Commit Graph

162 Commits

Author SHA1 Message Date
Michal Privoznik
b7fac9f77f virDomainMigrateUnmanagedParams: Don't blindly dereference @dconnuri
This function may be called with @dconnuri == NULL, e.g. from
virDomainMigrateToURI3() if the flags are missing
VIR_MIGRATE_PEER2PEER flag. Moreover, all later functions called
from here do wrap it into NULLSTR() so why not do the same here?

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-01-09 18:44:44 +01:00
Ján Tomko
488222800e libvirt-domain: fix dxml passing in virDomainMigrateToURI2
The refactoring in commit a26669d silently ignored the dxml
parameter of virDomainMigrateToURI2.

https://bugzilla.redhat.com/show_bug.cgi?id=1295405
2016-01-05 15:00:03 +01:00
Martin Kletzander
7d65a355fa Fix formatting for virDomainGetCPUStats docstring
We have few code samples there that are almost unreadable when formatted
because they are not indented properly.  By indenting them they are
formatted as code and hence quite readable.  Also adjust descriptions to
be comments and add semicolons so that the code sample looks like sample
of a working code.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-01-05 11:39:39 +01:00
Nikolay Shirokovskiy
2b8d0d44b9 libvirt: Update virDomainSetMemory description
virDomainSetMemory is documented to change only runtime configuration of
running domain. However, that's not true of all hypervisors supported.
Seems as though when commit id '0f2e50be5' added the current flag, the
function description should have been updated similar to when commit id
'c1795c52' updated the virDomainSetMaxMemory description. Especially since
commit id '80427f1d' updated the virsh 'setmem' description to indicate
"behavior is different depending on hypervisor."

This patch will update the description to match current functionality.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2015-12-04 16:43:35 -05:00
Jiri Denemark
63fd27cfa3 Enhance documentation of virDomainDetachDevice
Link it to virDomainDetachDeviceFlags.

https://bugzilla.redhat.com/show_bug.cgi?id=1257280

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2015-11-25 16:42:15 +01:00
Cole Robinson
01131c0b82 libvirt-domain: Fix typo in debug message 2015-11-18 19:28:45 -05:00
Luyao Huang
50be3b44c5 libvirt-domain: fix the error reporting when use the localhost as target uri
Remove the extra %s in error message when call virReportInvalidArg().

Signed-off-by: Luyao Huang <lhuang@redhat.com>
2015-10-27 10:43:52 +01:00
Luyao Huang
b02d0c33b0 libvirt-domain: fix no error report when p2p migrate fail
After commit a26669d7, we only jump to error when
virDomainMigrateUnmanagedParams return a value less than -1.
this will make the migrate result always be success even we
meet some problem.

Signed-off-by: Luyao Huang <lhuang@redhat.com>
2015-10-27 10:43:52 +01:00
Michal Privoznik
179d92c848 libvirt-domain: Drop virDomainMigrateCheckNotLocal attribute
Our apibuild.py script does not cope with ATTRIBUTE_NONNULL:

Parse Error: parsing function type, ')' expected
Got token  ('name', 'char')
Last token:  ('name', 'char')
Token queue:  [('op', '*'), ('name', 'dconnuri'), ('sep', ')')]
Line 3297 end:
Makefile:2441: recipe for target '../../docs/apibuild.py.stamp' failed

Let's drop it. Moreover, up until e17ae3ccc2 where it was
introduced we did not really care about NULL-ity of dconnuri. And
moreover the ATTRIBUTE_NONNULL merely checks for static calls
over NULL, it won't catch the dynamic ones, where a NULL is
passed by a variable at runtime.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-10-12 16:37:15 +02:00
Nikolay Shirokovskiy
44a96fe914 migration: check dconnuri in p2p mode
Check dconnuri is not null or we will catch nullpointer later.
I hope this makes Coverity happy.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2015-10-12 13:31:36 +02:00
Nikolay Shirokovskiy
a26669d753 migration: refactor: introduce parameter checking function
virDomainMigrateUnmanagedParams is not a good candidate for this functionality
as it is used by migrate family functions too and its have its own checks that
are superset of extracted and we don't need to check twice.

Actually name of the function is slightly misleading as there is also a check
for consistensy of flags parameter alone. So it could be refactored further and
reused by all migrate functions but for now let it be a matter of a different
patchset.

It is *not* a pure refactoring patch as it introduces offline check for older
versions. Looks like it must be done that way and no one will be broken too.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2015-10-12 13:31:32 +02:00
Nikolay Shirokovskiy
06c910eadf migration: merge all proto branches into single function
Finally on this step we get what we were aimed for - toURI{1, 2} (and
migration{*} APIs too) now can work thru V3_PARAMS protocol. Execution path
goes thru unchanged virDomainMigrateUnmanaged adapter function which is called
by all target places.

Note that we keep the fact that direct migration never works
thru V3_PARAMS proto. We can't change this aspect without
further investigation.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2015-10-12 13:31:28 +02:00
Nikolay Shirokovskiy
dce0162b9a migration: refactor: refactor parameter compatibility checks
Move virDomainMigrateUnmanagedProto* expected params list check into
function itself and use common virTypedParamsCheck for this purpose.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2015-10-12 13:31:26 +02:00
Nikolay Shirokovskiy
813355e256 migration: refactor: extract parameter adaption functions
Extract parameter adaptation and checking which is protocol dependent into
designated functions. Leave only branching and common checks in
virDomainMigrateUnmanagedParams.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2015-10-12 13:31:23 +02:00
Nikolay Shirokovskiy
8db77b372e migration: refactor: introduce params version of unmanaged
Let's put main functionality into params version of virDomainMigrateUnmanaged
as a preparation step for merging it with virDomainMigratePeer2PeerParams.
virDomainMigrateUnmanaged then does nothing more then just adapting arguments.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2015-10-12 13:31:18 +02:00
Nikolay Shirokovskiy
323ba66eaa migration: refactor: merge direct and p2p into unmanaged
p2p plain and direct function are good candidates for code reuse. Their main
function is same - to branch among different versions of migration protocol and
implementation of this function is also same. Also they have other common
functionality in lesser aspects. So let's merge them.

But as they have different signatures we have to get to convention on how to
pass direct migration 'uri' in 'dconnuri' and 'miguri'. Fortunately we alreay
have such convention in parameters passed to toURI2 function, just let's follow
it. 'uri' is passed in miguri and dconnuri is ignored.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2015-10-12 13:31:14 +02:00
Nikolay Shirokovskiy
5c239b3a2f migration: refactor: rename uri parameter to miguri
We use miguri name for this parameter in other places. So
make naming more consitent.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2015-10-12 13:31:11 +02:00
Michal Privoznik
cba522caf7 migration: remove direct migration dependency on version1 of driver
Direct migration should work if *perform3 is present but *perform
is not. This is situation when driver migration is implemented
after new version of driver function is introduced. We should not
be forced to support old version too as its parameter space is
subspace of newer one.
2015-10-12 13:30:58 +02:00
Nikolay Shirokovskiy
341216a0af migration: move implementation check to branches in p2p
This is more structured code so it will be easier to add branch for _PARAMS
protocol here. It is not a pure refactoring strictly speaking as we remove
scenarios for broken cases when driver defines V3 feature and implements
perform function. So it is additionally a more solid code.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2015-10-12 13:30:55 +02:00
Nikolay Shirokovskiy
e17ae3ccc2 migration: refactor: reuse p2p url check
Refactor dconnuri local server URI check to common API.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2015-10-12 13:30:53 +02:00
Nikolay Shirokovskiy
4a2409252e migration: refactor: get rid of use_params p2p_full
'useParams' parameter usage is an example of control coupling. Most of the work
inside the function is done differently except for the uri check. Lets split
this function into two, one with extensible parameters set and one with hardcoded
parameter set.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2015-10-12 13:30:49 +02:00
Christian Loehle
d3f6173086 Minor typo fixes in documentation
Signed-off-by: Christian Loehle <cloehle@linutronix.de>
2015-09-15 11:27:35 +02:00
John Ferlan
ea3c5f25eb qemu: Check virGetLastError return value for migration finish failure
Commit id '2e7cea243' added a check for an error from Finish instead
of 'unexpected error'; however, if for some reason there wasn't an
error, then virGetLastError could return NULL resulting in the
NULL pointer deref to err->domain.
2015-09-04 15:19:04 -04:00
Tomas Meszaros
6c2702eddf virDomainRename: Extend API documentation
Signed-off-by: Tomas Meszaros <exo@tty.sk>
2015-08-24 15:20:35 +02:00
John Ferlan
53058e11aa api: Adjust comment for virDomainAddIOThread
The comment for the function indicated that iothread_id had to be
a positive non-zero value; however, that wasn't checked - that is
a value of 0 is/was allowed by the API and was left up to the
hypervisor to reject the value.

More than likely this nuance was missed during the many "adjustments"
to the API in the review phase.
2015-08-18 14:36:21 -04:00
John Ferlan
d64b81a8f0 api: Remove check on iothread_id arg in virDomainPinIOThread
Allow 0 as an iothread_id and force the hypervisor to handle.
The qemuDomainPinIOThread API will look up the iothread_id of
0 and not find it and message that anyway.
2015-08-18 14:36:21 -04:00
Luyao Huang
2b3fb38fab libvirt-domain: forbid use virDomainRename in readonly connection
This function will change the guest name, we shouldn't
allow the readonly user do this.

Signed-off-by: Luyao Huang <lhuang@redhat.com>
2015-08-17 12:43:17 -04:00
Tomas Meszaros
9f7a559a6d Introduce virDomainRename API
Also, among with this new API new ACL that restricts rename
capability is invented too.

Signed-off-by: Tomas Meszaros <exo@tty.sk>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-08-14 10:50:20 +02:00
Michal Privoznik
bc359f77f3 virDomainCoreDumpWithFormat: Mention enum for @dumpformat
So the API takes @dumpformat argument. This is what makes it special
when compared to virDomainCoreDump. The argument is there so that
users can choose the format of resulting core dump file. And to ease
them the choosing process we even have an enum with supported values
across all the hypervisors. But we don't mention the enum in  the
function description anywhere. Fix it!

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-08-10 08:40:27 +02:00
Jiri Denemark
2e7cea2435 qemu: Use error from Finish instead of "unexpectedly failed"
When QEMU exits on destination during migration, the source reports
either success (if the failure happened at the very end) or unhelpful
"unexpectedly failed" error message. However, the Finish API called on
the destination may report a real error so let's use it instead of the
generic one.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2015-07-10 11:47:13 +02:00
Peter Krempa
14062e6fe5 internal: Introduce virCheckNonEmptyStringArgGoto and reuse it
The helper makes sure that strings passed to APIs are non-NULL and
non-empty. This allows to drop some inlined checks where it does not
make sense.
2015-06-26 16:05:10 +02:00
Peter Krempa
1d0fc8083c lib: setvcpus: Remove bogus flag check
Since VIR_DOMAIN_AFFECT_CURRENT is 0 the flag check does not make sense
as masking @flags with 0 will always equal to false.
2015-06-19 10:14:58 +02:00
Peter Krempa
efaa7197b6 lib: virDomainPinIOThread: Remove spurious overflow check
Internal structures use unsigned int, so there's no need for this legacy
check that was copied from the vCPU pinning api.
2015-06-04 10:52:31 +02:00
Peter Krempa
fbbea79890 conf: Store cpu count as unsigned int
While we probably won't see machines with more than 65536 cpus for a
while lets store the cpu count as an integer so that we can avoid quite
a lot of overflow checks in our code.
2015-06-04 10:52:30 +02:00
Laine Stump
e983e62514 debug: assure NULLSTR() around all %s args in debug at top of public APIs
There are also a couple that were very uninformatively just logging
the value of the pointer rather than the string itself:

* the "name" arg to virNodeDeviceLookupByName()
* wwnn and wwpn args to virNodeDeviceLookupSCSIHostByWWN()

All char*'s that make sense should now have their contents logged
rather than the pointer, and all %s args should now be inside
NULLSTR().
2015-05-28 13:13:45 -04:00
Ján Tomko
e8982c88bd Introduce virDomainSetUserPassword API
For setting passwords of users inside the domain.

With the VIR_DOMAIN_PASSWORD_ENCRYPTED flag set, the password
is assumed to be already encrypted by the method required
by the guest OS.

https://bugzilla.redhat.com/show_bug.cgi?id=1174177
2015-05-21 16:04:01 +02:00
Ján Tomko
3511c12244 reject out of range memory in SetMemory APIs
The APIs take the memory value in KiB and we store it in KiB
internally, but we cannot parse the whole ULONG_MAX range
on 64-bit systems, because virDomainParseScaledValue
needs to fit the value in bytes in an unsigned long long.

https://bugzilla.redhat.com/show_bug.cgi?id=1176739
2015-05-14 17:17:40 +02:00
Pavel Hrdina
28ca8520bb qemu: use new macros for setvcpus to check flags and cleanup the code
Now that we have macros for exclusive flags and flag requirements we can
use them to cleanup the code for setvcpus and error out for all wrong
flag combination.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2015-05-04 09:20:01 +02:00
Pavel Hrdina
ff3f93bcc2 use new macro helpers to check exclusive flags
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2015-05-04 09:20:00 +02:00
John Ferlan
130a0ed281 Implement virDomainAddIOThread and virDomainDelIOThread
Add libvirt API's to manage adding and deleting IOThreads to/from the
domain
2015-04-27 12:36:36 -04:00
Ján Tomko
682ba8e930 Add articles to virDomainDeviceDetachFlags docs
Reported by John Ferlan.
2015-04-14 15:32:24 +02:00
Noella Ashu
c4db8c5ee3 libvirt: virsh: Kill all uses of __FUNCTION__ in error messages
The error output of snapshot-revert should be more friendly.
There is no need to show virDomainRevertToSnapshot to user.
virReportError already includes __FUNCTION__ information in a
separate member of the struct, so repeating it in the message is
redundant and leads to situations where higher level code ends up
reporting the lower level name. We correctly converted the error
output making it more succinct and user-friendly.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1086726
2015-04-03 14:02:54 +02:00
Martin Kletzander
2a15fef067 Typos: Get rid of dependan(t|cies)
Dependant is flagged as wrong in US dictionary (only valid in UK
dictionary, and even then, it has only the financial sense and not the
inter-relatedness sense that we are more prone to be wanting throughout
code).

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-04-02 16:05:32 +02:00
Ján Tomko
a96b68e7a4 Rename DomainGetIOThreadsInfo to DomainGetIOThreadInfo
While it returns info about multiple threads, the version
without the plural is easier to read.
2015-03-26 16:11:10 +01:00
Ján Tomko
cf8b828a72 Rename virDomainIOThreadsInfoFree to virDomainIOThreadInfoFree
This function only frees the info for one thread.
2015-03-26 16:11:10 +01:00
Michal Privoznik
3640245db7 RPC: Allow HW address in remote_domain_interface struct to be NULL
Not all NICs (esp. the virtual ones like TUN) must have a hardware
address. Teach our RPC that it's possible.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-03-18 09:12:36 +01:00
Nehal J Wani
5b5242a7cb domifaddr: Implement the public APIs
Define helper function virDomainInterfaceFree, which allows
the upper layer application to free the domain interface object
conveniently.

The API is going to provide multiple methods by flags, e.g.
  * Query guest agent
  * Parse DHCP lease file

include/libvirt/libvirt-domain.h
  * Define virDomainInterfaceAddresses, virDomainInterfaceFree
  * Define structs virDomainInterface, virDomainIPAddress

src/driver-hypervisor.h:
  * Define domainInterfaceAddresses

src/libvirt-domain.c:
  * Implement virDomainInterfaceAddresses
  * Implement virDomainInterfaceFree

src/libvirt_public.syms:
  * Export the new symbols

Signed-off-by: Nehal J Wani <nehaljw.kkd1@gmail.com>
2015-03-17 15:15:38 +00:00
John Ferlan
71b234ce68 Implement public API for virDomainPinIOThread
Add virDomainPinIOThread to allow setting the CPU affinity for a specific
IOThread based on the output generated from virDomainGetIOThreadsInfo

The API supports updating both the --live domain and the --config data
2015-03-11 12:23:33 -04:00
Chen Fan
f276b36d65 qemu: fix memory leak in qemuAgentGetFSInfo
in virDomainFSInfoFree(), don't free the virDomainFSInfo data.

==10670== 80 bytes in 2 blocks are definitely lost in loss record 576 of 793
==10670==    at 0x4A06BC3: calloc (vg_replace_malloc.c:618)
==10670==    by 0x509DEBD: virAlloc (viralloc.c:144)
==10670==    by 0x19FBD558: qemuAgentGetFSInfo (qemu_agent.c:1837)
==10670==    by 0x1A03CF91: qemuDomainGetFSInfo (qemu_driver.c:19238)

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
2015-03-10 15:29:28 +01:00
John Ferlan
69e5f37c4a Remove ReadOnly check for GetIOThreadsInfo 2015-03-09 06:41:44 -04:00
John Ferlan
11a5a0956f Implement public API for virDomainGetIOThreadsInfo
Add virDomainGetIOThreadInfo in order to return a list of
virDomainIOThreadInfoPtr structures which list the IOThread ID
and the CPU Affinity map for each IOThread for the domain.

For an active domain, the live data will be returned, while for
an inactive domain, the config data will be returned.

The API supports either the --live or --config flag, but not both.

Also added virDomainIOThreadsInfoFree in order to free the cpumap
and the IOThreadInfo structure.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2015-03-06 06:49:32 -05:00
Pavel Hrdina
cf521fc8ba memtune: change the way how we store unlimited value
There was a mess in the way how we store unlimited value for memory
limits and how we handled values provided by user.  Internally there
were two possible ways how to store unlimited value: as 0 value or as
VIR_DOMAIN_MEMORY_PARAM_UNLIMITED.  Because we chose to store memory
limits as unsigned long long, we cannot use -1 to represent unlimited.
It's much easier for us to say that everything greater than
VIR_DOMAIN_MEMORY_PARAM_UNLIMITED means unlimited and leave 0 as valid
value despite that it makes no sense to set limit to 0.

Remove unnecessary function virCompareLimitUlong.  The update of test
is to prevent the 0 to be miss-used as unlimited in future.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1146539

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2015-03-06 11:52:24 +01:00
Ján Tomko
c6807b507a Clarify behavior or virDomainDetachDevice
Document that a complete device definition should be used
and a partial match can lead to the device being detached.

https://bugzilla.redhat.com/show_bug.cgi?id=872028
2015-02-25 10:06:41 +01:00
Daniel P. Berrange
dd69a14f90 Add support for schema validation when passing in XML
The virDomainDefineXMLFlags and virDomainCreateXML APIs both
gain new flags allowing them to be told to validate XML.
This updates all the drivers to turn on validation in the
XML parser when the flags are set
2015-01-15 16:40:27 +00:00
Daniel P. Berrange
2a5ee95441 Add new virDomainDefineXMLFlags public API
The virDomainDefineXML method is one of the few that still lacks
an 'unsigned int flags' parameter. This will be needed for adding
XML validation to this API. virDomainCreateXML fortunately already
has flags.
2015-01-13 10:35:09 +00:00
Eric Blake
4bffafb2eb getstats: add new flag for block backing chain
This patch introduces access to allocation information about
a backing chain of a live domain.  While querying storage
volumes for read-only disks could provide some of the details,
we do NOT want to read() a file while qemu is writing it.
Also, there is one case where we have to rely on qemu: when
doing a block commit into a backing file, where that file is
stored in qcow2 format on a host block device, we want to know
the current highest write offset into that image, in order to
know if the disk must be resized larger.  qemu-img does not
(currently) show this information, and none of the earlier
block APIs were extensible enough to expose it.  But
virDomainListGetStats is perfect for the job!

We don't need a new group of statistics, as the existing block
group is sufficient.  On the other hand, as existing libvirt
releases already report 1:1 mapping of block.count to <disk>
devices, changing the array size could confuse older clients;
and even with newer clients, the time and memory taken to
report additional statistics is not always necessary (backing
files are generally read-only except for block-commit, so while
read statistics may change, sizing statistics will not).  So
the choice here is to add a new flag that only newer callers
will pass, when they are prepared for the additional information.

This patch introduces the new API, but it will take more
patches to get it implemented for qemu.

* include/libvirt/libvirt-domain.h
(VIR_CONNECT_GET_ALL_DOMAINS_STATS_BACKING): New flag.
* src/libvirt-domain.c (virConnectGetAllDomainStats): Document it,
and add a new field when it is in use.
* tools/virsh-domain-monitor.c (cmdDomstats): Use new flag.
* tools/virsh.pod (domstats): Document it.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-12-17 01:41:38 -07:00
Eric Blake
7b499262cb getstats: add block.n.path stat
I'm about to make block stats optionally more complex to cover
backing chains, where block.count will no longer equal the number
of <disks> for a domain.  For these reasons, it is nicer if the
statistics output includes the source path (for local files).
This patch doesn't add anything for network disks, although we
may decide to add that later.

With this patch, I now see the following for the same domain as
in the previous patch (one qcow2 file, and an empty cdrom drive):
$ virsh domstats --block foo
Domain: 'foo'
  block.count=2
  block.0.name=hda
  block.0.path=/var/lib/libvirt/images/foo.qcow2
  block.1.name=hdc

* src/libvirt-domain.c (virConnectGetAllDomainStats): Document
new field.
* tools/virsh.pod (domstats): Document new field.
* src/qemu/qemu_driver.c (qemuDomainGetStatsBlock): Return the new
stat for local files/block devices.
(QEMU_ADD_NAME_PARAM): Add parameter.
(qemuDomainGetStatsInterface): Update caller.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-12-08 11:58:39 -07:00
Eric Blake
f301fe77c6 getstats: improve documentation
At least with 'virsh domstats --block' on an offline domain, we
currently output no stats even though we recognize the stat
category.  Although a later patch will improve this situation,
it is better to document that this is expected behavior.

Also, while the current implementation rejects filtering flags
for virDomainListGetStats, this limitation may be lifted in the
future and we do not enforce it at the API level.

* src/libvirt-domain.c (virConnectGetAllDomainStats): Document
that recognized stats might not be reported.
(virDomainListGetStats): Likewise, and tweak filtering documentation.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-12-08 09:45:55 -07:00
Michal Privoznik
cf54c60699 qemu_migration: Precreate missing storage
Based on previous commit, we can now precreate missing volumes. While
digging out the functionality from storage driver would be nicer, if
you've seen the code it's nearly impossible. So I'm going from the
other end:

1) For given disk target, disk path is looked up.
2) For the disk path, storage pool is looked up, a volume XML is
constructed and then passed to virStorageVolCreateXML() which has all
the knowledge how to create raw images, (encrypted) qcow(2) images,
etc.

One of the advantages of this approach is, we don't have to care about
image conversion - qemu does that for us. So for instance, users can
transform qcow2 into raw on migration (if the correct XML is passed to
the migration API).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-12-02 18:02:13 +01:00
Michal Privoznik
2cc8c44e2f libvirt.c: Move virDomainGetFSInfo to libvirt-domain.c
Since our big split of libvirt.c there are only a few functions
living there. The majority was moved to corresponding subfile,
e.g. domain functions were moved to libvirt-domain.c. However,
the patches for virDomainGetFSInfo() and virDomainFSInfoFree()
introduction were posted prior the big split and merged after.
This resulted in two domain functions landing in wrong file.
Move them to the correct one.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-12-02 13:49:50 +01:00
Eric Blake
b1674ad5a9 CVE-2014-7823: dumpxml: security hole with migratable flag
Commit 28f8dfd (v1.0.0) introduced a security hole: in at least
the qemu implementation of virDomainGetXMLDesc, the use of the
flag VIR_DOMAIN_XML_MIGRATABLE (which is usable from a read-only
connection) triggers the implicit use of VIR_DOMAIN_XML_SECURE
prior to calling qemuDomainFormatXML.  However, the use of
VIR_DOMAIN_XML_SECURE is supposed to be restricted to read-write
clients only.  This patch treats the migratable flag as requiring
the same permissions, rather than analyzing what might break if
migratable xml no longer includes secret information.

Fortunately, the information leak is low-risk: all that is gated
by the VIR_DOMAIN_XML_SECURE flag is the VNC connection password;
but VNC passwords are already weak (FIPS forbids their use, and
on a non-FIPS machine, anyone stupid enough to trust a max-8-byte
password sent in plaintext over the network deserves what they
get).  SPICE offers better security than VNC, and all other
secrets are properly protected by use of virSecret associations
rather than direct output in domain XML.

* src/remote/remote_protocol.x (REMOTE_PROC_DOMAIN_GET_XML_DESC):
Tighten rules on use of migratable flag.
* src/libvirt-domain.c (virDomainGetXMLDesc): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-11-06 08:20:07 +01:00
Daniel P. Berrange
67c08fccdc Move virDomain related APIs out of libvirt.c
Introduce a src/libvirt-domain.c file to hold all the
methods related to the virDomain type.
2014-10-24 16:59:56 +01:00