1. 05 6月, 2012 3 次提交
    • E
      command: avoid deadlock on EPIPE situation · 858c2476
      Eric Blake 提交于
      It is possible to deadlock libvirt by having a domain with XML
      longer than PIPE_BUF, and by writing a hook script that closes
      stdin early.  This is because libvirt was keeping a copy of the
      child's stdin read fd open, which means the write fd in the
      parent will never see EPIPE (remember, libvirt should always be
      run with SIGPIPE ignored, so we should never get a SIGPIPE signal).
      Since there is no error, libvirt blocks waiting for a write to
      complete, even though the only reader is also libvirt.  The
      solution is to ensure that only the child can act as a reader
      before the parent does any writes; and then dealing with the
      fallout of dealing with EPIPE.
      
      Thankfully, this is not a security hole - since the only way to
      trigger the deadlock is to install a custom hook script, anyone
      that already has privileges to install a hook script already has
      privileges to do any number of other equally disruptive things
      to libvirt; it would only be a security hole if an unprivileged
      user could install a hook script to DoS a privileged user.
      
      * src/util/command.c (virCommandRun): Close parent's copy of child
      read fd earlier.
      (virCommandProcessIO): Don't let EPIPE be fatal; the child may
      be done parsing input.
      * tests/commandhelper.c (main): Set up a SIGPIPE situation.
      * tests/commandtest.c (test20): Trigger it.
      * tests/commanddata/test20.log: New file.
      858c2476
    • L
      util: fix "make rpm" when viratomic.h is used · 80e4b166
      Laine Stump 提交于
      Although src/util/viratomic.h has been added to the repo, up until now
      it hasn't been used. Stefan Berger is using it in his proposed dhcp
      snooping patches, and an rpm build with those patches failed due to
      viratomic.h not being packed up with the rest of the sources.
      80e4b166
    • E
      build: allow building with newer glibc-headers and -O0 · 2af63b1c
      Eric Blake 提交于
      glibc 2.15 (on Fedora 17) coupled with explicit disabling of
      optimization during development dies a painful death:
      
      In file included from /usr/include/limits.h:27:0,
                       from /usr/lib/gcc/x86_64-redhat-linux/4.7.0/include/limits.h:169,
                       from /usr/lib/gcc/x86_64-redhat-linux/4.7.0/include/syslimits.h:7,
                       from /usr/lib/gcc/x86_64-redhat-linux/4.7.0/include/limits.h:34,
                       from util/bitmap.c:26:
      /usr/include/features.h:314:4: error: #warning _FORTIFY_SOURCE requires compiling with optimization (-O) [-Werror=cpp]
      cc1: all warnings being treated as errors
      
      Work around this by only conditionally defining _FORTIFY_SOURCE,
      in the case where glibc can actually use it.  The trick is using
      AH_VERBATIM instead of AC_DEFINE.
      
      * m4/virt-compile-warnings.m4 (LIBVIRT_COMPILE_WARNINGS): Squelch
      _FORTIFY_SOURCE when needed to avoid glibc #warnings.
      2af63b1c
  2. 04 6月, 2012 5 次提交
  3. 02 6月, 2012 7 次提交
    • M
      virsh: Allow users to reedit rejected XML · a7de0523
      Michal Privoznik 提交于
      If users *-edit but make a mistake in XML all changes are
      permanently lost. However, if virsh is not running within
      a script we can ask user if he wants to re-edit the file
      and correct the mistakes.
      a7de0523
    • M
      virsh: Switch from generated cmd*Edit commands to nongenerated · 0766783a
      Michal Privoznik 提交于
      Currently, we either generate some cmd*Edit commands (cmdPoolEdit
      and cmdNetworkEdit) via sed script or copy the body of cmdEdit
      (e.g. cmdInterfaceEdit, cmdNWFilterEdit, etc.). This fact makes
      it harder to implement any new feature to our editing system.
      Therefore switch to new implementation - define macros to:
      - dump XML (EDIT_GET_XML)
      - take an action if XML wasn't changed,
        usually just vshPrint() (EDIT_NOT_CHANGED)
      - define new object (EDIT_DEFINE) - the edited XML is in @doc_edited
      - free object defined by EDIT_DEFINE (EDIT_FREE)
      and #include "virsh-edit.c"
      0766783a
    • S
      nwfilter: Add multiple IP address support to DHCP snooping · b92d52d3
      Stefan Berger 提交于
      With support for multiple IP addresses per interface in place, this patch
      now adds support for multiple IP addresses per interface for the DHCP
      snooping code.
      
      
      Testing:
      
      Since the infrastructure I tested this with does not provide multiple IP
      addresses per MAC address (anymore), I either had to plug the VM's interface
      from the virtual bride connected directly to the infrastructure to virbr0
      to get a 2nd IP address from dnsmasq (kill and run dhclient inside the VM)
      or changed the lease file  (/var/run/libvirt/network/nwfilter.leases) and
      restart libvirtd to have a 2nd IP address on an existing interface.
      Note that dnsmasq can take a lease timeout parameter as part of the --dhcp-range
      command line parameter, so that timeouts can be tested that way
      (--dhcp-range 192.168.122.2,192.168.122.254,120). So, terminating and restarting
      dnsmasq with that parameter is another choice to watch an IP address disappear
      after 120 seconds.
      
      Regards,
         Stefan
      b92d52d3
    • S
      nwfilter: move code for IP address map into separate file · 797b4758
      Stefan Berger 提交于
      The goal of this patch is to prepare for support for multiple IP
      addresses per interface in the DHCP snooping code.
      
      Move the code for the IP address map that maps interface names to
      IP addresses into their own file. Rename the functions on the way
      but otherwise leave the code as-is. Initialize this new layer
      separately before dependent layers (iplearning, dhcpsnooping)
      and shut it down after them.
      797b4758
    • S
      nwfilter: add DHCP snooping · cec281fc
      Stefan Berger 提交于
      This patch adds DHCP snooping support to libvirt. The learning method for
      IP addresses is specified by setting the "CTRL_IP_LEARNING" variable to one of
      "any" [default] (existing IP learning code), "none" (static only addresses)
      or "dhcp" (DHCP snooping).
      
      Active leases are saved in a lease file and reloaded on restart or HUP.
      
      The following interface XML activates and uses the DHCP snooping:
      
          <interface type='bridge'>
            <source bridge='virbr0'/>
            <filterref filter='clean-traffic'>
              <parameter name='CTRL_IP_LEARNING' value='dhcp'/>
            </filterref>
          </interface>
      
      All filters containing the variable 'IP' are automatically adjusted when
      the VM receives an IP address via DHCP. However, multiple IP addresses per
      interface are silently ignored in this patch, thus only supporting one IP
      address per interface. Multiple IP address support is added in a later
      patch in this series.
      Signed-off-by: NDavid L Stevens <dlstevens@us.ibm.com>
      Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
      cec281fc
    • M
      qemu: move -name arg to be 1st in "ps x" output · 195fa214
      Marti Raudsepp 提交于
      Currently, monitoring QEMU virtual machines with standard Unix
      sysadmin tools is harder than it has to be. The QEMU command line is
      often miles long and mostly redundant, it's hard to tell which process
      is which.
      
      This patch reorders the QEMU -name argument to be the first, so it's
      immediately visible in "ps x", htop and "atop -c" output.
      195fa214
    • L
      qemu: fix netdev alias name assignment wrt type='hostdev' · 6734ce7b
      Laine Stump 提交于
      This patch resolves:
      
         https://bugzilla.redhat.com/show_bug.cgi?id=827519
      
      The problem is that an interface with type='hostdev' will have an
      alias of the form "hostdev%d", while the function that looks through
      existing netdevs to determine the name to use for a new addition will
      fail if there's an existing entry that does not match the form
      "net%d".
      
      This is another of the handful of places that need an exception due to
      the hybrid nature of <interface type='hostdev'> (which is not exactly
      an <interface> or a <hostdev>, but is both at the same time).
      6734ce7b
  4. 31 5月, 2012 8 次提交
    • M
      tools: make virt-pki-validate work with acls and xattrs · d4fb6694
      Martin Kletzander 提交于
      This patch makes virt-pki-validate work with certificates that have
      acl or xattr set. Otherwise it failing due to wrong permissions.
      d4fb6694
    • W
      qemu: avoid closing fd more than once · b19c236d
      Wen Congyang 提交于
      If we migrate to fd, spec->fwdType is not MIGRATION_FWD_DIRECT,
      we will close spec->dest.fd.local in qemuMigrationRun(). So we
      should set spec->dest.fd.local to -1 in qemuMigrationRun().
      
      Bug present since 0.9.5 (commit 32617617).
      b19c236d
    • W
      command: check for fork error before closing fd · 746ff701
      Wen Congyang 提交于
      We should not set *outfd or *errfd if virExecWithHook() failed
      because the caller may close these fds.
      
      Bug present since v0.4.5 (commit 60ed1d2a).
      746ff701
    • E
      fdstream: avoid double close bug · f3cfc7c8
      Eric Blake 提交于
      Wen Congyang reported that we have a double-close bug if we fail
      virFDStreamOpenInternal, since childfd duplicated one of the fds[]
      array contents.  In truth, since we always transfer both members
      of fds to other variables, we should close the fds through those
      other names, and just use fds[] for pipe().
      
      Bug present since 0.9.0 (commit e886237a).
      
      * src/fdstream.c (virFDStreamOpenFileInternal): Swap scope of
      childfd and fds[], to avoid a double close.
      f3cfc7c8
    • E
      command: avoid double close bugs · da831afc
      Eric Blake 提交于
      KAMEZAWA Hiroyuki reported a nasty double-free bug when virCommand
      is used to convert a string into input to a child command.  The
      problem is that the poll() loop of virCommandProcessIO would close()
      the write end of the pipe in order to let the child see EOF, then
      the caller virCommandRun() would also close the same fd number, with
      the second close possibly nuking an fd opened by some other thread
      in the meantime.  This in turn can have all sorts of bad effects.
      
      The bug has been present since the introduction of virCommand in
      commit f16ad06f.
      
      This is based on his first attempt at a patch, at
      https://bugzilla.redhat.com/show_bug.cgi?id=823716
      
      * src/util/command.c (_virCommand): Drop inpipe member.
      (virCommandProcessIO): Add argument, to avoid closing caller's fd
      without informing caller.
      (virCommandRun, virCommandNewArgs): Adjust clients.
      da831afc
    • W
      avoid fd leak · 655cffa0
      Wen Congyang 提交于
      virCommandRunAsync() will set errfd if it succeed. We should
      close it if virFDStreamOpenInternal() fails.
      655cffa0
    • W
      avoid closing uninitialized fd · 0a045f01
      Wen Congyang 提交于
      If the system does not support bypass cache, we will close fd,
      but it is uninitialized.
      0a045f01
    • M
      Fixes for check and rpm builds without sanlock (and qemu) · 730cc8d7
      Martin Kletzander 提交于
      Apart from the non-sanlock check build, there is also a little fix for
      qemu (EXTRA_DIST had qemu.conf and others inside even if the build was
      supposed to be without qemu).
      730cc8d7
  5. 30 5月, 2012 11 次提交
    • W
      build: include augeas-gentest.pl into dist file · 23292f73
      Wen Congyang 提交于
      We generate *.aug from *.aug.in by augeas-gentest.pl, so this script
      should be included in dist file.
      23292f73
    • E
      build: use same perl binary throughout build · 13af87f2
      Eric Blake 提交于
      Some of our rules used $(PERL), while others used 'perl'.  Always
      using the variable allows a developer to point to a different (often
      better) perl than the default one found on $PATH.
      
      * daemon/Makefile.am ($(srcdir)/remote_dispatch.h): s/perl/$(PERL).
      * src/Makefile.am ($(srcdir)/remote/remote_client_bodies.h)
      (PDWTAGS, %protocol.c, %_probes.stp): Likewise.
      13af87f2
    • E
      build: fix testing of augeas files in VPATH builds · fb59cf7a
      Eric Blake 提交于
      Without this fix, a VPATH build (such as used by ./autobuild.sh)
      fails with messages like:
      
      make[3]: Entering directory `/home/remote/eblake/libvirt-tmp2/build/daemon'
      ../../build-aux/augeas-gentest.pl libvirtd.conf ../../daemon/test_libvirtd.aug.in test_libvirtd.aug
      cannot read libvirtd.conf: No such file or directory at ../../build-aux/augeas-gentest.pl line 38.
      
      Since the test files are not part of the tarball, we can generate
      them into the build dir, but rather than create a subdirectory
      just for the test file, it is easier to test them directly in
      libvirt.git/src.
      
      * daemon/Makefile.am (AUG_GENTEST): Factor out definition.
      (test_libvirtd.aug): Look for correct file.
      * src/Makefile.am (AUG_GENTEST): Use $(PERL).
      (qemu/test_libvirtd_qemu.aug, lxc/test_libvirtd_lxc.aug)
      (locking/test_libvirt_sanlock.aug): Rename to avoid subdirectories.
      (check-augeas-qemu, check-augeas-lxc, check-augeas-sanlock): Reflect
      location of built tests.
      * configure.ac (PERL): Substitute perl.
      fb59cf7a
    • E
      build: silence warning from autoconf · aabf77aa
      Eric Blake 提交于
      Autoconf 2.60 and later insist on using ${datarootdir}, rather than
      the derived ${datadir} (although the latter defaults to the former,
      it is possible to set configure arguments so that they differ):
      
      config.status: creating libvirt.pc
      config.status: WARNING:  'libvirt.pc.in' seems to ignore the --datarootdir setting
      
      This patch follows the autoconf manual's suggestions for how to
      support 2.59 (RHEL 5) and newer simultaneously.
      
      * libvirt.pc.in (datarootdir): Define, so ${datadir} will not ignore
      datarootdir when using newer autoconf.
      aabf77aa
    • M
      virCommand: Extend debug message for handshake · 7454849e
      Michal Privoznik 提交于
      Currently, we are logging only one side of pipes we
      create in virCommandRequireHandshake(); This is enough
      in cases where pipe2() returns two consecutive FDs. However,
      it is not guaranteed and it may return any FDs.
      Therefore, it's wise to log the other ends as well.
      7454849e
    • M
      lxc: return correct number of CPUs · 87dfdb0b
      Martin Kletzander 提交于
      When getting number of CPUs the host has assigned, there was always
      number "1" returned. Even though all lxc domains with no pinning
      launched by libvirt run on all pCPUs (by default, no matter what's the
      number), we should at least return the same number as the user
      specified when creating the domain.
      87dfdb0b
    • M
      build: Fixed generating of libvirt_qemu_probes.h · be6c46b1
      Martin Kletzander 提交于
      I added libvirt_qemu_probes.h into BUILT_SOURCES. That makes it
      generated, but most probably it is not the clearest way how to do
      that, but it fixes the build.
      be6c46b1
    • D
      examples: add consolecallback example python script · ffc9f7ab
      Dave Allan 提交于
      A while back I wrote the attached code to demonstrate how to use
      events and serial console to create a serial console that stays up
      even when the VM is down.  It might need some work, as I am not
      terribly strong with Python.
      
      * examples/python/consolecallback.py: New file.
      * examples/python/Makefile.am (EXTRA_DIST): Ship it.
      ffc9f7ab
    • E
      build: don't lose probes.o files · 620dda66
      Eric Blake 提交于
      The previous patch fixed an incremental build, but missed that on
      a fresh checkout, we now have nothing left that stops make from
      nuking libvirt_qemu_probes.o.
      
      * src/Makefile.am ($(libvirt_driver_qemu_la_SOURCES)): Delete,
      since this variable is empty.
      (.PRECIOUS): Add %_probes.o, so they don't get nuked as an
      intermediate by-product after creating %_probes.lo.
      620dda66
    • E
      build: fix missing dependencies for libvirt-qemu.so · fca009fd
      Eric Blake 提交于
      The moment you specify a _DEPENDENCIES, older automake (stupidly)
      assumes that you will specify _all_ dependencies for that target.
      This stupidity has been fixed in automake 1.12, but we cannot rely on
      newer automake everywhere.  For libvirt_la_DEPENDENCIES, we took
      care of providing the full list, but for libvirt_qemu_la_DEPENDENCIES,
      we were missing the dependency on libvirt_qemu_impl.la, which resulted
      in a failed build:
      
      make[3]: Entering directory `/home/ajia/Workspace/libvirt/src'
         CCLD   libvirt_driver_qemu.la
      libtool: link: `libvirt_qemu_probes.lo' is not a valid libtool object
      
      * src/Makefile.am (libvirt_driver_qemu_la_DEPENDENCIES): Delete;
      automake does a better job if it does the entire job.
      fca009fd
    • E
      build: don't clean a file that belongs in the tarball · 28dbf01d
      Eric Blake 提交于
      Otherwise, 'make rpm' fails with:
      
      make[2]: *** No rule to make target `locking/test_libvirt_sanlock.aug.in', needed by `distdir'.  Stop.
      make[2]: Leaving directory `/home/dipankar/src/powerpc/libvirt-ppc/src'
      make[1]: *** [distdir] Error 1
      
      Reported by Dipankar Sarma.
      
      * src/Makefile.am (CLEANFILES): Clean only the generated file.
      28dbf01d
  6. 29 5月, 2012 5 次提交
    • E
      virsh: avoid strncpy · dc4301c7
      Eric Blake 提交于
      strncpy is generally evil - it runs the risk of missing NUL
      termination, and more often than not wastes time zeroing way
      more bytes than strictly necessary.  We've avoided this evil
      in our virStrncpy wrapper, except for places where we forgot
      to use the wrapper; meanwhile, we have also added an even
      higher layer wrapper for setting virTypedParameter values.
      
      * tools/virsh.c (cmdMemtune, cmdBlkdeviotune): Use modern API.
      * cfg.mk (exclude_file_name_regexp--sc_prohibit_strncpy): Tighten.
      dc4301c7
    • E
      build: update to latest gnulib · e925ea31
      Eric Blake 提交于
      Gnulib finally relaxed the isatty license, needed as first mentioned here:
      https://www.redhat.com/archives/libvir-list/2012-February/msg01022.html
      
      Other improvements include better syntax-check rules (we can delete one
      of ours now that it is a duplicate) and better compiler warning usage.
      
      * .gnulib: Update to latest, for isatty.
      * cfg.mk (sc_prohibit_strncpy): Drop a now-redundant rule.
      * bootstrap.conf (gnulib_modules): Add isatty.
      * bootstrap: Resync from gnulib.
      e925ea31
    • S
      leak_fix.diff · 67dd486f
      Stefan Berger 提交于
      ==3240== 23 bytes in 1 blocks are definitely lost in loss record 242 of 744
      ==3240==    at 0x4C2A4CD: malloc (vg_replace_malloc.c:236)
      ==3240==    by 0x8077537: __vasprintf_chk (vasprintf_chk.c:82)
      ==3240==    by 0x509C677: virVasprintf (stdio2.h:199)
      ==3240==    by 0x509C733: virAsprintf (util.c:1912)
      ==3240==    by 0x1906583A: qemudStartup (qemu_driver.c:679)
      ==3240==    by 0x511991D: virStateInitialize (libvirt.c:809)
      ==3240==    by 0x40CD84: daemonRunStateInit (libvirtd.c:751)
      ==3240==    by 0x5098745: virThreadHelper (threads-pthread.c:161)
      ==3240==    by 0x7953D8F: start_thread (pthread_create.c:309)
      ==3240==    by 0x805FF5C: clone (clone.S:115)
      67dd486f
    • S
      Introduce virMacAddr typedef · 423bb749
      Stefan Berger 提交于
      423bb749
    • D
      Fix typo in comment start · d8199033
      Daniel P. Berrange 提交于
      src/libvirt.c: s,//,/,
      d8199033
  7. 28 5月, 2012 1 次提交
    • D
      Santize the reporting of VIR_ERR_INVALID_ERROR · d91f3ef4
      Daniel P. Berrange 提交于
      To ensure consistent error reporting of invalid arguments,
      provide a number of predefined helper methods & macros.
      
       - An arg which must not be NULL:
      
         virCheckNonNullArgReturn(argname, retvalue)
         virCheckNonNullArgGoto(argname, label)
      
       - An arg which must be NULL
      
         virCheckNullArgGoto(argname, label)
      
       - An arg which must be positive (ie 1 or greater)
      
         virCheckPositiveArgGoto(argname, label)
      
       - An arg which must not be 0
      
         virCheckNonZeroArgGoto(argname, label)
      
       - An arg which must be zero
      
         virCheckZeroArgGoto(argname, label)
      
       - An arg which must not be negative (ie 0 or greater)
      
         virCheckNonNegativeArgGoto(argname, label)
      
      * src/libvirt.c, src/libvirt-qemu.c,
        src/nodeinfo.c, src/datatypes.c: Update to use
        virCheckXXXX macros
      * po/POTFILES.in: Add libvirt-qemu.c and virterror_internal.h
      * src/internal.h: Define macros for checking invalid args
      * src/util/virterror_internal.h: Define macros for reporting
        invalid args
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      d91f3ef4