Latest upstream QEMU can be built with Xen support, which introduces
a -xen-domid argument. This was mistakenly detected as -domid due
to old Xenner support. Adapt to cope with both syntax. Also only
set domid if the virt type is xen, or the guest type is xen
* src/qemu_conf.c, src/qemu_conf.h: Detect new -xen-domid flag in
preference to -domid.
* tests/qemuxml2argvdata/qemuxml2argv-bootloader.args,
tests/qemuxml2argvdata/qemuxml2argv-input-xen.args: Add missing
-domid param
* tests/qemuxml2argvdata/qemuxml2argv-misc-uuid.args: Remove bogus
-boot param.
* tests/qemuxml2argvtest.c: Add missing QEMUD_CMD_FLAG_DOMID params
The commit cb51aa48a777ddae6997faa9f28350cb62655ffd "Fix up connection
reference counting." changed the driver closing and virConnectPtr
unref-logic in virConnectClose().
Before this commit virConnectClose() closed all drivers of the given
virConnectPtr and virUnrefConnect()'ed it afterwards. After this
commit the driver-closing is done in virUnrefConnect() if and only if
the ref-count of the virConnectPtr dropped to zero.
This change in execution order leads to a virConnectPtr leak, at least
for connections to Xen.
Before the commit this additional virConnectRef/virUnrefConnect calls
where no problem, because virConnectClose() closed the drivers
explicitly and the additional refs added by the Xen subdrivers were
removed properly. After the commit this additional refs result in a
virConnectPtr leak (including a leak of the hypercall file handle;
that's how I noticed this problem), because now the drivers are only
close if and only if the ref-count drops to zero, but this cannot
happen anymore, because the additional refs from the Xen subdrivers
would only be removed if the drivers get closed, but that doesn't
happen because the ref-count cannot drop to zero.
The fix for this problem is simple: remove the
virConnectRef/virUnrefConnect calls from the Xen subdrivers (see
attached patch). Maybe someone could explain why the Xen Inotify and
Xen Store driver do this extra ref-counting, but none of the other Xen
subdrivers. It seems unnecessary to me and can be removed without
problems.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
* src/conf/domain_conf.c: Don't assume all virDomainObjPtr have
a non-NULL monitor_chr field in virDomainObjFormat.
* src/lxc/lxc_driver.c: Implement suspend/resume driver APis
* src/util/cgroup.c, src/util/cgroup.h: Support the 'freezer'
cgroup controller
* src/libvirt_private.syms: Export virCgroupSetFreezerState
and virCgroupGetFreezerState
* docs/storage/: Move to examples/xml/storage/
* docs/test*.xml: Move to examples/xml/test/
* docs/Makefile.am: Remove example XML files from dist
* Makefile.am: Add examples/xml to EXTRA_DIST
* tests/virshtest.c: Update for moved test XML
* libvirt.spec.in: Include example XML files as docs
* tests/int-overflow: UPdate for moved XML
* docs/*.html, docs/devhelp/*.html, docs/html/*.html: Delete
* docs/.gitignore, docs/devhelp/.gitignore, docs/html/.gitignore:
Ignore generated docs files
* docs/Makefile.am: Rebuild all HTML docs for 'all' target
and include them in EXTRA_DIST and CLEANFILES
* docs/devhelp/Makefile.am: Include HTML in CLEANFILES
When making changes to the remote protocol, src/ is always built
first, so rpcgen should live there, to avoid having to run make
in the 'daemon/' directory before building src/
* src/Makefile.am: Add rules for rpcgen, and drop -I../daemon from
remote client build
* daemon/Makefile.am: Add -I../src/remote/ to libvirtd build
and remove rpcgen rules
* daemon/libvirtd.c: Adapt include of remote_driver.h taking
into account new -I flag
* daemon/remote_protocol.c, daemon/remote_protocol.h,
daemon/remote_protocol.x: Move to src/remote/
* daemon/rpcgen_fix.pl: Move to src/remote/rpcgen_fix.pl
* src/capabilities.c, src/capabilities.h, src/domain_conf.c,
src/domain_conf.h, src/domain_event.c, src/domain_event.h,
src/interface_conf.c, src/interface_conf.h,
src/network_conf.c, src/network_conf.h, src/node_device_conf.c,
src/node_device_conf.h, src/secret_conf.c, src/secret_conf.h,
src/storage_conf.c, src/storage_conf.h, src/storage_encryption_conf.c,
src/storage_encryption_conf.h: Move to src/conf/
* src/Makefile.am: Add -Isrc/conf to the individual build targets
which need to use XML config APIs. Remove LIBXML_CFLAGS, LIBSSH2_CFLAGS
and SELINUX_CFLAGS from global INCLUDES and only have them in build
targets which actually need them. Create a libvirt_conf.la
convenience library for all config parsers
* src/hostusb.h: Remove bogus include of domain_conf.h
* tests/Makefile.am: Add -Isrc/conf. Remove bogus -I$builddir/src
since it never has any generated header files
* daemon/Makefile.am: Add -Isrc/conf
* proxy/Makefile.am: Add -Isrc/conf and cope with renamed files
* src/hash.c: Remove bogus include of libxml/threads.h
Make pki_check.sh into an installed & supported tool
* docs/pki_check.sh: Move to tool/virt-pki-validate.in and add
in POD man page documentation
* tools/.gitignore: Ignore generated virt-pki-validate file
* tools/Makefile.am: Install & build virt-pki-validate and
virt-pki-validate.1
* docs/remote.html, docs/remote.html.in: Refer to new tool
name virt-pki-validate
* libvirt.spec.in, mingw32-libvirt.spec.in: Add virt-pki-validate
and virt-pki-validate.1 to files list
Re-arrange python generator to make it clear what's auto-generated
* README: New file describing what each file is used for
* livvirt-override.c, libvirt-override.py, libvirt-override-api.xml,
libvirt-override-virConnect.py: Manually written code overriding
the generator
* typewrappers.c, typewrappers.h: Data type wrappers
* generator.py: Automatically pre-prend contents of libvirt-override.py
to generated libvirt.py. Output into libvirt.py directly instead of
libvirtclass.py. Don't generate libvirtclass.txt at all. Write C
files into libvirt.c/.h directly
* Makefile.am: Remove rule for creating libvirt.py from libvirt-override.py
and libvirtclass.py, since generator.py does it directly
* Makefile.am: Add examples/dominfo examples/domsuspend examples/python
as SUBDIRS
* configure.in: Update AC_OUTPUT for new/old Makefiles
* docs/Makefile.am: Remove examples from SUBDIRS
* docs/examples/info1.c: Move to examples/dominfo/info1.c
* docs/examples/suspend.c: Move to examples/domsuspend/suspend.c
* docs/examples: Remove all remaining files
* docs/examples/python: Moved to examples/python/
* examples/dominfo/Makefile.am, examples/domsuspend/Makefile.am: New
build files
* libvirt.spec.in: Update to take account of moved examples
* daemon/default-network.xml: Move to src/network/default.xml
* daemon/libvirtd_qemu.aug, daemon/test_libvirtd_qemu.aug: Move
to src/qemu/
* src/qemu.conf: Move to src/qemu/qemu.conf
* daemon/Makefile.am: Remove rules for default-nmetwork.xml and
libvirtd_qemu.aug and test_libvirtd_qemu.aug. Fix typo in
uninstall-local that would install polkit again.
* src/Makefile.am: Add rules for installing network/default.xml
and the qemu/*.aug files. Add test case for QEMU augeas files.
Add uninstall-local rule for files/directories created during
install. Rename install-exec-local to install-data-local.
Only install qemu.conf if WITH_QEMU is set.
* tests/networkschematest: Update for XML location move
Some architectures in certain RHEL versions do not include any
hypervisors. Update the specfile to allow those to easily build
a remote client only version of libvirt. ie no libvirtd related
bits at all.
* qemud/Makefile.am: Always instal SASL config since its needed
by client too
* libvirt.spec.in: Re-factor specfile conditionals to allow entire
server side build to be disabled easily, eg a remote client only
build. Make RHEL-5 do client only build for s390/ppc. Make RHEL-6
do a client only build for all non-x86_64 archs. Enable LXC on
RHEL-6. Enable all Fedora >= 6 features on RHEL-6 too. Add some
more conditionals around dnsmasq/iptables/hal Requires tags.
Add missing e2fsprogs-devel BR for RHEL-5 as workaround for broken
parted. Fix the device mapper BR for RHEL-5. Add conditional rules
for ESX build. Add conditional rules for SELinux + HAL builds.
Fix a mistaken %{with_qemu} to be %{with_network} when setting
up default network XML
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
* configure.in: Only define WITH_SECRETS if libvirtd is present
* src/Makefile.am: Only build secrets driver if WITH_SECRETS is
defined. Always add SECRET_DRIVER_SOURCES to EXTRA_DIST
Integrate with QEMU monitor to provide encryption passphrase when
starting a guest using encrypted qcow volumes
* src/qemu_driver.c (findDomainDiskEncryption,
findVolumeQcowPassphrase,
qemudMonitorSendVolumePassphrase, qemudMonitorSendCont): Send a volume
passphrase if qemu asks for it.
Miloslav Trmač [Fri, 14 Aug 2009 18:06:59 +0000 (20:06 +0200)]
Provide missing passphrase when creating a volume.
If the <encryption format='qcow'> element does not specify a secret
during volume creation, generate a suitable secret and add it to the
<encryption> tag. The caller can view the updated <encryption> tag
using virStorageVolGetXMLDesc().
Similarly, when <encryption format='default'/> is specified while
creating a qcow or qcow2-formatted volume, change the format to "qcow"
and generate a secret as described above.
* src/storage_encryption_conf.h (VIR_STORAGE_QCOW_PASSPHRASE_SIZE,
virStorageGenerateQcowPasphrase),
src/storage_encryption_conf.c (virStorageGenerateQcowPasphrase),
src/libvirt_private.syms: Add virStorageGenerateQcowPasphrase().
* src/storage_backend.c (virStoragegenerateQcowEncryption,
virStorageBackendCreateQemuImg): Generate a passphrase and
<encryption> when creating a qcow-formatted encrypted volume and the
user did not supply the information.
Miloslav Trmač [Fri, 14 Aug 2009 19:48:55 +0000 (21:48 +0200)]
Local file implementation of secret driver API
This implementation stores the secrets in an unencrypted text file,
for simplicity in implementation and debugging.
(Symmetric encryption, e.g. using gpgme, will not be difficult to add.
Because the TLS private key used by libvirtd is stored unencrypted,
encrypting the secrets file does not currently provide much additional
security.)
* include/libvirt/virterror.h, src/virterror.c (VIR_ERR_NO_SECRET): New
error number.
* po/POTFILES.in, src/Makefile.am: Add secret_driver.
* bootstrap: Use gnulib's base64 module.
* src/secret_driver.c, src.secret_driver.h, src/libvirt_private.syms:
Add local secret driver.
* qemud/qemud.c (qemudInitialize): Use the local secret driver.
Miloslav Trmač [Fri, 14 Aug 2009 19:42:19 +0000 (21:42 +0200)]
Mask out flags used internally for virSecretGetValue
Add a VIR_SECRET_GET_VALUE_INTERNAL_CALL flag value, replacing the
originally separate libvirt_internal_call parameter. The flag is used
to differentiate external virSecretGetValue() calls from internal calls
by libvirt drivers that need to use the secret even if it is private.
* src/libvirt_internal.h Remove VIR_DOMAIN_XML_FLAGS_MASK
* src/driver.h Add VIR_SECRET_GET_VALUE_FLAGS_MASK constant and
VIR_SECRET_GET_VALUE_INTERNAL_CALL. Re-add the
VIR_DOMAIN_XML_FLAGS_MASK constant
* src/libvirt.c (virSecretGetValue): Don't allow the user to specify
internal flags.
The interface allows qemudMonitorSendCont() to report errors that are
not overridden by its callers.
Also fix a potential infinite loop in qemuDomainCoreDump() if sending
cont repeatedly fails.
* src/qemu_driver.c (qemudMonitorSendCont): New function.
(qemudAutostartConfigs): Reset error before each call to
qemudStartVMDaemon().
(qemudInitCpus, qemudDomainResume, qemudDomainCoreDump,
qemudDomainRestore, qemudDomainMigratePerform,
qemudDomainMigrateFinish2): Use qemudMonitorSendCont().
Cleanup sec driver error reporting to use virReportSystemError
* src/security_selinux.c: Use virReportSystemError whereever an
errno is involved
* src/qemu_driver.c: Don't overwrite error message from the
security driver
* src/security.h: Driver API for relabelling host devices
* src/security_selinux.c: Implement relabelling of PCI and USB
devices
* src/qemu_driver.c: Relabel USB/PCI devices before hotplug
Fix all thread locking bugs reported by object-locking test
case.
NB, some of the driver locking is getting too coarse. Driver
mutexes really need to be turned into RW locks instead to
significantly increase concurrency.
* src/lxc_driver.c: Fix useof driver when unlocked in the methods
lxcDomainGetInfo, lxcSetSchedulerParameters, and
lxcGetSchedulerParameters
* src/opennebula/one_driver.c: Fix missing unlock in oneDomainUndefine.
Fix use of driver when unlocked in oneDomainGetInfo,
oneGetOSType, oneDomainShutdown
* src/qemu_driver.c: Fix use of driver when unlocked in
qemudDomainSavem, qemuGetSchedulerType, qemuSetSchedulerParameters
and qemuGetSchedulerParameters
* src/storage_driver.c: Re-work storagePoolCreate to avoid bogus
lock checking warning. Re-work storageVolumeCreateXMLFrom to
remove a potential NULL de-reference & avoid bogus lock check
warnings
* src/test.c: Remove testDomainAssignDef since it break lock chekc
warnings.
* tests/object-locking.ml: Add oneDriverLock, oneDriverUnlock
and one_driver_t methods/types to allow lock checking on the
OpenNebula drivers
Mark McLoughlin [Thu, 10 Sep 2009 10:22:32 +0000 (11:22 +0100)]
Test that domain-specific qemu machine types are used correctly
* tests/testutilsqemu.c: add a machine types list for /usr/bin/kvm
which doesn't have any aliases, while the guest has aliases
* tests/qemuxml2argvdata/qemuxml2argv-machine-aliases2.*,
tests/qemuxml2argvtest.c: add a test using /usr/bin/kvm and make
sure that 'pc' machine type doesn't get canonicalized using the
aliases in the guest machine type list
Mark McLoughlin [Thu, 10 Sep 2009 11:19:33 +0000 (12:19 +0100)]
Simplify and fix qemudCanonicalizeMachine()
The algorithm is quite simple:
If the emulator matches a guest's domain:
if domain has machine type info:
check the domain's machine type info
else
check the guest's default machine type info
else if the emulator matches the guest's default emulator:
check the guest's default machine type info
The previous implementation was incorrectly falling back to the default
machine type info if the domain's machine type info didn't have an
alias.
* src/qemu_driver.c: simplify and fix qemudCanonicalizeMachine()
Mark McLoughlin [Thu, 10 Sep 2009 10:19:12 +0000 (11:19 +0100)]
Test qemu machine aliases
* tests/testutilsqemu.c: make 'pc' an alias for qemu-system-x86_64
* tests/qemuxml2argvdata/qemuxml2argv-machine-aliases1.*,
tests/qemuxml2argvtest.c: add a test which uses qemu-system-x86_64
and make sure the machine type is canonicalized.
Mark McLoughlin [Thu, 10 Sep 2009 08:52:46 +0000 (09:52 +0100)]
Add a more featureful qemu capabilities test data
Things added include
- x86_64 host
- Migration features
- NUMA topology
- Security model
- Canonical machine types
- Domain machine types
- An arm guest
- More machine types for mips, mipsel, sparc and ppc
- An x86_64 xenner guest
This file was generated on a Fedora 12 machine using latest libvirt
and qemu-kvm-0.11.0-rc2
* tests/capabilityschemadata/caps-qemu-kvm.xml: add more features
to test
projects / libvirt.git / log