Commit Graph

3032 Commits

Author SHA1 Message Date
Daniel P. Berrange
651153216b Disable IPv6 on virtual networks
If the bridge device is configured to have IPv6 address and
accept router advertisments, then a malicious guest can send
out bogus advertisments and hijack/DOS host IPv6 connectivity

* src/network_driver.c: Set accept_ra=0, disable_ipv6=1, autoconf=0
  for IPv6 sysctl on virual network bridge devices
2009-07-31 16:14:26 +01:00
Mark McLoughlin
a49cf8a57d Fix PCIe FLR detection
PCIe DevCap register is actually 32 bits, not 16 bits. Since FLR is
bit 28, we clearly are failing to detect FLR support.

Known to fix device reset with some SR-IOV devices.

* src/pci.c: fix pciDetectFunctionLevelReset()
2009-07-31 15:41:36 +01:00
Mark McLoughlin
f4e7157716 Set perms on /var/lib/libvirt/images to 0711
Allow qemu user to open images in this dir, but still prevent others
from listing it.

* libvirt.spec.in: set /var/lib/libvirt/images perms to 0711
2009-07-31 09:52:24 +01:00
Daniel P. Berrange
9a152d481b Fix problem writing QEMU pidfile
* src/util.c: Don't drop capabilities until after the PID file has
  been written. Kill off child if writing the PID file fails
* src/qemu_driver.c: Remove bogus trailing '/' in state dir
2009-07-30 17:47:34 +01:00
Daniel P. Berrange
df3de82c06 Allow dnsmasq to provide DNS without DHCP
* src/network_driver.c: Always start dnsmasq to allow it to provide
  DNS, even if no DHCP ranges are enabled
2009-07-30 17:47:15 +01:00
Maximilian Wilhelm
8db5f642e9 Avoid warning when compiling without IFF_VNET_HDR
* src/bridge.c: avoid a couple of unused var/func warnings
2009-07-30 17:28:44 +02:00
Daniel P. Berrange
16208bca89 Fix build on mingw32 by disabling netcf
* autobuild.sh, mingw32-libvirt.spec.in: Set --without-netcf for
  mingw32 builds
2009-07-30 13:07:51 +01:00
Matthias Bolte
3f3ec73d39 ESX Scheduler documentation and cleanup
* esx/esx_driver.c: add some documentation about the CPU scheduler
  parameters and remove some old, unnecessary compensation code, since
  virsh uses the proposed parameter types now.
2009-07-30 13:41:04 +02:00
Henrik Persson
c9bece0c8f Fix vcpupin on Xen problem
* src/xend_internal.c: the update on the cpu affinity map format
  had na error and made the changes in the wrong buffer, fix those
2009-07-30 13:32:03 +02:00
Daniel P. Berrange
eb78ccf391 Fix RPM upgrades from F11 to F12
* libvirt.spec.in: Create qemu/kvm user/group in %pre script
2009-07-30 12:26:58 +01:00
Aron Griffis
d3209478d5 Fix an initialization problem in previous patch
* src/bridge.c: fix struct ifreq ifr init in brAddTap()
2009-07-30 09:14:47 +02:00
Bryan Kearney
13e5668a84 Update the java bindings page
* docs/java.html[.in]: update the java bindings html page to reflect the
  new repositories, JNA usage, and maven access
2009-07-29 23:28:50 +02:00
Aron Griffis
8fa592e3dc Remove MAX_TAP_ID and let kernel do numbering
* src/bridge.c: no need to format the device string in brAddTap()
  this can be delegated to the kernel and removes an arbitrary limit.
2009-07-29 23:23:23 +02:00
Ron Yorston
e195b43932 Kernel command line support for UML
* src/uml_conf.c: add support for additional kernel command line
  arguments.
2009-07-29 16:40:49 +02:00
Daniel P. Berrange
664085ab74 Fix deadlock in remote driver domain events
* src/remote_internal.c: Release driver lock when dispatching events
  to callbacks
2009-07-29 15:25:18 +01:00
Ryota Ozaki
abe3ee9cc5 qemu: fix monitor socket reconnection
* src/qemu_driver.c: fix qemudOpenMonitorUnix() to retry on ENOENT
  instead of EACCES which is the error one receive when the socket
  error hasn't shown up yet
2009-07-29 16:13:05 +02:00
Mark McLoughlin
a8e34e298e Fix polkit/netcf disabling on older fedoras
polkit was disabled by default for a reason - because we selectively
enable it on newer fedoras rather than disable it on older fedoras

Same fix needed for netcf
2009-07-29 10:05:39 +01:00
Mark McLoughlin
181c80d6eb Capilize libvirt-client summary
Fixes:

  W: summary-not-capitalized client side library and utilities of the libvirt library
2009-07-29 09:57:24 +01:00
Mark McLoughlin
56d672afeb Move ldconfig calls to libvirt-client %post/%postun
Now that the library has moved to libvirt-client
2009-07-29 09:55:43 +01:00
Mark McLoughlin
b9ebee4939 Convert NEWS to UTF-8
* docs/news.xsl: request UTF-8 as the output encoding

* NEWS: re-generate with UTF-8 encoding
2009-07-29 09:04:21 +01:00
Mark McLoughlin
c3c4bd4e75 Fix trailing whitespace in NEWS
git wouldn't let me push without this
2009-07-29 09:03:53 +01:00
Mark McLoughlin
adefc3955b No need to build require both python-devel and python
Since python-devel requires python

Pointed out by Itamar Reis Peixoto
2009-07-29 08:59:44 +01:00
Mark McLoughlin
09a40ab471 Remove executable perms from /etc/sysconfig/libvirtd
Changed by Rich Jones for:

  libvirt.x86_64: E: executable-marked-as-config-file /etc/sysconfig/libvirtd

See:

  https://bugzilla.redhat.com/226055
2009-07-29 08:45:25 +01:00
Mark McLoughlin
70a339970c Use a %postun -p for one line scriptlet
Changed by Rich Jones, presumably for this:

  libvirt.x86_64: W: one-line-command-in-%postun /sbin/ldconfig

see:

  https://bugzilla.redhat.com/226055
2009-07-29 08:45:25 +01:00
Mark McLoughlin
f69b841d2b Don't explicitly require libxml2
Originally done by rjones as part of this package review:

  https://bugzilla.redhat.com/226055
2009-07-29 08:45:24 +01:00
Mark McLoughlin
4f377369a8 Fix some unowned directories
danpb's fix for:

  https://bugzilla.redhat.com/483442
2009-07-28 19:29:59 +01:00
Mark McLoughlin
86823575fd Kill qemu BuildRequires
It's not needed at build time

Removed in Fedora by:

  * Fri Jun  5 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.4-2.fc12
  - Remove the qemu BuildRequires
2009-07-28 19:29:59 +01:00
Mark McLoughlin
69a0f3ee23 Enable netcf by default
Disabled on < f12 for now until netcf is in Fedora updates

BuildRequires netcf if enabled, pass --without-netcf if its disabled

* libvirt.spec.in: enabled netcf by default
2009-07-28 19:29:59 +01:00
Mark McLoughlin
6a9948c018 Default to with_polkit
Unless there's some reason we shouldn't
2009-07-28 19:29:59 +01:00
Mark McLoughlin
e3f0cae719 Make vbox support configurable
Added by DV with:

  * Fri Apr 24 2009 Daniel Veillard <veillard@redhat.com> - 0.6.3-1.fc12
  - release of 0.6.3
  - VirtualBox driver
2009-07-28 19:29:59 +01:00
Mark McLoughlin
7311161340 Build with --without-capng if capng is disabled
* libvirt.spec: pass --without-capng if appropriate
2009-07-28 19:29:59 +01:00
Mark McLoughlin
b55501c00c BuildRequires libcap-ng-devel not capng-devel
Fedora CVS changelog is "Fix libcap-ng-devel require, Daniel"
2009-07-28 19:29:59 +01:00
Shahar Klein
5c153e200f Drop curl host check when using ESX without check
* src/esx/esx_vi.c: drop host check if no_verify=1, but as Matthias
  pointed out if no_verify=2 we should check the host is the right
  one
2009-07-28 12:13:20 +02:00
Mark McLoughlin
232514041d Reduce glusterfs dependency to 2.0.1
* libvirt.spec.in: require glusterfs-client >= 2.0.1
2009-07-28 11:01:58 +01:00
Daniel P. Berrange
dd6cd7dd63 Fix crashes in Xen capabilities code
* src/xen_internal.c: Don't free memory now owned by the virCapsPtr
   structure
* tests/testutilsxen.c: Fix up for change in internal API
2009-07-27 16:45:01 +01:00
Daniel P. Berrange
f055724b27 Fix typo in xen capabilities code 2009-07-27 16:31:24 +01:00
Daniel P. Berrange
c4a04dc024 Fill in vCPU <-> pCPU current mapping, and vCPU cpuTime for QEMU
* src/qemu_driver.c: implement missing features in qemudDomainGetVcpus
  for 'cpu' and 'cpuTime' fields
2009-07-27 16:30:25 +01:00
Mark McLoughlin
85453c4247 Add support for attaching network/bridge NICs in QEMU driver
In order to hotplug a network/bridge backed NIC, we need to first create
the tap file descriptor, add the tap interface to the bridge and then
pass the file descriptor to the qemu process using the 'getfd' monitor
command.

Once the tapfd has been accepted, we create the network backend using
host_net_add, supplying the name assigned to the tapfd. If this fails,
we need to close the tapfd in qemu using the 'closefd' monitor command.

If the version of qemu does not support the getfd/closefd monitor
commands we detect "unknown command" in the getfd reply and fail the
attach operation.

* src/qemu_driver.c: add support for tapfd based hotplug in
  qemudDomainAttachNetDevice()
2009-07-27 15:31:52 +01:00
Mark McLoughlin
1daaebfa0c Add SCM_RIGHTS support to QEMU monitor code
Add qemudMonitorCommandWithFd() which allows a file descriptor to be
sent to qemu over a unix monitor socket using SCM_RIGHTS. See the
unix(7) and cmsg(3) man pages.

* src/qemu_conf.c: add a scm_fd param to qemudMonitorCommandExtra(),
  add qemudMonitorCommandWithFd(), implement SCM_RIGHTS support in
  qemudMonitorSendUnix()
2009-07-27 15:31:51 +01:00
Mark McLoughlin
7d9576edcb Use sendmsg() on QEMU monitor socket
Switch from using write() to using sendmsg() on QEMU's monitor socket
so that we can add support for SCM_RIGHTS.

* src/qemu_driver.c: add sendmsg() based qemudMonitorSendUnix() and use
  it when the monitor fd is a unix socket
2009-07-27 15:31:51 +01:00
Mark McLoughlin
9de2972c30 Factor qemudMonitorSend() out of qemudMonitorCommandExtra()
Add a little helper function to write the monitor command followed by
carriage return in a single write.

This doesn't make any real difference, but allows us to more easily
switch to using sendmsg() when using the monitor over a unix socket.

* src/qemu_conf.c: split qemudMonitorSend() out
2009-07-27 15:31:51 +01:00
Mark McLoughlin
be44cabd7f Clean up error handling in qemudDomainAttachNetDevice()
In subsequent patches we're going to have a file descriptor to close
too, so centralize the error handling cleanups to make things easier.

* src/qemu_conf.c: in qemudDomainAttachNetDevice() consolidate the
  error handling cleanups together
2009-07-27 15:31:51 +01:00
Mark McLoughlin
32db8dd75b Make qemuBuildHostNetStr() take tapfd as a string
With hotplug, we're going to want to pass a tapfd name rather than an
actual file descriptor, so prepare the way by passing a string tapfd to
qemuBuildHostNetStr().

* src/qemu_conf.h: qemuBuildHostNetStr() takes a string tapfd now

* src/qemu_conf.c: pass qemuBuildHostNetStr() a string rather than an
  actual file descriptor

* src/qemu_driver.c: update qemudDomainAttachNetDevice() for change
2009-07-27 15:31:51 +01:00
Mark McLoughlin
a3f33b6531 Move vnet_hdr logic into qemudNetworkIfaceConnect() and export it
* src/qemu_conf.h: export qemudNetworkIfaceConnect()

* src/qemu_conf.c: move vnet_hdr logic into qemudNetworkIfaceConnect()
  since we need it for hotplug too
2009-07-27 15:31:51 +01:00
Mark McLoughlin
707302b2cf Only probe qemu for machine types when binary changes
By probing for qemu machine types, we increased the time of a
GetCapabilities call from 100us to a whopping 60ms.

This patch takes the approach of only probing for machine types
when the mtime of the emulator binary changed since the last time
the capabilities were generated.

* src/capabilities.h: cache the emulator binary mtime

* src/qemu_conf.c: add qemudGetOldMachines() to copy the machine
  types from the old caps struct if the mtime for the binary hasn't
  changed

* src/qemu_conf.h, src/qemu_driver.c: pass the old caps pointer to
  qemudCapsInit()
2009-07-27 15:30:35 +01:00
Mark McLoughlin
0f15d0344d Add canonical machine name to capabilities output
e.g. <machine canonical='pc'>pc-0.11</machine>

* src/capabilities.c: output the canonical machine names in the
  capabilities output, if available

* docs/schemas/capabilities.rng: add the new attribute
2009-07-27 15:30:17 +01:00
Mark McLoughlin
c14c6b083e Probe QEMU directly for machine aliases if not found in capabilties
Not all possible emulators are actually in the capabilities, so if we
don't find the supplied emulator we should probe it directly for machine
types.

* src/qemu_driver.c: add qemudCanonicalizeMachineDirect() to directly
  probe an emulator for the canonical machine type
2009-07-27 15:17:55 +01:00
Mark McLoughlin
be291b330a Canonicalize qemu machine types
In qemu-0.11 there is a 'pc-0.10' machine type which allows you to run
guests with a machine which is compatible with the pc machine in
qemu-0.10 - e.g. using the original PCI class for virtio-blk and
virtio-console and disabling MSI support in virtio-net. The idea here
is that we don't want to suprise guests by changing the hardware when
qemu is updated.

I've just posted some patches for qemu-0.11 which allows libvirt to
canonicalize the 'pc' machine alias to the latest machine version.

This patches makes us use that so that when a guest is configured to
use the 'pc' machine type, we resolve that to 'pc-0.11' machine and
save that in the guest XML.

See also:

  https://fedoraproject.org/wiki/Features/KVM_Stable_Guest_ABI

* src/qemu_conf.c: add qemudCanonicalizeMachine() to canonicalize
  the machine type according to the machine aliases in capabilities

* src/qemu_driver.c: parse aliases in qemudParseMachineTypesStr()
2009-07-27 15:17:55 +01:00
Mark McLoughlin
38fd207e53 Add virCapsGuestMachine structure
A subsequent commit will add a "canonical" field to this structure,
this patch basically just prepares the way for that.

The new type is added, along with virCapabilitiesAlloc/FreeMachines()
helpers and a whole bunch of code to make the transition.

One quirk is that virCapabilitiesAddGuestDomain() and
virCapabilitiesAddGuest() take ownership of the machine list rather
than duping it. This makes sense to avoid needless copying.

* src/capabilities.h: add the virCapsGuestMachine struct and use it
  in virCapsGuestDomainInfo, add prototypes for new functions and
  update the AddGuest() prototypes

* src/capabilities.c: add code for allocating and freeing the new
  type, change the machines parameter to AddGuest() etc.

* src/libvirt_private.syms: export the new helpers

* src/qemu_conf.c: update all the machine type code to use the new
  struct

* src/xen_internal.c: ditto

* tests/testutilsqemu.c: ditto
2009-07-27 15:17:55 +01:00
Mark McLoughlin
d412487eb7 Probe for QEMU machine types
Currently we hardcode the QEMU machine types. We should really just
parse the output of 'qemu -M ?' so the lists don't get out of sync.

xenner doesn't support '-M ?', so we still need to hardcode that.

The horrible (const char *const *) is removed in a subsequent patch.

* src/qemu_conf.c: kill the arch_info*machines tables, retain the
  hardcoded xenner machine type, add qemudProbeMachineTypes() to
  run and parse 'qemu -M ?' and use it in qemudCapsInitGuest()
2009-07-27 15:17:55 +01:00