Commit Graph

2050 Commits

Author SHA1 Message Date
Peter Krempa
1c6999d340 conf: RNG: Always fill in default random source path for default backend
Libvirt documents that the default entropy source for the 'random'
backend of a RNG device is /dev/random. Instead of storing and
propagating NULL across our code and checking it in multiple places fill
the default in the post parse callback and use that in the other places.
2014-07-28 10:07:09 +02:00
James
febfe83721 util: virTimeFieldsThenRaw never returns negative
virTimeFieldsThenRaw will never return negative result, so I clean up
the related meaningless judgements to make it better.

Signed-off-by: James <james.wangyufei@huawei.com>
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-07-25 12:06:07 +02:00
Peter Krempa
7214d5da28 test: qemu: Add tests for multiple virtio-rng devices 2014-07-25 09:34:53 +02:00
Roman Bogorodskiy
d704e69858 bhyve: cdrom support
Add support for CDROM devices for bhyve driver using
bhyve(8)'s 'ahci-cd' device type.

As bhyve currently does not support media insertion at runtime,
disallow to start a domain with an empty source path for cdrom
devices.
2014-07-24 18:56:37 +04:00
Cédric Bosdonnat
26d67015b8 lxc domain from xml: convert lxc.cap.drop 2014-07-23 15:12:37 +08:00
Cédric Bosdonnat
47e5b5ae32 lxc: allow to keep or drop capabilities
Added <capabilities> in the <features> section of LXC domains
configuration. This section can contain elements named after the
capabilities like:

  <mknod state="on"/>, keep CAP_MKNOD capability
  <sys_chroot state="off"/> drop CAP_SYS_CHROOT capability

Users can restrict or give more capabilities than the default using
this mechanism.
2014-07-23 15:12:37 +08:00
Michal Privoznik
692016f790 tests: Remove stale scsihostdata dir
In the fbd91d49 commit, new scsihostdata dir is added to EXTRA_DIST in
the tests/Makefile.am. However, the directory itself is not created
anywhere, nor in the commit.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-07-22 11:10:57 +02:00
John Ferlan
ef48a1b613 scsi_host: Introduce virFindSCSIHostByPCI
Introduce a new function to parse the provided scsi_host parent address
and unique_id value in order to find the /sys/class/scsi_host directory
which will allow a stable SCSI host address

Add a test to scsihosttest to lookup the host# name by using the PCI address
and unique_id value
2014-07-21 12:55:11 -04:00
John Ferlan
f3271f4cb3 Add unique_id to nodedev output
Add an optional unique_id parameter to nodedev.  Allows for easier lookup
and display of the unique_id value in order to document for use with
scsi_host code.
2014-07-21 12:55:11 -04:00
John Ferlan
fbd91d496e virutil: Introduce virReadSCSIUniqueId
Introduce a new function to read the current scsi_host entry and return
the value found in the 'unique_id' file.

Add a 'scsihosttest' test (similar to the fchosttest, but incorporating some
of the concepts of the mocked pci test library) in order to read the
unique_id file like would be found in the /sys/class/scsi_host tree.
2014-07-21 12:55:11 -04:00
Osier Yang
a4bd62adc1 storage: Introduce parentaddr into virStoragePoolSourceAdapter
Between reboots and kernel reloads, the SCSI host number used for SCSI
storage pools may change requiring modification to the storage pool XML
in order to use a specific SCSI host adapter.

This patch introduces the "parentaddr" element and "unique_id" attribute
for the SCSI host adapter in order to uniquely identify the adapter
between reboots and kernel reloads. For now the goal is to only parse
and format the XML. Both will be required to be provided in order to
uniquely identify the desired SCSI host.

The new XML is expected to be as follows:

  <adapter type='scsi_host'>
    <parentaddr unique_id='3'>
      <address domain='0x0000' bus='0x00' slot='0x1f' func='0x2'/>
    </parentaddr>
  </adapter>

where "parentaddr" is the parent device of the SCSI host using the PCI
address on which the device resides and the value from the unique_id file
for the device. Both the PCI address and unique_id values will be used
to traverse the /sys/class/scsi_host/ directories looking at each link
to match the PCI address reformatted to the directory link format where
"domain🚌slot:function" is found.  Then for each matching directory
the unique_id file for the scsi_host will be used to match the unique_id
value in the xml.

For a PCI address listed above, this will be formatted to "0000:00:1f.2"
and the links in /sys/class/scsi_host will be used to find the host#
to be used for the 'scsi_host' device. Each entry is a link to the
/sys/bus/pci/devices directories, e.g.:

%  ls -al /sys/class/scsi_host/host2
lrwxrwxrwx. 1 root root 0 Jun  1 00:22 /sys/class/scsi_host/host2 -> ../../devices/pci0000:00/0000:00:1f.2/ata3/host2/scsi_host/host2

% cat /sys/class/scsi_host/host2/unique_id
3

The "parentaddr" and "name" attributes are mutually exclusive to identify
the SCSI host number. Use of the "parentaddr" element will be the preferred
mechanism.

This patch only supports to parse and format the XMLs. Later patches will
add code to find out the scsi host number.
2014-07-21 12:55:10 -04:00
Peter Krempa
b325be128a schema: pool: netfs: Don't enforce slash in glusterfs pool source
Gluster volumes don't start with a leading slash. Our schema for netfs
gluster pools enforces it though. Luckily mount.glusterfs skips it.
Allow a slashless volume name for glusterfs netfs mounts in the schema.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1101999
2014-07-21 18:28:17 +02:00
Cédric Bosdonnat
7c10a77422 lxc conf2xml: convert lxc.network.name for veth networks 2014-07-18 14:26:03 +02:00
Cédric Bosdonnat
3ba0469ce6 lxc network configuration allows setting target container NIC name
LXC network devices can now be assigned a custom NIC device name on the
container side. For example, this is configured with:

    <interface type='network'>
      <source network='default'/>
      <guest dev="eth1"/>
    </interface>

In this example the network card will appear as eth1 in the guest.
2014-07-18 14:25:57 +02:00
Peter Krempa
e00eb2ccfe test: metadata: Improve test coverage
Test also the TITLE and DESCRIPTION metadata types.
2014-07-17 17:04:12 +02:00
Eric Blake
7f1ca3d6fe schema: put interleave at correct level
The previous commit 09d4d26 put the interleave at the wrong point;
it didn't allow interleaving with <memory>.

* docs/schema/domaincommon.rng (numatune): Fix interleave location.
* tests/qemuxml2argvdata/qemuxml2argv-numatune-memnode.xml: Adjust test.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-07-16 17:30:31 -06:00
Martin Kletzander
1c19d3e072 qemu: pass numa node binding preferences to qemu
Currently, we only bind the whole QEMU domain to memory nodes
specified in nodemask altogether.  That, however, doesn't make much
sense when one wants to control from where the memory for particular
guest nodes should be allocated.  QEMU allows us to do that by
specifying 'host-nodes' parameter for the 'memory-backend-ram' object,
so let's use that.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-07-16 20:15:46 +02:00
Martin Kletzander
001b9dc1dc qemu: enable disjoint numa cpu ranges
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-07-16 20:15:46 +02:00
Martin Kletzander
1a324c2f88 qemu: newer -numa parameter capability probing
When qemu switched to using OptsVisitor for -numa parameter, it did
two things in the same patch.  One of them is that the numa parameter
is now visible in "query-command-line-options", the second one is that
it enabled using disjoint cpu ranges for -numa specification.  This
will be used in later patch.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-07-16 20:15:46 +02:00
Martin Kletzander
7bc1db5a1d qemu: allow qmp probing for cmdline options without params
That can be lately achieved with by having .param == NULL in the
virQEMUCapsCommandLineProps struct.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-07-16 20:15:46 +02:00
Martin Kletzander
a05c01521c conf, schema: add support for memnode elements
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-07-16 20:15:45 +02:00
Martin Kletzander
93e82727ec numatune: Encapsulate numatune configuration in order to unify results
There were numerous places where numatune configuration (and thus
domain config as well) was changed in different ways.  On some
places this even resulted in persistent domain definition not to be
stable (it would change with daemon's restart).

In order to uniformly change how numatune config is dealt with, all
the internals are now accessible directly only in numatune_conf.c and
outside this file accessors must be used.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-07-16 20:15:45 +02:00
Martin Kletzander
992000e6d8 conf, schema: add 'id' field for cells
In XML format, by definition, order of fields should not matter, so
order of parsing the elements doesn't affect the end result.  When
specifying guest NUMA cells, we depend only on the order of the 'cell'
elements.  With this patch all older domain XMLs are parsed as before,
but with the 'id' attribute they are parsed and formatted according to
that field.  This will be useful when we have tuning settings for
particular guest NUMA node.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-07-16 20:15:45 +02:00
Michele Paolino
a14abd463a support for QEMU vhost-user
This patch adds support for the QEMU vhost-user feature to libvirt.
vhost-user enables the communication between a QEMU virtual machine
and other userspace process using the Virtio transport protocol.
It uses a char dev (e.g. Unix socket) for the control plane,
while the data plane based on shared memory.

The XML looks like:

<interface type='vhostuser'>
    <mac address='52:54:00:3b:83:1a'/>
    <source type='unix' path='/tmp/vhost.sock' mode='server'/>
    <model type='virtio'/>
</interface>

Signed-off-by: Michele Paolino <m.paolino@virtualopensystems.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-07-16 18:44:57 +02:00
Chunyan Liu
0b0c641b66 add nocow test case
Add file in storagevolxml2xmlin and storagevolxml2xmlout, let
storagevolxml2xmltest and storagevolschematest cover 'nocow'.
Add test case to storagevolxml2argvtest to cover 'nocow'.

Signed-off-by: Chunyan Liu <cyliu@suse.com>
2014-07-16 13:35:26 +02:00
Ján Tomko
3103a9770f Fix assignment of comparison against zero
Assign the value we're comparing:
(val = func()) < 0
instead of assigning the comparison value:
(val = func() < 0)

Both were introduced along with the code,
the TLS tests by commit bd789df in 0.9.4
net events by commit de87691 in 1.2.2.

Note that the event id type fix is a no-op:
vshNetworkEventIdTypeFromString can only return
-1 (failure) and the event is never used or
0 (the only possible event) and the value of 0 < 0 is still 0.
2014-07-16 09:39:57 +02:00
Roman Bogorodskiy
5559a8b838 util: virstatslinux: make more generic
Rename linuxDomainInterfaceStats to virNetInterfaceStats in order
to allow adding platform specific implementations without
making consumer worrying about specific implementation to be used.

Also, rename util/virstatslinux.c to util/virstats.c so placing
other platform specific implementations into this file don't
look unexpected from the file name.
2014-07-15 22:00:59 +04:00
Eric Blake
58156f39ce capabilities: use bool instead of int
While preparing to add a capability for active commit, I noticed
that the existing code was abusing int for boolean values.

* src/conf/capabilities.h (_virCapsGuestFeature, _virCapsHost)
(virCapabilitiesNew, virCapabilitiesAddGuestFeature): Improve
types.
* src/conf/capabilities.c (virCapabilitiesNew)
(virCapabilitiesAddGuestFeature): Adjust signature.
* src/bhyve/bhyve_capabilities.c (virBhyveCapsBuild): Update
clients.
* src/esx/esx_driver.c (esxCapsInit): Likewise.
* src/libxl/libxl_conf.c (libxlMakeCapabilities): Likewise.
* src/lxc/lxc_conf.c (virLXCDriverCapsInit): Likewise.
* src/openvz/openvz_conf.c (openvzCapsInit): Likewise.
* src/parallels/parallels_driver.c (parallelsBuildCapabilities):
Likewise.
* src/phyp/phyp_driver.c (phypCapsInit): Likewise.
* src/qemu/qemu_capabilities.c (virQEMUCapsInit)
(virQEMUCapsInitGuestFromBinary): Likewise.
* src/security/virt-aa-helper.c (get_definition): Likewise.
* src/test/test_driver.c (testBuildCapabilities): Likewise.
* src/uml/uml_conf.c (umlCapsInit): Likewise.
* src/vbox/vbox_tmpl.c (vboxCapsInit): Likewise.
* src/vmware/vmware_conf.c (vmwareCapsInit): Likewise.
* src/xen/xen_hypervisor.c (xenHypervisorBuildCapabilities):
Likewise.
* src/xenapi/xenapi_driver.c (getCapsObject): Likewise.
* tests/qemucaps2xmltest.c (testGetCaps): Likewise.
* tests/testutils.c (virTestGenericCapsInit): Likewise.
* tests/testutilslxc.c (testLXCCapsInit): Likewise.
* tests/testutilsqemu.c (testQemuCapsInit): Likewise.
* tests/testutilsxen.c (testXenCapsInit): Likewise.
* tests/vircaps2xmltest.c (buildVirCapabilities): Likewise.
* tests/vircapstest.c (buildNUMATopology): Likewise.
* tests/vmx2xmltest.c (testCapsInit): Likewise.
* tests/xml2vmxtest.c (testCapsInit): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-07-14 08:00:46 -06:00
Michal Privoznik
99c8d2e808 conf: Always format seclabel's model
https://bugzilla.redhat.com/show_bug.cgi?id=1113860

We've always done that. Well, until 990e46c45. Point is, if we don't
format model, we may lose a domain on libvirtd restart. If the
seclabel is implicit however, we should skip it's formatting.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-07-14 11:10:09 +02:00
Michal Privoznik
d1abf819cf conf: Don't allow multiple seclabels for same model
https://bugzilla.redhat.com/show_bug.cgi?id=1066894

With current code it's possible to have for instance:

virsh dumpxml mydomain | grep seclabel
  <seclabel type='dynamic' model='selinux' relabel='yes'/>
  <seclabel type='dynamic' model='selinux' relabel='yes'/>
  <seclabel type='dynamic' model='selinux' relabel='yes'/>
  <seclabel type='dynamic' model='selinux' relabel='yes'/>
  <seclabel type='dynamic' model='selinux' relabel='yes'/>

what doesn't make any sense. We should reject the XML in the config
parsing phase.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-07-11 10:36:08 +02:00
Peter Krempa
750177104d util: storage: Return complete parent info from virStorageFileChainLookup
Instead of just returning the parent path, return the complete parent
source structure.
2014-07-09 11:41:34 +02:00
Peter Krempa
c29b652912 qemu: monitor: Add argument for specifying backing name for block commit
To allow changing the name that is recorded in the overlay of the TOP
image used in a block commit operation, we need to specify the backing
name to qemu. This is done via the "backing-file" attribute to the
block-commit command.
2014-07-04 13:00:16 +02:00
John Ferlan
6887af392c Utilize virDomainDiskAuth for domain disk
Replace the inline "auth" struct in virStorageSource with a pointer
to a virStorageAuthDefPtr and utilize between the domain_conf, qemu_conf,
and qemu_command sources for finding the auth data for a domain disk
2014-07-03 17:39:15 -04:00
John Ferlan
7712fc7cdb qemuargv2xmltest: Resurrect RBD and iSCSI auth
Ressurect the disk-drive-network-iscsi-auth and disk-drive-network-rbd-auth
tests.  Make adjustments to the args and xml file to be compatible with
other changes made to the non "-auth" so that the only difference is the
authentication information.

Adjust the qemuargv2xmltest.c to filter out "<secret" and "</auth>" since
the args -> xml has no concept of usage it doesn't get printed. This results
in the </auth> being printed on the same line as "<secret" and the secret
XML is not closed - a bit of an issue, but soon to be fixed.
2014-07-03 17:39:14 -04:00
Eric Blake
40ad7160a2 blockjob: turn on qemu capability bit for active commit
Use the probing functionality added in the last patch to turn on
a capability bit when active commit is present, and gate active
commit on that capability.

For my own reference: the difference between BLOCKJOB_SYNC and
BLOCKJOB_ASYNC is whether qemu generated an event at the
conclusion of blockpull; basically, RHEL 6.2 was the only release
of qemu that has the sync semantics and lacks the event.  RHEL
6.3 added blockcopy, but also picked up on the upstream style
of qemu generating events.  As no one is likely to backport
active commit to RHEL 6.2, it's safe for blockcommit to always
require async blockjob support.

Modifying qemucapabilitiestest is painful; the .replies files would
be so much easier if they had comments correlating which command
generated the given reply.  Maybe I'll fix that up later...

* src/qemu/qemu_capabilities.h (QEMU_CAPS_ACTIVE_COMMIT): New
capability.
* src/qemu/qemu_driver.c (qemuDomainBlockCommit): Use the new bit
* src/qemu/qemu_capabilities.c (virQEMUCaps): Name the new bit.
(virQEMUCapsProbeQMPCommands): Set it.
* tests/qemucapabilitiesdata/caps_1.3.1-1.replies: Update.
* tests/qemucapabilitiesdata/caps_1.4.2-1.replies: Likewise.
* tests/qemucapabilitiesdata/caps_1.5.3-1.replies: Likewise.
* tests/qemucapabilitiesdata/caps_1.6.0-1.replies: Likewise.
* tests/qemucapabilitiesdata/caps_1.6.50-1.replies: Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-07-03 14:19:53 -06:00
Eric Blake
47549d5a17 blockjob: allow omitted arguments to QMP block-commit
We are about to turn on support for active block commit.  Although
qemu 2.0 was the first version to mostly support it, that version
mis-handles 0-length files, and doesn't have anything available for
easy probing.  But qemu 2.1 fixed bugs, and made life simpler by
letting the 'top' argument be optional.  Unless someone begs for
active commit with qemu 2.0, for now we are just going to enable
it only by probing for qemu 2.1 behavior (anyone backporting active
commit can also backport the optional argument behavior).  This
requires qemu.git commit 7676e2c597000eff3a7233b40cca768b358f9bc9.

Although all our actual uses of block-commit supply arguments for
both base and top, we can omit both arguments and use a bogus
device string to trigger an interesting behavior in qemu.  All QMP
commands first do argument validation, failing with GenericError
if a mandatory argument is missing.  Once that passes, the code
in the specific command gets to do further checking, and the qemu
developers made sure that if device is the only supplied argument,
then the block-commit code will look up the device first, with a
failure of DeviceNotFound, before attempting any further argument
validation (most other validations fail with GenericError).  Thus,
the category of error class can reliably be used to decipher
whether the top argument was optional, which in turn implies a
working active commit.  Since we expect our bogus device string to
trigger an error either way, the code is written to return a
distinct return value without spamming the logs.

* src/qemu/qemu_monitor.h (qemuMonitorSupportsActiveCommit): New
prototype.
* src/qemu/qemu_monitor.c (qemuMonitorSupportsActiveCommit):
Implement it.
* src/qemu/qemu_monitor_json.h (qemuMonitorJSONBlockCommit):
Allow NULL for top and base, for probing purposes.
* src/qemu/qemu_monitor_json.c (qemuMonitorJSONBlockCommit):
Likewise, implementing the probe.
* tests/qemumonitorjsontest.c (mymain): Enable...
(testQemuMonitorJSONqemuMonitorSupportsActiveCommit): ...a new test.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-07-03 14:19:51 -06:00
Michal Privoznik
fb8bc6becd tests: Avoid double linking some libraries
The problem is, since 614581f32b domaincapstest is linked with
$(LDADDS) by default. Then, since 94e3f23e8a the test may be
conditionally linked with $(qemu_LDADDS) which already contains
$(LDADDS). And some linkers doesn't cope with this nicely:

  CCLD     domaincapstest
../src/libvirt_probes.o:(.probes+0x0): multiple definition of `libvirt_event_poll_add_handle_semaphore'
../src/libvirt_probes.o:(.probes+0x0): first defined here
../src/libvirt_probes.o:(.probes+0x2): multiple definition of `libvirt_event_poll_update_handle_semaphore'
../src/libvirt_probes.o:(.probes+0x2): first defined here
../src/libvirt_probes.o:(.probes+0x4): multiple definition of `libvirt_event_poll_remove_handle_semaphore'
../src/libvirt_probes.o:(.probes+0x4): first defined here
../src/libvirt_probes.o:(.probes+0x6): multiple definition of `libvirt_event_poll_dispatch_handle_semaphore'
../src/libvirt_probes.o:(.probes+0x6): first defined here

And so on.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-07-03 14:58:06 +02:00
Michal Privoznik
94e3f23e8a qemu: Implement virConnectGetDomainCapabilities
So far only information on disks and host devices are exposed in the
capabilities XML. Well, at least something. Even a new test is
introduced. The qemu capabilities are stolen from already existing
qemucapabilities test. There's one tricky point though. Functions that
checks host's KVM and VFIO capabilities, are impossible to mock
currently. So in the test, we are setting the capabilities by hand.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-07-03 12:22:38 +02:00
Michal Privoznik
3ecb9e7631 tests: Move qemu caps XML parsing into shared unit
Later on, we the qemu capabilities XML parsing code may come handy so
instead of duplicating the code make the already existing one shared.
By the same time, make the function accept file name instead of XML
document stored already in memory.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-07-03 12:22:37 +02:00
Michal Privoznik
614581f32b Introduce domain_capabilities
This new module holds and formats capabilities for emulator. If you
are about to create a new domain, you may want to know what is the
host or hypervisor capable of. To make sure we don't regress on the
XML, the formatting is not something left for each driver to
implement, rather there's general format function.

The domain capabilities is a lockable object (even though the locking
is not necessary yet) which uses reference counter.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-07-03 12:22:37 +02:00
Ján Tomko
92a8e72f9d Use virBufferCheckError everywhere we report OOM error
Replace:
if (virBufferError(&buf)) {
    virBufferFreeAndReset(&buf);
    virReportOOMError();
    ...
}

with:
if (virBufferCheckError(&buf) < 0)
    ...

This should not be a functional change (unless some callers
misused the virBuffer APIs - a different error would be reported
then)
2014-07-03 10:48:14 +02:00
Ján Tomko
28b9be2481 Report errors in virCapabilitiesFormatXML
So far, we only report an error if formatting the siblings bitmap
in NUMA topology fails.

Be consistent and always report error in virCapabilitiesFormatXML.
2014-07-03 10:43:39 +02:00
Mike Perez
d950494129 qemu: Add cmd_per_lun, max_sectors to virtio-scsi
This introduces two new attributes "cmd_per_lun" and "max_sectors" same
with the names QEMU uses for virtio-scsi. An example of the XML:

<controller type='scsi' index='0' model='virtio-scsi' cmd_per_lun='50'
max_sectors='512'/>

The corresponding QEMU command line:

-device virtio-scsi-pci,id=scsi0,cmd_per_lun=50,max_sectors=512,
bus=pci.0,addr=0x3

Signed-off-by: Mike Perez <thingee@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2014-07-02 09:43:17 +02:00
Michal Privoznik
7315189ec0 vboxsnapshotxmltest: Don't write to a file in abs_srcdir
In the test, the snapshot XML is written into a file that's located
under:

  abs_srcdir/vboxsnapshotxmldata/testResult.vbox

However, the abs_srcdir doesn't have to be necessarily writable. It
should have been abs_builddir instead. Moreover, the label in the func
creating the file is called 'fail' while it fulfils the duty of
'cleanup' label.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-07-01 16:46:29 +02:00
Michal Privoznik
e5f5805f62 securityselinuxlabeltest: Don't create dummy file in the srcdir
At the very beginning of the test we check if the underlying
filesystem supports extended attributes as they are used to store fake
SELinux labels. In order to check that, a dummy file is created and
semi-random attribute is set. However, the file is created under:

  abs_srcdir "/securityselinuxlabeldata/testxattr"

which has two problems: abs_srcdir is not required to be writable, so
it should have been abs_builddir. The second one is - there's no
"securityselinuxlabeldata" folder under abs_builddir. The problem was
introduced in caf164f1.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-07-01 16:45:35 +02:00
Ján Tomko
96f6275513 Add test for type none model dac seclabel 2014-06-27 07:00:51 +02:00
Jincheng Miao
caf164f1e4 test: add user_xattr check for securityselinuxlabeltest
libvirt unit test used setxattr with "user.libvirt.selinux" name to
emulate setfilecon of selinux. But for some old kernel filesystem
(like 2.6.32-431.el6.x86_64), if the filesystem is not mounted with
user_xattr flag, the setxattr with "user.libvirt.selinux" will fail.

So adding testUserXattrEnabled() in securityselinuxlabeltest.c,
if user_xattr is not enabled, skip this case.

The user_xattr is departed in newer kernel, therefore this commit is
only for the compatablity for old kernel.

Signed-off-by: Jincheng Miao <jmiao@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Tested-by: Scott Sullivan <ssullivan@liquidweb.com>
2014-06-26 15:36:46 -06:00
Martin Kletzander
39931f5ee8 qemu: fix guestfwd chardev option back how it was
Since commit d86c876a66 we are using
guestfwd=tcp:IP:PORT,chardev=ID for guestfwd specification, however,
that has not changed in qemu, so guestfwd does not work since.

Apart from that, guestfwd is not working with older qemu that doesn't
have QEMU_CAPS_DEVICE.

Both regressions exist since late 2009 and nobody found that (until
now), so I'm only fixing the first one.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1112066

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-06-26 16:56:09 +02:00
Daniel P. Berrange
adae3f9705 Fix typo s/SASL_CONF_DIR/SASL_CONF_PATH/ in QEMU VNC code
The QEMU VNC client arg code has a long standing typo
of SASL_CONF_DIR when it should be SASL_CONF_PATH for
the env variable name.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-06-26 14:32:34 +01:00
Jiri Denemark
b14954fc12 cpuCompare*: Add support for reporting failure on incompatible CPUs
When CPU comparison APIs return VIR_CPU_COMPARE_INCOMPATIBLE, the caller
has no clue why the CPU is considered incompatible with host CPU. And in
some cases, it would be nice to be able to get such info in a client
rather than having to look in logs.

To achieve this, the APIs can be told to return VIR_ERR_CPU_INCOMPATIBLE
error for incompatible CPUs and the reason will be described in the
associated error message.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-06-26 00:43:54 +02:00