1. 28 8月, 2015 1 次提交
    • J
      libxl: fix ref counting of libxlMigrationDstArgs · 44a54eb0
      Jim Fehlig 提交于
      This patch fixes some flawed logic around ref counting the
      libxlMigrationDstArgs object.
      
      First, when adding sockets to the event loop with
      virNetSocketAddIOCallback(), the generic virObjectFreeCallback()
      was registered as a free function, with libxlMigrationDstArgs as
      its parameter. A reference was also taken on
      libxlMigrationDstArgs for each successful call to
      virNetSocketAddIOCallback(). The rational behind this logic was
      that the libxlMigrationDstArgs object had to out-live the socket
      objects. But virNetSocketAddIOCallback() already takes a
      reference on socket objects, ensuring their life until removed
      from the event loop and unref'ed in virNetSocketEventFree(). We
      only need to ensure libxlMigrationDstArgs lives until
      libxlDoMigrateReceive() finishes, which can be done by simply
      unref'ing libxlMigrationDstArgs at the end of
      libxlDoMigrateReceive().
      
      The second flaw was unref'ing the sockets in the failure path of
      libxlMigrateReceive() and at the end of libxlDoMigrateReceive().
      As mentioned above, the sockets are already unref'ed by
      virNetSocketEventFree() when removed from the event loop.
      Attempting to unref the socket a second time resulted in a
      libvirtd crash since the socket was previously unref'ed and
      disposed.
      Signed-off-by: NJim Fehlig <jfehlig@suse.com>
      44a54eb0
  2. 27 8月, 2015 10 次提交
    • M
      Revert "lxc: ensure setns() syscall is defined" · c63b0880
      Michal Privoznik 提交于
      After my previous commit this commit is no longer needed.
      
      This reverts commit eff95ac8.
      c63b0880
    • M
      lxc_container: Turn lxcAttachNS into calling virProcessSetNamespaces · 692e9fac
      Michal Privoznik 提交于
      Now that virProcessSetNamespaces() does accept FD list in the
      correct format, we can simply turn lxcAttachNS into calling
      virProcessSetNamespaces().
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      692e9fac
    • M
      libvirt_lxc: Claim success for --help · fb0ef0d5
      Michal Privoznik 提交于
      So far, if libvirt_lxc binary (usually to be found under
      /usr/libexec/) is run with --help, due to a missing line
      and our usual functions pattern, an 'uknown' error is returned.
      Yeah, the help is printed out, but we should not claim error.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      fb0ef0d5
    • M
      util: Allow virProcessSetNamespaces() to have sparse FD list · ea048687
      Michal Privoznik 提交于
      So far, the virProcessSetNamespaces() takes an array of FDs that
      it tries to set namespace on. However, in the very next commit
      this array may be sparse, having some -1's in it. Teach the
      function to cope with that.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      ea048687
    • M
      virt-aa-helper: Improve valid_path · 52970dec
      Michal Privoznik 提交于
      So, after some movement in virt-aa-helper, I've noticed the
      virt-aa-helper-test failing. I've ran gdb (it took me a while to
      realize how to do that) and this showed up immediately:
      
        Program received signal SIGSEGV, Segmentation fault.
        strlen () at ../sysdeps/x86_64/strlen.S:106
        106     ../sysdeps/x86_64/strlen.S: No such file or directory.
        (gdb) bt
        #0  strlen () at ../sysdeps/x86_64/strlen.S:106
        #1  0x0000555555561a13 in array_starts_with (str=0x5555557ce910 "/tmp/tmp.6nI2Fkv0KL/1.img", arr=0x7fffffffd160, size=-1540438016) at security/virt-aa-helper.c:525
        #2  0x0000555555561d49 in valid_path (path=0x5555557ce910 "/tmp/tmp.6nI2Fkv0KL/1.img", readonly=false) at security/virt-aa-helper.c:617
        #3  0x0000555555562506 in vah_add_path (buf=0x7fffffffd3e0, path=0x5555557cb910 "/tmp/tmp.6nI2Fkv0KL/1.img", perms=0x555555581585 "rw", recursive=false) at security/virt-aa-helper.c:823
        #4  0x0000555555562693 in vah_add_file (buf=0x7fffffffd3e0, path=0x5555557cb910 "/tmp/tmp.6nI2Fkv0KL/1.img", perms=0x555555581585 "rw") at security/virt-aa-helper.c:854
        #5  0x0000555555562918 in add_file_path (disk=0x5555557d4440, path=0x5555557cb910 "/tmp/tmp.6nI2Fkv0KL/1.img", depth=0, opaque=0x7fffffffd3e0) at security/virt-aa-helper.c:931
        #6  0x00007ffff78f18b1 in virDomainDiskDefForeachPath (disk=0x5555557d4440, ignoreOpenFailure=true, iter=0x5555555628a6 <add_file_path>, opaque=0x7fffffffd3e0) at conf/domain_conf.c:23286
        #7  0x0000555555562b5f in get_files (ctl=0x7fffffffd670) at security/virt-aa-helper.c:982
        #8  0x0000555555564100 in vahParseArgv (ctl=0x7fffffffd670, argc=5, argv=0x7fffffffd7e8) at security/virt-aa-helper.c:1277
        #9  0x00005555555643d6 in main (argc=5, argv=0x7fffffffd7e8) at security/virt-aa-helper.c:1332
      
      So I've taken look at valid_path() because it is obviously
      calling array_starts_with() with malformed @size. And here's the
      result: there are two variables to hold the size of three arrays
      and their value is recalculated before each call of
      array_starts_with(). What if we just use three variables,
      initialize them and do not touch them afterwards?
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      52970dec
    • J
      lxc: Resolve Coverity RESOURCE_LEAK · dd25b5a7
      John Ferlan 提交于
      Commit id 'c27553b6' added a return -1 in a failure path without
      the necessary VIR_FREE(stack)
      dd25b5a7
    • L
      qemu: Emit correct audit message for memory hot unplug · 8f8031df
      Luyao Huang 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=1226234#c3
      
      If the qemu monitor fails to remove the memory from the guest for
      any reason, the auditlog message will incorrectly use the current
      actual memory (via virDomainDefGetMemoryActual) instead of the
      value we were attempting to reduce to. The result is the 'new-mem'
      and 'old-mem' values for the auditlog message would be identical.
      
      This patch creates a local 'newmem' which accounts for the current
      memory size minus the memory which is being removed. NB, for the
      success case this results in the same value that would be returned
      by virDomainDefGetMemoryActual without the need to do the math. This
      follows the existing code which would subtract the size for cur_balloon.
      Signed-off-by: NLuyao Huang <lhuang@redhat.com>
      8f8031df
    • L
      qemu: Emit correct audit message for memory hot plug · cb1fbda4
      Luyao Huang 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=1226234#c3
      
      Prior to this patch, after successfully hot plugging memory
      the audit log indicated that the update failed, e.g.:
      
      type=VIRT_RESOURCE ... old-mem=1024000 new-mem=1548288 \
      exe="/usr/sbin/libvirtd" hostname=? addr=? terminal=pts/2 res=failed
      
      This patch will adjust where virDomainAuditMemory is called to
      ensure the proper 'ret' value is used based on success or failure.
      
      Additionally, the audit message should include the size of the
      memory we were attempting to change to rather than the current
      actual size. On failure to add, the message showed the same value
      for old-mem and new-mem.
      
      In order to do this, introduce a 'newmem' local which will compute
      the new size based on the oldmem size plus the size of memory we
      are about to add. NB: This would be the same as calling the
      virDomainDefGetMemoryActual again on success, but avoids the
      overhead of recalculating. Plus cur_balloon is already adjusted
      by the same value, so this follows that.
      Signed-off-by: NLuyao Huang <lhuang@redhat.com>
      cb1fbda4
    • M
      utils: Remove the logging of errors from virNetDevSendEthtoolIoctl · 6f2a0198
      Moshe Levi 提交于
      This patch remove the logging of errors of ioctl api and instead
      let the caller to choose what errors to log
      6f2a0198
    • L
      hostdev: skip ACS check when using VFIO for device assignment · 108d591b
      Laine Stump 提交于
      The ACS checks are meaningless when using the more modern VFIO driver
      for device assignment since VFIO has its own more complete and exact
      checks, but I didn't realize that when I added support for VFIO. This
      patch eliminates the ACS check when preparing PCI devices for
      assignment if VFIO is being used.
      
      This resolves:
      
        https://bugzilla.redhat.com/show_bug.cgi?id=1256486
      108d591b
  3. 26 8月, 2015 7 次提交
  4. 25 8月, 2015 2 次提交
  5. 24 8月, 2015 18 次提交
  6. 22 8月, 2015 2 次提交