[libvirt] [PATCH] esx: Explictly declare VMX file content as UTF-8
--- src/esx/esx_vmx.c |3 +++ tests/xml2vmxdata/xml2vmx-annotation.vmx |1 + tests/xml2vmxdata/xml2vmx-cdrom-ide-device.vmx |1 + tests/xml2vmxdata/xml2vmx-cdrom-ide-file.vmx |1 + tests/xml2vmxdata/xml2vmx-cdrom-scsi-device.vmx|1 + tests/xml2vmxdata/xml2vmx-cdrom-scsi-file.vmx |1 + tests/xml2vmxdata/xml2vmx-esx-in-the-wild-1.vmx|1 + tests/xml2vmxdata/xml2vmx-esx-in-the-wild-2.vmx|1 + tests/xml2vmxdata/xml2vmx-esx-in-the-wild-3.vmx|1 + tests/xml2vmxdata/xml2vmx-esx-in-the-wild-4.vmx|1 + tests/xml2vmxdata/xml2vmx-ethernet-bridged.vmx |1 + tests/xml2vmxdata/xml2vmx-ethernet-custom.vmx |1 + tests/xml2vmxdata/xml2vmx-ethernet-e1000.vmx |1 + tests/xml2vmxdata/xml2vmx-ethernet-generated.vmx |1 + tests/xml2vmxdata/xml2vmx-ethernet-other.vmx |1 + tests/xml2vmxdata/xml2vmx-ethernet-static.vmx |1 + tests/xml2vmxdata/xml2vmx-ethernet-vmxnet2.vmx |1 + tests/xml2vmxdata/xml2vmx-ethernet-vpx.vmx |1 + tests/xml2vmxdata/xml2vmx-floppy-device.vmx|1 + tests/xml2vmxdata/xml2vmx-floppy-file.vmx |1 + tests/xml2vmxdata/xml2vmx-graphics-vnc.vmx |1 + tests/xml2vmxdata/xml2vmx-gsx-in-the-wild-1.vmx|1 + tests/xml2vmxdata/xml2vmx-gsx-in-the-wild-2.vmx|1 + tests/xml2vmxdata/xml2vmx-gsx-in-the-wild-3.vmx|1 + tests/xml2vmxdata/xml2vmx-gsx-in-the-wild-4.vmx|1 + tests/xml2vmxdata/xml2vmx-harddisk-ide-file.vmx|1 + tests/xml2vmxdata/xml2vmx-harddisk-scsi-file.vmx |1 + tests/xml2vmxdata/xml2vmx-minimal-64bit.vmx|1 + tests/xml2vmxdata/xml2vmx-minimal.vmx |1 + tests/xml2vmxdata/xml2vmx-parallel-device.vmx |1 + tests/xml2vmxdata/xml2vmx-parallel-file.vmx|1 + tests/xml2vmxdata/xml2vmx-scsi-driver.vmx |1 + tests/xml2vmxdata/xml2vmx-scsi-writethrough.vmx|1 + tests/xml2vmxdata/xml2vmx-serial-device.vmx|1 + tests/xml2vmxdata/xml2vmx-serial-file.vmx |1 + .../xml2vmxdata/xml2vmx-serial-network-client.vmx |1 + .../xml2vmxdata/xml2vmx-serial-network-server.vmx |1 + tests/xml2vmxdata/xml2vmx-serial-pipe.vmx |1 + 38 files changed, 40 insertions(+), 0 deletions(-) diff --git a/src/esx/esx_vmx.c b/src/esx/esx_vmx.c index e17e1e7..7dc8e60 100644 --- a/src/esx/esx_vmx.c +++ b/src/esx/esx_vmx.c @@ -2475,6 +2475,9 @@ esxVMX_FormatConfig(esxVMX_Context *ctx, virCapsPtr caps, virDomainDefPtr def, return NULL; } +/* vmx:.encoding */ +virBufferAddLit(buffer, .encoding = \UTF-8\\n); + /* vmx:config.version */ virBufferAddLit(buffer, config.version = \8\\n); diff --git a/tests/xml2vmxdata/xml2vmx-annotation.vmx b/tests/xml2vmxdata/xml2vmx-annotation.vmx index 5754c31..3a3e0c9 100644 --- a/tests/xml2vmxdata/xml2vmx-annotation.vmx +++ b/tests/xml2vmxdata/xml2vmx-annotation.vmx @@ -1,3 +1,4 @@ +.encoding = UTF-8 config.version = 8 virtualHW.version = 4 guestOS = other diff --git a/tests/xml2vmxdata/xml2vmx-cdrom-ide-device.vmx b/tests/xml2vmxdata/xml2vmx-cdrom-ide-device.vmx index 2db1bcb..13b91b4 100644 --- a/tests/xml2vmxdata/xml2vmx-cdrom-ide-device.vmx +++ b/tests/xml2vmxdata/xml2vmx-cdrom-ide-device.vmx @@ -1,3 +1,4 @@ +.encoding = UTF-8 config.version = 8 virtualHW.version = 4 guestOS = other diff --git a/tests/xml2vmxdata/xml2vmx-cdrom-ide-file.vmx b/tests/xml2vmxdata/xml2vmx-cdrom-ide-file.vmx index 1adf995..d9b602d 100644 --- a/tests/xml2vmxdata/xml2vmx-cdrom-ide-file.vmx +++ b/tests/xml2vmxdata/xml2vmx-cdrom-ide-file.vmx @@ -1,3 +1,4 @@ +.encoding = UTF-8 config.version = 8 virtualHW.version = 4 guestOS = other diff --git a/tests/xml2vmxdata/xml2vmx-cdrom-scsi-device.vmx b/tests/xml2vmxdata/xml2vmx-cdrom-scsi-device.vmx index d7f1201..705b31b 100644 --- a/tests/xml2vmxdata/xml2vmx-cdrom-scsi-device.vmx +++ b/tests/xml2vmxdata/xml2vmx-cdrom-scsi-device.vmx @@ -1,3 +1,4 @@ +.encoding = UTF-8 config.version = 8 virtualHW.version = 4 guestOS = other diff --git a/tests/xml2vmxdata/xml2vmx-cdrom-scsi-file.vmx b/tests/xml2vmxdata/xml2vmx-cdrom-scsi-file.vmx index bc6d0f7..178f1e1 100644 --- a/tests/xml2vmxdata/xml2vmx-cdrom-scsi-file.vmx +++ b/tests/xml2vmxdata/xml2vmx-cdrom-scsi-file.vmx @@ -1,3 +1,4 @@ +.encoding = UTF-8 config.version = 8 virtualHW.version = 4 guestOS = other diff --git a/tests/xml2vmxdata/xml2vmx-esx-in-the-wild-1.vmx b/tests/xml2vmxdata/xml2vmx-esx-in-the-wild-1.vmx index 5e78a3b..e72ca80 100644 --- a/tests/xml2vmxdata/xml2vmx-esx-in-the-wild-1.vmx +++ b/tests/xml2vmxdata/xml2vmx-esx-in-the-wild-1.vmx @@ -1,3 +1,4 @@ +.encoding = UTF-8 config.version = 8 virtualHW.version = 4 guestOS = other diff --git a/tests/xml2vmxdata/xml2vmx-esx-in-the-wild-2.vmx b/tests/xml2vmxdata/xml2vmx-esx-in-the-wild-2.vmx index 44db410..68f069b 100644 ---
[libvirt] [PATCH] qemu: Prohibit migration of guests with host devices
Explicitly raising a nice error in the case user tries to migrate a
guest with assigned host devices is much better than waiting for a
mysterious error with no clue for the reason.
---
src/qemu/qemu_driver.c | 19 +++
1 files changed, 19 insertions(+), 0 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index f68995f..16f34f7 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -10380,6 +10380,19 @@ static void qemuDomainEventQueue(struct qemud_driver
*driver,
/* Migration support. */
+static bool ATTRIBUTE_NONNULL(1)
+qemuDomainIsMigratable(virDomainDefPtr def)
+{
+if (def-nhostdevs 0) {
+qemuReportError(VIR_ERR_OPERATION_INVALID,
+_(Domain with assigned host devices cannot be migrated));
+return false;
+}
+
+return true;
+}
+
+
/* Tunnelled migration stream support */
struct qemuStreamMigFile {
int fd;
@@ -10709,6 +10722,9 @@ qemudDomainMigratePrepareTunnel(virConnectPtr dconn,
goto cleanup;
}
+if (!qemuDomainIsMigratable(def))
+goto cleanup;
+
/* Target domain name, maybe renamed. */
if (dname) {
VIR_FREE(def-name);
@@ -10976,6 +10992,9 @@ qemudDomainMigratePrepare2 (virConnectPtr dconn,
goto cleanup;
}
+if (!qemuDomainIsMigratable(def))
+goto cleanup;
+
/* Target domain name, maybe renamed. */
if (dname) {
VIR_FREE(def-name);
--
1.7.3.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] esx: Handle name escaping properly
On Wed, Oct 13, 2010 at 10:47:57PM +0200, Matthias Bolte wrote:
2010/10/13 Daniel Veillard veill...@redhat.com:
On Wed, Oct 13, 2010 at 11:06:44AM +0200, Matthias Bolte wrote:
VMware uses a mix of percent-, pipe- and base64-encoding in
different combinations in different places.
Add a testcase for this.
---
src/esx/README | 25
src/esx/esx_driver.c | 72 ++-
src/esx/esx_storage_driver.c | 42 ++-
src/esx/esx_util.c | 198
++
src/esx/esx_util.h | 18 +++
src/esx/esx_vi.c | 6 +
src/esx/esx_vmx.c | 88 +-
tests/esxutilstest.c | 51
tests/xml2vmxdata/xml2vmx-annotation.vmx | 2 +-
9 files changed, 405 insertions(+), 97 deletions(-)
That sounds vaguely familiar, I think I reviewed such a patch last
month, right ?
I've sworn about this on IRC last week, so that's probably why it
sounds familiar to you :)
hum, maybe I got confused then ...
+static struct testDatastoreItem datastoreItems[] = {
+{ normal, normal },
+{ /* Aä1ö2ü3ß4#5~6!7§8/9%Z */
+ A\303\2441\303\2662\303\2743\303\2374#5~6!7\302\2478/9%Z,
+ A+w6Q-1+w7Y-2+w7w-3+w58-4+Iw-5+fg-6+IQ-7+wqc-8+JQ-2f9+JQ-25Z },
+{ /* Z~6!7§8/9%0#1\2'3`4A */ Z~6!7\302\2478/9%0#1\2'3`4A,
+ Z+fg-6+IQ-7+wqc-8+JQ-2f9+JQ-250+Iw-1_2'3+YA-4+Jg-A },
+{ /* 標準語 */ \346\250\231\346\272\226\350\252\236, +5qiZ5rqW6Kqe },
+{ !\#$%'()*+,-./0123456789:;=?,
+ +IQ-_+IyQl-25+Jg-'()_+Kw-,-.+JQ-2f0123456789_+Ow-_+PQ-__ },
+{ A Z[\\]^_B, A Z+WyU-5c+XV4-_B },
+{ a...@{|}~DEL, A+YA-B+QHs-_+fX4-DEL },
+{ /* hÀÁÂÃÄÅH */ h\303\200\303\201\303\202\303\203\303\204\303\205H,
+ h+w4DDgcOCw4PDhMOF-H },
+{ /* A쿀Z */ A\354\277\200Z, A+7L+A-Z },
+{ /* !쿀A */ !\354\277\200A, +Iey,gA-A },
+{ ~~~, +fn5+ },
+{ ~~~A, +fn5+-A },
+{ K%U/H\\Z, K+JQ-25U+JQ-2fH+JQ-5cZ },
+{ vvvA\B\Czzz, vvv_A_B_C_zzz },
+};
I assume in comments it's harmless, so ACK :-)
thanks !
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 0/2] tests: Make debuging 'make check' failures easier
Jiri Denemark (2):
tests: Do not override LIBVIRT_DEBUG variable
tests: Honor LIBVIRT_{DEBUG,LOG_*} variables
ACK series.
Thanks, pushed.
Jirka
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] cpu: Fix vendor for recent CPU models
Recent CPU models were specified using invalid vendor element vendorNAME/vendor, which was silently ignored due to a bug in the code which was parsing it. ACK. Thanks, pushed. Jirka -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] cpu: Use vendor in baseline CPU only if all hosts use it
When only some host CPUs given to cpuBaseline containvendor element, baseline CPU should not contain it. Otherwise the result would not be compatible with the host CPUs without vendor. CPU vendors are still taken into account when computing baseline CPU, it's just removed from the result. ACK. Thanks, pushed. Jirka -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v3] Added new attribute mount_security to filesystem element
On Thu, Oct 14, 2010 at 11:00:24AM +0530, Harsh Bora wrote: On 10/13/2010 09:22 PM, Matthias Bolte wrote: 2010/10/11 Harsh Prateek Boraha...@linux.vnet.ibm.com: This patch introduces new attribute to filesystem element to support customizable security for mount type. Valid mount_security are: passthrough and mapped. Usage: filesystem type='mount' mount_security='passthrough' source dir='/export/to/guest'/ target dir='mount_tag'/ /filesystem Here is the detailed explanation on these security models: Security model: mapped -- Fileserver intercepts and maps all the file object create requests. Files on the fileserver will be created with Fileserver's user credentials and the client-user's credentials are stored in extended attributes. During getattr() server extracts the client-user's credentials from extended attributes and sends to the client. This adds a great deal of security in the cloud environments where the guest's(client) user space is kept completely isolated from host's user space. Security model : passthrough In this security model, Fileserver passes down all requests to the underlying filesystem. File system objects on the fileserver will be created with client-user's credentials. This is done by setting setuid()/setgid() during creation or chmod/chown after file creation. At the end of create protocol request, files on the fileserver will be owned by cleint-user's uid/gid. This model mimic's current NFSv3 level of security. Note: This patch is based on Daniel's patch to support 9pfs. It shall be applied after applying Daniel's patch to support 9pfs. v3: - QEMU cmdline still uses security_model, changes done by mistake reverted. Signed-off-by: Harsh Prateek Boraha...@linux.vnet.ibm.com --- docs/schemas/domain.rng |6 ++ src/conf/domain_conf.c | 29 +++-- src/conf/domain_conf.h | 10 ++ src/qemu/qemu_conf.c|9 +++-- 4 files changed, 50 insertions(+), 4 deletions(-) This patch lacks documentation about the new domain XML attributes in docs/formatdomain.html.in. Hi Matthias, I wanted to put the documentation for the new attributes in the formatdomain.html.in, however, found that we are actually missing the documentation for the filesystem element itself there. I discussed about the same with DV and he suggested to put the documentation text in the patch itself, so that once the documentation for filesystem element is in place, this text can be added to it for the new attributes. Yep, don't worry about the docs, i'll write up full docs for the entire filesystem element. Regards, Daniel -- |: Red Hat, Engineering, London-o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org-o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCHv2] build: fix mingw build
On Thu, Oct 14, 2010 at 03:31:27PM +1100, Justin Clift wrote: On 10/14/2010 09:25 AM, Eric Blake wrote: snip diff --git a/.gnulib b/.gnulib index 2bb63bf..b6d1430 16 --- a/.gnulib +++ b/.gnulib @@ -1 +1 @@ -Subproject commit 2bb63bfb25474ea147ee9f1523c0337997359a4c +Subproject commit b6d1430494cdd252cd52eca6abf88b1a00f6c983 H, this looked a bit weird, so tried the patch: $ git am ../fix_mingw_build.txt Applying: build: fix mingw build warning: unable to rmdir .gnulib: Directory not empty $ Is .gnulib really the right target for changing? Yes, this is one of those bits of GIT black-magic. .gnulib isn't a file, its a checkout of an entire 3rd party GIT repository, at the specified changeset has. Not sure why git am isn't happy about appliny it though. Daniel -- |: Red Hat, Engineering, London-o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org-o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Improve error reporting in test suites
On Wed, Oct 13, 2010 at 11:27:21AM -0600, Eric Blake wrote: On 10/13/2010 08:45 AM, Eric Blake wrote: On 10/13/2010 05:11 AM, Daniel P. Berrange wrote: Before running each test case clear the thread local error indicator. After running each test case, dispatch any error that was reported * tests/testutils.c: Fix error reporting in test suites --- tests/testutils.c | 4 1 files changed, 4 insertions(+), 0 deletions(-) ACK. Hmm, this adds a lot of noise to 'make check': TEST: qemuxml2argvtest ..libvir: QEMU error : unsupported configuration: the QEMU binary /usr/bin/kvm does not support kvm ..libvir: QEMU error : unsupported configuration: the QEMU binary /usr/bin/xenner does not support kvm 40 .libvir: QEMU error : unsupported configuration: the QEMU binary /usr/bin/xenner does not support kvm ... TEST: nwfilterxml2xmltest libvir: Network Filtererror : internal error protocolid has illegal value 15 .libvir: Network Filtererror : internal error opcode has illegal value 65536 .libvir: Network Filtererror : internal error opcode has illegal value 65536 .libvir: Network Filtererror : internal error dscp has illegal value 64 ... It doesn't add any additional failures, but looks ugly. We should probably do something similar to 9e3525df8, by using virtTestLogContentAndReset() in appropriate places to silence tests where we expect an error to be logged, rather than leaking the errors out the testsuite. Hmm, I puzzelled why I didn't notice this :-( I'll investigate, and if there's no easy option, I'll disable this again. Daniel -- |: Red Hat, Engineering, London-o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org-o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCHv2] build: fix mingw build
On 10/14/2010 07:47 PM, Daniel P. Berrange wrote: snip Yes, this is one of those bits of GIT black-magic. .gnulib isn't a file, its a checkout of an entire 3rd party GIT repository, at the specified changeset has. Not sure why git am isn't happy about appliny it though. Yeah. Applying it worked after nuking that dir, then rechecking out the empty .gnulib dir (git checkout -f -- .gnulib). Anyway, sounds this this patch should be ACK. Tested here and it works/compiles on OSX too. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] qemu: Prohibit migration of guests with host devices
On Thu, Oct 14, 2010 at 09:38:27AM +0200, Jiri Denemark wrote: Explicitly raising a nice error in the case user tries to migrate a guest with assigned host devices is much better than waiting for a mysterious error with no clue for the reason. --- src/qemu/qemu_driver.c | 19 +++ 1 files changed, 19 insertions(+), 0 deletions(-) ACK, good idea. Daniel -- |: Red Hat, Engineering, London-o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org-o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Xen string2sexpr and sexpr2string lose quotes?
On Thu, Aug 19, 2010 at 02:53:39PM +0100, Daniel P. Berrange wrote:
On Tue, Aug 17, 2010 at 08:26:09PM -0700, Thomas Graves wrote:
Hello all,
I am running xen on rhel5 and using libvirt0.7.2 (I also tried 0.7.7) and it
looks like the routines string2sexpr and sexpr2string seem to lose the
quotes around the image args in the configuration.
Has anyone seen this and have a patch for this?
I have the following libvirt config:
os
typelinux/type
kernel/usr/lib/xen/boot/pv-grub-x86_64.gz/kernel
cmdline(hd0,0)/grub/menu.lst/cmdline
/os
It generates the xm config info:
(image
(linux
(kernel /usr/lib/xen/boot/pv-grub-x86_64.gz)
(args '(hd0,0)/grub/menu.lst')
(device_model /usr/lib64/xen/bin/qemu-dm)
)
)
I call virDomainSetAutostart on the domain and traced it through and saw
that it gets the string quoted (args '(hd0,0)/grub/menu.lst') from xen then
ends up calling string2sexpr, changes the xend_on_start, and then
sexpr2string, and it ends up without quotes (args (hd0,0)/grub/menu.lst) and
that is what it sends back to xen. Xen then seems to chop it off to (args
('hd0,0'))
Try adding this patch to sexpr2string
index 7e370db..df7057e 100644
--- a/src/xen/sexpr.c
+++ b/src/xen/sexpr.c
@@ -244,7 +244,9 @@ sexpr2string(const struct sexpr * sexpr, char *buffer,
size_t n_buffer)
ret += tmp;
break;
case SEXPR_VALUE:
-if (strchr(sexpr-u.value, ' '))
+if (strchr(sexpr-u.value, ' ') ||
+strchr(sexpr-u.value, ')') ||
+strchr(sexpr-u.value, '('))
tmp = snprintf(buffer + ret, n_buffer - ret, '%s',
sexpr-u.value);
else
Okay, I see this has been commited now,
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCHv2] build: fix mingw build
On Wed, Oct 13, 2010 at 04:25:45PM -0600, Eric Blake wrote: * .gnulib: Update to latest, for termios fix. * configure.ac (AC_CHECK_HEADERS): Drop redundent check. Reported by Daniel P. Berrange. --- This fixes the problem in a more maintainable manner. Tested via ./autobuild.sh on a Fedora host with mingw cross-compiler. * .gnulib 2bb63bf...b6d1430 (32): termios: fix compilation on mingw git-version-gen: don't require that .git/ be in the current dir test-select: avoid warn_unused_result warnings test-symlinkat: remove declaration of unused local test-inttostr: avoid shadowing warnings stdlib: Allow multiple gnulib generated replacements to coexist. fix a documentation typo futimens: work around Solaris 11 bug Indentation. test-futimens: avoid unwarranted test failure on Solaris 5.11 Indentation. spawn.in.h: make indentation consistent with parentheses Fix mismatched parens in previous commit rewrite int foo[2*X-1] to verify(X) or to int foo[X?1:-1] prefer (X ? 1 : -1) when converting from boolean (1,0) to int (1,-1) autoupdate time: enforce recent POSIX ruling that time_t is integral fdopendir: fix a bug on systems lacking openat and /proc support sys_select: Avoid warning due to undeclared memset() on OpenBSD 4.5. nanosleep: Make replacement POSIX compliant. bootstrap: add hook for altering gnulib.mk, for Bison bootstrap: reformat for readability docs: update cygwin progress autoupdate parse-datetime: avoid compilation failure on OpenBSD 4.7 docs: update cygwin progress docs: update parse-datetime history cygwin: use more robust version check string, sys_select: Avoid #including large headers unless necessary. memmem, strstr, strcasestr: fix bug with long periodic needle maint: fix order of ChangeLog entries parse-datetime: do some more renaming .gnulib |2 +- configure.ac |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gnulib b/.gnulib index 2bb63bf..b6d1430 16 --- a/.gnulib +++ b/.gnulib @@ -1 +1 @@ -Subproject commit 2bb63bfb25474ea147ee9f1523c0337997359a4c +Subproject commit b6d1430494cdd252cd52eca6abf88b1a00f6c983 diff --git a/configure.ac b/configure.ac index bd92b65..b868e50 100644 --- a/configure.ac +++ b/configure.ac @@ -109,7 +109,7 @@ LIBS=$old_libs dnl Availability of various common headers (non-fatal if missing). AC_CHECK_HEADERS([pwd.h paths.h regex.h sys/syslimits.h \ - termios.h sys/poll.h syslog.h mntent.h net/ethernet.h linux/magic.h]) + sys/poll.h syslog.h mntent.h net/ethernet.h linux/magic.h]) AC_CHECK_LIB([intl],[gettext],[]) ACK, Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] esx: Explictly declare VMX file content as UTF-8
On Thu, Oct 14, 2010 at 08:59:18AM +0200, Matthias Bolte wrote: --- src/esx/esx_vmx.c |3 +++ tests/xml2vmxdata/xml2vmx-annotation.vmx |1 + tests/xml2vmxdata/xml2vmx-cdrom-ide-device.vmx |1 + tests/xml2vmxdata/xml2vmx-cdrom-ide-file.vmx |1 + tests/xml2vmxdata/xml2vmx-cdrom-scsi-device.vmx|1 + tests/xml2vmxdata/xml2vmx-cdrom-scsi-file.vmx |1 + tests/xml2vmxdata/xml2vmx-esx-in-the-wild-1.vmx|1 + tests/xml2vmxdata/xml2vmx-esx-in-the-wild-2.vmx|1 + tests/xml2vmxdata/xml2vmx-esx-in-the-wild-3.vmx|1 + tests/xml2vmxdata/xml2vmx-esx-in-the-wild-4.vmx|1 + tests/xml2vmxdata/xml2vmx-ethernet-bridged.vmx |1 + tests/xml2vmxdata/xml2vmx-ethernet-custom.vmx |1 + tests/xml2vmxdata/xml2vmx-ethernet-e1000.vmx |1 + tests/xml2vmxdata/xml2vmx-ethernet-generated.vmx |1 + tests/xml2vmxdata/xml2vmx-ethernet-other.vmx |1 + tests/xml2vmxdata/xml2vmx-ethernet-static.vmx |1 + tests/xml2vmxdata/xml2vmx-ethernet-vmxnet2.vmx |1 + tests/xml2vmxdata/xml2vmx-ethernet-vpx.vmx |1 + tests/xml2vmxdata/xml2vmx-floppy-device.vmx|1 + tests/xml2vmxdata/xml2vmx-floppy-file.vmx |1 + tests/xml2vmxdata/xml2vmx-graphics-vnc.vmx |1 + tests/xml2vmxdata/xml2vmx-gsx-in-the-wild-1.vmx|1 + tests/xml2vmxdata/xml2vmx-gsx-in-the-wild-2.vmx|1 + tests/xml2vmxdata/xml2vmx-gsx-in-the-wild-3.vmx|1 + tests/xml2vmxdata/xml2vmx-gsx-in-the-wild-4.vmx|1 + tests/xml2vmxdata/xml2vmx-harddisk-ide-file.vmx|1 + tests/xml2vmxdata/xml2vmx-harddisk-scsi-file.vmx |1 + tests/xml2vmxdata/xml2vmx-minimal-64bit.vmx|1 + tests/xml2vmxdata/xml2vmx-minimal.vmx |1 + tests/xml2vmxdata/xml2vmx-parallel-device.vmx |1 + tests/xml2vmxdata/xml2vmx-parallel-file.vmx|1 + tests/xml2vmxdata/xml2vmx-scsi-driver.vmx |1 + tests/xml2vmxdata/xml2vmx-scsi-writethrough.vmx|1 + tests/xml2vmxdata/xml2vmx-serial-device.vmx|1 + tests/xml2vmxdata/xml2vmx-serial-file.vmx |1 + .../xml2vmxdata/xml2vmx-serial-network-client.vmx |1 + .../xml2vmxdata/xml2vmx-serial-network-server.vmx |1 + tests/xml2vmxdata/xml2vmx-serial-pipe.vmx |1 + 38 files changed, 40 insertions(+), 0 deletions(-) diff --git a/src/esx/esx_vmx.c b/src/esx/esx_vmx.c index e17e1e7..7dc8e60 100644 --- a/src/esx/esx_vmx.c +++ b/src/esx/esx_vmx.c @@ -2475,6 +2475,9 @@ esxVMX_FormatConfig(esxVMX_Context *ctx, virCapsPtr caps, virDomainDefPtr def, return NULL; } +/* vmx:.encoding */ +virBufferAddLit(buffer, .encoding = \UTF-8\\n); + /* vmx:config.version */ virBufferAddLit(buffer, config.version = \8\\n); Good idea ! Nice that they though about the need for an encoding there, ACK Now the question is do we check for encoding when reading a vmx ? Some iconv (or maybe we can reuse libxml2 conversion functions) might be in order. Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] qemu: Prohibit migration of guests with host devices
On Thu, Oct 14, 2010 at 09:59:18AM +0100, Daniel P. Berrange wrote: On Thu, Oct 14, 2010 at 09:38:27AM +0200, Jiri Denemark wrote: Explicitly raising a nice error in the case user tries to migrate a guest with assigned host devices is much better than waiting for a mysterious error with no clue for the reason. --- src/qemu/qemu_driver.c | 19 +++ 1 files changed, 19 insertions(+), 0 deletions(-) ACK, good idea. yup, ACK However over long term this may have to be revisited, I have heard about attempts to work around that limitation, but in the current state that's the right thing to do :-) Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] qemu: Prohibit migration of guests with host devices
Explicitly raising a nice error in the case user tries to migrate a guest with assigned host devices is much better than waiting for a mysterious error with no clue for the reason. ACK, good idea. Thanks, pushed. Jirka -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] qemu: Prohibit migration of guests with host devices
On Thu, Oct 14, 2010 at 11:45:37AM +0200, Daniel Veillard wrote: On Thu, Oct 14, 2010 at 09:59:18AM +0100, Daniel P. Berrange wrote: On Thu, Oct 14, 2010 at 09:38:27AM +0200, Jiri Denemark wrote: Explicitly raising a nice error in the case user tries to migrate a guest with assigned host devices is much better than waiting for a mysterious error with no clue for the reason. --- src/qemu/qemu_driver.c | 19 +++ 1 files changed, 19 insertions(+), 0 deletions(-) ACK, good idea. yup, ACK However over long term this may have to be revisited, I have heard about attempts to work around that limitation, but in the current state that's the right thing to do :-) The workarounds have all be along the lines of 'unplug the device' before and 'plug it back in' afterwards :-) Daniel -- |: Red Hat, Engineering, London-o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org-o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] Improving our ChangeLog format?
Hi all, Noticed an entry in a recent LWN.net article about PostgreSQL's conversion to git. One of the things mentioned sounds relevant to us : Robert Haas has documented how to get commit summaries and sizes from Git. He wrote a perl script (which Tom Lane improved) that allows you to produce a changelog suitable for release notes from Git. http://git.postgresql.org/gitweb?p=postgresql.git;a=blob_plain;f=src/tools/git_changelog;hb=HEAD The changelog mention might be useful for us, as the PostgreSQL changelog looks a bunch more useful than ours. The PostgreSQL ChangeLog: http://www.postgresql.org/docs/9.0/static/release-9-0.html Our ChangeLog: http://libvirt.org/news.html Mentioning this in case anyone has the time/inclination to look into it. Any takers? :) Regards and best wishes, Justin Clift -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Improving our ChangeLog format?
On Thu, Oct 14, 2010 at 08:55:24PM +1100, Justin Clift wrote: Hi all, Noticed an entry in a recent LWN.net article about PostgreSQL's conversion to git. One of the things mentioned sounds relevant to us : Robert Haas has documented how to get commit summaries and sizes from Git. He wrote a perl script (which Tom Lane improved) that allows you to produce a changelog suitable for release notes from Git. http://git.postgresql.org/gitweb?p=postgresql.git;a=blob_plain;f=src/tools/git_changelog;hb=HEAD The changelog mention might be useful for us, as the PostgreSQL changelog looks a bunch more useful than ours. The PostgreSQL ChangeLog: http://www.postgresql.org/docs/9.0/static/release-9-0.html I don't believe that this corresponds to the output of the script you show above. This page is a hand-written change summary. That script above gives formatted commit logs. There's no enough structured info in commit messages to be able to generate a page like the one above. Our ChangeLog: http://libvirt.org/news.html Mentioning this in case anyone has the time/inclination to look into it. Any takers? :) I don't disagree that our news file is somewhat unreadable. We can't automate this though - it needs manual work to create it. Regards, Daniel -- |: Red Hat, Engineering, London-o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org-o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Improving our ChangeLog format?
On 10/14/2010 09:09 PM, Daniel P. Berrange wrote: snip The changelog mention might be useful for us, as the PostgreSQL changelog looks a bunch more useful than ours. The PostgreSQL ChangeLog: http://www.postgresql.org/docs/9.0/static/release-9-0.html I don't believe that this corresponds to the output of the script you show above. This page is a hand-written change summary. That script above gives formatted commit logs. There's no enough structured info in commit messages to be able to generate a page like the one above. Aww rats. :( -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] Added new attribute accessmode to filesystem element
This patch introduces new attribute to filesystem element
to support customizable access mode for mount type.
Valid accessmode are: passthrough, mapped and squash.
Usage:
filesystem type='mount' accessmode='passthrough'
source dir='/export/to/guest'/
target dir='mount_tag'/
/filesystem
Here is the detailed explanation on these access modes:
Access mode: mapped
Fileserver intercepts and maps all the file object create requests.
Files on the fileserver will be created with Fileserver's user credentials
and the
client-user's credentials are stored in extended attributes.
During getattr() server extracts the client-user's credentials from extended
attributes and sends to the client.
This adds a great deal of security in the cloud environments where the
guest's(client) user space is kept completely isolated from host's user
space.
Access mode : passthrough
--
In this security model, Fileserver passes down all requests to the
underlying filesystem. File system objects on the fileserver will be created
with client-user's credentials. This is done by setting setuid()/setgid()
during creation or chmod/chown after file creation. At the end of create
protocol
request, files on the fileserver will be owned by cleint-user's uid/gid.
This model mimic's current NFSv3 level of security.
Access mode: squash
In 'squash' mode, the (filesystem) server attempts to preserve user/group
ownership from guest, however:
- If the server is running as root this mode is equivalent to passthrough.
- If the server is running as non-root, all files just have uid/gid matching
the server process.
Note: This patch is based on Daniel's patch to support 9pfs.
It shall be applied after applying Daniel's patch to support 9pfs.
Signed-off-by: Harsh Prateek Bora ha...@linux.vnet.ibm.com
---
docs/schemas/domain.rng |7 +++
src/conf/domain_conf.c | 30 --
src/conf/domain_conf.h | 11 +++
src/qemu/qemu_conf.c| 10 --
4 files changed, 54 insertions(+), 4 deletions(-)
diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng
index ccb8cf3..c0e5149 100644
--- a/docs/schemas/domain.rng
+++ b/docs/schemas/domain.rng
@@ -761,6 +761,13 @@
/choice
optional
ref name=address/
+attribute name=accessmode
+choice
+ valuepassthrough/value
+ valuemapped/value
+ valuesquash/value
+/choice
+/attribute
/optional
/element
/define
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index e05d5d7..68c8441 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -161,6 +161,12 @@ VIR_ENUM_IMPL(virDomainFS, VIR_DOMAIN_FS_TYPE_LAST,
file,
template)
+VIR_ENUM_IMPL(virDomainFSAccessMode, VIR_DOMAIN_FS_SECURITY_LAST,
+ passthrough,
+ mapped,
+ squash)
+
+
VIR_ENUM_IMPL(virDomainNet, VIR_DOMAIN_NET_TYPE_LAST,
user,
ethernet,
@@ -1847,6 +1853,7 @@ virDomainFSDefParseXML(xmlNodePtr node,
char *type = NULL;
char *source = NULL;
char *target = NULL;
+char *accessmode = NULL;
if (VIR_ALLOC(def) 0) {
virReportOOMError();
@@ -1864,6 +1871,17 @@ virDomainFSDefParseXML(xmlNodePtr node,
def-type = VIR_DOMAIN_FS_TYPE_MOUNT;
}
+accessmode = virXMLPropString(node, accessmode);
+if (accessmode) {
+if ((def-accessmode =
virDomainFSAccessModeTypeFromString(accessmode)) 0) {
+virDomainReportError(VIR_ERR_INTERNAL_ERROR,
+ _(unknown accessmode '%s'), accessmode);
+goto error;
+}
+} else {
+def-accessmode = VIR_DOMAIN_FS_ACCESSMODE_PASSTHROUGH;
+}
+
cur = node-children;
while (cur != NULL) {
if (cur-type == XML_ELEMENT_NODE) {
@@ -5602,6 +5620,7 @@ virDomainFSDefFormat(virBufferPtr buf,
int flags)
{
const char *type = virDomainFSTypeToString(def-type);
+const char *accessmode =
virDomainFSAccessModeTypeToString(def-accessmode);
if (!type) {
virDomainReportError(VIR_ERR_INTERNAL_ERROR,
@@ -5609,9 +5628,16 @@ virDomainFSDefFormat(virBufferPtr buf,
return -1;
}
+ if (!accessmode) {
+virDomainReportError(VIR_ERR_INTERNAL_ERROR,
+ _(unexpected accessmode %d), def-accessmode);
+return -1;
+}
+
+
virBufferVSprintf(buf,
- filesystem type='%s'\n,
- type);
+ filesystem type='%s' accessmode='%s'\n,
+ type, accessmode);
if (def-src) {
switch (def-type) {
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 7195c04..0668ce5 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -236,10 +236,20 @@
Re: [libvirt] Improving our ChangeLog format?
2010/10/14 Daniel P. Berrange berra...@redhat.com: On Thu, Oct 14, 2010 at 08:55:24PM +1100, Justin Clift wrote: Hi all, Noticed an entry in a recent LWN.net article about PostgreSQL's conversion to git. One of the things mentioned sounds relevant to us : Robert Haas has documented how to get commit summaries and sizes from Git. He wrote a perl script (which Tom Lane improved) that allows you to produce a changelog suitable for release notes from Git. http://git.postgresql.org/gitweb?p=postgresql.git;a=blob_plain;f=src/tools/git_changelog;hb=HEAD The changelog mention might be useful for us, as the PostgreSQL changelog looks a bunch more useful than ours. The PostgreSQL ChangeLog: http://www.postgresql.org/docs/9.0/static/release-9-0.html I don't believe that this corresponds to the output of the script you show above. This page is a hand-written change summary. That script above gives formatted commit logs. There's no enough structured info in commit messages to be able to generate a page like the one above. Our ChangeLog: http://libvirt.org/news.html Mentioning this in case anyone has the time/inclination to look into it. Any takers? :) I don't disagree that our news file is somewhat unreadable. We can't automate this though - it needs manual work to create it. We could split the huge comma seperated lists of items per li into a second level of li's to avoid this large blocks of text. Matthias -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Added new attribute accessmode to filesystem element
On Thu, Oct 14, 2010 at 04:24:45PM +0530, Harsh Prateek Bora wrote:
This patch introduces new attribute to filesystem element
to support customizable access mode for mount type.
Valid accessmode are: passthrough, mapped and squash.
Usage:
filesystem type='mount' accessmode='passthrough'
source dir='/export/to/guest'/
target dir='mount_tag'/
/filesystem
Here is the detailed explanation on these access modes:
Access mode: mapped
Fileserver intercepts and maps all the file object create requests.
Files on the fileserver will be created with Fileserver's user credentials
and the
client-user's credentials are stored in extended attributes.
During getattr() server extracts the client-user's credentials from extended
attributes and sends to the client.
This adds a great deal of security in the cloud environments where the
guest's(client) user space is kept completely isolated from host's user
space.
Access mode : passthrough
--
In this security model, Fileserver passes down all requests to the
underlying filesystem. File system objects on the fileserver will be created
with client-user's credentials. This is done by setting setuid()/setgid()
during creation or chmod/chown after file creation. At the end of create
protocol
request, files on the fileserver will be owned by cleint-user's uid/gid.
This model mimic's current NFSv3 level of security.
Access mode: squash
In 'squash' mode, the (filesystem) server attempts to preserve user/group
ownership from guest, however:
- If the server is running as root this mode is equivalent to passthrough.
- If the server is running as non-root, all files just have uid/gid matching
the server process.
Note: This patch is based on Daniel's patch to support 9pfs.
It shall be applied after applying Daniel's patch to support 9pfs.
Signed-off-by: Harsh Prateek Bora ha...@linux.vnet.ibm.com
---
docs/schemas/domain.rng |7 +++
src/conf/domain_conf.c | 30 --
src/conf/domain_conf.h | 11 +++
src/qemu/qemu_conf.c| 10 --
4 files changed, 54 insertions(+), 4 deletions(-)
diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng
index ccb8cf3..c0e5149 100644
--- a/docs/schemas/domain.rng
+++ b/docs/schemas/domain.rng
@@ -761,6 +761,13 @@
/choice
optional
ref name=address/
+attribute name=accessmode
+choice
+ valuepassthrough/value
+ valuemapped/value
+ valuesquash/value
+/choice
+/attribute
/optional
/element
/define
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index e05d5d7..68c8441 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -161,6 +161,12 @@ VIR_ENUM_IMPL(virDomainFS, VIR_DOMAIN_FS_TYPE_LAST,
file,
template)
+VIR_ENUM_IMPL(virDomainFSAccessMode, VIR_DOMAIN_FS_SECURITY_LAST,
+ passthrough,
+ mapped,
+ squash)
+
+
VIR_ENUM_IMPL(virDomainNet, VIR_DOMAIN_NET_TYPE_LAST,
user,
ethernet,
@@ -1847,6 +1853,7 @@ virDomainFSDefParseXML(xmlNodePtr node,
char *type = NULL;
char *source = NULL;
char *target = NULL;
+char *accessmode = NULL;
if (VIR_ALLOC(def) 0) {
virReportOOMError();
@@ -1864,6 +1871,17 @@ virDomainFSDefParseXML(xmlNodePtr node,
def-type = VIR_DOMAIN_FS_TYPE_MOUNT;
}
+accessmode = virXMLPropString(node, accessmode);
+if (accessmode) {
+if ((def-accessmode =
virDomainFSAccessModeTypeFromString(accessmode)) 0) {
+virDomainReportError(VIR_ERR_INTERNAL_ERROR,
+ _(unknown accessmode '%s'), accessmode);
+goto error;
+}
+} else {
+def-accessmode = VIR_DOMAIN_FS_ACCESSMODE_PASSTHROUGH;
+}
+
cur = node-children;
while (cur != NULL) {
if (cur-type == XML_ELEMENT_NODE) {
@@ -5602,6 +5620,7 @@ virDomainFSDefFormat(virBufferPtr buf,
int flags)
{
const char *type = virDomainFSTypeToString(def-type);
+const char *accessmode =
virDomainFSAccessModeTypeToString(def-accessmode);
if (!type) {
virDomainReportError(VIR_ERR_INTERNAL_ERROR,
@@ -5609,9 +5628,16 @@ virDomainFSDefFormat(virBufferPtr buf,
return -1;
}
+ if (!accessmode) {
+virDomainReportError(VIR_ERR_INTERNAL_ERROR,
+ _(unexpected accessmode %d), def-accessmode);
+return -1;
+}
+
+
virBufferVSprintf(buf,
- filesystem type='%s'\n,
- type);
+ filesystem type='%s' accessmode='%s'\n,
+ type, accessmode);
if
[libvirt] [PATCH v2] Added new attribute accessmode to filesystem element
This patch introduces new attribute to filesystem element
to support customizable access mode for mount type.
Valid accessmode are: passthrough, mapped and squash.
Usage:
filesystem type='mount' accessmode='passthrough'
source dir='/export/to/guest'/
target dir='mount_tag'/
/filesystem
Here is the detailed explanation on these access modes:
Access mode: mapped
Fileserver intercepts and maps all the file object create requests.
Files on the fileserver will be created with Fileserver's user credentials
and the
client-user's credentials are stored in extended attributes.
During getattr() server extracts the client-user's credentials from extended
attributes and sends to the client.
This adds a great deal of security in the cloud environments where the
guest's(client) user space is kept completely isolated from host's user
space.
Access mode : passthrough
--
In this security model, Fileserver passes down all requests to the
underlying filesystem. File system objects on the fileserver will be created
with client-user's credentials. This is done by setting setuid()/setgid()
during creation or chmod/chown after file creation. At the end of create
protocol
request, files on the fileserver will be owned by cleint-user's uid/gid.
This model mimic's current NFSv3 level of security.
Access mode: squash
In 'squash' mode, the (filesystem) server attempts to preserve user/group
ownership from guest, however:
- If the server is running as root this mode is equivalent to passthrough.
- If the server is running as non-root, all files just have uid/gid matching
the server process.
Note: This patch is based on Daniel's patch to support 9pfs.
It shall be applied after applying Daniel's patch to support 9pfs.
Signed-off-by: Harsh Prateek Bora ha...@linux.vnet.ibm.com
---
v2:
- fixed compilation errors missed in v1.
docs/schemas/domain.rng |7 +++
src/conf/domain_conf.c | 30 --
src/conf/domain_conf.h | 11 +++
src/qemu/qemu_conf.c| 11 +--
4 files changed, 55 insertions(+), 4 deletions(-)
diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng
index ccb8cf3..c0e5149 100644
--- a/docs/schemas/domain.rng
+++ b/docs/schemas/domain.rng
@@ -761,6 +761,13 @@
/choice
optional
ref name=address/
+attribute name=accessmode
+choice
+ valuepassthrough/value
+ valuemapped/value
+ valuesquash/value
+/choice
+/attribute
/optional
/element
/define
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index e05d5d7..991b284 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -161,6 +161,12 @@ VIR_ENUM_IMPL(virDomainFS, VIR_DOMAIN_FS_TYPE_LAST,
file,
template)
+VIR_ENUM_IMPL(virDomainFSAccessMode, VIR_DOMAIN_FS_ACCESSMODE_LAST,
+ passthrough,
+ mapped,
+ squash)
+
+
VIR_ENUM_IMPL(virDomainNet, VIR_DOMAIN_NET_TYPE_LAST,
user,
ethernet,
@@ -1847,6 +1853,7 @@ virDomainFSDefParseXML(xmlNodePtr node,
char *type = NULL;
char *source = NULL;
char *target = NULL;
+char *accessmode = NULL;
if (VIR_ALLOC(def) 0) {
virReportOOMError();
@@ -1864,6 +1871,17 @@ virDomainFSDefParseXML(xmlNodePtr node,
def-type = VIR_DOMAIN_FS_TYPE_MOUNT;
}
+accessmode = virXMLPropString(node, accessmode);
+if (accessmode) {
+if ((def-accessmode =
virDomainFSAccessModeTypeFromString(accessmode)) 0) {
+virDomainReportError(VIR_ERR_INTERNAL_ERROR,
+ _(unknown accessmode '%s'), accessmode);
+goto error;
+}
+} else {
+def-accessmode = VIR_DOMAIN_FS_ACCESSMODE_PASSTHROUGH;
+}
+
cur = node-children;
while (cur != NULL) {
if (cur-type == XML_ELEMENT_NODE) {
@@ -5602,6 +5620,7 @@ virDomainFSDefFormat(virBufferPtr buf,
int flags)
{
const char *type = virDomainFSTypeToString(def-type);
+const char *accessmode =
virDomainFSAccessModeTypeToString(def-accessmode);
if (!type) {
virDomainReportError(VIR_ERR_INTERNAL_ERROR,
@@ -5609,9 +5628,16 @@ virDomainFSDefFormat(virBufferPtr buf,
return -1;
}
+ if (!accessmode) {
+virDomainReportError(VIR_ERR_INTERNAL_ERROR,
+ _(unexpected accessmode %d), def-accessmode);
+return -1;
+}
+
+
virBufferVSprintf(buf,
- filesystem type='%s'\n,
- type);
+ filesystem type='%s' accessmode='%s'\n,
+ type, accessmode);
if (def-src) {
switch (def-type) {
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 7195c04..0668ce5 100644
--- a/src/conf/domain_conf.h
+++
Re: [libvirt] [PATCH] Added new attribute accessmode to filesystem element
On 10/14/2010 04:38 PM, Daniel P. Berrange wrote:
On Thu, Oct 14, 2010 at 04:24:45PM +0530, Harsh Prateek Bora wrote:
This patch introduces new attribute to filesystem element
to support customizable access mode for mount type.
Valid accessmode are: passthrough, mapped and squash.
Usage:
filesystem type='mount' accessmode='passthrough'
source dir='/export/to/guest'/
target dir='mount_tag'/
/filesystem
Here is the detailed explanation on these access modes:
Access mode: mapped
Fileserver intercepts and maps all the file object create requests.
Files on the fileserver will be created with Fileserver's user credentials
and the
client-user's credentials are stored in extended attributes.
During getattr() server extracts the client-user's credentials from extended
attributes and sends to the client.
This adds a great deal of security in the cloud environments where the
guest's(client) user space is kept completely isolated from host's user
space.
Access mode : passthrough
--
In this security model, Fileserver passes down all requests to the
underlying filesystem. File system objects on the fileserver will be created
with client-user's credentials. This is done by setting setuid()/setgid()
during creation or chmod/chown after file creation. At the end of create
protocol
request, files on the fileserver will be owned by cleint-user's uid/gid.
This model mimic's current NFSv3 level of security.
Access mode: squash
In 'squash' mode, the (filesystem) server attempts to preserve user/group
ownership from guest, however:
- If the server is running as root this mode is equivalent to passthrough.
- If the server is running as non-root, all files just have uid/gid matching
the server process.
Note: This patch is based on Daniel's patch to support 9pfs.
It shall be applied after applying Daniel's patch to support 9pfs.
Signed-off-by: Harsh Prateek Boraha...@linux.vnet.ibm.com
---
docs/schemas/domain.rng |7 +++
src/conf/domain_conf.c | 30 --
src/conf/domain_conf.h | 11 +++
src/qemu/qemu_conf.c| 10 --
4 files changed, 54 insertions(+), 4 deletions(-)
diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng
index ccb8cf3..c0e5149 100644
--- a/docs/schemas/domain.rng
+++ b/docs/schemas/domain.rng
@@ -761,6 +761,13 @@
/choice
optional
ref name=address/
+attribute name=accessmode
+choice
+valuepassthrough/value
+valuemapped/value
+valuesquash/value
+/choice
+/attribute
/optional
/element
/define
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index e05d5d7..68c8441 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -161,6 +161,12 @@ VIR_ENUM_IMPL(virDomainFS, VIR_DOMAIN_FS_TYPE_LAST,
file,
template)
+VIR_ENUM_IMPL(virDomainFSAccessMode, VIR_DOMAIN_FS_SECURITY_LAST,
+ passthrough,
+ mapped,
+ squash)
+
+
VIR_ENUM_IMPL(virDomainNet, VIR_DOMAIN_NET_TYPE_LAST,
user,
ethernet,
@@ -1847,6 +1853,7 @@ virDomainFSDefParseXML(xmlNodePtr node,
char *type = NULL;
char *source = NULL;
char *target = NULL;
+char *accessmode = NULL;
if (VIR_ALLOC(def) 0) {
virReportOOMError();
@@ -1864,6 +1871,17 @@ virDomainFSDefParseXML(xmlNodePtr node,
def-type = VIR_DOMAIN_FS_TYPE_MOUNT;
}
+accessmode = virXMLPropString(node, accessmode);
+if (accessmode) {
+if ((def-accessmode =
virDomainFSAccessModeTypeFromString(accessmode)) 0) {
+virDomainReportError(VIR_ERR_INTERNAL_ERROR,
+ _(unknown accessmode '%s'), accessmode);
+goto error;
+}
+} else {
+def-accessmode = VIR_DOMAIN_FS_ACCESSMODE_PASSTHROUGH;
+}
+
cur = node-children;
while (cur != NULL) {
if (cur-type == XML_ELEMENT_NODE) {
@@ -5602,6 +5620,7 @@ virDomainFSDefFormat(virBufferPtr buf,
int flags)
{
const char *type = virDomainFSTypeToString(def-type);
+const char *accessmode =
virDomainFSAccessModeTypeToString(def-accessmode);
if (!type) {
virDomainReportError(VIR_ERR_INTERNAL_ERROR,
@@ -5609,9 +5628,16 @@ virDomainFSDefFormat(virBufferPtr buf,
return -1;
}
+ if (!accessmode) {
+virDomainReportError(VIR_ERR_INTERNAL_ERROR,
+ _(unexpected accessmode %d), def-accessmode);
+return -1;
+}
+
+
virBufferVSprintf(buf,
- filesystem type='%s'\n,
- type);
+ filesystem type='%s' accessmode='%s'\n,
+ type, accessmode);
if (def-src) {
switch (def-type) {
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 7195c04..0668ce5 100644
Re: [libvirt] [PATCHv2] build: fix mingw build
On 10/14/2010 03:34 AM, Daniel Veillard wrote: On Wed, Oct 13, 2010 at 04:25:45PM -0600, Eric Blake wrote: * .gnulib: Update to latest, for termios fix. * configure.ac (AC_CHECK_HEADERS): Drop redundent check. Reported by Daniel P. Berrange. --- This fixes the problem in a more maintainable manner. ACK, Thanks; pushed. -- Eric Blake ebl...@redhat.com+1-801-349-2682 Libvirt virtualization library http://libvirt.org -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] build: provide URL in 'configure --help'
On 10/13/2010 07:56 PM, Dave Allan wrote: On Wed, Oct 13, 2010 at 07:39:45PM -0600, Eric Blake wrote: * configure.ac (AC_INIT): Provide email and URL. --- Before: Report bugs to the package provider. After: Report bugs tolibvir-list@redhat.com. libvirt home page:http://libvirt.org. ACK Thanks; pushed. -- Eric Blake ebl...@redhat.com+1-801-349-2682 Libvirt virtualization library http://libvirt.org -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] Fix statstest when driver modules are enabled
The statstest is xen specific. Instead of filling the code with
a huge number of #ifdef WITH_XEN, just make its entire compilation
conditional in the Makefile.am. Also ensure it links to the Xen
driver so that it builds when driver modules are enabled
* tests/Makefile.am: Make statstest xen conditional. Link to
xen driver
* tests/Makefile.am: Remove all conditionals
---
tests/Makefile.am |8
tests/statstest.c |7 ---
2 files changed, 4 insertions(+), 11 deletions(-)
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 64fac75..44fe579 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -238,6 +238,10 @@ reconnect_SOURCES = \
reconnect.c
reconnect_LDADD = $(LDADDS)
+statstest_SOURCES = \
+ statstest.c testutils.h testutils.c
+statstest_LDADD = ../src/libvirt_driver_xen.la $(LDADDS)
+
else
EXTRA_DIST += xml2sexprtest.c sexpr2xmltest.c xmconfigtest.c \
xencapstest.c reconnect.c \
@@ -328,10 +332,6 @@ nodeinfotest_SOURCES = \
nodeinfotest.c testutils.h testutils.c
nodeinfotest_LDADD = $(LDADDS)
-statstest_SOURCES = \
- statstest.c testutils.h testutils.c
-statstest_LDADD = $(LDADDS)
-
if WITH_SECDRIVER_SELINUX
seclabeltest_SOURCES = \
seclabeltest.c
diff --git a/tests/statstest.c b/tests/statstest.c
index 5fad190..551615b 100644
--- a/tests/statstest.c
+++ b/tests/statstest.c
@@ -9,15 +9,12 @@
#include xen/block_stats.h
#include testutils.h
-#if WITH_XEN
static void testQuietError(void *userData ATTRIBUTE_UNUSED,
virErrorPtr error ATTRIBUTE_UNUSED)
{
/* nada */
}
-#endif
-#if __linux__ WITH_XEN
static int testDevice(const char *path, int expect)
{
int actual = xenLinuxDomainDeviceID(NULL, 1, path);
@@ -43,14 +40,11 @@ static int testDeviceHelper(const void *data)
return testDevice(info-dev, info-num);
}
-#endif
-
static int
mymain(int argc ATTRIBUTE_UNUSED,
char **argv ATTRIBUTE_UNUSED)
{
int ret = 0;
-#if __linux__ WITH_XEN
/* Some of our tests delibrately test failure cases, so
* register a handler to stop error messages cluttering
* up display
@@ -201,7 +195,6 @@ mymain(int argc ATTRIBUTE_UNUSED,
DO_TEST(/dev/xvda1, 51713);
DO_TEST(/dev/xvda15, 51727);
-#endif
return(ret==0 ? EXIT_SUCCESS : EXIT_FAILURE);
}
--
1.7.2.3
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Improving our ChangeLog format?
On Thu, Oct 14, 2010 at 01:06:56PM +0200, Matthias Bolte wrote: 2010/10/14 Daniel P. Berrange berra...@redhat.com: On Thu, Oct 14, 2010 at 08:55:24PM +1100, Justin Clift wrote: The PostgreSQL ChangeLog: http://www.postgresql.org/docs/9.0/static/release-9-0.html I don't believe that this corresponds to the output of the script you show above. This page is a hand-written change summary. That script above gives formatted commit logs. There's no enough structured info in commit messages to be able to generate a page like the one above. Our ChangeLog: http://libvirt.org/news.html Mentioning this in case anyone has the time/inclination to look into it. Any takers? :) I don't disagree that our news file is somewhat unreadable. We can't automate this though - it needs manual work to create it. We could split the huge comma seperated lists of items per li into a second level of li's to avoid this large blocks of text. This would run into incredibly long logs per release ! I was doing that in the very first releases see (bottom of news.html) I could change that to something more linear. Maybe adding a br / at the end of each line would be sufficient though, and may take sligtly less place than a sub list. I don't really care either way, it would be easy to fix, Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Improving our ChangeLog format?
On 10/14/2010 11:40 PM, Daniel Veillard wrote: snip This would run into incredibly long logs per release ! I was doing that in the very first releases see (bottom of news.html) I could change that to something more linear. Maybe adding abr / at the end of each line would be sufficient though, and may take sligtly less place than a sub list. I don't really care either way, it would be easy to fix, Is it something you can try out, and throw onto a page somewhere so we can look at it, comment on it here, etc? Seems like we'd really need to see it before deciding. :) -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2] Added new attribute accessmode to filesystem element
On Thu, Oct 14, 2010 at 04:41:51PM +0530, Harsh Prateek Bora wrote:
This patch introduces new attribute to filesystem element
to support customizable access mode for mount type.
Valid accessmode are: passthrough, mapped and squash.
[...]
@@ -1847,6 +1853,7 @@ virDomainFSDefParseXML(xmlNodePtr node,
char *type = NULL;
char *source = NULL;
char *target = NULL;
+char *accessmode = NULL;
if (VIR_ALLOC(def) 0) {
virReportOOMError();
@@ -1864,6 +1871,17 @@ virDomainFSDefParseXML(xmlNodePtr node,
def-type = VIR_DOMAIN_FS_TYPE_MOUNT;
}
+accessmode = virXMLPropString(node, accessmode);
+if (accessmode) {
+if ((def-accessmode =
virDomainFSAccessModeTypeFromString(accessmode)) 0) {
+virDomainReportError(VIR_ERR_INTERNAL_ERROR,
+ _(unknown accessmode '%s'), accessmode);
+goto error;
+}
+} else {
+def-accessmode = VIR_DOMAIN_FS_ACCESSMODE_PASSTHROUGH;
+}
if non-NULL this was never freed because of a missing
VIR_FREE(accessmode);
in the clanup: section of that routine.
otherwise, ACK. I was just a bit worried that if no model was given
we always assume passthrough, but since that's what the QEMu backend
implementation did so far and this doesn't affect other drivers, that's
fine.
Applied and pushed with that small change,
thanks !
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Fix statstest when driver modules are enabled
On Thu, Oct 14, 2010 at 01:23:53PM +0100, Daniel P. Berrange wrote: The statstest is xen specific. Instead of filling the code with a huge number of #ifdef WITH_XEN, just make its entire compilation conditional in the Makefile.am. Also ensure it links to the Xen driver so that it builds when driver modules are enabled * tests/Makefile.am: Make statstest xen conditional. Link to xen driver * tests/Makefile.am: Remove all conditionals ACK, Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2] Added new attribute accessmode to filesystem element
On 10/14/2010 06:40 PM, Daniel Veillard wrote:
On Thu, Oct 14, 2010 at 04:41:51PM +0530, Harsh Prateek Bora wrote:
This patch introduces new attribute to filesystem element
to support customizable access mode for mount type.
Valid accessmode are: passthrough, mapped and squash.
[...]
@@ -1847,6 +1853,7 @@ virDomainFSDefParseXML(xmlNodePtr node,
char *type = NULL;
char *source = NULL;
char *target = NULL;
+char *accessmode = NULL;
if (VIR_ALLOC(def) 0) {
virReportOOMError();
@@ -1864,6 +1871,17 @@ virDomainFSDefParseXML(xmlNodePtr node,
def-type = VIR_DOMAIN_FS_TYPE_MOUNT;
}
+accessmode = virXMLPropString(node, accessmode);
+if (accessmode) {
+if ((def-accessmode =
virDomainFSAccessModeTypeFromString(accessmode)) 0) {
+virDomainReportError(VIR_ERR_INTERNAL_ERROR,
+ _(unknown accessmode '%s'), accessmode);
+goto error;
+}
+} else {
+def-accessmode = VIR_DOMAIN_FS_ACCESSMODE_PASSTHROUGH;
+}
if non-NULL this was never freed because of a missing
VIR_FREE(accessmode);
in the clanup: section of that routine.
otherwise, ACK. I was just a bit worried that if no model was given
we always assume passthrough, but since that's what the QEMu backend
implementation did so far and this doesn't affect other drivers, that's
fine.
Applied and pushed with that small change,
thanks !
Thanks very much ! :)
Daniel
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Improving our ChangeLog format?
On Thu, Oct 14, 2010 at 11:50:50PM +1100, Justin Clift wrote: On 10/14/2010 11:40 PM, Daniel Veillard wrote: snip This would run into incredibly long logs per release ! I was doing that in the very first releases see (bottom of news.html) I could change that to something more linear. Maybe adding abr / at the end of each line would be sufficient though, and may take sligtly less place than a sub list. I don't really care either way, it would be easy to fix, Is it something you can try out, and throw onto a page somewhere so we can look at it, comment on it here, etc? Seems like we'd really need to see it before deciding. :) http://libvirt.org/news.test.html to get an idea, I didn't tried to clean everything up though Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Improving our ChangeLog format?
On 10/15/2010 12:22 AM, Daniel Veillard wrote: snip Seems like we'd really need to see it before deciding. :) http://libvirt.org/news.test.html to get an idea, I didn't tried to clean everything up though Cool. That's going in the right direction. Can we add in a unique sort (sort -u), so it groups them by topic? ie: bridge: Fix static-only DHCP configuration (Jiri Denemark), build: Fix permissions of sysconfig files (Jiri Denemark), esx: Fix esxVI_BuildSelectSet's invalid argument check (Matthias Bolte), qemu: qemuMonitorJSONEjectMedia(): Fix arguments' type (Luiz Capitulino), qemu: qemuMonitorJSONMigrate(): Fix arguments' type (Luiz Capitulino), qemu: Check for errors when converting PCI address to string (Jiri Denemark), qemu: Fix JSON migrate_set_downtime command (Jiri Denemark), phyp: Bad comparison when checking for existing domain name (Eduardo Otubo), spec: Fix undefined with_libnl (Jiri Denemark), test: Don't overwrite storage volume target path and key (Matthias Bolte), virsh: remove driver check from attach-disk command (Ryan Harper), Preferably then turning the first word subject starter (bridge, build, esx, qemu, etc) into a heading. Something with visual separation like: BRIDGE Fix static-only DHCP configuration (Jiri Denemark) BUILD Fix permissions of sysconfig files (Jiri Denemark) ESX Fix esxVI_BuildSelectSet's invalid argument check (Matthias Bolte) QEMU qemuMonitorJSONEjectMedia(): Fix arguments' type (Luiz Capitulino) qemuMonitorJSONMigrate(): Fix arguments' type (Luiz Capitulino) Check for errors when converting PCI address to string (Jiri Denemark) Fix JSON migrate_set_downtime command (Jiri Denemark) PHYP Bad comparison when checking for existing domain name (Eduardo Otubo) SPEC Fix undefined with_libnl (Jiri Denemark) TEST Don't overwrite storage volume target path and key (Matthias Bolte) VIRSH remove driver check from attach-disk command (Ryan Harper) The above is obviously a text representation. For HTML, maybe use h4HEADING/h4 tags or something? -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Mac OS X: dyld: lazy symbol binding failed
On Tue, Oct 12, 2010 at 02:56:31PM -0700, Mitchell Hashimoto wrote: I've been working with Justin, and we've been making some progress. However, I have another question for this list. As a follow-up to this, I realized that when I download the snapshots and just ./configure; make; make install then I get the lazy binding issue. However, if I go through the entire autogen process: ./autogen.sh make make install Do you see a difference when ou run # grep VERSION_SCRIPT_FLAGS Makefile VERSION_SCRIPT_FLAGS = -Wl,--version-script= between the plain 'configure' case, and the full autogen.sh case ? Also, does the src/libvirt.syms look any different in either case ? Daniel -- |: Red Hat, Engineering, London-o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org-o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2] Added new attribute accessmode to filesystem element
On 10/14/2010 07:10 AM, Daniel Veillard wrote: otherwise, ACK. I was just a bit worried that if no model was given we always assume passthrough, but since that's what the QEMu backend implementation did so far and this doesn't affect other drivers, that's fine. Applied and pushed with that small change, Oops, you reverted the .gnulib submodule with that commit. I'm pushing the obvious fix to restore it to the state before that patch. -- Eric Blake ebl...@redhat.com+1-801-349-2682 Libvirt virtualization library http://libvirt.org -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 2/4] Audit VM start/stop/suspend/resume
On Tue, Oct 12, 2010 at 06:32:16PM +0100, Daniel P. Berrange wrote: From: Miloslav Trmač m...@redhat.com Most operations are audited at the libvirtd level; auditing in src/libvirt.c would result in two audit entries per operation (one in the client, one in libvirtd). The only exception is a domain stopping of its own will (e.g. because the user clicks on shutdown inside the interface). There can often be no client connected at the time the domain stops, so libvirtd does not have any virConnectPtr object on which to attach an event watch. This patch therefore adds auditing directly inside the qemu driver (other drivers are not supported). Looks fine but using base64 transfer encoding: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 Sender: libvir-list-boun...@redhat.com Errors-To: libvir-list-boun...@redhat.com Status: RO RnJvbTogTWlsb3NsYXYgVHJtYcSNIDxtaXRyQHJlZGhhdC5jb20+CgpNb3N0IG9wZXJhdGlvbnMg YXJlIGF1ZGl0ZWQgYXQgdGhlIGxpYnZpcnRkIGxldmVsOyBhdWRpdGluZyBpbgpzcmMvbGlidmly makes applying the patch way harder than it should. I wonder why mails 2, 3 and 4 got the problem nut not 1/4 puzzled, could you have a look ? Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 2/4] Audit VM start/stop/suspend/resume
On Thu, Oct 14, 2010 at 04:09:41PM +0200, Daniel Veillard wrote: On Tue, Oct 12, 2010 at 06:32:16PM +0100, Daniel P. Berrange wrote: From: Miloslav Trmač m...@redhat.com Most operations are audited at the libvirtd level; auditing in src/libvirt.c would result in two audit entries per operation (one in the client, one in libvirtd). The only exception is a domain stopping of its own will (e.g. because the user clicks on shutdown inside the interface). There can often be no client connected at the time the domain stops, so libvirtd does not have any virConnectPtr object on which to attach an event watch. This patch therefore adds auditing directly inside the qemu driver (other drivers are not supported). Looks fine but using base64 transfer encoding: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 Sender: libvir-list-boun...@redhat.com Errors-To: libvir-list-boun...@redhat.com Status: RO RnJvbTogTWlsb3NsYXYgVHJtYcSNIDxtaXRyQHJlZGhhdC5jb20+CgpNb3N0IG9wZXJhdGlvbnMg YXJlIGF1ZGl0ZWQgYXQgdGhlIGxpYnZpcnRkIGxldmVsOyBhdWRpdGluZyBpbgpzcmMvbGlidmly makes applying the patch way harder than it should. I wonder why mails 2, 3 and 4 got the problem nut not 1/4 puzzled, could you have a look ? I just used git send-email as normal. It is probably the magic characters in Miloslav's name that convinced git to change to a diffrent content encoding Daniel -- |: Red Hat, Engineering, London-o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org-o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 4/4] Fix symbol exports remove duplicated libvirt_util.la linkage
On Tue, Oct 12, 2010 at 06:32:18PM +0100, Daniel P. Berrange wrote: From: Miloslav Trmač m...@redhat.com The libvirt_util.la library was mistakenly linked into libvirtd directly. Since libvirt_util.la is already linked to libvirt.so, this resulted in libvirtd getting two copies of the code and more critically 2 copies of static global variables. Testing in turn exposed a issue with loadable modules. The gnulib replacement functions are not exported to loadable modules. Rather than trying to figure out the name sof all gnulib functions export them, just linkage all loadable modules against libgnu.la statically. * daemon/Makefile.am: Remove linkage of libvirt_util.la and libvirt_driver.la * src/Makefile.am: Link driver modules against libgnu.la * src/libvirt.c: Don't try to load modules which were compiled out * src/libvirt_private.syms: Export all other internal symbols that are required by drivers Hum, weird, I tried to o a make rpm with that patch and got a linking error due to multiple definitions coming from gnulib: CCLD libvirt_lxc CCLD libvirt.la copying selected object files to avoid basename conflicts... ../gnulib/lib/.libs/libgnu.a(areadlink.o): In function `areadlink': /u/veillard/rpms/BUILD/libvirt-0.8.4/gnulib/lib/areadlink.c:58: multiple definition of `areadlink' ./.libs/libvirt_driver_phyp.a(areadlink.o):/u/veillard/rpms/BUILD/libvirt-0.8.4/gnulib/lib/areadlink.c:58: first defined here ../gnulib/lib/.libs/libgnu.a(base64.o): In function `base64_encode': /u/veillard/rpms/BUILD/libvirt-0.8.4/gnulib/lib/base64.c:79: multiple definition of `base64_encode' So patches 1-3 look fine to me but that one seems to still have a problem, Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 4/4] Fix symbol exports remove duplicated libvirt_util.la linkage
On Thu, Oct 14, 2010 at 04:22:29PM +0200, Daniel Veillard wrote: On Tue, Oct 12, 2010 at 06:32:18PM +0100, Daniel P. Berrange wrote: From: Miloslav Trmač m...@redhat.com The libvirt_util.la library was mistakenly linked into libvirtd directly. Since libvirt_util.la is already linked to libvirt.so, this resulted in libvirtd getting two copies of the code and more critically 2 copies of static global variables. Testing in turn exposed a issue with loadable modules. The gnulib replacement functions are not exported to loadable modules. Rather than trying to figure out the name sof all gnulib functions export them, just linkage all loadable modules against libgnu.la statically. * daemon/Makefile.am: Remove linkage of libvirt_util.la and libvirt_driver.la * src/Makefile.am: Link driver modules against libgnu.la * src/libvirt.c: Don't try to load modules which were compiled out * src/libvirt_private.syms: Export all other internal symbols that are required by drivers Hum, weird, I tried to o a make rpm with that patch and got a linking error due to multiple definitions coming from gnulib: CCLD libvirt_lxc CCLD libvirt.la copying selected object files to avoid basename conflicts... ../gnulib/lib/.libs/libgnu.a(areadlink.o): In function `areadlink': /u/veillard/rpms/BUILD/libvirt-0.8.4/gnulib/lib/areadlink.c:58: multiple definition of `areadlink' ./.libs/libvirt_driver_phyp.a(areadlink.o):/u/veillard/rpms/BUILD/libvirt-0.8.4/gnulib/lib/areadlink.c:58: first defined here ../gnulib/lib/.libs/libgnu.a(base64.o): In function `base64_encode': /u/veillard/rpms/BUILD/libvirt-0.8.4/gnulib/lib/base64.c:79: multiple definition of `base64_encode' So patches 1-3 look fine to me but that one seems to still have a problem, This was a simple mistake. One of my changes to the phyp driver link line was not properly protected by a 'if WITH_DRIVER_MODULES' Regards, Daniel -- |: Red Hat, Engineering, London-o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org-o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 2/4] Audit VM start/stop/suspend/resume
On Thu, Oct 14, 2010 at 03:16:42PM +0100, Daniel P. Berrange wrote: On Thu, Oct 14, 2010 at 04:09:41PM +0200, Daniel Veillard wrote: On Tue, Oct 12, 2010 at 06:32:16PM +0100, Daniel P. Berrange wrote: From: Miloslav Trmač m...@redhat.com Most operations are audited at the libvirtd level; auditing in src/libvirt.c would result in two audit entries per operation (one in the client, one in libvirtd). The only exception is a domain stopping of its own will (e.g. because the user clicks on shutdown inside the interface). There can often be no client connected at the time the domain stops, so libvirtd does not have any virConnectPtr object on which to attach an event watch. This patch therefore adds auditing directly inside the qemu driver (other drivers are not supported). Looks fine but using base64 transfer encoding: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 Sender: libvir-list-boun...@redhat.com Errors-To: libvir-list-boun...@redhat.com Status: RO RnJvbTogTWlsb3NsYXYgVHJtYcSNIDxtaXRyQHJlZGhhdC5jb20+CgpNb3N0IG9wZXJhdGlvbnMg YXJlIGF1ZGl0ZWQgYXQgdGhlIGxpYnZpcnRkIGxldmVsOyBhdWRpdGluZyBpbgpzcmMvbGlidmly makes applying the patch way harder than it should. I wonder why mails 2, 3 and 4 got the problem nut not 1/4 puzzled, could you have a look ? I just used git send-email as normal. It is probably the magic characters in Miloslav's name that convinced git to change to a diffrent content encoding Ahhh, well with vim selecting the block and using :','!base64 -d does the trick, but it slows things down Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] How to rename a domain?
On 10/12/2010 12:58 PM, Ganesh Pagade wrote: Hi, I am using libvirt Java bindings. How can I rename a domain? Is there an API to do this? There is no API for it. The only way to do it is basically: virsh dumpxml myvm foo.xml edit foo.xml, change the name virsh undefine myvm virsh define foo.xml - Cole -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] nwfilter: prevent multiple filters with different name but same UUID
Patch to prevent multiple nwfilters with different name but same UUID.
Signed-off-by: Stefan Berger stef...@us.ibm.com
---
src/conf/nwfilter_conf.c | 14 ++
1 file changed, 14 insertions(+)
Index: libvirt-acl/src/conf/nwfilter_conf.c
===
--- libvirt-acl.orig/src/conf/nwfilter_conf.c
+++ libvirt-acl/src/conf/nwfilter_conf.c
@@ -2399,6 +2399,20 @@ virNWFilterPoolObjAssignDef(virConnectPt
{
virNWFilterPoolObjPtr pool;
+pool = virNWFilterPoolObjFindByUUID(pools, def-uuid);
+
+if (pool) {
+if (!STREQ(def-name, pool-def-name)) {
+virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
+ _(filter with same UUID but different
name
+ ('%s') already exists),
+ pool-def-name);
+virNWFilterPoolObjUnlock(pool);
+return NULL;
+}
+virNWFilterPoolObjUnlock(pool);
+}
+
if (virNWFilterDefLoopDetect(conn, pools, def)) {
virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
%s, _(filter would introduce a loop));
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] nwfilter: prevent multiple filters with different name but same UUID
On Thu, Oct 14, 2010 at 11:20:15AM -0400, Stefan Berger wrote:
Patch to prevent multiple nwfilters with different name but same UUID.
Signed-off-by: Stefan Berger stef...@us.ibm.com
---
src/conf/nwfilter_conf.c | 14 ++
1 file changed, 14 insertions(+)
Index: libvirt-acl/src/conf/nwfilter_conf.c
===
--- libvirt-acl.orig/src/conf/nwfilter_conf.c
+++ libvirt-acl/src/conf/nwfilter_conf.c
@@ -2399,6 +2399,20 @@ virNWFilterPoolObjAssignDef(virConnectPt
{
virNWFilterPoolObjPtr pool;
+pool = virNWFilterPoolObjFindByUUID(pools, def-uuid);
+
+if (pool) {
+if (!STREQ(def-name, pool-def-name)) {
+virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
+ _(filter with same UUID but different
name
+ ('%s') already exists),
+ pool-def-name);
+virNWFilterPoolObjUnlock(pool);
+return NULL;
+}
+virNWFilterPoolObjUnlock(pool);
+}
+
if (virNWFilterDefLoopDetect(conn, pools, def)) {
virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
%s, _(filter would introduce a loop));
ACK
Daniel
--
|: Red Hat, Engineering, London-o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :|
|: http://autobuild.org-o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] nwfilter: prevent multiple filters with different name but same UUID
On 10/14/2010 11:27 AM, Daniel P. Berrange wrote:
On Thu, Oct 14, 2010 at 11:20:15AM -0400, Stefan Berger wrote:
Patch to prevent multiple nwfilters with different name but same UUID.
Signed-off-by: Stefan Bergerstef...@us.ibm.com
---
src/conf/nwfilter_conf.c | 14 ++
1 file changed, 14 insertions(+)
Index: libvirt-acl/src/conf/nwfilter_conf.c
===
--- libvirt-acl.orig/src/conf/nwfilter_conf.c
+++ libvirt-acl/src/conf/nwfilter_conf.c
@@ -2399,6 +2399,20 @@ virNWFilterPoolObjAssignDef(virConnectPt
{
virNWFilterPoolObjPtr pool;
+pool = virNWFilterPoolObjFindByUUID(pools, def-uuid);
+
+if (pool) {
+if (!STREQ(def-name, pool-def-name)) {
+virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
+ _(filter with same UUID but different
name
+ ('%s') already exists),
+ pool-def-name);
+virNWFilterPoolObjUnlock(pool);
+return NULL;
+}
+virNWFilterPoolObjUnlock(pool);
+}
+
if (virNWFilterDefLoopDetect(conn, pools, def)) {
virNWFilterReportError(VIR_ERR_INVALID_NWFILTER,
%s, _(filter would introduce a loop));
ACK
Daniel
Pushed.
Stefan
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] nwfilter: changes to rules in VM-host table
In the table built for traffic coming from the VM going to the host make the following changes: - don't ACCEPT the packets but do a 'RETURN' and let the host-specific firewall rules in subsequent rules evaluate whether the traffic is allowed to enter - use the '-m state' in the rules as everywhere else Signed-off-by: Stefan Berger stef...@us.ibm.com --- src/nwfilter/nwfilter_ebiptables_driver.c |8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) Index: libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c === --- libvirt-acl.orig/src/nwfilter/nwfilter_ebiptables_driver.c +++ libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c @@ -1790,6 +1790,10 @@ iptablesCreateRuleInstance(virNWFilterDe return rc; maySkipICMP = directionIn; +if (needState) +matchState = directionIn ? MATCH_STATE_IN : MATCH_STATE_OUT; +else +matchState = NULL; chainPrefix[0] = 'H'; chainPrefix[1] = CHAINPREFIX_HOST_IN_TEMP; @@ -1800,8 +1804,8 @@ iptablesCreateRuleInstance(virNWFilterDe ifname, vars, res, - NULL, true, - ACCEPT, + matchState, true, + RETURN, isIPv6, maySkipICMP); -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Mac OS X: dyld: lazy symbol binding failed
Daniel, Thanks for your response, I appreciate it. The `grep` on the two Makefiles is equivalent. I've uploaded a diff of the two Makefiles here: https://gist.github.com/da0e93a335be6a3a637b Let me know if you want me to upload the actual Makefiles as well, since I can do that. Also the src/libvirt.syms file is the same in both cases. Hope this helps! Let me know if there is anything else I can do to assist you. Mitchell On Thu, Oct 14, 2010 at 6:44 AM, Daniel P. Berrange berra...@redhat.com wrote: On Tue, Oct 12, 2010 at 02:56:31PM -0700, Mitchell Hashimoto wrote: I've been working with Justin, and we've been making some progress. However, I have another question for this list. As a follow-up to this, I realized that when I download the snapshots and just ./configure; make; make install then I get the lazy binding issue. However, if I go through the entire autogen process: ./autogen.sh make make install Do you see a difference when ou run # grep VERSION_SCRIPT_FLAGS Makefile VERSION_SCRIPT_FLAGS = -Wl,--version-script= between the plain 'configure' case, and the full autogen.sh case ? Also, does the src/libvirt.syms look any different in either case ? Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] usage of PKG_CHECK_ in libvirt
hi, I want to try to add some basic support for (linux-)vserver to libvirt and after reading some old mail threads I noticed you vanished PKG_CHECK_EXISTS back in 2008. is it still not welcomed in libvirt? PKG_CHECK_MODULES also? Thanks, Alejandro Mery -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] usage of PKG_CHECK_ in libvirt
2010/10/14 Alejandro Mery am...@geeks.cl: hi, I want to try to add some basic support for (linux-)vserver to libvirt and after reading some old mail threads I noticed you vanished PKG_CHECK_EXISTS back in 2008. is it still not welcomed in libvirt? PKG_CHECK_MODULES also? Thanks, Alejandro Mery No idea about PKG_CHECK_EXISTS, but if you look at configure.ac you'll find multiple instances of PKG_CHECK_MODULES, so this one is perfectly fine. Matthias -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Mac OS X: dyld: lazy symbol binding failed
On 10/14/2010 01:06 PM, Mitchell Hashimoto wrote: Daniel, Thanks for your response, I appreciate it. The `grep` on the two Makefiles is equivalent. I've uploaded a diff of the two Makefiles here: https://gist.github.com/da0e93a335be6a3a637b Let me know if you want me to upload the actual Makefiles as well, since I can do that. Can you provide a context diff (diff -u or diff -c) rather than an ed-script diff? Context can be essential in a review. At any rate: # Makefile.in generated by automake 1.9.6 from Makefile.am. --- # Makefile.in generated by automake 1.11.1 from Makefile.am. Is this stock automake 1.9.6, or does it have a distro patch to fix CVE-2009-4029? Using an older automake may be the root cause of remaining problems, if we are relying on a feature that only automake 1.10 or 1.11 provides. What is 'automake --version' for you, and did you generate the tarballs, or is the automake 1.9.6 on someone else's machine? $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/m4/size_max.m4 \ $(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \ $(top_srcdir)/m4/xsize.m4 $(top_srcdir)/acinclude.m4 \ $(top_srcdir)/configure.ac --- $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/nls.m4 \ $(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/progtest.m4 \ $(top_srcdir)/m4/size_max.m4 $(top_srcdir)/m4/wchar_t.m4 \ $(top_srcdir)/m4/wint_t.m4 $(top_srcdir)/m4/xsize.m4 \ $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac Why the difference in which libtool .m4 files are provided? configure.lineno configure.status.lineno --- configure.lineno config.status.lineno There's no such file as configure.status.lineno; but that's attributable to a bug in the older automake that has since been fixed. I've stopped looking at this point. -- Eric Blake ebl...@redhat.com+1-801-349-2682 Libvirt virtualization library http://libvirt.org -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Mac OS X: dyld: lazy symbol binding failed
Eric, First, here is the output from diff -c: https://gist.github.com/7d8c32849e4d72be5368 I ran `automake --version` and I have 1.11.1 And the 1.9.6 automake is from the libvirt build servers, not any of my machines. I was comparing the ./configure output from the snapshot with when I run autogen.sh myself. I'm not sure about the other points you brought up. I just ran the typical commands that README-hacking says to. Mitchell On Thu, Oct 14, 2010 at 12:44 PM, Eric Blake ebl...@redhat.com wrote: On 10/14/2010 01:06 PM, Mitchell Hashimoto wrote: Daniel, Thanks for your response, I appreciate it. The `grep` on the two Makefiles is equivalent. I've uploaded a diff of the two Makefiles here: https://gist.github.com/da0e93a335be6a3a637b Let me know if you want me to upload the actual Makefiles as well, since I can do that. Can you provide a context diff (diff -u or diff -c) rather than an ed-script diff? Context can be essential in a review. At any rate: # Makefile.in generated by automake 1.9.6 from Makefile.am. --- # Makefile.in generated by automake 1.11.1 from Makefile.am. Is this stock automake 1.9.6, or does it have a distro patch to fix CVE-2009-4029? Using an older automake may be the root cause of remaining problems, if we are relying on a feature that only automake 1.10 or 1.11 provides. What is 'automake --version' for you, and did you generate the tarballs, or is the automake 1.9.6 on someone else's machine? $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/m4/size_max.m4 \ $(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \ $(top_srcdir)/m4/xsize.m4 $(top_srcdir)/acinclude.m4 \ $(top_srcdir)/configure.ac --- $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/nls.m4 \ $(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/progtest.m4 \ $(top_srcdir)/m4/size_max.m4 $(top_srcdir)/m4/wchar_t.m4 \ $(top_srcdir)/m4/wint_t.m4 $(top_srcdir)/m4/xsize.m4 \ $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac Why the difference in which libtool .m4 files are provided? configure.lineno configure.status.lineno --- configure.lineno config.status.lineno There's no such file as configure.status.lineno; but that's attributable to a bug in the older automake that has since been fixed. I've stopped looking at this point. -- Eric Blake ebl...@redhat.com +1-801-349-2682 Libvirt virtualization library http://libvirt.org -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCHv2 16/14] vcpu: remove dead xen code
v2: new patch. To be squashed with 14/14.
* src/xen/xen_driver.h (xenUnifiedDriver): Remove now-unused
domainSetVcpus.
* src/xen/proxy_internal.c (xenProxyDriver): Likewise.
* src/xen/xen_hypervisor.c (xenHypervisorDriver): Likewise.
* src/xen/xen_inotify.c (xenInotifyDriver): Likewise.
* src/xen/xend_internal.c (xenDaemonDriver)
(xenDaemonDomainSetVcpus): Likewise.
* src/xen/xm_internal.c (xenXMDriver, xenXMDomainSetVcpus):
Likewise.
* src/xen/xs_internal.c (xenStoreDriver): Likewise.
---
src/xen/proxy_internal.c |1 -
src/xen/xen_driver.h |1 -
src/xen/xen_hypervisor.c |1 -
src/xen/xen_inotify.c|1 -
src/xen/xend_internal.c | 32
src/xen/xm_internal.c| 42 --
src/xen/xs_internal.c|1 -
7 files changed, 0 insertions(+), 79 deletions(-)
diff --git a/src/xen/proxy_internal.c b/src/xen/proxy_internal.c
index 3e122f4..4033727 100644
--- a/src/xen/proxy_internal.c
+++ b/src/xen/proxy_internal.c
@@ -67,7 +67,6 @@ struct xenUnifiedDriver xenProxyDriver = {
NULL, /* domainSave */
NULL, /* domainRestore */
NULL, /* domainCoreDump */
-NULL, /* domainSetVcpus */
NULL, /* domainPinVcpu */
NULL, /* domainGetVcpus */
NULL, /* listDefinedDomains */
diff --git a/src/xen/xen_driver.h b/src/xen/xen_driver.h
index e67faba..53f97d4 100644
--- a/src/xen/xen_driver.h
+++ b/src/xen/xen_driver.h
@@ -84,7 +84,6 @@ struct xenUnifiedDriver {
virDrvDomainSave domainSave;
virDrvDomainRestoredomainRestore;
virDrvDomainCoreDump domainCoreDump;
-virDrvDomainSetVcpus domainSetVcpus;
virDrvDomainPinVcpudomainPinVcpu;
virDrvDomainGetVcpus domainGetVcpus;
virDrvListDefinedDomains listDefinedDomains;
diff --git a/src/xen/xen_hypervisor.c b/src/xen/xen_hypervisor.c
index 32f3683..3797865 100644
--- a/src/xen/xen_hypervisor.c
+++ b/src/xen/xen_hypervisor.c
@@ -784,7 +784,6 @@ struct xenUnifiedDriver xenHypervisorDriver = {
NULL, /* domainSave */
NULL, /* domainRestore */
NULL, /* domainCoreDump */
-xenHypervisorSetVcpus, /* domainSetVcpus */
xenHypervisorPinVcpu, /* domainPinVcpu */
xenHypervisorGetVcpus, /* domainGetVcpus */
NULL, /* listDefinedDomains */
diff --git a/src/xen/xen_inotify.c b/src/xen/xen_inotify.c
index 9b95d67..9507061 100644
--- a/src/xen/xen_inotify.c
+++ b/src/xen/xen_inotify.c
@@ -71,7 +71,6 @@ struct xenUnifiedDriver xenInotifyDriver = {
NULL, /* domainSave */
NULL, /* domainRestore */
NULL, /* domainCoreDump */
-NULL, /* domainSetVcpus */
NULL, /* domainPinVcpu */
NULL, /* domainGetVcpus */
NULL, /* listDefinedDomains */
diff --git a/src/xen/xend_internal.c b/src/xen/xend_internal.c
index ed90459..b90c331 100644
--- a/src/xen/xend_internal.c
+++ b/src/xen/xend_internal.c
@@ -3611,37 +3611,6 @@ xenDaemonDomainSetVcpusFlags(virDomainPtr domain,
unsigned int vcpus,
}
/**
- * xenDaemonDomainSetVcpus:
- * @domain: pointer to domain object
- * @nvcpus: the new number of virtual CPUs for this domain
- *
- * Dynamically change the number of virtual CPUs used by the domain.
- *
- * Returns 0 for success; -1 (with errno) on error
- */
-int
-xenDaemonDomainSetVcpus(virDomainPtr domain, unsigned int vcpus)
-{
-char buf[VIR_UUID_BUFLEN];
-xenUnifiedPrivatePtr priv;
-
-if ((domain == NULL) || (domain-conn == NULL) || (domain-name == NULL)
- || (vcpus 1)) {
-virXendError(VIR_ERR_INVALID_ARG, __FUNCTION__);
-return (-1);
-}
-
-priv = (xenUnifiedPrivatePtr) domain-conn-privateData;
-
-if (domain-id 0 priv-xendConfigVersion 3)
-return(-1);
-
-snprintf(buf, sizeof(buf), %d, vcpus);
-return(xend_op(domain-conn, domain-name, op, set_vcpus, vcpus,
- buf, NULL));
-}
-
-/**
* xenDaemonDomainPinCpu:
* @domain: pointer to domain object
* @vcpu: virtual CPU number
@@ -5213,7 +5182,6 @@ struct xenUnifiedDriver xenDaemonDriver = {
xenDaemonDomainSave, /* domainSave */
xenDaemonDomainRestore, /* domainRestore */
xenDaemonDomainCoreDump, /* domainCoreDump */
-xenDaemonDomainSetVcpus, /* domainSetVcpus */
xenDaemonDomainPinVcpu, /* domainPinVcpu */
xenDaemonDomainGetVcpus, /* domainGetVcpus */
xenDaemonListDefinedDomains, /* listDefinedDomains */
diff --git a/src/xen/xm_internal.c b/src/xen/xm_internal.c
index 663802b..430d40b 100644
--- a/src/xen/xm_internal.c
+++ b/src/xen/xm_internal.c
@@ -103,7 +103,6 @@ struct xenUnifiedDriver xenXMDriver = {
NULL, /* domainSave */
NULL, /* domainRestore */
NULL, /* domainCoreDump */
-xenXMDomainSetVcpus, /* domainSetVcpus */
xenXMDomainPinVcpu, /* domainPinVcpu */
NULL, /* domainGetVcpus */
xenXMListDefinedDomains, /* listDefinedDomains */
@@ -1629,47 +1628,6 @@ cleanup:
}
[libvirt] [PATCHv2 15/14] vcpu: improve support for setting xen vcpu counts
Tested with RHEL 5.6 (xendConfigVersion 2, where xend_internal
controls live domains and xm_internal controls inactive domains).
Hopefully this works with xendConfigVersion 3 (where xend_internal
controls everything).
v2: new patch
* src/xen/xen_driver.c (xenUnifiedDomainSetVcpusFlags): Support
more flags.
(xenUnifiedGetMaxVcpus): Export.
* src/xen/xm_internal.h (xenXMDomainSetVcpusFlags): New prototype.
* src/xen/xend_internal.h (xenDaemonDomainSetVcpusFlags): Likewise.
* src/xen/xen_driver.h (xenUnifiedGetMaxVcpus): Likewise.
* src/xen/xm_internal.c (xenXMDomainSetVcpusFlags): New function.
* src/xen/xend_internal.c (xenDaemonDomainSetVcpusFlags): Likewise.
---
With this patch in place, I should be done with my vcpu API addition.
src/xen/xen_driver.c| 60 -
src/xen/xen_driver.h|1 +
src/xen/xend_internal.c | 76 +++
src/xen/xend_internal.h |3 ++
src/xen/xm_internal.c | 83 +++
src/xen/xm_internal.h |2 +
6 files changed, 208 insertions(+), 17 deletions(-)
diff --git a/src/xen/xen_driver.c b/src/xen/xen_driver.c
index fe2ff86..66e8518 100644
--- a/src/xen/xen_driver.c
+++ b/src/xen/xen_driver.c
@@ -508,7 +508,7 @@ xenUnifiedIsSecure(virConnectPtr conn)
return ret;
}
-static int
+int
xenUnifiedGetMaxVcpus (virConnectPtr conn, const char *type)
{
GET_PRIVATE(conn);
@@ -1073,36 +1073,62 @@ xenUnifiedDomainSetVcpusFlags (virDomainPtr dom,
unsigned int nvcpus,
unsigned int flags)
{
GET_PRIVATE(dom-conn);
-int i;
+int ret;
+
+virCheckFlags(VIR_DOMAIN_VCPU_LIVE |
+ VIR_DOMAIN_VCPU_CONFIG |
+ VIR_DOMAIN_VCPU_MAXIMUM, -1);
-if (flags != VIR_DOMAIN_VCPU_LIVE) {
-xenUnifiedError(VIR_ERR_INVALID_ARG, _(unsupported flags: (0x%x)),
-flags);
+/* At least one of LIVE or CONFIG must be set. MAXIMUM cannot be
+ * mixed with LIVE. */
+if ((flags (VIR_DOMAIN_VCPU_LIVE | VIR_DOMAIN_VCPU_CONFIG)) == 0 ||
+(flags (VIR_DOMAIN_VCPU_MAXIMUM | VIR_DOMAIN_VCPU_LIVE)) ==
+ (VIR_DOMAIN_VCPU_MAXIMUM | VIR_DOMAIN_VCPU_LIVE)) {
+xenUnifiedError(VIR_ERR_INVALID_ARG,
+_(invalid flag combination: (0x%x)), flags);
+return -1;
+}
+if (!nvcpus || (unsigned short) nvcpus != nvcpus) {
+xenUnifiedError(VIR_ERR_INVALID_ARG,
+_(argument out of range: %d), nvcpus);
return -1;
}
/* Try non-hypervisor methods first, then hypervisor direct method
* as a last resort.
*/
-for (i = 0; i XEN_UNIFIED_NR_DRIVERS; ++i)
-if (i != XEN_UNIFIED_HYPERVISOR_OFFSET
-priv-opened[i]
-drivers[i]-domainSetVcpus
-drivers[i]-domainSetVcpus (dom, nvcpus) == 0)
-return 0;
-
-if (priv-opened[XEN_UNIFIED_HYPERVISOR_OFFSET]
-drivers[XEN_UNIFIED_HYPERVISOR_OFFSET]-domainSetVcpus
-drivers[XEN_UNIFIED_HYPERVISOR_OFFSET]-domainSetVcpus (dom, nvcpus)
== 0)
-return 0;
+if (priv-opened[XEN_UNIFIED_XEND_OFFSET]) {
+ret = xenDaemonDomainSetVcpusFlags(dom, nvcpus, flags);
+if (ret != -2)
+return ret;
+}
+if (priv-opened[XEN_UNIFIED_XM_OFFSET]) {
+ret = xenXMDomainSetVcpusFlags(dom, nvcpus, flags);
+if (ret != -2)
+return ret;
+}
+if (flags == VIR_DOMAIN_VCPU_LIVE)
+return xenHypervisorSetVcpus(dom, nvcpus);
+xenUnifiedError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
return -1;
}
static int
xenUnifiedDomainSetVcpus (virDomainPtr dom, unsigned int nvcpus)
{
-return xenUnifiedDomainSetVcpusFlags(dom, nvcpus, VIR_DOMAIN_VCPU_LIVE);
+unsigned int flags = VIR_DOMAIN_VCPU_LIVE;
+xenUnifiedPrivatePtr priv;
+
+/* Per the documented API, it is hypervisor-dependent whether this
+ * affects just _LIVE or _LIVE|_CONFIG; in xen's case, that
+ * depends on xendConfigVersion. */
+if (dom) {
+priv = dom-conn-privateData;
+if (priv-xendConfigVersion = 3)
+flags |= VIR_DOMAIN_VCPU_CONFIG;
+}
+return xenUnifiedDomainSetVcpusFlags(dom, nvcpus, flags);
}
static int
diff --git a/src/xen/xen_driver.h b/src/xen/xen_driver.h
index bb68f6a..e67faba 100644
--- a/src/xen/xen_driver.h
+++ b/src/xen/xen_driver.h
@@ -219,6 +219,7 @@ int xenUnifiedRemoveDomainInfo(xenUnifiedDomainInfoListPtr
info,
void xenUnifiedDomainEventDispatch (xenUnifiedPrivatePtr priv,
virDomainEventPtr event);
unsigned long xenUnifiedVersion(void);
+int xenUnifiedGetMaxVcpus(virConnectPtr conn, const char *type);
# ifndef PROXY
void xenUnifiedLock(xenUnifiedPrivatePtr priv);
diff --git a/src/xen/xend_internal.c b/src/xen/xend_internal.c
index e887e9d..ed90459 100644
--- a/src/xen/xend_internal.c
+++ b/src/xen/xend_internal.c
Re: [libvirt] [PATCHv2 00/14] vcpu - distinguish maximum from current
On 10/13/2010 11:53 AM, Eric Blake wrote: Version 1 had ACKs on most of the patches, but raised several points (not the least of which was a lack of testing). I've now done more testing on xen than on qemu, so there may still be some qemu quirks. Version 2 of the patch series; this addresses most of the points from v1 (http://thread.gmane.org/gmane.comp.emulators.libvirt/28520). I'm thinking that it is possible to backport _just_ patches 1 (add current attribute), 7 (add maxvcpus to xml), and 12 (xen xm and sexpr support) to make RHEL 5 xen support the distinction at the XML layer without the expense of an API addition (that is, the existing dumpxml API is sufficient to expose the core change in this patch series, and the remaining patches in the series are just sugar to make it easier). However, I still have to test that theory. That theory has now been tested - it only took a few minor tweaks to backport just those three patches for XML support without new API support. However, I don't suggest reordering patches when applying this series upstream. I also have one patch to write - namely, making xen support virDomainSetVcpusFlags. But I'd rather get the review going on the rest of these patches, since it's now the last remaining 0.8.5 candidate feature. That patch is now submitted (as 15/14), and I've done more testing on xen and the test driver. Still to come - a patch to replace docs/api_extension with a more up-to-date example by using this patch series :) -- Eric Blake ebl...@redhat.com+1-801-349-2682 Libvirt virtualization library http://libvirt.org -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] esx: Handle name escaping properly
2010/10/14 Daniel Veillard veill...@redhat.com:
On Wed, Oct 13, 2010 at 10:47:57PM +0200, Matthias Bolte wrote:
2010/10/13 Daniel Veillard veill...@redhat.com:
On Wed, Oct 13, 2010 at 11:06:44AM +0200, Matthias Bolte wrote:
VMware uses a mix of percent-, pipe- and base64-encoding in
different combinations in different places.
Add a testcase for this.
---
src/esx/README | 25
src/esx/esx_driver.c | 72 ++-
src/esx/esx_storage_driver.c | 42 ++-
src/esx/esx_util.c | 198
++
src/esx/esx_util.h | 18 +++
src/esx/esx_vi.c | 6 +
src/esx/esx_vmx.c | 88 +-
tests/esxutilstest.c | 51
tests/xml2vmxdata/xml2vmx-annotation.vmx | 2 +-
9 files changed, 405 insertions(+), 97 deletions(-)
That sounds vaguely familiar, I think I reviewed such a patch last
month, right ?
I've sworn about this on IRC last week, so that's probably why it
sounds familiar to you :)
hum, maybe I got confused then ...
+static struct testDatastoreItem datastoreItems[] = {
+ { normal, normal },
+ { /* Aä1ö2ü3ß4#5~6!7§8/9%Z */
+ A\303\2441\303\2662\303\2743\303\2374#5~6!7\302\2478/9%Z,
+ A+w6Q-1+w7Y-2+w7w-3+w58-4+Iw-5+fg-6+IQ-7+wqc-8+JQ-2f9+JQ-25Z },
+ { /* Z~6!7§8/9%0#1\2'3`4A */ Z~6!7\302\2478/9%0#1\2'3`4A,
+ Z+fg-6+IQ-7+wqc-8+JQ-2f9+JQ-250+Iw-1_2'3+YA-4+Jg-A },
+ { /* 標準語 */ \346\250\231\346\272\226\350\252\236, +5qiZ5rqW6Kqe },
+ { !\#$%'()*+,-./0123456789:;=?,
+ +IQ-_+IyQl-25+Jg-'()_+Kw-,-.+JQ-2f0123456789_+Ow-_+PQ-__ },
+ { A Z[\\]^_B, A Z+WyU-5c+XV4-_B },
+ { a...@{|}~DEL, A+YA-B+QHs-_+fX4-DEL },
+ { /* hÀÁÂÃÄÅH */ h\303\200\303\201\303\202\303\203\303\204\303\205H,
+ h+w4DDgcOCw4PDhMOF-H },
+ { /* A쿀Z */ A\354\277\200Z, A+7L+A-Z },
+ { /* !쿀A */ !\354\277\200A, +Iey,gA-A },
+ { ~~~, +fn5+ },
+ { ~~~A, +fn5+-A },
+ { K%U/H\\Z, K+JQ-25U+JQ-2fH+JQ-5cZ },
+ { vvvA\B\Czzz, vvv_A_B_C_zzz },
+};
I assume in comments it's harmless, so ACK :-)
thanks !
Daniel
Well, the encoding problem will still affect the comments but that
should be no problem for the compiler or the result of the test case.
This is how gnulib does this in its test cases. Eric linked me an
example for the gnulib codebase and I just followed that example.
I pushed this now.
Matthias
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] Make sure that filedescriptors are only closed once
Setting fd=-1 in these places makes sure that the fd is not closed twice later on in 'clean:'. This is of course a recipe for disaster in a multi-threaded system where the filedescriptor can belong to something else right away. At least we have a pattern... (looks like I can close the augeas bug as well...) Signed-off-by: Stefan Berger stef...@us.ibm.com --- src/conf/domain_conf.c |2 ++ src/conf/network_conf.c |2 ++ src/conf/nwfilter_conf.c |4 src/conf/storage_conf.c |2 ++ 4 files changed, 10 insertions(+) Index: libvirt-acl/src/conf/domain_conf.c === --- libvirt-acl.orig/src/conf/domain_conf.c +++ libvirt-acl/src/conf/domain_conf.c @@ -6805,6 +6805,8 @@ int virDomainSaveXML(const char *configD goto cleanup; } +fd = -1; + ret = 0; cleanup: if (fd != -1) Index: libvirt-acl/src/conf/network_conf.c === --- libvirt-acl.orig/src/conf/network_conf.c +++ libvirt-acl/src/conf/network_conf.c @@ -694,6 +694,8 @@ int virNetworkSaveXML(const char *config goto cleanup; } +fd = -1; + ret = 0; cleanup: Index: libvirt-acl/src/conf/nwfilter_conf.c === --- libvirt-acl.orig/src/conf/nwfilter_conf.c +++ libvirt-acl/src/conf/nwfilter_conf.c @@ -2200,6 +2200,8 @@ int virNWFilterSaveXML(const char *confi goto cleanup; } +fd = -1; + ret = 0; cleanup: @@ -2611,6 +2613,8 @@ virNWFilterPoolObjSaveDef(virNWFilterDri goto cleanup; } +fd = -1; + ret = 0; cleanup: Index: libvirt-acl/src/conf/storage_conf.c === --- libvirt-acl.orig/src/conf/storage_conf.c +++ libvirt-acl/src/conf/storage_conf.c @@ -1567,6 +1567,8 @@ virStoragePoolObjSaveDef(virStorageDrive goto cleanup; } +fd = -1; + ret = 0; cleanup: -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v2] Make sure that filedescriptors are only closed once
V2: also the path where close() failed needs to be corrected; - time for a VIR_CLOSE() ? Setting fd=-1 in these places makes sure that the fd is not closed twice later on in 'clean:'. This is of course a recipe for disaster in a multi-threaded system where the filedescriptor can belong to something else right away. At least we have a pattern... (looks like I can close the augeas bug as well...) Signed-off-by: Stefan Berger stef...@us.ibm.com --- src/conf/domain_conf.c |5 - src/conf/network_conf.c |5 - src/conf/nwfilter_conf.c | 10 -- src/conf/storage_conf.c |5 - 4 files changed, 20 insertions(+), 5 deletions(-) Index: libvirt-acl/src/conf/domain_conf.c === --- libvirt-acl.orig/src/conf/domain_conf.c +++ libvirt-acl/src/conf/domain_conf.c @@ -6802,13 +6802,16 @@ int virDomainSaveXML(const char *configD virReportSystemError(errno, _(cannot save config file '%s'), configFile); -goto cleanup; +goto cleanup_free; } +fd = -1; + ret = 0; cleanup: if (fd != -1) close(fd); + cleanup_free: VIR_FREE(configFile); return ret; } Index: libvirt-acl/src/conf/network_conf.c === --- libvirt-acl.orig/src/conf/network_conf.c +++ libvirt-acl/src/conf/network_conf.c @@ -691,15 +691,18 @@ int virNetworkSaveXML(const char *config virReportSystemError(errno, _(cannot save config file '%s'), configFile); -goto cleanup; +goto cleanup_free; } +fd = -1; + ret = 0; cleanup: if (fd != -1) close(fd); + cleanup_free: VIR_FREE(configFile); return ret; Index: libvirt-acl/src/conf/nwfilter_conf.c === --- libvirt-acl.orig/src/conf/nwfilter_conf.c +++ libvirt-acl/src/conf/nwfilter_conf.c @@ -2197,15 +2197,18 @@ int virNWFilterSaveXML(const char *confi virReportSystemError(errno, _(cannot save config file '%s'), configFile); -goto cleanup; +goto cleanup_free; } +fd = -1; + ret = 0; cleanup: if (fd != -1) close(fd); + cleanup_free: VIR_FREE(configFile); return ret; @@ -2608,15 +2611,18 @@ virNWFilterPoolObjSaveDef(virNWFilterDri virReportSystemError(errno, _(cannot save config file %s), pool-configFile); -goto cleanup; +goto cleanup_free; } +fd = -1; + ret = 0; cleanup: if (fd != -1) close(fd); + cleanup_free: VIR_FREE(xml); return ret; Index: libvirt-acl/src/conf/storage_conf.c === --- libvirt-acl.orig/src/conf/storage_conf.c +++ libvirt-acl/src/conf/storage_conf.c @@ -1564,15 +1564,18 @@ virStoragePoolObjSaveDef(virStorageDrive virReportSystemError(errno, _(cannot save config file %s), pool-configFile); -goto cleanup; +goto cleanup_free; } +fd = -1; + ret = 0; cleanup: if (fd != -1) close(fd); + cleanup_free: VIR_FREE(xml); return ret; -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
