- 21 10月, 2019 1 次提交
-
-
由 Ján Tomko 提交于
Replace all occurrences of if (VIR_STRDUP(a, b) < 0) /* effectively dead code */ with: a = g_strdup(b); Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 12 7月, 2019 2 次提交
-
-
由 Daniel P. Berrangé 提交于
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
Currently code has to first create the service and then separately register it with the server. If the socket associated with a particular service is not passed from systemd we want to skip creating the service altogether. This means we can't put the systemd activation logic into the constructors for virNetServerService. This patch thus creates some helper methods against virNetServer which combine systemd activation, service creation and service registration into one single operation. This operation is automatically a no-op if systemd activation is present and no sockets were passed in. Reviewed-by: NMichal Privoznik <mprivozn@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
- 21 6月, 2019 1 次提交
-
-
由 Daniel P. Berrangé 提交于
Libvirtd has long had integration with avahi for advertising libvirtd using mDNS when TCP/TLS listening is enabled. For a long time the virt-manager application had support for auto-detecting libvirtds on the local network using mDNS, but this was removed last year commit fc8f8d5d7e3ba80a0771df19cf20e84a05ed2422 Author: Cole Robinson <crobinso@redhat.com> Date: Sat Oct 6 20:55:31 2018 -0400 connect: Drop avahi support Libvirtd can advertise itself over avahi. The feature is disabled by default though and in practice I hear of no one actually using it and frankly I don't think it's all that useful The 'Open Connection' wizard has a disproportionate amount of code devoted to this feature, but I don't think it's useful or worth maintaining, so let's drop it I've never heard of any other applications having support for using mDNS to detect libvirtd instances. Though it is theoretically possible something exists out there, it is clearly going to be a niche use case in the virt ecosystem as a whole. By removing avahi integration we can cut down the dependency chain for the basic libvirtd install and reduce our code maint burden. Reviewed-by: NJán Tomko <jtomko@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
- 14 5月, 2019 1 次提交
-
-
由 Michal Privoznik 提交于
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
- 04 2月, 2019 1 次提交
-
-
由 Cole Robinson 提交于
Missing semicolon at the end of macros can confuse some analyzers (like cppcheck <filename>). VIR_ONCE_GLOBAL_INIT is almost exclusively called without an ending semicolon, but let's standardize on using one like the other macros. Add a dummy struct definition at the end of the macro, so the compiler will require callers to add a semicolon. Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Signed-off-by: NCole Robinson <crobinso@redhat.com>
-
- 14 12月, 2018 1 次提交
-
-
由 Daniel P. Berrangé 提交于
In many files there are header comments that contain an Author: statement, supposedly reflecting who originally wrote the code. In a large collaborative project like libvirt, any non-trivial file will have been modified by a large number of different contributors. IOW, the Author: comments are quickly out of date, omitting people who have made significant contribitions. In some places Author: lines have been added despite the person merely being responsible for creating the file by moving existing code out of another file. IOW, the Author: lines give an incorrect record of authorship. With this all in mind, the comments are useless as a means to identify who to talk to about code in a particular file. Contributors will always be better off using 'git log' and 'git blame' if they need to find the author of a particular bit of code. This commit thus deletes all Author: comments from the source and adds a rule to prevent them reappearing. The Copyright headers are similarly misleading and inaccurate, however, we cannot delete these as they have legal meaning, despite being largely inaccurate. In addition only the copyright holder is permitted to change their respective copyright statement. Reviewed-by: NErik Skultety <eskultet@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
- 15 8月, 2018 1 次提交
-
-
由 Marc Hartmayer 提交于
Semantically, there is no difference between an uninitialized worker pool and an initialized worker pool with zero workers. Let's allow the worker pool to be initialized for max_workers=0 as well then which makes the API more symmetric and simplifies code. Validity of the worker pool is delegated to virThreadPoolGetMaxWorkers instead. This patch fixes segmentation faults in virNetServerGetThreadPoolParameters and virNetServerSetThreadPoolParameters for the case when no worker pool is actually initialized (max_workers=0). Signed-off-by: NMarc Hartmayer <mhartmay@linux.ibm.com>
-
- 21 7月, 2018 1 次提交
-
-
由 Marc Hartmayer 提交于
@srv must be unlocked for the call virNetServerProcessMsg otherwise a deadlock can occur. Since the pointer 'srv->workers' will never be changed after initialization and the thread pool has it's own locking we can release the lock of 'srv' earlier. This also fixes the deadlock. Signed-off-by: NMarc Hartmayer <mhartmay@linux.ibm.com> Reviewed-by: NBoris Fiuczynski <fiuczy@linux.ibm.com> Reviewed-by: NBjoern Walk <bwalk@linux.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
- 05 6月, 2018 1 次提交
-
-
由 Michal Privoznik 提交于
Now that GnuTLS is a requirement, we can drop a lot of conditionally built code. However, not all ifdef-s can go because we still want libvirt_setuid to build without gnutls. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
- 11 5月, 2018 1 次提交
-
-
由 John Ferlan 提交于
Rather than have virJSONValueArraySize return a -1 when the input is not an array and then splat an error message, let's check for an array before calling and then change the return to be a size_t instead of ssize_t. That means using the helper virJSONValueIsArray as well as using a more generic error message such as "Malformed <something> array". In some cases we can remove stack variables and when we cannot, those variables should be size_t not ssize_t. Alter a few references of if (!value) to be if (value == 0) instead as well. Some callers can already assume an array is being worked on based on the previous call, so there's less to do. Signed-off-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
- 18 4月, 2018 1 次提交
-
-
由 Michal Privoznik 提交于
So far we are repeating the following lines over and over: if (!(virSomeObjectClass = virClassNew(virClassForObject(), "virSomeObject", sizeof(virSomeObject), virSomeObjectDispose))) return -1; While this works, it is impossible to do some checking. Firstly, the class name (the 2nd argument) doesn't match the name in the code in all cases (the 3rd argument). Secondly, the current style is needlessly verbose. This commit turns example into following: if (!(VIR_CLASS_NEW(virSomeObject, virClassForObject))) return -1; Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
- 08 3月, 2018 3 次提交
-
-
由 Daniel P. Berrangé 提交于
If max_workers is set to zero, then the worker thread pool won't be created, so when serializing state for pre-exec we must set various parameters to zero. Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJim Fehlig <jfehlig@suse.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
Currently virNetServerClientDispatchFunc implementations are only responsible for free'ing the "msg" parameter upon success. Simplify the calling convention by making it their unconditional responsibility to free the "msg", and close the client if desired. Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJim Fehlig <jfehlig@suse.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
There's no reason why the virNetServerClientDispatchRead method needs to acquire an extra reference on the "client" object. An extra reference is only needed if the registered dispatch callback is going to keep hold of the "client" for work in the background. Thus we can push reference acquisition into virNetServerDispatchNewMessage. Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJim Fehlig <jfehlig@suse.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
- 03 2月, 2018 1 次提交
-
-
由 John Ferlan 提交于
No sense in calling ServiceToggle for all nservices during ServiceDispose since ServerClose calls ServiceClose which removes the IOCallback that's being toggled via ServiceToggle. Signed-off-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
- 31 1月, 2018 1 次提交
-
-
由 Daniel P. Berrange 提交于
The virNetServer class is passing a pointer to itself to the virNetServerClient as a 'void *' pointer. This is presumably due to fact that the virnetserverclient.h file doesn't see the virNetServerPtr typedef. The typedef is easily movable though, which lets us get typesafe parameter passing, removing the confusion of passing two distinct 'void *' pointers to one method. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 04 1月, 2018 3 次提交
-
-
由 Marc Hartmayer 提交于
There is a race between virNetServerProcessClients (main thread) and remoteDispatchAuthList/remoteDispatchAuthPolkit/remoteSASLFinish (worker thread) that can lead to decrementing srv->nclients_unauth when it's zero. Since virNetServerCheckLimits relies on the value srv->nclients_unauth the underrun causes libvirtd to stop accepting new connections forever. Example race scenario (assuming libvirtd is using policykit and the client is privileged): 1. The client calls the RPC remoteDispatchAuthList => remoteDispatchAuthList is executed on a worker thread (Thread T1). We're assuming now the execution stops for some time before the line 'virNetServerClientSetAuth(client, 0)' 2. The client closes the connection irregularly. This causes the event loop to wake up and virNetServerProcessClient to be called (on the main thread T0). During the virNetServerProcessClients the srv lock is hold. The condition virNetServerClientNeedAuth(client) will be checked and as the authentication is not finished right now virNetServerTrackCompletedAuthLocked(srv) will be called => --srv->nclients_unauth => 0 3. The Thread T1 continues, marks the client as authenticated, and calls virNetServerTrackCompletedAuthLocked(srv) => --srv->nclients_unauth => --0 => wrap around as nclient_unauth is unsigned 4. virNetServerCheckLimits(srv) will disable the services forever To fix it, add an auth_pending field to the client struct so that it is now possible to determine if the authentication process has already been handled for this client. Setting the authentication method to none for the client in virNetServerProcessClients is not a proper way to indicate that the counter has been decremented, as this would imply that the client is authenticated. Additionally, adjust the existing test cases for this new field. Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>
-
由 Marc Hartmayer 提交于
Combine virNetServerClientSetAuth(client, VIR_NET_SERVER_SERVICE_AUTH_NONE) and virNetServerTrackCompletedAuth into one new function named virNetServerSetClientAuthenticated. After using this new function the function virNetServerTrackCompletedAuth was superfluous and is therefore removed. In addition, it is not very common that a '{{function}}' (virNetServerTrackCompletedAuth) does more than just the locking compared to '{{function}}Locked' (virNetServerTrackCompletedAuthLocked). virNetServerTrackPendingAuth was already superfluous and therefore it's also removed. Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Reviewed-by: NStefan Zimmermann <stzi@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Marc Hartmayer 提交于
The lock for @client must not only be held for the duration of checking whether the client wants to close, but also for as long as we're closing the client. The same applies to the tracking of authentications. Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com>
-
- 21 12月, 2017 1 次提交
-
-
由 Cédric Bosdonnat 提交于
So far clients were closed when disposing the daemon, after the state driver cleanup. This was leading to libvirtd crashing at shutdown due to missing driver. Moving the client close in virNetServerClose() fixes the problem. Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
- 12 9月, 2017 1 次提交
-
-
由 Guido Günther 提交于
-
- 10 4月, 2017 1 次提交
-
-
由 Marc Hartmayer 提交于
Use the return value of virObjectRef directly. This way, it's easier for another reader to identify the reason why the additional reference is required. Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: NBjoern Walk <bwalk@linux.vnet.ibm.com>
-
- 02 8月, 2016 5 次提交
-
-
由 Erik Skultety 提交于
Prior to commit 2737aaaf, we allowed every client to connect successfully, however, if accepting a client would eventually lead to an overcommit of the limits, we would disconnect it immediately with "Too many active clients, dropping connection from...". Recent changes refactored the code in a way, that it is not possible for the client-related callback to be dispatched and the client to be accepted if the limits wouldn't permit to do so, therefore a check if a connection should be dropped due to limits violation has become a dead code that could be removed. Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
由 Erik Skultety 提交于
Commit 2737aaaf changed our policy for accepting new clients in a way, that instead of accepting new clients only to disconnect them immediately, since that would overcommit the limit, we temporarily disable polling for the dedicated file descriptor, so any new connection will queue on the socket. Commit 8b1f0469 then added the possibility to change the limits during runtime but it didn't re-enable polling for the previously disabled file descriptor, thus any new connection would still continue to queue on the socket. This patch forces an update of the services each time the limits were changed in some way. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1357776Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
由 Erik Skultety 提交于
So far, virNetServerCheckLimits was only used to possibly re-enable accepting new clients that might have previously been disabled due to client limits violation (max_clients, max_anonymous_clients). This patch refactors virNetServerAddClient, which is currently the only place where the services get disabled, in order to use the virNetServerCheckLimits helper instead of checking the limits by itself. Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
由 Erik Skultety 提交于
Since virNetServerAddClient checks for the limits in order to temporarily suspend the services, thus not accepting any more clients, there is no reason why virNetServerCheckLimits, which is only responsible for re-enabling previously disabled services according to the limits, could not do both. To be able to do that however, it needs to be moved up in the file since it's static (and because it's just a helper and there's only one caller it should remain static). Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
由 Erik Skultety 提交于
The original naming was just a leftover that should have been fixed in commit 8b1f0469. Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
- 24 6月, 2016 1 次提交
-
-
由 Ján Tomko 提交于
Use it in virNetServerClientGetInfo to switch back to using the URI-format (separated by ':') instead of the SASL format (separated by ';'). Also use it in the error message reported by virNetServerAddClient.
-
- 19 5月, 2016 2 次提交
-
-
由 Erik Skultety 提交于
Opposite operation to virAdmServerGetClientLimits. Understandably though, setting values for current number of clients connected or still waiting for authentication does not make sense, since changes to these values are event dependent, i.e. a client connects - counter is increased. Thus only the limits to maximum clients connected and waiting for authentication can be set. Should a request for other controls to be set arrive (provided such a setting will be first introduced to the config), the set of configuration controls can be later expanded (thanks to typed params). This patch also introduces a constraint that the maximum number of clients waiting for authentication has to be less than the overall maximum number of clients connected and any attempt to violate this constraint will be denied. Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
由 Erik Skultety 提交于
Add some trivial getters for client related attributes to virnetserver before any admin method can be introduced. Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
- 03 5月, 2016 3 次提交
-
-
由 Erik Skultety 提交于
Just like with server-related APIs, before any of client-based APIs can be called, a reference to a client-side client object needs to be obtained. For this purpose, a lookup method should exist. Apart from the client retrieval logic, a new error code for non-existent client had to be added as well. Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
由 Erik Skultety 提交于
For now, the list copy is done simply by locking the whole server, walking the original and increasing the refcount on each object. We may want to change the list to a lockable object (like list of domains) later in the future if we discover some performance issues related to locking the whole server in order to walk the whole list of clients, possibly issuing some 'ForEach' callback. Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
由 Erik Skultety 提交于
Admin API needs a way of addressing specific clients. Unlike servers, which we are happy to address by names both because its name reflects its purpose (to some extent) and we only have two of them (so far), naming clients doesn't make any sense, since a) each client is an anonymous, i.e. not recognized after a disconnect followed by a reconnect, b) we can't predict what kind of requests it's going to send to daemon, and c) the are loads of them comming and going, so the only viable option is to use an ID which is of a reasonably wide data type. Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
- 18 4月, 2016 2 次提交
-
-
由 Erik Skultety 提交于
Since threadpool increments the current number of threads according to current load, i.e. how many jobs are waiting in the queue. The count however, is constrained by max and min limits of workers. The logic of this new API works like this: 1) setting the minimum a) When the limit is increased, depending on the current number of threads, new threads are possibly spawned if the current number of threads is less than the new minimum limit b) Decreasing the minimum limit has no possible effect on the current number of threads 2) setting the maximum a) Icreasing the maximum limit has no immediate effect on the current number of threads, it only allows the threadpool to spawn more threads when new jobs, that would otherwise end up queued, arrive. b) Decreasing the maximum limit may affect the current number of threads, if the current number of threads is less than the new maximum limit. Since there may be some ongoing time-consuming jobs that would effectively block this API from killing any threads. Therefore, this API is asynchronous with best-effort execution, i.e. the necessary number of workers will be terminated once they finish their previous job, unless other workers had already terminated, decreasing the limit to the requested value. 3) setting priority workers - both increase and decrease in count of these workers have an immediate impact on the current number of workers, new ones will be spawned or some of them get terminated respectively. Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
由 Erik Skultety 提交于
New API to retrieve current server workerpool specs. Since it uses typed parameters, more specs to retrieve can be further included in the pool of supported ones. Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
- 11 3月, 2016 1 次提交
-
-
由 Martin Kletzander 提交于
At first I did not want to do this, but after trying to implement some newer feaures in the admin API I realized we need that to make our lives easier. On the other hand they are not saved redundantly and the virNetServer objects are still kept in a hash table. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
- 09 10月, 2015 1 次提交
-
-
由 Michal Privoznik 提交于
The internal representation of a JSON array counts the items in size_t. However, for some reason, when asking for the count it's reported as int. Firstly, we need the function to return a signed type as it's returning -1 on an error. But, not every system has integer the same size as size_t. Therefore, lets return ssize_t. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 10 8月, 2015 1 次提交
-
-
由 Martin Kletzander 提交于
Since its introduction in 2011 (particularly in commit f4324e32), the option doesn't work. It just effectively disables all incoming connections. That's because the client private data that contain the 'keepalive_supported' boolean, are initialized to zeroes so the bool is false and the only other place where the bool is used is when checking whether the client supports keepalive. Thus, according to the server, no client supports keepalive. Removing this instead of fixing it is better because a) apparently nobody ever tried it since 2011 (4 years without one month) and b) we cannot know whether the client supports keepalive until we get a ping or pong keepalive packet. And that won't happen until after we dispatched the ConnectOpen call. Another two reasons would be c) the keepalive_required was tracked on the server level, but keepalive_supported was in private data of the client as well as the check that was made in the remote layer, thus making all other instances of virNetServer miss this feature unless they all implemented it for themselves and d) we can always add it back in case there is a request and a use-case for it. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
- 16 6月, 2015 1 次提交
-
-
由 Martin Kletzander 提交于
This reverts commit 6bda9f8a. I mistakenly pushed it along with the Admin API series.
-