1. 28 4月, 2015 2 次提交
    • L
      network: check newDef for used bridge names in addition to def · 06313277
      Laine Stump 提交于
      If someone has updated a network to change its bridge name, but the
      network is still active (so that bridge name hasn't taken effect yet),
      we still want to disallow another network from taking that new name.
      06313277
    • L
      network: move auto-assign of bridge name from XML parser to net driver · a28d3e48
      Laine Stump 提交于
      We already check that any auto-assigned bridge device name for a
      virtual network (e.g. "virbr1") doesn't conflict with the bridge name
      for any existing libvirt network (via virNetworkSetBridgeName() in
      conf/network_conf.c).
      
      We also want to check that the name doesn't conflict with any bridge
      device created on the host system outside the control of libvirt
      (history: possibly due to the ploriferation of references to libvirt's
      bridge devices in HOWTO documents all around the web, it is not
      uncommon for an admin to manually create a bridge in their host's
      system network config and name it "virbrX"). To add such a check to
      virNetworkBridgeInUse() (which is called by virNetworkSetBridgeName())
      we would have to call virNetDevExists() (from util/virnetdev.c); this
      function calls ioctl(SIOCGIFFLAGS), which everyone on the mailing list
      agreed should not be done from an XML parsing function in the conf
      directory.
      
      To remedy that problem, this patch removes virNetworkSetBridgeName()
      from conf/network_conf.c and puts an identically functioning
      networkBridgeNameValidate() in network/bridge_driver.c (because it's
      reasonable for the bridge driver to call virNetDevExists(), although
      we don't do that yet because I wanted this patch to have as close to 0
      effect on function as possible).
      
      There are a couple of inevitable changes though:
      
      1) We no longer check the bridge name during
         virNetworkLoadConfig(). Close examination of the code shows that
         this wasn't necessary anyway - the only *correct* way to get XML
         into the config files is via networkDefine(), and networkDefine()
         will always call networkValidate(), which previously called
         virNetworkSetBridgeName() (and now calls
         networkBridgeNameValidate()). This means that the only way the
         bridge name can be unset during virNetworkLoadConfig() is if
         someone edited the config file on disk by hand (which we explicitly
         prohibit).
      
      2) Just on the off chance that somebody *has* edited the file by hand,
         rather than crashing when they try to start their malformed
         network, a check for non-NULL bridge name has been added to
         networkStartNetworkVirtual().
      
         (For those wondering why I don't instead call
         networkValidateBridgeName() there to set a bridge name if one
         wasn't present - the problem is that during
         networkStartNetworkVirtual(), the lock for the network being
         started has already been acquired, but the lock for the network
         list itself *has not* (because we aren't adding/removing a
         network). But virNetworkBridgeInuse() iterates through *all*
         networks (including this one) and locks each network as it is
         checked for a duplicate entry; it is necessary to lock each network
         even before checking if it is the designated "skip" network because
         otherwise some other thread might acquire the list lock and delete
         the very entry we're examining. In the end, permitting a setting of
         the bridge name during network start would require that we lock the
         entire network list during any networkStartNetwork(), which
         eliminates a *lot* of parallelism that we've worked so hard to
         achieve (it can make a huge difference during libvirtd startup). So
         rather than try to adjust for someone playing against the rules, I
         choose to instead give them the error they deserve.)
      
      3) virNetworkAllocateBridge() (now removed) would leak any "template"
         string set as the bridge name. Its replacement
         networkFindUnusedBridgeName() doesn't leak the template string - it
         is properly freed.
      a28d3e48
  2. 02 4月, 2015 1 次提交
    • J
      Remove unused macros · a0482396
      Ján Tomko 提交于
      In the order of appearance:
      
      * MAX_LISTEN - never used
        added by 23ad665c (qemud) and addec57 (lock daemon)
      
      * NEXT_FREE_CLASS_ID - never used, added by 07d1b6b5
      
      * virLockError - never used, added by eb8268a4
      
      * OPENVZ_MAX_ARG, CMDBUF_LEN, CMDOP_LEN
        unused since the removal of ADD_ARG_LIT in d8b31306
      
      * QEMU_NB_PER_CPU_STAT_PARAM - unused since 897808e7
      
      * QEMU_CMD_PROMPT, QEMU_PASSWD_PROMPT - unused since 1dc10a7b
      
      * TEST_MODEL_WORDSIZE - unused since c25c18f7
      
      * TEMPDIR - never used, added by 714bef5b
      
      * NSIG - workaround around old headers
        added by commit 60ed1d2a
        unused since virExec was moved by commit 02e86910
      
      * DO_TEST_PARSE - never used, added by 9afa0060
      
      * DIFF_MSEC, GETTIMEOFDAY - unused since eee6eb66
      a0482396
  3. 23 3月, 2015 1 次提交
    • M
      network_conf: Drop virNetworkObjIsDuplicate · d9706aea
      Michal Privoznik 提交于
      This function does not make any sense now, that network driver is
      (almost) dropped. I mean, previously, when threads were
      serialized, this function was there to check, if no other network
      with the same name or UUID exists. However, nowadays that threads
      can run more in parallel, this function is useless, in fact it
      gives misleading return values. Consider the following scenario.
      Two threads, both trying to define networks with same name but
      different UUID (e.g. because it was generated during XML parsing
      phase, whatever). Lets assume that both threads are about to call
      networkValidate() which immediately calls
      virNetworkObjIsDuplicate().
      
      T1: calls virNetworkObjIsDuplicate() and since no network with
      given name or UUID exist, success is returned.
      T2: calls virNetworkObjIsDuplicate() and since no network with
      given name or UUID exist, success is returned.
      
      T1: calls virNetworkAssignDef() and successfully places its
      network into the virNetworkObjList.
      T2: calls virNetworkAssignDef() and since network with the same
      name exists, the network definition is replaced.
      
      Okay, this is mainly because virNetworkAssignDef() does not check
      whether name and UUID matches. Well, lets make it so! And drop
      useless function too.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      d9706aea
  4. 11 3月, 2015 8 次提交
  5. 09 3月, 2015 6 次提交
  6. 04 3月, 2015 5 次提交
  7. 26 2月, 2015 2 次提交
  8. 24 2月, 2015 1 次提交
    • M
      network_conf: Forbid commas in DNS TXT · 39df9d2f
      Michal Privoznik 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=1151942
      
      While the restriction doesn't have origin in any RFC, it matters
      to us while constructing the dnsmasq config file (or command line
      previously). For better picture, this is how the corresponding
      part of network XML look like:
      
        <dns>
          <forwarder addr='8.8.4.4'/>
          <txt name='example' value='example value'/>
        </dns>
      
      And this is how the config file looks like then:
      
        server=8.8.4.4
        txt-record=example,example value
      
      Now we can see why there can't be any commas in the TXT name.
      They are used by dnsmasq to separate @name and @value.
      
      Funny, we have it in the documentation, but the code (which was
      pushed back in 2011) didn't reflect that.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      39df9d2f
  9. 21 2月, 2015 1 次提交
    • L
      network: allow <pf> together with <interface>/<address> in network status · 8f8e581a
      Laine Stump 提交于
      The function that parses the <forward> subelement of a network used to
      fail/log an error if the network definition contained both a <pf>
      element as well as at least one <interface> or <address> element. That
      check was present because the configuration of a network should have
      either one <pf>, one or more <interface>, or one or more <address>,
      but never combinations of multiple kinds.
      
      This caused a problem when libvirtd was restarted with a network
      already active - when a network with a <pf> element is started, the
      referenced PF (Physical Function of an SRIOV-capable network card) is
      checked for VFs (Virtual Functions), and the <forward> is filled in
      with a list of all VFs for that PF either in the form of their PCI
      addresses (a list of <address>) or their netdev names (a list of
      <interface>); the <pf> element is not removed though. When libvirtd is
      restarted, it parses the network status and finds both the original
      <pf> from the config, as well as the list of either <address> or
      <interface>, fails the parse, and the network is not added to the
      active list. This failure is often obscured because the network is
      marked as autostart so libvirt immediately restarts it.
      
      It seems odd to me that <interface> and <address> are stored in the
      same array rather than keeping two separate arrays, and having
      separate arrays would have made the check much simpler. However,
      changing to use two separate arrays would have required changes in
      more places, potentially creating more conflicts and (more
      importantly) more possible regressions in the event of a backport, so
      I chose to keep the existing data structure in order to localize the
      change.
      
      It appears that this problem has been in the code ever since support
      for <pf> was added (0.9.10), but until commit
      34cc3b2f (first in libvirt 1.2.4)
      networks with interface pools were not properly marked as active on
      restart anyway, so there is no point in backporting this patch any
      further than that.
      8f8e581a
  10. 20 1月, 2015 1 次提交
    • J
      network: Let domains be restricted to local DNS · 298fa485
      Josh Stone 提交于
      This adds a new "localOnly" attribute on the domain element of the
      network xml.  With this set to "yes", DNS requests under that domain
      will only be resolved by libvirt's dnsmasq, never forwarded upstream.
      
      This was how it worked before commit f69a6b98, and I found that
      functionality useful.  For example, I have my host's NetworkManager
      dnsmasq configured to forward that domain to libvirt's dnsmasq, so I can
      easily resolve guest names from outside.  But if libvirt's dnsmasq
      doesn't know a name and forwards it to the host, I'd get an endless
      forwarding loop.  Now I can set localOnly="yes" to prevent the loop.
      Signed-off-by: NJosh Stone <jistone@redhat.com>
      298fa485
  11. 16 1月, 2015 2 次提交
  12. 14 1月, 2015 1 次提交
    • M
      conf: Increase virNetDevBandwidthParse intelligence · a605025c
      Michal Privoznik 提交于
      There's this function virNetDevBandwidthParse which parses the
      bandwidth XML snippet. But it's not clever much. For the
      following XML it allocates the virNetDevBandwidth structure even
      though it's completely empty:
      
          <bandwidth>
          </bandwidth>
      
      Later in the code there are some places where we check if
      bandwidth was set or not. And since we obtained pointer from the
      parsing function we think that it is when in fact it isn't.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      a605025c
  13. 09 12月, 2014 2 次提交
    • K
      network: don't allow multiple dhcp sections · 5adc6031
      Kyle DeFrancia 提交于
      This resolves: https://bugzilla.redhat.com/show_bug.cgi?id=907779
      
      A <dhcp> element can exist in only one IPv4 address and one IPv6
      address per network.  This patch enforces that in virNetworkUpdate.
      5adc6031
    • L
      conf: new network bridge device attribute macTableManager · 40961978
      Laine Stump 提交于
      The macTableManager attribute of a network's bridge subelement tells
      libvirt how the bridge's MAC address table (used to determine the
      egress port for packets) is managed. In the default mode, "kernel",
      management is left to the kernel, which usually determines entries in
      part by turning on promiscuous mode on all ports of the bridge,
      flooding packets to all ports when the correct destination is unknown,
      and adding/removing entries to the fdb as it sees incoming traffic
      from particular MAC addresses.  In "libvirt" mode, libvirt turns off
      learning and flooding on all the bridge ports connected to guest
      domain interfaces, and adds/removes entries according to the MAC
      addresses in the domain interface configurations. A side effect of
      turning off learning and unicast_flood on the ports of a bridge is
      that (with Linux kernel 3.17 and newer), the kernel can automatically
      turn off promiscuous mode on one or more of the bridge's ports
      (usually only the one interface that is used to connect the bridge to
      the physical network). The result is better performance (because
      packets aren't being flooded to all ports, and can be dropped earlier
      when they are of no interest) and slightly better security (a guest
      can still send out packets with a spoofed source MAC address, but will
      only receive traffic intended for the guest interface's configured MAC
      address).
      
      The attribute looks like this in the configuration:
      
        <network>
          <name>test</name>
          <bridge name='br0' macTableManager='libvirt'/>
          ...
      
      This patch only adds the config knob, documentation, and test
      cases. The functionality behind this knob is added in later patches.
      40961978
  14. 02 12月, 2014 3 次提交
    • J
      Generate a MAC when loading a config instead of package update · a47ae7c0
      Ján Tomko 提交于
      Partially reverts commit 5754dbd5.
      
      The code in the specfile adds a MAC address to every <bridge>,
      even for <forward mode='bridge'> for which we don't support
      changing MAC addresses.
      
      Remove it completely. For new networks, we have been adding
      MAC addresses on definition/creation since the commit mentioned above.
      For existing networks (pre-0.9.0), the MAC is added by this commit.
      
      https://bugzilla.redhat.com/show_bug.cgi?id=1156367
      a47ae7c0
    • J
      Silently ignore MAC in NetworkLoadConfig · c9c7a2bd
      Ján Tomko 提交于
      Libvirt's RPMs have been adding it to networks which don't support it.
      
      https://bugzilla.redhat.com/show_bug.cgi?id=1156367
      c9c7a2bd
    • L
      conf: replace call to virNetworkFree() with virObjectUnref() · c2d5bca1
      Laine Stump 提交于
      The function virNetworkObjListExport() in network_conf.c had a call to
      the public API virNetworkFree() which was causing a link error:
      
      CCLD     libvirt_driver_vbox_network_impl.la
       ./.libs/libvirt_conf.a(libvirt_conf_la-network_conf.o): In function `virNetworkObjListExport':
      /home/laine/devel/libvirt/src/conf/network_conf.c:4496: undefined reference to `virNetworkFree'
      
      This would happen when I added
      
        #include "network_conf.h"
      
      into domain_conf.h, then attempted to call a new function from that
      file (and enum converter, similar to virNetworkForwardTypeToString())
      
      In the end, virNetworkFree() ends up just calling virObjectUnref(obj)
      anyway (after clearing all pending errors, which we probably *don't*
      want to do in the cleanup of a utility function), so this is likely
      more correct than the original code as well.
      c2d5bca1
  15. 15 11月, 2014 1 次提交
  16. 06 10月, 2014 1 次提交
    • L
      conf: add trustGuestRxFilters attribute to network and domain interface · 07450cd4
      Laine Stump 提交于
      This new attribute will control whether or not libvirt will pay
      attention to guest notifications about changes to network device mac
      addresses and receive filters. The default for this is 'no' (for
      security reasons). If it is set to 'yes' *and* the specified device
      model and connection support it (currently only macvtap+virtio) then
      libvirt will watch for NIC_RX_FILTER_CHANGED events, and when it
      receives one, it will issue a query-rx-filter command, retrieve the
      result, and modify the host-side macvtap interface's mac address and
      unicast/multicast filters accordingly.
      
      The functionality behind this attribute will be in a later patch. This
      patch merely adds the attribute to the top-level of a domain's
      <interface> as well as to <network> and <portgroup>, and adds
      documentation and schema/xml2xml tests. Rather than adding even more
      test files, I've just added the net attribute in various applicable
      places of existing test files.
      07450cd4
  17. 15 9月, 2014 1 次提交
    • E
      network: check for invalid forward delay time · 3aa05241
      Erik Skultety 提交于
      When spanning tree protocol is allowed in bridge settings, forward delay
      value is set as well (default is 0 if omitted). Until now, there was no
      check for delay value validity. Delay makes sense only as a positive
      numerical value.
      
      Note: However, even if you provide positive  numerical value, brctl
      utility only uses values from range <2,30>, so the number provided can
      be modified (kernel most likely) to fall within this range.
      
      Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1125764
      3aa05241
  18. 11 9月, 2014 1 次提交
    • J
      network_conf: Resolve Coverity FORWARD_NULL · 8ffab101
      John Ferlan 提交于
      The code compares def->forwarders when deciding to return 0 at a
      couple of points, then uses "def->nfwds" as a way to index into
      the def->forwarders array.  That reference results in Coverity
      complaining that def->forwarders being NULL was checked as part
      of an arithmetic OR operation where failure could be any one 5
      conditions, but that is not checked when entering the loop to
      dereference the array.  Changing the comparisons to use nfwds
      will clear the warnings
      Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
      8ffab101