1. 03 9月, 2015 4 次提交
    • M
      vshInit: Don't leak @histsize_env · 3606f62f
      Michal Privoznik 提交于
      Caller is responsible for freeing the result of virStringJoin()
      when no longer needed:
      
      ==10701== 1 bytes in 1 blocks are definitely lost in loss record 1 of 806
      ==10701==    at 0x4C29F80: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
      ==10701==    by 0xAADB679: strdup (in /lib64/libc-2.20.so)
      ==10701==    by 0x4F18655: virStrdup (virstring.c:726)
      ==10701==    by 0x4F175AF: virStringJoin (virstring.c:165)
      ==10701==    by 0x131D4D: vshReadlineInit (vsh.c:2572)
      ==10701==    by 0x1322DF: vshInit (vsh.c:2736)
      ==10701==    by 0x1347C1: main (virsh.c:907)
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      (cherry picked from commit 4fdd873f)
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      3606f62f
    • J
      storage: Correct the 'mode' check · e0025d29
      John Ferlan 提交于
      Commit id '7c2d65dd' changed the default value of mode to be -1 if not
      supplied in the XML, which should cause creation of the volume using the
      default mode of VIR_STORAGE_DEFAULT_VOL_PERM_MODE; however, the check
      made was whether mode was '0' or not to use default or provided value.
      
      This patch fixes the issue to check if the 'mode' was provided in the XML
      and use that value.
      
      (cherry picked from commit 691dd388)
      e0025d29
    • J
      storage: Handle failure from refreshVol · 8b1d84e6
      John Ferlan 提交于
      Commit id '155ca616' added the 'refreshVol' API. In an NFS root-squash
      environment it was possible that if the just created volume from XML wasn't
      properly created with the right uid/gid and/or mode, then the followup
      refreshVol will fail to open the volume in order to get the allocation/
      capacity values. This would leave the volume still on the server and
      cause a libvirtd crash because 'voldef' would be in the pool list, but
      the cleanup code would free it.
      
      (cherry picked from commit db9277a3)
      8b1d84e6
    • J
      virfile: Introduce virFileUnlink · 3468542f
      John Ferlan 提交于
      In an NFS root-squashed environment the 'vol-delete' command will fail to
      'unlink' the target volume since it was created under a different uid:gid.
      
      This code continues the concepts introduced in virFileOpenForked and
      virDirCreate[NoFork] with respect to running the unlink command under
      the uid/gid of the child. Unlike the other two, don't retry on EACCES
      (that's why we're here doing this now).
      
      (cherry picked from commit 35847860)
      3468542f
  2. 02 9月, 2015 1 次提交
  3. 31 8月, 2015 3 次提交
  4. 30 8月, 2015 1 次提交
  5. 29 8月, 2015 2 次提交
    • L
      util: fallback to ioctl(SIOCBRDELBR) if netlink RTM_DELLINK fails · 97d26e47
      Laine Stump 提交于
      commit 09778e09 switched from using ioctl(SIOCBRDELBR) for bridge
      device deletion to using a netlink RTM_DELLINK message, which is the
      more modern way to delete a bridge (and also doesn't require the
      bridge to be ~IFF_UP to succeed). However, although older kernels
      (e.g. 2.6.32, in RHEL6/CentOS6) support deleting *some* link types
      with RTM_NEWLINK, they don't support deleting bridges, and there is no
      compile-time way to figure this out.
      
      This patch moves the body of the SIOCBRDELBR version of
      virNetDevBridgeDelete() into a static function, calls the new function
      from the original, and also calls the new function from the
      RTM_DELLINK version if the RTM_DELLINK message generates an EOPNOTSUPP
      error. Since RTM_DELLINK is done from the subordinate function
      virNetlinkDelLink, which is also called for other purposes (deleting a
      macvtap interface), a function pointer called "fallback" has been
      added to the arglist of virNetlinkDelLink() - if that arg != NULL, the
      provided function will be called when (and only when) RTM_DELLINK
      fails with EOPNOTSUPP.
      
      Resolves:  https://bugzilla.redhat.com/show_bug.cgi?id=1252780 (part 2)
      97d26e47
    • L
      util: fallback to ioctl(SIOCBRADDBR) if netlink RTM_NEWLINK fails · 66dcb409
      Laine Stump 提交于
      commit fc7b23db switched from using ioctl(SIOCBRADDBR) for bridge
      creation to using a netlink RTM_NEWLINK message with IFLA_INFO_KIND =
      "bridge", which is the more modern way to create a bridge. However,
      although older kernels (e.g. 2.6.32, in RHEL6/CentOS6) support
      creating *some* link types with RTM_NEWLINK, they don't support
      creating bridges, and there is no compile-time way to figure this out
      (since the "type" isn't an enum, but rather a character string).
      
      This patch moves the body of the SIOCBRADDBR version of
      virNetDevBridgeCreate() into a static function, calls the new function
      from the original, and also calls the new function from the
      RTM_NEWLINK version if the RTM_NEWLINK message generates an EOPNOTSUPP
      error.
      
      Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1252780
      66dcb409
  6. 28 8月, 2015 4 次提交
    • J
      Revert "LXC: show used memory as 0 when domain is not active" · 60acb38a
      Jim Fehlig 提交于
      This reverts commit 1ce7c1d2,
      which introduced a significant semantic change to the
      virDomainGetInfo() API. Additionally, the change was only
      made to 2 of the 15 virt drivers.
      
      Conflicts:
      	src/qemu/qemu_driver.c
      Signed-off-by: NJim Fehlig <jfehlig@suse.com>
      60acb38a
    • J
      libxl: acquire a job when receiving a migrating domain · e80b84a7
      Jim Fehlig 提交于
      Commit f86ae403 moved acquiring a job from libxlDomainStart()
      to its callers. One spot missed was in libxlDoMigrateReceive().
      Acquire a job in libxlDoMigrateReceive() before calling
      libxlDomainStart().
      Signed-off-by: NJim Fehlig <jfehlig@suse.com>
      e80b84a7
    • J
      libxl: don't attempt to resume domain when suspend fails · 15120b8c
      Jim Fehlig 提交于
      Failure of libxl_domain_suspend() does not leave the domain in
      a suspended state, so no need to call libxl_domain_resume(),
      which btw will fail with "domain not suspended".
      Signed-off-by: NJim Fehlig <jfehlig@suse.com>
      15120b8c
    • J
      libxl: fix ref counting of libxlMigrationDstArgs · 44a54eb0
      Jim Fehlig 提交于
      This patch fixes some flawed logic around ref counting the
      libxlMigrationDstArgs object.
      
      First, when adding sockets to the event loop with
      virNetSocketAddIOCallback(), the generic virObjectFreeCallback()
      was registered as a free function, with libxlMigrationDstArgs as
      its parameter. A reference was also taken on
      libxlMigrationDstArgs for each successful call to
      virNetSocketAddIOCallback(). The rational behind this logic was
      that the libxlMigrationDstArgs object had to out-live the socket
      objects. But virNetSocketAddIOCallback() already takes a
      reference on socket objects, ensuring their life until removed
      from the event loop and unref'ed in virNetSocketEventFree(). We
      only need to ensure libxlMigrationDstArgs lives until
      libxlDoMigrateReceive() finishes, which can be done by simply
      unref'ing libxlMigrationDstArgs at the end of
      libxlDoMigrateReceive().
      
      The second flaw was unref'ing the sockets in the failure path of
      libxlMigrateReceive() and at the end of libxlDoMigrateReceive().
      As mentioned above, the sockets are already unref'ed by
      virNetSocketEventFree() when removed from the event loop.
      Attempting to unref the socket a second time resulted in a
      libvirtd crash since the socket was previously unref'ed and
      disposed.
      Signed-off-by: NJim Fehlig <jfehlig@suse.com>
      44a54eb0
  7. 27 8月, 2015 10 次提交
    • M
      Revert "lxc: ensure setns() syscall is defined" · c63b0880
      Michal Privoznik 提交于
      After my previous commit this commit is no longer needed.
      
      This reverts commit eff95ac8.
      c63b0880
    • M
      lxc_container: Turn lxcAttachNS into calling virProcessSetNamespaces · 692e9fac
      Michal Privoznik 提交于
      Now that virProcessSetNamespaces() does accept FD list in the
      correct format, we can simply turn lxcAttachNS into calling
      virProcessSetNamespaces().
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      692e9fac
    • M
      libvirt_lxc: Claim success for --help · fb0ef0d5
      Michal Privoznik 提交于
      So far, if libvirt_lxc binary (usually to be found under
      /usr/libexec/) is run with --help, due to a missing line
      and our usual functions pattern, an 'uknown' error is returned.
      Yeah, the help is printed out, but we should not claim error.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      fb0ef0d5
    • M
      util: Allow virProcessSetNamespaces() to have sparse FD list · ea048687
      Michal Privoznik 提交于
      So far, the virProcessSetNamespaces() takes an array of FDs that
      it tries to set namespace on. However, in the very next commit
      this array may be sparse, having some -1's in it. Teach the
      function to cope with that.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      ea048687
    • M
      virt-aa-helper: Improve valid_path · 52970dec
      Michal Privoznik 提交于
      So, after some movement in virt-aa-helper, I've noticed the
      virt-aa-helper-test failing. I've ran gdb (it took me a while to
      realize how to do that) and this showed up immediately:
      
        Program received signal SIGSEGV, Segmentation fault.
        strlen () at ../sysdeps/x86_64/strlen.S:106
        106     ../sysdeps/x86_64/strlen.S: No such file or directory.
        (gdb) bt
        #0  strlen () at ../sysdeps/x86_64/strlen.S:106
        #1  0x0000555555561a13 in array_starts_with (str=0x5555557ce910 "/tmp/tmp.6nI2Fkv0KL/1.img", arr=0x7fffffffd160, size=-1540438016) at security/virt-aa-helper.c:525
        #2  0x0000555555561d49 in valid_path (path=0x5555557ce910 "/tmp/tmp.6nI2Fkv0KL/1.img", readonly=false) at security/virt-aa-helper.c:617
        #3  0x0000555555562506 in vah_add_path (buf=0x7fffffffd3e0, path=0x5555557cb910 "/tmp/tmp.6nI2Fkv0KL/1.img", perms=0x555555581585 "rw", recursive=false) at security/virt-aa-helper.c:823
        #4  0x0000555555562693 in vah_add_file (buf=0x7fffffffd3e0, path=0x5555557cb910 "/tmp/tmp.6nI2Fkv0KL/1.img", perms=0x555555581585 "rw") at security/virt-aa-helper.c:854
        #5  0x0000555555562918 in add_file_path (disk=0x5555557d4440, path=0x5555557cb910 "/tmp/tmp.6nI2Fkv0KL/1.img", depth=0, opaque=0x7fffffffd3e0) at security/virt-aa-helper.c:931
        #6  0x00007ffff78f18b1 in virDomainDiskDefForeachPath (disk=0x5555557d4440, ignoreOpenFailure=true, iter=0x5555555628a6 <add_file_path>, opaque=0x7fffffffd3e0) at conf/domain_conf.c:23286
        #7  0x0000555555562b5f in get_files (ctl=0x7fffffffd670) at security/virt-aa-helper.c:982
        #8  0x0000555555564100 in vahParseArgv (ctl=0x7fffffffd670, argc=5, argv=0x7fffffffd7e8) at security/virt-aa-helper.c:1277
        #9  0x00005555555643d6 in main (argc=5, argv=0x7fffffffd7e8) at security/virt-aa-helper.c:1332
      
      So I've taken look at valid_path() because it is obviously
      calling array_starts_with() with malformed @size. And here's the
      result: there are two variables to hold the size of three arrays
      and their value is recalculated before each call of
      array_starts_with(). What if we just use three variables,
      initialize them and do not touch them afterwards?
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      52970dec
    • J
      lxc: Resolve Coverity RESOURCE_LEAK · dd25b5a7
      John Ferlan 提交于
      Commit id 'c27553b6' added a return -1 in a failure path without
      the necessary VIR_FREE(stack)
      dd25b5a7
    • L
      qemu: Emit correct audit message for memory hot unplug · 8f8031df
      Luyao Huang 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=1226234#c3
      
      If the qemu monitor fails to remove the memory from the guest for
      any reason, the auditlog message will incorrectly use the current
      actual memory (via virDomainDefGetMemoryActual) instead of the
      value we were attempting to reduce to. The result is the 'new-mem'
      and 'old-mem' values for the auditlog message would be identical.
      
      This patch creates a local 'newmem' which accounts for the current
      memory size minus the memory which is being removed. NB, for the
      success case this results in the same value that would be returned
      by virDomainDefGetMemoryActual without the need to do the math. This
      follows the existing code which would subtract the size for cur_balloon.
      Signed-off-by: NLuyao Huang <lhuang@redhat.com>
      8f8031df
    • L
      qemu: Emit correct audit message for memory hot plug · cb1fbda4
      Luyao Huang 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=1226234#c3
      
      Prior to this patch, after successfully hot plugging memory
      the audit log indicated that the update failed, e.g.:
      
      type=VIRT_RESOURCE ... old-mem=1024000 new-mem=1548288 \
      exe="/usr/sbin/libvirtd" hostname=? addr=? terminal=pts/2 res=failed
      
      This patch will adjust where virDomainAuditMemory is called to
      ensure the proper 'ret' value is used based on success or failure.
      
      Additionally, the audit message should include the size of the
      memory we were attempting to change to rather than the current
      actual size. On failure to add, the message showed the same value
      for old-mem and new-mem.
      
      In order to do this, introduce a 'newmem' local which will compute
      the new size based on the oldmem size plus the size of memory we
      are about to add. NB: This would be the same as calling the
      virDomainDefGetMemoryActual again on success, but avoids the
      overhead of recalculating. Plus cur_balloon is already adjusted
      by the same value, so this follows that.
      Signed-off-by: NLuyao Huang <lhuang@redhat.com>
      cb1fbda4
    • M
      utils: Remove the logging of errors from virNetDevSendEthtoolIoctl · 6f2a0198
      Moshe Levi 提交于
      This patch remove the logging of errors of ioctl api and instead
      let the caller to choose what errors to log
      6f2a0198
    • L
      hostdev: skip ACS check when using VFIO for device assignment · 108d591b
      Laine Stump 提交于
      The ACS checks are meaningless when using the more modern VFIO driver
      for device assignment since VFIO has its own more complete and exact
      checks, but I didn't realize that when I added support for VFIO. This
      patch eliminates the ACS check when preparing PCI devices for
      assignment if VFIO is being used.
      
      This resolves:
      
        https://bugzilla.redhat.com/show_bug.cgi?id=1256486
      108d591b
  8. 26 8月, 2015 7 次提交
  9. 25 8月, 2015 2 次提交
  10. 24 8月, 2015 6 次提交
    • V
      Eliminate incorrect and unnecessary check for changed IP address · bbc705d1
      Vasiliy Tolstov 提交于
      Commit aa2cc7 modified a previously unnecessary but innocuous check
      for interface IP address during interface update incorrectly, causing
      all attempted updates (e.g. changing link state) to interfaces of
      type='ethernet' for QEMU to fail.
      
      This patch fixes the issue by completely removing the check for IP
      address, which is pointless since QEMU doesn't support setting
      interface IP addresses from the domain interface XML anyway.
      Signed-off-by: NVasiliy Tolstov <v.tolstov@selfip.ru>
      Signed-off-by: NLaine Stump <laine@laine.org>
      bbc705d1
    • T
      virDomainRename: Extend API documentation · 6c2702ed
      Tomas Meszaros 提交于
      Signed-off-by: NTomas Meszaros <exo@tty.sk>
      6c2702ed
    • L
      qemu: add a check for nodeset in qemuDomainSetNumaParamsLive · c8e51773
      Luyao Huang 提交于
      We will try to set the node to cpuset.mems without check if
      it is available, since we already have helper to check this.
      Call virNumaNodesetIsAvailable to check if node is available,
      then try to change it in the cgroup.
      Signed-off-by: NLuyao Huang <lhuang@redhat.com>
      c8e51773
    • G
      selinux: fix compile errors · 4d4c90df
      Guido Günther 提交于
      Remove unused variable, tag unused parameter and adjust return type.
      
      introduced by 3f48345f
      
      CC     security/libvirt_security_manager_la-security_selinux.lo
      security/security_selinux.c: In function 'virSecuritySELinuxDomainSetDirLabel':
      security/security_selinux.c:2520:5: error: return makes pointer from integer without a cast [-Werror]
      security/security_selinux.c:2514:9: error: unused variable 'ret' [-Werror=unused-variable]
      security/security_selinux.c:2509:59: error: unused parameter 'mgr' [-Werror=unused-parameter]
      4d4c90df
    • G
      storage: only run safezero if allocation is > 0 · 269d39af
      Guido Günther 提交于
      While a zero allocation in safezero should be fine it isn't when we use
      posix_fallocate which returns EINVAL on a zero allocation.
      
      While we could skip the zero allocation in safezero_posix_fallocate it's
      an optimization to do it for all allocations.
      
      This fixes vm installation via virtinst for me which otherwise aborts
      like:
      
         Starting install...
         Retrieving file linux...               | 5.9 MB     00:01 ...
         Retrieving file initrd.gz...           |  29 MB     00:07 ...
         ERROR    Couldn't create storage volume 'virtinst-linux.sBgds4': 'cannot fill file '/var/lib/libvirt/boot/virtinst-linux.sBgds4': Invalid argument'
      
      The error was introduced by e30297b0 as spotted by Chunyan Liu
      269d39af
    • I
      virt-aa-helper: allow access to /usr/share/ovmf/ · 2f01cfdf
      intrigeri 提交于
      We forbid access to /usr/share/, but (at least on Debian-based systems)
      the Open Virtual Machine Firmware files needed for booting UEFI virtual
      machines in QEMU live in /usr/share/ovmf/. Therefore, we need to add
      that directory to the list of read only paths.
      
      A similar patch was suggested by Jamie Strandboge <jamie@canonical.com>
      on https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1483071.
      2f01cfdf