* src/util/network.c (virSocketAddrMask): Zero out port, so that
iptables can initialize just the netmask then call
virSocketFormatAddr without an uninitialized read in getnameinfo.

Although the upper-layer code protected against it, it was possible to
call iptablesForwardMasquerade() with an IPv6 address and have it
attempt to add a rule to the MASQUERADE chain of ip6tables (which
doesn't exist).

This patch changes that function to check the protocol of the given
address, generate an error log if it's not IPv4 (AF_INET), and finally
hardcodes all the family parameters sent down to lower-level functions.

Detected on cygwin:
util/util.c: In function 'virSetUIDGID':
util/util.c:2824: warning: format '%d' expects type 'int', but argument 7 has type 'gid_t' [-Wformat]
(and three other lines)

* src/util/util.c (virSetUIDGID): Cast, as is done elsewhere in
this file, to avoid printf type mismatch warnings.

Don't require non-null jobdata to virThreadPoolSendJob().

As pointed out in https://bugzilla.redhat.com/show_bug.cgi?id=659855#c9,
commit c3568ec2 introduced a regression where we no longer close any
fd's beyond FD_SETSIZE.

* src/util/util.c (__virExec): Continue to close fd's beyond
keepfd range.
Reported by Stefan Praszalowicz.

The original version of these functions would modify the address sent
in, meaning that the caller would usually need to copy the address
first. This change makes the original a const, and puts the resulting
masked address into a new arg (which could point to the same
virSocketAddr as the original, if the caller really wants to modify
it).

This also makes the API consistent with virSocketAddrBroadcast[ByPrefix].

Previously we used ioctl() to set the IP address and netmask of the
bridges used for virtual networks, and apparently the SIOCSIFNETMASK
ioctl implicitly set the broadcast address for the interface. The new
method of using the "ip" command requires broadcast address to be
explicitly specified though.

These functions work only for IPv4, becasue IPv6 doesn't have the same
concept of "broadcast address" as IPv4. They merely OR the inverse of
the netmask with the given host address, thus turning on all the host
bits.

virSetUIDGID() sets both the real and effective group and user of the
process, and additionally calls initgroups() to assure that the
process joins all the auxiliary groups that the given uid is a member
of.

There are cases when we want log an error message, and possibly free
some memory as part of the cleanup, while still preserving errno for a
caller, but the functions that log errors, and virFree (VIR_FREE) make
system calls that will clear errno. This patch preserves errno during
those most basic functions (corresponding to virReportSystemError(),
virReportOOMError(), networkReportError(), etc, as well as
virStrError()). It does *not preserve errno across calls to higher
level items such as virDispatchError(), as it's assumed the caller is
all finished with any need for errno by the time it dispatches the
error.

All of the iptables functions eventually call down to a single
bottom-level function, and fortunately, ip6tables syntax (for all the
args that we use) is identical to iptables format (except the
addresses), so all we need to do is:

1) Get an address family down to the lowest level function in each
   case, either implied through an address, or explicitly when no
   address is in the parameter list, and

2) At the lowest level, just decide whether to call "iptables" or
   "ip6tables" based on the family.

The location of the ip6tables binary is determined at build time by
autoconf. If a particular target system happens to not have ip6tables
installed, any attempts to run it will generate an error, but that
won't happen unless someone tries to define an IPv6 address for a
network. This is identical behavior to IPv4 addresses and iptables.

brSetInetAddress can only set a single IP address on the bridge, and
uses a method (ioctl(SIOCSETIFADDR)) that only works for IPv4. Replace
it and brSetInetNetmask with a single function that uses the external
"ip addr add" command to add an address/prefix to the interface - this
supports IPv6, and allows adding multiple addresses to the interface.

Although it isn't currently used in the code, we also add a
brDelInetAddress for completeness' sake.

Also, while we're modifying bridge.c, we change brSetForwardDelay and
brSetEnableSTP to use the new virCommand API rather than the
deprecated virRun, and also log an error message in bridge_driver.c if
either of those fail (previously the failure would be completely
silent).

IPv6 will use prefix exclusively, and IPv4 will also optionally be
able to use it, and the iptables functions really need a prefix
anyway, so use the new virNetworkDefPrefix() function to send prefixes
into iptables functions instead of netmasks.

Also, in a couple places where a netmask is actually needed, use the
new private API function for it rather than getting it directly. This
will allow for cases where no netmask or prefix is specified (it
returns the default for the current class of network.)

virSocketPrefixToNetmask: Given a 'prefix', which is the number of 1
bits in a netmask, fill in a virSocketAddr object with a netmask as an
IP address (IPv6 or IPv4).

virSocketAddrMask: Mask off the host bits in one virSocketAddr
according to the netmask in another virSocketAddr.

virSocketAddrMaskByPrefix, Mask off the host bits in a virSocketAddr
according to a prefix (number of 1 bits in netmask).

VIR_SOCKET_FAMILY: return the family of a virSocketAddr

I began noticing a race when reserving VNC ports as described here

https://www.redhat.com/archives/libvir-list/2010-November/msg00379.html

Turns out that we were not initializing the size field of bitmap
struct when allocating the bitmap.  This subsequently caused
virBitmapSetBit() to fail since bitmap->size is 0, hence we never
actually reserved the port.

* src/util/command.c (virCommandRun): Don't capture output on
daemons.
* tests/commandtest.c (test18): Expose the bug.
Reported by Laine Stump.

Remove superfluous ": %s" suffix from the error message.

* daemon/libvirtd.c (qemudStartWorker, qemudStartEventLoop): Avoid
leaking pthread_attr resources.
* src/util/threads-pthread.c (virThreadCreate): Likewise.

* src/util/sysinfo.c (virSysinfoRead): Use virCommand instead of
virExec.

* src/util/sysinfo.c: Indentation and () fixups.

Allows compilation, but no creation of child processes yet.  Take it
one step at a time.

* src/util/util.c (virExecWithHook) [WIN32]: New dummy function.
* src/libvirt_private.syms: Export it.

Current code does not pass VM mac address to a 802.1Qbh direct attach
interface using IFLA_VF_MAC.  This patch adds support in macvtap code to
send IFLA_VF_MAC netlink request during port profile association on a
802.1Qbh interface.

Stefan Cc'ed for comments because this patch changes a condition for
802.1Qbg

802.1Qbh support for IFLA_VF_MAC in enic driver has been posted and is
pending acceptance at http://marc.info/?l=linux-netdev&m=129185244410557&w=2

* src/util/command.h (virCommandAddArgBuffer)
(virCommandAddEnvBuffer): New prototypes.
* src/util/command.c (virCommandAddArgBuffer)
(virCommandAddEnvBuffer): Implement them.
* src/libvirt_private.syms (command.h): Export them.
* src/qemu/qemu_conf.c (qemudBuildCommandLine): Use them, plugging
a memory leak on rbd_hosts in the process.

* src/util/util.c (__virExec): Don't use FD_ISSET on out-of-bounds fd.

* src/util/command.c (virCommandFree): Free data from
virCommandSetInputBuffer.

* src/util/threadpool.c, src/util/threadpool.h: Thread pool
  implementation
* src/Makefile.am: Build thread pool
* src/libvirt_private.syms: Export public functions

* src/util/command.c (virCommandRun): Fix yesterday's regression
on logging, and avoid leaking log-only output captures.
Reported by Hu Tao.

Guarantee that outbuf/errbuf are allocated on success, even if to the
empty string.  Caller always has to free the result, and empty output
check requires checking if *outbuf=='\0'.  Makes the API easier to use
safely.  Failure is best effort allocation (some paths, like
out-of-memory, cannot allocate a buffer, but most do), so caller must
free buffer on failure.

* docs/internals/command.html.in: Update documentation.
* src/util/command.c (virCommandSetOutputBuffer)
(virCommandSetErrorBuffer, virCommandProcessIO) Guarantee empty
string on no output.
* tests/commandtest.c (test17): New test.

* docs/internals/command.html.in: Better documentation of buffer
vs. fd considerations.
* src/util/command.c (virCommandRunAsync): Reject raw execution
with string io.
(virCommandRun): Reject execution with user-specified fds not
visiting a regular file.

* src/util/command.c (virCommandAddEnvString): Remove duplicate
code.
(virCommandToString, virCommandRun, virCommandRunAsync)
(virCommandWait): Report NULL command as ENOMEM, not invalid
usage.
Reported by Jiri Denemark.

* docs/schemas/domain.rng (sysinfo-system-name): Also allow
family.
* src/util/sysinfo.h (struct _virSysinfoDef): Add system_family.
* src/conf/domain_conf.c (virSysinfoParseXML)
(virDomainSysinfoDefFormat): Support it.
* src/util/sysinfo.c (virSysinfoDefFree, virSysinfoRead): Likewise.
* src/qemu/qemu_conf.c (qemuBuildSmbiosSystemStr): Likewise.
* tests/qemuxml2argvdata/qemuxml2argv-smbios.xml: Adjust test.
* tests/qemuxml2argvdata/qemuxml2argv-smbios.args: Likewise.

* src/util/threads.h (virThreadID): New prototype.
* src/util/threads-pthread.c (virThreadID): New function.
* src/util/threads-win32.c (virThreadID): Likewise.
* src/libvirt_private.syms (threads.h): Export it.
* daemon/event.c (virEventInterruptLocked): Use it to avoid
warning on BSD systems.

"virCommandRun": if "cmd->outbuf" or "cmd->errbuf" is NULL,
libvirtd will be crashed when trying to start a qemu domain
(which invokes "virCommandRun"), it caused by we try to use
"*cmd->outbuf" and "*cmd->errbuf" regardless of cmd->outbuf
or cmd->errbuf is NULL.

* src/util/command.c (virCommandRun)

As this symbols are exported independent from WITH_MACVTAP.

This patch adds a mode_t parameter to virFileWriteStr().
If mode is different from 0, virFileWriteStr() will try
to create the file if it doesn't exist.

* src/util/util.h (virFileWriteStr): Alter signature.
* src/util/util.c (virFileWriteStr): Allow file creation.
* src/network/bridge_driver.c (networkEnableIpForwarding)
(networkDisableIPV6): Adjust clients.
* src/node_device/node_device_driver.c
(nodeDeviceVportCreateDelete): Likewise.
* src/util/cgroup.c (virCgroupSetValueStr): Likewise.
* src/util/pci.c (pciBindDeviceToStub, pciUnBindDeviceFromStub):
Likewise.

This proof of concept shows how two existing uses of virExec
and virRun can be ported to the new virCommand APIs, and how
much simpler the code becomes