- 08 5月, 2013 11 次提交
-
-
由 Daniel P. Berrange 提交于
Several APIs allow for custom XML to be passed in. This is checked for ABI stability, which will ensure the UUID is not being changed. There isn't validation that the name did not change though. This could allow renaming of guests via the backdoor, which in turn could allow for bypassing access control restrictions based on names. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
In renaming driver API implementations to match the public API naming scheme, a few cases in the node device driver were missed. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The individual hypervisor drivers were directly referencing APIs in virnodesuspend.c in their virDriverPtr struct. Separate these methods, so there is always a wrapper in the hypervisor driver. This allows the unused virConnectPtr args to be removed from the virnodesuspend.c file. Again this will ensure that ACL checks will only be performed on invocations that are directly associated with public API usage. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The individual hypervisor drivers were directly referencing APIs in src/nodeinfo.c in their virDriverPtr struct. Separate these methods, so there is always a wrapper in the hypervisor driver. This allows the unused virConnectPtr args to be removed from the nodeinfo.c file. Again this will ensure that ACL checks will only be performed on invocations that are directly associated with public API usage. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Currently the virGetHostname() API has a bogus virConnectPtr parameter. This is because virtualization drivers directly reference this API in their virDriverPtr tables, tieing its API design to the public virConnectGetHostname API design. This also causes problems for access control checks since these must only be done for invocations from the public API, not internal invocation. Remove the bogus virConnectPtr parameter, and make each hypervisor driver provide a dedicated function for the driver API impl. This will allow access control checks to be easily inserted later. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Since PIDs can be reused, polkit prefers to be given a (PID,start time) pair. If given a PID on its own, it will attempt to lookup the start time in /proc/pid/stat, though this is subject to races. It is safer if the client app resolves the PID start time itself, because as long as the app has the client socket open, the client PID won't be reused. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
There are various methods named "virXXXXSecurityContext", which are specific to SELinux. Rename them all to "virXXXXSELinuxContext". They will still raise errors at runtime if SELinux is not compiled in Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
It is possible for $line to be undefined at first used, if the symfile doesn't have a section prefix (which is the case for auto-generated symfiles). Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Osier Yang 提交于
If the volume is of a clustered volume group, and not active, the related pool APIs fails on opening /dev/vg/lv. If the volume is suspended, it hangs on open(2) the volume. Though the best solution is to expose the volume status in volume XML, and even better to provide API to activate/deactivate the volume, but it's not the work I want to touch currently. Volume status in other status is just fine to skip. About the 5th field of lv_attr (from man lvs[8]) <quote> 5 State: (a)ctive, (s)uspended, (I)nvalid snapshot, invalid (S)uspended snapshot, snapshot (m)erge failed,suspended snapshot (M)erge failed, mapped (d)evice present without tables, mapped device present with (i)nactive table </quote>
-
由 Eric Blake 提交于
While reviewing proposed VIR_STRDUP conversions, I've already noticed several places that do: if (str && VIR_STRDUP(dest, str) < 0) which can be simplified by allowing str to be NULL (something that strdup() doesn't allow). Meanwhile, code that wants to ensure a non-NULL dest regardless of the source can check for <= 0. Also, make it part of the VIR_STRDUP contract that macro arguments are evaluated exactly once. * src/util/virstring.h (VIR_STRDUP, VIR_STRDUP_QUIET, VIR_STRNDUP) (VIR_STRNDUP_QUIET): Improve contract. * src/util/virstring.c (virStrdup, virStrndup): Change return conventions. * docs/hacking.html.in: Document this. * HACKING: Regenerate. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
VIR_APPEND_ELEMENT(array, size, elem) was not safe if the expression for 'size' had side effects. While no one in the current code base was trying to pass side effects, we might as well be robust and explicitly document our intentions. * src/util/viralloc.c (virInsertElementsN): Add special case. * src/util/viralloc.h (VIR_APPEND_ELEMENT): Use it. (VIR_ALLOC, VIR_ALLOC_N, VIR_REALLOC_N, VIR_EXPAND_N) (VIR_RESIZE_N, VIR_SHRINK_N, VIR_INSERT_ELEMENT) (VIR_DELETE_ELEMENT, VIR_ALLOC_VAR, VIR_FREE): Document which macros are safe in the presence of side effects. * docs/hacking.html.in: Document this. * HACKING: Regenerate. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 07 5月, 2013 6 次提交
-
-
由 Ján Tomko 提交于
Use virBufferAddLit or virBufferAddChar instead.
-
由 Laine Stump 提交于
VFIO device assignment requires a cgroup ACL to be setup for access to the /dev/vfio/nn "group" device for any devices that will be assigned to a guest. In the case of a host device that is allocated from a pool, it was being allocated during qemuBuildCommandLine(), which is called by qemuProcessStart() *after* the all-encompassing qemuSetupCgroup() was called, meaning that the standard Cgroup ACL setup wasn't creating ACLs for these devices allocated from pools. One possible solution was to manually add a single ACL down inside qemuBuildCommandLine() when networkAllocateActualDevice() is called, but that has two problems: 1) the function that adds the cgroup ACL requires a virDomainObjPtr, which isn't available in qemuBuildCommandLine(), and 2) we really shouldn't be doing network device setup inside qemuBuildCommandLine() anyway. Instead, I've created a new function called qemuNetworkPrepareDevices() which is called just before qemuPrepareHostDevices() during qemuProcessStart() (explanation of ordering in the comments), i.e. well before the call to qemuSetupCgroup(). To minimize code churn in a patch that will be backported to 1.0.5-maint, qemuNetworkPrepareDevices only does networkAllocateActualDevice() and the bare amount of setup required for type='hostdev network devices, but it eventually should do *all* device setup for guest network devices. Note that some of the code that was previously needed in qemuBuildCommandLine() is no longer required when networkAllocateActualDevice() is called earlier: * qemuAssignDeviceHostdevAlias() is already done further down in qemuProcessStart(). * qemuPrepareHostdevPCIDevices() is called by qemuPrepareHostDevices() which is called after qemuNetworkPrepareDevices() in qemuProcessStart(). As hinted above, this new function should be moved into a separate qemu_network.c (or similarly named) file along with qemuPhysIfaceConnect(), qemuNetworkIfaceConnect(), and qemuOpenVhostNet(), and expanded to call those functions as well, then the nnets loop in qemuBuildCommandLine() should be reduced to only build the commandline string (which itself can be in a separate qemuInterfaceBuilldCommandLine() function as suggested by Michal). However, this will require storing away an array of tapfd and vhostfd that are needed for the commandline, so I would rather do that in a separate patch and leave this patch at the minimum to fix the bug.
-
由 Boris Fiuczynski 提交于
On architectures not supporting the Intel specific programmable interval timer, like e.g. S390, starting a domain with a clock definition containing a pit timer results in the error "Option no-kvm-pit-reinjection not supported for this target". By moving the capability enablement for -no-kvm-pit-reinjection from the InitQMPBasic section into the x86_64 and i686 only enablement section all other architectures are no longer automatically enabled. In addition architecture related capabilities enablements have refactored into a new architecture bound capabilities initialization function. Signed-off-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
-
由 Daniel Hansel 提交于
We have seen an issue on s390x platform where domain XMLs larger than 1MB were used. The define command was finished successfully. The dumpxml command was not successful (i.e. could not encode message payload). Enlarged message related sizes (e.g. maximum string size, message size, etc.) to handle larger system configurations used on s390x platform. To improve handling of the RPC message size the allocation during encode process is changed to a dynamic one (i.e. starting with 64kB initial size and increasing that size in steps up to 16MB if the payload data is larger). Signed-off-by: NDaniel Hansel <daniel.hansel@linux.vnet.ibm.com> Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
-
由 Peter Krempa 提交于
When attempting to generate the native command line from an XML file that uses graphics port auto allocation, the generated commandline wouldn't be valid. This patch adds fake autoallocation of ports as done when starting the actual machine.
-
由 Eric Blake 提交于
On a mingw build, 'make distcheck' fails with: GEN libvirt_qemu.def make[3]: *** No rule to make target `../../src/libvirt_lxc.syms', needed by `libvirt_lxc.def'. Stop. I traced it to a missing entry in EXTRA_DIST. But rather than keep the entire list in sync, it is easier to list the three syms files that drive .so files directly, and then reuse existing makefile variables for the remaining files (that is, I validated that all remaining files are added to SYM_FILES, possibly via USED_SYM_FILES, according to makefile conditionals). Problem introduced in commit 3d1596b0 (v1.0.2). * src/Makefile.am (EXTRA_DIST): Ensure all syms files are shipped. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 05 5月, 2013 1 次提交
-
-
由 Michal Privoznik 提交于
The code adaptation is not done right now, but in subsequent patches. Hence I am not implementing syntax-check rule as it would break compilation. Developers are strongly advised to use these new macros. They are similar to VIR_ALLOC() logic: VIR_STRDUP(dst, src) returns zero on success, -1 otherwise. In case you don't want to report OOM error, use the _QUIET variant of a macro.
-
- 04 5月, 2013 1 次提交
-
-
由 Laine Stump 提交于
I must have looked at this a couple dozen times before I noticed it had "!=" instead of "==". Not doing this setup prevented qemu from doing anything with the vfio group device.
-
- 03 5月, 2013 18 次提交
-
-
由 Guido Günther 提交于
In the non linux case some callers like gather_scsi_host_caps needed the return code of -1 while others like update_caps needed an empty statement (to avoid a "statement without effect" warning). This is much simpler solved by using a function instead of a define.
-
由 Guido Günther 提交于
since it uses glibc's rpcgen.
-
由 Daniel P. Berrange 提交于
A 'uri' parameter was added for the benefit of sanlock. This causes a warning in the lockd driver though 2013-05-03 13:20:35.347+0000: 28403: error : virLockManagerLockDaemonNew:482 : internal error Unexpected parameter uri for object Ignore this parameter, since lockd does not require it and it is harmless if not used. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
qemu:///session由 Laine Stump 提交于
This should resolve https://bugzilla.redhat.com/show_bug.cgi?id=958907 Recent new addition of code to read/write active network state to the NETWORK_STATE_DIR in the network driver broke startup for qemu:///session. The network driver had several state file paths hardcoded to /var, which could never possibly work in session mode. This patch modifies *all* state files to use a variable string that is set differently according to whether or not we're running privileged. (It turns out that logDir was never used, so it's been completely eliminated.) There are very definitely other problems preventing dnsmasq and radvd from running in non-privileged mode, but it's more consistent to have the directories used by them be determined in the same fashion. NB: I've noted before that the network driver is storing its state (including dnsmasq and radvd state) in /var/lib, while qemu stores its state in /var/run. It would probably have been better if the two matched, but it's been this way for a long time, and changing it would break running installations during an upgrade, so it's best to just leave it as it is.
-
由 Daniel P. Berrange 提交于
The QEMU migration code unconditionally sets the 'persistent' cookie flag on the source host. The dest host, however, only allows it during parsing if VIR_MIGRATE_PERSIST_DEST was set. Make the source host only set it if this flag is present. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The lockd plugin for the lock manager was not correctly handling the release of resource locks. This meant that during migration, or when pausing a VM, the locks would not get released. This in turn made it impossible to resume the domain, or finish migration
-
由 Daniel P. Berrange 提交于
The F_DUPFD_CLOEXEC operation with fcntl() expects a single int argument, specifying the minimum FD number for the newly dup'd file descriptor. We were not specifying that causing random stack data to be accessed as the FD number. Sometimes that worked, sometimes it didn't. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Eric Blake 提交于
POSIX says pthread_t is opaque. We can't guarantee if it is scaler or a pointer, nor what size it is; and BSD differs from Linux. We've also had reports of gcc complaining on attempts to cast it, if we use a cast to the wrong type (for example, pointers have to be cast to void* or intptr_t before being narrowed; while casting a function return of scalar pthread_t to void* triggers a different warning). Give up on casts, and use unions to get at decent bits instead. And rather than futz around with figuring which 32 bits of a potentially 64-bit pointer are most likely to be unique, convert the rest of the code base to use 64-bit values when using a debug id. Based on a report by Guido Günther against kFreeBSD, but with a fix that doesn't regress commit 4d970fd2 for FreeBSD. * src/util/virthreadpthread.c (virThreadSelfID, virThreadID): Use union to get at a decent bit representation of thread_t bits. * src/util/virthread.h (virThreadSelfID, virThreadID): Alter signature. * src/util/virthreadwin32.c (virThreadSelfID, virThreadID): Likewise. * src/qemu/qemu_domain.h (qemuDomainJobObj): Alter type of owner. * src/qemu/qemu_domain.c (qemuDomainObjTransferJob) (qemuDomainObjSetJobPhase, qemuDomainObjReleaseAsyncJob) (qemuDomainObjBeginNestedJob, qemuDomainObjBeginJobInternal): Fix clients. * src/util/virlog.c (virLogFormatString): Likewise. * src/util/vireventpoll.c (virEventPollInterruptLocked): Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Daniel P. Berrange 提交于
If an early dispatch check caused a jump to the 'cleanup' branch then virTypeParamsFree() would be called with an uninitialized 'nparams' variable. Fortunately 'params' is initialized to NULL, so the uninitialized 'nparams' variable would not be used. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The use of () in a simple boolean comparison was not required Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The call to virReportError conditionally switched between two format strings, with different numbers of placeholders. This meant the format string with no placeholders was not protected by a "%s". Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Matthias Bolte 提交于
-
由 Jim Fehlig 提交于
Commit 7c9a2d88 missed inclusion of virstring.h in a few places when WITH_HAL is defined, causing build failures.
-
由 Eric Blake 提交于
More fallout from commit 7c9a2d88 dropping too many headers. Fixes: In file included from ../../src/vbox/vbox_glue.c:26:0: ../../src/vbox/vbox_MSCOMGlue.c: In function 'vboxLookupVersionInRegistry': ../../src/vbox/vbox_MSCOMGlue.c:435:5: error: implicit declaration of function 'virParseVersionString' [-Werror=implicit-function-declaration] ... ../../src/vbox/vbox_driver.c: In function 'vboxConnectOpen': ../../src/vbox/vbox_driver.c:147:5: error: implicit declaration of function 'getuid' [-Werror=implicit-function-declaration] ../../src/vbox/vbox_driver.c:147:5: error: nested extern declaration of 'getuid' [-Werror=nested-externs] * src/vbox/vbox_MSCOMGlue.c (includes): Add missing includes. * src/vbox/vbox_driver.c (includes): Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Commit 776d49f4 added a static function that is only called conditionally; leading to this compile error on mingw: CC libvirt_util_la-virprocess.lo ../../src/util/virprocess.c:624:26: error: 'struct rlimit' declared inside parameter list [-Werror] ../../src/util/virprocess.c:624:26: error: its scope is only this definition or declaration, which is probably not what you want [-Werror] ../../src/util/virprocess.c:622:1: error: 'virProcessPrLimit' defined but not used [-Werror=unused-function] * src/util/virprocess.c (virProcessPrLimit): Only declare virProcessPrLimit when used. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Commit 7c9a2d88 cleaned up too many headers; FreeBSD builds failed due to: util/virutil.c:556: warning: implicit declaration of function 'canonicalize_file_name' (Not sure which Linux header leaked this declaration, but gnulib only guarantees it in stdlib.h) libvirt.c:956: warning: implicit declaration of function 'virGetUserConfigDirectory' (Here, a build on Linux was picking up virutil.h indirectly via one of the conditional driver headers, where that driver was not being built on my FreeBSD setup) * src/util/virutil.c (includes): Need <stdlib.h> for canonicalize_file_name. * src/libvirt.c (includes): Use "virutil.h" unconditionally, rather than relying on conditional indirect inclusion. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
virAsprintf(&foo, "%s", bar) is wasteful compared to foo = strdup(bar) (or eventually, VIR_STRDUP(foo, bar), but one thing at a time...). Noticed while reviewing Laine's attempt to clean up broken qemu:///session. * cfg.mk (sc_prohibit_asprintf): Enhance rule. * src/esx/esx_storage_backend_vmfs.c (esxStorageBackendVMFSVolumeLookupByKey): Fix offender. * src/network/bridge_driver.c (networkStateInitialize): Likewise. * src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopDHCPOpen): Likewise. * src/storage/storage_backend_sheepdog.c (virStorageBackendSheepdogRefreshVol): Likewise. * src/util/vircgroup.c (virCgroupAddTaskStrController): Likewise. * src/util/virdnsmasq.c (addnhostsAdd): Likewise. * src/xen/block_stats.c (xenLinuxDomainDeviceID): Likewise. * src/xen/xen_driver.c (xenUnifiedConnectOpen): Likewise. * tools/virsh.c (vshGetTypedParamValue): Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Laine Stump 提交于
commit 7c9a2d88 missed adding in a few #include "virstring.h"s, causing builds to fail.
-
- 02 5月, 2013 3 次提交
-
-
由 Michal Privoznik 提交于
The source code base needs to be adapted as well. Some files include virutil.h just for the string related functions (here, the include is substituted to match the new file), some include virutil.h without any need (here, the include is removed), and some require both.
-
由 Michal Privoznik 提交于
It's not desired to force users imagine path for a socket they are not even supposed to connect to. On the other hand, we already have a release where the qemu agent socket path is exposed to XML, so we cannot silently drop it from there. The new path is generated in form: $LOCALSTATEDIR/lib/libvirt/qemu/channel/target/$domain.$name for qemu system mode, and $XDG_CONFIG_HOME/qemu/lib/channel/target/$domain.$name for qemu session mode.
-
由 Guido Günther 提交于
introduced by dcf97846 To trigger this cppi needs to be installed.
-