- 08 11月, 2013 2 次提交
-
-
由 Laine Stump 提交于
This is a prerequisite to the fix for the fix to: https://bugzilla.redhat.com/show_bug.cgi?id=1025397 num_virtual_functions needs to be size_t in order to use the VIR_APPEND_ELEMENT macro.
-
由 Serge Hallyn 提交于
When supported, ask iptables to wait rather than fail if it is in use by another caller (like ufw). (See https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1245322) Signed-off-by: NSerge Hallyn <serge.hallyn@ubuntu.com>
-
- 07 11月, 2013 4 次提交
-
-
由 Eric Blake 提交于
This gets rid of another stat() per volume, as well as cutting bytes read in half, when populating the volumes of a directory pool during a pool refresh. Not to mention that it provides an interface that can let gluster pools also probe file types. * src/util/virstoragefile.h (virStorageFileProbeFormatFromFD): Delete. (virStorageFileProbeFormatFromBuf): New prototype. (VIR_STORAGE_MAX_HEADER): New constant, based on... * src/util/virstoragefile.c (STORAGE_MAX_HEAD): ...old name. (vmdk4GetBackingStore, virStorageFileGetMetadataInternal) (virStorageFileProbeFormat): Adjust clients. (virStorageFileProbeFormatFromFD): Delete. (virStorageFileProbeFormatFromBuf): Export. * src/storage/storage_backend_fs.c (virStorageBackendProbeTarget): Adjust client. * src/libvirt_private.syms (virstoragefile.h): Adjust exports. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Future patches will want to learn metadata about a file using a buffer that was already parsed in order to probe the file's format. Rather than reopening and re-reading the file, it makes sense to separate getting file contents from actually parsing those contents. * src/util/virstoragefile.c (virStorageFileGetMetadataFromBuf) (virStorageFileGetMetadataFromFDInternal): New functions. (virStorageFileGetMetadataInternal): Hoist fstat() and read() into callers. (virStorageFileGetMetadataFromFD) (virStorageFileGetMetadataRecurse): Rework clients. * src/util/virstoragefile.h (virStorageFileGetMetadataFromBuf): New prototype. * src/libvirt_private.syms (virstoragefile.h): Export it. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Our backing file chain code was not very robust to an ill-timed EINTR, which could lead to a short read causing us to randomly treat metadata differently than usual. But the existing virFileReadLimFD forces an error if we don't read the entire file, even though we only care about the header of the file. So add a new virFile function that does what we want. * src/util/virfile.h (virFileReadHeaderFD): New prototype. * src/util/virfile.c (virFileReadHeaderFD): New function. * src/libvirt_private.syms (virfile.h): Export it. * src/util/virstoragefile.c (virStorageFileGetMetadataInternal) (virStorageFileProbeFormatFromFD): Use it. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
'unsigned char *' makes sense if you are doing math on bytes and don't want to worry about wraparound from a signed 'char'; but since all we are doing is memcmp() or virReadBufInt*[LB]E(), which are both safe on either type of char, and since read() prefers to operate on 'char *', it's simpler to avoid casts by just typing things as 'char *' from the get-go. [Technically, read can operate on an 'unsigned char *' thanks to the C rule that any pointer can be implicitly converted to 'char *' for legacy K&R compatibility; but where this patch saves us is if we try to use virfile.h functions that take 'char **' in order to allocate the buffer, where the compiler would barf on type mismatch.] * src/util/virstoragefile.c (FileTypeInfo): Avoid unsigned char. (cowGetBackingStore, qcow2GetBackingStoreFormat) (qcowXGetBackingStore, qcow1GetBackingStore) (qcow2GetBackingStore, vmdk4GetBackingStore, qedGetBackingStore) (virStorageFileMatchesMagic, virStorageFileMatchesVersion) (virStorageFileProbeFormatFromBuf, qcow2GetFeatures) (virStorageFileGetMetadataInternal) (virStorageFileProbeFormatFromFD): Simplify clients. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 05 11月, 2013 3 次提交
-
-
由 Eric Blake 提交于
A qcow2 file with a backing file of 'gluster://host/vol/file' should not try to look for a directory named './gluster:/' in the file system. * src/util/virstoragefile.c (virBackingStoreIsFile): Broaden check to include all protocols. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Daniel P. Berrange 提交于
Add a function for efficiently checking if a path is a filesystem mount point. NB will not work for bind mounts, only true filesystem mounts. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1018897 If a PCI deivce is not binded to any driver (e.g. there's yet no PCI driver in the linux kernel) but still users want to passthru the device we fail the whole operation as we fail to resolve the 'driver' link under the PCI device sysfs tree. Obviously, this is not a fatal error and it shouldn't be error at all. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 04 11月, 2013 5 次提交
-
-
由 Peter Krempa 提交于
-
由 Peter Krempa 提交于
-
由 Peter Krempa 提交于
-
由 Peter Krempa 提交于
Avoid necessary checks for the numa library with this helper.
-
由 Peter Krempa 提交于
All functions from libnuma must be protected with ifdefs. Avoid this by using our own wrapper.
-
- 21 10月, 2013 7 次提交
-
-
由 Daniel P. Berrange 提交于
Most of the usage of getuid()/getgid() is in cases where we are considering what privileges we have. As such the code should be using the effective IDs, not real IDs. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
We already have stubs for getuid, geteuid, getgid but not for getegid. Something in gnulib already does a check for it during configure, so we already have the HAVE_GETEGID macro defined. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The use of getenv is typically insecure, and we want people to use our wrappers, to force them to think about setuid needs. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Unconditional use of getenv is not secure in setuid env. While not all libvirt code runs in a setuid env (since much of it only exists inside libvirtd) this is not always clear to developers. So make all the code paranoid, even if it only ever runs inside libvirtd. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
When running setuid, we must be careful about what env vars we allow commands to inherit from us. Replace the virCommandAddEnvPass function with two new ones which do filtering virCommandAddEnvPassAllowSUID virCommandAddEnvPassBlockSUID And make virCommandAddEnvPassCommon use the appropriate ones Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
We must not allow file/syslog/journald log outputs when running setuid since they can be abused to do bad things. In particular the 'file' output can be used to overwrite files. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Care must be taken accessing env variables when running setuid. Introduce a virGetEnvAllowSUID for env vars which are safe to use in a setuid environment, and another virGetEnvBlockSUID for vars which are not safe. Also add a virIsSUID helper method for any other non-env var code to use. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 18 10月, 2013 1 次提交
-
-
由 Michal Privoznik 提交于
In fact, the suffix should be _QUIET not _QUIT to stress the fact, that no OOM error is reported on error. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 16 10月, 2013 4 次提交
-
-
由 Daniel P. Berrange 提交于
The recent patch series proposing the addition of PPC little endian arch support to Linux defines new arch names 'ppcle' and 'ppc64le': https://lists.ozlabs.org/pipermail/linuxppc-dev/2013-August/109908.html This just makes libvirt know about these arch names, so it doesn't immediately trip up if it seems these new names from uname. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Pranavkumar Sawargaonkar 提交于
Implement the bare minimal sysinfo for AArch64 platforms by reading the CPU models from /proc/cpuinfo. Signed-off-by: NAnup Patel <anup.patel@linaro.org> Signed-off-by: NPranavkumar Sawargaonkar <pranavkumar@linaro.org>
-
由 Pranavkumar Sawargaonkar 提交于
Adding AArch64(ARMv8 64bit) to the current list of valid architectures. For now, AArch64 name would imply AArch64 LE mode only. In future, we might have separate names for AArch64 LE and BE. Signed-off-by: NAnup Patel <anup.patel@linaro.org> Signed-off-by: NPranavkumar Sawargaonkar <pranavkumar@linaro.org>
-
- 15 10月, 2013 5 次提交
-
-
由 Chen Hanxiao 提交于
The range of valid values for cgroup tunables has changed in the past and may change again in future kernels. Avoid hardcoding range checks in libvirt code, delegating range checking to the kernel itself. Signed-off-by: NChen Hanxiao <chenhanxiao@cn.fujitsu.com>
-
由 Chen Hanxiao 提交于
When EINVAL is returned while changing a cgroups value, tell user that what values are invalid for the field. Signed-off-by: NChen Hanxiao <chenhanxiao@cn.fujitsu.com>
-
由 Eric Blake 提交于
'const fooPtr' is the same as 'foo * const' (the pointer won't change, but it's contents can). But in general, if an interface is trying to be const-correct, it should be using 'const foo *' (the pointer is to data that can't be changed). Fix up remaining offenders in src/util. * src/util/virnetdev.h (virNetDevSetMAC) (virNetDevReplaceMacAddress, virNetDevValidateConfig) (virNetDevReplaceNetConfig): Use intended type. * src/util/virnetdevbandwidth.h (virNetDevBandwidthCopy) (virNetDevBandwidthPlug): Likewise. * src/util/virnetdevmacvlan.h (virNetDevMacVLanCreate) (virNetDevMacVLanCreateWithVPortProfile) (virNetDevMacVLanDeleteWithVPortProfile) (virNetDevMacVLanRestartWithVPortProfile) (virNetDevMacVLanVPortProfileRegisterCallback): Likewise. * src/util/virnetdevopenvswitch.h (virNetDevOpenvswitchAddPort): Likewise. * src/util/virnetdevtap.h (virNetDevTapCreateInBridgePort): Likewise. * src/util/virnetdevvlan.h (virNetDevVlanEqual) (virNetDevVlanCopy): Likewise. * src/util/virnetdevvportprofile.h (virNetDevVPortProfileAssociate) (virNetDevVPortProfileDisassociate): Likewise. * src/util/virnetlink.h (virNetlinkEventRemoveCallback) (virNetlinkEventAddClient, virNetlinkEventRemoveClient): Likewise. * src/util/virnetdev.c (virNetDevSetMAC) (virNetDevReplaceMacAddress, virNetDevValidateConfig) (virNetDevReplaceNetConfig): Fix fallout. * src/util/virnetdevbandwidth.c (virNetDevBandwidthCopy) (virNetDevBandwidthPlug): Likewise. * src/util/virnetdevmacvlan.c (virNetDevMacVLanCreate) (virNetDevMacVLanCreateWithVPortProfile) (virNetDevMacVLanDeleteWithVPortProfile) (virNetDevMacVLanRestartWithVPortProfile) (virNetDevMacVLanVPortProfileRegisterCallback): Likewise. * src/util/virnetdevopenvswitch.c (virNetDevOpenvswitchAddPort): Likewise. * src/util/virnetdevtap.c (virNetDevTapCreateInBridgePort): Likewise. * src/util/virnetdevvlan.c (virNetDevVlanEqual) (virNetDevVlanCopy): Likewise. * src/util/virnetdevvportprofile.c (virNetDevVPortProfileAssociate) (virNetDevVPortProfileDisassociate) (virNetDevVPortProfileOpSetLink, virNetDevVPortProfileOpCommon) (virNetDevVPortProfileOp8021Qbg, virNetDevVPortProfileOp8021Qbh): Likewise. * src/util/virnetlink.c (virNetlinkEventRemoveCallback) (virNetlinkEventAddClient, virNetlinkEventRemoveClient): Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
'const fooPtr' is the same as 'foo * const' (the pointer won't change, but it's contents can). But in general, if an interface is trying to be const-correct, it should be using 'const foo *' (the pointer is to data that can't be changed). Fix up offenders in src/util outside of the virnet namespace. Also, make a few virSocketAddr functions const-correct, for easier conversions in future patches. * src/util/virbuffer.h (virBufferError, virBufferUse) (virBufferGetIndent): Use intended type. * src/util/virmacaddr.h (virMacAddrCmp, virMacAddrCmpRaw) (virMacAddrSet, virMcAddrFormat, virMacAddrIsUnicast) (virMacAddrIsMulticast): Likewise. * src/util/virebtables.h (ebtablesAddForwardAllowIn) (ebtablesRemoveForwardAllowIn): Likewise. * src/util/virsocketaddr.h (virSocketAddrSetIPv4Addr): Drop incorrect const. (virMacAddrGetRaw, virSocketAddrFormat, virSocketAddrFormatFull): Make const-correct. (virSocketAddrMask, virSocketAddrMaskByPrefix) (virSocketAddrBroadcast, virSocketAddrBroadcastByPrefix) (virSocketAddrGetNumNetmaskBits, virSocketAddrGetIpPrefix) (virSocketAddrEqual, virSocketAddrIsPrivate) (virSocketAddrIsWildcard): Use intended type. * src/util/virbuffer.c (virBufferError, virBufferUse) (virBufferGetIndent): Fix fallout. * src/util/virmacaddr.c (virMacAddrCmp, virMacAddrCmpRaw) (virMacAddrSet, virMcAddrFormat, virMacAddrIsUnicast) (virMacAddrIsMulticast): Likewise. * src/util/virebtables.c (ebtablesAddForwardAllowIn) (ebtablesRemoveForwardAllowIn): Likewise. * src/util/virsocketaddr.c (virSocketAddrMask, virMacAddrGetRaw) (virSocketAddrMaskByPrefix, virSocketAddrBroadcast) (virSocketAddrBroadcastByPrefix, virSocketAddrGetNumNetmaskBits) (virSocketAddrGetIpPrefix, virSocketAddrEqual) (virSocketAddrIsPrivate, virSocketAddrIsWildcard) (virSocketAddrGetIPv4Addr, virSocketAddrGetIPv6Addr) (virSocketAddrFormat, virSocketAddrFormatFull): Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
'const fooPtr' is the same as 'foo * const' (the pointer won't change, but it's contents can). But in general, if an interface is trying to be const-correct, it should be using 'const foo *' (the pointer is to data that can't be changed). Fix up virhash to provide a const-correct interface: all actions that don't modify the table take a const table. Note that in one case (virHashSearch), we actually strip const away - we aren't modifying the contents of the table, so much as associated data for ensuring that the code uses the table correctly (if this were C++, it would be a case for the 'mutable' keyword). * src/util/virhash.h (virHashKeyComparator, virHashEqual): Use intended type. (virHashSize, virHashTableSize, virHashLookup, virHashSearch): Make const-correct. * src/util/virhash.c (virHashEqualData, virHashEqual) (virHashLookup, virHashSize, virHashTableSize, virHashSearch) (virHashComputeKey): Fix fallout. * src/conf/nwfilter_params.c (virNWFilterFormatParameterNameSorter): Likewise. * src/nwfilter/nwfilter_ebiptables_driver.c (ebiptablesFilterOrderSort): Likewise. * tests/virhashtest.c (testHashGetItemsCompKey) (testHashGetItemsCompValue): Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 14 10月, 2013 5 次提交
-
-
由 Daniel P. Berrange 提交于
In Fedora 20, libvirt_lxc crashes immediately at startup with a trace #0 0x00007f0cddb653ec in free () from /lib64/libc.so.6 #1 0x00007f0ce0e16f4a in virFree (ptrptr=ptrptr@entry=0x7f0ce1830058) at util/viralloc.c:580 #2 0x00007f0ce0e2764b in virResetError (err=0x7f0ce1830030) at util/virerror.c:354 #3 0x00007f0ce0e27a5a in virResetLastError () at util/virerror.c:387 #4 0x00007f0ce0e28858 in virEventRegisterDefaultImpl () at util/virevent.c:233 #5 0x00007f0ce0db47c6 in main (argc=11, argv=0x7fff4596c328) at lxc/lxc_controller.c:2352 Normally virInitialize calls virErrorInitialize and virThreadInitialize, but we don't link to libvirt.so in libvirt_lxc, and nor did we ever call the error or thread initializers. I have absolutely no idea how this has ever worked, let alone what caused it to stop working in Fedora 20. In addition not all code paths from virLogSetFromEnv will ensure virLogInitialize is called correctly, which is another possible crash scenario. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Previous commit commit 7ada155c Author: Gao feng <gaofeng@cn.fujitsu.com> Date: Wed Sep 11 11:15:02 2013 +0800 DBus: introduce virDBusIsServiceEnabled Made the cgroups code fallback to non-systemd based setup when dbus is not running. It was too big a hammer though, as it did not check what error code was received when the dbus connection failed. Thus it silently ignored serious errors from dbus such as "too many client connections", which should always be treated as fatal. We only want to ignore errors if the dbus unix socket does not exist, or if nothing is listening on it. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The log message regex has been [0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}\.[0-9]{3}\+[0-9]{4}: [0-9]+: debug|info|warning|error : The precedence of '|' is high though, so this is equivalent to matching [0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}\.[0-9]{3}\+[0-9]{4}: [0-9]+: debug Or info Or warning Or error : Which is clearly not what it should have done. This caused the code to skip over things which are not log messages. The solution is to simply add brackets. A test case is also added to validate correctness. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
If the dbus system bus connection is marked as private, then allow it to be closed. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The dbus_bus_get() function returns a shared bus connection that all libraries in a process can use. You are forbidden from calling close on this connection though, since you can never know if any other code might be using it. Add an option to use private dbus bus connections, if the app wants to be able to close the connection. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 11 10月, 2013 3 次提交
-
-
由 Bing Bu Cao 提交于
The helper function virCompareLimitUlong compares limit values, where value of 0 is equal to unlimited. If the latter parameter is 0, it should return -1 instead of 1, hence the user can only set hard_limit when swap_hard_limit currently is unlimited. Worse, all callers pass 2 64-bit values, but on 32-bit platforms, the second argument was silently truncated to 32 bits, which could lead to incorrect computations. Signed-off-by: NBing Bu Cao <mars@linux.vnet.ibm.com> Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Daniel P. Berrange 提交于
The enum for virNetDevVPort is declared in the header file virnetdevvportprofile.h, but for some reason the impl is in netdev_vport_profile_conf.c. This causes a dep from src/util onto src/conf which is not allowed. Move the enum impl into virnetdevvportprofile.c to break the circle. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Michal Privoznik 提交于
This function takes exactly one argument: an address to check. It returns true, if the address is an IPv4 or IPv6 address in numeric format, false otherwise (e.g. for "examplehost"). Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 09 10月, 2013 1 次提交
-
-
由 Chen Hanxiao 提交于
s/shoule/should Signed-off-by: NChen Hanxiao <chenhanxiao@cn.fujitsu.com>
-