- 20 1月, 2014 6 次提交
-
-
由 Jiri Denemark 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1046919 Since commit v0.9.0-47-g4e8969eb (released in 0.9.1) some failures during device detach were reported to callers of virPCIDeviceBindToStub as success. For example, even though a device seemed to be detached virsh # nodedev-detach pci_0000_07_05_0 --driver vfio Device pci_0000_07_05_0 detached one could find similar message in libvirt logs: Failed to bind PCI device '0000:07:05.0' to vfio-pci: No such device This patch fixes these paths and also avoids overwriting real errors with errors encountered during a cleanup phase.
-
由 Jiri Denemark 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1046919 When a PCI device is not bound to any driver, reattach should just trigger driver probe rather than failing with Invalid device 0000:00:19.0 driver file /sys/bus/pci/devices/0000:00:19.0/driver is not a symlink While virPCIDeviceGetDriverPathAndName was documented to return success and NULL driver and path when a device is not attached to any driver but didn't do so. Thus callers could not distinguish unbound devices from failures. Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Gao feng 提交于
With this patch, user can setup throttle blkio cgroup through virsh for qemu domain. Signed-off-by: NGuan Qiang <hzguanqiang@corp.netease.com> Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
由 Gao feng 提交于
With this patch, user can setup the throttle blkio cgorup for domain through the virsh cmd, such as: virsh blkiotune domain1 --device-read-bytes-sec /dev/sda1,1000000,/dev/sda2,2000000 --device-write-bytes-sec /dev/sda1,1000000 --device-read-iops-sec /dev/sda1,10000 --device-write-iops-sec /dev/sda1,10000,/dev/sda2,0 This patch also add manpage for these new options. Signed-off-by: NGuan Qiang <hzguanqiang@corp.netease.com> Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
由 Gao feng 提交于
This patch introduces virCgroupSetBlkioDeviceReadIops, virCgroupSetBlkioDeviceWriteIops, virCgroupSetBlkioDeviceReadBps and virCgroupSetBlkioDeviceWriteBps, we can use these interfaces to set up throttle blkio cgroup for domain. This patch also adds the new throttle blkio cgroup elements to the test xml. Signed-off-by: NGuan Qiang <hzguanqiang@corp.netease.com> Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
由 Gao feng 提交于
This patch introduces new xml elements under <blkiotune>, we use these new elements to setup the throttle blkio cgroup for domain. The new blkiotune node looks like this: <blkiotune> <device> <path>/path/to/block</path> <weight>1000</weight> <read_iops_sec>10000</read_iops_sec> <write_iops_sec>10000</write_iops_sec> <read_bytes_sec>1000000</read_bytes_sec> <write_bytes_sec>1000000</write_bytes_sec> </device> </blkiotune> Signed-off-by: NGuan Qiang <hzguanqiang@corp.netease.com> Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
- 18 1月, 2014 1 次提交
-
-
由 Christophe Fergeau 提交于
-
- 17 1月, 2014 8 次提交
-
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=996543 When starting up a domain, the SELinux labeling is done depending on current configuration. If the labeling fails we check for possible causes, as not all labeling failures are fatal. For example, if the labeled file is on NFS which lacks SELinux support, the file can still be readable to qemu process. These cases are distinguished by the errno code: NFS without SELinux support returns EOPNOTSUPP. However, we were missing one scenario. In case there's a read-only disk on a read-only NFS (and possibly any FS) and the labeling is just optional (not explicitly requested in the XML) there's no need to make the labeling error fatal. In other words, read-only file on read-only NFS can fail to be labeled, but be readable at the same time. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Eric Blake 提交于
Finish the cleanup of libvirt.c; all uses of virLib*Error have now been converted to more canonical conventions. * src/libvirt.c: Use virReportError in remaining errors. (virLibConnError, virLibDomainError): Delete unused macros. * cfg.mk (msg_gen_function): Drop unused names. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
We had a lot of repetition of errors that would occur if we ever register too many drivers; this is unlikely to occur unless we start adding a lot of new hypervisor modules, but if it does occur, it's better to have uniform handling of the situation, so that a one-line change is all that would be needed if we decide that an internal error is not the best. * src/libvirt.c (virDriverCheckTabMaxReturn): New define. (virRegister*Driver): Use it for less code duplication. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
The choice of error message and category was not consistent in the migration code; furthermore, the use of virLibConnError is no longer necessary now that we have a generic virReportError. * src/qemu/qemu_migration.c (virDomainMigrate*): Prefer virReportError over virLibConnError. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
While auditing the error reporting, I noticed that migration had some issues. Some of the static helper functions tried to call virDispatchError(), even though their caller will also report the error. Also, if a migration is cancelled early because a uri was not set, we did not guarantee that the finish stage would not overwrite the first error message. * src/qemu/qemu_migration.c (doPeer2PeerMigrate2) (doPeer2PeerMigrate3): Preserve first error when cancelling. * src/libvirt.c (virDomainMigrateVersion3Full): Likewise. (virDomainMigrateVersion1, virDomainMigrateVersion2) (virDomainMigrateDirect): Avoid redundant error dispatch. (virDomainMigrateFinish2, virDomainMigrateFinish3) (virDomainMigrateFinish3Params): Don't report error on cleanup path. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
The public virConnectRef and virConnectClose API are just thin wrappers around virObjectRef/virObjectRef, with added object validation and an error reset. Within our backend drivers, use of the object validation is just an inefficiency since we always pass valid objects. More important to think about is what happens with the error reset; our uses of virConnectRef happened to be safe (since we hadn't encountered any earlier errors), but in several cases the use of virConnectClose could lose a real error. Ideally, we should also avoid calling virConnectOpen() from within backend drivers - but that is a known situation that needs much more design work. * src/qemu/qemu_process.c (qemuProcessReconnectHelper) (qemuProcessReconnect): Avoid nested public API call. * src/qemu/qemu_driver.c (qemuAutostartDomains) (qemuStateInitialize, qemuStateStop): Likewise. * src/qemu/qemu_migration.c (doPeer2PeerMigrate): Likewise. * src/storage/storage_driver.c (storageDriverAutostart): Likewise. * src/uml/uml_driver.c (umlAutostartConfigs): Likewise. * src/lxc/lxc_process.c (virLXCProcessAutostartAll): Likewise. (virLXCProcessReboot): Likewise, and avoid leaking conn on error. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Several APIs clear out a user input buffer before attempting to populate it; but in a few cases we missed this memset if we detect a reason for an early exit. Note that these APIs check for non-NULL arguments, and exit early with an error message when NULL is passed in; which means that we must be careful to avoid a NULL deref in order to get to that error message. Also, we were inconsistent on the use of sizeof(virType) vs. sizeof(expression); the latter is more robust if we ever change the type of the expression (although such action is unlikely since these types are part of our public API). * src/libvirt.c (virDomainGetInfo, virDomainGetBlockInfo) (virStoragePoolGetInfo, virStorageVolGetInfo) (virDomainGetJobInfo, virDomainGetBlockJobInfo): Move memset before any returns. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Martin Kletzander 提交于
There is a number of reported issues when we fail starting a domain. Turns out that, in some scenarios like high load, 3 second timeout is not enough for qemu to start up to the phase where the socket is created. Since there is no downside of waiting longer, raise the timeout right to 30 seconds. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
- 16 1月, 2014 19 次提交
-
-
由 Pavel Hrdina 提交于
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Pavel Hrdina 提交于
In a "for" loop there are created two new strings and they may not be freed if a "target" string cannot be obtained. We have to free the two created strings to prevent the memory leak. This has been found by coverity. John also pointed out that we should somehow care about the "type" and "device" and Osier agreed to exit with error message if one of them is set to NULL. Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Peter Krempa 提交于
To allow using the storage driver APIs to do operation on generic domain disks we will need to introduce internal storage pools that will give is a base to support this stuff even on files that weren't originally defined as a part of the pool. This patch introduces the 'internal' flag for a storage pool that will prevent it from being listed along with the user defined storage pools.
-
由 Peter Krempa 提交于
Separate the steps to create libvirt's volume metadata from the actual volume building process.
-
由 Peter Krempa 提交于
Separate the steps to create libvirt's volume metadata from the actual volume building process.
-
由 Peter Krempa 提交于
Separate the steps to create libvirt's volume metadata from the actual volume building process.
-
由 Peter Krempa 提交于
Separate the steps to create libvirt's volume metadata from the actual volume building process. This is already done for regular file based pools to allow job support for storage APIs.
-
由 Peter Krempa 提交于
Implement the "deleteVol" storage backend function for gluster volumes.
-
由 Christophe Fergeau 提交于
Currently, during XML parsing, when a call to a FromString() function to get an enum value fails, the error which is reported is either VIR_ERR_CONFIG_UNSUPPORTED, VIR_ERR_INTERNAL_ERROR or VIR_ERR_XML_ERROR. This commit makes such conversion failures consistently return VIR_ERR_CONFIG_UNSUPPORTED.
-
由 Christophe Fergeau 提交于
-
由 Daniel Veillard 提交于
* docs/news.html.in libvirt.spec.in: updated for the release * po/*.po*: updated localization from transifex and regenerated
-
由 Eric Blake 提交于
Ever since ACL filtering was added in commit 76397360 (v1.1.1), a user could still use event registration to obtain access to a domain that they could not normally access via virDomainLookup* or virConnectListAllDomains and friends. We already have the framework in the RPC generator for creating the filter, and previous cleanup patches got us to the point that we can now wire the filter through the entire object event stack. Furthermore, whether or not domain:getattr is honored, use of global events is a form of obtaining a list of networks, which is covered by connect:search_domains added in a93cd08f (v1.1.0). Ideally, we'd have a way to enforce connect:search_domains when doing global registrations while omitting that check on a per-domain registration. But this patch just unconditionally requires connect:search_domains, even when no list could be obtained, based on the following observations: 1. Administrators are unlikely to grant domain:getattr for one or all domains while still denying connect:search_domains - a user that is able to manage domains will want to be able to manage them efficiently, but efficient management includes being able to list the domains they can access. The idea of denying connect:search_domains while still granting access to individual domains is therefore not adding any real security, but just serves as a layer of obscurity to annoy the end user. 2. In the current implementation, domain events are filtered on the client; the server has no idea if a domain filter was requested, and must therefore assume that all domain event requests are global. Even if we fix the RPC protocol to allow for server-side filtering for newer client/server combos, making the connect:serach_domains ACL check conditional on whether the domain argument was NULL won't benefit older clients. Therefore, we choose to document that connect:search_domains is a pre-requisite to any domain event management. Network events need the same treatment, with the obvious change of using connect:search_networks and network:getattr. * src/access/viraccessperm.h (VIR_ACCESS_PERM_CONNECT_SEARCH_DOMAINS) (VIR_ACCESS_PERM_CONNECT_SEARCH_NETWORKS): Document additional effect of the permission. * src/conf/domain_event.h (virDomainEventStateRegister) (virDomainEventStateRegisterID): Add new parameter. * src/conf/network_event.h (virNetworkEventStateRegisterID): Likewise. * src/conf/object_event_private.h (virObjectEventStateRegisterID): Likewise. * src/conf/object_event.c (_virObjectEventCallback): Track a filter. (virObjectEventDispatchMatchCallback): Use filter. (virObjectEventCallbackListAddID): Register filter. * src/conf/domain_event.c (virDomainEventFilter): New function. (virDomainEventStateRegister, virDomainEventStateRegisterID): Adjust callers. * src/conf/network_event.c (virNetworkEventFilter): New function. (virNetworkEventStateRegisterID): Adjust caller. * src/remote/remote_protocol.x (REMOTE_PROC_CONNECT_DOMAIN_EVENT_REGISTER) (REMOTE_PROC_CONNECT_DOMAIN_EVENT_REGISTER_ANY) (REMOTE_PROC_CONNECT_NETWORK_EVENT_REGISTER_ANY): Generate a filter, and require connect:search_domains instead of weaker connect:read. * src/test/test_driver.c (testConnectDomainEventRegister) (testConnectDomainEventRegisterAny) (testConnectNetworkEventRegisterAny): Update callers. * src/remote/remote_driver.c (remoteConnectDomainEventRegister) (remoteConnectDomainEventRegisterAny): Likewise. * src/xen/xen_driver.c (xenUnifiedConnectDomainEventRegister) (xenUnifiedConnectDomainEventRegisterAny): Likewise. * src/vbox/vbox_tmpl.c (vboxDomainGetXMLDesc): Likewise. * src/libxl/libxl_driver.c (libxlConnectDomainEventRegister) (libxlConnectDomainEventRegisterAny): Likewise. * src/qemu/qemu_driver.c (qemuConnectDomainEventRegister) (qemuConnectDomainEventRegisterAny): Likewise. * src/uml/uml_driver.c (umlConnectDomainEventRegister) (umlConnectDomainEventRegisterAny): Likewise. * src/network/bridge_driver.c (networkConnectNetworkEventRegisterAny): Likewise. * src/lxc/lxc_driver.c (lxcConnectDomainEventRegister) (lxcConnectDomainEventRegisterAny): Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
We haven't had a release with network events yet, so we are free to fix the RPC so that it actually does what we want. Doing client-side filtering of per-network events is inefficient if a connection is only interested in events on a single network out of hundreds available on the server. But to do server-side per-network filtering, the server needs to know which network to filter on - so we need to pass an optional network over on registration. Furthermore, it is possible to have a client with both a global and per-network filter; in the existing code, the server sends only one event and the client replicates to both callbacks. But with server-side filtering, the server will send the event twice, so we need a way for the client to know which callbackID is sending an event, to ensure that the client can filter out events from a registration that does not match the callbackID from the server. Likewise, the existing style of deregistering by eventID alone is fine; but in the new style, we have to remember which callbackID to delete. This patch fixes the RPC wire definition to contain all the needed pieces of information, and hooks into the server and client side improvements of the previous patches, in order to switch over to full server-side filtering of network events. Also, since we fixed this in time, all released versions of libvirtd that support network events also support per-network filtering, so we can hard-code that assumption into network_event.c. Converting domain events to server-side filtering will require the introduction of new RPC numbers, as well as a server feature bit that the client can use to tell whether to use old-style (server only supports global events) or new-style (server supports filtered events), so that is deferred to a later set of patches. * src/conf/network_event.c (virNetworkEventStateRegisterClient): Assume server-side filtering. * src/remote/remote_protocol.x (remote_connect_network_event_register_any_args): Add network argument. (remote_connect_network_event_register_any_ret): Return callbackID instead of count. (remote_connect_network_event_deregister_any_args): Pass callbackID instead of eventID. (remote_connect_network_event_deregister_any_ret): Drop unused type. (remote_network_event_lifecycle_msg): Add callbackID. * daemon/remote.c (remoteDispatchConnectNetworkEventDeregisterAny): Drop unused arg, and deal with callbackID from client. (remoteRelayNetworkEventLifecycle): Pass callbackID. (remoteDispatchConnectNetworkEventRegisterAny): Likewise, and recognize non-NULL network. * src/remote/remote_driver.c (remoteConnectNetworkEventRegisterAny): Pass network, and track server side id. (remoteConnectNetworkEventDeregisterAny): Deregister by callback id. (remoteNetworkBuildEventLifecycle): Pass remote id to event queue. * src/remote_protocol-structs: Regenerate. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
In order to mirror a server with per-object filtering, the client needs to track which server callbackID is servicing the client callback. This patch introduces the notion of a serverID, as well as the plumbing to use it for network events, although the actual complexity of using per-object filtering in the remote driver is deferred to a later patch. * src/conf/object_event.h (virObjectEventStateEventID): Add parameter. (virObjectEventStateQueueRemote, virObjectEventStateSetRemote): New prototypes. (virObjectEventStateRegisterID): Move... * src/conf/object_event_private.h: ...here, and add parameter. (_virObjectEvent): Add field. * src/conf/network_event.h (virNetworkEventStateRegisterClient): New prototype. * src/conf/object_event.c (_virObjectEventCallback): Add field. (virObjectEventStateSetRemote): New function. (virObjectEventStateQueue): Make wrapper around... (virObjectEventStateQueueRemote): New function. (virObjectEventCallbackListCount): Tweak return count when remote id matching is used. (virObjectEventCallbackLookup, virObjectEventStateRegisterID): Tweak registration when remote id matching will be used. (virObjectEventNew): Default to no remote id. (virObjectEventCallbackListAddID): Likewise, but set remote id when one is available. (virObjectEventCallbackListRemoveID) (virObjectEventCallbackListMarkDeleteID): Adjust return value when remote id was set. (virObjectEventStateEventID): Query existing id. (virObjectEventDispatchMatchCallback): Require matching event id. (virObjectEventStateCallbackID): Adjust caller. * src/conf/network_event.c (virNetworkEventStateRegisterClient): New function. (virNetworkEventStateRegisterID): Update caller. * src/conf/domain_event.c (virDomainEventStateRegister) (virDomainEventStateRegisterID): Update callers. * src/remote/remote_driver.c (remoteConnectNetworkEventRegisterAny) (remoteConnectNetworkEventDeregisterAny) (remoteConnectDomainEventDeregisterAny): Likewise. (remoteEventQueue): Hoist earlier to avoid forward declaration, and add parameter. Adjust all callers. * src/libvirt_private.syms (conf/object_event.h): Drop function. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Right now, the daemon side of RPC events is hard-coded to at most one callback per eventID. But when there are hundreds of domains or networks coupled and multiple conections, then sending every event to every connection that wants an event, even for the connections that only care about events for a particular object, is inefficient. In order to track more than one callback in the server, we need to store callbacks by more than just their eventID. This patch rearranges the daemon side to store network callbacks in a dynamic array, which can eventually be used for multiple callbacks of the same eventID, although actual behavior is unchanged without further patches to the RPC protocol. For ease of review, domain events are saved for a later patch, as they touch more code. While at it, fix a bug where a malicious client could send a negative eventID to cause network event registration to access outside of array bounds (thankfully not a CVE, since domain events were already doing the bounds check, and since network events have not been released). * daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of network events. * daemon/remote.c (daemonClientEventCallback): New struct. (remoteEventCallbackFree): New function. (remoteClientInitHook, remoteRelayNetworkEventLifecycle) (remoteClientFreeFunc) (remoteDispatchConnectNetworkEventRegisterAny): Track network callbacks differently. (remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Peter Krempa 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1047659 If a VM dies very early during an attempted connect to the guest agent while the locks are down the domain monitor object will be freed. The object is then accessed later as any failure during guest agent startup isn't considered fatal. In the current upstream version this doesn't lead to a crash as virObjectLock called when entering the monitor in qemuProcessDetectVcpuPIDs checks the pointer before attempting to dereference (lock) it. The NULL pointer is then caught in the monitor helper code. Before the introduction of virObjectLockable - observed on 0.10.2 - the pointer is locked directly via virMutexLock leading to a crash. To avoid this problem we need to differentiate between the guest agent not being present and the VM quitting when the locks were down. The fix reorganizes the code in qemuConnectAgent to add the check and then adds special handling to the callers.
-
由 Eric Blake 提交于
While working on v1.0.5-maint (the branch in use on Fedora 19) with the host at Fedora 20, I got a failure in virstoragetest. I traced it to the fact that we were using qemu-img to create a qcow2 file, but qemu-img changed from creating v2 files by default in F19 to creating v3 files in F20. Rather than leaving it up to qemu-img, it is better to write the test to force testing of BOTH file formats (better code coverage and all). This patch alone does not fix all the failures in v1.0.5-maint; for that, we must decide to either teach the older branch to understand v3 files, or to reject them outright as unsupported. But for upstream, making the test less dependent on changing qemu-img defaults is always a good thing. * tests/virstoragetest.c (testPrepImages): Simplify creation of raw file; check if qemu supports compat and if so use it. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Mitre tried to assign us two separate CVEs for the fix for https://bugzilla.redhat.com/show_bug.cgi?id=1047577, on the grounds that the fixes were separated by more than an hour and thus triggered different hourly snapshots. But we explicitly do NOT want to treat transient security bugs as CVEs if they can only be triggered by patches in libvirt.git but where the problem is cleaned up before a formal release. Meanwhile, I noticed that while our wiki mentioned maintenance branches and releases, our formal documentation did not. * docs/downloads.html.in: Contrast hourly snapshots with maintenance branches. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Claudio Bley 提交于
s/is waken up/is woken up/ A registered PMSuspendCallback is called when the domain is suspended, not when it is woken up.
-
- 15 1月, 2014 6 次提交
-
-
由 Pavel Hrdina 提交于
For a "newfd1" the coverity tools thinks that the fd is closed in a "virCommandPassFD", but with "flags == 0" it cannot be closed. The code itself is ok, but coverity tool thinks that there is "double_close" of the "newfd1" and to prevent showing this error we simply add a comment before the proper close. This has been found by coverity. Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Pavel Hrdina 提交于
Strings "file" and "context" may not be freed if "VIR_EXPAND_N" fails and it leads into memory leak. This has been found by coverity. Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Pavel Hrdina 提交于
A "xmlstr" string may not be assigned into a "doc" pointer and it could cause memory leak. To fix it if the "doc" pointer is NULL and the "xmlstr" string is not assigned we should free it. This has been found by coverity. Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Pavel Hrdina 提交于
There could be a memory leak caused by "managed_system" string, if any error occurs before "managed_system" is assigned into "phyp_driver->managed_system". The "managed_system" string wouldn't be freed at all. The better way is to free the "managed_system" instead of the one assigned in the "phyp_driver". This has been found by coverity. Pointed out by John, that the "phyp_driver->xmlopt" needs to be unreferenced as well. Signed-off-by: NPavel Hrdina <phrdina@redhat.com> Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Pavel Hrdina 提交于
If there is no error while executing a function "openvzParseBarrierLimit" a "str" string where is duplicate of a "value" string isn't freed and it leads into memory leak. This has been found by coverity. Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Gao feng 提交于
Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-