1. 25 3月, 2015 1 次提交
  2. 18 3月, 2015 1 次提交
  3. 17 3月, 2015 2 次提交
    • N
      domifaddr: Implement the remote protocol · 71546d17
      Nehal J Wani 提交于
      daemon/remote.c
         * Define remoteSerializeDomainInterface, remoteDispatchDomainInterfaceAddresses
      
      src/remote/remote_driver.c
         * Define remoteDomainInterfaceAddresses
      
      src/remote/remote_protocol.x
         * New RPC procedure: REMOTE_PROC_DOMAIN_INTERFACE_ADDRESSES
         * Define structs remote_domain_ip_addr, remote_domain_interface,
           remote_domain_interfaces_addresse_args, remote_domain_interface_addresses_ret
         * Introduce upper bounds (to handle DoS attacks):
           REMOTE_DOMAIN_INTERFACE_MAX = 2048
           REMOTE_DOMAIN_IP_ADDR_MAX = 2048
           Restrictions on the maximum number of aliases per interface were
           removed after kernel v2.0, and theoretically, at present, there
           are no upper limits on number of interfaces per virtual machine
           and on the number of IP addresses per interface.
      
      src/remote_protocol-structs
         * New structs added
      Signed-off-by: NNehal J Wani <nehaljw.kkd1@gmail.com>
      71546d17
    • E
      daemon: avoid memleak when ListAll returns nothing · 3c2ff502
      Eric Blake 提交于
      Commit 4f25146b (v1.2.8) managed to silence Coverity, but at the
      cost of a memory leak detected by valgrind:
      ==24129== 40 bytes in 5 blocks are definitely lost in loss record 355 of 637
      ==24129==    at 0x4A08B1C: realloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
      ==24129==    by 0x5084B8E: virReallocN (viralloc.c:245)
      ==24129==    by 0x514D5AA: virDomainObjListExport (domain_conf.c:22200)
      ==24129==    by 0x201227DB: qemuConnectListAllDomains (qemu_driver.c:18042)
      ==24129==    by 0x51CC1B6: virConnectListAllDomains (libvirt-domain.c:6797)
      ==24129==    by 0x14173D: remoteDispatchConnectListAllDomains (remote.c:1580)
      ==24129==    by 0x121BE1: remoteDispatchConnectListAllDomainsHelper (remote_dispatch.h:1072)
      
      In short, every time a client calls a ListAll variant and asks
      for the resulting list, but there are 0 elements to return, we
      end up leaking the 1-entry array that holds the NULL terminator.
      
      What's worse, a read-only client can access these functions in a
      tight loop to cause libvirtd to eventually run out of memory; and
      this can be considered a denial of service attack against more
      privileged clients.  Thankfully, the leak is so small (8 bytes per
      call) that you would already have some other denial of service with
      any guest calling the API that frequently, so an out-of-memory
      crash is unlikely enough that this did not warrant a CVE.
      
      * daemon/remote.c (remoteDispatchConnectListAllDomains)
      (remoteDispatchDomainListAllSnapshots)
      (remoteDispatchDomainSnapshotListAllChildren)
      (remoteDispatchConnectListAllStoragePools)
      (remoteDispatchStoragePoolListAllVolumes)
      (remoteDispatchConnectListAllNetworks)
      (remoteDispatchConnectListAllInterfaces)
      (remoteDispatchConnectListAllNodeDevices)
      (remoteDispatchConnectListAllNWFilters)
      (remoteDispatchConnectListAllSecrets)
      (remoteDispatchNetworkGetDHCPLeases): Plug leak.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      3c2ff502
  4. 06 3月, 2015 1 次提交
  5. 03 12月, 2014 10 次提交
    • J
      Replace virDomainSnapshotFree with virObjectUnref · c8230c4d
      John Ferlan 提交于
      Since virDomainSnapshotFree will call virObjectUnref anyway, let's just use
      that directly so as to avoid the possibility that we inadvertently clear out
      a pending error message when using the public API.
      c8230c4d
    • J
      Replace virInterfaceFree with virObjectUnref · c56a591a
      John Ferlan 提交于
      Since virInterfaceFree will call virObjectUnref anyway, let's just use that
      directly so as to avoid the possibility that we inadvertently clear out
      a pending error message when using the public API.
      c56a591a
    • J
      Replace virNWFilterFree with virObjectUnref · 7b4938f5
      John Ferlan 提交于
      Since virNWFilterFree will call virObjectUnref anyway, let's just use that
      directly so as to avoid the possibility that we inadvertently clear out
      a pending error message when using the public API.
      7b4938f5
    • J
      Replace virSecretFree with virObjectUnref · a0b13d35
      John Ferlan 提交于
      Since virSecretFree will call virObjectUnref anyway, let's just use that
      directly so as to avoid the possibility that we inadvertently clear out
      a pending error message when using the public API.
      a0b13d35
    • J
      Replace virStreamFree with virObjectUnref · 1725a468
      John Ferlan 提交于
      Since virStreamFree will call virObjectUnref anyway, let's just use that
      directly so as to avoid the possibility that we inadvertently clear out
      a pending error message when using the public API.
      1725a468
    • J
      Replace virStoragePoolFree with virObjectUnref · adbbff5f
      John Ferlan 提交于
      Since virStoragePoolFree will call virObjectUnref anyway, let's just use that
      directly so as to avoid the possibility that we inadvertently clear out
      a pending error message when using the public API.
      adbbff5f
    • J
      Replace virStorageVolFree with virObjectUnref · d1219054
      John Ferlan 提交于
      Since virStorageVolFree will call virObjectUnref anyway, let's just use that
      directly so as to avoid the possibility that we inadvertently clear out
      a pending error message when using the public API.
      d1219054
    • J
      Replace virNodeDeviceFree with virObjectUnref · e3b456de
      John Ferlan 提交于
      Since virNodeDeviceFree will call virObjectUnref anyway, let's just use that
      directly so as to avoid the possibility that we inadvertently clear out
      a pending error message when using the public API.
      e3b456de
    • J
      Replace virNetworkFree with virObjectUnref · 121c09a9
      John Ferlan 提交于
      Since virNetworkFree will call virObjectUnref anyway, let's just use that
      directly so as to avoid the possibility that we inadvertently clear out
      a pending error message when using the public API.
      121c09a9
    • J
      Replace virDomainFree with virObjectUnref · 8fb3aee2
      John Ferlan 提交于
      Since virDomainFree will call virObjectUnref anyway, let's just use that
      directly so as to avoid the possibility that we inadvertently clear out
      a pending error message when using the public API.
      8fb3aee2
  6. 24 11月, 2014 2 次提交
  7. 15 11月, 2014 1 次提交
  8. 25 9月, 2014 2 次提交
    • P
      tunable_event: extend debug message and tweak limit for remote message · ceb7c90e
      Pavel Hrdina 提交于
      It would be nice to also print a params pointer and number of params in
      the debug message and the previous limit for number of params in the rpc
      message was too large. The 2048 params will be enough for future events.
      Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
      ceb7c90e
    • M
      Introduce virNodeAllocPages · fa5c5580
      Michal Privoznik 提交于
      A long time ago in a galaxy far, far away it has been decided
      that libvirt will manage not only domains but host as well. And
      with my latest work on qemu driver supporting huge pages, we miss
      the cherry on top: an API to allocate huge pages on the run.
      Currently users are forced to log into the host and adjust the
      huge pages pool themselves.  However, with this API the problem
      is gone - they can both size up and size down the pool.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      fa5c5580
  9. 24 9月, 2014 2 次提交
  10. 18 9月, 2014 1 次提交
  11. 04 9月, 2014 1 次提交
  12. 28 8月, 2014 2 次提交
  13. 27 8月, 2014 2 次提交
    • E
      API: Tweak virDomainOpenGraphics to return fd directly · b259e459
      Eric Blake 提交于
      Let's fix this before we bake in a painful API.  Since we know
      that we have exactly one non-negative fd on success, we might
      as well return the fd directly instead of forcing the user to
      pass in a pointer.  Furthermore, I found some memory and fd
      leaks while reviewing the code - the idea is that on success,
      libvirtd will have handed two fds in two different directions:
      one to qemu, and one to the RPC client.
      
      * include/libvirt/libvirt.h.in (virDomainOpenGraphicsFD): Drop
      unneeded parameter.
      * src/driver.h (virDrvDomainOpenGraphicsFD): Likewise.
      * src/libvirt.c (virDomainOpenGraphicsFD): Adjust interface to
      return fd directly.
      * daemon/remote.c (remoteDispatchDomainOpenGraphicsFd): Adjust
      semantics.
      * src/qemu/qemu_driver.c (qemuDomainOpenGraphicsFD): Likewise,
      and plug fd leak.
      * src/remote/remote_driver.c (remoteDomainOpenGraphicsFD):
      Likewise, and plug memory and fd leak.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      b259e459
    • J
      Add RPC implementation for virDomainOpenGraphicsFd · 408aae38
      Ján Tomko 提交于
      408aae38
  14. 27 6月, 2014 1 次提交
  15. 24 6月, 2014 3 次提交
    • J
      Rework remoteSerializeDHCPLease · 364586d3
      Ján Tomko 提交于
      Don't leak the temporary variables on success if NULL is returned
      for that field.
      
      Don't dereference NULL on failure to allocate some of the temporaries.
      
      Introduced by commit 990c3b65
      364586d3
    • D
      Change 'interface' to 'iface' in virNetworkDHCPLease · 6512c8b4
      Daniel P. Berrange 提交于
      Variables/fields named 'interface' clash with system
      header symbols on some platforms.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      6512c8b4
    • N
      net-dhcp-leases: Implement the remote protocol · 990c3b65
      Nehal J Wani 提交于
      Implement RPC calls for virNetworkGetDHCPLeases, virNetworkGetDHCPLeasesForMAC
      
      daemon/remote.c
         * Define remoteSerializeNetworkDHCPLeases,
                  remoteDispatchNetworkGetDHCPLeases
         * Define remoteDispatchNetworkGetDHCPLeasesForMAC
         * Define helper function remoteSerializeDHCPLease
      
      src/remote/remote_driver.c
         * Define remoteNetworkGetDHCPLeases
         * Define remoteNetworkGetDHCPLeasesForMAC
         * Define helper function remoteSerializeDHCPLease
      
      src/remote/remote_protocol.x
         * New RPC procedure: REMOTE_PROC_NETWORK_GET_DHCP_LEASES
         * Define structs remote_network_dhcp_leases, remote_network_get_dhcp_leases_args,
                          remote_network_get_dhcp_leases_ret
         * New RPC procedure: REMOTE_PROC_NETWORK_GET_DHCP_LEASES_FOR_MAC
         * Define structs remote_network_dhcp_leases_for_mac, remote_network_get_dhcp_leases_for_mac_args,
                          remote_network_get_dhcp_leases_for_mac_ret
      
      src/remote_protocol-structs
         * New structs added
      
      src/rpc/gendispatch.pl
         * Add exception (s/Dhcp/DHCP) for auto-generating names of the remote functions
           in daemon/remote_dispatch.h
      990c3b65
  16. 19 6月, 2014 2 次提交
    • M
      Introduce virNodeGetFreePages · 34f2d031
      Michal Privoznik 提交于
      The aim of the API is to get information on number of free pages
      on the system. The API behaves similar to the
      virNodeGetCellsFreeMemory(). User passes starting NUMA cell, the
      count of nodes that he's interested in, pages sizes (yes,
      multiple sizes can be queried at once) and the counts are
      returned in an array.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      34f2d031
    • E
      blockjob: use stable disk string in job event · 1bfe73a1
      Eric Blake 提交于
      When the block job event was first added, it was for block pull,
      where the active layer of the disk remains the same name.  It was
      also in a day where we only cared about local files, and so we
      always had a canonical absolute file name.  But two things have
      changed since then: we now have network disks, where determining
      a single absolute string does not really make sense; and we have
      two-phase jobs (copy and active commit) where the name of the
      active layer changes between the first event (ready, on the old
      name) and second (complete, on the pivoted name).
      
      Adam Litke reported that having an unstable string between events
      makes life harder for clients.  Furthermore, all of our API that
      operate on a particular disk of a domain accept multiple strings:
      not only the absolute name of the active layer, but also the
      destination device name (such as 'vda').  As this latter name is
      stable, even for network sources, it serves as a better string
      to supply in block job events.
      
      But backwards-compatibility demands that we should not change the
      name handed to users unless they explicitly request it.  Therefore,
      this patch adds a new event, BLOCK_JOB_2 (alas, I couldn't think of
      any nicer name - but at least Migrate2 and Migrate3 are precedent
      for a number suffix).  We must double up on emitting both old-style
      and new-style events according to what clients have registered for
      (see also how IOError and IOErrorReason emits double events, but
      there the difference was a larger struct rather than changed
      meaning of one of the struct members).
      
      Unfortunately, adding a new event isn't something that can easily
      be broken into pieces, so the commit is rather large.
      
      * include/libvirt/libvirt.h.in (virDomainEventID): Add a new id
      for VIR_DOMAIN_EVENT_ID_BLOCK_JOB_2.
      (virConnectDomainEventBlockJobCallback): Document new semantics.
      * src/conf/domain_event.c (_virDomainEventBlockJob): Rename field,
      to ensure we catch all clients.
      (virDomainEventBlockJobNew): Add parameter.
      (virDomainEventBlockJobDispose)
      (virDomainEventBlockJobNewFromObj)
      (virDomainEventBlockJobNewFromDom)
      (virDomainEventDispatchDefaultFunc): Adjust clients.
      (virDomainEventBlockJob2NewFromObj)
      (virDomainEventBlockJob2NewFromDom): New functions.
      * src/conf/domain_event.h: Add new prototypes.
      * src/libvirt_private.syms (domain_event.h): Export new functions.
      * src/qemu/qemu_driver.c (qemuDomainBlockJobImpl): Generate two
      different events.
      * src/qemu/qemu_process.c (qemuProcessHandleBlockJob): Likewise.
      * src/remote/remote_protocol.x
      (remote_domain_event_block_job_2_msg): New struct.
      (REMOTE_PROC_DOMAIN_EVENT_BLOCK_JOB_2): New RPC.
      * src/remote/remote_driver.c
      (remoteDomainBuildEventBlockJob2): New handler.
      (remoteEvents): Register new event.
      * daemon/remote.c (remoteRelayDomainEventBlockJob2): New handler.
      (domainEventCallbacks): Register new event.
      * tools/virsh-domain.c (vshEventCallbacks): Likewise.
      (vshEventBlockJobPrint): Adjust client.
      * src/remote_protocol-structs: Regenerate.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      1bfe73a1
  17. 15 5月, 2014 1 次提交
    • M
      Introduce virDomain{Get,Set}Time APIs · 0abb3693
      Michal Privoznik 提交于
      These APIs allow users to get or set time in a domain, which may come
      handy if the domain has been resumed just recently and NTP is not
      configured or hasn't kicked in yet and the guest is running
      something time critical. In addition, NTP may refuse to re-set the clock
      if the skew is too big.
      
      In addition, new ACL attribute is introduced 'set_time'.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      0abb3693
  18. 25 3月, 2014 1 次提交
  19. 21 3月, 2014 1 次提交
    • E
      qemu: wire up RPC for qemu monitor events · e7708a1c
      Eric Blake 提交于
      These are the first async events in the qemu protocol, so this
      patch looks rather big compared to most RPC additions.  However,
      a large majority of this patch is just mechanical copy-and-paste
      from recently-added network events.  It didn't help that this
      is also the first virConnect rather than virDomain prefix
      associated with a qemu-specific API.
      
      * src/remote/qemu_protocol.x (qemu_*_domain_monitor_event_*): New
      structs and RPC messages.
      * src/rpc/gendispatch.pl: Adjust naming conventions.
      * daemon/libvirtd.h (daemonClientPrivate): Track qemu events.
      * daemon/remote.c (remoteClientFreeFunc): Likewise.
      (remoteRelayDomainQemuMonitorEvent)
      (qemuDispatchConnectDomainMonitorEventRegister)
      (qemuDispatchConnectDomainMonitorEventDeregister): New functions.
      * src/remote/remote_driver.c (qemuEvents): Handle qemu events.
      (doRemoteOpen): Register for events.
      (remoteNetworkBuildEventLifecycle)
      (remoteConnectDomainQemuMonitorEventRegister)
      (remoteConnectDomainQemuMonitorEventDeregister): New functions.
      * src/qemu_protocol-structs: Regenerate.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      e7708a1c
  20. 18 3月, 2014 3 次提交