- 22 3月, 2019 8 次提交
-
-
由 Eric Blake 提交于
Rather than allowing a leaky abstraction where multiple drivers have to open-code operations that update the relations in a virDomainSnapshotObjList, it is better to add accessor functions so that updates to relations are maintained closer to the internals. This patch starts the task with a single new function: virDomainSnapshotMoveChildren(). The logic might not be immediately obvious [okay, that's an understatement - the existing code uses black magic ;-)], so here's an overview: The old code has an implicit for loop around each call to qemuDomainSnapshotReparentChildren() by using virDomainSnapshotForEachChild() (you'll need a wider context than git's default of 3 lines to see that); the new code has a more visible for loop. Then it helps if you realize that the code is making two separate changes to each child object: STRDUP of the new parent name prior to writing XML files (unchanged), and touching up the pointer to the parent object (refactored); the end result is the same whether a single pass made both changes (both in driver code), or whether it is split into two passes making one change each (one in driver code, the other in the new accessor). Signed-off-by: NEric Blake <eblake@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Eric Blake 提交于
It is easier to track the current snapshot as part of the list of snapshots. In particular, doing so lets us guarantee that the current snapshot is cleared if that snapshot is removed from the list (rather than depending on the caller to do so, and risking a use-after-free problem, such as the one recently patched in 1db9d0ef). This requires the addition of several new accessor functions, as well as a useful return type for virDomainSnapshotObjListRemove(). A few error handling sites that were previously setting vm->current_snapshot = NULL can now be dropped, because the previous function call has now done it already. Also, qemuDomainRevertToSnapshot() was setting the current vm twice, so keep only the one used on the success path. Signed-off-by: NEric Blake <eblake@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Eric Blake 提交于
Rework the logic in qemuDomainSnapshotLoad() to set vm->current_snapshot only once at the end of the loop, rather than repeatedly querying it during the loop, to make it easier for the next patch to use accessor functions rather than direct manipulation of vm->current_snapshot. When encountering multiple snapshots claiming to be current (based on the presence of an <active>1</active> element in the XML, which libvirt only outputs for internal use and not for any public API), this changes behavior from warning only once and running with no current snapshot, to instead warning on each duplicate and selecting the last one encountered (which is arbitrary based on readdir() ordering, but actually stands a fair chance of being the most-recently created snapshot whether by timestamp or by the propensity of humans to name things in ascending order). Note that the code in question is only run by libvirtd when it first starts, reading state from disk from the previous run into memory for this run. Since the data resides somewhere that only libvirt should be touching (typically /var/lib/libvirt/qemu/snapshot/*), it should be clean. So in the common case, the code touched here is unreachable. But if someone is actually messing with files behind libvirt's back, they deserve the change in behavior. Signed-off-by: NEric Blake <eblake@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Eric Blake 提交于
The only use for the 'current' member of virDomainSnapshotDef was with the PARSE/FORMAT_INTERNAL flag for controlling an internal-use <active> element marking whether a particular snapshot definition was current, and even then, only by the qemu driver on output, and by qemu and test driver on input. But this duplicates vm->snapshot_current, and gets in the way of potential simplifications to have qemu store a single file for all snapshots rather than one file per snapshot. Get rid of the member by adding a bool* parameter during parse (ignored if the PARSE_INTERNAL flag is not set), and by adding a new flag during format (if FORMAT_INTERNAL is set, the value printed in <active> depends on the new FORMAT_CURRENT). Then update the qemu driver accordingly, which involves hoisting assignments to vm->current_snapshot to occur prior to any point where a snapshot XML file is written (although qemu kept vm->current_snapshot and snapshot->def_current in sync by the end of the function, they were not always identical in the middle of functions, so the shuffling gets a bit interesting). Later patches will clean up some of that confusing churn to vm->current_snapshot. Note: even if later patches refactor qemu to no longer use FORMAT_INTERNAL for output (by storing bulk snapshot XML instead), we will always need PARSE_INTERNAL for input (because on upgrade, a new libvirt still has to parse XML left from a previous libvirt). Signed-off-by: NEric Blake <eblake@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Eric Blake 提交于
When a future patch converts virDomainSnapshotDef to be a virObject, we need to be careful that converting VIR_FREE() to virObjectUnref() does not result in double frees. Reorder the assignment of def into the object to the point after object is in the hash table (as otherwise the virHashAddEntry() error path would have a shot at freeing def prematurely). Suggested-by: NJohn Ferlan <ferlan@redhat.com> Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Change the return value of virDomainSnapshotObjListParse() to return the number of snapshots imported, and allow a return of 0 (the original proposal of adding a flag to virDomainSnapshotCreateXML required returning an arbitrary non-NULL snapshot, but that idea was abandoned; and by returning a count, we are no longer constrained to a non-empty list). Document which flags are supported (namely, just SECURE) in virDomainSnapshotObjListFormat(). Signed-off-by: NEric Blake <eblake@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Eric Blake 提交于
An upcoming patch will be reworking virDomainSnapshotDef to have a base class; minimize the churn by using a local variable to reduce the number of dereferences required when acessing the domain definition associated with the snapshot. Signed-off-by: NEric Blake <eblake@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Cole Robinson 提交于
And adjust virQEMUCapsSetList to use it. It will also be used in future patches. Reviewed-by: NAndrea Bolognani <abologna@redhat.com> Signed-off-by: NCole Robinson <crobinso@redhat.com>
-
- 21 3月, 2019 1 次提交
-
-
由 Eric Blake 提交于
The following virsh command was triggering a use-after-free: $ virsh -c test:///default ' snapshot-create-as test s1 snapshot-create-as test s2 snapshot-delete --children-only test s1 snapshot-current --name test' Domain snapshot s1 created Domain snapshot s2 created Domain snapshot s1 children deleted error: name in virGetDomainSnapshot must not be NULL I got lucky on that run - although the error message is quite unexpected. On other runs, I was able to get a core dump, and valgrind confirms there is a definitive problem. The culprit? We were inconsistent about whether we set vm->current_snapshot, snap->def->current, or both when updating how the current snapshot was being tracked. As a result, deletion did not see that snapshot s2 was previously current, and failed to update vm->current_snapshot, so that the next API using the current snapshot failed because it referenced stale memory for the now-gone s2 (instead of the intended s1). The test driver code was copied from the qemu code (which DOES track both pieces of state everywhere), but was purposefully simplified because the test driver does not have to write persistent snapshot state to the file system. But when you realize that the only reason snap->def->current needs to exist is when writing out one file per snapshot for qemu, it's just as easy to state that the test driver never has to mess with the field (rather than chasing down which places forgot to set the field), and have vm->current_snapshot be the sole source of truth in the test driver. Ideally, I'd get rid of the 'current' member in virDomainSnapshotDef, as well as the 'current_snapshot' member in virDomainDef, and instead track the current member in virDomainSnapshotObjList, coupled with writing ALL snapshot state for qemu in a single file (where I can use <snapshots current='...'> as a wrapper, rather than VIR_DOMAIN_SNAPSHOT_FORMAT_INTERNAL to output <current>1</current> XML on a per-snapshot file basis). But that's a bigger change, so for now I'm just patching things to avoid the test driver segfault. Signed-off-by: NEric Blake <eblake@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
- 20 3月, 2019 10 次提交
-
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1686927 When trying to create a nwfilter binding via nwfilterBindingCreateXML() we may encounter a crash. The sequence of functions called is as follows: 1) nwfilterBindingCreateXML() parses the XML and calls virNWFilterBindingObjListAdd() which calls virNWFilterBindingObjListAddLocked() 2) Here, @binding is not found because binding->remove is set. 3) Therefore, controls continue with creating new @binding, setting its def to the one from 1) and adding it to the hash table. 4) This fails, because the binding is still in the hash table (duplicate key is detected). 5) The control jumps to 'error' label where virNWFilterBindingObjEndAPI() is called which frees the binding definition passed. 6) Error is propagated to the caller, which calls virNWFilterBindingDefFree() over the definition again. The solution is to unset binding->def in case of failure so it's not freed in step 5). Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Storage source private data can be parsed along with other components of private data rather than a separate function which is called from multiple places. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
virDomainDiskSourcePrivateDataParse and virDomainDiskSourcePRParse don't need the 'cleanup' label any more thanks to VIR_XPATH_NODE_AUTORESTORE. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
The function does not have any code in the 'cleanup' label so we can simplify the control flow. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
We can use our VIR_AUTOPTR machinery also for libxml2's xmlDoc and xmlXPathContext. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Rename it to 'seclabels' and invert the value. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Michal Privoznik 提交于
In a1c453dc, during VIR_AUTOFREE() rewrite this wasn't done properly. @port might be leaked because it's allocated in a for() loop. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
In 669018bc I've introduced def->refresh which might be allocated by virStoragePoolDefRefreshParse() but is never freed. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Andrea Bolognani 提交于
The refresh_volume_allocation variable in virStoragePoolDefParseXML() has been unused since its introduction in commit 669018bc, and Clang rightfully complains about this fact. Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
-
- 19 3月, 2019 6 次提交
-
-
由 Jason Dillaman 提交于
Use the new refresh volume allocation pool override to skip computing the actual volume usage if disabled. Signed-off-by: NJason Dillaman <dillaman@redhat.com> Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Jason Dillaman 提交于
The new 'refresh' element can override the default refresh operations for a storage pool. The only currently supported override is to set the volume allocation size to the volume capacity. This can be specified by adding the following snippet: <pool> ... <refresh> <volume allocation='capacity'/> </refresh> ... </pool> This is useful for certain backends where computing the actual allocation of a volume might be an expensive operation. Signed-off-by: NJason Dillaman <dillaman@redhat.com> Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Jason Dillaman 提交于
The librbd API will transparently revert to a slow disk usage calculation method if the fast-diff map is marked as invalid. Signed-off-by: NJason Dillaman <dillaman@redhat.com> Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Daniel P. Berrangé 提交于
The unprivileged libvirtd does not have permission to create firewall rules, or bridge devices, or do anything to the host network in general. Historically we still activate the network driver though and let the network start API call fail. The startup code path which reloads firewall rules on active networks would thus effectively be a no-op when unprivileged as it is impossible for there to be any active networks With the change to use a global set of firewall chains, however, we now have code that is run unconditionally. Ideally we would not register the network driver at all when unprivileged, but the entanglement with the virt drivers currently makes that impractical. As a temporary hack, we just make the firewall reload into a no-op. Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
During startup libvirtd creates top level chains for both ipv4 and ipv6 protocols. If this fails for any reason then startup of virtual networks is blocked. The default virtual network, however, only requires use of ipv4 and some servers have ipv6 disabled so it is expected that ipv6 chain creation will fail. There could equally be servers with no ipv4, only ipv6. This patch thus makes error reporting a little more fine grained so that it works more sensibly when either ipv4 or ipv6 is disabled on the server. Only the protocols that are actually used by the virtual network have errors reported. Reviewed-by: NAndrea Bolognani <abologna@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
During startup we create some top level chains in which all virtual network firewall rules will be placed. The upfront creation is done to avoid slowing down creation of individual virtual networks by checking for chain existance every time. There are some factors which can cause this upfront creation to fail and while a message will get into the libvirtd log this won't be seen by users who later try to start a virtual network. Instead they'll just get a message saying that the libvirt top level chain does not exist. This message is accurate, but unhelpful for solving the root cause. This patch thus saves any error during daemon startup and reports it when trying to create a virtual network later. Reviewed-by: NAndrea Bolognani <abologna@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
- 18 3月, 2019 15 次提交
-
-
由 Daniel P. Berrangé 提交于
The rbd_list method has been deprecated in Ceph >= 14.0.0 in favour of the new rbd_list2 method which populates an array of structs. Reviewed-by: NJán Tomko <jtomko@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Daniel P. Berrangé 提交于
The rbd_list method has a quite unpleasant signature returning an array of strings in a single buffer instead of an array. It is being deprecated in favour of rbd_list2. To maintain clarity of code when supporting both APIs in parallel, split the rbd_list code out into a separate method. In splitting this we now honour the rbd_list failures. Reviewed-by: NJán Tomko <jtomko@redhat.com> Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
-
由 Cole Robinson 提交于
After this, newly added enums will not automatically show up in driver output unless the driver code specifically sets report=true Acked-by: NMichal Privoznik <mprivozn@redhat.com> Signed-off-by: NCole Robinson <crobinso@redhat.com>
-
由 Cole Robinson 提交于
Set report=true for all enums currently formatted in the XML Acked-by: NMichal Privoznik <mprivozn@redhat.com> Signed-off-by: NCole Robinson <crobinso@redhat.com>
-
由 Cole Robinson 提交于
Set report=true for all enums currently formatted in the XML Acked-by: NMichal Privoznik <mprivozn@redhat.com> Signed-off-by: NCole Robinson <crobinso@redhat.com>
-
由 Cole Robinson 提交于
Set report=true for all enums currently formatted in the XML Acked-by: NMichal Privoznik <mprivozn@redhat.com> Signed-off-by: NCole Robinson <crobinso@redhat.com>
-
由 Cole Robinson 提交于
virCapsEnum report is an internal bool indicating whether we should format the enum in the XML at all. This is unused for now but will be handled in future patches. We use a plain bool instead of tristate because the case here is a bit different than the explicit @supported output. We already report the equivalent of supported=YES|NO based on what enum values are filled in. This adds report=false to handle the ABSENT case. Acked-by: NMichal Privoznik <mprivozn@redhat.com> Signed-off-by: NCole Robinson <crobinso@redhat.com>
-
由 Cole Robinson 提交于
Change domcaps to skip formatting XML if the default TRISTATE_BOOL_ABSENT is found. Now when domcaps is extended, driver XML output won't change until an explicit TRISTATE_BOOL value is set in driver code. Acked-by: NMichal Privoznik <mprivozn@redhat.com> Signed-off-by: NCole Robinson <crobinso@redhat.com>
-
由 Cole Robinson 提交于
<hostdev> and <features> are not supported. <loader>, <graphics>, and <video> are supported conditionally Acked-by: NMichal Privoznik <mprivozn@redhat.com> Signed-off-by: NCole Robinson <crobinso@redhat.com>
-
由 Cole Robinson 提交于
None of the <feature> bits are supported, and the <loader> piece is only conditionally supported Acked-by: NMichal Privoznik <mprivozn@redhat.com> Signed-off-by: NCole Robinson <crobinso@redhat.com>
-
由 Cole Robinson 提交于
Only gic->supported needs an explicit BOOL_NO setting, all other 'supported' values are handling things correctly Acked-by: NMichal Privoznik <mprivozn@redhat.com> Signed-off-by: NCole Robinson <crobinso@redhat.com>
-
由 Cole Robinson 提交于
Switch most 'supported' handling to use virTristateBool, so eventually we can handle the ABSENT state. For now the XML formatter treats ABSENT the same as FALSE, so there's no functional output change. This will be addressed in later patches Acked-by: NMichal Privoznik <mprivozn@redhat.com> Signed-off-by: NCole Robinson <crobinso@redhat.com>
-
由 Cole Robinson 提交于
Similar to the macros we have for formatting enums, add a macro to simplify formatting the pattern: <FOO supported='yes|no'/> Acked-by: NMichal Privoznik <mprivozn@redhat.com> Signed-off-by: NCole Robinson <crobinso@redhat.com>
-
由 Michal Privoznik 提交于
In 0eca80e6 _class was renamed to klass for variety of struct members. However, gather_usb_cap() was missed out in this rename leaving FreeBSD build broken. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Cole Robinson 提交于
This code originates from: commit d0aa10fd Author: Daniel P. Berrange <berrange@redhat.com> Date: Tue Mar 3 12:03:44 2009 +0000 QEMU security driver usage for sVirt support (James Morris, Dan Walsh, Daniel Berrange) Originally in the qemudDomainGetSecurityLabel function. It doesn't appear to have done anything useful back then either. The other two instances look like copy+paste Reviewed-by: NJán Tomko <jtomko@redhat.com> Signed-off-by: NCole Robinson <crobinso@redhat.com>
-