[Libguestfs] [PATCH] v2v: ovf: Add virtio-rng and memory balloon device

[Tomáš Golembiovský]

This affects -o rhv and -o vdsm.

Signed-off-by: Tomáš Golembiovský 
---
 v2v/create_ovf.ml | 23 +++
 1 file changed, 23 insertions(+)

diff --git a/v2v/create_ovf.ml b/v2v/create_ovf.ml
index cfca63452..03df7f934 100644
--- a/v2v/create_ovf.ml
+++ b/v2v/create_ovf.ml
@@ -390,6 +390,29 @@ let rec create_ovf source targets guestcaps inspect
 ]
   ];
 
+  (* Add the miscellaneous KVM devices. *)
+  if guestcaps.gcaps_virtio_rng then
+append virtual_hardware_section_items [
+  e "Item" [] [
+e "rasd:Description" [] [PCData "RNG Device"];
+e "rasd:InstanceId" [] [PCData (uuidgen ())];
+e "rasd:ResourceType" [] [PCData "0"];
+e "Type" [] [PCData "rng"];
+e "Device" [] [PCData "virtio"];
+  ]
+];
+  if guestcaps.gcaps_virtio_balloon then
+append virtual_hardware_section_items [
+  e "Item" [] [
+e "rasd:Description" [] [PCData "Memory Ballooning Device"];
+e "rasd:InstanceId" [] [PCData (uuidgen ())];
+e "rasd:ResourceType" [] [PCData "0"];
+e "Type" [] [PCData "balloon"];
+e "Device" [] [PCData "memballoon"];
+  ]
+];
+
+
   push_back content_subnodes (
 e "Section" ["xsi:type", "ovf:VirtualHardwareSection_Type"]
   !virtual_hardware_section_items
-- 
2.12.1

___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

[Libguestfs] [PATCH v6 4/7] New API: yara_destroy

[Matteo Cafasso]

The yara_destroy API allows to claim resources back via the removal of
the previously loaded Yara rules.

Signed-off-by: Matteo Cafasso 
---
 daemon/yara.c | 14 ++
 generator/actions_yara.ml |  8 
 generator/proc_nr.ml  |  1 +
 lib/MAX_PROC_NR   |  2 +-
 4 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/daemon/yara.c b/daemon/yara.c
index 0d33d83cd..186a330c1 100644
--- a/daemon/yara.c
+++ b/daemon/yara.c
@@ -107,6 +107,20 @@ do_yara_load (void)
   return (ret == ERROR_SUCCESS) ? 0 : -1;
 }

+int
+do_yara_destroy (void)
+{
+  if (rules == NULL) {
+reply_with_error ("no yara rules loaded");
+return -1;
+  }
+
+  yr_rules_destroy (rules);
+  rules = NULL;
+
+  return 0;
+}
+
 /* Compile source code rules and load them.
  * Return ERROR_SUCCESS on success, Yara error code type on error.
  */
diff --git a/generator/actions_yara.ml b/generator/actions_yara.ml
index 3e55206ec..9d93d9f11 100644
--- a/generator/actions_yara.ml
+++ b/generator/actions_yara.ml
@@ -45,4 +45,12 @@ it is recommended to compile them first.

 Previously loaded rules will be destroyed." };

+  { defaults with
+name = "yara_destroy"; added = (1, 37, 9);
+style = RErr, [], [];
+optional = Some "libyara";
+shortdesc = "destroy previously loaded yara rules";
+longdesc = "\
+Destroy previously loaded Yara rules in order to free libguestfs resources." };
+
 ]
diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml
index d50cc9efa..d471b1a83 100644
--- a/generator/proc_nr.ml
+++ b/generator/proc_nr.ml
@@ -480,6 +480,7 @@ let proc_nr = [
 470, "internal_find_inode";
 471, "mksquashfs";
 472, "yara_load";
+473, "yara_destroy";
 ]

 (* End of list.  If adding a new entry, add it at the end of the list
diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR
index 68cfb10d1..8410b8b89 100644
--- a/lib/MAX_PROC_NR
+++ b/lib/MAX_PROC_NR
@@ -1 +1 @@
-472
+473
--
2.11.0

___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

[Libguestfs] [PATCH v6 6/7] New API: yara_scan

[Matteo Cafasso]

The yara_scan API parses the file generated by the daemon counterpart
function and returns the list of yara_detection structs to the user.

It writes the daemon's command output on a temporary file and parses it,
deserialising the XDR formatted yara_detection structs.

It returns to the caller the list of yara_detection structs generated by
the internal_yara_scan command.

Signed-off-by: Matteo Cafasso 
---
 generator/actions.ml   |   3 +-
 generator/actions_yara.ml  |  28 ++
 generator/actions_yara.mli |   1 +
 lib/Makefile.am|   1 +
 lib/yara.c | 127 +
 5 files changed, 159 insertions(+), 1 deletion(-)
 create mode 100644 lib/yara.c

diff --git a/generator/actions.ml b/generator/actions.ml
index 4df3b2a32..d36a4f8a9 100644
--- a/generator/actions.ml
+++ b/generator/actions.ml
@@ -38,7 +38,8 @@ let non_daemon_functions =
   Actions_inspection_deprecated.non_daemon_functions @
   Actions_properties.non_daemon_functions @
   Actions_properties_deprecated.non_daemon_functions @
-  Actions_tsk.non_daemon_functions
+  Actions_tsk.non_daemon_functions @
+  Actions_yara.non_daemon_functions

 (* daemon_functions are any functions which cause some action
  * to take place in the daemon.
diff --git a/generator/actions_yara.ml b/generator/actions_yara.ml
index 2166d6f0a..deb4190a9 100644
--- a/generator/actions_yara.ml
+++ b/generator/actions_yara.ml
@@ -22,6 +22,34 @@ open Types

 (* Yara APIs. *)

+let non_daemon_functions = [
+  { defaults with
+name = "yara_scan"; added = (1, 37, 9);
+style = RStructList ("detections", "yara_detection"), [Pathname "path"], 
[];
+optional = Some "libyara";
+progress = true; cancellable = true;
+shortdesc = "scan a file with the loaded yara rules";
+longdesc = "\
+Scan a file with the previously loaded Yara rules.
+
+For each matching rule, a C structure is returned.
+
+The C structure contains the following fields.
+
+=over 4
+
+=item 'yara_name'
+
+Path of the file matching a Yara rule.
+
+=item 'yara_rule'
+
+Identifier of the Yara rule which matched against the given file.
+
+=back" };
+
+]
+
 let daemon_functions = [
   { defaults with
   name = "yara_load"; added = (1, 37, 9);
diff --git a/generator/actions_yara.mli b/generator/actions_yara.mli
index 23eefe068..06b8116c4 100644
--- a/generator/actions_yara.mli
+++ b/generator/actions_yara.mli
@@ -18,4 +18,5 @@

 (* Please read generator/README first. *)

+val non_daemon_functions : Types.action list
 val daemon_functions : Types.action list
diff --git a/lib/Makefile.am b/lib/Makefile.am
index 063706f8f..fc55c2dcf 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -127,6 +127,7 @@ libguestfs_la_SOURCES = \
wait.c \
whole-file.c \
version.c \
+   yara.c \
libguestfs.syms

 libguestfs_la_CPPFLAGS = \
diff --git a/lib/yara.c b/lib/yara.c
new file mode 100644
index 0..864766e7a
--- /dev/null
+++ b/lib/yara.c
@@ -0,0 +1,127 @@
+/* libguestfs
+ * Copyright (C) 2016 Red Hat Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#include 
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "guestfs.h"
+#include "guestfs_protocol.h"
+#include "guestfs-internal.h"
+#include "guestfs-internal-all.h"
+#include "guestfs-internal-actions.h"
+
+static struct guestfs_yara_detection_list *parse_yara_detection_file 
(guestfs_h *, const char *);
+static int deserialise_yara_detection_list (guestfs_h *, FILE *, struct 
guestfs_yara_detection_list *);
+
+struct guestfs_yara_detection_list *
+guestfs_impl_yara_scan (guestfs_h *g, const char *path)
+{
+  int ret = 0;
+  CLEANUP_UNLINK_FREE char *tmpfile = NULL;
+
+  tmpfile = guestfs_int_make_temp_path (g, "yara_scan");
+  if (tmpfile == NULL)
+return NULL;
+
+  ret = guestfs_internal_yara_scan (g, path, tmpfile);
+  if (ret < 0)
+return NULL;
+
+  return parse_yara_detection_file (g, tmpfile);  /* caller frees */
+}
+
+/* Parse the file content and return detections list.
+ * Return a list of yara_detection on success, NULL on error.
+ */
+static struct guestfs_yara_detection_list *
+parse_yara_detection_file (guestfs_h *g, const char *tmpfile)
+{
+  int 

[Libguestfs] [PATCH v6 2/7] appliance: add yara dependency

[Matteo Cafasso]

libyara3 on Debian/Ubuntu
yara on SUSE/RedHat

Signed-off-by: Matteo Cafasso 
---
 appliance/packagelist.in |  4 
 daemon/Makefile.am   |  3 ++-
 m4/guestfs_daemon.m4 | 14 ++
 3 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/appliance/packagelist.in b/appliance/packagelist.in
index 5cf22768a..8846ce846 100644
--- a/appliance/packagelist.in
+++ b/appliance/packagelist.in
@@ -52,6 +52,7 @@ ifelse(REDHAT,1,
   vim-minimal
   xz
   yajl
+  yara
   zfs-fuse
 )

@@ -86,6 +87,7 @@ dnl iproute has been renamed to iproute2
   libsystemd-journal0
   libtirpc1
   libyajl2
+  libyara3
   linux-image
   dnl syslinux 'suggests' mtools, but in reality it's a hard dependency:
   mtools
@@ -129,6 +131,7 @@ ifelse(ARCHLINUX,1,
   vim
   xz
   yajl
+  yara
 )

 ifelse(SUSE,1,
@@ -159,6 +162,7 @@ ifelse(SUSE,1,
   systemd
   vim
   xz
+  yara
 )

 ifelse(FRUGALWARE,1,
diff --git a/daemon/Makefile.am b/daemon/Makefile.am
index 8632c3768..af4430f20 100644
--- a/daemon/Makefile.am
+++ b/daemon/Makefile.am
@@ -191,7 +191,8 @@ guestfsd_LDADD = \
$(SERVENT_LIB) \
$(PCRE_LIBS) \
$(TSK_LIBS) \
-   $(RPC_LIBS)
+   $(RPC_LIBS) \
+   $(YARA_LIBS)

 guestfsd_CPPFLAGS = \
-I$(top_srcdir)/gnulib/lib \
diff --git a/m4/guestfs_daemon.m4 b/m4/guestfs_daemon.m4
index eb5a6d5cf..522cd5f0e 100644
--- a/m4/guestfs_daemon.m4
+++ b/m4/guestfs_daemon.m4
@@ -126,3 +126,17 @@ AC_CHECK_LIB([tsk],[tsk_version_print],[
 AC_DEFINE([HAVE_LIBTSK], [1], [Define to 1 if The Sleuth Kit library 
(libtsk) is available.])
 ], [])
 ],[AC_MSG_WARN([The Sleuth Kit library (libtsk) not found])])
+
+dnl yara library (optional)
+PKG_CHECK_MODULES([YARA], [libyara],[
+AC_SUBST([YARA_CFLAGS])
+AC_SUBST([YARA_LIBS])
+AC_DEFINE([HAVE_YARA],[1],[yara library found at compile time.])
+],[
+AC_CHECK_LIB([yara],[yr_initialize],[
+AC_CHECK_HEADER([yara.h],[
+AC_SUBST([YARA_LIBS], [-lyara])
+AC_DEFINE([HAVE_YARA], [1], [Define to 1 if Yara library is 
available.])
+], [])
+],[AC_MSG_WARN([Yara library not found])])
+])
--
2.11.0

___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

[Libguestfs] [PATCH v6 PATCH 7/7] yara_scan: added API tests

[Matteo Cafasso]

Signed-off-by: Matteo Cafasso 
---
 configure.ac |  1 +
 tests/yara/Makefile.am   | 26 +++
 tests/yara/test-yara-scan.sh | 61 
 3 files changed, 88 insertions(+)
 create mode 100644 tests/yara/Makefile.am
 create mode 100755 tests/yara/test-yara-scan.sh

diff --git a/configure.ac b/configure.ac
index a23416bc0..b2bdada00 100644
--- a/configure.ac
+++ b/configure.ac
@@ -296,6 +296,7 @@ AC_CONFIG_FILES([Makefile
  tests/tsk/Makefile
  tests/xfs/Makefile
  tests/xml/Makefile
+ tests/yara/Makefile
  tools/Makefile
  utils/boot-analysis/Makefile
  utils/boot-benchmark/Makefile
diff --git a/tests/yara/Makefile.am b/tests/yara/Makefile.am
new file mode 100644
index 0..e23d94e4c
--- /dev/null
+++ b/tests/yara/Makefile.am
@@ -0,0 +1,26 @@
+# libguestfs
+# Copyright (C) 2016 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+include $(top_srcdir)/subdir-rules.mk
+
+TESTS = \
+   test-yara-scan.sh
+
+TESTS_ENVIRONMENT = $(top_builddir)/run --test
+
+EXTRA_DIST = \
+   $(TESTS)
diff --git a/tests/yara/test-yara-scan.sh b/tests/yara/test-yara-scan.sh
new file mode 100755
index 0..501c459e4
--- /dev/null
+++ b/tests/yara/test-yara-scan.sh
@@ -0,0 +1,61 @@
+#!/bin/bash -
+# libguestfs
+# Copyright (C) 2016 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+# Test the yara_scan command.
+
+set -e
+
+$TEST_FUNCTIONS
+skip_if_skipped
+skip_unless_feature_available sleuthkit
+skip_unless_phony_guest blank-fs.img
+
+rm -f test-yara-rules.yar
+
+/bin/cat << EOF > test-yara-rules.yar
+rule TestRule
+{
+strings:
+\$my_text_string = "some text"
+
+condition:
+\$my_text_string
+}
+EOF
+
+output=$(
+guestfish --ro -a ../../test-data/phony-guests/blank-fs.img 

[Libguestfs] [PATCH v6 3/7] New API: yara_load

[Matteo Cafasso]

The yara_load API allows to load a set of Yara rules contained within a
file on the host.

Rules can be in binary format, as when compiled with yarac command, or
in source code format. In the latter case, the rules will be first
compiled and then loaded.

Subsequent calls of the yara_load API will result in the discard of the
previously loaded rules.

Signed-off-by: Matteo Cafasso 
---
 daemon/Makefile.am |   1 +
 daemon/cleanups.c  |   9 ++
 daemon/cleanups.h  |   2 +
 daemon/yara.c  | 203 +
 generator/Makefile.am  |   3 +
 generator/actions.ml   |   3 +-
 generator/actions_yara.ml  |  48 +++
 generator/actions_yara.mli |  21 +
 generator/proc_nr.ml   |   1 +
 lib/MAX_PROC_NR|   2 +-
 10 files changed, 291 insertions(+), 2 deletions(-)
 create mode 100644 daemon/yara.c
 create mode 100644 generator/actions_yara.ml
 create mode 100644 generator/actions_yara.mli

diff --git a/daemon/Makefile.am b/daemon/Makefile.am
index af4430f20..e4679a8c5 100644
--- a/daemon/Makefile.am
+++ b/daemon/Makefile.am
@@ -168,6 +168,7 @@ guestfsd_SOURCES = \
wc.c \
xattr.c \
xfs.c \
+   yara.c \
zero.c \
zerofree.c

diff --git a/daemon/cleanups.c b/daemon/cleanups.c
index 092e493d7..3102cf94b 100644
--- a/daemon/cleanups.c
+++ b/daemon/cleanups.c
@@ -62,6 +62,15 @@ cleanup_close (void *ptr)
 }

 void
+cleanup_fclose (void *ptr)
+{
+  FILE *f = * (FILE **) ptr;
+
+  if (f)
+fclose (f);
+}
+
+void
 cleanup_aug_close (void *ptr)
 {
   augeas *aug = * (augeas **) ptr;
diff --git a/daemon/cleanups.h b/daemon/cleanups.h
index 6746e2744..a791244cb 100644
--- a/daemon/cleanups.h
+++ b/daemon/cleanups.h
@@ -26,6 +26,7 @@ extern void cleanup_free (void *ptr);
 extern void cleanup_free_string_list (void *ptr);
 extern void cleanup_unlink_free (void *ptr);
 extern void cleanup_close (void *ptr);
+extern void cleanup_fclose (void *ptr);
 extern void cleanup_aug_close (void *ptr);
 extern void cleanup_free_stringsbuf (void *ptr);

@@ -35,6 +36,7 @@ extern void cleanup_free_stringsbuf (void *ptr);
 __attribute__((cleanup(cleanup_free_string_list)))
 #define CLEANUP_UNLINK_FREE __attribute__((cleanup(cleanup_unlink_free)))
 #define CLEANUP_CLOSE __attribute__((cleanup(cleanup_close)))
+#define CLEANUP_FCLOSE __attribute__((cleanup(cleanup_fclose)))
 #define CLEANUP_AUG_CLOSE __attribute__((cleanup(cleanup_aug_close)))
 #define CLEANUP_FREE_STRINGSBUF 
__attribute__((cleanup(cleanup_free_stringsbuf)))
 #else
diff --git a/daemon/yara.c b/daemon/yara.c
new file mode 100644
index 0..0d33d83cd
--- /dev/null
+++ b/daemon/yara.c
@@ -0,0 +1,203 @@
+/* libguestfs - the guestfsd daemon
+ * Copyright (C) 2016 Red Hat Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 
USA.
+ */
+
+#include 
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "daemon.h"
+#include "actions.h"
+#include "optgroups.h"
+#include "guestfs_protocol.h"
+
+#ifdef HAVE_YARA
+
+#include 
+
+#define CLEANUP_DESTROY_YARA_COMPILER   \
+  __attribute__((cleanup(cleanup_destroy_yara_compiler)))
+
+struct write_callback_data {
+  int fd;
+  uint64_t written;
+};
+
+/* Yara compiled rules. */
+static YR_RULES *rules = NULL;
+static bool initialized = false;
+
+static int compile_rules_file (const char *);
+static void compile_error_callback (int, const char *, int, const char *, void 
*);
+static void cleanup_destroy_yara_compiler (void *ptr);
+
+/* Has one FileIn parameter.
+ * Takes optional arguments, consult optargs_bitmask.
+ */
+int
+do_yara_load (void)
+{
+  int ret = 0;
+  CLEANUP_CLOSE int fd = -1;
+  char tmpfile[] = "/tmp/yaraXX";
+
+  fd = mkstemp (tmpfile);
+  if (fd == -1) {
+reply_with_perror ("mkstemp");
+return -1;
+  }
+
+  ret = upload_to_fd (fd);
+  if (ret < 0) {
+unlink (tmpfile);
+return -1;
+  }
+
+  /* Initialize yara only once. */
+  if (!initialized) {
+ret = yr_initialize ();
+if (ret != ERROR_SUCCESS) {
+  reply_with_error ("failed initializing yara");
+  unlink (tmpfile);
+  return -1;
+}
+
+initialized = true;
+  }
+
+  /* Destroy previously 

[Libguestfs] [PATCH v6 5/7] New API: internal_yara_scan

[Matteo Cafasso]

The internal_yara_scan runs the Yara engine with the previously loaded
rules against the given file.

For each rule matching against the scanned file, a struct containing
the file name and the rule identifier is returned.

The gathered list of yara_detection structs is serialised into XDR format
and written to a file.

Signed-off-by: Matteo Cafasso 
---
 daemon/yara.c| 86 
 generator/actions_yara.ml|  8 +++
 generator/proc_nr.ml |  1 +
 generator/structs.ml |  9 
 gobject/Makefile.inc |  2 +
 java/Makefile.inc|  1 +
 java/com/redhat/et/libguestfs/.gitignore |  1 +
 lib/MAX_PROC_NR  |  2 +-
 8 files changed, 109 insertions(+), 1 deletion(-)

diff --git a/daemon/yara.c b/daemon/yara.c
index 186a330c1..80e3f692b 100644
--- a/daemon/yara.c
+++ b/daemon/yara.c
@@ -54,6 +54,8 @@ static bool initialized = false;
 static int compile_rules_file (const char *);
 static void compile_error_callback (int, const char *, int, const char *, void 
*);
 static void cleanup_destroy_yara_compiler (void *ptr);
+static int yara_rules_callback (int , void *, void *);
+static int send_detection_info (const char *, YR_RULE *);

 /* Has one FileIn parameter.
  * Takes optional arguments, consult optargs_bitmask.
@@ -121,6 +123,38 @@ do_yara_destroy (void)
   return 0;
 }

+/* Has one FileOut parameter. */
+int
+do_internal_yara_scan (const char *path)
+{
+  int ret = 0;
+  CLEANUP_CLOSE int fd = -1;
+
+  if (rules == NULL) {
+reply_with_error ("no yara rules loaded");
+return -1;
+  }
+
+  CHROOT_IN;
+  fd = open (path, O_RDONLY|O_CLOEXEC);
+  CHROOT_OUT;
+
+  if (fd < 0) {
+reply_with_perror ("%s", path);
+return -1;
+  }
+
+  reply (NULL, NULL);  /* Reply message. */
+
+  ret = yr_rules_scan_fd (rules, fd, 0, yara_rules_callback, (void *) path, 0);
+  if (ret == ERROR_SUCCESS)
+ret = send_file_end (0);  /* File transfer end. */
+  else
+send_file_end (1);  /* Cancel file transfer. */
+
+  return 0;
+}
+
 /* Compile source code rules and load them.
  * Return ERROR_SUCCESS on success, Yara error code type on error.
  */
@@ -172,6 +206,58 @@ compile_error_callback(int level, const char *name, int 
line,
 fprintf (stderr, "Yara warning (line %d): %s\n", line, message);
 }

+/* Yara scan callback, called by yr_rules_scan_file.
+ * Return 0 on success, -1 on error.
+ */
+static int
+yara_rules_callback (int code, void *message, void *data)
+{
+  int ret = 0;
+
+  if (code == CALLBACK_MSG_RULE_MATCHING)
+ret = send_detection_info ((const char *)data, (YR_RULE *) message);
+
+  return (ret == 0) ? CALLBACK_CONTINUE : CALLBACK_ERROR;
+}
+
+/* Serialize file path and rule name and send it out.
+ * Return 0 on success, -1 on error.
+ */
+static int
+send_detection_info (const char *name, YR_RULE *rule)
+{
+  XDR xdr;
+  int ret = 0;
+  size_t len = 0;
+  CLEANUP_FREE char *buf = NULL;
+  struct guestfs_int_yara_detection detection;
+
+  detection.yara_name = (char *) name;
+  detection.yara_rule = (char *) rule->identifier;
+
+  /* Serialize detection struct. */
+  buf = malloc (GUESTFS_MAX_CHUNK_SIZE);
+  if (buf == NULL) {
+perror ("malloc");
+return -1;
+  }
+
+  xdrmem_create (, buf, GUESTFS_MAX_CHUNK_SIZE, XDR_ENCODE);
+
+  ret = xdr_guestfs_int_yara_detection (, );
+  if (ret == 0) {
+perror ("xdr_guestfs_int_yara_detection");
+return -1;
+  }
+
+  len = xdr_getpos ();
+
+  xdr_destroy ();
+
+  /* Send serialised yara_detection out. */
+  return send_file_write (buf, len);
+}
+
 /* Clean up yara handle on daemon exit. */
 void yara_finalize (void) __attribute__((destructor));

diff --git a/generator/actions_yara.ml b/generator/actions_yara.ml
index 9d93d9f11..2166d6f0a 100644
--- a/generator/actions_yara.ml
+++ b/generator/actions_yara.ml
@@ -53,4 +53,12 @@ Previously loaded rules will be destroyed." };
 longdesc = "\
 Destroy previously loaded Yara rules in order to free libguestfs resources." };

+  { defaults with
+name = "internal_yara_scan"; added = (1, 37, 9);
+style = RErr, [Pathname "path"; FileOut "filename"], [];
+visibility = VInternal;
+optional = Some "libyara";
+shortdesc = "scan a file with the loaded yara rules";
+longdesc = "Internal function for yara_scan." };
+
 ]
diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml
index d471b1a83..c7619638a 100644
--- a/generator/proc_nr.ml
+++ b/generator/proc_nr.ml
@@ -481,6 +481,7 @@ let proc_nr = [
 471, "mksquashfs";
 472, "yara_load";
 473, "yara_destroy";
+474, "internal_yara_scan";
 ]

 (* End of list.  If adding a new entry, add it at the end of the list
diff --git a/generator/structs.ml b/generator/structs.ml
index c1c9b668e..834fa9c54 100644
--- a/generator/structs.ml
+++ b/generator/structs.ml
@@ -469,6 +469,15 @@ let structs = [
 ];
 s_camel_name = "TSKDirent" };

+  (* Yara 

[Libguestfs] [PATCH v6 0/7] Feature: Yara file scanning

[Matteo Cafasso]

v6:

- use new test functions
- fix yara_detection struct field names
- revert yara_load function to initial version

With Pino we were exploring the idea of allowing Users to load multiple
rule files with subsequent calls to yara_load API.
https://www.redhat.com/archives/libguestfs/2016-November/msg00119.html
It turns out impractical due to YARA API limitations. It is possible
to load multiple rule source files into the compiler. Yet once compiled
no further rule file can be added.

This would make the yara_load API difficult to understand for the end User.
The yara tool iself cannot scan files with more than a rule file.
To combine multiple rule files the User is recommended to use the yarac tool.

This makes the yara_load API more similar to the yara workflow.

- further small fixes according to the v5 comments

After further

Matteo Cafasso (7):
  daemon: expose file upload logic
  appliance: add yara dependency
  New API: yara_load
  New API: yara_destroy
  New API: internal_yara_scan
  New API: yara_scan
  yara_scan: added API tests

 appliance/packagelist.in |   4 +
 configure.ac |   1 +
 daemon/Makefile.am   |   4 +-
 daemon/cleanups.c|   9 +
 daemon/cleanups.h|   2 +
 daemon/daemon.h  |   3 +
 daemon/upload.c  |  70 +++
 daemon/yara.c| 303 +++
 generator/Makefile.am|   3 +
 generator/actions.ml |   6 +-
 generator/actions_yara.ml|  92 ++
 generator/actions_yara.mli   |  22 +++
 generator/proc_nr.ml |   3 +
 generator/structs.ml |   9 +
 gobject/Makefile.inc |   2 +
 java/Makefile.inc|   1 +
 java/com/redhat/et/libguestfs/.gitignore |   1 +
 lib/MAX_PROC_NR  |   2 +-
 lib/Makefile.am  |   1 +
 lib/yara.c   | 127 +
 m4/guestfs_daemon.m4 |  14 ++
 tests/yara/Makefile.am   |  26 +++
 tests/yara/test-yara-scan.sh |  61 +++
 23 files changed, 731 insertions(+), 35 deletions(-)
 create mode 100644 daemon/yara.c
 create mode 100644 generator/actions_yara.ml
 create mode 100644 generator/actions_yara.mli
 create mode 100644 lib/yara.c
 create mode 100644 tests/yara/Makefile.am
 create mode 100755 tests/yara/test-yara-scan.sh

--
2.11.0

___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

Re: [Libguestfs] [PATCH v4 3/9] v2v: linux: Replace 'ki_supports_virtio' field.

[Richard W.M. Jones]

On Thu, Apr 06, 2017 at 05:06:08PM +0200, Pino Toscano wrote:
> On Thursday, 6 April 2017 12:04:21 CEST Richard W.M. Jones wrote:
> > Previously the kernel_info field 'ki_supports_virtio' really meant
> > that the kernel supports virtio-net.  That was used as a proxy to mean
> > the kernel supports virtio in general.
> > 
> > This change splits the field so we explicitly test for both virtio-blk
> > and virtio-net drivers, and store the results as separate fields.
> > 
> > The patch is straightforward, except for the change to the
> > 'rebuild_initrd' function.  Instead of making the module list
> > conditional on whether virtio-net is available and using the old
> > (probably wrong) fallback if it happens to be unavailable, this now
> > tries to enable the common virtio kernel modules (just the ones needed
> > for virtio-blk and virtio-net to work).  The fallback is only used if
> > none of the common virtio modules can be found.
> > ---
> > [...]
> >  let best_kernel =
> >let compare_best_kernels k1 k2 =
> > -let i = compare k1.ki_supports_virtio k2.ki_supports_virtio in
> > +let i = compare k1.ki_supports_virtio_net 
> > k2.ki_supports_virtio_net in
> 
> Should this consider both virtio-net+virtio-blk to determine that a
> kernel "supports virtio"?

TBH "supports virtio" is not really a thing.  Supports the virtio bus?
That's not useful unless it also supports specific virtio devices.

In any case it turns out we don't need to know if a kernel supports
virtio except in one place: sorting the kernels.  Arguably that would
be better if it weighted kernels by how many virtio devices they
support or something like that.  I might just add that in fact.

> > -let string_of_kernel_info ki =
> > -  sprintf "(%s, %s, %s, %s, %s, %s, virtio=%b, xen=%b, debug=%b)"
> > -ki.ki_name ki.ki_version ki.ki_arch ki.ki_vmlinuz
> > -(match ki.ki_initrd with None -> "None" | Some f -> f)
> > -(match ki.ki_config_file with None -> "None" | Some f -> f)
> > -ki.ki_supports_virtio ki.ki_is_xen_pv_only_kernel ki.ki_is_debug
> > +let print_kernel_info chan prefix ki =
> 
> Can you please expose this function (as interface in linux_kernels.mli)
> in this patch already (instead of patch #9)?

Will do, thanks for the review.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
libguestfs lets you edit virtual machines.  Supports shell scripting,
bindings from many languages.  http://libguestfs.org

___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

Re: [Libguestfs] [PATCH v2] builder: Allow GnuPG v2 or v1 to be used (RHBZ#1438939).

[Pino Toscano]

On Thursday, 6 April 2017 12:23:46 CEST Richard W.M. Jones wrote:
> All of the GPG commands we run are compatible with either v1 or v2, so
> this simply involves looking for either gpg2 or gpg binaries at
> runtime.
> ---

LGTM.

Thanks,
-- 
Pino Toscano

signature.asc
Description: This is a digitally signed message part.
___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

Re: [Libguestfs] [PATCH v4 0/9] v2v: Add drivers for virtio-rng, balloon, pvpanic.

[Pino Toscano]

On Thursday, 6 April 2017 12:04:18 CEST Richard W.M. Jones wrote:
> v1: https://www.redhat.com/archives/libguestfs/2017-April/msg00031.html
> v2: https://www.redhat.com/archives/libguestfs/2017-April/msg00040.html
> v3: https://www.redhat.com/archives/libguestfs/2017-April/msg00051.html
> 
> v3 -> v4:
> 
>  - Properly fix Xen PV-only kernel detection, and test it.

Just a couple of notes in patch #3, but seems okay otherwise.

Thanks,
-- 
Pino Toscano

signature.asc
Description: This is a digitally signed message part.
___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

[Libguestfs] [PATCH v2] builder: Allow GnuPG v2 or v1 to be used (RHBZ#1438939).

[Richard W.M. Jones]

All of the GPG commands we run are compatible with either v1 or v2, so
this simply involves looking for either gpg2 or gpg binaries at
runtime.
---
 builder/builder.ml| 10 --
 builder/cmdline.ml|  8 +++-
 builder/virt-builder.pod  |  7 +--
 docs/guestfs-building.pod |  2 +-
 4 files changed, 17 insertions(+), 10 deletions(-)

diff --git a/builder/builder.ml b/builder/builder.ml
index 95f32edaf..b0a48ea89 100644
--- a/builder/builder.ml
+++ b/builder/builder.ml
@@ -148,12 +148,10 @@ let main () =
   (* Check that gpg is installed.  Optional as long as the user
* disables all signature checks.
*)
-  let cmd = sprintf "%s --help >/dev/null 2>&1" cmdline.gpg in
-  if shell_command cmd <> 0 then (
-if cmdline.check_signature then
-  error (f_"gpg is not installed (or does not work)\nYou should install 
gpg, or use --gpg option, or use --no-check-signature.")
-else if verbose () then
-  warning (f_"gpg program is not available")
+  if cmdline.check_signature then (
+let cmd = sprintf "%s --help >/dev/null 2>&1" cmdline.gpg in
+if cmdline.gpg = "" || shell_command cmd <> 0 then
+  error (f_"no GNU Privacy Guard (GnuPG, gpg) binary was found.\n\nEither 
gpg v1 or v2 can be installed to check signatures.  Virt-builder looks for a 
binary called either ‘gpg2’ or ‘gpg‘ on the $PATH.  You can also specify a 
binary using the ‘--gpg’ option.  If you don't want to check signatures, use 
’--no-check-signature’ but note that this may make you vulnerable to 
Man-In-The-Middle attacks.")
   );
 
   (* Check that curl works. *)
diff --git a/builder/cmdline.ml b/builder/cmdline.ml
index aa852e8f5..f20c0936c 100644
--- a/builder/cmdline.ml
+++ b/builder/cmdline.ml
@@ -87,7 +87,13 @@ let parse_cmdline () =
   let add_fingerprint arg = push_front arg fingerprints in
 
   let format = ref "" in
-  let gpg = ref "gpg" in
+  let gpg =
+try which "gpg2"
+with Executable_not_found _ ->
+ try which "gpg"
+ with Executable_not_found _ ->
+  "" in
+  let gpg = ref gpg in
 
   let list_format = ref List_entries.Short in
   let list_set_long () = list_format := List_entries.Long in
diff --git a/builder/virt-builder.pod b/builder/virt-builder.pod
index b48b1241b..dbbd6469e 100644
--- a/builder/virt-builder.pod
+++ b/builder/virt-builder.pod
@@ -314,8 +314,10 @@ F directory of a guest, see L.
 
 =item B<--gpg> GPG
 
-Specify an alternate L (GNU Privacy Guard) binary.  You can
-also use this to add gpg parameters, for example to specify an
+Specify an alternate L (GNU Privacy Guard) binary.  By default
+virt-builder looks for either C or C in the C<$PATH>.
+
+You can also use this to add gpg parameters, for example to specify an
 alternate home directory:
 
  virt-builder --gpg "gpg --homedir /tmp" [...]
@@ -1880,6 +1882,7 @@ L,
 L,
 L,
 L,
+L,
 L,
 L,
 L,
diff --git a/docs/guestfs-building.pod b/docs/guestfs-building.pod
index 5e314b34d..bfb46a02f 100644
--- a/docs/guestfs-building.pod
+++ b/docs/guestfs-building.pod
@@ -280,7 +280,7 @@ Optional.  For the L.
 
 Optional.  Used by virt-builder for downloads.
 
-=item gpg
+=item GNU Privacy Guard (GnuPG, gpg) v1 or v2
 
 Optional.  Used by virt-builder for checking digital signatures.
 
-- 
2.12.0

___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

[Libguestfs] [PATCH v4 4/9] v2v: Extend guestcaps to record drivers for virtio-rng, balloon and pvpanic.

[Richard W.M. Jones]

Extend the guestcaps structure so it records whether a guest supports
(or drivers were added) for virtio-rng, the virtio memory balloon, and
the ISA pvpanic device.
---
 v2v/convert_linux.ml   |  3 +++
 v2v/convert_windows.ml |  6 +-
 v2v/linux_kernels.ml   | 21 +
 v2v/linux_kernels.mli  |  3 +++
 v2v/types.ml   |  3 +++
 v2v/types.mli  |  4 
 v2v/windows_virtio.ml  | 10 --
 v2v/windows_virtio.mli |  5 +++--
 8 files changed, 46 insertions(+), 9 deletions(-)

diff --git a/v2v/convert_linux.ml b/v2v/convert_linux.ml
index 46b989d5d..a65ce99b9 100644
--- a/v2v/convert_linux.ml
+++ b/v2v/convert_linux.ml
@@ -1042,6 +1042,9 @@ let rec convert (g : G.guestfs) inspect source output 
rcaps =
 gcaps_block_bus = block_type;
 gcaps_net_bus = net_type;
 gcaps_video = video;
+gcaps_virtio_rng = kernel.ki_supports_virtio_rng;
+gcaps_virtio_balloon = kernel.ki_supports_virtio_balloon;
+gcaps_isa_pvpanic = kernel.ki_supports_isa_pvpanic;
 gcaps_arch = Utils.kvm_arch inspect.i_arch;
 gcaps_acpi = acpi;
   } in
diff --git a/v2v/convert_windows.ml b/v2v/convert_windows.ml
index 4fe671fab..dfb90d079 100644
--- a/v2v/convert_windows.ml
+++ b/v2v/convert_windows.ml
@@ -600,7 +600,8 @@ if errorlevel 3010 exit /b 0
   configure_firstboot ();
 
   (* Open the system hive for writes and update it. *)
-  let block_driver, net_driver, video_driver =
+  let block_driver, net_driver, video_driver,
+  virtio_rng_supported, virtio_ballon_supported, isa_pvpanic_supported =
 Registry.with_hive_write g inspect.i_windows_system_hive
  update_system_hive in
 
@@ -628,6 +629,9 @@ if errorlevel 3010 exit /b 0
 gcaps_block_bus = block_driver;
 gcaps_net_bus = net_driver;
 gcaps_video = video_driver;
+gcaps_virtio_rng = virtio_rng_supported;
+gcaps_virtio_balloon = virtio_ballon_supported;
+gcaps_isa_pvpanic = isa_pvpanic_supported;
 gcaps_arch = Utils.kvm_arch inspect.i_arch;
 gcaps_acpi = true;
   } in
diff --git a/v2v/linux_kernels.ml b/v2v/linux_kernels.ml
index 725bd03c2..e8c3a93c6 100644
--- a/v2v/linux_kernels.ml
+++ b/v2v/linux_kernels.ml
@@ -40,6 +40,9 @@ type kernel_info = {
   ki_modules : string list;
   ki_supports_virtio_blk : bool;
   ki_supports_virtio_net : bool;
+  ki_supports_virtio_rng : bool;
+  ki_supports_virtio_balloon : bool;
+  ki_supports_isa_pvpanic : bool;
   ki_is_xen_pv_only_kernel : bool;
   ki_is_debug : bool;
   ki_config_file : string option;
@@ -53,10 +56,11 @@ let print_kernel_info chan prefix ki =
   fpf "%s\n" (match ki.ki_config_file with None -> "no config" | Some s -> s);
   fpf "%s\n" ki.ki_modpath;
   fpf "%d modules found\n" (List.length ki.ki_modules);
-  fpf "virtio: blk=%b net=%b\n"
-  ki.ki_supports_virtio_blk ki.ki_supports_virtio_net;
-  fpf "xen=%b debug=%b\n"
-  ki.ki_is_xen_pv_only_kernel ki.ki_is_debug
+  fpf "virtio: blk=%b net=%b rng=%b balloon=%b\n"
+  ki.ki_supports_virtio_blk ki.ki_supports_virtio_net
+  ki.ki_supports_virtio_rng ki.ki_supports_virtio_balloon;
+  fpf "pvpanic=%b xen=%b debug=%b\n"
+  ki.ki_supports_isa_pvpanic ki.ki_is_xen_pv_only_kernel ki.ki_is_debug
 
 let detect_kernels (g : G.guestfs) inspect family bootloader =
   (* What kernel/kernel-like packages are installed on the current guest? *)
@@ -192,6 +196,12 @@ let detect_kernels (g : G.guestfs) inspect family 
bootloader =
kernel_supports "virtio_blk" "VIRTIO_BLK" in
  let supports_virtio_net =
kernel_supports "virtio_net" "VIRTIO_NET" in
+ let supports_virtio_rng =
+   kernel_supports "virtio-rng" "HW_RANDOM_VIRTIO" in
+ let supports_virtio_balloon =
+   kernel_supports "virtio_balloon" "VIRTIO_BALLOON" in
+ let supports_isa_pvpanic =
+   kernel_supports "pvpanic" "PVPANIC" in
  let is_xen_pv_only_kernel =
check_config "X86_XEN" config_file ||
check_config "X86_64_XEN" config_file in
@@ -215,6 +225,9 @@ let detect_kernels (g : G.guestfs) inspect family 
bootloader =
ki_modules = modules;
ki_supports_virtio_blk = supports_virtio_blk;
ki_supports_virtio_net = supports_virtio_net;
+   ki_supports_virtio_rng = supports_virtio_rng;
+   ki_supports_virtio_balloon = supports_virtio_balloon;
+   ki_supports_isa_pvpanic = supports_isa_pvpanic;
ki_is_xen_pv_only_kernel = is_xen_pv_only_kernel;
ki_is_debug = is_debug;
ki_config_file = config_file;
diff --git a/v2v/linux_kernels.mli b/v2v/linux_kernels.mli
index f536583ca..3702063d7 100644
--- a/v2v/linux_kernels.mli
+++ b/v2v/linux_kernels.mli
@@ -30,6 +30,9 @@ type kernel_info = {
   ki_modules : string list;(** The list of module names. *)
   ki_supports_virtio_blk : bool;   (** Kernel supports virtio-blk? *)
 

[Libguestfs] [PATCH v4 6/9] v2v: -o glance: Add virtio-rng to output properties (RHBZ#1438794).

[Richard W.M. Jones]

Only virtio-rng is supported at the time.
---
 v2v/output_glance.ml | 5 +
 1 file changed, 5 insertions(+)

diff --git a/v2v/output_glance.ml b/v2v/output_glance.ml
index 04a284337..b712d6801 100644
--- a/v2v/output_glance.ml
+++ b/v2v/output_glance.ml
@@ -138,6 +138,11 @@ object
  | x, 0 -> push_back properties ("os_version", string_of_int x)
  | x, y -> push_back properties ("os_version", sprintf "%d.%d" x y)
 );
+if guestcaps.gcaps_virtio_rng then
+  push_back properties ("hw_rng_model", "virtio");
+(* XXX Neither memory balloon nor pvpanic are supported by
+ * Glance at this time.
+ *)
 
 let properties =
   List.flatten (
-- 
2.12.0

___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

[Libguestfs] [PATCH v4 8/9] v2v: windows: Prefer virtio-win ISO over directory (RHBZ#1438794).

[Richard W.M. Jones]

The exploded tree has many missing drivers (eg. virtio-rng).
The ISO contains the complete set, so prefer it.
---
 v2v/virt-v2v.pod  | 34 +-
 v2v/windows_virtio.ml |  4 +++-
 2 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/v2v/virt-v2v.pod b/v2v/virt-v2v.pod
index 5d6628d65..ff6e020a6 100644
--- a/v2v/virt-v2v.pod
+++ b/v2v/virt-v2v.pod
@@ -607,10 +607,10 @@ the named root device does not exist or was not detected 
as a root
 device, then virt-v2v will fail.
 
 Note that there is a bug in grub which prevents it from successfully
-booting a multiboot system if VirtIO is enabled.  Grub is only able to
-boot an operating system from the first VirtIO disk.  Specifically,
-F must be on the first VirtIO disk, and it cannot chainload an
-OS which is not in the first VirtIO disk.
+booting a multiboot system if virtio is enabled.  Grub is only able to
+boot an operating system from the first virtio disk.  Specifically,
+F must be on the first virtio disk, and it cannot chainload an
+OS which is not in the first virtio disk.
 
 =item B<--vdsm-compat=0.10>
 
@@ -766,9 +766,8 @@ below.
 
  Ubuntu 10.04+  All versions support virtio
 
- WindowsDrivers are installed from the directory pointed to by
-"VIRTIO_WIN" environment variable
-(/usr/share/virtio-win by default) if present
+ WindowsDrivers are installed from the ISO or directory pointed
+to by "VIRTIO_WIN" environment variable if present
 
 =head1 RHEL 4
 
@@ -2014,8 +2013,25 @@ distributed with virt-v2v.
 
 =item C
 
-This is where VirtIO drivers for Windows are searched for
-(F if unset).  It can be a directory I
+This is where virtio drivers for Windows are searched for.
+
+If unset, then we look for drivers in whichever of these paths
+is found first:
+
+=over 4
+
+=item F
+
+The ISO containing virtio drivers for Windows.
+
+=item F
+
+The exploded tree of virtio drivers for Windows.  This is
+usually incomplete, hence the ISO is preferred.
+
+=back
+
+(F<> if unset).  It can be a directory I
 point to F (CD ROM image containing drivers).
 
 See L.
diff --git a/v2v/windows_virtio.ml b/v2v/windows_virtio.ml
index 84a16e34e..6c9708c03 100644
--- a/v2v/windows_virtio.ml
+++ b/v2v/windows_virtio.ml
@@ -31,7 +31,9 @@ let virtio_win =
   with Not_found ->
 try Sys.getenv "VIRTIO_WIN_DIR" (* old name for VIRTIO_WIN *)
 with Not_found ->
-  Guestfs_config.datadir // "virtio-win"
+  let iso = Guestfs_config.datadir // "virtio-win" // "virtio-win.iso" in
+  if Sys.file_exists iso then iso
+  else Guestfs_config.datadir // "virtio-win"
 
 let scsi_class_guid = "{4D36E97B-E325-11CE-BFC1-08002BE10318}"
 let viostor_pciid = "VEN_1AF4_1001_00021AF4_00"
-- 
2.12.0

___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

Re: [Libguestfs] IRC question: squashfs

[Pino Toscano]

On Thursday, 6 April 2017 00:26:26 CEST Richard W.M. Jones wrote:
> 
> >From josv on IRC:
> 
> > Hi! I am on Fedora 25 and installed libguestfs (1.36.2) from the
> > fedora repo. It seems that the squashfs feature is missing in this
> > installation (guestfish add-drive /dev/null : run : available squashfs
> > returns "error: squashfs: group not available").  What would be the
> > recommended way to have the squashfs feature available?
> 
> $ guestfish -a /dev/null run : supported
> ...
> squashfs no
> ...
> 
> $ rpm -q squashfs-tools
> squashfs-tools-4.3-12.fc24.x86_64
> 
> I think actually this is a bug.  I'll take a look into it tomorrow.

It looks like the Fedora packaging does not have squashfs-tools as
Build-Require -- adding it should do the job.

Speaking of Fedora: the libosinfo dependency can be changed to
osinfo-db in f25+, as we just need the osinfo data.

Thanks,
-- 
Pino Toscano

signature.asc
Description: This is a digitally signed message part.
___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

Re: [Libguestfs] [PATCH] builder: Allow GnuPG v2 or v1 to be used (RHBZ#1438939).

[Pino Toscano]

On Tuesday, 4 April 2017 23:13:58 CEST Richard W.M. Jones wrote:
> All of the GPG commands we run are compatible with either v1 or v2, so
> this simply involves changing the configure script to find either
> binary.
> ---

Why not simply check it at runtime?  We have Common_utils.which already.

-- 
Pino Toscano

signature.asc
Description: This is a digitally signed message part.
___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

Re: [Libguestfs] [PATCH v3 2/8] v2v: linux: Fix Xen PV-only detection.

[Richard W.M. Jones]

On Thu, Apr 06, 2017 at 09:13:24AM +0100, Richard W.M. Jones wrote:
> - let is_xen_kernel = List.mem "xennet" modules in
> + let is_xen_pv_only_kernel =
> +   check_config "CONFIG_X86_XEN" config_file ||
> +   check_config "CONFIG_X86_64_XEN" config_file in

This test is still wrong - I should have omitted the CONFIG_
prefix.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-top is 'top' for virtual machines.  Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://people.redhat.com/~rjones/virt-top

___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

[Libguestfs] [PATCH v3 4/8] v2v: Extend guestcaps to record drivers for virtio-rng, balloon and pvpanic.

[Richard W.M. Jones]

Extend the guestcaps structure so it records whether a guest supports
(or drivers were added) for virtio-rng, the virtio memory balloon, and
the ISA pvpanic device.
---
 v2v/convert_linux.ml   |  3 +++
 v2v/convert_windows.ml |  6 +-
 v2v/linux_kernels.ml   | 21 +
 v2v/linux_kernels.mli  |  3 +++
 v2v/types.ml   |  3 +++
 v2v/types.mli  |  4 
 v2v/windows_virtio.ml  | 10 --
 v2v/windows_virtio.mli |  5 +++--
 8 files changed, 46 insertions(+), 9 deletions(-)

diff --git a/v2v/convert_linux.ml b/v2v/convert_linux.ml
index 46b989d5d..a65ce99b9 100644
--- a/v2v/convert_linux.ml
+++ b/v2v/convert_linux.ml
@@ -1042,6 +1042,9 @@ let rec convert (g : G.guestfs) inspect source output 
rcaps =
 gcaps_block_bus = block_type;
 gcaps_net_bus = net_type;
 gcaps_video = video;
+gcaps_virtio_rng = kernel.ki_supports_virtio_rng;
+gcaps_virtio_balloon = kernel.ki_supports_virtio_balloon;
+gcaps_isa_pvpanic = kernel.ki_supports_isa_pvpanic;
 gcaps_arch = Utils.kvm_arch inspect.i_arch;
 gcaps_acpi = acpi;
   } in
diff --git a/v2v/convert_windows.ml b/v2v/convert_windows.ml
index 4fe671fab..dfb90d079 100644
--- a/v2v/convert_windows.ml
+++ b/v2v/convert_windows.ml
@@ -600,7 +600,8 @@ if errorlevel 3010 exit /b 0
   configure_firstboot ();
 
   (* Open the system hive for writes and update it. *)
-  let block_driver, net_driver, video_driver =
+  let block_driver, net_driver, video_driver,
+  virtio_rng_supported, virtio_ballon_supported, isa_pvpanic_supported =
 Registry.with_hive_write g inspect.i_windows_system_hive
  update_system_hive in
 
@@ -628,6 +629,9 @@ if errorlevel 3010 exit /b 0
 gcaps_block_bus = block_driver;
 gcaps_net_bus = net_driver;
 gcaps_video = video_driver;
+gcaps_virtio_rng = virtio_rng_supported;
+gcaps_virtio_balloon = virtio_ballon_supported;
+gcaps_isa_pvpanic = isa_pvpanic_supported;
 gcaps_arch = Utils.kvm_arch inspect.i_arch;
 gcaps_acpi = true;
   } in
diff --git a/v2v/linux_kernels.ml b/v2v/linux_kernels.ml
index 37b281bb0..5e96ad4c1 100644
--- a/v2v/linux_kernels.ml
+++ b/v2v/linux_kernels.ml
@@ -40,6 +40,9 @@ type kernel_info = {
   ki_modules : string list;
   ki_supports_virtio_blk : bool;
   ki_supports_virtio_net : bool;
+  ki_supports_virtio_rng : bool;
+  ki_supports_virtio_balloon : bool;
+  ki_supports_isa_pvpanic : bool;
   ki_is_xen_pv_only_kernel : bool;
   ki_is_debug : bool;
   ki_config_file : string option;
@@ -53,10 +56,11 @@ let print_kernel_info chan prefix ki =
   fpf "%s\n" (match ki.ki_config_file with None -> "no config" | Some s -> s);
   fpf "%s\n" ki.ki_modpath;
   fpf "%d modules found\n" (List.length ki.ki_modules);
-  fpf "virtio: blk=%b net=%b\n"
-  ki.ki_supports_virtio_blk ki.ki_supports_virtio_net;
-  fpf "xen=%b debug=%b\n"
-  ki.ki_is_xen_pv_only_kernel ki.ki_is_debug
+  fpf "virtio: blk=%b net=%b rng=%b balloon=%b\n"
+  ki.ki_supports_virtio_blk ki.ki_supports_virtio_net
+  ki.ki_supports_virtio_rng ki.ki_supports_virtio_balloon;
+  fpf "pvpanic=%b xen=%b debug=%b\n"
+  ki.ki_supports_isa_pvpanic ki.ki_is_xen_pv_only_kernel ki.ki_is_debug
 
 let detect_kernels (g : G.guestfs) inspect family bootloader =
   (* What kernel/kernel-like packages are installed on the current guest? *)
@@ -192,6 +196,12 @@ let detect_kernels (g : G.guestfs) inspect family 
bootloader =
kernel_supports "virtio_blk" "VIRTIO_BLK" in
  let supports_virtio_net =
kernel_supports "virtio_net" "VIRTIO_NET" in
+ let supports_virtio_rng =
+   kernel_supports "virtio-rng" "HW_RANDOM_VIRTIO" in
+ let supports_virtio_balloon =
+   kernel_supports "virtio_balloon" "VIRTIO_BALLOON" in
+ let supports_isa_pvpanic =
+   kernel_supports "pvpanic" "PVPANIC" in
  let is_xen_pv_only_kernel =
check_config "CONFIG_X86_XEN" config_file ||
check_config "CONFIG_X86_64_XEN" config_file in
@@ -215,6 +225,9 @@ let detect_kernels (g : G.guestfs) inspect family 
bootloader =
ki_modules = modules;
ki_supports_virtio_blk = supports_virtio_blk;
ki_supports_virtio_net = supports_virtio_net;
+   ki_supports_virtio_rng = supports_virtio_rng;
+   ki_supports_virtio_balloon = supports_virtio_balloon;
+   ki_supports_isa_pvpanic = supports_isa_pvpanic;
ki_is_xen_pv_only_kernel = is_xen_pv_only_kernel;
ki_is_debug = is_debug;
ki_config_file = config_file;
diff --git a/v2v/linux_kernels.mli b/v2v/linux_kernels.mli
index f536583ca..3702063d7 100644
--- a/v2v/linux_kernels.mli
+++ b/v2v/linux_kernels.mli
@@ -30,6 +30,9 @@ type kernel_info = {
   ki_modules : string list;(** The list of module names. *)
   ki_supports_virtio_blk : bool;   (** Kernel supports 

[Libguestfs] [PATCH v3 5/8] v2v: -o libvirt: Add virtio-rng, balloon and pvpanic to output XML (RHBZ#1438794).

[Richard W.M. Jones]

When outputting libvirt XML, create virtio-rng, a memory balloon
device, and a pvpanic device, if the guest supports it.

Thanks: Daniel Berrangé for advice on memballoon
---
 v2v/create_libvirt_xml.ml | 26 ++
 v2v/test-v2v-i-ova.xml|  4 
 2 files changed, 30 insertions(+)

diff --git a/v2v/create_libvirt_xml.ml b/v2v/create_libvirt_xml.ml
index fc7196595..246cacd21 100644
--- a/v2v/create_libvirt_xml.ml
+++ b/v2v/create_libvirt_xml.ml
@@ -338,6 +338,32 @@ let create_libvirt_xml ?pool source target_buses guestcaps
  [] in
   append devices sound;
 
+  (* Miscellaneous KVM devices. *)
+  if guestcaps.gcaps_virtio_rng then
+push_back devices (
+  e "rng" ["model", "virtio"] [
+(* XXX Using /dev/urandom requires libvirt >= 1.3.4.  Libvirt
+ * was broken before that.
+ *)
+e "backend" ["model", "random"] [PCData "/dev/urandom"]
+  ]
+);
+  (* For the balloon device, libvirt adds an implicit device
+   * unless we use model='none', hence this:
+   *)
+  push_back devices (
+e "memballoon"
+  ["model",
+   if guestcaps.gcaps_virtio_balloon then "virtio" else "none"]
+  []
+  );
+  if guestcaps.gcaps_isa_pvpanic then
+push_back devices (
+  e "panic" ["model", "isa"] [
+e "address" ["type", "isa"; "iobase", "0x505"] []
+  ]
+);
+
   (* Standard devices added to every guest. *)
   append devices [
 e "input" ["type", "tablet"; "bus", "usb"] [];
diff --git a/v2v/test-v2v-i-ova.xml b/v2v/test-v2v-i-ova.xml
index 1a31c44d5..4b5f615c9 100644
--- a/v2v/test-v2v-i-ova.xml
+++ b/v2v/test-v2v-i-ova.xml
@@ -37,6 +37,10 @@
   
 
 
+
+  /dev/urandom
+
+
 
 
 
-- 
2.12.0

___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

[Libguestfs] [PATCH v3 8/8] v2v: windows: Prefer virtio-win ISO over directory (RHBZ#1438794).

[Richard W.M. Jones]

The exploded tree has many missing drivers (eg. virtio-rng).
The ISO contains the complete set, so prefer it.
---
 v2v/virt-v2v.pod  | 34 +-
 v2v/windows_virtio.ml |  4 +++-
 2 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/v2v/virt-v2v.pod b/v2v/virt-v2v.pod
index 5d6628d65..ff6e020a6 100644
--- a/v2v/virt-v2v.pod
+++ b/v2v/virt-v2v.pod
@@ -607,10 +607,10 @@ the named root device does not exist or was not detected 
as a root
 device, then virt-v2v will fail.
 
 Note that there is a bug in grub which prevents it from successfully
-booting a multiboot system if VirtIO is enabled.  Grub is only able to
-boot an operating system from the first VirtIO disk.  Specifically,
-F must be on the first VirtIO disk, and it cannot chainload an
-OS which is not in the first VirtIO disk.
+booting a multiboot system if virtio is enabled.  Grub is only able to
+boot an operating system from the first virtio disk.  Specifically,
+F must be on the first virtio disk, and it cannot chainload an
+OS which is not in the first virtio disk.
 
 =item B<--vdsm-compat=0.10>
 
@@ -766,9 +766,8 @@ below.
 
  Ubuntu 10.04+  All versions support virtio
 
- WindowsDrivers are installed from the directory pointed to by
-"VIRTIO_WIN" environment variable
-(/usr/share/virtio-win by default) if present
+ WindowsDrivers are installed from the ISO or directory pointed
+to by "VIRTIO_WIN" environment variable if present
 
 =head1 RHEL 4
 
@@ -2014,8 +2013,25 @@ distributed with virt-v2v.
 
 =item C
 
-This is where VirtIO drivers for Windows are searched for
-(F if unset).  It can be a directory I
+This is where virtio drivers for Windows are searched for.
+
+If unset, then we look for drivers in whichever of these paths
+is found first:
+
+=over 4
+
+=item F
+
+The ISO containing virtio drivers for Windows.
+
+=item F
+
+The exploded tree of virtio drivers for Windows.  This is
+usually incomplete, hence the ISO is preferred.
+
+=back
+
+(F<> if unset).  It can be a directory I
 point to F (CD ROM image containing drivers).
 
 See L.
diff --git a/v2v/windows_virtio.ml b/v2v/windows_virtio.ml
index 84a16e34e..6c9708c03 100644
--- a/v2v/windows_virtio.ml
+++ b/v2v/windows_virtio.ml
@@ -31,7 +31,9 @@ let virtio_win =
   with Not_found ->
 try Sys.getenv "VIRTIO_WIN_DIR" (* old name for VIRTIO_WIN *)
 with Not_found ->
-  Guestfs_config.datadir // "virtio-win"
+  let iso = Guestfs_config.datadir // "virtio-win" // "virtio-win.iso" in
+  if Sys.file_exists iso then iso
+  else Guestfs_config.datadir // "virtio-win"
 
 let scsi_class_guid = "{4D36E97B-E325-11CE-BFC1-08002BE10318}"
 let viostor_pciid = "VEN_1AF4_1001_00021AF4_00"
-- 
2.12.0

___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

[Libguestfs] [PATCH v3 3/8] v2v: linux: Replace 'ki_supports_virtio' field.

[Richard W.M. Jones]

Previously the kernel_info field 'ki_supports_virtio' really meant
that the kernel supports virtio-net.  That was used as a proxy to mean
the kernel supports virtio in general.

This change splits the field so we explicitly test for both virtio-blk
and virtio-net drivers, and store the results as separate fields.

The patch is straightforward, except for the change to the
'rebuild_initrd' function.  Instead of making the module list
conditional on whether virtio-net is available and using the old
(probably wrong) fallback if it happens to be unavailable, this now
tries to enable the common virtio kernel modules (just the ones needed
for virtio-blk and virtio-net to work).  The fallback is only used if
none of the common virtio modules can be found.
---
 v2v/convert_linux.ml  | 20 +++-
 v2v/linux_kernels.ml  | 38 ++
 v2v/linux_kernels.mli |  3 ++-
 3 files changed, 35 insertions(+), 26 deletions(-)

diff --git a/v2v/convert_linux.ml b/v2v/convert_linux.ml
index 5a83be625..46b989d5d 100644
--- a/v2v/convert_linux.ml
+++ b/v2v/convert_linux.ml
@@ -403,11 +403,12 @@ let rec convert (g : G.guestfs) inspect source output 
rcaps =
   error (f_"only Xen kernels are installed in this guest.\n\nRead the 
%s(1) manual, section \"XEN PARAVIRTUALIZED GUESTS\", to see what to do.") prog;
 
 (* Enable the best non-Xen kernel, where "best" means the one with
- * the highest version which supports virtio.
+ * the highest version, preferring non-debug kernels which support
+ * virtio.
  *)
 let best_kernel =
   let compare_best_kernels k1 k2 =
-let i = compare k1.ki_supports_virtio k2.ki_supports_virtio in
+let i = compare k1.ki_supports_virtio_net k2.ki_supports_virtio_net in
 if i <> 0 then i
 else (
   let i = compare_app2_versions k1.ki_app k2.ki_app in
@@ -446,9 +447,9 @@ let rec convert (g : G.guestfs) inspect source output rcaps 
=
 match kernel.ki_initrd with
 | None -> ()
 | Some initrd ->
-  let virtio = kernel.ki_supports_virtio in
+  (* Enable the basic virtio modules in the kernel. *)
   let modules =
-if virtio then
+let modules =
   (* The order of modules here is deliberately the same as the
* order specified in the postinstall script of kmod-virtio in
* RHEL3. The reason is that the probing order determines the
@@ -457,9 +458,11 @@ let rec convert (g : G.guestfs) inspect source output 
rcaps =
*)
   List.filter (fun m -> List.mem m kernel.ki_modules)
   [ "virtio"; "virtio_ring"; "virtio_blk";
-"virtio_scsi"; "virtio_net"; "virtio_pci" ]
+"virtio_scsi"; "virtio_net"; "virtio_pci" ] in
+if modules <> [] then modules
 else
-  [ "sym53c8xx" (* XXX why not "ide"? *) ] in
+  (* Fallback copied from old virt-v2v.  XXX Why not "ide"? *)
+  [ "sym53c8xx" ] in
 
   (* Move the old initrd file out of the way.  Note that dracut/mkinitrd
* will refuse to overwrite an old file so we have to do this.
@@ -1002,7 +1005,6 @@ let rec convert (g : G.guestfs) inspect source output 
rcaps =
   unconfigure_prltools ();
 
   let kernel = configure_kernel () in
-  let virtio = kernel.ki_supports_virtio in
 
   if output#keep_serial_console then (
 configure_console ();
@@ -1021,12 +1023,12 @@ let rec convert (g : G.guestfs) inspect source output 
rcaps =
 
   let block_type =
 match rcaps.rcaps_block_bus with
-| None -> if virtio then Virtio_blk else IDE
+| None -> if kernel.ki_supports_virtio_blk then Virtio_blk else IDE
 | Some block_type -> block_type in
 
   let net_type =
 match rcaps.rcaps_net_bus with
-| None -> if virtio then Virtio_net else E1000
+| None -> if kernel.ki_supports_virtio_net then Virtio_net else E1000
 | Some net_type -> net_type in
 
   configure_display_driver video;
diff --git a/v2v/linux_kernels.ml b/v2v/linux_kernels.ml
index 459dc06bd..37b281bb0 100644
--- a/v2v/linux_kernels.ml
+++ b/v2v/linux_kernels.ml
@@ -38,18 +38,25 @@ type kernel_info = {
   ki_initrd : string option;
   ki_modpath : string;
   ki_modules : string list;
-  ki_supports_virtio : bool;
+  ki_supports_virtio_blk : bool;
+  ki_supports_virtio_net : bool;
   ki_is_xen_pv_only_kernel : bool;
   ki_is_debug : bool;
   ki_config_file : string option;
 }
 
-let string_of_kernel_info ki =
-  sprintf "(%s, %s, %s, %s, %s, %s, virtio=%b, xen=%b, debug=%b)"
-ki.ki_name ki.ki_version ki.ki_arch ki.ki_vmlinuz
-(match ki.ki_initrd with None -> "None" | Some f -> f)
-(match ki.ki_config_file with None -> "None" | Some f -> f)
-ki.ki_supports_virtio ki.ki_is_xen_pv_only_kernel ki.ki_is_debug
+let print_kernel_info chan prefix ki =
+  let fpf fs = output_string chan prefix; fprintf chan fs in
+  fprintf chan "* %s %s (%s)\n" ki.ki_name ki.ki_version ki.ki_arch;
+  

[Libguestfs] [PATCH v3 7/8] v2v: -o qemu: Add virtio-rng, balloon and pvpanic to output (RHBZ#1438794).

[Richard W.M. Jones]

---
 v2v/output_qemu.ml | 12 
 1 file changed, 12 insertions(+)

diff --git a/v2v/output_qemu.ml b/v2v/output_qemu.ml
index a6feeaab4..7246511dc 100644
--- a/v2v/output_qemu.ml
+++ b/v2v/output_qemu.ml
@@ -211,6 +211,18 @@ object
 )
 );
 
+(* Add the miscellaneous KVM devices. *)
+if guestcaps.gcaps_virtio_rng then (
+  arg "-object" "rng-random,filename=/dev/urandom,id=rng0";
+  arg "-device" "virtio-rng-pci,rng=rng0"
+);
+if guestcaps.gcaps_virtio_balloon then
+  arg "-balloon" "virtio"
+else
+  arg "-balloon" "none";
+if guestcaps.gcaps_isa_pvpanic then
+  arg "-device" "pvpanic,ioport=0x505";
+
 (* Add a serial console to Linux guests. *)
 if inspect.i_type = "linux" then
   arg "-serial" "stdio";
-- 
2.12.0

___
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs

[Libguestfs] [PATCH v3 2/8] v2v: linux: Fix Xen PV-only detection.

[Richard W.M. Jones]

We want to detect if a Linux kernel is Xen PV only ("PV-only").  Such
a kernel will not boot on KVM, and if a guest has only PV-only
kernels, it will not be able to boot at all on the target.

Our previous test was wrong.  It tested whether the xennet.ko module
exists.  This module was renamed in more recent kernels (to
xen-netfront.ko), so it happened to not detect modern kernels as
PV-only, but this was by chance.

The problem here is that modern kernel images can be compiled with Xen
PV guest support and the same image can also boot on baremetal, KVM or
Xen HVM.  Testing if the xennet (or xen-netfront) module exists is
irrelevant to this.

This test, which is based on ideas from Laszlo Ersek and

  https://wiki.xen.org/wiki/Xen_Project_Software_Overview#Guest_Types

uses the kernel config test CONFIG_X86_XEN || CONFIG_X86_64_XEN to
determine PV-only kernels.

Updates commit 7eb219d1938968c4d6bffda038aaace936f7efbf.

Thanks: Laszlo Ersek.
---
 v2v/convert_linux.ml  |  4 ++--
 v2v/linux_kernels.ml  | 10 ++
 v2v/linux_kernels.mli |  2 +-
 3 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/v2v/convert_linux.ml b/v2v/convert_linux.ml
index c768902cc..5a83be625 100644
--- a/v2v/convert_linux.ml
+++ b/v2v/convert_linux.ml
@@ -397,7 +397,7 @@ let rec convert (g : G.guestfs) inspect source output rcaps 
=
 
 (* Check a non-Xen kernel exists. *)
 let only_xen_kernels = List.for_all (
-  fun { ki_is_xen_kernel = is_xen_kernel } -> is_xen_kernel
+  fun { ki_is_xen_pv_only_kernel = is_xen_pv_only_kernel } -> 
is_xen_pv_only_kernel
 ) bootloader_kernels in
 if only_xen_kernels then
   error (f_"only Xen kernels are installed in this guest.\n\nRead the 
%s(1) manual, section \"XEN PARAVIRTUALIZED GUESTS\", to see what to do.") prog;
@@ -417,7 +417,7 @@ let rec convert (g : G.guestfs) inspect source output rcaps 
=
 )
   in
   let kernels = bootloader_kernels in
-  let kernels = List.filter (fun { ki_is_xen_kernel = is_xen_kernel } -> 
not is_xen_kernel) kernels in
+  let kernels = List.filter (fun { ki_is_xen_pv_only_kernel = 
is_xen_pv_only_kernel } -> not is_xen_pv_only_kernel) kernels in
   let kernels = List.sort compare_best_kernels kernels in
   let kernels = List.rev kernels (* so best is first *) in
   List.hd kernels in
diff --git a/v2v/linux_kernels.ml b/v2v/linux_kernels.ml
index 2efd070a6..459dc06bd 100644
--- a/v2v/linux_kernels.ml
+++ b/v2v/linux_kernels.ml
@@ -39,7 +39,7 @@ type kernel_info = {
   ki_modpath : string;
   ki_modules : string list;
   ki_supports_virtio : bool;
-  ki_is_xen_kernel : bool;
+  ki_is_xen_pv_only_kernel : bool;
   ki_is_debug : bool;
   ki_config_file : string option;
 }
@@ -49,7 +49,7 @@ let string_of_kernel_info ki =
 ki.ki_name ki.ki_version ki.ki_arch ki.ki_vmlinuz
 (match ki.ki_initrd with None -> "None" | Some f -> f)
 (match ki.ki_config_file with None -> "None" | Some f -> f)
-ki.ki_supports_virtio ki.ki_is_xen_kernel ki.ki_is_debug
+ki.ki_supports_virtio ki.ki_is_xen_pv_only_kernel ki.ki_is_debug
 
 let detect_kernels (g : G.guestfs) inspect family bootloader =
   (* What kernel/kernel-like packages are installed on the current guest? *)
@@ -182,7 +182,9 @@ let detect_kernels (g : G.guestfs) inspect family 
bootloader =
List.mem what modules || check_config kconf config_file in
 
  let supports_virtio = kernel_supports "virtio_net" "VIRTIO_NET" in
- let is_xen_kernel = List.mem "xennet" modules in
+ let is_xen_pv_only_kernel =
+   check_config "CONFIG_X86_XEN" config_file ||
+   check_config "CONFIG_X86_64_XEN" config_file in
 
  (* If the package name is like "kernel-debug", then it's
   * a debug kernel.
@@ -202,7 +204,7 @@ let detect_kernels (g : G.guestfs) inspect family 
bootloader =
ki_modpath = modpath;
ki_modules = modules;
ki_supports_virtio = supports_virtio;
-   ki_is_xen_kernel = is_xen_kernel;
+   ki_is_xen_pv_only_kernel = is_xen_pv_only_kernel;
ki_is_debug = is_debug;
ki_config_file = config_file;
  }
diff --git a/v2v/linux_kernels.mli b/v2v/linux_kernels.mli
index 8d5b9f736..a56516233 100644
--- a/v2v/linux_kernels.mli
+++ b/v2v/linux_kernels.mli
@@ -29,7 +29,7 @@ type kernel_info = {
   ki_modpath : string; (** The module path. *)
   ki_modules : string list;(** The list of module names. *)
   ki_supports_virtio : bool;   (** Kernel has virtio drivers? *)
-  ki_is_xen_kernel : bool; (** Is a Xen paravirt kernel? *)
+  ki_is_xen_pv_only_kernel : bool; (** Is a Xen paravirt-only kernel? *)
   ki_is_debug : bool;  (** Is debug kernel? *)
   ki_config_file : string option;  (** Path of config file, if found. *)
 }
-- 
2.12.0

___
Libguestfs mailing list