On 08/09/2012 08:10 PM, Corey Bryant wrote:
This patch adds support that enables passing of file descriptors
to the QEMU monitor where they will be stored in specified file
descriptor sets.
A file descriptor set can be used by a client like libvirt to
store file descriptors for the same
On 08/08/2012 12:00 PM, Stefan Berger wrote:
This patch provides basic support for using firewalld's firewall-cmd
rather than then plain eb/ip(6)tables commands.
---
src/Makefile.am |4
src/conf/nwfilter_conf.h |1
On 08/09/2012 08:10 PM, Corey Bryant wrote:
When qemu_open is passed a filename of the /dev/fdset/nnn
format (where nnn is the fdset ID), an fd with matching access
mode flags will be searched for within the specified monitor
fd set. If the fd is found, a dup of the fd will be returned
from
On Thu, Aug 09, 2012 at 10:10:44PM -0400, Corey Bryant wrote:
+void qmp_remove_fd(int64_t fdset_id, bool has_fd, int64_t fd, Error **errp)
+{
+MonFdset *mon_fdset;
+MonFdsetFd *mon_fdset_fd;
+char fd_str[20];
+
+QLIST_FOREACH(mon_fdset, mon_fdsets, next) {
+if
On 08/10/2012 07:50 AM, Daniel Veillard wrote:
On Tue, Jul 31, 2012 at 10:44:41AM +0200, Wido den Hollander wrote:
Hi,
Is de /maven2 [0] directory at libvirt.org still maintained?
It currently contains up to libvirt-java 0.4.7, while 0.4.8 is out.
If it is still maintained, could 0.4.8 be
On Fri, Aug 10, 2012 at 10:42:51AM +0200, Wido den Hollander wrote:
On 08/10/2012 07:50 AM, Daniel Veillard wrote:
On Tue, Jul 31, 2012 at 10:44:41AM +0200, Wido den Hollander wrote:
Hi,
Is de /maven2 [0] directory at libvirt.org still maintained?
It currently contains up to libvirt-java
On 08/09/2012 04:25 PM, Eric Blake wrote:
On 08/09/2012 08:17 AM, Martin Kletzander wrote:
Error 404 page had relative paths specified for both the image and
stylesheets which caused a problem when requested URL included a
subfolder (e.g. http://libvirt.org/asdf/asdf ). This patch corrects
On 08/09/2012 05:00 PM, Eric Blake wrote:
On 08/09/2012 08:17 AM, Martin Kletzander wrote:
This patch makes search.php autogenerated from search.php.in, thus
removing hardcoded menus, footer etc. and the search.php is added to
.gitignore.
There is new rule added for *.php files (to make it
On 08/09/2012 04:31 PM, Eric Blake wrote:
On 08/09/2012 08:18 AM, Martin Kletzander wrote:
List:
- some old libvir/libvirt rename leftovers (the only problem can be
if somebody parses 'virsh version' output really badly)
- remove pointless tags specified in some pages that are not used
On 08/09/2012 06:17 PM, Eric Blake wrote:
virCasprintf() seems like overkill, for now. Since printing a floating
point value is the only case where locale matters, we should be able to
provide a single helper function that guarantees a formatted float,
rather than trying to provide a generic
On 08/10/2012 01:57 AM, Eric Blake wrote:
On 08/09/2012 08:10 PM, Corey Bryant wrote:
This patch adds support that enables passing of file descriptors
to the QEMU monitor where they will be stored in specified file
descriptor sets.
A file descriptor set can be used by a client like libvirt
---
src/conf/storage_conf.c |8 +---
src/storage/storage_backend.c |2 +-
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/src/conf/storage_conf.c b/src/conf/storage_conf.c
index 3132aae..017648d 100644
--- a/src/conf/storage_conf.c
+++ b/src/conf/storage_conf.c
@@
The common code for editing files in virsh-edit.c expects EDIT_DEFINE to
return 0 on failure. virDomainSaveImageDefineXML returns 0 on success.
---
tools/virsh-domain.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
index
From: Daniel P. Berrange berra...@redhat.com
The security_manager.h header is not self-contained because it
uses the virDomainDefPtr without first including domain_conf.h
Signed-off-by: Daniel P. Berrange berra...@redhat.com
---
src/security/security_manager.h | 2 ++
1 file changed, 2
This patch series makes a number of changes to the SELinux label
generation code. This is intended to make it fully honour the
current process label when generating VM labels, so that dynamic
label generation works better with custom policies, or confined
user accounts.
--
libvir-list mailing
From: Daniel P. Berrange berra...@redhat.com
When generating an SELinux context for a VM from the template
system_u:system_r:svirt_t:s0, copy the role + user from the
current process instead of the template context. So if the
current process is
From: Daniel P. Berrange berra...@redhat.com
The code for picking a MCS label is about to get significantly
more complicated, so it deserves to be in a standlone method,
instead of a switch/case body.
Signed-off-by: Daniel P. Berrange berra...@redhat.com
---
src/security/security_selinux.c | 75
From: Daniel P. Berrange berra...@redhat.com
The current virRandomBits() API is only usable if the caller wants
a random number in the range [0, (n-1)] where n is a power of two.
This adds a virRandom() API which works for upper limits which are
not a power of two. It works by using
From: Daniel P. Berrange berra...@redhat.com
Currently the dynamic label generation code will create labels
with a sensitivity of s0, and a category pair in the range
0-1023. This is fine when running a standard MCS policy because
libvirtd will run with a label
From: Daniel P. Berrange berra...@redhat.com
There is currently no way to distinguish the case that a requested
security driver was disabled, from the case where no security driver
was available. Use VIR_ERR_CONFIG_UNSUPPORTED as the error when an
explicitly requested security driver was disabled
From: Daniel P. Berrange berra...@redhat.com
The virSecuritySELinuxGenNewContext method was not reporting any
errors, leaving it upto the caller to report a generic error.
In addition it could potentially trigger a strdup(NULL) in an
OOM scenario. Move all error porting into the
From: Daniel P. Berrange berra...@redhat.com
This test case validates the correct generation of SELinux labels
for VMs, wrt the current process label. Since we can't actually
change the label of the test program process, we create a shared
library libsecurityselinuxhelper.so which overrides the
On 08/10/2012 03:20 AM, Stefan Hajnoczi wrote:
On Thu, Aug 09, 2012 at 10:10:44PM -0400, Corey Bryant wrote:
+void qmp_remove_fd(int64_t fdset_id, bool has_fd, int64_t fd, Error **errp)
+{
+MonFdset *mon_fdset;
+MonFdsetFd *mon_fdset_fd;
+char fd_str[20];
+
+
Luiz Capitulino lcapitul...@redhat.com writes:
On Fri, 27 Jul 2012 08:37:13 -0500
Anthony Liguori aligu...@us.ibm.com wrote:
This can be used in conjunction with qom-list-types to determine the
supported
set of devices and their parameters.
Signed-off-by: Anthony Liguori
Luiz Capitulino lcapitul...@redhat.com writes:
On Fri, 27 Jul 2012 08:37:14 -0500
Anthony Liguori aligu...@us.ibm.com wrote:
We've had a cycle to tweak. It is time to commit to supporting them.
qmp_qom_get() and qpm_qom_set() still use the legacy monitor interface, can't
we convert it to
Luiz Capitulino lcapitul...@redhat.com writes:
On Fri, 27 Jul 2012 08:37:15 -0500
Anthony Liguori aligu...@us.ibm.com wrote:
This provides the same output as -M ? but in a structured way.
Signed-off-by: Anthony Liguori aligu...@us.ibm.com
---
qapi-schema.json | 28
Eduardo Habkost ehabk...@redhat.com writes:
On Fri, Jul 27, 2012 at 08:37:18AM -0500, Anthony Liguori wrote:
Signed-off-by: Anthony Liguori aligu...@us.ibm.com
---
target-i386/cpu.c | 22 ++
1 files changed, 22 insertions(+), 0 deletions(-)
diff --git
On Fri, 10 Aug 2012 09:41:20 -0500
Anthony Liguori aligu...@us.ibm.com wrote:
Luiz Capitulino lcapitul...@redhat.com writes:
On Fri, 27 Jul 2012 08:37:15 -0500
Anthony Liguori aligu...@us.ibm.com wrote:
This provides the same output as -M ? but in a structured way.
Signed-off-by:
On 08/10/2012 07:47 AM, Daniel P. Berrange wrote:
From: Daniel P. Berrange berra...@redhat.com
The current virRandomBits() API is only usable if the caller wants
a random number in the range [0, (n-1)] where n is a power of two.
This adds a virRandom() API which works for upper limits which
On Aug 9, 2012, at 3:14 PM, Laine Stump wrote:
On 08/08/2012 03:47 PM, Kyle Mestery wrote:
Add the ability to specify a vlantag parameter for bridge
networks with a virtualport type of openvswitch. This
allows for specifying the port is on a single VLAN, and
should receive untagged traffic
On 08/10/2012 08:17 AM, Corey Bryant wrote:
can be closed. If an fd set has dup() references open, then we
must keep the other fds in the fd set open in case a reopen
of the file occurs that requires an fd with a different access
mode.
Is this right? According to the commit message, the
On 08/09/2012 11:34 PM, Laine Stump wrote:
On 08/09/2012 09:44 AM, Peter Krempa wrote:
On 08/09/12 15:38, Eric Blake wrote:
On 08/09/2012 07:31 AM, Peter Krempa wrote:
This patch introduces a new error code VIR_ERR_OPERATION_UNSUPPORTED to
mark error messages regarding operations that failed
On Fri, Aug 10, 2012 at 08:58:04AM -0600, Eric Blake wrote:
On 08/10/2012 07:47 AM, Daniel P. Berrange wrote:
From: Daniel P. Berrange berra...@redhat.com
The current virRandomBits() API is only usable if the caller wants
a random number in the range [0, (n-1)] where n is a power of two.
On 08/10/2012 03:43 AM, Martin Kletzander wrote:
I'm still worried about whether 'struct lconv' will compile on mingw.
Then again, any system that lacks localeconf() probably also lacks any
locale that would use ',' for the decimal separator, so maybe
appropriate ifdef protection is all we
On 08/10/2012 11:25 AM, Eric Blake wrote:
On 08/10/2012 08:17 AM, Corey Bryant wrote:
can be closed. If an fd set has dup() references open, then we
must keep the other fds in the fd set open in case a reopen
of the file occurs that requires an fd with a different access
mode.
Is this
On Fri, Aug 10, 2012 at 09:43:21AM -0500, Anthony Liguori wrote:
Eduardo Habkost ehabk...@redhat.com writes:
On Fri, Jul 27, 2012 at 08:37:18AM -0500, Anthony Liguori wrote:
Signed-off-by: Anthony Liguori aligu...@us.ibm.com
---
target-i386/cpu.c | 22 ++
1
On 08/10/2012 09:31 AM, Daniel P. Berrange wrote:
On Fri, Aug 10, 2012 at 08:58:04AM -0600, Eric Blake wrote:
On 08/10/2012 07:47 AM, Daniel P. Berrange wrote:
From: Daniel P. Berrange berra...@redhat.com
The current virRandomBits() API is only usable if the caller wants
a random number in
Luiz Capitulino lcapitul...@redhat.com writes:
On Fri, 10 Aug 2012 09:41:20 -0500
Anthony Liguori aligu...@us.ibm.com wrote:
Luiz Capitulino lcapitul...@redhat.com writes:
On Fri, 27 Jul 2012 08:37:15 -0500
Anthony Liguori aligu...@us.ibm.com wrote:
This provides the same output as
Am 10.08.2012 04:10, schrieb Corey Bryant:
This patch adds support that enables passing of file descriptors
to the QEMU monitor where they will be stored in specified file
descriptor sets.
A file descriptor set can be used by a client like libvirt to
store file descriptors for the same
On Fri, 10 Aug 2012 11:06:14 -0500
Anthony Liguori aligu...@us.ibm.com wrote:
Luiz Capitulino lcapitul...@redhat.com writes:
On Fri, 10 Aug 2012 09:41:20 -0500
Anthony Liguori aligu...@us.ibm.com wrote:
Luiz Capitulino lcapitul...@redhat.com writes:
On Fri, 27 Jul 2012 08:37:15
This patch series supports the forward mode='hostdev'. The functionality
of this mode is the same as interface type='hostdev' but with the added
benefit of using interface pools.
The patch series also contains a patch to support use of interface names
and PCI device addresses interchangeably in a
Just code movement no functional changes here. This makes the code reusable
Signed-off-by: Shradha Shah ss...@solarflare.com
---
src/network/bridge_driver.c | 86 ++
1 files changed, 53 insertions(+), 33 deletions(-)
diff --git
Refactoring existing code without causing any functional changes to prepare for
new code.
This patch makes the code reusable.
Signed-off-by: Shradha Shah ss...@solarflare.com
---
include/libvirt/virterror.h |1 +
src/Makefile.am |6 ++-
src/conf/device_conf.c | 135
This patch introduces the new forward mode='hostdev' along with attribute
managed
Includes updates to the network RNG and new xml parser/formatter code.
Signed-off-by: Shradha Shah ss...@solarflare.com
---
docs/schemas/network.rng | 82 +++--
The parent type for hostdev hybrid needs to be VIR_DOMAIN_DEVICE_NONE as the
device is passed into
the guest as a PCI Device.
In order to store the information of the NETDEV that is the parent of the
HOSTDEV in question we
use a new variable actualParent. This variable also helps during VF MAC
This patch updates the network driver to properly utilize the new
attributes/elements that are now in virNetworkDef
Signed-off-by: Shradha Shah ss...@solarflare.com
---
docs/formatnetwork.html.in | 62 +++
src/network/bridge_driver.c | 237 ++
Signed-off-by: Shradha Shah ss...@solarflare.com
---
src/qemu/qemu_command.c | 27 +++
1 files changed, 27 insertions(+), 0 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 6f6c6cd..bb66364 100644
--- a/src/qemu/qemu_command.c
+++
This patch introduces the new interface type='hostdev-hybrid' along with
attribute managed
Includes updates to the domain RNG and new xml parser/formatter code.
---
docs/formatdomain.html.in | 29 ++
docs/schemas/domaincommon.rng | 50
This patch introduces the new forward mode='hostdev-hybrid' along with
attribute managed
Includes updates to the network RNG and new xml parser/formatter code.
---
docs/schemas/network.rng |1 +
src/conf/network_conf.c | 12
In this mode the guest contains a Virtual network device along with a
SRIOV VF passed through to the guest as a pci device.
---
src/conf/domain_conf.c | 37 +++--
src/conf/domain_conf.h |5 +
src/libvirt_private.syms |1 +
src/util/pci.c
The network pool should be able to keep track of both, network device
names nad PCI addresses, and return the appropriate one in the actualDevice
when networkAllocateActualDevice is called.
Signed-off-by: Shradha Shah ss...@solarflare.com
---
src/network/bridge_driver.c | 33
---
src/conf/domain_conf.c| 24 +++-
src/qemu/qemu_domain.c|6 +-
src/qemu/qemu_domain.h|3 ++-
src/qemu/qemu_driver.c|6 +++---
src/qemu/qemu_hostdev.c |6 ++
src/qemu/qemu_migration.c |4 ++--
6 files changed, 37 insertions(+),
The ephemeral flag is checked along with the hostdev parent type before
freeing a hostdev.
Additionally Hostdev-Hybrid mode supports live migration with PCI
Passthrough. Ephemeral flag plays a very important role in the upcoming
migration suppot patch.
---
include/libvirt/libvirt.h.in |1 +
---
src/qemu/qemu_command.c | 59 +++
src/qemu/qemu_hotplug.c | 23 --
src/qemu/qemu_process.c |3 +-
3 files changed, 81 insertions(+), 4 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index
This patch uses the ephemeral flag to prevent the hybrid hostdev from
being formatted into the xml.
Before migration the hybrid hostdev is hot unplugged and hotplugged
again after migration is the specific hostdev is available on the
destination host.
---
src/qemu/qemu_migration.c | 102
This patch updates the network driver to properly utilize the new
attributes/elements that are now in virNetworkDef
---
src/network/bridge_driver.c | 139 +-
1 files changed, 122 insertions(+), 17 deletions(-)
diff --git a/src/network/bridge_driver.c
Am 10.08.2012 04:10, schrieb Corey Bryant:
When qemu_open is passed a filename of the /dev/fdset/nnn
format (where nnn is the fdset ID), an fd with matching access
mode flags will be searched for within the specified monitor
fd set. If the fd is found, a dup of the fd will be returned
from
Am 10.08.2012 04:10, schrieb Corey Bryant:
libvirt's sVirt security driver provides SELinux MAC isolation for
Qemu guest processes and their corresponding image files. In other
words, sVirt uses SELinux to prevent a QEMU process from opening
files that do not belong to it.
sVirt provides
Eduardo Habkost ehabk...@redhat.com writes:
On Fri, Aug 10, 2012 at 09:43:21AM -0500, Anthony Liguori wrote:
Eduardo Habkost ehabk...@redhat.com writes:
On Fri, Jul 27, 2012 at 08:37:18AM -0500, Anthony Liguori wrote:
Signed-off-by: Anthony Liguori aligu...@us.ibm.com
---
On 08/10/2012 12:08 PM, Kevin Wolf wrote:
Am 10.08.2012 04:10, schrieb Corey Bryant:
This patch adds support that enables passing of file descriptors
to the QEMU monitor where they will be stored in specified file
descriptor sets.
A file descriptor set can be used by a client like libvirt to
On Fri, Aug 10, 2012 at 11:37:30AM -0500, Anthony Liguori wrote:
Eduardo Habkost ehabk...@redhat.com writes:
On Fri, Aug 10, 2012 at 09:43:21AM -0500, Anthony Liguori wrote:
Eduardo Habkost ehabk...@redhat.com writes:
On Fri, Jul 27, 2012 at 08:37:18AM -0500, Anthony Liguori wrote:
On 08/10/2012 12:34 PM, Kevin Wolf wrote:
Am 10.08.2012 04:10, schrieb Corey Bryant:
When qemu_open is passed a filename of the /dev/fdset/nnn
format (where nnn is the fdset ID), an fd with matching access
mode flags will be searched for within the specified monitor
fd set. If the fd is
On 08/10/2012 12:36 PM, Kevin Wolf wrote:
Am 10.08.2012 04:10, schrieb Corey Bryant:
libvirt's sVirt security driver provides SELinux MAC isolation for
Qemu guest processes and their corresponding image files. In other
words, sVirt uses SELinux to prevent a QEMU process from opening
files
On 08/10/2012 12:56 PM, Corey Bryant wrote:
On 08/10/2012 12:34 PM, Kevin Wolf wrote:
Am 10.08.2012 04:10, schrieb Corey Bryant:
When qemu_open is passed a filename of the /dev/fdset/nnn
format (where nnn is the fdset ID), an fd with matching access
mode flags will be searched for within
Eduardo Habkost ehabk...@redhat.com writes:
On Fri, Aug 10, 2012 at 11:37:30AM -0500, Anthony Liguori wrote:
Eduardo Habkost ehabk...@redhat.com writes:
- add machine-type-specific cpudef compatibility changes?
I think we've discussed this in IRC. I don't think we need to worry
about
On Fri, Aug 10, 2012 at 12:09:44PM -0500, Anthony Liguori wrote:
Eduardo Habkost ehabk...@redhat.com writes:
On Fri, Aug 10, 2012 at 11:37:30AM -0500, Anthony Liguori wrote:
Eduardo Habkost ehabk...@redhat.com writes:
- add machine-type-specific cpudef compatibility changes?
I
On 08/10/2012 10:06 AM, Eric Blake wrote:
The alternative I wanted to use was drand48_t() which returns a double
drand48_r
in the range 0.0 - 1.0, with 48 bits of entropy. You could multiply by
'max', and cast to int. But this isn't portable and is not fixed by
GNULIB.
Might not be too
On 08/10/2012 07:47 AM, Daniel P. Berrange wrote:
From: Daniel P. Berrange berra...@redhat.com
The security_manager.h header is not self-contained because it
uses the virDomainDefPtr without first including domain_conf.h
Signed-off-by: Daniel P. Berrange berra...@redhat.com
---
On 08/10/2012 07:47 AM, Daniel P. Berrange wrote:
From: Daniel P. Berrange berra...@redhat.com
There is currently no way to distinguish the case that a requested
security driver was disabled, from the case where no security driver
was available. Use VIR_ERR_CONFIG_UNSUPPORTED as the error
On 08/10/2012 07:47 AM, Daniel P. Berrange wrote:
From: Daniel P. Berrange berra...@redhat.com
The virSecuritySELinuxGenNewContext method was not reporting any
errors, leaving it upto the caller to report a generic error.
s/upto/up to/
In addition it could potentially trigger a
From: Daniel P. Berrange berra...@redhat.com
The way LIBVIRT_VERSION_INFO is calculated has a timebomb that
will cause us to accidentally break soname when we change the
major version number to a non-zero value !
Given CURRENT:REVISION:AGE, libtool will generate
On 08/10/2012 11:51 AM, Daniel P. Berrange wrote:
From: Daniel P. Berrange berra...@redhat.com
The way LIBVIRT_VERSION_INFO is calculated has a timebomb that
will cause us to accidentally break soname when we change the
major version number to a non-zero value !
Given
On 08/10/2012 11:21 AM, Kyle Mestery (kmestery) wrote:
On Aug 9, 2012, at 3:14 PM, Laine Stump wrote:
On 08/08/2012 03:47 PM, Kyle Mestery wrote:
Add the ability to specify a vlantag parameter for bridge
networks with a virtualport type of openvswitch. This
allows for specifying the port is
On Fri, Aug 10, 2012 at 10:21 AM, Kyle Mestery (kmestery)
kmest...@cisco.com wrote:
Those cases both look good. I think the formatting works just fine for
virtualport type=openvswitch as well, something like this:
Single VLAN (no trunk):
interface type='bridge'
mac
On 08/10/2012 07:48 AM, Daniel P. Berrange wrote:
From: Daniel P. Berrange berra...@redhat.com
When generating an SELinux context for a VM from the template
system_u:system_r:svirt_t:s0, copy the role + user from the
current process instead of the template context. So if the
current process
On 08/10/2012 07:48 AM, Daniel P. Berrange wrote:
From: Daniel P. Berrange berra...@redhat.com
The code for picking a MCS label is about to get significantly
more complicated, so it deserves to be in a standlone method,
instead of a switch/case body.
Signed-off-by: Daniel P. Berrange
On 08/10/2012 07:48 AM, Daniel P. Berrange wrote:
From: Daniel P. Berrange berra...@redhat.com
Currently the dynamic label generation code will create labels
with a sensitivity of s0, and a category pair in the range
0-1023. This is fine when running a standard MCS policy because
libvirtd
libvirt_qemu_probes.stp stopped working after switching to a build
that used --with-driver-modules. This was because the symbols listed
int libvirt_qemu_probes.stp are no longer in $(bindir)/libvirtd, but
are now in $(libdir)/connection-driver/libvirt_driver_qemu.so.
This patch enhances
On 08/10/2012 03:29 PM, Laine Stump wrote:
libvirt_qemu_probes.stp stopped working after switching to a build
that used --with-driver-modules. This was because the symbols listed
int libvirt_qemu_probes.stp are no longer in $(bindir)/libvirtd, but
are now in
On 08/10/2012 03:59 PM, Dennis Jenkins wrote:
On Fri, Aug 10, 2012 at 10:21 AM, Kyle Mestery (kmestery)
kmest...@cisco.com wrote:
Those cases both look good. I think the formatting works just fine for
virtualport type=openvswitch as well, something like this:
Single VLAN (no trunk):
On 08/10/2012 07:48 AM, Daniel P. Berrange wrote:
From: Daniel P. Berrange berra...@redhat.com
This test case validates the correct generation of SELinux labels
for VMs, wrt the current process label. Since we can't actually
change the label of the test program process, we create a shared
On 08/10/2012 08:58 AM, Eric Blake wrote:
On 08/10/2012 07:47 AM, Daniel P. Berrange wrote:
From: Daniel P. Berrange berra...@redhat.com
The current virRandomBits() API is only usable if the caller wants
a random number in the range [0, (n-1)] where n is a power of two.
This adds a
On 08/10/2012 05:38 PM, Eric Blake wrote:
ACK.
Pushed. Thanks!
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
83 matches
Mail list logo