If we have not allocated driver yet, there is nothing to cleanup.

Remove the ret variable and return early if there is no driver.

This will simplify cleanup.

Move pci_system_init and pci_system_cleanup into separate functions,
to make the conditional compilation easier to read.

Most of the code paths had to reset it to -1 and returning 0 was
only possible if we made it to the end of the function.

Initialize it to -1 and only set it to 0 if we reach the end, as we do
in most of libvirt code.

The sd_notify method is used to tell systemd when libvirtd
has finished starting up. All it does is send a datagram
containing the string parameter to systemd on a UNIX socket
named in the NOTIFY_SOCKET environment variable. Rather than
pulling in the systemd libraries for this, just code the
notification directly in libvirt as this is a stable ABI
from systemd's POV which explicitly allows independant
implementations:

See "Reimplementable Independently" column in the
"$NOTIFY_SOCKET Daemon Notifications" row:

https://www.freedesktop.org/wiki/Software/systemd/InterfacePortabilityAndStabilityChart/

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1314881Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Move the module from qemu_command.c to a new module virqemu.c and
rename the API to virQEMUBuildObjectCommandline.

This API will then be shareable with qemu-img and the need to build
a security object for luks support.
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

Create helper virStorageBackendCreateQemuImgSetInput to set the input
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

Split out a helper from virStorageBackendCreateQemuImgCmdFromVol
to check the encryption - soon a new encryption sheriff will be
patroling and that'll mean all sorts of new checks.
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

Split the qcow setting of encryption secrets into a helper
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

Bring style more in line with more recent code.
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

I was asked the other day what's event loop and how libvirt uses
it. Well, I haven't found any good sources on the Internet so I
thought of writing the documentation on my own.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Remove the live attribute and mark the definition as transient
whether the domain is runing or not.

There were only two callers left calling with live=false:
* testDomainStartState, where the domain already is active
  because we assigned vm->def->id just a few lines above the call
* virDomainObjGetPersistentDef, which now only calls
  virDomainObjSetDefTransient for an active domain

Calling virDomainObjSetDefTransient with live=false is a no-op
on an inactive domain.

Only call it on an active domain, since this is the only place using
the live bool.

Commit 45ec297d from November 2010:
    Make state driver device hotplug/update actually transient
added virDomainObjSetDefTransient calls to the domain startup
function in several drivers.

In November 2011, commit 8866eed0:
    Set aliases for LXC/UML console devices
added a call earlier in the startup function, without removing the
existing ones.

Also, in the UML driver it seems the function never did anything
useful - vm->def->id is set asynchronnously in umlNotifyEvent.
At the time of calling virDomainObjSetDefTransient with live=false,
vm->def->id was likely still -1, making the call a no-op.

* docs/news.html.in: update with 1.3.5 data

Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

When building using -Og, gcc sees that some variables can be used
uninitialized  It can be debatable whether it is possible with our
codeflow, but functions should be self-contained and initializations are
always good.  The return instead of goto is due to actualType being used
in the cleanup.
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

So imagine the following. You connect read only to a daemon and
try to fetch stats for a shut off domain, e.g.:

  virsh -r domstats $dom

but all of a sudden, virsh instead of printing the stats throws
the following error at you:

  error: Disconnected from qemu:///system due to I/O error
  error: End of file while reading data: Input/output error

The daemon crashed. This is its backtrace:

#0  0x00007fa43e3751a8 in virPerfEventIsEnabled (perf=0x0, type=VIR_PERF_EVENT_MBMT) at util/virperf.c:241
#1  0x00007fa424a9f042 in qemuDomainGetStatsPerf (driver=0x7fa3f4022a30, dom=0x7fa3f40e24c0, record=0x7fa41c000e20, maxparams=0x7fa4360b38d0, privflags=1) at qemu/qemu_driver.c:19110
#2  0x00007fa424a9f2e7 in qemuDomainGetStats (conn=0x7fa41c001b20, dom=0x7fa3f40e24c0, stats=127, record=0x7fa4360b3970, flags=1) at qemu/qemu_driver.c:19213
#3  0x00007fa424a9f672 in qemuConnectGetAllDomainStats (conn=0x7fa41c001b20, doms=0x7fa41c0017f0, ndoms=1, stats=127, retStats=0x7fa4360b3a50, flags=0) at qemu/qemu_driver.c:19303
#4  0x00007fa43e4e15f6 in virDomainListGetStats (doms=0x7fa41c0017f0, stats=0, retStats=0x7fa4360b3a50, flags=0) at libvirt-domain.c:11615

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f28d1a38700 (LWP 16154)]
0x00007f28da4fa1a8 in virPerfEventIsEnabled (perf=0x0, type=VIR_PERF_EVENT_MBMT) at util/virperf.c:241
241         return event->enabled;

Problem is, shut off domains don't have priv->perf allocated.
Therefore if in frame #1 qemuDomainGetStatsPerf() tries to check
if perf events are enabled, NULL is passed to
virPerfEventIsEnabled() which due to some incredible
implementation dereference it. Fix this by checking whether
passed object is not NULL.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

This function is not used anywhere. Moreover, the code that would
use lives in virperf.c and therefore has access to the FD anyway.
Well, for instance virPerfReadEvent is doing just that.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

There's this problem on the recent gcc-6.1:

In file included from conf/domain_conf.c:37:0:
conf/domain_conf.c: In function 'virDomainChrPreAlloc':
conf/domain_conf.c:14109:35: error: potential null pointer dereference [-Werror=null-dereference]
     return VIR_REALLOC_N(*arrPtr, *cntPtr + 1);
                                   ^~
./util/viralloc.h:158:73: note: in definition of macro 'VIR_REALLOC_N'
 # define VIR_REALLOC_N(ptr, count) virReallocN(&(ptr), sizeof(*(ptr)), (count), \
                                                                         ^~~~~
conf/domain_conf.c: In function 'virDomainChrRemove':
conf/domain_conf.c:14133:21: error: potential null pointer dereference [-Werror=null-dereference]
     for (i = 0; i < *cntPtr; i++) {
                     ^~~~~~~

GCC basically fails to see, that the
virDomainChrGetDomainPtrsInternal will never actually return NULL
because it's never called over a domain char device with _LAST
type. But to make it shut up, lets turn this function into
returning an integer and check in the callers if a zero value
value was returned.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Okay, I admit that our code here is complex. It's not easy to
spot that NULL deref can't really happen here. So it's no wonder
that a dumb compiler fails to see all the connections and
produces the following errors:

  CC       conf/libvirt_conf_la-domain_conf.lo
conf/domain_conf.c: In function 'virDomainDefFormatInternal':
conf/domain_conf.c:22162:22: error: potential null pointer dereference [-Werror=null-dereference]
             if (sched->policy == i)
                 ~~~~~^~~~~~~~
<snip/>
cc1: all warnings being treated as errors
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

cpu/cpu_ppc64.c: In function 'ppc64Compute':
cpu/cpu_ppc64.c:620:27: error: potential null pointer dereference [-Werror=null-dereference]
     if (STRNEQ(guest_model->name, host_model->name)) {
                ~~~~~~~~~~~^~~
cpu/cpu_ppc64.c:620:9: note: in expansion of macro 'STRNEQ'
     if (STRNEQ(guest_model->name, host_model->name)) {
         ^~~~~~
cc1: all warnings being treated as errors
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

So far, this function has just three callers. Two of them call
virNetDevSetupControl to create a socket that we can then
optionally use for ioctl() to fetch data. However, querying sysfs
is preferred. Therefore it doesn't make much sense to require
users to set up the socket if they don't even know it will be
used in favour of sysfs. We can set up the socket iff we need to.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Although dns host records are stored in a separate configuration file
that is reread by dnsmasq when it receives a SIGHUP, the txt and srv
records are directly in the dnsmasq .conf file which can't be reread
after initial dnsmasq startup. This means that if an srv or txt record
is modified in a network config, libvirt needs to restart the dnsmasq
process rather than just sending a SIGHUP.

This was pointed out in a question in
https://bugzilla.redhat.com/show_bug.cgi?id=988718 , but no separate
BZ was filed.

Commit b4a5fd95 introduced vram64 attribute for QXL video device but
there were two issues.  Only function
qemuMonitorJSONUpdateVideoVram64Size should update the vram64 attribute
and also the value is in MiB, not in B.
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

So the idea is as follows: firstly we obtain a list of all the
luns, then iterate over it trying to find the one we want to work
with and after all the iterations we detect whether we have found
something. Now, the last check is broken, because it compares a
value form previous iteration, not the one we've just been
through.

Then, when computing md5 sum of lun's UUID, we use wrong variable
again. Well, @hostScsiDisk which is type of esxVI_HostScsiDisk
extends esxVI_ScsiLun type so they both have the uuid member, but
it just doesn't feel right to access the data via two different
variables in one function call.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

There's a bug in the function. We expect the following format for
the data we are parsing here:

  key: value

So we use strchr() to find ':' and then see if it is followed by
space. But the check that does just that is slightly incorrect.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Yet another one of those where signed int (or long int) is not
enough. And useless to as we're aiming at unsigned anyway.

../../src/util/virsocketaddr.c: In function 'virSocketAddrIsPrivate':
../../src/util/virsocketaddr.c:289:45: error: result of '192l << 24' requires 33 bits to represent, but 'long int' only has 32 bits [-Werror=shift-overflow=]
        return ((val & 0xFFFF0000) == ((192L << 24) + (168 << 16)) ||
                                             ^~
../../src/util/virsocketaddr.c:290:45: error: result of '172l << 24' requires 33 bits to represent, but 'long int' only has 32 bits [-Werror=shift-overflow=]
                (val & 0xFFF00000) == ((172L << 24) + (16  << 16)) ||
                                             ^~
cc1: all warnings being treated as errors
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

In 38df47c9 I've tried to prepare our apibuild.py script for
change made in 0628f349 (1U << 31). What I've done in the
former commit was to replace \d+U in parsed tokens with \d.
Problem was, my regular expression there was not quite right as
it also translated VIR_123U_VAL into VIR_123_VAL.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Now that gnulib has lifted it's licensing of unsetenv, we should
use it. Just like we use its counterpart - setenv, already.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Apparently, 1 << 31 is signed which in turn does not fit into
a signed integer variable:

../../include/libvirt/libvirt-domain.h:1881:57: error: result of '1 << 31' requires 33 bits to represent, but 'int' only has 32 bits [-Werror=shift-overflow=]
     VIR_CONNECT_GET_ALL_DOMAINS_STATS_ENFORCE_STATS = 1 << 31, /* enforce requested stats */
                                                         ^~
cc1: all warnings being treated as errors

The solution is to make it an unsigned value. I've found only two
such occurrences in our code base.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

The apibuild script is a terrifying beast that parses some source
files of ours and produces an XML representation of them. When it
comes to parsing enums we have in some header files, it tries to
be clever and detect a value that an enum member has (or if it is
an alias for a different member). Whilst doing that it has to
deal with values we give to the members in many formats. At some
places we just pass the value in decimal:

    VIR_DOMAIN_BLOCK_JOB_TYPE_PULL = 1,

in other places, we use the aliasing:

    VIR_CONNECT_GET_ALL_DOMAINS_STATS_ACTIVE = VIR_CONNECT_LIST_DOMAINS_ACTIVE,

and in other places bitwise shifts are used:

    VIR_CONNECT_GET_ALL_DOMAINS_STATS_ENFORCE_STATS = 1 << 31, /* enforce requested stats */

The script tries to parse all of these resulting in the following
tokens: "1", "VIR_CONNECT_LIST_DOMAINS_ACTIVE", "1<<31"; Then, the
script tries to turn these into integers using python's eval()
function. This function succeeds on the first and the last
tokens. But, if we were to modify the last example so that it's
of the following form:

    VIR_CONNECT_GET_ALL_DOMAINS_STATS_ENFORCE_STATS = 1U << 31, /* enforce requested stats */

the token representing enum's member value will then be "1U<<31".
So our parsing is good. Unfortunately, python is not aware of the
difference between signed and unsigned C types, therefore eval()
fails over this token and the parser falls back thinking it's an
alias to another enum member. Well it's not.

The solution is to transform [0-9]U into [0-9] as for our
purposes here it's the same thing.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Fix a regression in checking for realpath (which caused link
failures regarding duplicate rpl_canonicalize_file_name), and
fix the mingw build regarding unsetenv.

* .gnulib: Update to latest.
Signed-off-by: NEric Blake <eblake@redhat.com>

Fedora now ships edk2 firmware in its official repos, so adapt
the nvram path list to match. Eventually we can remove the nightly
links as well once some integration kinks have been worked out,
and documentation updated.

Move the macro building into the %build target, which lets us
build up a shell variable and make things a bit more readable

https://bugzilla.redhat.com/show_bug.cgi?id=1335395

Adjust the code to perform the virLXCDomainObjBeginJob first
and then the call virDomainLiveConfigHelperMethod.
As Ján Tomko pointed out, in virDomainLiveConfigHelperMethod,
there is a check to see if the domain is active when AFFECT_LIVE is set.
Since virLXCDomainObjBeginJob unlocks the virDomainObjPtr lock,
the domain could possibly be destroyed while we wait for the job
and the check results would no longer be valid.
Signed-off-by: NKaterina Koukiou <k.koukiou@gmail.com>

Pulls in several portability fixes, including the fact that gnulib
now only works on platforms with two's complement signed integers.
Also makes for a smaller delta on the next update (we are waiting
on a license change to unsetenv for the sake of mingw).

* .gnulib: Update to latest.
* bootstrap: Resync from upstream.
* tests/virstringtest.c: Drop use of obsolete probes of integer
properties.
Signed-off-by: NEric Blake <eblake@redhat.com>

This patch fixes an issue where screenshot API call was failing when
the esx/vcenter password contains special characters such as
apostrophee. The reason for failures was that passwords were escaped
for XML and stored in esxVI_Context which was then passed to raw CURL
API calls where the password must be passed in original form to
authenticate successfully. So this patch addresses this by storing
original passwords in the esxVI_Context struct and escape only for
esxVI_Login call.