| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
Fix the case where the resource label file does not exist but its
contents would be needed for access control evaluations.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
| |
|
|
|
|
| |
code.
Signed-off-by: Keir Fraser <keir@xensource.com>
|
| |
|
|
|
|
|
| |
On ia64 trying to map a foreign domain page which isn't allocated
cause annoying warning message. xm dump-core results in too many
warnings. With this hook, ia64 dump-core can suprress warning.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
|
| |
|
|
|
|
|
|
| |
Optimize out unnecessary map/unmap foreign domain page
by moving p2m/pfn talbe after pages array.
This patch doesn't change the xm dump-core format.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
|
| |
|
|
| |
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
|
| |
|
|
|
| |
Signed-off-by: Alex Williamson <alex.williamson@hp.com>
Signed-off-by: Keir Fraser <keir@xensource.com>
|
| |
|
|
|
|
|
| |
Microsoft's Remote Installation Services, which require F11/F12 keys
Signed-off-by: Ben Guthro <bguthro@virtualron.com>
Signed-off-by: Steve Ofsthun <sofsthun@virtualiron.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The TPM code in tools/ioemu/hw/tpm_tis.c has a struct containing a
number of function pointers with names open, close, read, write which
are the same as various POSIX apis already #included in the
file. POSIX allows these functions to be defined as macros and latest
GCC/glibc does indeed define them as macros depending on compiler
flags. This causes compile errors when deferencing the struct
members. The solution is either to change calls like ctx->open () to
be (* ctx->open) (), or simply to rename the struct members. Since
this struct was only used inside that one file I simply renamed them.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When I tested xm create command, I saw the following error message.
I expected an error message "Error: (12, 'Cannot allocate memory')"
because I intentionally caused a memory shortage on the test.
But the error message was different from my expectation.
# xm create /xen/HVMdomain.1
Using config file "/xen/HVMdomain.1".
Error: an integer is required
I looked at xend.log to examine the cause why the error message was
shown. (Could you see the attached xend.log?)
xend had the error message "Error: (12, 'Cannot allocate memory')"
first. But xend changed the error message to "Error: an integer is
required" halfway. I'm not sure about the cause why an exception
occurred in logging processing. But when I applied an attached patch,
I confirmed that the error message that I expected was shown. The
patch does not call xc.domain_destroy_hook() if self.domid is None.
Signed-off-by: Masaki Kanno <kanno.masaki@jp.fujitsu.com>
|
| |
|
|
|
|
|
|
|
|
| |
set_mm_mapping() may fail because of xc_domain_populate_physmap(). In
this case, we should not blindly go on; the xc_map_foreign_batch()
that follows will cause a page fault and, at best, get mapped in a
zeroed page from the dom0 (which is not what we want). While I'm in
here, fix a memory leak on an error path.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
|
| |
|
|
|
| |
as during domain creation.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The basic problem was that the "image" section of the sxp had a "None"
in it, which means that on the restore (either on the local machine or
remote machine), the vnc server in the qemu device model literally
needed the string "None" to properly connect. This simple patch only
puts a vncpasswd entry in the image if it is *not* None in the python
code, thus avoiding the whole issue.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
|
| |
|
|
|
|
| |
field.
Signed-off-by: Keir Fraser <keir@xensource.com>
|
| |
|
|
|
| |
Signed-off-by: Takanori Kasai <kasai.takanori@jp.fujitsu.com>
Signed-off-by: Hirofumi Tsujimura <tsujimura.hirof@jp.fujitsu.com>
|
| |
|
|
| |
Signed-off-by: Masaki Kanno <kanno.masaki@jp.fujitsu.com>
|
| |
|
|
| |
Signed-off-by: Masayuki Igawa <igawa@mxs.nes.nec.co.jp>
|
| |
|
|
|
| |
Type of rtc/timeoffset is not 'int' but 'str'.
Signed-off-by: Kouya Shimura <kouya@jp.fujitsu.com>
|
| |
|
|
| |
Signed-off-by: Keir Fraser <keir@xensource.com>
|
| |
|
|
| |
Signed-off-by: Zhai Edwin <edwin.zhai@intel.com>
|
| |
|
|
| |
./configure --with-dom0-intf=<intf> (default vif0.0)
|
| |
|
|
|
|
|
|
|
| |
- To remove device info, it waits for the backend path of the device
to be removed.
- It removes device info from domain info.
- It saves domain info to the config.sxp of the managed domain.
Signed-off-by: Masaki Kanno <kanno.masaki@jp.fujitsu.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- prevent vlans from being relabeled when they are in use by the
current policy
- fix problems when doing an update of the policy and the name of the
policy changes while doing that
- refactor code that has to take into consideration that unlabeled
domains may be defined using the label __UNLABELED__
- make 'xm list --label' show the complete label of a domain
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
| |
|
|
|
|
|
| |
The new hypervisor will set shared_info->wc_* so do not clobber those
values with the saved versions from the old hypervisor.
Signed-off-by: Ian Campbell <ian.campbell@xensource.com>
|
| |
|
|
|
| |
Signed-off-by: Kouya Shimura <kouya@jp.fujitsu.com>
Signed-off-by: KUWAMURA Shin'ya <kuwa@jp.fujitsu.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
If we test multiple domain create/shutdown many times.
sometimes abnormal values of cpu(%) are appeared.
This is because shutdown domain remove failure.
(in other words, memory corruption of struct )
This corruption makes abnormal cpu(%) values are shown xentop
sometimes.
Signed-off-by: Atsushi SAKAI <sakaia@jp.fujitsu.com>
|
| |
|
|
|
| |
for ease of patch management
Signed-off-by: Tim Deegan <Tim.Deegan@xensource.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On my FC7 installation some of the test in the xm test suite fail for
no apparent reason. The problem is that the python 'readline' module
puts out control characters that confuse code that parses the output
of some of the xm commands that are being run. The readline module
dumps those characters upon import. The attached patch works around
this problem.
Here's what I get in out.txt when doing 'python 2>&1 | tee out.txt'
and 'import readline' on the python command line:
Python 2.5 (r25:51908, Apr 10 2007, 10:29:13)
[GCC 4.1.2 20070403 (Red Hat 4.1.2-8)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
[[?1034h>>> >>>
The characters before the '>>>' above are those printed by that
version of 'readline' and remain invisible on the screen but appear in
the file and confuse the xm test suite parser.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
| |
|
|
|
|
|
| |
Pass the command line parameter '--skipdtd|-s' through to the actual
'xm new' command.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
| |
|
|
|
|
|
| |
LiloConf.py ignores the following options: root and read-only.
This patch fixes the issue.
Signed-off-by: KUWAMURA Shin'ya <kuwa@jp.fujitsu.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When calling destroyDevice code path (e.g. xm block-detach dom devid),
allow specifying an integer device id or a device name such as xvdN or
/dev/xvdN. Allowing the /dev/xvdN form is useful when detaching
devices from dom0. Bootloaders may do this to unmount a disk
previously mounted in dom0.
Move examination of device ID format into the DevController,
permitting device controllers to determine a valid device ID instead
of higher level code.
Signed-off-by: Jim Fehlig <jfehlig@novell.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add support for removing/replacing a policy from the running
system. This operation is only successful if currently running VMs
would also be allowed to run under the new policy. Removing the
current policy means that the default policy is installed, which then
only has support for a single VM label and STE type (SystemManagement)
and is the same policy that the system starts up with when no policy
is chosen.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
| |
Add support for running unlabeled domains alongside labeled ones, if
the policy contains a VM label with name '__UNLABELED__' and an STE
type with the same name. The ezpolicy tool has been modified to
automatically suggest a policy under which unlabeled domains can
run. The user may delete this, if this is not desired.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Keir Fraser <keir@xensource.com>
|
| |
|
|
| |
Signed-off-by: Keir Fraser <keir@xensource.com>
|
| |
|
|
|
| |
implemented as variables on all systems.
Signed-off-by: Keir Fraser <keir@xensource.com>
|
| |
|
|
|
|
| |
This fixes client reader-thread deaths in which a 'garbage string' was
being read instead of a well-formed message header.
Signed-off-by: Keir Fraser <keir@xensource.com>
|
| |
|
|
| |
Signed-off-by: Keir Fraser <keir@xensource.com>
|
| |
|
|
| |
Signed-off-by: Keir Fraser <keir@xensource.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The blktapctrl process is responsible for spawning individual tapdisk
processes. It does this using the 'system' method, but unfortunately
none of its file descriptors have the close-on-exec flag set. The
parent blktapctl process opens a couple of unix domain sockets
per-tapdisk it spawns. So the first tapdisk get 2 FDs leaked to it,
the second gets 4 FDs leaked to it, the 3rd gets 6 and so on. The use
of 'system' also unneccessarily invokes the shell.
Replace system with fork/execvp, and explicitly close all file handles
up to _SC_OPEN_MAX.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
| |
|
|
| |
Signed-off-by: Alex Williamson <alex.williamson@hp.com>
|
| |
|
|
| |
Signed-off-by: Keir Fraser <keir@xensource.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
- don't reload the policy if it has been loaded
- don't always load the policy in the test suite when the policy is
already loaded
- skip tests 07 and 09 when ACM is not enabled and xm is not using the
Xen-API
- fix a problem when trying to remove an invalid label
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Akio Takebe <takebe_akio@jp.fujitsu.com>
|
| |
|
|
| |
Signed-off-by: Jim Fehlig <jfehlig@novell.com>
|
| |
|
|
| |
Signed-off-by: Jim Fehlig <jfehlig@novell.com>
|
| |
|
|
| |
Signed-off-by: Jim Fehlig <jfehlig@novell.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Xend tries to rebuild the network configuration such as bridges and
vlan interfaces (in those bridges) when starting. Unfortunately this
fails on the first startup since the network script has not run, yet,
and for example created peth0. When restarting xend it works due to
the peth0 being there then. This patch moves the initialization of the
network to an earlier time in the xend initialization process to
mitigate this problem.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Recent changes to the setup of the peth0 interface have resulted in a
change of its MAC address. Previously it seems to have had a MAC
address of 'fe:ff:ff:ff:ff:ff', but now it has the same MAC address as
eth0. As a consequence to this the Xen-API code to create VLANs
(PIF.create_VLAN("peth0",...)) does not work anymore, since peth0 can
not be identified according to this previous criteria of fake MAC
address. This patch fixes this issue by identifying it through the
prefix 'peth'.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
| |
|
|
|
|
|
|
|
| |
A domain is only authorized to run if it has a superset of Simple Type
Enforcement Types in its VM label compared to that of Domain-0, which
itself may not have all STEs available in a policy. This patch adds a
check for this into Xend and the necessary code support into Xen.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Tim Deegan <Tim.Deegan@xensource.com>
|
