1. 21 8月, 2012 1 次提交
  2. 17 8月, 2012 1 次提交
  3. 15 8月, 2012 2 次提交
    • D
      Refactor RPC client private data setup · 39b5e4d4
      Daniel P. Berrange 提交于
      Currently there is a hook function that is invoked when a
      new client connection comes in, which allows an app to
      setup private data. This setup will make it difficult to
      serialize client state during process re-exec(). Change to
      a model where the app registers a callback when creating
      the virNetServerPtr instance, which is used to allocate
      the client private data immediately during virNetClientPtr
      construction.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      39b5e4d4
    • D
      Allow sync IO and keepalives to be skipped in RPC client setup · 86f5457d
      Daniel P. Berrange 提交于
      Currently the virNetClientPtr constructor will always register
      the async IO event handler and the keepalive objects. In the
      case of the lock manager, there will be no event loop available
      nor keepalive support required. Split this setup out of the
      constructor and into separate methods.
      
      The remote driver will enable async IO and keepalives, while
      the LXC driver will only enable async IO
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      86f5457d
  4. 14 8月, 2012 1 次提交
    • O
      Destroy virdomainlist.[ch] · bb705e25
      Osier Yang 提交于
      As the consensus in:
      https://www.redhat.com/archives/libvir-list/2012-July/msg01692.html,
      this patch is to destroy conf/virdomainlist.[ch], folding the
      helpers into conf/domain_conf.[ch].
      
      * src/Makefile.am:
        - Various indention fixes incidentally
        - Add macro DATATYPES_SOURCES (datatypes.[ch])
        - Link datatypes.[ch] for libvirt_lxc
      
      * src/conf/domain_conf.c:
        - Move all the stuffs from virdomainlist.c into it
        - Use virUnrefDomain and virUnrefDomainSnapshot instead of
          virDomainFree and virDomainSnapshotFree, which are defined
          in libvirt.c, and we don't want to link to it.
        - Remove "if" before "free" the object, as virObjectUnref
          is in the list "useless_free_options".
      
      * src/conf/domain_conf.h:
        - Move all the stuffs from virdomainlist.h into it
        - s/LIST_FILTER/LIST_DOMAINS_FILTER/
      
      * src/libxl/libxl_driver.c:
        - s/LIST_FILTER/LIST_DOMAINS_FILTER/
        - no (include "virdomainlist.h")
      
      * src/libxl/libxl_driver.c: Likewise
      
      * src/lxc/lxc_driver.c: Likewise
      
      * src/openvz/openvz_driver.c: Likewise
      
      * src/parallels/parallels_driver.c: Likewise
      
      * src/qemu/qemu_driver.c: Likewise
      
      * src/test/test_driver.c: Likewise
      
      * src/uml/uml_driver.c: Likewise
      
      * src/vbox/vbox_tmpl.c: Likewise
      
      * src/vmware/vmware_driver.c: Likewise
      
      * tools/virsh-domain-monitor.c: Likewise
      
      * tools/virsh.c: Likewise
      bb705e25
  5. 10 8月, 2012 1 次提交
    • L
      nwfilter: fix crash during filter define when lxc driver failed startup · b8a56f12
      Laine Stump 提交于
      The meat of this patch is just moving the calls to
      virNWFilterRegisterCallbackDriver from each hypervisor's "register"
      function into its "initialize" function. The rest is just code
      movement to allow that, and a new virNWFilterUnRegisterCallbackDriver
      function to undo what the register function does.
      
      The long explanation:
      
      There is an array in nwfilter called callbackDrvArray that has
      pointers to a table of functions for each hypervisor driver that are
      called by nwfilter. One of those function pointers is to a function
      that will lock the hypervisor driver. Entries are added to the table
      by calling each driver's "register" function, which happens quite
      early in libvirtd's startup.
      
      Sometime later, each driver's "initialize" function is called. This
      function allocates a driver object and stores a pointer to it in a
      static variable that was previously initialized to NULL. (and here's
      the important part...) If the "initialize" function fails, the driver
      object is freed, and that pointer set back to NULL (but the entry in
      nwfilter's callbackDrvArray is still there).
      
      When the "lock the driver" function mentioned above is called, it
      assumes that the driver was successfully loaded, so it blindly tries
      to call virMutexLock on "driver->lock".
      
      BUT, if the initialize never happened, or if it failed, "driver" is
      NULL. And it just happens that "lock" is always the first field in
      driver so it is also NULL.
      
      Boom.
      
      To fix this, the call to virNWFilterRegisterCallbackDriver for each
      driver shouldn't be called until the end of its (*already guaranteed
      successful*) "initialize" function, not during its "register" function
      (which is currently the case). This implies that there should also be
      a virNWFilterUnregisterCallbackDriver() function that is called in a
      driver's "shutdown" function (although in practice, that function is
      currently never called).
      b8a56f12
  6. 07 8月, 2012 3 次提交
  7. 06 8月, 2012 1 次提交
    • E
      virrandom: make virRandomInitialize an automatic one-shot · 87de27b7
      Eric Blake 提交于
      All callers used the same initialization seed (well, the new
      viratomictest forgot to look at getpid()); so we might as well
      make this value automatic.  And while it may feel like we are
      giving up functionality, I documented how to get it back in the
      unlikely case that you actually need to debug with a fixed
      pseudo-random sequence.  I left that crippled by default, so
      that a stray environment variable doesn't cause a lack of
      randomness to become a security issue.
      
      * src/util/virrandom.c (virRandomInitialize): Rename...
      (virRandomOnceInit): ...and make static, with one-shot call.
      Document how to do fixed-seed debugging.
      * src/util/virrandom.h (virRandomInitialize): Drop prototype.
      * src/libvirt_private.syms (virrandom.h): Don't export it.
      * src/libvirt.c (virInitialize): Adjust caller.
      * src/lxc/lxc_controller.c (main): Likewise.
      * src/security/virt-aa-helper.c (main): Likewise.
      * src/util/iohelper.c (main): Likewise.
      * tests/seclabeltest.c (main): Likewise.
      * tests/testutils.c (virtTestMain): Likewise.
      * tests/viratomictest.c (mymain): Likewise.
      87de27b7
  8. 31 7月, 2012 1 次提交
    • E
      build: fix build without HAVE_CAPNG · 6f926c5e
      Eric Blake 提交于
      Otherwise, a build may fail with:
      
      lxc/lxc_conatiner.c: In function 'lxcContainerDropCapabilities':
      lxc/lxc_container.c:1662:46: error: unused parameter 'keepReboot' [-Werror=unused-parameter]
      
      * src/lxc/lxc_container.c (lxcContainerDropCapabilities): Mark
      parameter unused.
      6f926c5e
  9. 30 7月, 2012 10 次提交
    • D
      Improve error message in LXC startup with network is not active · ac97c2ba
      Daniel P. Berrange 提交于
      If an LXC container is using a virtual network and that network
      is not active, currently the user gets a rather unhelpful
      error message about tap device setup failure. Add an explicit
      check for whether the network is active, in exactly the same
      way as the QEMU driver
      ac97c2ba
    • D
      Add handling for reboots of LXC containers · cb612ee4
      Daniel P. Berrange 提交于
      The reboot() syscall is allowed by new kernels for LXC containers.
      The LXC controller can detect whether a reboot was requested
      (instead of a normal shutdown) by looking at the "init" process
      exit status. If a reboot was triggered, the exit status will
      record SIGHUP as the kill reason.
      
      The LXC controller has cleared all its capabilities, and the
      veth network devices will no longer exist at this time. Thus
      it cannot restart the container init process itself. Instead
      it emits an event which is picked up by the LXC driver in
      libvirtd. This will then re-create the container, using the
      same configuration as it was previously running with (ie it
      will not activate 'newDef').
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      cb612ee4
    • D
      Allow CAP_SYS_REBOOT on new enough kernels · b46b1c76
      Daniel P. Berrange 提交于
      Check whether the reboot() system call is virtualized, and if
      it is, then allow the container to keep CAP_SYS_REBOOT.
      
      Based on an original patch by Serge Hallyn
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      b46b1c76
    • D
      Run an RPC protocol over the LXC controller monitor · 9117fcb2
      Daniel P. Berrange 提交于
      This defines a new RPC protocol to be used between the LXC
      controller and the libvirtd LXC driver. There is only a
      single RPC message defined thus far, an asynchronous "EXIT"
      event that is emitted just before the LXC controller process
      exits. This provides the LXC driver with details about how
      the container shutdown - normally, or abnormally (crashed),
      thus allowing the driver to emit better libvirt events.
      
      Emitting the event in the LXC controller requires a few
      little tricks with the RPC service. Simply calling the
      virNetServiceClientSendMessage does not work, since this
      merely queues the message for asynchronous processing.
      In addition the main event loop is no longer running at
      the point the event is emitted, so no I/O is processed.
      
      Thus after invoking virNetServiceClientSendMessage it is
      necessary to mark the client as being in "delayed close"
      mode. Then the event loop is run again, until the client
      completes its close - this happens only after the queued
      message has been fully transmitted. The final complexity
      is that it is not safe to run virNetServerQuit() from the
      client close callback, since that is invoked from a
      context where the server is locked. Thus a zero-second
      timer is used to trigger shutdown of the event loop,
      causing the controller to finally exit.
      
      * src/Makefile.am: Add rules for generating RPC protocol
        files and dispatch methods
      * src/lxc/lxc_controller.c: Emit an RPC event immediately
        before exiting
      * src/lxc/lxc_domain.h: Record the shutdown reason
        given by the controller
      * src/lxc/lxc_monitor.c, src/lxc/lxc_monitor.h: Register
        RPC program and event handler. Add callback to let
        driver receive EXIT event.
      * src/lxc/lxc_process.c: Use monitor exit event to decide
        what kind of domain event to emit
      * src/lxc/lxc_protocol.x: Define wire protocol for LXC
        controller monitor.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      9117fcb2
    • D
      Move LXC monitor code out into separate file · de4b32e4
      Daniel P. Berrange 提交于
      Move the code that handles the LXC monitor out of the
      lxc_process.c file and into lxc_monitor.{c,h}
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      de4b32e4
    • D
      Convert the LXC driver to use virNetClient · 357866c3
      Daniel P. Berrange 提交于
      Update the LXC driver to use the virNetClient APIs for
      connecting to the libvirt_lxc monitor, instead of the
      low-level socket APIs. This is a step towards running
      a full RPC protocol with libvirt_lxc
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      357866c3
    • D
      Replace use of lxcError with virReportError · 4343fee0
      Daniel P. Berrange 提交于
      Update all LXC code to use virReportError instead of the custom
      lxcError macro
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      4343fee0
    • D
      Rename lxc_driver_t to virLXCDriver · 19354715
      Daniel P. Berrange 提交于
      Rename the lxc_driver_t struct typedef to virLXCDriver to more
      closely follow normal libvirt naming conventions
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      19354715
    • D
      Rename all APIs in lxc_domain.c to have a virLXCDomain prefix · ced272ef
      Daniel P. Berrange 提交于
      For consistency all the APIs in the lxc_domain.c file should
      have a virLXCDomain prefix in their name
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      ced272ef
    • D
      Rename all APIs in lxc_process.c to have a virLXCProcess prefix · eaf10b84
      Daniel P. Berrange 提交于
      For consistency all the APIs in the lxc_process.c file should
      have a virLXCProcess prefix in their name
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      eaf10b84
  10. 27 7月, 2012 1 次提交
    • E
      maint: don't permit format strings without % · 768007ae
      Eric Blake 提交于
      Any time we have a string with no % passed through gettext, a
      translator can inject a % to cause a stack overread.  When there
      is nothing to format, it's easier to ask for a string that cannot
      be used as a formatter, by using a trivial "%s" format instead.
      
      In the past, we have used --disable-nls to catch some of the
      offenders, but that doesn't get run very often, and many more
      uses have crept in.  Syntax check to the rescue!
      
      The syntax check can catch uses such as
      virReportError(code,
                     _("split "
                       "string"));
      by using a sed script to fold context lines into one pattern
      space before checking for a string without %.
      
      This patch is just mechanical insertion of %s; there are probably
      several messages touched by this patch where we would be better
      off giving the user more information than a fixed string.
      
      * cfg.mk (sc_prohibit_diagnostic_without_format): New rule.
      * src/datatypes.c (virUnrefConnect, virGetDomain)
      (virUnrefDomain, virGetNetwork, virUnrefNetwork, virGetInterface)
      (virUnrefInterface, virGetStoragePool, virUnrefStoragePool)
      (virGetStorageVol, virUnrefStorageVol, virGetNodeDevice)
      (virGetSecret, virUnrefSecret, virGetNWFilter, virUnrefNWFilter)
      (virGetDomainSnapshot, virUnrefDomainSnapshot): Add %s wrapper.
      * src/lxc/lxc_driver.c (lxcDomainSetBlkioParameters)
      (lxcDomainGetBlkioParameters): Likewise.
      * src/conf/domain_conf.c (virSecurityDeviceLabelDefParseXML)
      (virDomainDiskDefParseXML, virDomainGraphicsDefParseXML):
      Likewise.
      * src/conf/network_conf.c (virNetworkDNSHostsDefParseXML)
      (virNetworkDefParseXML): Likewise.
      * src/conf/nwfilter_conf.c (virNWFilterIsValidChainName):
      Likewise.
      * src/conf/nwfilter_params.c (virNWFilterVarValueCreateSimple)
      (virNWFilterVarAccessParse): Likewise.
      * src/libvirt.c (virDomainSave, virDomainSaveFlags)
      (virDomainRestore, virDomainRestoreFlags)
      (virDomainSaveImageGetXMLDesc, virDomainSaveImageDefineXML)
      (virDomainCoreDump, virDomainGetXMLDesc)
      (virDomainMigrateVersion1, virDomainMigrateVersion2)
      (virDomainMigrateVersion3, virDomainMigrate, virDomainMigrate2)
      (virStreamSendAll, virStreamRecvAll)
      (virDomainSnapshotGetXMLDesc): Likewise.
      * src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
      (virNWFilterDHCPSnoopReq): Likewise.
      * src/openvz/openvz_driver.c (openvzUpdateDevice): Likewise.
      * src/openvz/openvz_util.c (openvzKBPerPages): Likewise.
      * src/qemu/qemu_cgroup.c (qemuSetupCgroup): Likewise.
      * src/qemu/qemu_command.c (qemuBuildHubDevStr, qemuBuildChrChardevStr)
      (qemuBuildCommandLine): Likewise.
      * src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Likewise.
      * src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
      * src/rpc/virnetsaslcontext.c (virNetSASLSessionGetIdentity):
      Likewise.
      * src/rpc/virnetsocket.c (virNetSocketNewConnectUNIX)
      (virNetSocketSendFD, virNetSocketRecvFD): Likewise.
      * src/storage/storage_backend_disk.c
      (virStorageBackendDiskBuildPool): Likewise.
      * src/storage/storage_backend_fs.c
      (virStorageBackendFileSystemProbe)
      (virStorageBackendFileSystemBuild): Likewise.
      * src/storage/storage_backend_rbd.c
      (virStorageBackendRBDOpenRADOSConn): Likewise.
      * src/storage/storage_driver.c (storageVolumeResize): Likewise.
      * src/test/test_driver.c (testInterfaceChangeBegin)
      (testInterfaceChangeCommit, testInterfaceChangeRollback):
      Likewise.
      * src/vbox/vbox_tmpl.c (vboxListAllDomains): Likewise.
      * src/xenxs/xen_sxpr.c (xenFormatSxprDisk, xenFormatSxpr):
      Likewise.
      * src/xenxs/xen_xm.c (xenXMConfigGetUUID, xenFormatXMDisk)
      (xenFormatXM): Likewise.
      768007ae
  11. 23 7月, 2012 1 次提交
    • O
      Desert the FSF address in copyright · f9ce7dad
      Osier Yang 提交于
      Per the FSF address could be changed from time to time, and GNU
      recommends the following now: (http://www.gnu.org/licenses/gpl-howto.html)
      
        You should have received a copy of the GNU General Public License
        along with Foobar.  If not, see <http://www.gnu.org/licenses/>.
      
      This patch removes the explicit FSF address, and uses above instead
      (of course, with inserting 'Lesser' before 'General').
      
      Except a bunch of files for security driver, all others are changed
      automatically, the copyright for securify files are not complete,
      that's why to do it manually:
      
        src/security/security_selinux.h
        src/security/security_driver.h
        src/security/security_selinux.c
        src/security/security_apparmor.h
        src/security/security_apparmor.c
        src/security/security_driver.c
      f9ce7dad
  12. 20 7月, 2012 1 次提交
  13. 19 7月, 2012 6 次提交
  14. 17 7月, 2012 1 次提交
    • S
      Convert 'raw MAC address' usages to use virMacAddr · 387117ad
      Stefan Berger 提交于
      Introduce new members in the virMacAddr 'class'
      - virMacAddrSet: set virMacAddr from a virMacAddr
      - virMacAddrSetRaw: setting virMacAddr from raw 6 byte MAC address buffer
      - virMacAddrGetRaw: writing virMacAddr into raw 6 byte MAC address buffer
      - virMacAddrCmp: comparing two virMacAddr
      - virMacAddrCmpRaw: comparing a virMacAddr with a raw 6 byte MAC address buffer
      
      then replace raw MAC addresses by replacing
      
      - 'unsigned char *' with virMacAddrPtr
      - 'unsigned char ... [VIR_MAC_BUFLEN]' with virMacAddr
      
      and introduce usage of above functions where necessary.
      387117ad
  15. 11 7月, 2012 2 次提交
    • D
      Fix shutdown of LXC controller · 97d7f02d
      Daniel P. Berrange 提交于
      Since we are not yet using the virNetServerPtr object for running
      the event loop, we can't use virNetServerQuit(). Instead set the
      global 'quit' flag in libvirt_lxc
      97d7f02d
    • E
      build: detect all improper uses of _("%s") · 0867a877
      Eric Blake 提交于
      The only useful translation of "%s" as a format string is "%s" (I
      suppose you could claim "%1$s" is also valid, but why bother).  So
      it is not worth translating; fixing this exposes some instances
      where we were failing to translate real error messages.  This makes
      the fix of commit 097da1ab more generic, as well as ensuring no
      future regressions.
      
      * cfg.mk (sc_prohibit_useless_translation): New rule.
      * src/lxc/lxc_driver.c (lxcSetVcpuBWLive): Fix offender.
      * src/openvz/openvz_conf.c (openvzReadFSConf): Likewise.
      * src/qemu/qemu_cgroup.c (qemuSetupCgroupForVcpu): Likewise.
      * src/qemu/qemu_driver.c (qemuSetVcpusBWLive): Likewise.
      * src/xenapi/xenapi_utils.c (xenapiSessionErrorHandle): Likewise.
      0867a877
  16. 06 7月, 2012 1 次提交
  17. 05 7月, 2012 6 次提交