So far the references to other filters needed to appear before filtering
rules. With the below patch they can now appear in any order.
Also I forgot to add a couple of 'rarp's.
This patch adds support for the RARP protocol. This may be needed due to
qemu sending out a RARP packet (at least that's what it seems to want to
do even though the protocol id is wrong) when migration finishes and
we'd need a rule to let the packets pass.
Unfortunately my installation of ebtables does not understand -p RARP
and also seems to otherwise depend on strings in /etc/ethertype
translated to protocol identifiers. Therefore I need to pass -p 0x8035
for RARP. To generally get rid of the dependency of that file I switch
all so far supported protocols to use their protocol identifier in the
-p parameter rather than the string.
I am also extending the schema and added a test case.
changes from v1 to v2:
- added test case into patch
With this patch I want to enable hex number inputs in the filter XML. A
number that was entered as hex is also printed as hex unless a string
representing the meaning can be found.
I am also extending the schema and adding a test case. A problem with
the DSCP value is fixed on the way as well.
Changes from V1 to V2:
- using asHex boolean in all printf type of functions to select the
output format in hex or decimal format
* configure.ac docs/news.html.in libvirt.spec.in src/libvirt_public.syms:
updates for release of 0.8.0
* po/*.po po/libvirt.pot: updated a lar set of localizations, and merge
the messages
Extend tests to cover all SCSI controller types and document the
new type.
The lsisas1068 SCSI controller type was added in ESX 4.0. The VMX
parser reports an error when this controller type is present. This
makes virsh dumpxml fail for every domain that uses this controller
type.
This patch fixes this and adds lsisas1068 to the list of accepted
SCSI controller types.
Reported by Jonathan Kelley.
This patch adds a relaxng nwfilter schema along with a test that
verifies all the test output XML against the schema. The input XMLs
contain a lot of intentional out-of-range values that make them fail the
schema verification, so I am not verifying against those.
The clock timer XML is being updated in the following ways (based on
further off-list discussion that was missed during the initial
implementation):
1) 'wallclock' is changed to 'track', and the possible values are 'boot'
(corresponds to old 'host'), 'guest', and 'wall'.
2) 'mode' has an additional value 'smpsafe'
3) when tickpolicy='catchup', there can be an optional sub-element of
timer called 'catchup':
<catchup threshold=123 slew=120 limit=10000/>
Those three values are all longs, always optional, and if they are present,
they are positive. Internally, 0 indicates "unspecified".
* docs/schemas/domain.rng: updated RNG definition to account for changes
* src/conf/domain_conf.h: change the C struct and enums to match changes.
* src/conf/domain_conf.c: timer parse and format functions changed to
handle the new selections and new element.
* src/libvirt_private.syms: *TimerWallclock* changes to *TimerTrack*
* src/qemu/qemu_conf.c: again, account for Wallclock --> Track change.
* cfg.mk (sc_prohibit_test_minus_ao): Also check for [.
* docs/Makefile.am (%.html, html/index.html): Avoid non-portable
test usage.
* libvirt.spec.in (%post): Likewise.
* tools/virt-pki-validate.in (servercert.pem): Likewise.
* configure.ac (LOGNAME): Use test, not [, in files processed by
autoconf.
Detected by Matthias Bolte.
timers are sub-elements of clocks. A clock can have zero or more
instances of timer. Within the timer, only the name attribute is
required; all other attributes are optional.
A simpler representation of a timer element is:
<timer name='platform|pit|rtc|hpet|tsc'
wallclock='host|guest'
tickpolicy='delay|catchup|merge|discard'
frequency='123'
mode='auto|native|emulate|paravirt'
present='yes|no'/>
frequency is a ulong. All other attributes are simple enums.
* Fixes per feedback from Dan and Daniel
* Added test datafiles
* Re-disabled JSON flags
* Added code to print the error policy attribute when generating XML
* Re-add empty tag
In the documentation mention that the direct device support is there
since libvirt 0.7.7. A Linux kernel 2.6.34 is required for macvtap to be
available as standard device.
With N_() in place, we can use it for a smaller file.
* doc/api-extension/0008-Step-8-of-8-Add-virsh-support.patch:
Replace all uses of gettext_noop with N_.
* tools/virsh.c: Likewise, throughout the file.
* configure.ac libvirt.spec.in: update with new version
* docs/news.html.in: add list of changes in 0.7.7
* po/*po*: updated spanish and russian localisations, rebuilt
This extends the XML to allow for
<clock offset='timezone' timezone='Europe/Paris'/>
This is useful if the admin has not configured any timezone on the
host OS, but still wants to synchronize a guest to a specific one.
* src/conf/domain_conf.h, src/conf/domain_conf.c: Support extra
'timezone' attribute on clock configuration
* docs/schemas/domain.rng: Add 'timezone' attribute
* src/xen/xend_internal.c, src/xen/xm_internal.c: Reject configs
with a configurable timezone
This introduces a third option for clock offset synchronization,
that allows an arbitrary / variable adjustment to be set. In
essence the XML contains the time delta in seconds, relative to
UTC.
<clock offset='variable' adjustment='123465'/>
The difference from 'utc' mode, is that management apps should
track adjustments and preserve them at next reboot.
* docs/schemas/domain.rng: Schema for new clock mode
* src/conf/domain_conf.c, src/conf/domain_conf.h: Parse
new clock time delta
* src/libvirt_private.syms, src/util/xml.c, src/util/xml.h: Add
virXPathLongLong() method
Add missing rule to build html/libvirt-libvirt.html.
Use a GNU Make pattern rule to avoid running apibuild.py once
for each out-of-date target, in a parallel build.
* docs/Makefile.am
* docs/Makefile.am (libvirt-api.xml libvirt-refs.xml): Generalize
apibuild.py to work in a non-srcdir build. Pass "srcdir" to it.
* docs/apibuild.py (rebuild): Honor the $srcdir envvar.
* docs/Makefile.am (MAINTAINERCLEANFILES): Use this variable
for generated-and-distributed files, not "CLEANFILES".
Besides, "make clean" and "make distclean" should not delete
distributed files.
Add support for virtio-serial by defining a new 'virtio' channel target type
and a virtio-serial controller. Allows the following to be specified in a
domain:
<controller type='virtio-serial' index='0' ports='16' vectors='4'/>
<channel type='pty'>
<target type='virtio' name='org.linux-kvm.port.0'/>
<address type='virtio-serial' controller='0' bus='0'/>
</channel>
* docs/schemas/domain.rng: Add virtio-serial controller and virtio
channel type.
* src/conf/domain_conf.[ch]: Domain parsing/serialization for
virtio-serial controller and virtio channel.
* tests/qemuxml2xmltest.c
tests/qemuxml2argvdata/qemuxml2argv-channel-virtio.xml: add domain xml
parsing test
* src/libvirt_private.syms src/qemu/qemu_conf.c:
virDomainDefAddDiskControllers() renamed to
virDomainDefAddImplicitControllers()
The current schema is more permissive than the XML parsing code in
libvirt. Precisely, 'match' attribute is optional in schema while in
reality its use is bound to <model> element:
- <cpu> element without 'match' attribute is allowed only if <topology>
element is the only child element of <cpu>
- <cpu> element with 'match' attribute requires <model> element to be
present; <topology> and <feature> elements are optional
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
When attaching a USB host device based on vendor/product, libvirt
will resolve the vendor/product into a device/bus pair. This means
that when printing XML we should allow device/bus info to be printed
at any time if present
* src/conf/domain_conf.c, docs/schemas/domain.rng: Allow USB device
bus info alongside vendor/product
Allows the initiator to use a variety of IQNs rather than just the
system IQN when creating iSCSI pools.
* docs/schemas/storagepool.rng: extends the syntax with <iqn name="..."/>
* src/conf/storage_conf.[ch]: read and stores the iqn name
* src/storage/storage_backend_iscsi.[ch]: implement the IQN selection
when detected
The RNG now supports IPv6 and bonds attached to bridges, along with
some other minor tweaks. All test files from netcf have been copied to
the test directory and added to the xml2xml and schema tests (and they
all pass, of course ;-)
Currently CPU topology may only be specified together with CPU model:
<cpu match='exact'>
<model>name</model>
<topology sockets='1' cores='2' threads='3'/>
</cpu>
This patch allows for CPU topology specification without the need for
also specifying CPU model:
<cpu>
<topology sockets='1' cores='2' threads='3'/>
</cpu>
'match' attribute and 'model' element are made optional with the
restriction that 'match' attribute has to be set when 'model' is
present.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Although the serial, parallel, chanel, input & fs devices do
not have PCI address info, they can all have device aliases.
Thus it neccessary to associate the virDomainDeviceInfo data
with them all.
* src/conf/domain_conf.c, src/conf/domain_conf.h: Add hooks for
parsing / formatting device info for serial, parallel, channel
input and fs devices.
* docs/schemas/domain.rng: Associate device info with character
devices, input & fs device
The latter is not officially "wrong", but *is* terribly anachronistic.
I think automake documentation or comments call that syntax obsolescent.
* cfg.mk (_makefile_at_at_check_exceptions): Exempt @SCHEMADIR@
and @SYSCONFDIR@ uses -- there are no Makefile variables for those.
* docs/Makefile.am: Use $(INSTALL), not @INSTALL@.
* examples/dominfo/Makefile.am: Similar.
* examples/domsuspend/Makefile.am: Similar.
* proxy/Makefile.am: Similar.
* python/Makefile.am: Similar.
* python/tests/Makefile.am: Similar.
* src/Makefile.am: Similar.
* tests/Makefile.am: Similar.
This augments virDomainDevice with a <controller> element
that is used to represent disk controllers (e.g., scsi
controllers). The XML format is given by
<controller type="scsi" index="<num>">
<address type="pci" domain="0xNUM" bus="0xNUM" slot="0xNUM"/>
</controller>
where type denotes the disk interface (scsi, ide,...), index
is an integer that identifies the controller for association
with disks, and the <address> element specifies the controller
address on the PCI bus as described in previous commits
The address element can be omitted; in this case, an address
will be assigned automatically.
Most of the code in this patch is from Wolfgang Mauerer's
previous disk controller series
* docs/schemas/domain.rng: Define syntax for <controller>
XML element
* src/conf/domain_conf.c, src/conf/domain_conf.h: Define
virDomainControllerDef struct, and routines for parsing
and formatting XML
* src/libvirt_private.syms: Add virDomainControllerInsert
and virDomainControllerDefFree
Add the virDomainDeviceAddress information to the sound, video
and watchdog devices. This means all of them gain the new XML
element
<address .... />
This brings them upto par with disk/net/hostdev devices which
already have address info
* src/conf/domain_conf.h: Add virDomainDeviceAddress to sound,
video & watchdog device struts.
* src/conf/domain_conf.c: Hook up parsing/formatting for
virDomainDeviceAddress in sound, video & watchdog devices
* docs/schemas/domain.rng: Associate device address info
with sound, video & watchdog
Introduce a new structure
struct _virDomainDeviceDriveAddress {
unsigned int controller;
unsigned int bus;
unsigned int unit;
};
and plug that into virDomainDeviceAddress and generates XML that
looks like
<address type='drive' controller='1' bus='0' unit='5'/>
This syntax will be used by the QEMU driver to explicitly control
how drives are attached to the bus
* src/conf/domain_conf.h, src/conf/domain_conf.c: Parsing and
formatting of drive addresses
* docs/schemas/domain.rng: Define new address format for drives
All guest devices now use a common device address structure
summarized by:
enum virDomainDeviceAddressType {
VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE,
VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI,
};
struct _virDomainDevicePCIAddress {
unsigned int domain;
unsigned int bus;
unsigned int slot;
unsigned int function;
};
struct _virDomainDeviceInfo {
int type;
union {
virDomainDevicePCIAddress pci;
} addr;
};
This replaces the anonymous structs in Disk/Net/Hostdev data
structures. Where available, the address is *always* printed
in the XML file, instead of being hidden in the internal state
file.
<address type='pci' domain='0x0000' bus='0x1e' slot='0x07' function='0x0'/>
The structure definition is based on Wolfgang Mauerer's disk
controller patch series.
* docs/schemas/domain.rng: Define the <address> syntax and
associate it with disk/net/hostdev devices
* src/conf/domain_conf.h, src/conf/domain_conf.c,
src/libvirt_private.syms: APIs for parsing/formatting address
information. Also remove the QEMU specific 'pci_addr' attributes
* src/qemu/qemu_driver.c: Replace use of 'pci_addr' attrs with
new standardized format.
* docs/Makefile.am (uninstall-local): Separate $$f from preceding
dir name with a "/" and use $$(basename $$f) rather than $$f, since
some values of $$f are prefixed with devhelp/.
The MAC addresses with 00:50:56 prefix are split into several ranges:
00:50:56:00:00:00 - 00:50:56:3f:ff:ff 'static' range (manually assigned)
00:50:56:80:00:00 - 00:50:56:bf:ff:ff 'vpx' range (assigned by a VI Client)
Erroneously the 'vpx' range was assumed to be larger and to occupy the
remaining addresses of the 00:50:56 prefix that are not part of the 'static'
range.
00:50:56 was used as prefix for generated MAC addresses, this is not possible
anymore, because there are gaps in the allowed ranges. Therefore, change the
prefix to 00:0c:29 which is the prefix for auto generated MAC addresses anyway.
Allow arbitrary MAC addresses to be used and set the checkMACAddress VMX option
to false in case the MAC address doesn't fall into any predefined range.
* docs/drvesx.html.in: update website accordingly
* src/esx/esx_driver.c: set the auto generation prefix to 00:0c:29
* src/esx/esx_vmx.c: fix MAC address range handling and allow arbitrary MAC
addresses
* tests/vmx2xml*, tests/xml2vmx*: add some basic MAC address range tests
XML schema for CPU flags
Firstly, CPU topology and model with optional features have to be
advertised in host capabilities:
<host>
<cpu>
<arch>ARCHITECTURE</arch>
<features>
<!-- old-style features are here -->
</features>
<model>NAME</model>
<topology sockets="S" cores="C" threads="T"/>
<feature name="NAME"/>
</cpu>
...
</host>
Secondly, drivers which support detailed CPU specification have to
advertise
it in guest capabilities:
<guest>
...
<features>
<cpuselection/>
</features>
</guest>
And finally, CPU may be configured in domain XML configuration:
<domain>
...
<cpu match="MATCH">
<model>NAME</model>
<topology sockets="S" cores="C" threads="T"/>
<feature policy="POLICY" name="NAME"/>
</cpu>
</domain>
Where MATCH can be one of:
- 'minimum' specified CPU is the minimum requested CPU
- 'exact' disable all additional features provided by host CPU
- 'strict' fail if host CPU doesn't exactly match
POLICY can be one of:
- 'force' turn on the feature, even if host doesn't have it
- 'require' fail if host doesn't have the feature
- 'optional' match host
- 'disable' turn off the feature, even if host has it
- 'forbid' fail if host has the feature
'force' and 'disable' policies turn on/off the feature regardless of its
availability on host. 'force' is unlikely to be used but its there for
completeness since Xen and VMWare allow it.
'require' and 'forbid' policies prevent a guest from being started on a host
which doesn't/does have the feature. 'forbid' is for cases where you disable
the feature but a guest may still try to access it anyway and you don't want
it to succeed.
'optional' policy sets the feature according to its availability on host.
When a guest is booted on a host that has the feature and then migrated to
another host, the policy changes to 'require' as we can't take the feature
away from a running guest.
Default policy for features provided by host CPU but not specified in domain
configuration is set using match attribute of cpu tag. If 'minimum' match is
requested, additional features will be treated as if they were specified
with 'optional' policy. 'exact' match implies 'disable' policy and 'strict'
match stands for 'forbid' policy.
* docs/schemas/capability.rng docs/schemas/domain.rng: extend the
RelaxNG schemas to add CPU flags support
The description mismatched the actual structure since the video element
was introduced. The nvram attribute is actually called vram. Specify the
unit of the vram attribute.
The owner and group in the documentation examples were confusingly given as
'0744'. They should be numeric uid and gid. Changed the examples to use the
default uid and gid assigned to qemu in F12.
* docs/formatstorage.html.in: Change example owner and group in volume XML
Replace free(virBufferContentAndReset()) with virBufferFreeAndReset().
Update documentation and replace all remaining calls to free() with
calls to VIR_FREE(). Also add missing calls to virBufferFreeAndReset()
and virReportOOMError() in OOM error cases.