- 06 6月, 2018 16 次提交
-
-
由 Stefan Berger 提交于
Extend the DAC and SELinux modules with support for the tpm-emulator. We label the Unix socket that QEMU connects to after starting swtmp with DAC and SELinux labels. We do not have to restore the labels in this case since the tpm-emulator will remove the Unix socket when it terminates. Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Stefan Berger 提交于
Implement virFileChownFiles() which changes file ownership of all files in a given directory. Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Stefan Berger 提交于
Extend the QEMU capabilities with tpm-emulator support. Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Stefan Berger 提交于
This patch adds support for an external swtpm TPM emulator. The XML for this type of TPM looks as follows: <tpm model='tpm-tis'> <backend type='emulator'/> </tpm> The XML will currently only define a TPM 1.2. Extend the documentation. Add a test case testing the XML parser and formatter. Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 John Ferlan 提交于
Commit id 02b031a4 added a secondary path from which the incoming @secinfo would not be free'd until the private data was freed in qemuDomainStorageSourcePrivateDispose. However, by doing this the original intention to free @*secinfo afterwards is lost and thus the pass by value of the secinfo->s.aes (or secinfo->s.plain for its method) results in not keeping the NULL setting in the various secret.{username|iv|ciphertext} fields upon return to qemuDomainSecretInfoClear and eventually will result in a double free at domain destroy: raise () abort () __libc_message () malloc_printerr () _int_free () virFree qemuDomainSecretAESClear qemuDomainSecretInfoClear qemuDomainSecretInfoFree qemuDomainStorageSourcePrivateDispose virObjectUnref virStorageSourceClear virStorageSourceFree virDomainDiskDefFree virDomainDefFree virDomainObjRemoveTransientDef qemuProcessStop qemuDomainDestroyFlags virDomainDestroy Signed-off-by: NJohn Ferlan <jferlan@redhat.com> ACKed-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Michal Privoznik 提交于
Instead of array of pointers to individual buffers it can be array of buffers directly. This also fixes the following memleak: ==22516== 96 bytes in 4 blocks are definitely lost in loss record 166 of 195 ==22516== at 0x4C2EF26: calloc (vg_replace_malloc.c:711) ==22516== by 0x5D2C7D5: virAlloc (viralloc.c:144) ==22516== by 0x56FAABD: qemuBuildNumaArgStr (qemu_command.c:7543) ==22516== by 0x5701835: qemuBuildCommandLine (qemu_command.c:10112) ==22516== by 0x575D794: qemuProcessCreatePretendCmd (qemu_process.c:6568) ==22516== by 0x113338: testCompareXMLToArgv (qemuxml2argvtest.c:549) ==22516== by 0x138CA3: virTestRun (testutils.c:180) ==22516== by 0x136CD1: mymain (qemuxml2argvtest.c:2825) ==22516== by 0x13AD58: virTestMain (testutils.c:1118) ==22516== by 0x137351: main (qemuxml2argvtest.c:2874) Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
This function exists because of 5276ec71. But it is missing initial check just like virQEMUCapsInitHostCPUModel() has. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Daniel P. Berrangé 提交于
The default NBD TLS certificate path varies based on prefix given to configure, causing tests to fail depending on build options. Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 ramyelkest 提交于
Replace instances where we previously called virGetLastError just to either get the code or to check if an error exists with virGetLastErrorCode to avoid a validity pre-check. Signed-off-by: NRamy Elkest <ramyelkest@gmail.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
由 ramyelkest 提交于
Many places in the code call virGetLastError() just to check the raised error code, or domain. However virGetLastError() can return NULL, so the code has to check for that first. This patch therefore introduces virGetLasError{Code,Domain} functions which always return a valid error code or domain respectively, thus dropping the need to perform any checks on the error object. Signed-off-by: NRamy Elkest <ramyelkest@gmail.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
由 ramyelkest 提交于
Signed-off-by: NRamy Elkest <ramyelkest@gmail.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
由 Daniel P. Berrangé 提交于
With --disable-nls is given we turn off use of gettext in the source code, but mistakenly still installed the gmo files. Reported-by: NOlaf Hering <olaf@aepfle.de> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
When the agent code was first introduced back in commit c160ce33 Author: Daniel P. Berrange <berrange@redhat.com> Date: Wed Oct 5 18:31:54 2011 +0100 QEMU guest agent support there was code that would loop and retry the connection when opening the agent socket. At this time, the only thing done in between the opening of the monitor socket & opening of the agent socket was a call to set the monitor capabilities. This was a no-op on non-QMP versions, so in theory there could be a race which let us connect to the monitor while the agent socket was still not created by QEMU. In the modern world, however, we long ago mandated the use of QMP for managing QEMU, so we're guaranteed to have a set capabilities QMP call. Once we've seen a reply to this, we're guaranteed that QEMU has fully initialized all backends and is in its event loop. We can thus be sure the QEMU agent socket is present and don't need to retry connections to it, even without having the chardev FD passing feature. Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
Since libvirt called bind() and listen() on the UNIX socket, it is guaranteed that connect() will immediately succeed, if QEMU is running normally. It will only fail if QEMU has closed the monitor socket by mistake or if QEMU has exited, letting the kernel close it. With this in mind we can remove the retry loop and timeout when connecting to the QEMU monitor if we are doing FD passing. Libvirt can go straight to sending the QMP greeting and will simply block waiting for a reply until QEMU is ready. Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
There is a race condition when spawning QEMU where libvirt has spawned QEMU but the monitor socket is not yet open. Libvirt has to repeatedly try to connect() to QEMU's monitor until eventually it succeeds, or times out. We use kill() to check if QEMU is still alive so we avoid waiting a long time if QEMU exited, but having a timeout at all is still unpleasant. With QEMU 2.12 we can pass in a pre-opened FD for UNIX domain or TCP sockets. If libvirt has called bind() and listen() on this FD, then we have a guarantee that libvirt can immediately call connect() and succeed without any race. Although we only really care about this for the monitor socket and agent socket, this patch does FD passing for all UNIX socket based character devices since there appears to be no downside to it. We don't do FD passing for TCP sockets, however, because it is only possible to pass a single FD, while some hostnames may require listening on multiple FDs to cover IPv4 and IPv6 concurrently. Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
QEMU >= 2.12 will support passing of pre-opened file descriptors for socket based character devices. Reviewed-by: NJohn Ferlan <jferlan@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
- 05 6月, 2018 24 次提交
-
-
由 Peter Krempa 提交于
The code that detaches the device from persistent definition copies the persistent definition first so that it can easily be rolled back. The actual detaching is then made in the copy which is assigned back on success (if the live operation succeeded as well). This is not the case in qemuDomainDetachDeviceAliasLiveAndConfig where the definition was copied and put back, but the detaching happened from the other object which was overwritten. Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
-
由 Michal Privoznik 提交于
Now that GnuTLS is a requirement, we can drop a lot of conditionally built code. However, not all ifdef-s can go because we still want libvirt_setuid to build without gnutls. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Michal Privoznik 提交于
Since GnuTLS is required there is no way to go with !WITH_GNUTLS branch and just distribute these files. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Michal Privoznik 提交于
Now that GnuTLS is required these symbols are going to be present all the time. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Michal Privoznik 提交于
Since GnuTLS is required there is no way to go with !WITH_GNUTLS branch and just distribute these files. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Michal Privoznik 提交于
We are building with GnuTLS everywhere because GnuTLS is widely available. Also, it is desirable to prefer cryptographically strong PRNG over "/dev/urandom" which is just a fallback. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 John Ferlan 提交于
Modify virStorageBackendLogicalLVCreate to ensure if encryption is requested that only type LUKS is supported; otherwise, error. Signed-off-by: NJohn Ferlan <jferlan@redhat.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
由 Michal Privoznik 提交于
Now that virCryptoGenerateRandom() is plain wrapper over virRandomBytes() we can drop it in favour of the latter. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
If virRandomBytes() fails there is no point calling virRandomBits() because it uses virRandomBytes() internally again. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
Now that we have strong PRNG generator implemented in virRandomBytes() let's use that instead of gnulib's random_r. Problem with the latter is in way we seed it: current UNIX time and libvirtd's PID are not that random as one might think. Imagine two hosts booting at the same time. There's a fair chance that those hosts spawn libvirtds at the same time and with the same PID. This will result in both daemons generating the same sequence of say MAC addresses [1]. 1: https://www.redhat.com/archives/libvirt-users/2018-May/msg00097.htmlSigned-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
While /dev/urandom is not terrible source of random data gnutls_rnd is better. Prefer that one. Also, since nearly every platform we build on already has gnutls (if not all of them) this is going to be used by default. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
Instead of having each caller report error move it into the function. This way we can produce more accurate error messages too. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
To unify our vir*Random() functions we need to make virCryptoGenerateRandom NOT allocate return buffer. It should just fill given buffer with random data. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
When generating random stream using gnults fails an error is reported. However, the error is not helpful as it contains only an integer error code (a negative number). Use gnutls_strerror() to turn the error code into a string explaining what went wrong. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
This function allocates a buffer, fills it in with random bytes and then returns it. However, the buffer is held in @buf variable, therefore having @ret variable which does not hold return value of the function is misleading. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NEric Blake <eblake@redhat.com>
-
由 Michal Privoznik 提交于
In libvirt when a function wants to return an error code it should be a negative value. Returning a positive value (or zero) means success. But virRandomBytes() does not follow this rule. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NEric Blake <eblake@redhat.com>
-
由 Andrea Bolognani 提交于
As documented in [1], ccache needs to be installed and configured explicitly on macOS. [1] https://docs.travis-ci.com/user/caching/#ccache-cacheSigned-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Andrea Bolognani 提交于
Now that we have separate sections for each build configuration, there's no reason to set PATH in the global environment. Signed-off-by: NAndrea Bolognani <abologna@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Jiri Denemark 提交于
The files are not scripts and should not be executable. Broken by v4.0.0-294-g5f998681. Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Jiri Denemark 提交于
Libvirt relies on being able to kill the destination domain and resume the source one during migration until we called "cont" on the destination. Unfortunately, QEMU automatically activates block devices at the end of migration even when it's called with -S. This wasn't a big issue in the past since the guest is not running and thus no data are written to the block devices. However, when QEMU introduced its internal block device locks, we can no longer resume the source domain once the destination domain already activated the block devices (and thus acquired all locks) unless the destination domain is killed first. Since it's impossible to synchronize the destination and the source libvirt daemons after a failed migration, QEMU introduced a new migration capability called "late-block-activate" which ensures QEMU won't activate block devices until it gets "cont". The only thing we need to do is to enable this capability whenever QEMU supports it. https://bugzilla.redhat.com/show_bug.cgi?id=1568407 QEMU commit implementing the capability: v2.12.0-952-g0f073f44df Signed-off-by: NJiri Denemark <jdenemar@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Michal Privoznik 提交于
When parsing domain XML the virCapsDomainData lookup is performed in order to fill in missing def->os.arch and def->os.machine strings. Well, when doing copy of already existing virDomainDef we don't want any automagic fill in of defaults (and those two strings are going to be provided at this point anyway by first parse of the domain XML). What is even worse is that we do not look up capabilities for parsed emulator path rather some generic capabilities for parsed arch. Therefore, if emulator points to qemu under non-default path (say $HOME/qemu-system-arm) but there's no such qemu under the default path (say /usr/bin/qemu-system-arm) the capabilities lookup fails and creating the copy is denied. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Radostin Stoyanov 提交于
The variable forkRet is not used after commit 25f87817Signed-off-by: NRadostin Stoyanov <rstoyanov1@gmail.com> Reviewed-by: NJán Tomko <jtomko@redhat.com> Signed-off-by: NJán Tomko <jtomko@redhat.com>
-
由 Filip Alac 提交于
Signed-off-by: NFilip Alac <filipalac@gmail.com>
-