1. 07 8月, 2012 1 次提交
  2. 27 7月, 2012 1 次提交
    • E
      maint: don't permit format strings without % · 768007ae
      Eric Blake 提交于
      Any time we have a string with no % passed through gettext, a
      translator can inject a % to cause a stack overread.  When there
      is nothing to format, it's easier to ask for a string that cannot
      be used as a formatter, by using a trivial "%s" format instead.
      
      In the past, we have used --disable-nls to catch some of the
      offenders, but that doesn't get run very often, and many more
      uses have crept in.  Syntax check to the rescue!
      
      The syntax check can catch uses such as
      virReportError(code,
                     _("split "
                       "string"));
      by using a sed script to fold context lines into one pattern
      space before checking for a string without %.
      
      This patch is just mechanical insertion of %s; there are probably
      several messages touched by this patch where we would be better
      off giving the user more information than a fixed string.
      
      * cfg.mk (sc_prohibit_diagnostic_without_format): New rule.
      * src/datatypes.c (virUnrefConnect, virGetDomain)
      (virUnrefDomain, virGetNetwork, virUnrefNetwork, virGetInterface)
      (virUnrefInterface, virGetStoragePool, virUnrefStoragePool)
      (virGetStorageVol, virUnrefStorageVol, virGetNodeDevice)
      (virGetSecret, virUnrefSecret, virGetNWFilter, virUnrefNWFilter)
      (virGetDomainSnapshot, virUnrefDomainSnapshot): Add %s wrapper.
      * src/lxc/lxc_driver.c (lxcDomainSetBlkioParameters)
      (lxcDomainGetBlkioParameters): Likewise.
      * src/conf/domain_conf.c (virSecurityDeviceLabelDefParseXML)
      (virDomainDiskDefParseXML, virDomainGraphicsDefParseXML):
      Likewise.
      * src/conf/network_conf.c (virNetworkDNSHostsDefParseXML)
      (virNetworkDefParseXML): Likewise.
      * src/conf/nwfilter_conf.c (virNWFilterIsValidChainName):
      Likewise.
      * src/conf/nwfilter_params.c (virNWFilterVarValueCreateSimple)
      (virNWFilterVarAccessParse): Likewise.
      * src/libvirt.c (virDomainSave, virDomainSaveFlags)
      (virDomainRestore, virDomainRestoreFlags)
      (virDomainSaveImageGetXMLDesc, virDomainSaveImageDefineXML)
      (virDomainCoreDump, virDomainGetXMLDesc)
      (virDomainMigrateVersion1, virDomainMigrateVersion2)
      (virDomainMigrateVersion3, virDomainMigrate, virDomainMigrate2)
      (virStreamSendAll, virStreamRecvAll)
      (virDomainSnapshotGetXMLDesc): Likewise.
      * src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
      (virNWFilterDHCPSnoopReq): Likewise.
      * src/openvz/openvz_driver.c (openvzUpdateDevice): Likewise.
      * src/openvz/openvz_util.c (openvzKBPerPages): Likewise.
      * src/qemu/qemu_cgroup.c (qemuSetupCgroup): Likewise.
      * src/qemu/qemu_command.c (qemuBuildHubDevStr, qemuBuildChrChardevStr)
      (qemuBuildCommandLine): Likewise.
      * src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Likewise.
      * src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
      * src/rpc/virnetsaslcontext.c (virNetSASLSessionGetIdentity):
      Likewise.
      * src/rpc/virnetsocket.c (virNetSocketNewConnectUNIX)
      (virNetSocketSendFD, virNetSocketRecvFD): Likewise.
      * src/storage/storage_backend_disk.c
      (virStorageBackendDiskBuildPool): Likewise.
      * src/storage/storage_backend_fs.c
      (virStorageBackendFileSystemProbe)
      (virStorageBackendFileSystemBuild): Likewise.
      * src/storage/storage_backend_rbd.c
      (virStorageBackendRBDOpenRADOSConn): Likewise.
      * src/storage/storage_driver.c (storageVolumeResize): Likewise.
      * src/test/test_driver.c (testInterfaceChangeBegin)
      (testInterfaceChangeCommit, testInterfaceChangeRollback):
      Likewise.
      * src/vbox/vbox_tmpl.c (vboxListAllDomains): Likewise.
      * src/xenxs/xen_sxpr.c (xenFormatSxprDisk, xenFormatSxpr):
      Likewise.
      * src/xenxs/xen_xm.c (xenXMConfigGetUUID, xenFormatXMDisk)
      (xenFormatXM): Likewise.
      768007ae
  3. 23 7月, 2012 1 次提交
    • O
      Desert the FSF address in copyright · f9ce7dad
      Osier Yang 提交于
      Per the FSF address could be changed from time to time, and GNU
      recommends the following now: (http://www.gnu.org/licenses/gpl-howto.html)
      
        You should have received a copy of the GNU General Public License
        along with Foobar.  If not, see <http://www.gnu.org/licenses/>.
      
      This patch removes the explicit FSF address, and uses above instead
      (of course, with inserting 'Lesser' before 'General').
      
      Except a bunch of files for security driver, all others are changed
      automatically, the copyright for securify files are not complete,
      that's why to do it manually:
      
        src/security/security_selinux.h
        src/security/security_driver.h
        src/security/security_selinux.c
        src/security/security_apparmor.h
        src/security/security_apparmor.c
        src/security/security_driver.c
      f9ce7dad
  4. 19 7月, 2012 1 次提交
    • G
      rpc: remove trailing whitespace character in error string · 5b924be9
      Guannan Ren 提交于
      Instead of only removing the ending newline character, it is
      better to remove all of standard whitespace character for the
      sake of log format.
      
      One example that we have to do this is:
      After three times incorrect password input, virsh command
      virsh -c qemu://remoteserver/system will report error like:
      
      : Connection reset by peerey,gssapi-keyex,gssapi-with-mic,password).
      
      But it should be:
      Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
      : Connection reset by peer
      
      The reason is that we dropped the newline, but have a '\r' left.
      The terminal interprets it as "move the cursor back to the start
      of the current line", so the error string is messed up.
      5b924be9
  5. 18 7月, 2012 1 次提交
  6. 12 7月, 2012 1 次提交
    • C
      Fix daemon auto-spawning · efe6c802
      Christophe Fergeau 提交于
      Commit 32a9aac2 switched libvirt to use the XDG base directories
      to locate most of its data/config. In particular, the per-user socket
      for qemu:///session is now stored in the XDG runtime directory.
      This directory is located by looking at the XDG_RUNTIME_DIR environment
      variable, with a fallback to ~/.cache/libvirt if this variable is not
      set.
      
      When the daemon is autospawned because a client application wants
      to use qemu:///session, the daemon is ran in a clean environment
      which does not contain XDG_RUNTIME_DIR. It will create its socket
      in ~/.cache/libvirt. If the client application has XDG_RUNTIME_DIR
      set, it will not look for the socket in the fallback place, and will
      fail to connect to the autospawned daemon.
      
      This patch adds XDG_RUNTIME_DIR to the daemon environment before
      auto-starting it. I've done this in virNetSocketForkDaemon rather
      than in virCommandAddEnvPassCommon as I wasn't sure we want to pass
      these variables to other commands libvirt spawns. XDG_CACHE_HOME
      and XDG_CONFIG_HOME are also added to the daemon env as it makes use
      of those as well.
      efe6c802
  7. 28 5月, 2012 1 次提交
  8. 30 3月, 2012 1 次提交
  9. 02 3月, 2012 1 次提交
    • E
      build: fix output of pid values · 355ec281
      Eric Blake 提交于
      Nuke the last vestiges of printing pid_t values with the wrong
      types, at least in code compiled on mingw64.  There may be other
      places, but for now they are only compiled on systems where the
      existing %d doesn't trigger gcc warnings.
      
      * src/rpc/virnetsocket.c (virNetSocketNew): Use %lld and casting,
      rather than assuming any particular int type for pid_t.
      * src/util/command.c (virCommandRunAsync, virPidWait)
      (virPidAbort): Likewise.
      (verify): Drop a now stale assertion.
      355ec281
  10. 19 1月, 2012 2 次提交
    • D
      Rename APIs for fetching UNIX socket credentials · 2f9dc36d
      Daniel P. Berrange 提交于
      To avoid a namespace clash with forthcoming identity APIs,
      rename the virNet*GetLocalIdentity() APIs to have the form
      virNet*GetUNIXIdentity()
      
      * daemon/remote.c, src/libvirt_private.syms: Update
        for renamed APIs
      * src/rpc/virnetserverclient.c, src/rpc/virnetserverclient.h,
        src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: s/LocalIdentity/UNIXIdentity/
      2f9dc36d
    • D
      Also retrieve GID from SO_PEERCRED · 59cf0398
      Daniel P. Berrange 提交于
      * daemon/remote.c, src/rpc/virnetserverclient.c,
        src/rpc/virnetserverclient.h, src/rpc/virnetsocket.c,
        src/rpc/virnetsocket.h: Add gid parameter
      59cf0398
  11. 07 12月, 2011 1 次提交
    • D
      Improve error reporting when libvirtd is not installed · 13c881dc
      Daniel P. Berrange 提交于
      Currently if you try to connect to a local libvirtd when
      libvirtd is not in $PATH, you'll get an error
      
        error: internal error invalid use of command API
      
      This is because remoteFindDaemonPath() returns NULL, which
      causes us to pass NULL into virNetSocketConnectUNIX which
      in turn causes us to pass NULL into virCommandNewArgList.
      
      Adding missing error checks improves this to
      
        error: internal error Unable to locate libvirtd daemon in $PATH
      
      * src/remote/remote_driver.c: Report error if libvirtd
        cannot be found
      * src/rpc/virnetsocket.c: Report error if caller requested
        spawning of daemon, but provided no binary path
      13c881dc
  12. 29 11月, 2011 1 次提交
  13. 16 11月, 2011 1 次提交
    • D
      Allow non-blocking message sending on virNetClient · ff465ad2
      Daniel P. Berrange 提交于
      Add a new virNetClientSendNonBlock which returns 2 on
      full send, 1 on partial send, 0 on no send, -1 on error
      
      If a partial send occurs, then a subsequent call to any
      of the virNetClientSend* APIs will finish any outstanding
      I/O.
      
      TODO: the virNetClientEvent event handler could be used
      to speed up completion of partial sends if an event loop
      is present.
      
      * src/rpc/virnetsocket.h, src/rpc/virnetsocket.c: Add new
        virNetSocketHasPendingData() API to test for cached
        data pending send.
      * src/rpc/virnetclient.c, src/rpc/virnetclient.h: Add new
        virNetClientSendNonBlock() API to send non-blocking API
      ff465ad2
  14. 15 11月, 2011 1 次提交
    • D
      Split src/util/network.{c,h} into 5 pieces · d3406045
      Daniel P. Berrange 提交于
      The src/util/network.c file is a dumping ground for many different
      APIs. Split it up into 5 pieces, along functional lines
      
       - src/util/virnetdevbandwidth.c: virNetDevBandwidth type & helper APIs
       - src/util/virnetdevvportprofile.c: virNetDevVPortProfile type & helper APIs
       - src/util/virsocketaddr.c: virSocketAddr and APIs
       - src/conf/netdev_bandwidth_conf.c: XML parsing / formatting
         for virNetDevBandwidth
       - src/conf/netdev_vport_profile_conf.c: XML parsing / formatting
         for virNetDevVPortProfile
      
      * src/util/network.c, src/util/network.h: Split into 5 pieces
      * src/conf/netdev_bandwidth_conf.c, src/conf/netdev_bandwidth_conf.h,
        src/conf/netdev_vport_profile_conf.c, src/conf/netdev_vport_profile_conf.h,
        src/util/virnetdevbandwidth.c, src/util/virnetdevbandwidth.h,
        src/util/virnetdevvportprofile.c, src/util/virnetdevvportprofile.h,
        src/util/virsocketaddr.c, src/util/virsocketaddr.h: New pieces
      * daemon/libvirtd.h, daemon/remote.c, src/conf/domain_conf.c,
        src/conf/domain_conf.h, src/conf/network_conf.c,
        src/conf/network_conf.h, src/conf/nwfilter_conf.h,
        src/esx/esx_util.h, src/network/bridge_driver.c,
        src/qemu/qemu_conf.c, src/rpc/virnetsocket.c,
        src/rpc/virnetsocket.h, src/util/dnsmasq.h, src/util/interface.h,
        src/util/iptables.h, src/util/macvtap.c, src/util/macvtap.h,
        src/util/virnetdev.h, src/util/virnetdevtap.c,
        tools/virsh.c: Update include files
      d3406045
  15. 10 11月, 2011 1 次提交
    • D
      Santize naming of socket address APIs · 4c544e6c
      Daniel P. Berrange 提交于
      The socket address APIs in src/util/network.h either take the
      form  virSocketAddrXXX, virSocketXXX or virSocketXXXAddr.
      
      Sanitize this so everything is virSocketAddrXXXX, and ensure
      that the virSocketAddr parameter is always the first one.
      
      * src/util/network.c, src/util/network.h: Santize socket
        address API naming
      * src/conf/domain_conf.c, src/conf/network_conf.c,
        src/conf/nwfilter_conf.c, src/network/bridge_driver.c,
        src/nwfilter/nwfilter_ebiptables_driver.c,
        src/nwfilter/nwfilter_learnipaddr.c,
        src/qemu/qemu_command.c, src/rpc/virnetsocket.c,
        src/util/dnsmasq.c, src/util/iptables.c,
        src/util/virnetdev.c, src/vbox/vbox_tmpl.c: Update for
        API renaming
      4c544e6c
  16. 07 11月, 2011 1 次提交
    • D
      Fix sending/receiving of FDs when stream returns EAGAIN · b2c62316
      Daniel P. Berrange 提交于
      The code calling sendfd/recvfd was mistakenly assuming those
      calls would never block. They can in fact return EAGAIN and
      this is causing us to drop the client connection when blocking
      ocurrs while sending/receiving FDs.
      
      Fixing this is a little hairy on the incoming side, since at
      the point where we see the EAGAIN, we already thought we had
      finished receiving all data for the packet. So we play a little
      trick to reset bufferOffset again and go back into polling for
      more data.
      
      * src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Update
        virNetSocketSendFD/RecvFD to return 0 on EAGAIN, or 1
        on success
      * src/rpc/virnetclient.c: Move decoding of header & fds
        out of virNetClientCallDispatch and into virNetClientIOHandleInput.
        Handling blocking when sending/receiving FDs
      * src/rpc/virnetmessage.h: Add a 'donefds' field to track
        how many FDs we've sent / received
      * src/rpc/virnetserverclient.c: Handling blocking when
        sending/receiving FDs
      b2c62316
  17. 03 11月, 2011 1 次提交
  18. 28 10月, 2011 1 次提交
  19. 14 10月, 2011 2 次提交
  20. 11 10月, 2011 2 次提交
    • D
      Rewrite all the DTrace/SystemTAP probing · ddf3bd32
      Daniel P. Berrange 提交于
      The libvirtd daemon had a few crude system tap probes. Some of
      these were broken during the RPC rewrite. The new modular RPC
      code is structured in a way that allows much more effective
      tracing. Instead of trying to hook up the original probes,
      define a new set of probes for the RPC and event code.
      
      The master probes file is now src/probes.d.  This contains
      probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
      virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
      probes for the poll event loop.
      
      The src/dtrace2systemtap.pl script can convert the probes.d
      file into a libvirt_probes.stp file to make use from systemtap
      much simpler.
      
      The src/rpc/gensystemtap.pl script can generate a set of
      systemtap functions for translating RPC enum values into
      printable strings. This works for all RPC header enums (program,
      type, status, procedure) and also the authentication enum
      
      The PROBE macro will automatically generate a VIR_DEBUG
      statement, so any place with a PROBE can remove any existing
      manual DEBUG statements.
      
      * daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
      * daemon/libvirtd.h: Remove probe macros
      * daemon/Makefile.am: Remove all probe buildings/install
      * daemon/remote.c: Update authentication probes
      * src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
        to generate STP files
      * src/internal.h: Add probe macros
      * src/probes.d: Master list of probes
      * src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
        src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
        src/util/event_poll.c: Insert probe points, removing any
        DEBUG statements that duplicate the info
      ddf3bd32
    • D
      Add virSocketRef API to facilitate dynamic probing · 6aebc194
      Daniel P. Berrange 提交于
      Instead of directly manipulating sock->refs, add a virSocketRef
      API
      
      * src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Add virSocketRef
      6aebc194
  21. 09 9月, 2011 1 次提交
  22. 18 8月, 2011 1 次提交
  23. 15 8月, 2011 3 次提交
  24. 04 8月, 2011 1 次提交
  25. 30 7月, 2011 1 次提交
    • E
      build: fix include path for cygwin · c5b6537b
      Eric Blake 提交于
      Without this, cygwin failed to compile:
      
      In file included from ../src/rpc/virnetmessage.h:24,
                       from ../src/rpc/virnetclient.h:27,
                       from remote/remote_driver.c:31:
      ../src/rpc/virnetprotocol.h:9:21: error: rpc/rpc.h: No such file or directory
      
      With that fixed, compilation warned:
      
      rpc/virnetsocket.c: In function 'virNetSocketNewListenUNIX':
      rpc/virnetsocket.c:347: warning: format '%d' expects type 'int', but argument 8 has type 'gid_t' [-Wformat]
      rpc/virnetsocket.c: In function 'virNetSocketGetLocalIdentity':
      rpc/virnetsocket.c:743: warning: pointer targets in passing argument 5 of 'getsockopt' differ in signedness
      
      * src/Makefile.am (libvirt_driver_remote_la_CFLAGS)
      (libvirt_net_rpc_client_la_CFLAGS)
      (libvirt_net_rpc_server_la_CFLAGS): Include XDR_CFLAGS, for rpc
      headers on cygwin.
      * src/rpc/virnetsocket.c (virNetSocketNewListenUNIX)
      (virNetSocketGetLocalIdentity): Avoid compiler warnings.
      c5b6537b
  26. 26 7月, 2011 1 次提交
    • D
      Report error if unable to bind to any socket · a4458597
      Daniel P. Berrange 提交于
      When setting up a server socket, we must skip EADDRINUSE errors
      from bind, since the IPv6 socket bind may have already bound to
      the IPv4 socket too. If we don't manage to bind to any sockets
      at all though, we should then report the EADDRINUSE error as
      normal.
      
      This fixes the case where libvirtd would not exit if some other
      program was listening on its TCP/TLS ports.
      
      * src/rpc/virnetsocket.c: Report EADDRINUSE
      a4458597
  27. 22 7月, 2011 2 次提交
    • O
      remote/ssh: optional "keyfile" parameter. · 6b01c83a
      Oskari Saarenmaa 提交于
      New optional parameter "keyfile" for ssh transport allows the user to select
      the private key to be used to authenticate to the remote host.
      6b01c83a
    • E
      build: rename files.h to virfile.h · 8e22e089
      Eric Blake 提交于
      In preparation for a future patch adding new virFile APIs.
      
      * src/util/files.h, src/util/files.c: Move...
      * src/util/virfile.h, src/util/virfile.c: ...here, and rename
      functions to virFile prefix.  Macro names are intentionally
      left alone.
      * *.c: All '#include "files.h"' uses changed.
      * src/Makefile.am (UTIL_SOURCES): Reflect rename.
      * cfg.mk (exclude_file_name_regexp--sc_prohibit_close): Likewise.
      * src/libvirt_private.syms: Likewise.
      * docs/hacking.html.in: Likewise.
      * HACKING: Regenerate.
      8e22e089
  28. 21 7月, 2011 1 次提交
  29. 19 7月, 2011 2 次提交
    • D
      Use a virFreeCallback on virNetSocket to ensure safe release · 7ea2ef4c
      Daniel P. Berrange 提交于
      When unregistering an I/O callback from a virNetSocket object,
      there is still a chance that an event may come in on the callback.
      In this case it is possible that the virNetSocket might have been
      freed already. Make use of a virFreeCallback when registering
      the I/O callbacks and hold a reference for the entire time the
      callback is set.
      
      * src/rpc/virnetsocket.c: Register a free function for the
        file handle watch
      * src/rpc/virnetsocket.h, src/rpc/virnetserverservice.c,
        src/rpc/virnetserverclient.c, src/rpc/virnetclient.c: Add
        a free function for the socket I/O watches
      7ea2ef4c
    • D
      Add mutex locking and reference counting to virNetSocket · 6198f3a1
      Daniel P. Berrange 提交于
      Remove the need for a virNetSocket object to be protected by
      locks from the object using it, by introducing its own native
      locking and reference counting
      
      * src/rpc/virnetsocket.c: Add locking & reference counting
      6198f3a1
  30. 15 7月, 2011 1 次提交
    • E
      virnetsocket: use new API for uniform child cleanup · a59a99f2
      Eric Blake 提交于
      Rather than trying to clean up the ssh child ourselves, and risk
      subtle differences from the socket creation error path, we can
      just use the new APIs.
      
      * src/rpc/virnetsocket.c (virNetSocketFree): Use new function.
      a59a99f2
  31. 12 7月, 2011 1 次提交
    • O
      remote/ssh: support for no_verify. · 9a0e6a8f
      Oskari Saarenmaa 提交于
      Set StrictHostKeyChecking=no to auto-accept new ssh host keys if the
      no_verify extra parameter was specified.  This won't disable host key
      checking for already known hosts.  Includes a test and documentation.
      9a0e6a8f
  32. 11 7月, 2011 1 次提交
  33. 01 7月, 2011 1 次提交
    • E
      rpc: avoid freeing uninitialized variable · 0a8a79af
      Eric Blake 提交于
      Detected by Coverity.  Both are instances of bad things happening
      if pipe2 fails; the virNetClientNew failure could free garbage,
      and virNetSocketNewConnectCommand could close random fds.
      
      Note: POSIX doesn't guarantee the contents of fd[0] and fd[1]
      after pipe failure: http://austingroupbugs.net/view.php?id=467
      We may need to introduce a virPipe2 wrapper that guarantees
      that on pipe failure, the fds are explicitly set to -1, rather
      than our current state of assuming the fds are unchanged from
      their value prior to the failed pipe call.
      
      * src/rpc/virnetclient.c (virNetClientNew): Initialize variable.
      * src/rpc/virnetsocket.c (virNetSocketNewConnectCommand):
      Likewise.
      0a8a79af