- 17 3月, 2015 3 次提交
-
-
由 Jim Fehlig 提交于
Commit 4ab8cd77 added a check requiring input devices to have a bus type of VIR_DOMAIN_INPUT_BUS_USB, failing to start the domain otherwise. But virDomainDefParseXML adds implicit mouse and keyboard if a graphics device is configured. See calls to virDomainDefMaybeAddInput. The regression is fixed by removing the check requiring USB input devices, and skipping non-USB input devices when populating USB 'usbdevice' in libxl_domain_build_info struct.
-
由 Peter Krempa 提交于
Patch 51f9f03a introduces a regression where if a blockCommit operation fails the disk is still marked as being part of a block job but can't be unmarked later.
-
由 Eric Blake 提交于
Commit 4f25146b (v1.2.8) managed to silence Coverity, but at the cost of a memory leak detected by valgrind: ==24129== 40 bytes in 5 blocks are definitely lost in loss record 355 of 637 ==24129== at 0x4A08B1C: realloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==24129== by 0x5084B8E: virReallocN (viralloc.c:245) ==24129== by 0x514D5AA: virDomainObjListExport (domain_conf.c:22200) ==24129== by 0x201227DB: qemuConnectListAllDomains (qemu_driver.c:18042) ==24129== by 0x51CC1B6: virConnectListAllDomains (libvirt-domain.c:6797) ==24129== by 0x14173D: remoteDispatchConnectListAllDomains (remote.c:1580) ==24129== by 0x121BE1: remoteDispatchConnectListAllDomainsHelper (remote_dispatch.h:1072) In short, every time a client calls a ListAll variant and asks for the resulting list, but there are 0 elements to return, we end up leaking the 1-entry array that holds the NULL terminator. What's worse, a read-only client can access these functions in a tight loop to cause libvirtd to eventually run out of memory; and this can be considered a denial of service attack against more privileged clients. Thankfully, the leak is so small (8 bytes per call) that you would already have some other denial of service with any guest calling the API that frequently, so an out-of-memory crash is unlikely enough that this did not warrant a CVE. * daemon/remote.c (remoteDispatchConnectListAllDomains) (remoteDispatchDomainListAllSnapshots) (remoteDispatchDomainSnapshotListAllChildren) (remoteDispatchConnectListAllStoragePools) (remoteDispatchStoragePoolListAllVolumes) (remoteDispatchConnectListAllNetworks) (remoteDispatchConnectListAllInterfaces) (remoteDispatchConnectListAllNodeDevices) (remoteDispatchConnectListAllNWFilters) (remoteDispatchConnectListAllSecrets) (remoteDispatchNetworkGetDHCPLeases): Plug leak. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 16 3月, 2015 21 次提交
-
-
由 John Ferlan 提交于
This one is no longer necessary since the Vcpu and IOThreads API's share
-
由 John Ferlan 提交于
Since both Vcpu and IOThreads code use the same API's, alter the naming of the API's to remove the "Vcpu" specific reference
-
由 John Ferlan 提交于
This one is no longer necessary since the Vcpu and IOThreads API's share
-
由 John Ferlan 提交于
Since both Vcpu and IOThreads code use the same API's, alter the naming of the API's to remove the "Vcpu" specific reference
-
由 John Ferlan 提交于
Since both Vcpu and IOThreads code use the same API's, alter the naming of the API's to remove the "Vcpu" specific reference
-
由 John Ferlan 提交于
Since both Vcpu and IOThreads code use the same API's, alter the naming of the API's to remove the "Vcpu" specific reference
-
由 John Ferlan 提交于
Since both Vcpu and IOThreads code use the same API's, alter the naming of the API's to remove the "Vcpu" specific reference
-
由 John Ferlan 提交于
Since both Vcpu and IOThreads code use the same API's, alter the naming of the API's to remove the "Vcpu" specific reference
-
由 John Ferlan 提交于
Since both Vcpu and IOThreads code use the same API's, alter the naming of the API's to remove the "Vcpu" specific reference
-
由 John Ferlan 提交于
Since we're not specifically a vcpu related structure anymore...
-
由 John Ferlan 提交于
As pointed out by jtomko in his review of the IOThreads pinning code: http://www.redhat.com/archives/libvir-list/2015-March/msg00495.html there are some comments sprinkled in indicating IOThreads were using the same structure as the VcpuPin code... This is the first patch of a few that will change the virDomainVcpuPin* structures and code to just virDomainPin* - starting with the data structure naming...
-
由 John Ferlan 提交于
During his review of the iothreads pin setting code, Pavel noted that there was a potential memory leak with respect to how the newVcpuPin is handled and the goto endjob's in failure paths which would not free the memory. For reference, See: http://www.redhat.com/archives/libvir-list/2015-March/msg00415.html
-
由 Peter Krempa 提交于
Now that the size of guest's memory can be inferred from the NUMA configuration (if present) make it optional to specify <memory> explicitly. To make sure that memory is specified add a check that some form of memory size was specified. One side effect of this change is that it is no longer possible to specify 0KiB as memory size for the VM, but I don't think it would be any useful to do so. (I can imagine embedded systems without memory, just registers, but that's far from what libvirt is usually doing). Forbidding 0 memory for guests also fixes a few corner cases where 0 was not interpreted correctly and caused failures. (Arguments for numad when using automatic placement, size of the balloon). This fixes problems described in https://bugzilla.redhat.com/show_bug.cgi?id=1161461 Test case changes are added to verify that the schema change and code behave correctly.
-
由 Peter Krempa 提交于
Use the NUMA total instead of the configured size both in XML and for uses in the code once NUMA is enabled for a domain. One test case change is necessary as the rounding of the individual cell sizes was not matching the rounding of the total size.
-
由 Peter Krempa 提交于
The memory sizes in qemu are aligned up to 1 MiB boundaries. There are two places where this was done once for the total size and then for individual NUMA cell sizes. Add a function that will align the sizes in one place so that it's clear where the sizes are aligned.
-
由 Peter Krempa 提交于
As there are two possible approaches to define a domain's memory size - one used with legacy, non-NUMA VMs configured in the <memory> element and per-node based approach on NUMA machines - the user needs to make sure that both are specified correctly in the NUMA case. To avoid this burden on the user I'd like to replace the NUMA case with automatic totaling of the memory size. To achieve this I need to replace direct access to the virDomainMemtune's 'max_balloon' field with two separate getters depending on the desired size. The two sizes are needed as: 1) Startup memory size doesn't include memory modules in some hypervisors. 2) After startup these count as the usable memory size. Note that the comments for the functions are future aware and document state that will be present after a few later patches.
-
由 Peter Krempa 提交于
While qemu may be prepared to do this libvirt is not. Forbid the block ops until we fix our code.
-
由 Peter Krempa 提交于
Surprisingly we did not grab a VM job when a block job finished and we'd happily rewrite the backing chain data. This made it possible to crash libvirt when queueing two backing chains tightly and other badness. To fix it, add yet another handler to the helper thread that handles monitor events that require a job.
-
由 Peter Krempa 提交于
-
由 Erik Skultety 提交于
We interpret port values as signed int (convert them from char *), so if a negative value is provided in network disk's configuration, we accept it as valid, however there's an 'unknown cause' error raised later. This error is only accidental because we return the port value in the return code. This patch adds just a minor tweak to the already existing check so we reject negative values the same way as we reject non-numerical strings. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1163553
-
由 Erik Skultety 提交于
-
- 15 3月, 2015 3 次提交
-
-
由 Eric Blake 提交于
Valgrind detected a leak: ==17820== 102 (56 direct, 46 indirect) bytes in 1 blocks are definitely lost in loss record 479 of 646 ==17820== at 0x4A08946: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==17820== by 0x508521A: virAllocVar (viralloc.c:560) ==17820== by 0x50D9FCA: virObjectNew (virobject.c:193) ==17820== by 0x50A4FD9: dnsmasqCapsNewEmpty (virdnsmasq.c:784) ==17820== by 0x50A514E: dnsmasqCapsNewFromBinary (virdnsmasq.c:830) ==17820== by 0x1B508287: networkStateInitialize (bridge_driver.c:666) It looks like commit 172acef4 introduced the problem, because networkGetDnsmasqCaps() increments the reference count but an early exit never does a matching decrement. * src/network/bridge_driver.c (networkStateCleanup): Plug leak. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Valgrind complained: ==3770== Syscall param ioctl(SIOCETHTOOL) points to uninitialised byte(s) ==3770== at 0x919D407: ioctl (syscall-template.S:81) ==3770== by 0x530FE7E: rpl_ioctl (ioctl.c:42) ==3770== by 0x50CB433: virNetDevFeatureAvailable (virnetdev.c:2764) ==3770== by 0x50CB6A7: virNetDevGetFeatures (virnetdev.c:2830) ==3770== by 0x1F0E5347: udevProcessNetworkInterface (node_device_udev.c:722) ==3770== by 0x1F0E689F: udevGetDeviceDetails (node_device_udev.c:1300) ==3770== by 0x1F0E6E06: udevAddOneDevice (node_device_udev.c:1422) ==3770== by 0x1F0E6FB8: udevProcessDeviceListEntry (node_device_udev.c:1464) ==3770== by 0x1F0E70CF: udevEnumerateDevices (node_device_udev.c:1494) ==3770== by 0x1F0E7BB4: nodeStateInitialize (node_device_udev.c:1806) ==3770== by 0x51B4303: virStateInitialize (libvirt.c:777) ==3770== by 0x11DEE7: daemonRunStateInit (libvirtd.c:906) ==3770== Address 0x228e38d4 is on thread 12's stack ==3770== in frame #2, created by virNetDevFeatureAvailable (virnetdev.c:2750) * src/util/virnetdev.c (virNetDevFeatureAvailable): Initialize all bytes of ifr. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Commit f182da20 (v1.2.6) caused a slight regression in virsh reporting of a non-active block job; where it used to state "Commit complete", it now states "Now in synchronized phase". But the synchronized phase is only possible for an active commit. For a reproducer, I created a chain 'a <- b <- c <- d <- e' and ran virsh blockcommit $dom vda --top c --base a --verbose --wait * tools/virsh-domain.c (cmdBlockCommit): Synchronized phase is only possible on active commits. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 14 3月, 2015 6 次提交
-
-
由 zhang bo 提交于
Introduced by f6a2f97e Problem Description: After multiple times of migrating a domain, which has an ovs interface with no portData set, with non-shared disk, nbd ports got overflowed. The steps to reproduce the problem: 1 define and start a domain with its network configured as: <interface type='bridge'> <source bridge='br0'/> <virtualport type='openvswitch'> </virtualport> <model type='virtio'/> <driver name='vhost' queues='4'/> </interface> 2 do not set the network's portData. 3 migrate(ToURI2) it with flag 91(1011011), which means: VIR_MIGRATE_LIVE VIR_MIGRATE_PEER2PEER VIR_MIGRATE_PERSIST_DEST VIR_MIGRATE_UNDEFINE_SOURCE VIR_MIGRATE_NON_SHARED_DISK 4 migrate success, but we got an error log in libvirtd.log: error : virCommandWait:2423 : internal error: Child process (ovs-vsctl --timeout=5 get Interface vnet1 external_ids:PortData) unexpected exit status 1: ovs-vsctl: no key "PortData" in Interface record "vnet1" column external_ids 5 migrate it back, migrate it , migrate it back, ....... 6 nbd port got overflowed. The reasons for the problem is : 1 virNetDevOpenvswitchGetMigrateData() takes it as wrong if no portData is available for the ovs interface of a domain. (We think it's not appropriate, as portData is just OPTIONAL) 2 in func qemuMigrationBakeCookie(), it fails in qemuMigrationCookieAddNetwork(), and returns with -1. qemuMigrationCookieAddNBD() is not called thereafter, and mig->nbd is still NULL. 3 However, qemuMigrationRun() just *WARN* if qemuMigrationBakeCookie() fails, migration still successes. cookie is NULL, it's not baked on the src side. 4 On the destination side, it would alloc a port first and then free the nbd port in COOKIE. But the cookie is NULL due to qemuMigrationCookieAddNetwork() failure at src side. thus the nbd port is not freed. In this patch, we add "--if-exists" option to make ovs-vsctl not raise error if there's no portData available. Further more, because portData may be NULL in the cookie at the dest side, check it before setting portData. Signed-off-by: NZhou Yimin <zhouyimin@huawei.com> Signed-off-by: NZhang Bo <oscar.zhangbo@huawei.com>
-
It will not be possible to detach such device later. Also improve logging in such cases. Signed-off-by: NMarek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
-
virDomainNetFindIdx no longer returns info whether device was not found, or there was multiple matches. Additionally it already handle error reporting. Introduce virDomainHasNet which does a simple task, without implicit error reporting. Signed-off-by: NMarek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
-
Signed-off-by: NMarek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
-
In Xen>=4.3, libxl supports new syntax for USB devices: usbdevice=[ "DEVICE", "DEVICE", ... ] Add support for that in xenconfig driver. When only one device is defined, keep using old syntax for backward compatibility. Adjust tests for changed options order. Signed-off-by: NMarek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
-
由 Marek Marczykowski 提交于
Signed-off-by: NMarek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
-
- 13 3月, 2015 7 次提交
-
-
由 Michal Privoznik 提交于
Now that the network driver lock is ash heap of history, we can use more of networkObjFromNetwork(). Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
While in previous commits there were some places that relied on the big lock, in this file there's no such place and the big driver lock can be dropped completely. Yay! Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
Well, if 'everywhere' is defined as that part of the driver code that serves virNetwork* APIs. Again, we lower layers already have their locks, so there's no point doing big lock. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
Now that we have fine grained locks, there's no need to lock the whole driver. We can rely on self-locking APIs. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
In order to drop network driver lock, lets annotate which structure items are immutable, which have self-locking APIs and so on. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
This is not an immutable pointer and can change during lifetime. Therefore, in order to drop network driver lock, we must use an internal accessor which does not lock the network driver yet, but it will soon. Now it merely returns an referenced object. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
Well, network driver code has the driver accessible as a global variable. This makes any rework hard, as it's unclear where the variable is accessed and/or modified. Lets just pass the driver as a parameter to all functions where needed. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-