;
virMemoryMaxValue;
virParseOwnershipIds;
virParseVersionString;
virPipe;
virPipeNonBlock;
virPipeQuiet;
virScaleInteger;
virSetBlocking;
virSetCloseExec;
virSetDeviceUnprivSGIO;
virSetInherit;
virSetNonBlock;
virSetSockReuseAddr;
virSetUIDGID;
virSetUIDGIDWithCaps;
virUpdateSelfLastChanged;
virValidateWWN;
virWaitForDevices;
# util/viruuid.h
virGetHostUUID;
virSetHostUUIDStr;
virUUIDFormat;
virUUIDGenerate;
virUUIDIsValid;
virUUIDParse;
# util/virvhba.h
virVHBAFindVportHost;
virVHBAGetConfig;
virVHBAGetHostByFabricWWN;
virVHBAGetHostByWWN;
virVHBAIsVportCapable;
virVHBAManageVport;
virVHBAPathExists;
# util/virvsock.h
virVsockAcquireGuestCid;
virVsockSetGuestCid;
# util/virxml.h
virParseScaledValue;
virXMLCheckIllegalChars;
virXMLChildElementCount;
virXMLExtractNamespaceXML;
virXMLFormatElement;
virXMLNodeContentString;
virXMLNodeNameEqual;
virXMLNodeSanitizeNamespaces;
virXMLNodeToString;
virXMLParseHelper;
virXMLPickShellSafeComment;
virXMLPropString;
virXMLPropStringLimit;
virXMLSaveFile;
virXMLValidateAgainstSchema;
virXMLValidatorFree;
virXMLValidatorInit;
virXMLValidatorValidate;
virXMLXPathContextNew;
virXPathBoolean;
virXPathContextNodeRestore;
virXPathInt;
virXPathLong;
virXPathLongHex;
virXPathLongLong;
virXPathNode;
virXPathNodeSet;
virXPathNumber;
virXPathString;
virXPathStringLimit;
virXPathUInt;
virXPathULong;
virXPathULongHex;
virXPathULongLong;
# Let emacs know we want case-insensitive sorting
# Local Variables:
# sort-fold-case: t
# End: