| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Signed-off-by: Takanori Kasai <kasai.takanori@jp.fujitsu.com>
Signed-off-by: Hirofumi Tsujimura <tsujimura.hirof@jp.fujitsu.com>
|
|
|
|
| |
Signed-off-by: Masaki Kanno <kanno.masaki@jp.fujitsu.com>
|
|
|
|
| |
Signed-off-by: Masayuki Igawa <igawa@mxs.nes.nec.co.jp>
|
|
|
|
|
| |
Type of rtc/timeoffset is not 'int' but 'str'.
Signed-off-by: Kouya Shimura <kouya@jp.fujitsu.com>
|
|
|
|
| |
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
| |
Signed-off-by: Zhai Edwin <edwin.zhai@intel.com>
|
|
|
|
| |
./configure --with-dom0-intf=<intf> (default vif0.0)
|
|
|
|
|
|
|
|
|
| |
- To remove device info, it waits for the backend path of the device
to be removed.
- It removes device info from domain info.
- It saves domain info to the config.sxp of the managed domain.
Signed-off-by: Masaki Kanno <kanno.masaki@jp.fujitsu.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
- prevent vlans from being relabeled when they are in use by the
current policy
- fix problems when doing an update of the policy and the name of the
policy changes while doing that
- refactor code that has to take into consideration that unlabeled
domains may be defined using the label __UNLABELED__
- make 'xm list --label' show the complete label of a domain
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
|
|
|
| |
The new hypervisor will set shared_info->wc_* so do not clobber those
values with the saved versions from the old hypervisor.
Signed-off-by: Ian Campbell <ian.campbell@xensource.com>
|
|
|
|
|
| |
Signed-off-by: Kouya Shimura <kouya@jp.fujitsu.com>
Signed-off-by: KUWAMURA Shin'ya <kuwa@jp.fujitsu.com>
|
|
|
|
|
|
|
|
|
|
|
| |
If we test multiple domain create/shutdown many times.
sometimes abnormal values of cpu(%) are appeared.
This is because shutdown domain remove failure.
(in other words, memory corruption of struct )
This corruption makes abnormal cpu(%) values are shown xentop
sometimes.
Signed-off-by: Atsushi SAKAI <sakaia@jp.fujitsu.com>
|
|
|
|
|
| |
for ease of patch management
Signed-off-by: Tim Deegan <Tim.Deegan@xensource.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On my FC7 installation some of the test in the xm test suite fail for
no apparent reason. The problem is that the python 'readline' module
puts out control characters that confuse code that parses the output
of some of the xm commands that are being run. The readline module
dumps those characters upon import. The attached patch works around
this problem.
Here's what I get in out.txt when doing 'python 2>&1 | tee out.txt'
and 'import readline' on the python command line:
Python 2.5 (r25:51908, Apr 10 2007, 10:29:13)
[GCC 4.1.2 20070403 (Red Hat 4.1.2-8)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
[[?1034h>>> >>>
The characters before the '>>>' above are those printed by that
version of 'readline' and remain invisible on the screen but appear in
the file and confuse the xm test suite parser.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
|
|
|
| |
Pass the command line parameter '--skipdtd|-s' through to the actual
'xm new' command.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
|
|
|
| |
LiloConf.py ignores the following options: root and read-only.
This patch fixes the issue.
Signed-off-by: KUWAMURA Shin'ya <kuwa@jp.fujitsu.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When calling destroyDevice code path (e.g. xm block-detach dom devid),
allow specifying an integer device id or a device name such as xvdN or
/dev/xvdN. Allowing the /dev/xvdN form is useful when detaching
devices from dom0. Bootloaders may do this to unmount a disk
previously mounted in dom0.
Move examination of device ID format into the DevController,
permitting device controllers to determine a valid device ID instead
of higher level code.
Signed-off-by: Jim Fehlig <jfehlig@novell.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for removing/replacing a policy from the running
system. This operation is only successful if currently running VMs
would also be allowed to run under the new policy. Removing the
current policy means that the default policy is installed, which then
only has support for a single VM label and STE type (SystemManagement)
and is the same policy that the system starts up with when no policy
is chosen.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
|
|
|
|
|
|
| |
Add support for running unlabeled domains alongside labeled ones, if
the policy contains a VM label with name '__UNLABELED__' and an STE
type with the same name. The ezpolicy tool has been modified to
automatically suggest a policy under which unlabeled domains can
run. The user may delete this, if this is not desired.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
| |
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
| |
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
|
| |
implemented as variables on all systems.
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
|
|
| |
This fixes client reader-thread deaths in which a 'garbage string' was
being read instead of a well-formed message header.
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
| |
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
| |
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The blktapctrl process is responsible for spawning individual tapdisk
processes. It does this using the 'system' method, but unfortunately
none of its file descriptors have the close-on-exec flag set. The
parent blktapctl process opens a couple of unix domain sockets
per-tapdisk it spawns. So the first tapdisk get 2 FDs leaked to it,
the second gets 4 FDs leaked to it, the 3rd gets 6 and so on. The use
of 'system' also unneccessarily invokes the shell.
Replace system with fork/execvp, and explicitly close all file handles
up to _SC_OPEN_MAX.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
|
|
|
| |
Signed-off-by: Alex Williamson <alex.williamson@hp.com>
|
|
|
|
| |
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
|
|
|
|
|
|
|
| |
- don't reload the policy if it has been loaded
- don't always load the policy in the test suite when the policy is
already loaded
- skip tests 07 and 09 when ACM is not enabled and xm is not using the
Xen-API
- fix a problem when trying to remove an invalid label
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
| |
Signed-off-by: Akio Takebe <takebe_akio@jp.fujitsu.com>
|
|
|
|
| |
Signed-off-by: Jim Fehlig <jfehlig@novell.com>
|
|
|
|
| |
Signed-off-by: Jim Fehlig <jfehlig@novell.com>
|
|
|
|
| |
Signed-off-by: Jim Fehlig <jfehlig@novell.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Xend tries to rebuild the network configuration such as bridges and
vlan interfaces (in those bridges) when starting. Unfortunately this
fails on the first startup since the network script has not run, yet,
and for example created peth0. When restarting xend it works due to
the peth0 being there then. This patch moves the initialization of the
network to an earlier time in the xend initialization process to
mitigate this problem.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recent changes to the setup of the peth0 interface have resulted in a
change of its MAC address. Previously it seems to have had a MAC
address of 'fe:ff:ff:ff:ff:ff', but now it has the same MAC address as
eth0. As a consequence to this the Xen-API code to create VLANs
(PIF.create_VLAN("peth0",...)) does not work anymore, since peth0 can
not be identified according to this previous criteria of fake MAC
address. This patch fixes this issue by identifying it through the
prefix 'peth'.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
|
|
|
|
|
| |
A domain is only authorized to run if it has a superset of Simple Type
Enforcement Types in its VM label compared to that of Domain-0, which
itself may not have all STEs available in a policy. This patch adds a
check for this into Xend and the necessary code support into Xen.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
| |
Signed-off-by: Tim Deegan <Tim.Deegan@xensource.com>
|
|
|
|
|
|
| |
*should* in fact cause the connection to be destroyed. Fix this with a
little extra code in the readfd() handler.
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
|
|
|
|
| |
1. readfd/writefd account for EINTR/EAGAIN errno returns.
2. Handle zero return from ->read() and ->write() handlers
symmetrically.
3. Fix some indentation issues (use hard tabs).
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a domain name check and a UUID check to xm new command. The check
logic is as follows:
- If the UUID is not specified
- If a VM with same name exists
=> Update the config for that existing VM
- Else no vm with same name exists
=> Define a brand new VM with auto-generated UUID
- Else UUID is specified
- If a VM with same UUID exists
- If name is different
=> Error
- Else if name is same
=> Update the config for that existing VM
- Else no VM with same UUID exists
- If name is different
=> Define a branch new VM with that name
- Else if name is same
=> Error
Signed-off-by: Masaki Kanno <kanno.masaki@jp.fujitsu.com>
|
|
|
|
|
|
| |
Use the same xenstore area for log-dirty commands as for save/continue,
and avoid a race condition by acking the save command after the save.
Signed-off-by: Tim Deegan <Tim.Deegan@xensource.com>
|
|\ |
|
| |
| |
| |
| |
| | |
Avoids total starvation under some workloads.
Signed-off-by: Keir Fraser <keir@xensource.com>
|
| |
| |
| |
| |
| |
| | |
Previously this would be missed on some bail paths within xenstored
which would talloc_free() the connection.
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|/
|
|
|
|
|
| |
This lets us verify that qemu has indeed stopped processing before
we start saving guest memory. Also allow qemu to continue processing
after the save has happened, instead of exiting immediately.
Signed-off-by: Tim Deegan <Tim.Deegan@xensource.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is a problem in the input of the key in the VNC connection on
the PV domain. When client's keyboard is not the same as the kind of
the keyboard of PVFB and GuestOS, it is not possible to input it correctly.
This patch handled the state of shift from the set keymap. When
client's keyboard is not same as the kind of PVFB/GuestOS, it is
possible to input it correctly. It was confirmed to input it correctly
mutually with this patch between en-us and ja.
Signed-off-by: Takanori Kasai <kasai.takanori@jp.fujitsu.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is a problem in the input of the key in the VNC connection on
the HVM domain. When client's keyboard is not the same as the kind of
the keyboard of qemu-dm and GuestOS, it is not possible to input it
correctly.
VNC client qemu-dm & GuestOS
--------------+-----------------------
ja en-us ==> NG
en-us en-us ==> OK
Originally, the same keysym-code between client and qemu-dm is
transmitted. However, even if it is the same character, the state of
shift is different according to the kind of keyboard.
ex.
"=" charactor
---------------------
en-us : "="
ja : shift + "-"
Therefore, it is necessary to handle the state of the shift by setting
qemu-dm and GuestOS. There is information on whether shift is
necessary for each key for the keymap of qemu-dm.
ex.
VNC client : ja
qemu-dm & GuestOS : en-us
input key : "="
event client to qemu-dm :
shift(push) >> "="(push) >> "="(release) >> shift(release)
event qemu-dm to guest :
shift(push) >> shift(release) >> "="(push) >> "="(release) >>
shift(push) >>
shift(release)
This patch handled the state of shift from the set keymap.
When client's keyboard is not same as the kind of qemu-dm/GuestOS,
it is possible to input it correctly.
It was confirmed to input it correctly mutually with this patch
between en-us and ja.
Signed-off-by: Takanori Kasai <kasai.takanori@jp.fujitsu.com>
|
|
|
|
| |
Signed-off-by: Masaki Kanno <kanno.masaki@jp.fujitsu.com>
|
|
|
|
| |
Signed-off-by: Frank van der Linden <frank.vanderlinden@sun.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds labeling of virtual network interfaces to xend and
makes this manageable through the Xen-API. It's a feature that is
only usable if ACM is enabled in Xen and xend is used through the
xen-api. A labeled virtual network interface will be plugged into a
bridge where other domains with the same-labeled network interface are
connected to, so that only same-colored domains can communicate with
each other. The bridge should be connected to the outside world using
VLAN for isolation, extending the isolation beyond the local machine.
If a virtual machine is labeled with a VM label that only has one
Simple Type Enforcement Type then it is not necessary to label the
virtual network interface, but the color of the network interface is
determined from the VM's label. If, however, a virtual machine is
labeled with a VM label that has multiple Simple Type Enforcement
Types, then the explicit labeling of each virtual network interface is
required. To specify the label of a network interface, the vif line in
the VM's configuration file has been extended with parameters similar
use for specifying the label of the VM:
vif = ['policy=<policy name>,label=<resource label>']
This labels the VIF of the virtual machine for usage under the policy
'policy name' and labels it with the label 'resource label'.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|