Commit Graph

5945 Commits

Author SHA1 Message Date
Wen Congyang
2fd1a2525b doc: improve the documentation of desturi
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-01-12 09:52:51 -07:00
Wen Congyang
59d13aae32 report error when specifying wrong desturi
When we do peer2peer migration, the dest uri is an address of the
target host as seen from the source machine. So we must specify
the ip or hostname of target host in dest uri. If we do not specify
it, report an error to the user.

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-01-12 09:52:51 -07:00
Osier Yang
0444ce1b00 qemu: Reject SDL graphic if it's not supported by qemu
If the emulator doesn't support SDL graphic, we should reject
the use of SDL graphic xml with error messages, but not ignore
it silently, and pretend things are fine.

"-sdl" flag was exposed explicitly by qemu since 0.10.0, more detail:
http://www.redhat.com/archives/libvir-list/2011-January/msg00442.html

And we already have capability flag "QEMUD_CMD_FLAG_0_10", which
could be used to prevent the patch affecting the older versions
of QEMU.

* src/qemu/qemu_command.c
2011-01-12 09:52:51 -07:00
Justin Clift
c7f6d6fcc9 docs: reorder apps page alphabetically, plus add libguestfs entries 2011-01-13 01:24:42 +11:00
Justin Clift
e90014e16c docs: add entry for archipel to the apps page 2011-01-12 08:03:28 +11:00
Justin Clift
3cc872d982 docs: use xml entity encoding for extended character last name 2011-01-12 08:00:15 +11:00
Matthias Bolte
e4570729ee vbox: Silently ignore missing registry key on Windows
Don't report an error when the VirtualBox registry key is missing,
as this just indicates that VirtualBox is not installed in general.

This matches the behavior of the XPCOM glue that silently ignores
a missing VBoxXPCOMC.so.
2011-01-11 20:56:25 +01:00
Richard W.M. Jones
feddaf1dc8 qemu: Watchdog IB700 is not a PCI device (RHBZ#667091).
Skip IB700 when assigning PCI slots.

Note: the I6300ESB watchdog _is_ a PCI device.

To test this: I applied this patch to libvirt-0.8.3-2.fc14 (rebasing
it slightly: qemu_command.c didn't exist in that version) and
installed this on my machine, then tested that I could successfully
add an ib700 watchdog device to a guest, start the guest, and the
ib700 was available to the guest.  I also added an i6300esb (PCI)
watchdog to another guest, and verified that libvirt assigned a PCI
device to it, that the guest could be started, and that i6300esb was
present in the guest.

Note that if you previously had a domain with a ib700 watchdog, it
would have had an <address type='pci' .../> clause added to it in the
libvirt configuration.  This patch does not attempt to remove this.
You cannot start such a domain -- qemu gives an error if you try.
With this patch you are able to remove the bogus address element
without libvirt adding it back.

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
2011-01-11 08:28:54 -07:00
Eric Blake
fae1b8aac4 cpu: plug memory leak
* src/cpu/cpu_x86.c (x86ModelLoad): Free data before overwriting.
2011-01-10 16:57:54 -07:00
Eric Blake
6e2bab80c8 network: plug memory leak
* src/conf/network_conf.c (virNetworkDefParseXML): Release ipNodes.
2011-01-10 15:35:37 -07:00
Eric Blake
243b7814c7 network: plug unininitialized read found by valgrind
* src/util/network.c (virSocketAddrMask): Zero out port, so that
iptables can initialize just the netmask then call
virSocketFormatAddr without an uninitialized read in getnameinfo.
2011-01-10 15:22:57 -07:00
Justin Clift
718a8dc6dd docs: updated memtune info again in virsh command reference 2011-01-11 07:33:15 +11:00
Cole Robinson
4254dfea78 python: Use PyCapsule API if available
On Fedore 14, virt-manager spews a bunch of warnings to the console:

/usr/lib64/python2.7/site-packages/libvirt.py:1781: PendingDeprecationWarning: The CObject type is marked Pending Deprecation in Python 2.7.  Please use capsule objects instead.

Have libvirt use the capsule API if available. I've verified this compiles
fine on older python (2.6 in RHEL6 which doesn't have capsules), and
virt-manager seems to function fine.
2011-01-10 15:18:05 -05:00
Cole Robinson
8f3b6bc2dd event-test: Simplify debug on/off
Make it easy to change debugging if being used by a client program.
2011-01-10 14:44:04 -05:00
Cole Robinson
1dd5c7f2df remote: Don't lose track of events when callbacks are slow
After the remote driver runs an event callback, it unconditionally disables the
loop timer, thinking it just flushed every queued event. This doesn't work
correctly though if an event is queued while a callback is running.

The events actually aren't being lost, it's just that the event loop didn't
think there was anything that needed to be dispatched. So all those 'lost
events' should actually get re-triggered if you manually kick the loop by
generating a new event (like creating a new guest).

The solution is to disable the dispatch timer _before_ we invoke any event
callbacks. Events queued while a callback is running will properly reenable the
timer.

More info at https://bugzilla.redhat.com/show_bug.cgi?id=624252
2011-01-10 14:44:03 -05:00
Daniel P. Berrange
d6623003c6 Refactor the security drivers to simplify usage
The current security driver usage requires horrible code like

    if (driver->securityDriver &&
        driver->securityDriver->domainSetSecurityHostdevLabel &&
        driver->securityDriver->domainSetSecurityHostdevLabel(driver->securityDriver,
                                                              vm, hostdev) < 0)

This pair of checks for NULL clutters up the code, making the driver
calls 2 lines longer than they really need to be. The goal of the
patchset is to change the calling convention to simply

  if (virSecurityManagerSetHostdevLabel(driver->securityDriver,
                                        vm, hostdev) < 0)

The first check for 'driver->securityDriver' being NULL is removed
by introducing a 'no op' security driver that will always be present
if no real driver is enabled. This guarentees driver->securityDriver
!= NULL.

The second check for 'driver->securityDriver->domainSetSecurityHostdevLabel'
being non-NULL is hidden in a new abstraction called virSecurityManager.
This separates the driver callbacks, from main internal API. The addition
of a virSecurityManager object, that is separate from the virSecurityDriver
struct also allows for security drivers to carry state / configuration
information directly. Thus the DAC/Stack drivers from src/qemu which
used to pull config from 'struct qemud_driver' can now be moved into
the 'src/security' directory and store their config directly.

* src/qemu/qemu_conf.h, src/qemu/qemu_driver.c: Update to
  use new virSecurityManager APIs
* src/qemu/qemu_security_dac.c,  src/qemu/qemu_security_dac.h
  src/qemu/qemu_security_stacked.c, src/qemu/qemu_security_stacked.h:
  Move into src/security directory
* src/security/security_stack.c, src/security/security_stack.h,
  src/security/security_dac.c, src/security/security_dac.h: Generic
  versions of previous QEMU specific drivers
* src/security/security_apparmor.c, src/security/security_apparmor.h,
  src/security/security_driver.c, src/security/security_driver.h,
  src/security/security_selinux.c, src/security/security_selinux.h:
  Update to take virSecurityManagerPtr object as the first param
  in all callbacks
* src/security/security_nop.c, src/security/security_nop.h: Stub
  implementation of all security driver APIs.
* src/security/security_manager.h, src/security/security_manager.c:
  New internal API for invoking security drivers
* src/libvirt.c: Add missing debug for security APIs
2011-01-10 18:10:52 +00:00
Osier Yang
92d6530106 conf: Report error if invalid type specified for character device
If invalid type is specified, e.g.
<serial type='foo'>
    <target port='0'/>
</serial>

We replace 'foo' with "null" type implicitly, without reporting an
error message to tell the user, and "start" or "edit" the domain
will be success.

It's not good to guess what the user wants, This patch is to fix
the problem.

* src/conf/domain_conf.c
2011-01-10 10:24:44 -07:00
Jiri Denemark
5e5acbc8d6 daemon: Fix core dumps if unix_sock_group is set
Setting unix_sock_group to something else than default "root" in
/etc/libvirt/libvirtd.conf prevents system libvirtd from dumping core on
crash. This is because we used setgid(unix_sock_group) before binding to
/var/run/libvirt/libvirt-sock* and setgid() back to original group.
However, if a process changes its effective or filesystem group ID, it
will be forbidden from leaving core dumps unless fs.suid_dumpable sysctl
is set to something else then 0 (and it is 0 by default).

Changing socket's group ownership after bind works better. And we can do
so without introducing a race condition since we loosen access rights by
changing the group from root to something else.
2011-01-10 11:01:46 +01:00
Guido Günther
dda24845fe Add AM_MAINTAINER_MODE
and keep it enabled by default. This allows downstreams to turn it off
via:

./configure --disable-maintainer-mode

as discussed in

https://www.redhat.com/archives/virt-tools-list/2010-October/msg00049.html
2011-01-07 20:22:24 +01:00
Matthias Bolte
dd1f59a9e5 esx: Move occurrence check into esxVI_LookupObjectContentByType
This simplifies the callers of esxVI_LookupObjectContentByType.
2011-01-07 20:09:15 +01:00
Matthias Bolte
3d4f6eeeae esx: Add domain autostart support 2011-01-06 22:51:32 +01:00
Diego Elio Pettenò
d86ce05797 commandtest: avoid printing loader-control variables from commandhelper
This avoids throwing the tests off if LD_LIBRARY_PATH or LD_PRELOAD or
other variables are set.

Signed-off-by: Diego Elio Pettenò <flameeyes@gmail.com>
2011-01-06 14:21:17 -07:00
Justin Clift
d96fddee1d docs: updated release of virsh cmd reference, with memtune info 2011-01-07 05:37:23 +11:00
Matthias Bolte
c2a6b26647 vmx: Add support for video device VRAM size
Update test suite accordingly.
2011-01-06 18:18:35 +01:00
Matthias Bolte
4283bcb0fd vbox: Use correct VRAM size unit
VirtualBox uses megabyte, libvirt uses kilobyte.
2011-01-06 18:18:35 +01:00
Osier Yang
a98d8f0d27 API: Improve log for domain related APIs
Add VM name/UUID in log for domain related APIs.
Format: "dom=%p, (VM: name=%s, uuid=%s), param0=%s, param1=%s

*src/libvirt.c (introduce two macros: VIR_DOMAIN_DEBUG, and
VIR_DOMAIN_DEBUG0)
2011-01-06 09:45:40 -07:00
Eric Blake
2d44cb4960 schema: tighten <serial><protocol type=...> relaxNG
* docs/schemas/domain.rng (qemucdevSrcDef): Restrict list of
supported <protocol type=> values.
2011-01-06 08:15:50 -07:00
Kay Schubert
a43c7338d8 bridge: Fix generation of dnsmasq's --dhcp-hostsfile option
I added a host definition to a network definition:

<network>
  <name>Lokal</name>
  <uuid>2074f379-b82c-423f-9ada-305d8088daaa</uuid>
  <bridge name='virbr1' stp='on' delay='0' />
  <ip address='192.168.180.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.180.128' end='192.168.180.254' />
      <host mac='23:74:00:03:42:02' name='somevm' ip='192.168.180.10' />
    </dhcp>
  </ip>
</network>

But due to the wrong if-statement the argument --dhcp-hostsfile doesn't get
added to the dnsmasq command. The patch below fixes it for me.
2011-01-06 15:58:23 +01:00
Jiri Denemark
4684f478e4 qemu: Fix bogus warning about uninitialized saveptr
The warning is bogus since strtok_r doesn't use the value when it's
first called and initializes it for the following calls.
2011-01-06 09:25:34 +01:00
Laine Stump
a691cb88f2 Don't chown qemu saved image back to root after save if dynamic_ownership=0
When dynamic_ownership=0, saved images must be owned by the same uid
as is used to run the qemu process, otherwise restore won't work. To
accomplish this, qemuSecurityDACRestoreSavedStateLabel() needs to
simply return when it's called.

This fix is in response to:

  https://bugzilla.redhat.com/show_bug.cgi?id=661720
2011-01-05 20:22:19 -05:00
Eric Blake
1000d9c2b0 maint: document dislike of mismatched if/else bracing
* docs/hacking.html.in (Curly braces): Tighten recommendations to
disallow if (cond) one-line; else { block; }.
* HACKING: Regenerate.
Suggested by Daniel P. Berrange.
2011-01-05 11:05:28 -07:00
Laine Stump
cd6a8f9ce2 Log an error on attempts to add a NAT rule for non-IPv4 addresses
Although the upper-layer code protected against it, it was possible to
call iptablesForwardMasquerade() with an IPv6 address and have it
attempt to add a rule to the MASQUERADE chain of ip6tables (which
doesn't exist).

This patch changes that function to check the protocol of the given
address, generate an error log if it's not IPv4 (AF_INET), and finally
hardcodes all the family parameters sent down to lower-level functions.
2011-01-05 11:59:47 -05:00
Laine Stump
6741ca36bd Improve error reporting when parsing dhcp info for virtual networks
This is partially in response to

  https://bugzilla.redhat.com/show_bug.cgi?id=653300

The crash in that report was coincidentally fixed when we switched
from using inet_pton() to using virSocketParseAddr(), but the absence
of an ip address in a dhcp static host definition was still silently
ignored (and that entry discarded from the saved XML). This patch
turns that into a logged failure; likewise if the entry has neither a
mac address nor a name attribute (the entry is useless without at
least one of those, plus an ip address).

Since the network name is now pulled into this function in order for
those error logs to be more informative, the other error messages in
the function have also been changed to take advantage.
2011-01-05 11:59:34 -05:00
Justin Clift
6ea4c85919 docs: added libvirt-announce to contact page
Also added explicit links to the subscription and
archive pages for the user and developer mailing
lists.
2011-01-05 18:07:30 +11:00
Stefan Berger
0922ff2fea qemu driver: fix positioning to end of log file
While doing some testing with Qemu and creating huge logfiles I encountered the case where the VM could not start anymore due to the lseek() to the end of the Qemu VM's log file failing. The patch below fixes the problem by replacing the previously used 'int' with 'off_t'.

To reproduce this error, you could do the following:

dd if=/dev/zero of=/var/log/libvirt/qemu/<name of VM>.log bs=1024 count=$((1024*2048))

and you should get an error like this:

error: Failed to start domain <name of VM>
error: Unable to seek to -2147482651 in /var/log/libvirt/qemu/<name of VM>.log: Success
2011-01-04 12:46:10 -05:00
Eric Blake
45829e678e build: satisfy 'make syntax-check' regarding year change
* .gnulib: Update to latest, to pick up 2011 copyrights.
2011-01-04 09:50:07 -07:00
Daniel Veillard
6675e00744 Release of libvirt-0.8.7
* configure.ac libvirt.spec.in docs/news.html.in: bump version and add
  documentation
* po/*po*: regenerate po and pot files
2011-01-04 03:37:17 +01:00
Eric Blake
c685993d71 build: avoid compilation warnings
Detected on cygwin:
util/util.c: In function 'virSetUIDGID':
util/util.c:2824: warning: format '%d' expects type 'int', but argument 7 has type 'gid_t' [-Wformat]
(and three other lines)

* src/util/util.c (virSetUIDGID): Cast, as is done elsewhere in
this file, to avoid printf type mismatch warnings.
2011-01-03 15:26:33 -07:00
Hu Tao
b2dbc16044 threadpool: allow NULL jobdata
Don't require non-null jobdata to virThreadPoolSendJob().
2011-01-03 14:45:00 -07:00
Chris Wright
51798a5d1c node_device: udev driver does not handle SR-IOV devices
The udev driver does not update a PCI device with its SR-IOV capabilities,
when applicable, the way the hal driver does.  As a result, dumping the
device's XML will not include the relevant physical or virtual function
information.

With this patch, the XML is correct:

# virsh nodedev-dumpxml pci_0000_09_00_0
<device>
  <name>pci_0000_09_00_0</name>
  <parent>pci_0000_00_1c_0</parent>
  <driver>
    <name>vxge</name>
  </driver>
  <capability type='pci'>
    <domain>0</domain>
    <bus>9</bus>
    <slot>0</slot>
    <function>0</function>
    <product id='0x5833'>X3100 Series 10 Gigabit Ethernet PCIe</product>
    <vendor id='0x17d5'>Neterion Inc.</vendor>
    <capability type='virt_functions'>
      <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/>
      <address domain='0x0000' bus='0x0a' slot='0x00' function='0x2'/>
      <address domain='0x0000' bus='0x0a' slot='0x00' function='0x3'/>
    </capability>
  </capability>
</device>

# virsh nodedev-dumpxml pci_0000_0a_00_1
<device>
  <name>pci_0000_0a_00_1</name>
  <parent>pci_0000_00_1c_0</parent>
  <driver>
    <name>vxge</name>
  </driver>
  <capability type='pci'>
    <domain>0</domain>
    <bus>10</bus>
    <slot>0</slot>
    <function>1</function>
    <product id='0x5833'>X3100 Series 10 Gigabit Ethernet PCIe</product>
    <vendor id='0x17d5'>Neterion Inc.</vendor>
    <capability type='phys_function'>
      <address domain='0x0000' bus='0x09' slot='0x00' function='0x0'/>
    </capability>
  </capability>
</device>

Cc: Dave Allan <dallan@redhat.com>
Signed-off-by: Chris Wright <chrisw@redhat.com>
2011-01-03 09:05:10 -07:00
Eric Blake
e80ed3fd3b virExec: fix logic bug
As pointed out in https://bugzilla.redhat.com/show_bug.cgi?id=659855#c9,
commit c3568ec2 introduced a regression where we no longer close any
fd's beyond FD_SETSIZE.

* src/util/util.c (__virExec): Continue to close fd's beyond
keepfd range.
Reported by Stefan Praszalowicz.
2010-12-31 10:12:10 -07:00
Laine Stump
77094eaf3a Improve virSocketAddrMask[ByPrefix] API
The original version of these functions would modify the address sent
in, meaning that the caller would usually need to copy the address
first. This change makes the original a const, and puts the resulting
masked address into a new arg (which could point to the same
virSocketAddr as the original, if the caller really wants to modify
it).

This also makes the API consistent with virSocketAddrBroadcast[ByPrefix].
2010-12-31 11:34:35 -05:00
Laine Stump
2eeeb60152 Set broadcast address for IPv4 addresses on virtual network bridges
Previously we used ioctl() to set the IP address and netmask of the
bridges used for virtual networks, and apparently the SIOCSIFNETMASK
ioctl implicitly set the broadcast address for the interface. The new
method of using the "ip" command requires broadcast address to be
explicitly specified though.
2010-12-31 11:34:24 -05:00
Laine Stump
86387878b0 Utility functions to produce an IPv4 broadcast address
These functions work only for IPv4, becasue IPv6 doesn't have the same
concept of "broadcast address" as IPv4. They merely OR the inverse of
the netmask with the given host address, thus turning on all the host
bits.
2010-12-31 11:34:12 -05:00
Matthias Bolte
6b6cb7ea15 esx: Fix "occurence" typo (again)
Also include some whitespace changes. No functional change included.
2010-12-30 12:56:55 +01:00
Matthias Bolte
8d2e24d6a8 vbox: Add support for VirtualBox 4.0
Add vboxArrayGetWithUintArg to handle new signature variations. Also
refactor vboxArrayGet* implementation to use a common helper function.

Deal with the incompatible changes in the VirtualBox 4.0 API. This
includes major changes in virtual machine and storage medium lookup,
in RDP server property handling, in session/lock handling and other
minor areas.

VirtualBox 4.0 also dropped the old event API and replaced it with a
completely new one. This is not fixed yet and will be addressed in
another patch. Therefore, currently the domain events are supported
for VirtualBox 3.x only.

Based on initial work from Jean-Baptiste Rouault.
2010-12-28 00:18:46 +01:00
Matthias Bolte
c4ce8333ac Fix misuse of VIR_ERR_INVALID_DOMAIN
VIR_ERR_INVALID_DOMAIN is meant for invalid domain pointers.
VIR_ERR_NO_DOMAIN is meant for non-existing domains.
2010-12-27 23:53:39 +01:00
Matthias Bolte
30a13736e4 vbox: Handle different IID representation in Version 2.2 on Windows
On Windows IID's are represented as GUID by value, instead of nsID
by reference on non-Windows platforms.

Patch the vbox_CAPI_v2_2.h header to deal with this difference.

Rewrite vboxIID abstraction that deals with the different IID
representations. Add support for the GUID representation. Also unify
the four context dependent free functions for vboxIIDs

  vboxIIDUnalloc, vboxIIDFree, vboxIIDUtf8Free, vboxIIDUtf16Free

into vboxIIDUnalloc that is now safe to be called (even multiple
times) on a vboxIID independent of the source and context of the
vboxIID.

The new vboxIID is designed to be used as a stack allocated variable.
It has a value member that represents the actual IID value.
2010-12-27 23:53:39 +01:00
MORITA Kazutaka
d0b9eea8c9 update docs for network disks
Signed-off-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp>
2010-12-24 08:16:54 -07:00
Wen Congyang
3b13d25232 build: fix building error when building without libvirtd
When I build libvirt without libvirtd, I receive some errors:
cp: cannot stat `/home/wency/rpmbuild/BUILDROOT/libvirt-0.8.6-1.el6.x86_64/etc/libvirt/qemu/networks/default.xml': No such file or directory

My build step:
# ./autogen.sh --without-libvirtd
# make dist
# rpmbuild --nodeps --define "_sourcedir `pwd`" --define "_without_libvirtd 1" -ba libvirt.spec

The reason is we disable network when we do not build libvirt daemon in configure.ac.
After fixing this bug, I build libvirt without libvirtd, I receive other errors:
RPM build errors:
    Installed (but unpackaged) file(s) found:
   /usr/share/doc/libvirt-0.8.6/html/32favicon.png
   /usr/share/doc/libvirt-0.8.6/html/api.html
..

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2010-12-24 07:31:34 -07:00