1. 11 2月, 2015 6 次提交
    • J
      qemu: qemuOpenFileAs - set flag VIR_FILE_OPEN_FORCE_MODE · 92f09dab
      John Ferlan 提交于
      In the event we're falling into the code that tries to create the file
      in a forked environment (VIR_FILE_OPEN_FORK) we pass different mode bits,
      but those are never set because the virFileOpenForceOwnerMode has a check
      if the OPEN_FORCE_MODE bit is set before attempting to change the mode.
      
      Since this is a special case it seems reasonable to set u+rw,g+rw,o
      92f09dab
    • J
      virfile: Adjust error path for virFileOpenForked · 92d9114e
      John Ferlan 提交于
      Rather than have a dummy waitpid loop and return of the failure status
      from recvfd, adjust the logic to save the recvfd error & fd and then
      in priority order:
      
      - if waitpid failed, use that errno value
      - waitpid succeeded, but if the child exited abnormally, report failure
      (use EACCES to report as return failure, since either EACCES or EPERM is
      what caused us to fall into the fork+setuid path)
      - waitpid succeeded, but if the child reported non-zero status, report
      failure (use the errno value that the child encoded into exit status)
      - waitpid succeeded, but if recvfd failed, report recvfd_errno
      - waitpid and recvfd succeeded, use the fd
      
      NOTE: Original logic to retry the open and force owner mode was
      "documented" as only being attempted if we had already tried opening
      with the fork+setuid, but checked flags vs. VIR_FILE_OPEN_NOFORK which
      is counter to how we would get to that point. So that code was removed.
      92d9114e
    • L
      qemu: fix crash when migrateuri has no scheme · 45853b52
      Luyao Huang 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=1191355
      
      When we attempt to migrate a vm with a migrateuri that has no scheme:
      
       # virsh migrate test4 --live qemu+ssh://lhuang/system --migrateuri 127.0.0.1
      
      target libvirtd will crash because uri->scheme is NULL in
      qemuMigrationPrepareDirect on this line:
      
           if (STRNEQ(uri->scheme, "tcp") &&
      
      Add a value check before this line. Also fix a bug like this in
      doNativeMigrate, that could only happen when destination libvirtd
      returned an incorrect URI.
      Signed-off-by: NLuyao Huang <lhuang@redhat.com>
      Signed-off-by: NJán Tomko <jtomko@redhat.com>
      45853b52
    • Z
      conf: Fix libvirtd crash and memory leak caused by virDomainVcpuPinDel() · 2d27dcb0
      Zhang Bo 提交于
      The function virDomainVcpuPinDel() used vcpupin_list to stand for
      def->cputune.vcpupin, which made the codes more readable.
      However, in this function, it will realloc vcpupin_list later.
      As the definition of realloc(), it may free vcpupin_list and then
      points it to a new-realloced address, but def->cputune.vcpupin doesn't
      point to the new address(it's freed however).
      Thus,
      1) When we refer to the def->cputune.vcpupin afterwards, which was freed
      by realloc(), an INVALID READ occurs, and libvirtd may crash.
      2) As no one will use vcpupin_list any more, and no one frees it(it's just
      alloced by realloc()), memory leak occurs.
      
      Part of the valgrind logs are shown as below:
      ==1837== Thread 15:
      ==1837== Invalid read of size 8
      ==1837==    at 0x5367337: virDomainDefFormatInternal (domain_conf.c:18392)
              which is : virBufferAsprintf(buf, "<vcpupin vcpu='%u' ",
                                def->cputune.vcpupin[i]->vcpuid);
      ==1837==    by 0x536966C: virDomainObjFormat (domain_conf.c:18970)
      ==1837==    by 0x5369743: virDomainSaveStatus (domain_conf.c:19166)
      ==1837==    by 0x117B26DC: qemuDomainPinVcpuFlags (qemu_driver.c:4586)
      ==1837==    by 0x53EA313: virDomainPinVcpuFlags (libvirt.c:9803)
      ==1837==    by 0x14CB7D: remoteDispatchDomainPinVcpuFlags (remote_dispatch.h:6762)
      ==1837==    by 0x14CC81: remoteDispatchDomainPinVcpuFlagsHelper (remote_dispatch.h:6740)
      ==1837==    by 0x5464C30: virNetServerProgramDispatchCall (virnetserverprogram.c:437)
      ==1837==    by 0x546507A: virNetServerProgramDispatch (virnetserverprogram.c:307)
      ==1837==    by 0x171B83: virNetServerProcessMsg (virnetserver.c:172)
      ==1837==    by 0x171E6E: virNetServerHandleJob (virnetserver.c:193)
      ==1837==    by 0x5318E78: virThreadPoolWorker (virthreadpool.c:145)
      ==1837==  Address 0x12ea2870 is 0 bytes inside a block of size 16 free'd
      ==1837==    at 0x4C291AC: realloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
      ==1837==    by 0x52A3D14: virReallocN (viralloc.c:245)
      ==1837==    by 0x52A3DFB: virShrinkN (viralloc.c:372)
      ==1837==    by 0x52A3F57: virDeleteElementsN (viralloc.c:503)
      ==1837==    by 0x533939E: virDomainVcpuPinDel (domain_conf.c:15405)  //doReset为true时才会进到。
      ==1837==    by 0x117B2642: qemuDomainPinVcpuFlags (qemu_driver.c:4573)
      ==1837==    by 0x53EA313: virDomainPinVcpuFlags (libvirt.c:9803)
      ==1837==    by 0x14CB7D: remoteDispatchDomainPinVcpuFlags (remote_dispatch.h:6762)
      ==1837==    by 0x14CC81: remoteDispatchDomainPinVcpuFlagsHelper (remote_dispatch.h:6740)
      ==1837==    by 0x5464C30: virNetServerProgramDispatchCall (virnetserverprogram.c:437)
      ==1837==    by 0x546507A: virNetServerProgramDispatch (virnetserverprogram.c:307)
      ==1837==    by 0x171B83: virNetServerProcessMsg (virnetserver.c:172)
      
      Steps to reproduce the problem:
      1) use virDomainPinVcpuFlags() to pin a guest's vcpu to all the pcpus
      of the host.
      
      This patch uses def->cputune.vcpupin instead of vcpupin_list to do the
      realloc() job, to avoid invalid read or memory leaking.
      Signed-off-by: NZhang Bo <oscar.zhangbo@huawei.com>
      Signed-off-by: Yue Wenyuan <yuewenyuan@huawei.com@huawei.com>
      2d27dcb0
    • E
      conf: forbid seclabel duplicates for domain devices · 357f0072
      Erik Skultety 提交于
      Parser checks for per-domain seclabel duplicates, so it would be nice if
      it checked for per-device seclabel duplicates the same way
      
      Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1165485
      357f0072
    • E
      schema: allow multiple seclabel for devices in domaincommon.rng · 862bbf8a
      Erik Skultety 提交于
      In our RNG schema we do allow multiple (different) seclabels per-domain,
      but don't allow this for devices, yet we neither have a check in our XML parser,
      nor in a post-parse callback. In that case we should allow multiple
      (different) seclabels for devices as well.
      862bbf8a
  2. 10 2月, 2015 14 次提交
  3. 09 2月, 2015 4 次提交
  4. 07 2月, 2015 1 次提交
    • S
      maint: improve usage of autogen's --no-git · 0c77a54e
      Stefan Zimmermann 提交于
      If you build libvirt with the --no-git option, then gnulib requires
      either $GNULIB_SRCDIR in the environment or --gnulib-srcdir on the
      command line.  But we had not been supporting its use from the
      command line.  This patch is a bit picky: --gnulib-srcdir must be
      passed immediately after --no-git; but since we don't reorder
      arguments, and since we already required --no-git to be first to
      have any effect, it's not too horrible.  It also does the wrong
      thing if you include spaces in your arguments, but developers
      doing that deserve what they get, right?
      Signed-off-by: NStefan Zimmermann <stzi@linux.vnet.ibm.com>
      Signed-off-by: NEric Blake <eblake@redhat.com>
      0c77a54e
  5. 06 2月, 2015 6 次提交
  6. 05 2月, 2015 3 次提交
    • J
      nodedev: check/add for scsi_host caps for NumOfCaps and ListCaps · f44ec9c1
      John Ferlan 提交于
      Commit id '652a2ec6' introduced two new node device capability flags
      and the ability to use those flags as a way to search for a specific
      subset of a 'scsi_host' device - namely a 'fc_host' and/or 'vports'.
      The code modified the virNodeDeviceCapMatch whichs allows for searching
      using the 'virsh nodedev-list [cap]' via virConnectListAllNodeDevices.
      
      However, the original patches did not account for other searches for
      the same capability key from virNodeDeviceNumOfCaps and virNodeDeviceListCaps
      using nodeDeviceNumOfCaps and nodeDeviceListCaps. Since 'fc_host' and
      'vports' are self defined bits of a 'scsi_host' device mere string
      comparison against the basic/root type is not sufficient.
      
      This patch adds the check for the 'fc_host' and 'vports' bits within
      a 'scsi_host' device and allows the following python code to find the
      capabilities for the device:
      
      import libvirt
      conn = libvirt.openReadOnly('qemu:///system')
      devs = conn.listAllDevices()
      for dev in devs:
          if 'fc_host' in dev.listCaps() or 'vports' in dev.listCaps():
              print dev.name(),dev.numOfCaps(),dev.listCaps()
      f44ec9c1
    • S
      nodedev: check/add for scsi_host caps for ListDevices · e8fcac8e
      Shivaprasad G Bhat 提交于
      Commit id '652a2ec6' introduced two new node device capability flags
      and the ability to use those flags as a way to search for a specific
      subset of a 'scsi_host' device - namely a 'fc_host' and/or 'vports'.
      The code modified the virNodeDeviceCapMatch whichs allows for searching
      using the 'virsh nodedev-list [cap]' via virConnectListAllNodeDevices.
      
      However, the original patches did not account for other searches for
      the same capability key from virNodeListDevices using virNodeDeviceHasCap.
      Since 'fc_host' and 'vports' are self defined bits of a 'scsi_host'
      device mere string comparison against the basic/root type is not
      sufficient.
      
      This patch adds the check for the 'fc_host' and 'vports' bits within
      a 'scsi_host' device and allows the following python code to find the
      capabilities for the device:
      
      import libvirt
      conn = libvirt.openReadOnly('qemu:///system')
      fc = conn.listDevices('fc_host', 0)
      print(fc)
      fc = conn.listDevices('vports', 0)
      print(fc)
      Signed-off-by: NShivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
      e8fcac8e
    • L
      qemu: Properly report error on uuid mismatch in the migration cookie · 1b2c9ce7
      Luyao Huang 提交于
      Add the missing jump to the error label when the uuid in the
      migration cookie XML does not match the uuid of the migrated
      domain.
      Signed-off-by: NLuyao Huang <lhuang@redhat.com>
      Signed-off-by: NJán Tomko <jtomko@redhat.com>
      1b2c9ce7
  7. 04 2月, 2015 6 次提交