1. 22 8月, 2012 8 次提交
    • E
      atomic: mark header functions static · bf76174b
      Eric Blake 提交于
      When gcc atomic intrinsics are not available (such as on RHEL 5
      with gcc 4.1.2), we were getting link errors due to multiple
      definitions:
      
      ./.libs/libvirt_util.a(libvirt_util_la-virobject.o): In function `virAtomicIntXor':
      /home/dummy/l,ibvirt/src/util/viratomoic.h:404: multiple definition of `virAtomicIntXor'
      ./.libs/libvirt_util.a(libvirt_util_la-viratomic.o):/home/dummy/libvirt/src/util/viratomic.h:404: first defined here
      
      Solve this by conditionally marking the functions static (the
      condition avoids falling foul of gcc warnings about unused
      static function declarations).
      
      * src/util/viratomic.h: When not using gcc intrinsics, use static
      functions to avoid linker errors on duplicate functions.
      bf76174b
    • E
      build: work with glibc that lacks CPU_COUNT · 0d03735f
      Eric Blake 提交于
      Building on RHEL 5 warned:
      
      nodeinfo.c: 305: warning: implicit declaration of function 'CPU_COUNT'
      
      This extension macro in <sched.h> was not added until later glibc.
      
      * src/nodeinfo.c (CPU_COUNT): Add fallback implementation.
      0d03735f
    • E
      build: work with older RHEL 5 kernel · 77de1f35
      Eric Blake 提交于
      We already skip out on building the LXC under RHEL 5, because the
      kernel is too old (commits 4c18acff, 2dee8965); but commit 9612e4b2
      moved some LXC-only code into common files, resulting in this
      build failure:
      
      util/virfile.c: In function 'virFileLoopDeviceAssociate':
      util/virfile.c:580: error: 'LO_FLAGS_AUTOCLEAR' undeclared (first use in this function)
      
      Unfortunately, the kernel folks only made it an enum, rather than
      also a #define, so we have to modify configure.ac to record when
      it is usable.
      
      * configure.ac (with_lxc): Mark when LO_FLAGS_AUTOCLEAR was found.
      * src/util/virfile.c (virFileLoopDeviceAssociate): Avoid
      compilation when kernel is too old.
      77de1f35
    • J
      command: avoid double close in virExecWithHook · 8211c677
      Ján Tomko 提交于
      Fix possible double close in the child process after the fork in case
      infd and outfd are equal, just like they are after being called from
      virNetSocketNewConnectCommand.
      8211c677
    • S
      nwfilter: provide basic support for firewalld · 4efde75f
      Stefan Berger 提交于
      This patch provides basic support for using firewalld's firewall-cmd
      rather than then plain eb/ip(6)tables commands.
      4efde75f
    • T
      network: use firewalld instead of iptables, when available · bf156385
      Thomas Woerner 提交于
      * configure.ac, spec file: firewalld defaults to enabled if dbus is
        available, otherwise is disabled. If --with_firewalld is explicitly
        requested and dbus is not available, configure will fail.
      
      * bridge_driver: add dbus filters to get the FirewallD1.Reloaded
        signal and DBus.NameOwnerChanged on org.fedoraproject.FirewallD1.
        When these are encountered, reload all the iptables reuls of all
        libvirt's virtual networks (similar to what happens when libvirtd is
        restarted).
      
      * iptables, ebtables: use firewall-cmd's direct passthrough interface
        when available, otherwise use iptables and ebtables commands. This
        decision is made once the first time libvirt calls
        iptables/ebtables, and that decision is maintained for the life of
        libvirtd.
      
      * Note that the nwfilter part of this patch was separated out into
        another patch by Stefan in V2, so that needs to be revised and
        re-reviewed as well.
      
      ================
      
      All the configure.ac and specfile changes are unchanged from Thomas'
      V3.
      
      V3 re-ran "firewall-cmd --state" every time a new rule was added,
      which was extremely inefficient.  V4 uses VIR_ONCE_GLOBAL_INIT to set
      up a one-time initialization function.
      
      The VIR_ONCE_GLOBAL_INIT(x) macro references a static function called
      vir(Ip|Eb)OnceInit(), which will then be called the first time that
      the static function vir(Ip|Eb)TablesInitialize() is called (that
      function is defined for you by the macro). This is
      thread-safe, so there is no chance of any race.
      
      IMPORTANT NOTE: I've left the VIR_DEBUG messages in these two init
      functions (one for iptables, on for ebtables) as VIR_WARN so that I
      don't have to turn on all the other debug message just to see
      these. Even if this patch doesn't need any other modification, those
      messages need to be changed to VIR_DEBUG before pushing.
      
      This one-time initialization works well. However, I've encountered
      problems with testing:
      
      1) Whenever I have enabled the firewalld service, *all* attempts to
      call firewall-cmd from within libvirtd end with firewall-cmd hanging
      internally somewhere. This is *not* the case if firewall-cmd returns
      non-0 in response to "firewall-cmd --state" (i.e. *that* command runs
      and returns to libvirt successfully.)
      
      2) If I start libvirtd while firewalld is stopped, then start
      firewalld later, this triggers libvirtd to reload its iptables rules,
      however it also spits out a *ton* of complaints about deletion failing
      (I suppose because firewalld has nuked all of libvirt's rules). I
      guess we need to suppress those messages (which is a more annoying
      problem to fix than you might think, but that's another story).
      
      3) I noticed a few times during this long line of errors that
      firewalld made a complaint about "Resource Temporarily
      unavailable. Having libvirtd access iptables commands directly at the
      same time as firewalld is doing so is apparently problematic.
      
      4) In general, I'm concerned about the "set it once and never change
      it" method - if firewalld is disabled at libvirtd startup, causing
      libvirtd to always use iptables/ebtables directly, this won't cause
      *terrible* problems, but if libvirtd decides to use firewall-cmd and
      firewalld is later disabled, libvirtd will not be able to recover.
      bf156385
    • J
      sanlock: Provide better error if lockspace directory is missing · 2560a51e
      Jiri Denemark 提交于
      Generating "Unable to add lockspace /lock/space/dir/__LIBVIRT__DISKS__:
      No such file or directory" is correct but not exactly clear. This patch
      changes the error message to "Unable to create lockspace
      /lock/space/dir/__LIBVIRT__DISKS__: parent directory does not exist or
      is not a directory".
      2560a51e
    • J
      daemon: Autodetect lock driver directory · 15f5e16f
      Jiri Denemark 提交于
      When running libvirtd from a build directory, libvirtd would load lock
      drivers from system directory unless explicitly overridden by setting
      LIBVIRT_LOCK_MANAGER_PLUGIN_DIR environment variable. Since we already
      autodetect driver directory if libvirt is build with driver modules, we
      can use the same trick to automagically set lock driver directory.
      15f5e16f
  2. 21 8月, 2012 31 次提交
    • E
      build: split driver_storage into convenience library · 1a4379cb
      Eric Blake 提交于
      Commit 1d22ba95 was complete at the time, but we have since
      reintroduced a warning that is fixed in the same manner:
      
        CCLD   storagebackendsheepdogtest
      
      *** Warning: Linking the executable storagebackendsheepdogtest against the loadable module
      *** libvirt_driver_storage.so is not portable!
      
      * src/Makefile.am (libvirt_driver_storage.la): Factor into new
      convenience library libvirt_driver_storage_impl.la.
      * tests/Makefile.am (storagebackendsheepdogtest_LDADD): Link to
      convenience library, not shared library.
      1a4379cb
    • E
      build: silence stupid gcc warning on STREQ_NULLABLE · 8d8527de
      Eric Blake 提交于
      Our existing STRNEQ_NULLABLE() triggered a warning in gcc 4.7 when
      used with a literal NULL argument:
      
      qemumonitorjsontest.c: In function 'testQemuMonitorJSONGetMachines':
      qemumonitorjsontest.c:289:5: error: null argument where non-null required (argument 1) [-Werror=nonnull]
      
      even though the strcmp is provably dead when a null argument is
      present.  Squelch the warning by refactoring things so that gcc
      never sees strcmp() called with NULL arguments (we still compare
      NULL as not equal to "", this rewrite merely aids gcc).
      
      Next, gcc has a valid warning about a literal NULLSTR(NULL):
      
      qemumonitorjsontest.c:289:5: error: invalid application of 'sizeof' to a void type [-Werror=pointer-arith]
      
      Of course, you'd never write NULLSTR(NULL) directly, but it is
      handy to use through macros.  But the entire part about verify_true()
      is unnecessary - gcc already warns about type mismatch with ?:,
      without needing to make it more complex.
      
      * src/internal.h (STREQ_NULLABLE, STRNEQ_NULLABLE): Avoid gcc 4.7
      stupidity.
      (NULLSTR): Simplify, to allow passing compile-time constants.
      8d8527de
    • D
      Fix parsing of uid/gid on Mingw32 · 7272a92c
      Daniel P. Berrange 提交于
      The DAC security driver uses the virStrToLong_ui function to
      parse the uid/gid out of the seclabel string. This works on
      Linux where 'uid_t' is an unsigned int, but on Mingw32 it is
      just an 'int'. This causes compiler warnings about signed/
      unsigned int pointer mis-match.
      
      To avoid this, use explicit 'unsigned int ouruid' local
      vars to pass into virStrToLong_ui, and then simply assign
      to the 'uid_t' type after parsing
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      7272a92c
    • P
      libssh2_transport: Use libssh2 driver code in remote driver · dfbb2d31
      Peter Krempa 提交于
      This patch adds URI options to support libssh2 transport in the remote
      driver.
      
      A new transport sceme is introduced eg. "qemu+libssh2://..." that
      utilizes the libssh2 code added in previous patches.
      
      The libssh2 code requires the authentication callback to be able to
      perform keyboard-interactive authentication or to ask t passprhases or
      add host keys to known hosts database.
      
      Added URI components:
      - known_hosts -  path to a knownHosts file in OpenSSH format to check
                       for known ssh host keys
      - known_hosts_verify - how to deal with server key verification:
                                  * "normal" (default) - ask to add new keys
                                  * "auto" - automaticaly add new keys
                                  * "ignore" - don't validate host keys
      - sshauth - authentication methods to use. Default is
                  "agent,privkey,keyboard-interactive". It's a comma separated
                  string of methods to try while authenticating. The order is
                  preserved. Some of the methods may require additional
                  parameters.
      
      Locations of the known_hosts file and private keys are set to default
      values if they're present. (~/.ssh/known_hosts, ~/.ssh/id_rsa,
                                  ~/.ssh/id_dsa)
      dfbb2d31
    • P
      libssh2_transport: Add libssh2 session support to net client code · 25f2c8b4
      Peter Krempa 提交于
      This patch adds a glue layer to enable using libssh2 code with the
      network client code.
      
      As in the original client implementation, shell code is sent to the
      server to detect correct options for netcat and connect to libvirt's
      unix socket.
      25f2c8b4
    • P
      libssh2_transport: add ssh context support to virNetSocket · 637ea542
      Peter Krempa 提交于
      This patch enables virNetSocket to be used as an ssh client when
      properly configured.
      
      This patch adds function virNetSocketNewConnectLibSSH2() that takes all
      needed parameters and creates a libssh2 session and performs steps
      needed to open the connection and then create a virNetSocket that
      seamlesly encapsulates the communication.
      637ea542
    • P
      libssh2_transport: add main libssh2 transport implementation · 1193fc5f
      Peter Krempa 提交于
      This patch adds helper functions that enable us to use libssh2 in
      conjunction with libvirt's virNetSockets for ssh transport instead of
      spawning "ssh" client process.
      
      This implemetation supports tunneled plaintext, keyboard-interactive,
      private key, ssh agent based and null authentication. Libvirt's Auth
      callback is used for interaction with the user. (Keyboard interactive
      authentication, adding of host keys, private key passphrases). This
      enables seamless integration into the application using libvirt. No
      helpers as "ssh-askpass" are needed.
      
      Reading and writing of OpenSSH style "known_hosts" files is supported.
      
      Communication is done using SSH exec channel, where the user may specify
      arbitrary command to be executed on the remote side and reads and writes
      to/from stdin/out are sent through the ssh channel. Usage of stderr is
      not (yet) supported.
      1193fc5f
    • D
      Add test case for SELinux label generation · 9136032a
      Daniel P. Berrange 提交于
      This test case validates the correct generation of SELinux labels
      for VMs, wrt the current process label. Since we can't actually
      change the label of the test program process, we create a shared
      library libsecurityselinuxhelper.so which overrides the getcon()
      and setcon() libselinux.so functions. When started the test case
      will check to see if LD_PRELOAD is set, and if not, it will
      re-exec() itself setting LD_PRELOAD=libsecurityselinuxhelper.so
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      9136032a
    • D
      Honour current sensitivity and category ranges in SELinux label generation · 4e365df4
      Daniel P. Berrange 提交于
      Currently the dynamic label generation code will create labels
      with a sensitivity of s0, and a category pair in the range
      0-1023. This is fine when running a standard MCS policy because
      libvirtd will run with a label
      
        system_u:system_r:virtd_t:s0-s0:c0.c1023
      
      With custom policies though, it is possible for libvirtd to have
      a different sensitivity, or category range. For example
      
        system_u:system_r:virtd_t:s2-s3:c512.c1023
      
      In this case we must assign the VM a sensitivity matching the
      current lower sensitivity value, and categories in the range
      512-1023
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      4e365df4
    • D
      Fix regression generating image context · 2d9df4fc
      Daniel P. Berrange 提交于
      The code to refactor sec label handling accidentally changed the
      SELinux driver to use the 'domain_context' when generating the
      image label instead of the 'file_context'
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      2d9df4fc
    • M
      qemu: modify 3 error messages · 0c0a8c9f
      Martin Kletzander 提交于
      After the cleanup of remote display port allocation, I noticed some
      messages that didn't make a lot of sense the way they were written. So
      I rephrased them.
      0c0a8c9f
    • M
      qemu: configurable remote display port boundaries · 29226bee
      Martin Kletzander 提交于
      The defines QEMU_REMOTE_PORT_MIN and QEMU_REMOTE_PORT_MAX were used to
      find free port when starting domains. As this was hard-coded to the
      same ports as default VNC servers, there were races with these other
      programs. This patch includes the possibility to change the default
      starting port as well as the maximum port (mostly for completeness) in
      qemu config file.
      
      Support for two new config options in qemu.conf is added:
       - remote_port_min (defaults to QEMU_REMOTE_PORT_MIN and
         must be >= than this value)
       - remote_port_max (defaults to QEMU_REMOTE_PORT_MAX and
         must be <= than this value)
      29226bee
    • M
      qemu: Unify port-wise SPICE and VNC behavior · a14b4aea
      Martin Kletzander 提交于
      Port allocations for SPICE and VNC behave almost the same (with
      default ports), but there is some mess in the code. This patch clears
      these inconsistencies and makes sure the same behavior will be used
      when ports for remote displays are changed.
      
      Changes:
       - hard-coded number 5900 removed (handled elsewhere like with VNC)
       - reservedVNCPorts renamed to reservedRemotePorts (it's not just for
         VNC anymore)
       - QEMU_VNC_PORT_{MIN,MAX} renamed to QEMU_REMOTE_PORT_{MIN,MAX}
       - port allocation unified for VNC and SPICE
      a14b4aea
    • E
      build: fix build with autoconf 2.59 · ba9c38b4
      Eric Blake 提交于
      Commit 350583c8 broke development on a RHEL 5 box, where the
      ancient Autoconf 2.59 lacks AS_VERSION_STRING.  Rather than
      backport the complex awk script that newer autoconf uses for
      true strverscmp comparisons from the shell, it was easier to
      just open-code a shell case statement.
      
      * configure.ac (qemu_version): Open-code a replacement for
      AS_VERSION_CHECK.
      ba9c38b4
    • E
      virsh: split out virsh-volume.c · f95f1ba4
      Eric Blake 提交于
      Last of the file splits.
      
      * tools/virsh-volume.h: New file.
      * tools/Makefile.am (virsh_SOURCES): Build it.
      * tools/virsh.c: Use new header.
      * tools/virsh-volume.c: Likewise.
      (vshCommandOptVolBy): Fix flag usage.
      f95f1ba4
    • E
      virsh: split out virsh-snapshot.c · c0dbd5f3
      Eric Blake 提交于
      Almost done with the splits.
      
      * tools/virsh-snapshot.h: New file.
      * tools/Makefile.am (virsh_SOURCES): Build it.
      * tools/virsh.c: Use new header.
      * tools/virsh-snapshot.c: Likewise.
      c0dbd5f3
    • E
      virsh: split out virsh-secret.c · 9cbb0eda
      Eric Blake 提交于
      One of the simpler splits.
      
      * tools/virsh-secret.h: New file.
      * tools/Makefile.am (virsh_SOURCES): Build it.
      * tools/virsh.c: Use new header.
      * tools/virsh-secret.c: Likewise.
      9cbb0eda
    • E
      virsh: split out virsh-pool.c · ef8d3583
      Eric Blake 提交于
      More in a series of file splits.
      
      * tools/virsh-pool.h: New file.
      * tools/Makefile.am (virsh_SOURCES): Build it.
      * tools/virsh.c: Use new header.
      * tools/virsh-pool.c: Likewise.
      (virCommandOptPoolBy): Fix flag usage.
      ef8d3583
    • E
      virsh: split out virsh-nwfilter.c · 69af4f7c
      Eric Blake 提交于
      Yet another split file.
      
      * tools/virsh-nwfilter.h: New file.
      * tools/Makefile.am (virsh_SOURCES): Build it.
      * tools/virsh.c: Use new header.
      * tools/virsh-nwfilter.c: Likewise.
      69af4f7c
    • E
      virsh: split out virsh-nodedev.c · ea3cf921
      Eric Blake 提交于
      Another worthwhile split, needed one more public function.
      
      * tools/virsh-nodedev.h: New file.
      * tools/Makefile.am (virsh_SOURCES): Build it.
      * tools/virsh-nodedev.c: Use new header.
      * tools/virsh.c: Likewise.
      (vshTreePrint): Export.
      * tools/virsh.h (vshTreePrint): Declare.
      ea3cf921
    • E
      virsh: split out virsh-network.c · dcff981a
      Eric Blake 提交于
      Another relatively easy file split.
      
      * tools/virsh-network.h: New file.
      * tools/Makefile.am (virsh_SOURCES): Build it.
      * tools/virsh.c: Use new header.
      * tools/virsh-network.c: Likewise.
      (vshCommandOptNetworkBy): Update signature.
      dcff981a
    • E
      virsh: split out virsh-interface.c · 7aeb16a8
      Eric Blake 提交于
      Another relatively easy split, since helper functions were fixed
      in the previous patch.
      
      * tools/virsh-interface.h: New file.
      * tools/Makefile.am (virsh_SOURCES): Build it.
      * tools/virsh.c: Use new header.
      * tools/virsh-interface.c: Likewise.
      (vshCommandOptInterfaceBy): Check flags.
      7aeb16a8
    • E
      virsh: declare more common functions · 4c10b3c7
      Eric Blake 提交于
      In preparation for splitting virsh-interface.c, I found these
      functions need to be declared in virsh.h, as well as one that
      belongs more properly in virsh-domain.h.  Also, since we
      use the VSH_BY* flags in more than one function, I improved
      how they are used.
      
      * tools/virsh.h (vshNameSorter, vshCmdHasOption): Declare.
      (VSH_BYID): Turn into enum.
      (vshCommandOptDomainBy): Move...
      * tools/virsh-domain.h): ...here.
      * tools/virsh.c: (vshNameSorter): Export.
      (cmd_has_option): Rename...
      (vshCmdHasOption): ...and export.
      (vshCommandOptDomainBy): Move...
      * tools/virsh-domain.c (vshCommandOptDomainBy): ...here, adjust
      signature, and check flags.
      * tools/virsh-network.c (vshCommandOptNetworkBy): Update callers.
      * tools/virsh-nwfilter.c (vshCommandOptNWFilterBy): Likewise.
      * tools/virsh-secret.c (vshCommandOptSecret): Likewise.
      * tools/virsh-domain-monitor.c (includes): Likewise.
      * tools/virsh-host.c (includes): Likewise.
      4c10b3c7
    • E
      virsh: split out virsh-host.c · ae8e89fb
      Eric Blake 提交于
      The splits are getting easier, with fewer cleanups needed in virsh.h.
      
      * tools/virsh-host.h: New file.
      * tools/Makefile.am (virsh_SOURCES): Build it.
      * tools/virsh-host.c: Use new header.
      * tools/virsh.c: Likewise.
      ae8e89fb
    • E
      virsh: split out virsh-domain-monitor.c · 99ae57f8
      Eric Blake 提交于
      Another file worth compiling on its own instead of by .c inclusion.
      
      * tools/virsh-domain-monitor.h: New file.
      * tools/Makefile.am (virsh_SOURCES): Build it.
      * tools/virsh.h (vshGetDomainDescription): Move to correct
      header.
      * tools/virsh-domain-monitor.c: Use new header.
      * tools/virsh.c: Likewise.
      * tools/virsh-domain.c: Likewise.
      99ae57f8
    • M
      Update the remote API · 2f8a09fb
      Marcelo Cerri 提交于
      This patch updates libvirt's API to allow applications to inspect the
      full list of security labels of a domain.
      Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
      2f8a09fb
    • M
      Support for multiple default security drivers in QEMU config · 6d6bff3a
      Marcelo Cerri 提交于
      This patch updates the key "security_driver" in QEMU config to suport
      both a sigle default driver or a list of default drivers. This ensures
      that it will remain compatible with older versions of the config file.
      Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
      6d6bff3a
    • M
      Update security layer to handle many security labels · a994ef2d
      Marcelo Cerri 提交于
      These changes make the security drivers able to find and handle the
      correct security label information when more than one label is
      available. They also update the DAC driver to be used as an usual
      security driver.
      Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
      a994ef2d
    • M
      Multiple security drivers in XML data · e9377dda
      Marcelo Cerri 提交于
      This patch updates the domain and capability XML parser and formatter to
      support more than one "seclabel" element for each domain and device. The
      RNG schema and the tests related to this are also updated by this patch.
      Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
      e9377dda
    • M
      Internal refactory of data structures · 6c3cf57d
      Marcelo Cerri 提交于
      This patch updates the structures that store information about each
      domain and each hypervisor to support multiple security labels and
      drivers. It also updates all the remaining code to use the new fields.
      Signed-off-by: NMarcelo Cerri <mhcerri@linux.vnet.ibm.com>
      6c3cf57d
    • V
      selinux: Fix incorrect object label generation. · b6ad2c23
      Viktor Mihajlovski 提交于
      This is a fix for the object label generation. It uses a new flag for
      virSecuritySELinuxGenNewContext that specifies whether the context is
      for an object. If so the context role remains unchanged.
      Without this fix it is not possible to start domains with image file or
      block device backed storage when selinux is enabled.
      Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
      b6ad2c23
  3. 20 8月, 2012 1 次提交
    • E
      virsh: drop unused headers · 521b7ab7
      Eric Blake 提交于
      The previous commit now trips up 'make syntax-check' due to a useless
      use of <signal.h>.
      
      * tools/virsh.c (includes): Drop useless includes.
      521b7ab7