With a nice side-effect of fixing alignment.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Refactor the command code to use the new type.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

I opted to alias the 'virDomainType' to 'virshDomain' so that it's
obvious in all cases that this is a virsh-only construct. This is also
somewhat consistent with virsh's use of 'virshDomainFree' wrapper for
the freeing function which actually accepts NULL.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Neither virThreadInitialize or virThreadOnExit do anything since we
dropped the Win32 threads impl, in favour of win-pthreads with:

  commit 0240d94c
  Author: Daniel P. Berrange <berrange@redhat.com>
  Date:   Wed Jan 22 16:17:10 2014 +0000

      Remove windows thread implementation in favour of pthreads
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

This reverts commit 0cebb642.

This capability is not used anywhere and also it is not contained
in any release so it's safe to just remove it.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

The fact that qemu is capable -netdev socket is not enough to
start a migratable domain. It also needs dbus-vmstate capability.
Since there are already some qemu releases which have
net-socket-dgram capability and don't have dbus-vmstate we need
to check for dbus-vmstate.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

This reverts commit 929e0bd2.

I've mistakenly pushed wrong branch.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

This reverts commit 385543a5.

I've mistakenly pushed wrong branch.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

The qemu side is not merged in yet, so there is a chance that the
interface will change. Don't detect the capability just yet then.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Replace 'sc_prohibit_semicolon_at_eol_in_python' with generic 'sc_flake8' rule
to check python code style.

Now 'sc_flake8' just check the error E703: 'statement ends with a semicolon'.
In future, we could use '--select' to introduce more rules.
Signed-off-by: NShi Lei <shi_lei@massclouds.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NJán Tomko <jtomko@redhat.com>

Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NCole Robinson <crobinso@redhat.com>

Do not overwrite the 'ret' value more than once.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NCole Robinson <crobinso@redhat.com>

Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NCole Robinson <crobinso@redhat.com>

Copy the declaration into the smallest blocks it's used in
and mark it as VIR_AUTOFREE.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NCole Robinson <crobinso@redhat.com>

Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NCole Robinson <crobinso@redhat.com>

Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NCole Robinson <crobinso@redhat.com>

As of commit 2d80fbb1 this variable
is unused.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NCole Robinson <crobinso@redhat.com>

Missing piece for [1]

[1]: 577a1f98: qemu: Pass correct qemuCaps to virDomainDefParseNode
Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>

Missing piece for [1].

[1] b449c270: qemu: Pass correct qemuCaps to virDomainDeviceDefPostParse
Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>

After [1] we got failure on attempt to copy empty string.
Before the patch empty string was copied successfuly.
Restore the original behaviour.

[1] 7d70a63b util: Improve virStrncpy() implementation
Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
Reviewed-by: NMartin Kletzander <mkletzan@redhat.com>

Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
Signed-off-by: NMichael Chapman <mike@very.puzzling.org>

The ports in the socket address structures returned by getaddrinfo() are
in network byte order. Convert to host byte order before returning them.
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
Signed-off-by: NMichael Chapman <mike@very.puzzling.org>

When opening a connection to a second driver inside the daemon, we must
ensure the identity of the current user is passed across. This allows
the second daemon to perform access control checks against the real end
users, instead of against the libvirt daemon that's proxying across the
API calls.
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Add ability to import/export all the parameters associated with an
identity, so that they can be exposed via the public API.
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

We'll shortly be exposing the identity as virTypedParameter in the
public header, so it simplifies life to use that as the internal
representation too.
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The virIdentity getters are unusual in that they return -1 to indicate
"not found" and don't report any error. Change them to return -1 for
real errors, 0 for not found, and 1 for success.
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

It is simpler to remove this unused method than to rewrite it using
typed parameters in the next patch.
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Only expose the type safe getters/setters to other code in preparation
for changing the internal storage of data.
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NAndrea Bolognani <abologna@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NAndrea Bolognani <abologna@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Remove the "UNIX" tag from the names for user name, group name,
process ID and process time, since these attributes are all usable
for non-UNIX platforms like Windows.

User ID and group ID are left with a "UNIX" tag, since there's no
equivalent on Windows. The closest equivalent concept on Windows,
SID, is a struct containing a number of integer fields, which is
commonly represented in string format instead. This would require
a separate attribute, and is left for a future exercise, since
the daemons are not currently built on Windows anyway.
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

When using the fine grained access control mechanism for APIs, when a
client connects to libvirtd, the latter will fetch the uid, gid, selinux
info of the remote client on the UNIX domain socket. This is then used
as the identity when checking ACLs.

With the new split daemons things are a bit more complicated. The user
can connect to virtproxyd, which in turn connects to virtqemud. When
virtqemud requests the identity over the UNIX domain socket, it will
get the identity that virtproxyd is running as, not the identity of
the real end user/application.

virproxyd knows what the real identity is, and needs to be able to
forward this information to virtqemud. The virConnectSetIdentity API
provides a mechanism for doing this. Obviously virtqemud should not
accept such identity overrides from any client, it must only honour it
from a trusted client, aka one running as the same uid/gid as itself.

The typed parameters exposed in the API are the same as those currently
supported by the internal virIdentity class, with a few small name
changes.
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Most code paths prevent starting a blockjob if we already have one but
the job registering function does not do this check. While this isn't a
problem for regular cases we had a bad test case where we registered two
jobs for a single disk which leaked one of the jobs. Prevent this in the
registering function until we allow having multiple jobs per disk.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
ACKed-by: NEric Blake <eblake@redhat.com>
Reviewed-by: NMartin Kletzander <mkletzan@redhat.com>

There were accidentally two disks with 'vdc' target with corresponding
blockjobs which made libvirt leak some references as there are not
supposed to be two blockjobs for a single disk. Fix this mess by
renaming some of the disks.

In addition the block job names also didn't correspond to the naming
convetion which also includes the disk target. Fix it as well.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
ACKed-by: NEric Blake <eblake@redhat.com>
Reviewed-by: NMartin Kletzander <mkletzan@redhat.com>

qemuDomainAttachNetDevice() (hotplug) previously had some of the
validation that is in qemuDomainValidateActualNetDef(), but it was
incomplete. qemuDomainChangeNet() had none of that validation, but it
is all appropriate in both cases.

This is the final piece of a previously partial resolution to
https://bugzilla.redhat.com/1502754Signed-off-by: NLaine Stump <laine@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

The same validation should be done for both static network devices and
hotplugged devices, but they are currently inconsistent. Move all the
relevant validation from qemuBuildInterfaceCommandLine() into the new
function qemuDomainValidateActualNetDef() and call the latter from
the former.
Signed-off-by: NLaine Stump <laine@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

It needs to be used by a function that only has a const pointer to
virDomainNetDef.
Signed-off-by: NLaine Stump <laine@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

AppArmorGetSecurityProcessLabel copies the VM's profile name to the
label member of virSecurityLabel struct. If the profile is not loaded,
the name is set empty before calling virStrcpy to copy it. However,
virStrcpy will fail if src is empty (0 length), causing
AppArmorGetSecurityProcessLabel to needlessly fail. Simple operations
that report security driver information will subsequently fail

virsh dominfo test
Id:             248
Name:           test
...
Security model: apparmor
Security DOI:   0
error: internal error: error copying profile name

Avoid copying an empty profile name when the profile is not loaded.
Signed-off-by: NJim Fehlig <jfehlig@suse.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

To aid in troubleshooting add some debug messages wrt
bandwidth settings and networks.
Reviewed-by: NLaine Stump <laine@laine.org>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

We previously allowed bandwidth settings when attaching NICs
to networks with forward mode=bridge:

  commit 42a92ee9
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   Tue Nov 20 11:30:05 2018 +0000

    network: add missing bandwidth limits for bridge forward type

    In the case of a network with forward=bridge, which has a bridge device
    listed, we are capable of setting bandwidth limits but fail to call the
    function to register them.
Reviewed-by: NCole Robinson <crobinso@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Unfortunately the wrong version of this patch was posted and
reviewed and thus it lacked the code to actually apply the
bandwidth settings to the bridge itself.
Reviewed-by: NLaine Stump <laine@laine.org>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>