Detected by valgrind. Leaks are introduced in commit c1b22644.

* src/remote/remote_driver.c (doRemoteOpen): free client program memory in failure path.

* How to reproduce?
% valgrind -v --leak-check=full virsh -c qemu:

* Actual result

==3969== 40 bytes in 1 blocks are definitely lost in loss record 8 of 28
==3969==    at 0x4A04A28: calloc (vg_replace_malloc.c:467)
    ==3969==    by 0x4C89C41: virAlloc (memory.c:101)
    ==3969==    by 0x4D5A236: virNetClientProgramNew (virnetclientprogram.c:60)
    ==3969==    by 0x4D47AB4: doRemoteOpen (remote_driver.c:658)
    ==3969==    by 0x4D49FFF: remoteOpen (remote_driver.c:871)
    ==3969==    by 0x4D13373: do_open (libvirt.c:1196)
    ==3969==    by 0x4D14535: virConnectOpenAuth (libvirt.c:1422)
    ==3969==    by 0x425627: main (virsh.c:18537)
    ==3969==
    ==3969== 40 bytes in 1 blocks are definitely lost in loss record 9 of 28
    ==3969==    at 0x4A04A28: calloc (vg_replace_malloc.c:467)
    ==3969==    by 0x4C89C41: virAlloc (memory.c:101)
    ==3969==    by 0x4D5A236: virNetClientProgramNew (virnetclientprogram.c:60)
    ==3969==    by 0x4D47AD7: doRemoteOpen (remote_driver.c:664)
    ==3969==    by 0x4D49FFF: remoteOpen (remote_driver.c:871)
    ==3969==    by 0x4D13373: do_open (libvirt.c:1196)
    ==3969==    by 0x4D14535: virConnectOpenAuth (libvirt.c:1422)
    ==3969==    by 0x425627: main (virsh.c:18537)
    ==3969==
    ==3969== LEAK SUMMARY:
    ==3969==    definitely lost: 80 bytes in 2 blocks
Signed-off-by: NAlex Jia <ajia@redhat.com>

The auto-generated WWN comply with the new addressing schema of WWN:

<quote>
the first nibble is either hex 5 or 6 followed by a 3-byte vendor
identifier and 36 bits for a vendor-specified serial number.
</quote>

We choose hex 5 for the first nibble. And for the 3-bytes vendor ID,
we uses the OUI according to underlying hypervisor type, (invoking
virConnectGetType to get the virt type). e.g. If virConnectGetType
returns "QEMU", we use Qumranet's OUI (00:1A:4A), if returns
ESX|VMWARE, we use VMWARE's OUI (00:05:69). Currently it only
supports qemu|xen|libxl|xenapi|hyperv|esx|vmware drivers. The last
36 bits are auto-generated.

Some audit records generated by libvirt contain fields enclosed by single
quotes. Since those fields are inside the msg field, which is enclosed by
single quotes, these records generated by libvirt are not correctly parsed by
libauparse.

Bug introduced in commit c6ec021b.
Signed-off-by: NLai Jiangshan <laijs@cn.fujitsu.com>

Some tools, such as virt-manager, prefers having the default USB
controller explicit in the XML document. This patch makes sure there
is one. With this patch, it is now possible to switch from USB1 to
USB2 from the release 0.9.1 of virt-manager.

Fix tests to pass with this change.

          *getPyVirTypedParameter
          *setPyVirTypedParameter
          *virDomainSetNumaParameters
          *virDomainGetNumaParameters
Signed-off-by: NEric Blake <eblake@redhat.com>

* docs/python.html.in: Class is virConnect, not virConn.

romfile wasn't mentioned in the comment, and the fact that rombar is
now supported for network interfaces also wasn't there.

The API definition accepts "flags" argument, however, the
implementation ignores it, though "flags" is unused currently,
we should expose it instead of hard coding, the API
implementation inside hypervisor driver is responsible to check
if the passed "flags" is valid.

virsh blkiotune dom --device-weights /dev/sda,400 --config

wasn't working correctly.

* src/qemu/qemu_driver.c (qemuDomainSetBlkioParameters): Use
correct definition.

The merge code had too many indirections to easily analyze.

* src/qemu/qemu_driver.c (qemuDomainMergeDeviceWeights): Pick
better variable names.

Now that no one is relying on the return value being a pointer to
somewhere inside of the passed-in argument, we can simplify the
callers to simply return success or failure.  Also wrap some long
lines and add some const-correctness.

* src/util/sysinfo.c (virSysinfoParseBIOS, virSysinfoParseSystem)
(virSysinfoParseProcessor, virSysinfoParseMemory): Change return.
(virSysinfoRead): Adjust caller.

Some applications expect /dev/std{in,out,err} to exist. Populate
them during container startup as symlinks to /proc/self/fd

Mingw32 does not have any truncate() API defined, but it does
have ftruncate(). So replace use of the former with the latter

This patch fixes the domain modification impact flags for tie virsh
desc command to match the new semantics and fix the docs to match
actual behavior.

Reported by Alex Jia:

==21503== 112 (32 direct, 80 indirect) bytes in 1 blocks are
definitely lost in loss record 37 of 40
==21503==    at 0x4A04A28: calloc (vg_replace_malloc.c:467)
==21503==    by 0x4A8991: virAlloc (memory.c:101)
==21503==    by 0x505A6C: x86DataCopy (cpu_x86.c:247)
==21503==    by 0x507B34: x86Compute (cpu_x86.c:1225)
==21503==    by 0x43103C: qemuBuildCommandLine (qemu_command.c:3561)
==21503==    by 0x41C9F7: testCompareXMLToArgvHelper
(qemuxml2argvtest.c:183)
==21503==    by 0x41E10D: virtTestRun (testutils.c:141)
==21503==    by 0x41B942: mymain (qemuxml2argvtest.c:705)
==21503==    by 0x41D7E7: virtTestMain (testutils.c:696)

This is probably not strictly needed as save operation is not live but
we may have other reasons to avoid blocking qemu's main loop.

In case the caller specifies that confined guests are required but the
security driver turns out to be 'none', we should return an error since
this driver clearly cannot meet that requirement.  As a result of this
error, libvirtd fails to start when the host admin explicitly sets
confined guests are required but there is no security driver available.

Since security driver 'none' cannot create confined guests, we override
default confined setting so that hypervisor drivers do not thing they
should create confined guests.

Security label type 'none' requires relabel to be set to 'no' so there's
no reason to output this extra attribute.  Moreover, since relabel is
internally stored in a negative from (norelabel), the default value for
relabel would be 'yes' in case there is no <seclabel> element in domain
configuration.  In case VIR_DOMAIN_SECLABEL_DEFAULT turns into
VIR_DOMAIN_SECLABEL_NONE, we would incorrectly output relabel='yes' for
seclabel type 'none'.

Qemu uses non-blocking I/O which doesn't play nice with regular file
descriptors. We need to pass a pipe to qemu instead, which can easily be
done using iohelper.

virFileDirectFd was used for accessing files opened with O_DIRECT using
libvirt_iohelper. We will want to use the helper for accessing files
regardless on O_DIRECT and thus virFileDirectFd was generalized and
renamed to virFileWrapperFd.

Any device XML doesn't use the same order as libvirt generates, or
uses decimal for attributes like "slot" of "<address>" will cause
device detaching to fail, as virsh compares the XML simply earlier
in strict manner before internal parsing.

This is regression introduced by ea7182c2.

Gcc warned about an unused static function.

* python/libvirt-qemu-override.c (py_str): Delete.

 dmidecode displays processor information, followed by BIOS, system and
 memory-DIMM details.
 Calls to virSysinfoParseBIOS(), virSysinfoParseSystem() would update
 the buffer pointer 'base', so the processor information would be lost
 before virSysinfoParseProcessor() was called. Sysinfo would therefore
 not be able to display processor details -- It only described <bios>,
 <system> and <memory_device> details.
 This patch attempts to insulate sysinfo from ordering of dmidecode
 output.

Before the fix:
---------------
virsh # sysinfo
<sysinfo type='smbios'>
  <bios>
    ....
  </bios>
  <system>
    ....
  </system>
  <memory_device>
    ....
  </memory_device>

After the fix:
-------------
virsh # sysinfo
<sysinfo type='smbios'>
  <bios>
    ....
  </bios>
  <system>
    ....
  </system>
  <processor>
    ....
  </processor>
  <memory_device>
    ....
  </memory_device>

Input to the volume cloning code is a source volume and an XML
descriptor for the new volume. It is possible for the new volume
to have a greater size than source volume, at which point libvirt
will just stick 0s on the end of the new image (for raw format
anyways).

Unfortunately a logic error messed up our tracking of the of the
excess amount that needed to be written: end result is that sparse
clones were made very much non-sparse, and cloning regular disk
images could end up excessively sized (though data unaltered).

Drop the 'remain' variable entriely here since it's redundant, and
track actual allocation directly against the desired 'total'.

See: https://bugzilla.redhat.com/show_bug.cgi?id=785269

The specfile requires avahi during install if libvirt was built with
avahi support, but there are many situations where it is undesirable
to install avahi due to security concerns. This patch requires only
the avahi-libs package, which is needed by libvirt to call the
function that tries to attach to the avahi daemon, but will instead
silently fail because the avahi-daemon is in the main avahi package,
and that package isn't installed.

If you are sitting in front of a physical machine and logged in as
a regular user, you can connect to the system libvirtd instance
by providing a root password to policykit. This is how most
virt-manager users talk to libvirt.

However, if you are launching virt-manager over ssh -X, or over
VNC started from say /etc/sysconfig/vncservers, our policykit policy
rejects the user outright, providing no option to provide the root
password. This is confusing to users and doesn't seem to serve much
point.

Change the policy to allow inactive (VNC) and non-local (SSH, VNC)
to provide root credentials for accessing system libvirtd. We use
auth_admin rather than auth_admin_keep so that credentials aren't
cached at all, and every subsequent reconnection to libvirt requires
auth.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=625115
Similar change to PackageKit policy:
https://bugzilla.redhat.com/show_bug.cgi?id=528511

As we already link with libvirt.la which contains libvirt_utils.la.
Double linking causes global symbols to be presented twice and
thus confusion. This partially reverts c700613b

gcc 4.7 complains:

util/virhashcode.c:49:17: error: always_inline function might not be inlinable [-Werror=attributes]
util/virhashcode.c:35:17: error: always_inline function might not be inlinable [-Werror=attributes]

Normal 'inline' is a hint that the compiler may ignore; the fact
that the function is static is good enough.  We don't care if the
compiler decided not to inline after all.

* src/util/virhashcode.c (getblock, fmix): Relax attribute.

Someone mentioned to me that they interpreted this section of the KVM
driver page as suggesting that new guests should be created by
creating a qemu commandline and converting it to XML with
domxml-from-native.  I don't think that's the intent of
domxml-from-native, so I added that clarification.

filename is not initialized to NULL while it's unconditionally freed in
the error path.
Signed-off-by: NPhilipp Hahn <hahn@univention.de>

On CentOS5:
If "virsh edit $DOM" is used and an error happens (for example changing
any live cycle action to a non-existing value), libvirt forgets that
$DOM exists, since it is already removed from the internal hash tables,
which are used for domain lookup.
In once case (unreproducible) even the persistent configuration
/etc/xen/$DOM was deleted.

Instead of using the compound function xenXMConfigSaveFile() explicitly
use xenFomatXM() and virConfWriteFile() to distinguish between a failure
in converting the libvirt definition to the xen-xm format and a problem
when writing the file.
Signed-off-by: NPhilipp Hahn <hahn@univention.de>

Commit b170eb99 introduced a bug: domains that had an explicit
<seclabel type='none'/> when started would not be reparsed if
libvirtd restarted.  It turns out that our testsuite was not
exercising this because it never tried anything but inactive
parsing.  Additionally, the live XML for such a domain failed
to re-validate.  Applying just the tests/ portion of this patch
will expose the bugs that are fixed by the other two files.

* docs/schemas/domaincommon.rng (seclabel): Allow relabel under
type='none'.
* src/conf/domain_conf.c (virSecurityLabelDefParseXML): Per RNG,
presence of <seclabel> with no type implies dynamic.  Don't
require sub-elements for type='none'.
* tests/qemuxml2xmltest.c (mymain): Add test.
* tests/qemuxml2argvtest.c (mymain): Likewise.
* tests/qemuxml2argvdata/qemuxml2argv-seclabel-none.xml: Add file.
* tests/qemuxml2argvdata/qemuxml2argv-seclabel-none.args: Add file.
Reported by Ansis Atteka.

Commit 8f00276c consolidated other
.gitignore files to the master one, but forgot to add some test output
files.

Move myself from 'Previous maintainers' section to 'the primary maintainers and
people with commit access rights' section, because I have a commit rights now.
Signed-off-by: NAlex Jia <ajia@redhat.com>

Commit fad5cd21 introduces a new flag
that allows to show domain's title with domains. This commit introduced
resource leak while listing inactive domains with titles.

On CentOS5 with xen-3.0.3:

 Program received signal SIGSEGV, Segmentation fault.
 virFree (ptrptr=0x8) at util/memory.c:310
 310         free(*(void**)ptrptr);
 (gdb) bt
 #0  virFree (ptrptr=0x8) at util/memory.c:310
 #1  0x00002aaaaae167c8 in xenXMDomainDefineXML (conn=0x694e80, xml=0x6b2ce0 "P\fk") at xen/xm_internal.c:1199
 #2  0x00002aaaaae070d7 in xenUnifiedDomainDefineXML (conn=0x8,
     xml=0x6ac040 "<domain type='xen'>\n  <name>pv</name>\n  <uuid>20291bc0-453a-4d6c-c6ac-4e5af63b932c</uuid>\n  <memory>1048576</memory>\n  <currentMemory>1048576</currentMemory>\n  <vcpu>1</vcpu>\n  <os>\n    <type arch='x8"...) at xen/xen_driver.c:1524
 #3  0x00002aaaaada7803 in virDomainDefineXML (conn=0x694e80,
     xml=0x6ac040 "<domain type='xen'>\n  <name>pv</name>\n  <uuid>20291bc0-453a-4d6c-c6ac-4e5af63b932c</uuid>\n  <memory>1048576</memory>\n  <currentMemory>1048576</currentMemory>\n  <vcpu>1</vcpu>\n  <os>\n    <type arch='x8"...) at libvirt.c:7823
 #4  0x0000000000426173 in cmdEdit (ctl=0x7fffffffb8e0, cmd=<value optimized out>) at virsh.c:14882
 #5  0x000000000041c9ce in vshCommandRun (ctl=0x7fffffffb8e0, cmd=0x658c50) at virsh.c:17712
 #6  0x000000000042c3b9 in main (argc=1, argv=<value optimized out>) at virsh.c:19317
Signed-off-by: NPhilipp Hahn <hahn@univention.de>

Also encourages people to use per-device boot elements for better
control.