1. 31 7月, 2012 1 次提交
    • J
      daemon: Fix crash in virTypedParameterArrayClear · 6039a2cb
      Jiri Denemark 提交于
      Daemon uses the following pattern when dispatching APIs with typed
      parameters:
      
          VIR_ALLOC_N(params, nparams);
          virDomain*(dom, params, &nparams, flags);
          virTypedParameterArrayClear(params, nparams);
      
      In case nparams was originally set to 0, virDomain* API would fill it
      with the number of typed parameters it can provide and we would use this
      number (rather than zero) to clear params. Because VIR_ALLOC* returns
      non-NULL pointer even if size is 0, the code would end up walking
      through random memory. If we were lucky enough and the memory contained
      7 (VIR_TYPED_PARAM_STRING) at the right place, we would try to free a
      random pointer and crash.
      
      Let's make sure params stays NULL when nparams is 0.
      6039a2cb
  2. 30 7月, 2012 21 次提交
  3. 29 7月, 2012 1 次提交
  4. 28 7月, 2012 1 次提交
    • J
      security: Skip labeling resources when seclabel defaults to none · ce53382b
      Jiri Denemark 提交于
      If a domain is explicitly configured with <seclabel type="none"/> we
      correctly ensure that no labeling will be done by setting
      norelabel=true. However, if no seclabel element is present in domain XML
      and hypervisor is configured not to confine domains by default, we only
      set type to "none" without turning off relabeling. Thus if such a domain
      is being started, security driver wants to relabel resources with
      default label, which doesn't make any sense.
      
      Moreover, with SELinux security driver, the generated image label lacks
      "s0" sensitivity, which causes setfilecon() fail with EINVAL in
      enforcing mode.
      ce53382b
  5. 27 7月, 2012 13 次提交
    • E
      maint: regenerate bootstrap · 85f416fd
      Eric Blake 提交于
      Commit 3ad13c92 blindly touched all files to have a 3-line
      hint for getting LGPL, but bootstrap is synced from gnulib where
      it has a 2-line hint.
      
      * bootstrap: Resync from gnulib.
      85f416fd
    • G
      libvirt-guests: systemd host shutdown does not work · 79ca7e4e
      Gerd v. Egidy 提交于
      I originally postet this into the Fedora bugzilla
      https://bugzilla.redhat.com/show_bug.cgi?id=843836
      
      Currently gracefully shutting down guest vms on host shutdown does not work on
      Fedora 17, the guests are killed hard on system shutdown.
      
      The reason is systemd considers libvirt-guests.service to be stopped when the
      system is running:
      
      $ systemctl status libvirt-guests.service
      libvirt-guests.service - Suspend Active Libvirt Guests
                Loaded: loaded (/usr/lib/systemd/system/libvirt-guests.service;
      enabled)
                Active: deactivating (stop) since Fri, 27 Jul 2012 15:47:31 +0200;
      2min 48s ago
               Process: 1085 ExecStart=/etc/init.d/libvirt-guests start
      (code=exited, status=0/SUCCESS)
               Control: 1150 (libvirt-guests)
                CGroup: name=systemd:/system/libvirt-guests.service
                        └ control
                          ├ 1150 /bin/sh /etc/init.d/libvirt-guests stop
                          └ 2257 sleep 1
      
      libvirt-guests.service is defined as type "simple" in systemd (the default).
      That means systemd will shut down the service when the start executable is
      terminated after starting is done. Systemd will not call stop again on system
      shutdown because it thinks it is already stopped.
      
      The solution is to define it as type "oneshot" and set the flag
      "RemainAfterExit". Then systemd will consider the service as active after
      startup and will call the stop function on host shutdown.
      79ca7e4e
    • P
      lib: Revert removing of Summary and Description fields in headers · d6e94bdd
      Peter Krempa 提交于
      Those fields are used by the apibuild script to create documentation.
      This commit partialy reverts a4bcefbc.
      d6e94bdd
    • P
      docs: Add method to print warnings in docBuilder class · b889bac1
      Peter Krempa 提交于
      The method was not existing and did not allow to diagnose problems.
      b889bac1
    • E
      maint: avoid regression on copyright listings · 3ad13c92
      Eric Blake 提交于
      Commit f9ce7dad tried to kill uses of a raw street address, but
      missed a few instances.  Automate things so we don't introduce
      new problems in the future.
      
      * cfg.mk (sc_copyright_address): New rule.
      (exclude_file_name_regexp--sc_copyright_address): Add exemption.
      * bootstrap.conf: Adjust offenders.
      * build-aux/augeas-gentest.pl: Likewise.
      * examples/systemtap/events.stp: Likewise.
      * examples/systemtap/qemu-monitor.stp: Likewise.
      * examples/systemtap/rpc-monitor.stp: Likewise.
      * src/dtrace2systemtap.pl: Likewise.
      * src/esx/esx_vi_generator.py: Likewise.
      * src/hyperv/hyperv_wmi_generator.py: Likewise.
      * src/remote/qemu_protocol.x: Likewise.
      * src/remote/remote_protocol.x: Likewise.
      * src/rpc/gensystemtap.pl: Likewise.
      * src/rpc/virnetprotocol.x: Likewise.
      * tests/object-locking.ml: Likewise.
      * tools/virt-xml-validate.in: Likewise.
      3ad13c92
    • O
      maint: Use consistent copyright. · a4bcefbc
      Osier Yang 提交于
      This is a follow up patch of commit f9ce7dad, it modifies all
      the files which declare the copyright like "See COPYING.LIB for
      the License of this software" to use the detailed/consistent one.
      
      And deserts the outdated comments like:
      
       * libvirt-qemu.h:
       * Summary: qemu specific interfaces
       * Description: Provides the interfaces of the libvirt library to handle
       *              qemu specific methods
       *
       * Copy:  Copyright (C) 2010, 2012 Red Hat, Inc.
      
      Uses the more compact style like:
      
       * libvirt-qemu.h: Interfaces specific for QEMU/KVM driver
       *
       * Copyright (C) 2010, 2012 Red Hat, Inc.
      a4bcefbc
    • D
      Add a test case that checks there are no bogus entries in .syms · 536a1d7d
      Daniel P. Berrange 提交于
      During refactoring of code, it has proved common to forget to
      remove old symbols from the .syms file. While the Win32 linker
      will complain about this, the Linux ELF linker does not. The
      new test case validates that every symbol listed in the .syms
      file actually exists in the built ELF libraries.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      536a1d7d
    • D
      Remove accidentally commited virNetClientSetEOFNotify symbol · 25b09889
      Daniel P. Berrange 提交于
      The virNetClientSetEOFNotify symbol was accidentally added to
      the libvirt_private.syms file due to an out-of-order cherry-pick
      25b09889
    • D
      Remove two non-existant NWFilter driver symbols from .syms · 609df0dc
      Daniel P. Berrange 提交于
      virNWFilterGetIpAddrForIfname and virNWFilterDelIpAddrForIfname
      do not exist, so remove them from libvirt_nwfilter.syms
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      609df0dc
    • P
      virsh: Fix error resetting on fallback paths · 2751ab28
      Peter Krempa 提交于
      On some fallback paths in virsh, error reported by the previously failed
      API is cleared by virResetLastError() that doesn't free error stored by
      virsh. This patch changes this to clear it using vshResetLibvirtError().
      2751ab28
    • P
      virsh: Refactor error clearing on graceful fallback paths · 3df9626c
      Peter Krempa 提交于
      Virsh uses an error handler to save errors from libvirt. On some code
      paths it's needed to clear libvirt errors and continue on fallback code
      paths without reporting failure.
      
      This patch adds function vshResetLibvirtError() that clears error
      returned by libvirt and updates all places where the old two-line method
      was used.
      3df9626c
    • E
      maint: don't permit format strings without % · 768007ae
      Eric Blake 提交于
      Any time we have a string with no % passed through gettext, a
      translator can inject a % to cause a stack overread.  When there
      is nothing to format, it's easier to ask for a string that cannot
      be used as a formatter, by using a trivial "%s" format instead.
      
      In the past, we have used --disable-nls to catch some of the
      offenders, but that doesn't get run very often, and many more
      uses have crept in.  Syntax check to the rescue!
      
      The syntax check can catch uses such as
      virReportError(code,
                     _("split "
                       "string"));
      by using a sed script to fold context lines into one pattern
      space before checking for a string without %.
      
      This patch is just mechanical insertion of %s; there are probably
      several messages touched by this patch where we would be better
      off giving the user more information than a fixed string.
      
      * cfg.mk (sc_prohibit_diagnostic_without_format): New rule.
      * src/datatypes.c (virUnrefConnect, virGetDomain)
      (virUnrefDomain, virGetNetwork, virUnrefNetwork, virGetInterface)
      (virUnrefInterface, virGetStoragePool, virUnrefStoragePool)
      (virGetStorageVol, virUnrefStorageVol, virGetNodeDevice)
      (virGetSecret, virUnrefSecret, virGetNWFilter, virUnrefNWFilter)
      (virGetDomainSnapshot, virUnrefDomainSnapshot): Add %s wrapper.
      * src/lxc/lxc_driver.c (lxcDomainSetBlkioParameters)
      (lxcDomainGetBlkioParameters): Likewise.
      * src/conf/domain_conf.c (virSecurityDeviceLabelDefParseXML)
      (virDomainDiskDefParseXML, virDomainGraphicsDefParseXML):
      Likewise.
      * src/conf/network_conf.c (virNetworkDNSHostsDefParseXML)
      (virNetworkDefParseXML): Likewise.
      * src/conf/nwfilter_conf.c (virNWFilterIsValidChainName):
      Likewise.
      * src/conf/nwfilter_params.c (virNWFilterVarValueCreateSimple)
      (virNWFilterVarAccessParse): Likewise.
      * src/libvirt.c (virDomainSave, virDomainSaveFlags)
      (virDomainRestore, virDomainRestoreFlags)
      (virDomainSaveImageGetXMLDesc, virDomainSaveImageDefineXML)
      (virDomainCoreDump, virDomainGetXMLDesc)
      (virDomainMigrateVersion1, virDomainMigrateVersion2)
      (virDomainMigrateVersion3, virDomainMigrate, virDomainMigrate2)
      (virStreamSendAll, virStreamRecvAll)
      (virDomainSnapshotGetXMLDesc): Likewise.
      * src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
      (virNWFilterDHCPSnoopReq): Likewise.
      * src/openvz/openvz_driver.c (openvzUpdateDevice): Likewise.
      * src/openvz/openvz_util.c (openvzKBPerPages): Likewise.
      * src/qemu/qemu_cgroup.c (qemuSetupCgroup): Likewise.
      * src/qemu/qemu_command.c (qemuBuildHubDevStr, qemuBuildChrChardevStr)
      (qemuBuildCommandLine): Likewise.
      * src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Likewise.
      * src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
      * src/rpc/virnetsaslcontext.c (virNetSASLSessionGetIdentity):
      Likewise.
      * src/rpc/virnetsocket.c (virNetSocketNewConnectUNIX)
      (virNetSocketSendFD, virNetSocketRecvFD): Likewise.
      * src/storage/storage_backend_disk.c
      (virStorageBackendDiskBuildPool): Likewise.
      * src/storage/storage_backend_fs.c
      (virStorageBackendFileSystemProbe)
      (virStorageBackendFileSystemBuild): Likewise.
      * src/storage/storage_backend_rbd.c
      (virStorageBackendRBDOpenRADOSConn): Likewise.
      * src/storage/storage_driver.c (storageVolumeResize): Likewise.
      * src/test/test_driver.c (testInterfaceChangeBegin)
      (testInterfaceChangeCommit, testInterfaceChangeRollback):
      Likewise.
      * src/vbox/vbox_tmpl.c (vboxListAllDomains): Likewise.
      * src/xenxs/xen_sxpr.c (xenFormatSxprDisk, xenFormatSxpr):
      Likewise.
      * src/xenxs/xen_xm.c (xenXMConfigGetUUID, xenFormatXMDisk)
      (xenFormatXM): Likewise.
      768007ae
    • E
      maint: avoid empty regex in syntax checker · 72181978
      Eric Blake 提交于
      We were defining 'func_or' as '|VIR_ERROR|...', which when put
      inside 'func_re' resulted in a regex that matches everything in
      isolation.  Thankfully, we always used func_re with a leading
      anchor \<, and since the empty regex does not start a word, we
      happened to get the result we wanted; but it's better to define
      func_or without a leading space converted into a leading empty
      alternation.
      
      * cfg.mk (func_or): Strip leading space.
      72181978
  6. 26 7月, 2012 3 次提交
    • J
      virsh: check if specified debug level is in range · 4fedf388
      Ján Tomko 提交于
      4fedf388
    • E
      build: update to latest gnulib, for secure tarball · f12e1396
      Eric Blake 提交于
      Pick up some build fixes in the latest gnulib.  In particular,
      we want to ensure that official tarballs are secure, but don't
      want to penalize people who don't run 'make dist', since fixed
      automake still hasn't hit common platforms like Fedora 17.
      
      * .gnulib: Update to latest, for Automake CVE-2012-3386 detection.
      * bootstrap: Resync from gnulib.
      * bootstrap.conf (gnulib_extra_files): Drop missing, since gnulib
      has dropped it in favor of Automake's version.
      * cfg.mk (local-checks-to-skip): Conditionally skip the security
      check in cases where it doesn't matter.
      f12e1396
    • P
      virsh: Check for existence of storage before undefining the domain · dcfb7050
      Peter Krempa 提交于
      When undefining a domain and removing associated storage using "virsh
      undefine --storage" the domain was at first undefined and after that the
      storage removal proces was started. If the user specified an invalid
      disk to remove, the error could not be corrected.
      
      This patch moves enumeration and filtering of volumes that should be
      removed before the domain is undefined, but the removal process is still
      kept after the domain has been undefined.
      dcfb7050