Commit Graph

161 Commits

Author SHA1 Message Date
Daniel P. Berrange
15f5eaa098 Introduce a new DAC security driver for QEMU
This new security driver is responsible for managing UID/GID changes
to the QEMU process, and any files/disks/devices assigned to it.

* qemu/qemu_conf.h: Add flag for disabling automatic file permission
  changes
* qemu/qemu_security_dac.h, qemu/qemu_security_dac.c: New DAC driver
  for QEMU guests
* Makefile.am: Add new files
2010-01-21 14:00:16 +00:00
Cole Robinson
5073aa994a Implement path lookup for USB by vendor:product
Based off how QEMU does it, look through /sys/bus/usb/devices/* for
matching vendor:product info, and if found, use info from the surrounding
files to build the device's /dev/bus/usb path.

This fixes USB device assignment by vendor:product when running qemu
as non-root (well, it should, but for some reason I couldn't reproduce
the failure people are seeing in [1], but it appears to work properly)

[1] https://bugzilla.redhat.com/show_bug.cgi?id=542450
2010-01-13 15:24:41 -05:00
Cole Robinson
a3dddc0020 events: Report errors on failure 2010-01-13 14:24:07 -05:00
Daniel P. Berrange
66b3250563 Revert 7aee22939f
Revert commit 7aee22939f since it
is mistakenly adding an extra parameter to virsh that does not
belong there.
2010-01-12 12:48:34 +00:00
David Jorm
7aee22939f cpu_shares parameter limit documented 2010-01-12 12:24:04 +10:00
Daniel Veillard
8459f6e284 Update and regenerate localizations
upate of as.po bn_IN.po de.po es.po gu.po hi.po kn.po ml.po mr.po or.po
pa.po pl.po ru.po ta.po te.po zh_CN.po and regeneration
2009-12-23 15:55:47 +01:00
Jiri Denemark
7286882c34 Adds CPU selection infrastructure
Each driver supporting CPU selection must fill in host CPU capabilities.
When filling them, drivers for hypervisors running on the same node as
libvirtd can use cpuNodeData() to obtain raw CPU data. Other drivers,
such as VMware, need to implement their own way of getting such data.
Raw data can be decoded into virCPUDefPtr using cpuDecode() function.

When implementing virConnectCompareCPU(), a hypervisor driver can just
call cpuCompareXML() function with host CPU capabilities.

For each guest for which a driver supports selecting CPU models, it must
set the appropriate feature in guest's capabilities:

    virCapabilitiesAddGuestFeature(guest, "cpuselection", 1, 0)

Actions needed when a domain is being created depend on whether the
hypervisor understands raw CPU data (currently CPUID for i686, x86_64
architectures) or symbolic names has to be used.

Typical use by hypervisors which prefer CPUID (such as VMware and Xen):

- convert guest CPU configuration from domain's XML into a set of raw
  data structures each representing one of the feature policies:

    cpuEncode(conn, architecture, guest_cpu_config,
              &forced_data, &required_data, &optional_data,
              &disabled_data, &forbidden_data)

- create a mask or whatever the hypervisor expects to see and pass it
  to the hypervisor

Typical use by hypervisors with symbolic model names (such as QEMU):

- get raw CPU data for a computed guest CPU:

    cpuGuestData(conn, host_cpu, guest_cpu_config, &data)

- decode raw data into virCPUDefPtr with a possible restriction on
  allowed model names:

    cpuDecode(conn, guest, data, n_allowed_models, allowed_models)

- pass guest->model and guest->features to the hypervisor

* src/cpu/cpu.c src/cpu/cpu.h src/cpu/cpu_generic.c
  src/cpu/cpu_generic.h src/cpu/cpu_map.c src/cpu/cpu_map.h
  src/cpu/cpu_x86.c src/cpu/cpu_x86.h src/cpu/cpu_x86_data.h
* configure.in: check for CPUID instruction
* src/Makefile.am: glue the new files in
* src/libvirt_private.syms: add new private symbols
* po/POTFILES.in: add new cpu files containing translatable strings
2009-12-18 16:13:45 +01:00
Daniel Veillard
c7c42a85b9 Fixes syntax-check with previous commit
* po/POTFILES.in: adds src/conf/cpu_conf.c in teh set of files with
  translatable content
* src/conf/cpu_conf.c: remove an unused include
2009-12-18 14:50:04 +01:00
Daniel Veillard
0c3fb8d41c Fix 'make syntax-check' after iptables.c cleanup 2009-12-11 10:09:26 +01:00
Daniel P. Berrange
3a4f172fdd Support for JSON mode monitor
Initial support for the new QEMU monitor protocol  using JSON
as the data encoding format instead of plain text

* po/POTFILES.in: Add src/qemu/qemu_monitor_json.c
* src/qemu/qemu_conf.c, src/qemu/qemu_conf.h: Hack to turn on QMP
  mode. Replace with a version number check on >= 0.12 later
* src/qemu/qemu_monitor.c: Delegate to json monitor if enabled
* src/qemu/qemu_monitor_json.c, src/qemu/qemu_monitor_json.h: Add
  impl of QMP protocol
* src/Makefile.am: Add src/qemu/qemu_monitor_json.{c,h}
2009-12-08 13:46:54 +00:00
Daniel P. Berrange
9428f2ced6 Introduce a simple API for handling JSON data
This introduces simple API for handling JSON data. There is
an internal data structure 'virJSONValuePtr' which stores a
arbitrary nested JSON value (number, string, array, object,
nul, etc).  There are APIs for constructing/querying objects
and APIs for parsing/formatting string formatted JSON data.

This uses the YAJL library for parsing/formatting from

 http://lloyd.github.com/yajl/

* src/util/json.h, src/util/json.c: Data structures and APIs
  for representing JSON data, and parsing/formatting it
* configure.in: Add check for yajl library
* libvirt.spec.in: Add build requires for yajl
* src/Makefile.am: Add json.c/h
* src/libvirt_private.syms: Export JSON symbols to drivers
2009-12-07 14:14:36 +00:00
Daniel P. Berrange
37f415da42 Pull schedular affinity code out into a separate module
* src/Makefile.am: Add processinfo.h/processinfo.c
* src/util/processinfo.c, src/util/processinfo.h: Module providing
  APIs for getting/setting process CPU affinity
* src/qemu/qemu_driver.c: Switch over to new APIs for schedular
  affinity
* src/libvirt_private.syms: Export virProcessInfoSetAffinity
  and virProcessInfoGetAffinity to internal drivers
2009-11-23 11:58:13 +00:00
Daniel Veillard
b8d4b6bec9 Release of libvirt-0.7.3
* configure.in docs/news.html.in libvirt.spec.in: describe new release
* po/*.po*: regenerate
2009-11-20 17:31:13 +01:00
Daniel Veillard
bbf20165cc Updated localization and regenerated the pos
updated el.po es.po or.po pl.po ta.po te.po
ran make update-po
2009-11-17 12:24:42 +01:00
David Allan
3ad6dcf3dc Implement a node device backend using libudev
* configure.in: add new --with-udev, disabled by default, and requiring
  libudev > 145
* src/node_device/node_device_udev.c src/node_device/node_device_udev.h:
  the new node device backend
* src/node_device/node_device_linux_sysfs.c: moved node_device_hal_linux.c
  to a better file name
* src/conf/node_device_conf.c src/conf/node_device_conf.h: add a couple
  of fields in node device definitions, and an API to look them up,
  remove a couple of unused fields from previous patch.
* src/node_device/node_device_driver.c src/node_device/node_device_driver.h:
  plug the new driver
* po/POTFILES.in src/Makefile.am src/libvirt_private.syms: add the new
  files and symbols
* src/util/util.h src/util/util.c: add a new convenience macro
  virBuildPath and virBuildPathInternal() function
2009-11-12 22:48:24 +01:00
Daniel P. Berrange
ff26194143 Move code for low level QEMU monitor interaction into separate file
The qemu_driver.c code should not contain any code that interacts
with the QEMU monitor at a low level. A previous commit moved all
the command invocations out. This change moves out the code which
actually opens the monitor device.

* src/qemu/qemu_driver.c: Remove qemudOpenMonitor & methods called
  from it.
* src/Makefile.am: Add qemu_monitor.{c,h}
* src/qemu/qemu_monitor.h: Add qemuMonitorOpen()
* src/qemu/qemu_monitor.c: All code for opening the monitor
2009-11-10 12:14:22 +00:00
Gerhard Stenzel
0aa72ac6fd add MAC address based port filtering to qemu
* src/qemu/qemu.conf src/qemu/qemu_conf.c src/qemu/qemu_conf.h: there is
  a new config type option for mac filtering
* src/qemu/qemu_bridge_filter.[ch]: new module for the ebtable entry points
* src/qemu/qemu_driver.c: plug the MAC filtering at the right places
  in the domain life cycle
* src/Makefile.am po/POTFILES.in: add the new module
2009-11-03 23:44:48 +01:00
Daniel Veillard
4348a4a85a Fixing ca.po 2009-10-14 10:32:53 +02:00
Daniel Veillard
d66fab6eea Updated and regenerated localizations
* de.po ja.po it.po hi.po gu.po or.po mr.po ml.po kn.po ru.po pl.po
  pa.po te.po ta.po: many updates
2009-10-14 10:30:25 +02:00
Jamie Strandboge
bbaecd6a8f sVirt AppArmor security driver
* configure.in: look for AppArmor and devel
* src/security/security_apparmor.[ch] src/security/security_driver.c
  src/Makefile.am: add and plug the new driver
* src/security/virt-aa-helper.c: new binary which is used exclusively by
  the AppArmor security driver to manipulate AppArmor.
* po/POTFILES.in: registers the new files
* tests/Makefile.am tests/secaatest.c tests/virt-aa-helper-test:
  tests for virt-aa-helper and the security driver, secaatest.c is
  identical to seclabeltest.c except it initializes the 'apparmor'
  driver instead of 'selinux'
2009-10-08 16:34:22 +02:00
Chris Lalancette
9d162096ca Add src/util/storage_file.c to the POTFILES.in.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2009-09-30 14:12:03 +02:00
Daniel P. Berrange
d790a66d6b Handle incoming data streams in libvirtd
* daemon/stream.c: Handle incoming stream data packets, queuing until
  stream becomes writable. Handle stream completion handshake
* po/POTFILES.in: Add daemon/stream.c
2009-09-29 15:48:58 +01:00
Daniel P. Berrange
a541c76238 Pull QEMU monitor interaction out to separate file
Pull out all the QEMU monitor interaction code to a separate
file. This will make life easier when we need to drop in a
new implementation for the forthcoming QMP machine friendly
monitor support.

Next step is to add formal APIs for each monitor command,
and remove direct commands for sending/receiving generic
data.

* src/Makefile.am: Add qemu_monitor.c to build
* src/qemu/qemu_driver.c: Remove code for monitor interaction
* src/qemu/qemu_monitor_text.c, src/qemu/qemu_monitor_text.h: New
  file for monitor interaction
* po/POTFILES.in: Add src/qemu/qemu_monitor_text.c
2009-09-29 11:47:05 +01:00
Daniel P. Berrange
7ad5c00ed9 Misc syntax-check fixes 2009-09-21 14:41:47 +01:00
Daniel Veillard
a640328f8c Update a number of localizations and regenerate
* as.po bn_IN.po de.po gu.po hi.po kn.po ko.po ml.po mr.po or.po pa.po
  pl.po ta.po te.po zh_CN.po got updated
2009-09-15 13:59:13 +02:00
Miloslav Trmač
03d338608d Local file implementation of secret driver API
This implementation stores the secrets in an unencrypted text file,
for simplicity in implementation and debugging.

(Symmetric encryption, e.g. using gpgme, will not be difficult to add.
Because the TLS private key used by libvirtd is stored unencrypted,
encrypting the secrets file does not currently provide much additional
security.)

* include/libvirt/virterror.h, src/virterror.c (VIR_ERR_NO_SECRET): New
  error number.
* po/POTFILES.in, src/Makefile.am: Add secret_driver.
* bootstrap: Use gnulib's base64 module.
* src/secret_driver.c, src.secret_driver.h, src/libvirt_private.syms:
  Add local secret driver.
* qemud/qemud.c (qemudInitialize): Use the local secret driver.
2009-09-11 14:54:46 +01:00
Miloslav Trmač
b9a8bef477 Add an internal <secret> XML handling API
Add a <secret> XML handling API, separate from the local driver, to
avoid manually generating XML in other parts of libvirt.

* src/secret_conf.c, src/secret_conf.h: New files.
* po/POTFILES.in, src/Makefile.am: Add secret_conf.
2009-09-11 14:54:40 +01:00
Daniel Veillard
657326cfe3 Updated a number of localizations and regenerated 2009-09-08 16:14:08 +02:00
Dave Allan
ee8a06f833 Multipath storage support module
* configure.in src/Makefile.am src/storage_backend.[ch]
  src/storage_conf.[ch] src/storage_backend_mpath.[ch] po/POTFILES.in:
  add a new module for storage multipath, it requires device-mapper
2009-09-08 15:47:45 +02:00
Miloslav Trmač
05b9b8fda3 Add volume encryption information handling.
Define an <encryption> tag specifying volume encryption format and
format-depenedent parameters (e.g. passphrase, cipher name, key
length, key).

Currently the only defined parameter is a reference to a "secret"
(passphrase/key) managed using the virSecret* API.

Only the qcow/qcow2 encryption format, and a "default" format used to
let libvirt choose the format during volume creation, is currently
supported.

This patch does not add any users; the <encryption> tag is added in
the following patches to both volumes (to support encrypted volume
creation) and domains.

* docs/*.html: Re-generate
* docs/formatstorageencryption.html.in, docs/sitemap.html.in:
  Add page describing storage encryption data format
* docs/schemas/Makefile.am, docs/schemas/storageencryption.rng:
  Add RNG schema for storage encryption format
* po/POTFILES.in: Add src/storage_encryption_conf.c
* src/libvirt_private.syms: Export virStorageEncryption* functions
* src/storage_encryption_conf.h, src/storage_encryption_conf.c: Internal
  helper APIs for dealing with storage encryption format
* libvirt.spec.in, mingw32-libvirt.spec.in: Add storageencryption.rng
  RNG schema
2009-09-01 18:27:28 +01:00
Daniel Veillard
3697a0cef6 Update chinese, polish and spanish localizations
* po/*: and update the po set
2009-09-01 15:09:21 +02:00
Amy Griffis
22a1ec68d5 Tighten libvirt's parsing of logging env
* src/libvirt.c src/logging.c: Don't convert high priority levels to the
  debug level. Don't parse LIBVIRT_LOG_FILTERS and LIBVIRT_LOG_OUTPUTS
  when they're set to the empty string. Warn when the user specifies an
  invalid value (empty string remains a noop).
* po/POTFILES.in: src/logging.c now include translatable strings
2009-08-06 15:38:11 +02:00
Daniel Veillard
22a5ebe44b Release of libvirt-0.7.0
* configure.in NEWS docs/* libvirt.spec.in include/libvirt/libvirt.h:
  Release of 0.7.0
* po/*.po*: updated and regenerated the localization pool
2009-08-05 16:00:41 +02:00
Cole Robinson
115c02e871 Add phyp files to POTFILES, to make syntax-check happy. 2009-07-26 17:56:00 -04:00
Daniel Veillard
909d647aab Activate the interface drivers, and cleanups
* src/libvirt.c: activate the interface drivers
* po/POTFILES.in: add the netcf driver as a source of localization strings
* src/interface_driver.c: NETCF_ENOMEM -> VIR_ERR_NO_MEMORY mapping was
  breaking syntax checking
2009-07-21 16:15:39 +02:00
Daniel P. Berrange
a147ef3837 Split generic RPC message dispatch code out from remote protocol API handlers
* po/POTFILES.in: Add qemud/dispatch.c
* qemud/dispatch.c, qemud/dispatch.h: Generic code handling dispatch of
  RPC messages.
* qemud/Makefile.am: Add dispatch.c to build
* qemud/qemud.c: Include dispatch.h
* qemud/qemud.h: Remove remoteDispatchClientRequest, remoteRelayDomainEvent
  now in dispatch.h
* qemud/remote.c: Remove remoteDispatchClientRequest, remoteRelayDomainEvent
  now in dispatch.c, and dispatch_args, dispatch_ret, dispatch_fn & dispatch_data
  now in remote.h
* qemud/remote.h: Add typedefs for dispatch_args, dispatch_ret,
  dispatch_fn, dispath_data. Add remoteGetDispatchData() API
2009-07-16 16:09:41 +01:00
Daniel Veillard
2f5fb5e09d add support for netcf XML import and export
* src/interface_conf.c src/interface_conf.h: the import and export
  routines and the internal APIs
* src/Makefile.am: hook the new file in the makefiles
* src/libvirt_private.syms: export a few private symbols internally
* po/POTFILES.in: the new file contains translatable strings
2009-07-15 20:16:26 +02:00
Jim Meyering
fb98f4b10d remove all .cvsignore files 2009-07-08 16:17:51 +02:00
Jim Meyering
7bb22f58b8 make .gnulib a submodule
This makes it so we record (via a git submodule)
a snapshot of whatever version of gnulib we're using,
and none of gnulib sources are in the libvirt repository.
The result is that we have as much reproducibility as when
we version-controlled imported copies of the gnulib sources,
but without the hassle of the manual process we used when
syncing with upstream.

Note that when you clone libvirt, you get only the libvirt
repository, but when you first run ./bootstrap, it clones
gnulib (at the SHA1 recorded via the submodule), creating
the .gnulib/ hierarchy.  Then, the bootstrap script runs
gnulib-tool to populate gnulib/ with the files that make
up the selected modules.

Put the following in your ~/.gitconfig file.
[alias]
  syncsub = submodule foreach git pull origin master

The update procedure is simple:
  git syncsub
  ...build & test...
  git commit -m 'gnulib: sync submodule to latest' .gnulib

* .gitmodules: New file.
* .gnulib: Initialize.
* bootstrap: Set up to use the new submodule.
Stop using --no-vc-files.
Don't remove .gitignore files.
Don't use or create .cvsignore.
Diagnose an invalid --gnulib-srcdir=DIR argument.
* build-aux/vc-list-files: Delete file, now pulled from gnulib.
* build-aux/useless-if-before-free: Likewise.
* po/POTFILES.in: Remove gnulib/lib/gai_strerror.c, since
it no longer contains translatable strings.
* gnulib/*: Remove gnulib/ hierarchy.
2009-07-08 16:17:51 +02:00
Daniel Veillard
c759ae5509 Release of libvirt-0.6.5
* configure.in libvirt.spec.in NEWS docs/* po/*: release of
  libvirt-0.6.5
* .gitignore: adding cscope files
Daniel
2009-07-03 14:32:17 +00:00
Daniel Veillard
88b4cc5fe9 Regenerated the documentation and localization files
* src/libvirt.c src/virterror.c: fix some missing comments in public
  modules.
* docs/libvirt-api.xml docs/libvirt-refs.xml
  docs/devhelp/libvirt-libvirt.html docs/html/libvirt-libvirt.html:
  regenerated documentation
* po/*: updated the polish localization and regenerated
Daniel
2009-07-01 13:08:17 +00:00
Daniel P. Berrange
73f34b31f5 Fix broken dominfo command when no security driver is implemented 2009-06-25 09:37:22 +00:00
Daniel Veillard
8ceac55c29 * po/*: update a lot of translations, and regenerate the po* files
daniel
2009-06-24 17:42:04 +00:00
Daniel Veillard
81d0ffbc3b NPIV implementation for node device create and destroy
* src/Makefile.am src/node_device.[ch] src/node_device_conf.[ch]
  src/node_device_hal.[ch] src/node_device_hal_linux.c
  src/qemu_driver.c src/remote_internal.c src/storage_backend.c
  src/virsh.c src/xen_unified.c tests/nodedevxml2xmltest.c
  po/POTFILES.in: implementation for node device create and destroy
  in NPIV support, patch by David Allan
Daniel
2009-06-02 15:12:53 +00:00
Daniel Veillard
66220e3e61 release of libvirt-0.6.4
* configure.in libvirt.spec.in NEWS docs/* po/*: release of
  libvirt-0.6.4
* src/libvirt.c src/virterror.c: some comments cleanups
Daniel
2009-05-29 16:51:15 +00:00
Daniel Veillard
a35f6aee6a * po/*: update of many localizations, regenerate the po
Daniel
2009-05-29 12:08:49 +00:00
Daniel P. Berrange
ee8553e156 Fix misc syntax problems with open nebula driver 2009-05-28 13:11:22 +00:00
Cole Robinson
af8600678d Update POTFILES, and s/write/safewrite/ to appease 'make syntax-check' 2009-05-12 20:44:29 +00:00
Daniel Veillard
9cae1d5ed6 release of 0.6.3
* NEWS configure.in libvirt.spec.in docs/*: release of 0.6.3
* po/*: regenerated
* src/libvirt.c src/virterror.c: fixed some function comments
Daniel
2009-04-24 14:04:54 +00:00
Daniel Veillard
741fecedaa Update of localizations and XML descriptions
* po/*: updated a could of locale, regenerated
* docs/libvirt-api.xml docs/libvirt-refs.xml: regenerated too
daniel
2009-04-24 10:09:24 +00:00