1. 10 3月, 2014 2 次提交
    • M
      conf: Utilize more of VIR_(APPEND|INSERT|DELETE)_ELEMENT · 2133441a
      Michal Privoznik 提交于
      This fixes a possible double free. In virNetworkAssignDef() if
      virBitmapNew() fails, then virNetworkObjFree(network) is called.
      However, with network->def pointing to actual @def. So if caller
      frees @def again, ...
      
      Moreover, this fixes one possible memory leak too. In
      virInterfaceAssignDef() if appending to the list of interfaces
      fails, we ought to call virInterfaceObjFree() instead of bare
      VIR_FREE().
      
      Although, in order to do that some array size variables needs
      to be turned into size_t rather than int.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      2133441a
    • D
      Add a mutex to serialize updates to firewall · 925de19e
      Daniel P. Berrange 提交于
      The nwfilter conf update mutex previously serialized
      updates to the internal data structures for firewall
      rules, and updates to the firewall itself. The latter
      was recently turned into a read/write lock, and filter
      instantiation allowed to proceed in parallel. It was
      believed that this was ok, since each filter is created
      on a separate iptables/ebtables chain.
      
      It turns out that there is a subtle lock ordering problem
      on virNWFilterObjPtr instances. __virNWFilterInstantiateFilter
      will hold a lock on the virNWFilterObjPtr it is instantiating.
      This in turn invokes virNWFilterInstantiate which then invokes
      virNWFilterDetermineMissingVarsRec which then invokes
      virNWFilterObjFindByName. This iterates over every single
      virNWFilterObjPtr in the list, locking them and checking their
      name. So if 2 or more threads try to instantiate a filter in
      parallel, they'll all hold 1 lock at the top level in the
      __virNWFilterInstantiateFilter method which will cause the
      other thread to deadlock in virNWFilterObjFindByName.
      
      The fix is to add an exclusive mutex to serialize the
      execution of __virNWFilterInstantiateFilter.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      925de19e
  2. 08 3月, 2014 1 次提交
    • J
      virscsi: Introduce virSCSIDeviceUsedByInfoFree · ea1eadd6
      John Ferlan 提交于
      This resolves a Coverity RESOURCE_LEAK issue introduced by commit
      id 'de6fa535' where the virSCSIDeviceSetUsedBy() didn't VIR_FREE
      the 'copy' or possibly VIR_STRDUP()'d values.  It also ensures that
      the VIR_APPEND_ELEMENT is successful...
      ea1eadd6
  3. 07 3月, 2014 1 次提交
  4. 06 3月, 2014 2 次提交
  5. 05 3月, 2014 5 次提交
    • P
      qemu: monitor: Provide more information in generic block job error · 3e04d65a
      Peter Krempa 提交于
      The qemuMonitorJSONBlockJob handles a few errors internally. If qemu
      returns a different error we would report a rather unhelpful message:
      
       $ virsh blockpull gluster-job vda --base /dev/null
       error: internal error: Unexpected error
      
      As the actual message from qemu contains a bit more info, let's use it
      to report something a little more useful:
      
       $ virsh blockpull gluster-job vda --base /dev/null
       error: internal error: Unexpected error: (GenericError) 'Base '/dev/null' not found'
      3e04d65a
    • P
      storage: Don't lie about path used to look up in error message · 46446313
      Peter Krempa 提交于
      In storageVolLookupByPath the provided path is "sanitized" at first.
      This removes some extra slashes and stuff. When the lookup of the volume
      fails the original path is used which makes it hard to trace errors in
      some cases.
      
      Improve the error message to print the sanitized path along with the
      user provided path if they are not equal.
      46446313
    • P
      storage: Avoid mangling paths of non-local filesystems when looking up · 7fb3902b
      Peter Krempa 提交于
      When looking up a volume by path on a non-local filesystem don't use the
      "cleaned" path that might be mangled in such a way that it will differ
      from a path provided by a storage backend.
      
      Skip the cleanup step for gluster, sheepdog and RBD.
      7fb3902b
    • P
      storage: Error out when attempting to vol-upload into a remote pool · 429bf253
      Peter Krempa 提交于
      Pools that are not backed by files in the filesystem cause problems with
      some APIs. Error out when attempting to upload a volume in such a pool
      as currently we expect a local file representation for it.
      429bf253
    • P
      storage: Use cleanup label instead of out · e45c30ee
      Peter Krempa 提交于
      e45c30ee
  6. 04 3月, 2014 23 次提交
    • C
      6b4c0a63
    • C
      add 'driver' info to used_by · de6fa535
      Chunyan Liu 提交于
      Specify which driver and which domain in used_by area to avoid conflict among
      different drivers.
      Signed-off-by: NChunyan Liu <cyliu@suse.com>
      de6fa535
    • C
      apparmor: handle "none" type · 9194ccec
      Cédric Bosdonnat 提交于
      9194ccec
    • C
      add support for apparmor in lxc-enter-namespace · ef7dc7d4
      Cédric Bosdonnat 提交于
      ef7dc7d4
    • C
      apparmor: add debug traces when changing profile. · 500b2e96
      Cédric Bosdonnat 提交于
      The reason for these is that aa-status doesn't show the process using
      the profile as they are in another namespace.
      500b2e96
    • C
      LXC driver: generate apparmor profiles for guests · 43c030f0
      Cédric Bosdonnat 提交于
      use_apparmor() was first designed to be called from withing libvirtd,
      but libvirt_lxc also uses it. in libvirt_lxc, there is no need to check
      whether to use apparmor or not: just use it if possible.
      43c030f0
    • P
      qemu: monitor: Fix error message and comment when getting cpu info · a31bd18f
      Peter Krempa 提交于
      In qemuMonitorJSONExtractCPUInfo an error message hinted on missing
      character device data which is wrong.
      
      Also a comment states that only qemu-kvm tree includes the thread_id
      field. This is no longer true.
      a31bd18f
    • P
      qemu: snapshot: Use better check when reverting external snapshots · d410e6f1
      Peter Krempa 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=1071264
      
      Reverting of external snapshots is not supported currently. The check
      that is present doesn't properly check for all aspects that make a
      snapshot external. Use virDomainSnapshotIsExternal() to do the check.
      d410e6f1
    • M
      qemuBuildNicDevStr: Adapt to new advisory on multiqueue · 042c4ab1
      Michal Privoznik 提交于
      As I did previously in 4f588a1b, libvirt needs to set virtio vectors.
      Previously, we were advised to use vectors=N, where
      
      N = 2 * (number of queues) + 1
      
      However, just recently this advisory has changed on the Multiquue wiki
      page [1] to:
      
      N = 2 * (number of queues) + 2
      
      1: http://www.linux-kvm.org/page/Multiqueue#Enable_MQ_featureSigned-off-by: NMichal Privoznik <mprivozn@redhat.com>
      042c4ab1
    • J
      Check if systemd is running before creating machines · 12ee0b98
      Ján Tomko 提交于
      If systemd is installed, but is not the init system,
      systemd-machined fails with an unhelpful error message:
      Launch helper exited with unknown return code 1
      
      Currently we only check if the "machine1" service is
      available (in ListActivatableNames).
      Also check if "systemd1" service is registered with DBus
      (ListNames).
      
      This fixes https://bugs.gentoo.org/show_bug.cgi?id=493246#c22
      12ee0b98
    • J
      Split out most of virDBusIsServiceEnabled · 65a4cb03
      Ján Tomko 提交于
      Introduce virDBusIsServiceInList which can be used to call other
      methods for listing services (ListNames), not just ListActivatableNames.
      
      No functional change, fixed the 'Retruns' typo.
      65a4cb03
    • E
      build: fix cppi warning · b75c7bd6
      Eric Blake 提交于
      Jenkins pointed out that the previous commit violates syntax
      check when cppi is installed.
      
      * src/nwfilter/nwfilter_dhcpsnoop.c (SNOOP_POLL_MAX_TIMEOUT_MS):
      Update indentation.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      b75c7bd6
    • S
      nwfilter: Increase buffer size for libpcap · 49b59a15
      Stefan Berger 提交于
      Libpcap 1.5 requires a larger buffer than previous pcap versions.
      Adjust the size of the buffer to 128kb.
      
      This patch should address symptoms in BZ 1071181 and BZ 731059
      Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
      49b59a15
    • S
      nwfilter: Display the pcap errror message · 64df4c75
      Stefan Berger 提交于
      Display the pcap error message in the log.
      Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
      64df4c75
    • S
      nwfilter: Cap the poll timeout in the DHCP Snooping code · a718eb19
      Stefan Berger 提交于
      Cap the poll timeout in the DHCP Snooping code to a max. of 10 seconds
      to not hold up the libvirt shutdown longer than this.
      Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
      a718eb19
    • E
      virFork: simplify semantics · 25f87817
      Eric Blake 提交于
      The old semantics of virFork() violates the priciple of good
      usability: it requires the caller to check the pid argument
      after use, *even when virFork returned -1*, in order to properly
      abort a child process that failed setup done immediately after
      fork() - that is, the caller must call _exit() in the child.
      While uses in virfile.c did this correctly, uses in 'virsh
      lxc-enter-namespace' and 'virt-login-shell' would happily return
      from the calling function in both the child and the parent,
      leading to very confusing results. [Thankfully, I found the
      problem by inspection, and can't actually trigger the double
      return on error without an LD_PRELOAD library.]
      
      It is much better if the semantics of virFork are impossible
      to abuse.  Looking at virFork(), the parent could only ever
      return -1 with a non-negative pid if it misused pthread_sigmask,
      but this never happens.  Up until this patch series, the child
      could return -1 with non-negative pid if it fails to set up
      signals correctly, but we recently fixed that to make the child
      call _exit() at that point instead of forcing the caller to do
      it.  Thus, the return value and contents of the pid argument are
      now redundant (a -1 return now happens only for failure to fork,
      a child 0 return only happens for a successful 0 pid, and a
      parent 0 return only happens for a successful non-zero pid),
      so we might as well return the pid directly rather than an
      integer of whether it succeeded or failed; this is also good
      from the interface design perspective as users are already
      familiar with fork() semantics.
      
      One last change in this patch: before returning the pid directly,
      I found cases where using virProcessWait unconditionally on a
      cleanup path of a virFork's -1 pid return would be nicer if there
      were a way to avoid it overwriting an earlier message.  While
      such paths are a bit harder to come by with my change to a direct
      pid return, I decided to keep the virProcessWait change in this
      patch.
      
      * src/util/vircommand.h (virFork): Change signature.
      * src/util/vircommand.c (virFork): Guarantee that child will only
      return on success, to simplify callers.  Return pid rather than
      status, now that the situations are always the same.
      (virExec): Adjust caller, also avoid open-coding process death.
      * src/util/virprocess.c (virProcessWait): Tweak semantics when pid
      is -1.
      (virProcessRunInMountNamespace): Adjust caller.
      * src/util/virfile.c (virFileAccessibleAs, virFileOpenForked)
      (virDirCreate): Likewise.
      * tools/virt-login-shell.c (main): Likewise.
      * tools/virsh-domain.c (cmdLxcEnterNamespace): Likewise.
      * tests/commandtest.c (test23): Likewise.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      25f87817
    • E
      util: make it easier to grab only regular command exit · b9dd878f
      Eric Blake 提交于
      Auditing all callers of virCommandRun and virCommandWait that
      passed a non-NULL pointer for exit status turned up some
      interesting observations.  Many callers were merely passing
      a pointer to avoid the overall command dying, but without
      caring what the exit status was - but these callers would
      be better off treating a child death by signal as an abnormal
      exit.  Other callers were actually acting on the status, but
      not all of them remembered to filter by WIFEXITED and convert
      with WEXITSTATUS; depending on the platform, this can result
      in a status being reported as 256 times too big.  And among
      those that correctly parse the output, it gets rather verbose.
      Finally, there were the callers that explicitly checked that
      the status was 0, and gave their own message, but with fewer
      details than what virCommand gives for free.
      
      So the best idea is to move the complexity out of callers and
      into virCommand - by default, we return the actual exit status
      already cleaned through WEXITSTATUS and treat signals as a
      failed command; but the few callers that care can ask for raw
      status and act on it themselves.
      
      * src/util/vircommand.h (virCommandRawStatus): New prototype.
      * src/libvirt_private.syms (util/command.h): Export it.
      * docs/internals/command.html.in: Document it.
      * src/util/vircommand.c (virCommandRawStatus): New function.
      (virCommandWait): Adjust semantics.
      * tests/commandtest.c (test1): Test it.
      * daemon/remote.c (remoteDispatchAuthPolkit): Adjust callers.
      * src/access/viraccessdriverpolkit.c (virAccessDriverPolkitCheck):
      Likewise.
      * src/fdstream.c (virFDStreamCloseInt): Likewise.
      * src/lxc/lxc_process.c (virLXCProcessStart): Likewise.
      * src/qemu/qemu_command.c (qemuCreateInBridgePortWithHelper):
      Likewise.
      * src/xen/xen_driver.c (xenUnifiedXendProbe): Simplify.
      * tests/reconnect.c (mymain): Likewise.
      * tests/statstest.c (mymain): Likewise.
      * src/bhyve/bhyve_process.c (virBhyveProcessStart)
      (virBhyveProcessStop): Don't overwrite virCommand error.
      * src/libvirt.c (virConnectAuthGainPolkit): Likewise.
      * src/openvz/openvz_driver.c (openvzDomainGetBarrierLimit)
      (openvzDomainSetBarrierLimit): Likewise.
      * src/util/virebtables.c (virEbTablesOnceInit): Likewise.
      * src/util/viriptables.c (virIpTablesOnceInit): Likewise.
      * src/util/virnetdevveth.c (virNetDevVethCreate): Fix debug
      message.
      * src/qemu/qemu_capabilities.c (virQEMUCapsInitQMP): Add comment.
      * src/storage/storage_backend_iscsi.c
      (virStorageBackendISCSINodeUpdate): Likewise.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      b9dd878f
    • E
      util: make it easier to grab only regular process exit · c72e76c3
      Eric Blake 提交于
      Right now, a caller waiting for a child process either requires
      the child to have status 0, or must use WIFEXITED() and friends
      itself.  But in many cases, we want the middle ground of treating
      fatal signals as an error, and directly accessing the normal exit
      value without having to use WEXITSTATUS(), in order to easily
      detect an expected non-zero exit status.  This adds the middle
      ground to the low-level virProcessWait; the next patch will add
      it to virCommand.
      
      * src/util/virprocess.h (virProcessWait): Alter signature.
      * src/util/virprocess.c (virProcessWait): Add parameter.
      (virProcessRunInMountNamespace): Adjust caller.
      * src/util/vircommand.c (virCommandWait): Likewise.
      * src/util/virfile.c (virFileAccessibleAs): Likewise.
      * src/lxc/lxc_container.c (lxcContainerHasReboot)
      (lxcContainerAvailable): Likewise.
      * daemon/libvirtd.c (daemonForkIntoBackground): Likewise.
      * tools/virt-login-shell.c (main): Likewise.
      * tools/virsh-domain.c (cmdLxcEnterNamespace): Likewise.
      * tests/testutils.c (virtTestCaptureProgramOutput): Likewise.
      * tests/commandtest.c (test23): Likewise.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      c72e76c3
    • E
      util: preserve exit status from mount namespace callback · 8b24a803
      Eric Blake 提交于
      The documentation of namespace callbacks was inconsistent on whether
      it preserved positive return values.  Now that we have a dedicated
      EXIT_CANCELED to flag all errors before getting to the callback,
      it is possible to use positive return values (not that any of the
      current callers do, but it is better to match the docs).
      
      Also, while vircommand.c is careful to close fds that a child should
      not have, it's still better to be in the practice of setting
      FD_CLOEXEC up front.
      
      * src/util/virprocess.c (virProcessRunInMountNamespace): Tweak
      return value to pass back non-zero status.  Avoid leaking pipe fds
      to other threads.
      * src/util/virprocess.h: Fix comment.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      8b24a803
    • E
      util: make it easier to reflect child exit status · 2b4f162e
      Eric Blake 提交于
      Thanks to namespaces, we have a couple of places in the code
      base that want to reflect a child exit status, including the
      ability to detect death by a signal, back to a grandparent.
      Best to make it a reusable function.
      
      * src/util/virprocess.h (virProcessExitWithStatus): New prototype.
      * src/libvirt_private.syms (util/virprocess.h): Export it.
      * src/util/virprocess.c (virProcessExitWithStatus): New function.
      * tests/commandtest.c (test23): Test it.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      2b4f162e
    • E
      virFork: give specific status on failure prior to exec · 631923e7
      Eric Blake 提交于
      When a child fails without exec'ing, we want a well-known status;
      best is to match what env(1), nice(1), su(1), and other wrapper
      programs do.  This patch adds enum values that later patches will
      use, and sets up virFork as the first client of EXIT_CANCELED
      for errors detected prior to even attempting exec, as well as
      virExec to distinguish between a missing executable vs. a binary
      that cannot be executed.
      
      This is a slight semantic change in the unlikely case of a child
      process failing to restore its signal mask - we now kill the
      child with a known status instead of relying on the caller to
      notice and do an appropriate _exit().  A subsequent patch will
      make further cleanups based on an audit of all callers.
      
      * src/internal.h (EXIT_CANCELED, EXIT_CANNOT_INVOKE)
      (EXIT_ENOENT): New enum.
      * src/util/vircommand.c (virFork): Document specific exit value if
      child aborts early.
      (virExec): Distinguish between various exec failures.
      * tests/commandtest.c (test1): Enhance test.
      (test22): New test.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      631923e7
    • E
      nwfilter: make ignoring non-zero status easier to follow · f972a7c7
      Eric Blake 提交于
      While auditing all callers of virCommandRun, I noticed that nwfilter
      code never paid attention to commands with a non-zero status; they
      were merely passing a pointer to avoid spamming the logs with a
      message about commands that might indeed fail.  But proving this
      required chasing through a lot of code; refactoring things to
      localize the decision of whether to ignore non-zero status makes
      it easier to prove that later changes to virFork don't negatively
      affect this code.
      
      While at it, I also noticed that ebiptablesRemoveRules would
      actually report success if the child process failed for a
      reason other than non-zero status, such as OOM.
      
      * src/nwfilter/nwfilter_ebiptables_driver.c (ebiptablesExecCLI):
      Change parameter from pointer to bool.
      (ebtablesApplyBasicRules, ebtablesApplyDHCPOnlyRules)
      (ebtablesApplyDropAllRules, ebtablesCleanAll)
      (ebiptablesApplyNewRules, ebiptablesTearNewRules)
      (ebiptablesTearOldRules, ebiptablesAllTeardown)
      (ebiptablesDriverInitWithFirewallD)
      (ebiptablesDriverTestCLITools, ebiptablesDriverProbeStateMatch):
      Adjust all clients.
      (ebiptablesRemoveRules): Likewise, and fix return value on failure.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      f972a7c7
    • O
      qemu: Implement a stub cpuArchDriver.baseline() handler for arm · 72bddd5f
      Oleg Strikov 提交于
      Openstack Nova calls virConnectBaselineCPU() during initialization
      of the instance to get a full list of CPU features.
      This patch adds a stub to arm-specific code to handle
      this request (no actual work is done).
      Signed-off-by: NOleg Strikov <oleg.strikov@canonical.com>
      72bddd5f
  7. 03 3月, 2014 1 次提交
    • D
      Generate a unique journald log for QEMU capabilities failure · 36ff4ed1
      Daniel P. Berrange 提交于
      When probing QEMU capabilities fails for a binary generate a
      log message with MESSAGE_ID==8ae2f3fb-2dbe-498e-8fbd-012d40afa361.
      
      This can be directly queried from journald based on the UUID
      instead of needing string grep. This lets tools like libguestfs'
      bug reporting tool trivially do automated sanity tests on the
      host they're running on.
      
       $ journalctl MESSAGE_ID=8ae2f3fb-2dbe-498e-8fbd-012d40afa361
       Feb 21 17:11:01 localhost.localdomain lt-libvirtd[9196]:
       Failed to probe capabilities for /bin/qemu-system-alpha:
       internal error: Child process (LC_ALL=C LD_LIBRARY_PATH=
       /home/berrange/src/virt/libvirt/src/.libs PATH=/usr/lib64/
       ccache:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:
       /usr/bin:/root/bin HOME=/root USER=root LOGNAME=root
       /bin/qemu-system-alpha -help) unexpected exit status 127:
       /bin/qemu-system-alpha: error while loading shared libraries:
       libglapi.so.0: cannot open shared object file: No such file
       or directory
      
       $ journalctl MESSAGE_ID=8ae2f3fb-2dbe-498e-8fbd-012d40afa361 --output=json
       { ...snip...
        "LIBVIRT_SOURCE" : "file",
        "PRIORITY" : "3",
        "CODE_FILE" : "qemu/qemu_capabilities.c",
        "CODE_LINE" : "2770",
        "CODE_FUNC" : "virQEMUCapsLogProbeFailure",
        "MESSAGE_ID" : "8ae2f3fb-2dbe-498e-8fbd-012d40afa361",
        "LIBVIRT_QEMU_BINARY" : "/bin/qemu-system-xtensa",
        "MESSAGE" : "Failed to probe capabilities for /bin/qemu-system-xtensa:
         internal error: Child process (LC_ALL=C LD_LIBRARY_PATH=/home/berrange
         /src/virt/libvirt/src/.libs PATH=/usr/lib64/ccache:/usr/local/sbin:
         /usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin HOME=/root
         USER=root LOGNAME=root /bin/qemu-system-xtensa -help) unexpected
         exit status 127: /bin/qemu-system-xtensa: error while loading shared
         libraries: libglapi.so.0: cannot open shared object file: No such
          file or directory\n" }
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      36ff4ed1
  8. 02 3月, 2014 1 次提交
  9. 01 3月, 2014 4 次提交