1. 20 3月, 2013 1 次提交
    • L
      storage: fix unlikely memory leak in rbd backend · 57f39e03
      Laine Stump 提交于
      virStorageBackendRBDRefreshPool() first allocates an array big enough
      to hold 1024 names, then calls rbd_list(), which returns ERANGE if the
      array isn't big enough. When that happens, the VIR_ALLOC_N is called
      again with a larger size. Unfortunately, the original array isn't
      freed before allocating a new one.
      57f39e03
  2. 19 3月, 2013 10 次提交
  3. 18 3月, 2013 1 次提交
    • J
      qemu: Fix startupPolicy regression · ef3cd647
      Jiri Denemark 提交于
      Commit 82d5fe54
      
          qemu: check backing chains even when cgroup is omitted
      
      added backing file checks just before the code that removes optional
      disks if they are not present. However, the backing chain code fails in
      case the disk file does not exist, which makes qemuProcessStart fail
      regardless on configured startupPolicy.
      
      Note that startupPolicy implementation is still wrong after this patch
      since it only check the first file in a possible chain. It should rather
      check the complete backing chain. But this is an existing limitation
      that can be solved later. After all, startupPolicy is most useful for
      CDROM images and they won't make use of backing files in most cases.
      ef3cd647
  4. 16 3月, 2013 6 次提交
  5. 15 3月, 2013 12 次提交
    • P
      qemu: do not support non-network disks without -drive · af947455
      Paolo Bonzini 提交于
      QEMU added -drive in 2007, and NBD in 2008.  Both appeared first in
      release 0.10.0.  Thus the code to support network disks without -drive
      is dead, and in fact it incorrectly escapes commas.  Drop it.
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      af947455
    • M
      Cleanup useless flags specifications · 73cc87d1
      Martin Kletzander 提交于
      After we switched to C99 initialization, I noticed there were many
      places where the specification of .flags parameter differed.  After
      going through many options and deciding whether to unify the
      initialization to be '.flags = 0' or '.flags = VSH_OFLAG_NONE', I
      realized both can be removed and it makes the code easier to go
      through.
      73cc87d1
    • M
      Fix snapshot-create-as syntax in help output · 66f1bbc3
      Martin Kletzander 提交于
      According to the man page, the memspec parameter should have the
      '--memspec' option mandatory and this is as close as we can get to
      that.  What this change does is explained below.
      
      man virsh:
      
      snapshot-create-as ... [[--live] [--memspec memspec]]
      
      virsh help snapshot-create-as before this patch:
      
        SYNOPSIS
          snapshot-create-as ... [<memspec>] ...
      ...
        OPTIONS
          [--memspec] <string> ...
      
      virsh help snapshot-create-as after this patch:
      
        SYNOPSIS
          snapshot-create-as ... [--memspec <string>] ...
      ...
        OPTIONS
          --memspec <string> ...
      66f1bbc3
    • M
      Make vshDebug work when parsing parameters · abfff210
      Martin Kletzander 提交于
      The vshInit initializes ctl->debug by which vshDebug (which is also
      called in vshParseArgv) decides whether to print out the message or
      not.
      abfff210
    • L
      Remove contiguous CPU indexes assumption · cc78d7ba
      Li Zhang 提交于
      When getting CPUs' information, it assumes that CPU indexes
      are not contiguous. But for ppc64 platform, CPU indexes are not
      contiguous because SMT is needed to be disabled, so CPU information
      is not right on ppc64 and vpuinfo, vcpupin can't work corretly.
      
      This patch is to remove the assumption to be compatible with ppc64.
      
      Test:
         4 vcpus are assigned to one VM and execute vcpuinfo command.
      
         Without patch: There is only one vcpu informaion can be listed.
         With patch: All vcpus' information can be listed correctly.
      Signed-off-by: NLi Zhang <zhlcindy@linux.vnet.ibm.com>
      cc78d7ba
    • C
      Update to COPYING.LIB to latest LGPLv2.1 copy · e5a632bb
      Christophe Fergeau 提交于
      The text version
      of LGPLv2.1 available at
      http://www.gnu.org/licenses/old-licenses/lgpl-2.1.txt is slightly
      different from COPYING.LIB:
      - several paragraphs were rewrapped
      - the FSF address has changed, so the license has been changed to
        indicate the newer address
      
      I've checked that there are no changes in the license text apart from
      the updated address, which is what I want to fix with this commit.
      e5a632bb
    • Y
      Fix a copy & paste error for virsh dump help · 8bf8a89a
      Yanbing Du 提交于
      Signed-off-by: NYanbing Du <ydu@redhat.com>
      8bf8a89a
    • P
      audit: Audit resources used by VirtIO RNG · a71680fe
      Peter Krempa 提交于
      This patch adds auditing of resources used by Virtio RNG devices. Only
      resources on the local filesystems are audited.
      
      The audit logs look like:
      
      For the 'random' backend:
      type=VIRT_RESOURCE msg=audit(1363099126.643:31): pid=995252 uid=0 auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" new-rng="/dev/random": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" hostname=? addr=? terminal=pts/0 res=success'
      
      For local character device source:
      type=VIRT_RESOURCE msg=audit(1363100164.240:96): pid=995252 uid=0 auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" new-rng="/tmp/unix.sock": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" hostname=? addr=? terminal=pts/0 res=success'
      a71680fe
    • V
      S390: Testcases for virtio-scsi and virtio-rng · 53187afd
      Viktor Mihajlovski 提交于
      Adding test cases for virtio-scsi and virtio-rng. Since ccw is covering
      the superset of the s390 bus handling, these are deemed to be sufficient.
      Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
      53187afd
    • V
      S390: Enable virtio-scsi and virtio-rng · 4c1d1497
      Viktor Mihajlovski 提交于
      Newer versions of QEMU support virtio-scsi and virtio-rng devices
      on the virtio-s390 and ccw buses. Adding capability detection,
      address assignment and command line generation for that.
      Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
      4c1d1497
    • V
      qemu: Rename virtio-scsi capability · 6c927732
      Viktor Mihajlovski 提交于
      QEMU_CAPS_VIRTIO_SCSI_PCI implies that virtio-scsi is only supported
      for the PCI bus, which is not the case. Remove the _PCI suffix.
      Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
      6c927732
    • L
      util: fix clear_emulator_capabilities=0 · 49fa91b3
      Laine Stump 提交于
      My commit 7a2e845a (and its
      prerequisites) managed to effectively ignore the
      clear_emulator_capabilities setting in qemu.conf (visible in the code
      as the VIR_EXEC_CLEAR_CAPS flag when qemu is being exec'ed), with the
      result that the capabilities are always cleared regardless of the
      qemu.conf setting. This patch fixes it by passing the flag through to
      virSetUIDGIDWithCaps(), which uses it to decide whether or not to
      clear existing capabilities before adding in those that were
      requested.
      
      Note that the existing capabilities are *always* cleared if the new
      process is going to run as non-root, since the whole point of running
      non-root is to have the capabilities removed (it's still possible to
      maintain individual capabilities as needed using the capBits argument
      though).
      49fa91b3
  6. 14 3月, 2013 10 次提交
    • E
      qemu: detect multi-head qxl via more than version check · 5ac846e4
      Eric Blake 提交于
      Multi-head QXL support is so useful that distros have started to
      backport it to qemu earlier than 1.2.  After discussion with
      Alon Levy, we determined that the existence of the qxl-vga.surfaces
      property is a reliable indicator of whether '-device qxl-vga' works,
      or whether we have to stick to the older '-vga qxl'.  I'm leaving
      in the existing check for QEMU_CAPS_DEVICE_VIDEO_PRIMARY tied to
      qemu 1.2 and newer (in case qemu is built without qxl support),
      but for those distros that backport qxl, this additional capability
      check will allow the correct command line for both RHEL 6.3 (which
      lacks the feature) and RHEL 6.4 (where qemu still claims to be
      version 0.12.2.x, but has backported multi-head qxl).
      
      * src/qemu/qemu_capabilities.c (virQEMUCapsObjectPropsQxlVga): New
      property test.
      (virQEMUCapsExtractDeviceStr): Probe for backport of new
      capability to qemu earlier than 1.2.
      * tests/qemuhelpdata/qemu-kvm-1.2.0-device: Update test.
      * tests/qemuhelpdata/qemu-1.2.0-device: Likewise.
      * tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel62-beta-device:
      Likewise.
      5ac846e4
    • D
      Fix deps for generating RPC dispatch code · 0946c5f5
      Daniel P. Berrange 提交于
      The src/lxc/lxc_*_dispatch.h files only had deps on the
      RPC generator script & the XDR definition file. So when
      the Makefile.am args passed to the generator were change,
      the disaptch code was not re-generated. This caused a
      build failure
      
        CC       libvirt_lxc-lxc_controller.o
      lxc/lxc_controller.c: In function 'virLXCControllerSetupServer':
      lxc/lxc_controller.c:718:47: error: 'virLXCMonitorProcs' undeclared (first use in this function)
      lxc/lxc_controller.c:718:47: note: each undeclared identifier is reported only once for each function it appears in
      lxc/lxc_controller.c:719:47: error: 'virLXCMonitorNProcs' undeclared (first use in this function)
      make[3]: *** [libvirt_lxc-lxc_controller.o] Error 1
      
      For added fun, the generated files were not listed in
      CLEANFILES, so only a 'git clean -f' would fix the build
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      0946c5f5
    • J
      Fix size probing for VDI images · 6e46477c
      Ján Tomko 提交于
      Commit 027bf2ea used the wrong offset: the text field at the start
      of the header has 64 bytes, not 68. [1]
      
      Bug: https://bugzilla.redhat.com/show_bug.cgi?id=921452
      
      [1] https://forums.virtualbox.org/viewtopic.php?p=29267#p29267
      6e46477c
    • D
      Fix generation of systemtap probes for RPC protocols · 403594eb
      Daniel P. Berrange 提交于
      The naming used in the RPC protocols for the LXC monitor and
      lock daemon confused the script used to generate systemtap
      helper functions. Rename the LXC monitor protocol symbols to
      reduce confusion. Adapt the gensystemtap.pl script to cope
      with the LXC monitor / lock daemon naming conversions.
      
      This has no functional impact on RPC wire protocol, since
      names are only used in the C layer
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      403594eb
    • D
      Re-add DTrace probes on 'dispose' functions · ad9ea4a9
      Daniel P. Berrange 提交于
      When converting to virObject, the probes on the 'Free' functions
      were removed on the basis that there is a probe on virObjectFree
      that suffices. This puts a burden on people writing probe scripts
      to identify which object is being dispose. This adds back probes
      in the 'Dispose' functions and updates the rpc monitor systemtap
      example to use them
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      ad9ea4a9
    • D
      Fix parsing of SELinux ranges without a category · 1732c1c6
      Daniel P. Berrange 提交于
      Normally libvirtd should run with a SELinux label
      
        system_u:system_r:virtd_t:s0-s0:c0.c1023
      
      If a user manually runs libvirtd though, it is sometimes
      possible to get into a situation where it is running
      
        system_u:system_r:init_t:s0
      
      The SELinux security driver isn't expecting this and can't
      parse the security label since it lacks the ':c0.c1023' part
      causing it to complain
      
        internal error Cannot parse sensitivity level in s0
      
      This updates the parser to cope with this, so if no category
      is present, libvirtd will hardcode the equivalent of c0.c1023.
      
      Now this won't work if SELinux is in Enforcing mode, but that's
      not an issue, because the user can only get into this problem
      if in Permissive mode. This means they can now start VMs in
      Permissive mode without hitting that parsing error
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      1732c1c6
    • D
      Separate MCS range parsing from MCS range checking · 4a92fe44
      Daniel P. Berrange 提交于
      Pull the code which parses the current process MCS range
      out of virSecuritySELinuxMCSFind and into a new method
      virSecuritySELinuxMCSGetProcessRange.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      4a92fe44
    • D
      Fix memory leak on OOM in virSecuritySELinuxMCSFind · f2d8190c
      Daniel P. Berrange 提交于
      The body of the loop in virSecuritySELinuxMCSFind would
      directly 'return NULL' on OOM, instead of jumping to the
      cleanup label. This caused a leak of several local vars.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      f2d8190c
    • D
      Avoid closing uninitialized FDs when LXC startup fails · 2f98a7f7
      Daniel P. Berrange 提交于
      If an LXC domain failed to start because of a bogus SELinux
      label, virLXCProcessStart would call VIR_CLOSE(0) by mistake.
      This is because the code which initializes the member of the
      ttyFDs array to -1 got moved too far away from the place where
      the array is first allocated.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      2f98a7f7
    • D
      Prevent streams from becoming libvirtd controlling TTY · b2878ed8
      Daniel P. Berrange 提交于
      When opening a stream to a device which is a TTY, that device
      may become the controlling TTY of libvirtd, if libvirtd was
      daemonized. This in turn means when the other end of the stream
      closes, libvirtd gets SIGHUP, causing it to reload its config.
      Prevent this by forcing O_NOCTTY on all streams that are opened
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      b2878ed8