In my previous commit a70f3b1c I've tried to fix case
when building from VPATH and a file wasn't being installed.
However, my fix broke non-VPATH build.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 0d0e41a7)
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

The libvirt-common.h is build time generated file from .in.
Obviously, it's generated into builddir and not srcdir. Problem
is, the list of header files to install, virinc_HEADERS contains
only $(srcdir)/*.h and this misses libvirt-common.h. This problem
is pretty obvious when doing a VPATH build.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
(cherry picked from commit a70f3b1c)
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Since we pass dummy variables @fdout and @fdoutlen into
virNetClientProgramCall() we make it alloc @fdout array (even
though it's an array of 0 elements since vitlogd can hardly pass
us some FDs at this stage). Nevertheless, it's an allocation not
followed by free():

==29385== 0 bytes in 60 blocks are definitely lost in loss record 2 of 1,009
==29385==    at 0x4C2C070: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==29385==    by 0x54B99EF: virAllocN (viralloc.c:191)
==29385==    by 0x56821B1: virNetClientProgramCall (virnetclientprogram.c:359)
==29385==    by 0x563B304: virLogManagerDomainReadLogFile (log_manager.c:272)
==29385==    by 0x217CD613: qemuDomainLogContextRead (qemu_domain.c:2485)
==29385==    by 0x217EDC76: qemuProcessReadLog (qemu_process.c:1660)
==29385==    by 0x217EDE1D: qemuProcessReportLogError (qemu_process.c:1696)
==29385==    by 0x217EE8C1: qemuProcessWaitForMonitor (qemu_process.c:1957)
==29385==    by 0x217F6636: qemuProcessLaunch (qemu_process.c:4955)
==29385==    by 0x217F71A4: qemuProcessStart (qemu_process.c:5152)
==29385==    by 0x21846582: qemuDomainObjStart (qemu_driver.c:7396)
==29385==    by 0x218467DE: qemuDomainCreateWithFlags (qemu_driver.c:7450)
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
(cherry picked from commit c03fbecc)
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

So I can observe this crasher that with freshly started daemon
(and virtlogd enabled) I am trying to startup a domain that
immediately dies (because it's said to use huge pages but I
haven't allocated a single one in the pool). Hardly reproducible
with -O0 or under valgrind. But I just got lucky:

==20469== Invalid write of size 8
==20469==    at 0x4C2E99B: memcpy@GLIBC_2.2.5 (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==20469==    by 0x217EDD07: qemuProcessReadLog (qemu_process.c:1670)
==20469==    by 0x217EDE1D: qemuProcessReportLogError (qemu_process.c:1696)
==20469==    by 0x217EE8C1: qemuProcessWaitForMonitor (qemu_process.c:1957)
==20469==    by 0x217F6636: qemuProcessLaunch (qemu_process.c:4955)
==20469==    by 0x217F71A4: qemuProcessStart (qemu_process.c:5152)
==20469==    by 0x21846582: qemuDomainObjStart (qemu_driver.c:7396)
==20469==    by 0x218467DE: qemuDomainCreateWithFlags (qemu_driver.c:7450)
==20469==    by 0x21846845: qemuDomainCreate (qemu_driver.c:7468)
==20469==    by 0x5611CD0: virDomainCreate (libvirt-domain.c:6753)
==20469==    by 0x125D9A: remoteDispatchDomainCreate (remote_dispatch.h:3613)
==20469==    by 0x125CB7: remoteDispatchDomainCreateHelper (remote_dispatch.h:3589)
==20469==  Address 0x27a52ad0 is 0 bytes after a block of size 5,584 alloc'd
==20469==    at 0x4C29F80: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==20469==    by 0x9B8D1DB: xdr_string (in /lib64/libc-2.21.so)
==20469==    by 0x563B39C: xdr_virLogManagerProtocolNonNullString (log_protocol.c:24)
==20469==    by 0x563B6B7: xdr_virLogManagerProtocolDomainReadLogFileRet (log_protocol.c:123)
==20469==    by 0x164B34: virNetMessageDecodePayload (virnetmessage.c:407)
==20469==    by 0x5682360: virNetClientProgramCall (virnetclientprogram.c:379)
==20469==    by 0x563B30E: virLogManagerDomainReadLogFile (log_manager.c:272)
==20469==    by 0x217CD613: qemuDomainLogContextRead (qemu_domain.c:2485)
==20469==    by 0x217EDC76: qemuProcessReadLog (qemu_process.c:1660)
==20469==    by 0x217EDE1D: qemuProcessReportLogError (qemu_process.c:1696)
==20469==    by 0x217EE8C1: qemuProcessWaitForMonitor (qemu_process.c:1957)
==20469==    by 0x217F6636: qemuProcessLaunch (qemu_process.c:4955)

This points to memmove() in qemuProcessReadLog(). Imagine we just
read the following string from qemu:

"abc\n2016-01-18T09:40:44.022744Z qemu-system-x86_64: Error\n"

After the first pass of the while() loop in the
qemuProcessReadLog() (in which we have taken the false branch in
the if) @buf still points to the beginning of the string,
@filter_next points to the beginning of the second line.  So we
start second iteration because there is yet another newline
character at the end. In this iteration @eol points to it
actually. Now, the control gets inside true branch of if(). Just
to remind you:

got = 58
filter_next = buf + 5,
eol = buf + 58.

Therefore skip = 54 which is correct. The message we want to skip
is 54 bytes long. However:

memmove(filter_next, eol + 1, (got - skip) +1);

which is

memmove(filter_next, eol + 1, 5)

is obviously wrong as there is only one byte we can access, not 5!
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 105b51f4)
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

* docs/news.html.in libvirt.spec.in: update for release
* po/*.po*: regenerated

A device tree binary file specified by /domain/os/dtb element is a
read-only resource similar to kernel and initrd files. We shouldn't
restore its label when destroying a domain to avoid breaking other
domains configure with the same device tree.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

Kernel/initrd files are essentially read-only shareable images and thus
should be handled in the same way. We already use the appropriate label
for kernel/initrd files when starting a domain, but when a domain gets
destroyed we would remove the labels which would make other running
domains using the same files very unhappy.

https://bugzilla.redhat.com/show_bug.cgi?id=921135Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

We have this function qemuAgentNotifyEvent() which is supposed to
be called from thread pool responsible for processing qemu
monitor events. The function then should wake up other thread
that is waiting for a guest to shutdown or reboot. However, if we
have received a different error a warning is printed out. This
warning lacks info on which event is expected.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Commit id '90b721e4' moved where the virCgroupAddTask was made until
after the check for the vcpupin checks. However, in doing so it missed
an option where if the cpumap didn't exist, then the code would continue
back to the top of the current vcpu loop. The results was that the
virCgroupAddTask wouldn't be called.
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

This reverts commit ae09988e.

Since commit id '71ce4759' has been reverted, this one is no
longer necessary.

This reverts commit 71ce4759.

Since commit id 'a41c00b4' has been reverted, this no longer is
necessary

This reverts commit a41c00b4.

After much testing and upstream discussion this has been deemed to be
the incorrect operation since it means we no longer have any guarantee
about which resource controllers the QEMU processes in general are in.

There is no need to deny writes on a readonly mount: write still
won't be accepted, even if the user remounts the folder as RW in
the guest as qemu sets the 9p mount as ro.

This deny rule was leading to problems for example with readonly /:
The qemu process had to write to a bunch of files in / like logs,
sockets, etc. This deny rule was also preventing auditing of these
denials, making it harder to debug.

Commit id '7bf3198d' neglected to initialize deflate leading to a
possibility if model allocation/checks fail, then the VIR_FREE(deflate)
would be erroneous. Noted by Jan Tomko.

In 50078cfb I've tried to fix distcheck but accidentally
broke rpm build. The problem is that rpm build not only sets
DESTDIR but also passes plugindir path. This results in double
DESTDIR being in the plugin path, Drop one.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Mention that we run a command in that namespace

Even though the Makefile has WITH_WIRESHARK guards, the _SOURCES
variables are still processed when adding bits to the dist archive.

plugin.c is a generated file that is only built when wireshark is
enabled and it shouldn't be distributed, so use 'nodist'

So, you try to start a domain, but before we even get to the part
where chardev part of qemu command line is generated (and
possibly missing path to unix sockets is made up) an error occurs
which results in calling qemuProcessStop. This will then try to
clean up the mess and possibly ends up calling unlink(NULL).

==8085== Thread 3:
==8085== Syscall param unlink(pathname) points to unaddressable byte(s)
==8085==    at 0xA85EA57: unlink (in /lib64/libc-2.21.so)
==8085==    by 0x213D3C24: qemuProcessCleanupChardevDevice (qemu_process.c:2866)
==8085==    by 0x558D6B1: virDomainChrDefForeach (domain_conf.c:22924)
==8085==    by 0x213DA9AE: qemuProcessStop (qemu_process.c:5326)
==8085==    by 0x213DA2F2: qemuProcessStart (qemu_process.c:5190)
==8085==    by 0x2142957F: qemuDomainObjStart (qemu_driver.c:7396)
==8085==    by 0x214297DB: qemuDomainCreateWithFlags (qemu_driver.c:7450)
==8085==    by 0x21429842: qemuDomainCreate (qemu_driver.c:7468)
==8085==    by 0x5611B95: virDomainCreate (libvirt-domain.c:6753)
==8085==    by 0x125D9A: remoteDispatchDomainCreate (remote_dispatch.h:3613)
==8085==    by 0x125CB7: remoteDispatchDomainCreateHelper (remote_dispatch.h:3589)
==8085==    by 0x568BF41: virNetServerProgramDispatchCall (virnetserverprogram.c:437)
==8085==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==8085==
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Commit ec63000a missed checking the return value of regcomp(),
which coverity promptly identified.

Like everything we install, it should be prefixed with DESTDIR.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Commmit fd2e3c4c used the domctl version 8 structure for version 9
in the xen_getdomaininfolist union, resulting in insufficient buffer
size (and subsequent memory corruption) for the GETDOMAININFOLIST
ioctl.
Signed-off-by: NJim Fehlig <jfehlig@suse.com>

- Don't double check for expectName
- actual is always non-NULL by this point, so don't check it either

Just handle it all in tools/Makefile.am. I verified the generated output
looks similar to the pre patch output, but I didn't test it.

So after da176bf6 and friend we have switched to $(wildcard
some/path/*.xml) instead of enumerating the files explicitly.
This is nice, however it makes distcheck build from VPATH fail.
The reason is that it's is not obvious to what does the wildcard
refer to: srcdir or builddir?
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Autodeflate can be enabled/disabled for memballon device
of model 'virtio'.

xml:
<devices>
  <memballoon model='virtio' autodeflate='on'/>
</devices>

qemu:
qemu -device virtio-balloon-pci,...,deflate-on-oom=on

Autodeflate cannot be enabled/disabled for running domain.

Add appropriate capability check and new virQEMUCaps flag for the new
virtio balloon feature. QEMU commit with the complete feature description:
http://git.qemu.org/?p=qemu.git;a=commit;h=e3816255bf4b6377bb405331e2ee0dc14d841b80

Excessive memory balloon inflation can cause invocation of OOM-killer,
when Linux is under severe memory pressure. QEMU memballoon device
has a feature to release some memory at the last moment before some
process will be get killed by OOM-killer.

Introduce a new optional balloon device attribute 'autodeflate' to
enable or disable this feature.

On every socket connect(2) attempt we were re-launching session
libvirtd, up to 100 times in 5 seconds.

This understandably caused some weird load races and intermittent
qemu:///session startup failures

https://bugzilla.redhat.com/show_bug.cgi?id=1271183

When we autolaunch libvirtd for session URIs, we spin in a retry
loop waiting for the daemon to start and the connect(2) to succeed.

However if we exceed the retry count, we don't explicitly raise an
error, which can yield a slew of different error messages elsewhere
in the code.

Explicitly raise the last connect(2) failure if we run out of retries.

- Add some debugging
- Make the loop dependent only on retries
- Make it explicit that connect(2) success exits the loop
- Invert the error checking logic

Commit 2b6f6ad6 introduced the virxdrdefs.h header with
common definitions to be included in the protocol files,
but logging/log_protocol.x was missed, so add it there as well.

Hopefully this fixes build on OS X.

When we are receiving data in smaller chunks it might happen that
virNetServerClientDispatchRead() will be called multiple times.  And as
that happens, if it is a message that also transfer headers, we decode
the number of them every single time and, unfortunately, also allocate
the memory for them.  That causes a leak, in the best scenario.

Best viewed with '-w'.
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

Rather than continually cut-n-paste the strings into each command,
create a common macro to be used generically.  Note that not all
'{.name = "interface",' entries are replaced, just those that have the
common .help string of "interface name or MAC address".
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

Rather than continually cut-n-paste the strings into each command,
create a common macro to be used generically.  Note that not all
'{.name = "network",' entries are replaced, just those that have the
common .help string of "network name or uuid".
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

Rather than continually cut-n-paste the strings into each command,
create common macros to be used generically.  Replace the more commonly
used "vol" option with a macro. This also adjusts 2 commands that
didn't have the correct helpstr - 'vol-create-from' and 'vol-clone'.
Both are described in the man page as taking vol, path, or key and
the code uses the virshCommandOptVol instead of virshCommandOptVolBy.
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

Rather than continually cut-n-paste the strings into each command,
create a common macro to be used generically. The macro will take a
single argument _helpstr for the less common help string for each
command option.  Note that only file options using "OT_DATA" and
"OFLAG_REQ" will be replace - others are left as is.
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

Rather than continually cut-n-paste the strings into each command,
create a common macro to be used generically. The macro will take a
single argument _helpstr which for many options in virsh-domain.c
is simply "affect current domain". So, create a second macro within that
file in order to define the more common use as a revector to the
common macro with the common _helpstr.
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

Rather than continually cut-n-paste the strings into each command,
create a common macro to be used generically. The macro will take a
single argument _helpstr which for many options in virsh-domain.c
is simply "affect running domain". So, create a second macro within that
file in order to define the more common use as a revector to the
common macro with the common _helpstr.
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

Rather than continually cut-n-paste the strings into each command,
create a common macro to be used generically. The macro will take a
single argument _helpstr which for many options in virsh-domain.c
is simply "affect next boot". So, create a second macro within that
file in order to define the more common use as a revector to the
common macro with the common _helpstr.
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>