You need to sign in or sign up before continuing.
  1. 08 1月, 2013 1 次提交
  2. 21 12月, 2012 6 次提交
  3. 18 12月, 2012 1 次提交
  4. 13 12月, 2012 2 次提交
  5. 11 12月, 2012 1 次提交
    • L
      util: add VIR_(APPEND|INSERT|DELETE)_ELEMENT · 85b22f52
      Laine Stump 提交于
      I noticed when writing the backend functions for virNetworkUpdate that
      I was repeating the same sequence of memmove, VIR_REALLOC, nXXX-- (and
      messed up the args to memmove at least once), and had seen the same
      sequence in a lot of other places, so I decided to write a few
      utility functions/macros - see the .h file for full documentation.
      
      The intent is to reduce the number of lines of code, but more
      importantly to eliminate the need to check the element size and
      element count arithmetic every time we need to do this (I *always*
      make at least one mistake.)
      
      VIR_INSERT_ELEMENT: insert one element at an arbitrary index within an
        array of objects. The size of each object is determined
        automatically by the macro using sizeof(*array). The new element's
        contents are copied into the inserted space, then the original copy
        of contents are 0'ed out (if everything else was
        successful). Compile-time assignment and size compatibility between
        the array and the new element is guaranteed (see explanation below
        [*])
      
      VIR_INSERT_ELEMENT_COPY: identical to VIR_INSERT_ELEMENT, except that
        the original contents of newelem are not cleared to 0 (i.e. a copy
        is made).
      
      VIR_APPEND_ELEMENT: This is just a special case of VIR_INSERT_ELEMENT
        that "inserts" one past the current last element.
      
      VIR_APPEND_ELEMENT_COPY: identical to VIR_APPEND_ELEMENT, except that
        the original contents of newelem are not cleared to 0 (i.e. a copy
        is made).
      
      VIR_DELETE_ELEMENT: delete one element at an arbitrary index within an
        array of objects. It's assumed that the element being deleted is
        already saved elsewhere (or cleared, if that's what is appropriate).
      
      All five of these macros have an _INPLACE variant, which skips the
      memory re-allocation of the array, assuming that the caller has
      already done it (when inserting) or will do it later (when deleting).
      
      Note that VIR_DELETE_ELEMENT* can return a failure, but only if an
      invalid index is given (index + amount to delete is > current array
      size), so in most cases you can safely ignore the return (that's why
      the helper function virDeleteElementsN isn't declared with
      ATTRIBUTE_RETURN_CHECK). A warning is logged if this ever happens,
      since it is surely a coding error.
      
      [*] One initial problem with the INSERT and APPEND macros was that,
      due to both the array pointer and newelem pointer being cast to void*
      when passing to virInsertElementsN(), any chance of type-checking was
      lost. If we were going to move in newelem with a memmove anyway, we
      would be no worse off for this. However, most current open-coded
      insert/append operations use direct struct assignment to move the new
      element into place (or just populate the new element directly) - thus
      use of the new macros would open a possibility for new usage errors
      that didn't exist before (e.g. accidentally sending &newelemptr rather
      than newelemptr - I actually did this quite a lot in my test
      conversions of existing code).
      
      But thanks to Eric Blake's clever thinking, I was able to modify the
      INSERT and APPEND macros so that they *do* check for both assignment
      and size compatibility of *ptr (an element in the array) and newelem
      (the element being copied into the new position of the array). This is
      done via clever use of the C89-guaranteed fact that the sizeof()
      operator must have *no* side effects (so an assignment inside sizeof()
      is checked for validity, but not actually evaluated), and the fact
      that virInsertElementsN has a "# of new elements" argument that we
      want to always be 1.
      85b22f52
  6. 04 12月, 2012 1 次提交
    • E
      build: fix incremental autogen.sh when no AUTHORS is present · 55dc872b
      Eric Blake 提交于
      Commit 71d12562 tried to fix a problem where rebasing an old
      branch on top of newer libvirt.git resulted in automake failing
      because of a missing AUTHORS file.  However, while the fix
      worked for an incremental 'make', it did not work for someone
      that directly reran './autogen.sh'.  Reported by Laine Stump.
      
      * autogen.sh (autoreconf): Check for same conditions as cfg.mk.
      * cfg.mk (_update_required): Add comments.
      55dc872b
  7. 15 11月, 2012 1 次提交
    • E
      build: rerun bootstrap if AUTHORS is missing · 71d12562
      Eric Blake 提交于
      Ever since commit 7b21981c started generating AUTHORS, we now have
      the situation that if you flip between two branches in the same
      git repository that cross that commit boundary, then 'make' will
      fail due to automake complaining about AUTHORS not existing.  The
      simplest solution is to realize that if AUTHORS does not exist,
      then we flipped branches so we will need to rerun bootstrap
      anyways; and rerunning bootstrap ensures AUTHORS will exist in time.
      
      * cfg.mk (_update_required): Also depend on AUTHORS.
      71d12562
  8. 02 11月, 2012 3 次提交
    • D
      Document bracket whitespace rules & add syntax-check rule · a3e95abe
      Daniel P. Berrange 提交于
      This documents the following whitespace rules
      
            if(foo)   // Bad
            if (foo)  // Good
      
            int foo (int wizz)  // Bad
            int foo(int wizz)   // Good
      
            bar = foo (wizz);  // Bad
            bar = foo(wizz);   // Good
      
            typedef int (*foo) (int wizz);  // Bad
            typedef int (*foo)(int wizz);   // Good
      
            int foo( int wizz );  // Bad
            int foo(int wizz);    // Good
      
      There is a syntax-check rule extension to validate all these rules.
      Checking for 'function (...args...)' is quite difficult since it
      needs to ignore valid usage with keywords like 'if (...test...)'
      and while/for/switch. It must also ignore source comments and
      quoted strings.
      
      It is not possible todo this with a simple regex in the normal
      syntax-check style. So a short Perl script is created instead
      to analyse the source. In practice this works well enough. The
      only thing it can't cope with is multi-line quoted strings of
      the form
      
       "start of string\
      more lines\
      more line\
      the end"
      
      but this can and should be written as
      
       "start of string"
       "more lines"
       "more line"
       "the end"
      
      with this simple change, the bracket checking script does not
      have any false positives across libvirt source, provided it
      is only run against .c files. It is not practical to run it
      against .h files, since those use whitespace extensively to
      get alignment (though this is somewhat inconsistent and could
      arguably be fixed).
      
      The only limitation is that it cannot detect a violation where
      the first arg starts with a '*', eg
      
         foo(*wizz);
      
      since this generates too many false positives on function
      typedefs which can't be supressed efficiently.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      a3e95abe
    • J
      build: Do not ignore logging.c in sc_prohibit_mkstemp · d055498d
      Jiri Denemark 提交于
      Now that the offending code was removed, we may remove this as well.
      d055498d
    • M
      logging.c: Properly indent and ignore one syntax-check rule · 30b398d5
      Michal Privoznik 提交于
      With our fix of mkostemp (pushed as 2b435c15) we define a macro
      to compile with uclibc. However, this definition is conditional
      and thus needs to be properly indented. Moreover, with this definition
      sc_prohibit_mkstemp syntax-check rule keeps yelling:
      
        src/util/logging.c:63:# define mkostemp(x,y) mkstemp(x)
        maint.mk: use mkostemp with O_CLOEXEC instead of mkstemp
      
      Therefore we should ignore this file for this rule.
      30b398d5
  9. 01 11月, 2012 1 次提交
    • E
      build: prefer mkostemp for multi-thread safety · 4dbd6e96
      Eric Blake 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=871756
      
      Commit cd1e8d1c assumed that systems new enough to have journald
      also have mkostemp; but this is not true for uclibc.
      
      For that matter, use of mkstemp[s] is unsafe in a multi-threaded
      program.  We should prefer mkostemp[s] in the first place.
      
      * bootstrap.conf (gnulib_modules): Add mkostemp, mkostemps; drop
      mkstemp and mkstemps.
      * cfg.mk (sc_prohibit_mkstemp): New syntax check.
      * tools/virsh.c (vshEditWriteToTempFile): Adjust caller.
      * src/qemu/qemu_driver.c (qemuDomainScreenshot)
      (qemudDomainMemoryPeek): Likewise.
      * src/secret/secret_driver.c (replaceFile): Likewise.
      * src/vbox/vbox_tmpl.c (vboxDomainScreenshot): Likewise.
      4dbd6e96
  10. 31 10月, 2012 1 次提交
    • L
      util: do a better job of matching up pids with their binaries · 7bafe009
      Laine Stump 提交于
      This patch resolves: https://bugzilla.redhat.com/show_bug.cgi?id=871201
      
      If libvirt is restarted after updating the dnsmasq or radvd packages,
      a subsequent "virsh net-destroy" will fail to kill the dnsmasq/radvd
      process.
      
      The problem is that when libvirtd restarts, it re-reads the dnsmasq
      and radvd pidfiles, then does a sanity check on each pid it finds,
      including checking that the symbolic link in /proc/$pid/exe actually
      points to the same file as the path used by libvirt to execute the
      binary in the first place. If this fails, libvirt assumes that the
      process is no longer alive.
      
      But if the original binary has been replaced, the link in /proc is set
      to "$binarypath (deleted)" (it literally has the string " (deleted)"
      appended to the link text stored in the filesystem), so even if a new
      binary exists in the same location, attempts to resolve the link will
      fail.
      
      In the end, not only is the old dnsmasq/radvd not terminated when the
      network is stopped, but a new dnsmasq can't be started when the
      network is later restarted (because the original process is still
      listening on the ports that the new process wants).
      
      The solution is, when the initial "use stat to check for identical
      inodes" check for identity between /proc/$pid/exe and $binpath fails,
      to check /proc/$pid/exe for a link ending with " (deleted)" and if so,
      truncate that part of the link and compare what's left with the
      original binarypath.
      
      A twist to this problem is that on systems with "merged" /sbin and
      /usr/sbin (i.e. /sbin is really just a symlink to /usr/sbin; Fedora
      17+ is an example of this), libvirt may have started the process using
      one path, but /proc/$pid/exe lists a different path (indeed, on F17
      this is the case - libvirtd uses /sbin/dnsmasq, but /proc/$pid/exe
      shows "/usr/sbin/dnsmasq"). The further bit of code to resolve this is
      to call virFileResolveAllLinks() on both the original binarypath and
      on the truncated link we read from /proc/$pid/exe, and compare the
      results.
      
      The resulting code still succeeds in all the same cases it did before,
      but also succeeds if the binary was deleted or replaced after it was
      started.
      7bafe009
  11. 20 10月, 2012 1 次提交
    • C
      Autogenerate AUTHORS · 7b21981c
      Cole Robinson 提交于
      AUTHORS.in tracks the maintainers, as well as some folks who were
      previously in AUTHORS but don't have a git commit with proper
      attribution.
      
      Generated output is sorted alphabetically and lacks pretty spacing, so
      tweak AUTHORS.in to follow the same format.
      
      Additionally, drop the syntax-check rule that previously validated
      AUTHORS against git log.
      7b21981c
  12. 01 10月, 2012 1 次提交
    • E
      build: avoid infinite autogen loop · c5f16220
      Eric Blake 提交于
      Several people have reported that if the .gnulib submodule is dirty,
      then 'make' will go into an infinite loop attempting to rerun bootstrap,
      because that never cleans up the dirty submodule.  By default, we
      should halt and make the user investigate, but if the user doesn't
      know why or care that the submodule is dirty, I also added the ability
      to 'make CLEAN_SUBMODULE=1' to get things going again.
      
      Also, while testing this, I noticed that when a submodule update was
      needed, 'make' would first run autoreconf, then bootstrap (which
      reruns autoreconf); adding a strategic dependency allows for less work.
      
      * .gnulib: Update to latest, for maint.mk improvements.
      * cfg.mk (_autogen): Also hook maint.mk, to run before autoreconf.
      * autogen.sh (bootstrap): Refuse to run if gnulib is dirty, unless
      user requests discarding gnulib changes.
      c5f16220
  13. 18 9月, 2012 1 次提交
  14. 13 9月, 2012 1 次提交
    • E
      maint: fix missing spaces in message · 2387aa26
      Eric Blake 提交于
      I got an off-list report about a bad diagnostic:
      Target network card mac 52:54:00:49:07:ccdoes not match source 52:54:00:49:07:b8
      
      True to form, I've added a syntax check rule to prevent it
      from recurring, and found several other offenders.
      
      * cfg.mk (sc_require_whitespace_in_translation): New rule.
      * src/conf/domain_conf.c (virDomainNetDefCheckABIStability): Add
      space.
      * src/esx/esx_util.c (esxUtil_ParseUri): Likewise.
      * src/qemu/qemu_command.c (qemuCollectPCIAddress): Likewise.
      * src/qemu/qemu_driver.c (qemuDomainSetMetadata)
      (qemuDomainGetMetadata): Likewise.
      * src/qemu/qemu_hotplug.c (qemuDomainChangeNetBridge): Likewise.
      * src/rpc/virnettlscontext.c
      (virNetTLSContextCheckCertDNWhitelist): Likewise.
      * src/vmware/vmware_driver.c (vmwareDomainResume): Likewise.
      * src/vbox/vbox_tmpl.c (vboxDomainGetXMLDesc, vboxAttachDrives):
      Avoid false negatives.
      * tools/virsh-domain.c (info_save_image_dumpxml): Reword.
      Based on a report by Luwen Su.
      2387aa26
  15. 07 9月, 2012 1 次提交
    • D
      Add helper library for testing the qemu monitor code · 8d78fd04
      Daniel P. Berrange 提交于
      To be able to test the QEMU monitor code, we need to have a fake
      QEMU monitor server. This introduces a simple (dumb) framework
      that can do this. The test case registers a series of items to
      be sent back as replies to commands that will be executed. A
      thread runs the event loop looking for incoming replies and
      sending back this pre-registered data. This allows testing all
      QEMU monitor code that deals with parsing responses and errors
      from QEMU, without needing QEMU around
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      8d78fd04
  16. 06 9月, 2012 2 次提交
    • E
      maint: avoid doubled name in syntax check failures · 60efb600
      Eric Blake 提交于
      Based on the similar gnulib commit 96ad9077.  The use of
      $(_sc_search_regexp) already injects $(ME) into any output
      messages, so a failure of these rules would look like this,
      pre-patch:
      
      maint.mk: maint.mk: use virStrToLong_*, not strtol variants
      
      * cfg.mk (sc_prohibit_strncmp, sc_prohibit_strtol)
      (sc_libvirt_unmarked_diagnostics): Drop redundant $(ME).
      60efb600
    • E
      build: use re-entrant functions in virsh · 44342a0e
      Eric Blake 提交于
      Yesterday's commit 15d2c9fa pointed out that virsh was still using
      localtime(), which is not thread-safe, even though virsh is
      definitely multi-threaded.  Even if we only ever triggered it from
      one thread, it's better safe than sorry for maintenance purposes.
      
      * cfg.mk (exclude_file_name_regexp--sc_prohibit_nonreentrant):
      Tighten the rule.
      * tools/virsh.c (vshOutputLogFile): Avoid localtime.
      (vshEditWriteToTempFile, vshEditReadBackFile, cmdCd, cmdPwd)
      (vshCloseLogFile): Avoid strerror.
      * tools/console.c (vshMakeStdinRaw): Likewise.
      * tools/virsh-domain.c (vshGenFileName): Fix spacing in previous
      patch.
      44342a0e
  17. 20 8月, 2012 2 次提交
    • E
      maint: prohibit translations in testsuite · cc2150d2
      Eric Blake 提交于
      Nothing in the testsuite or examples directory should be translated,
      as it is not part of the normally installed binary.  We already
      meet this rule, but enforcing it will make it easier to remember.
      
      Suggested by Daniel P. Berrange.
      
      * cfg.mk (sc_prohibit_useless_translation): Enhance rule.
      cc2150d2
    • D
      Fix syntax-check failures wrt virsh · 2a336379
      Daniel P. Berrange 提交于
      * cfg.mk: Whitelist virsh.h instead of virsh.c for strcasecmp check
      * tools/virsh-domain.h, tools/virsh.h: Fix #define indentation
      2a336379
  18. 17 8月, 2012 1 次提交
    • E
      build: fix syntax check during 'make distcheck' · ca9be83d
      Eric Blake 提交于
      'make distcheck' was failing because a syntax check file,
      .sc-start-sc_vulnerable_makefile_CVE-2012-3386, got left
      behind.  I traced it to the 'distdir' rule depending on a
      shortcut syntax-check name rather than the full rule name
      normally used during 'local-check' from maint.mk.
      
      * cfg.mk (distdir): Depend on full rule, not shorthand name.
      ca9be83d
  19. 15 8月, 2012 1 次提交
  20. 07 8月, 2012 6 次提交
  21. 30 7月, 2012 1 次提交
  22. 27 7月, 2012 3 次提交
    • E
      maint: avoid regression on copyright listings · 3ad13c92
      Eric Blake 提交于
      Commit f9ce7dad tried to kill uses of a raw street address, but
      missed a few instances.  Automate things so we don't introduce
      new problems in the future.
      
      * cfg.mk (sc_copyright_address): New rule.
      (exclude_file_name_regexp--sc_copyright_address): Add exemption.
      * bootstrap.conf: Adjust offenders.
      * build-aux/augeas-gentest.pl: Likewise.
      * examples/systemtap/events.stp: Likewise.
      * examples/systemtap/qemu-monitor.stp: Likewise.
      * examples/systemtap/rpc-monitor.stp: Likewise.
      * src/dtrace2systemtap.pl: Likewise.
      * src/esx/esx_vi_generator.py: Likewise.
      * src/hyperv/hyperv_wmi_generator.py: Likewise.
      * src/remote/qemu_protocol.x: Likewise.
      * src/remote/remote_protocol.x: Likewise.
      * src/rpc/gensystemtap.pl: Likewise.
      * src/rpc/virnetprotocol.x: Likewise.
      * tests/object-locking.ml: Likewise.
      * tools/virt-xml-validate.in: Likewise.
      3ad13c92
    • E
      maint: don't permit format strings without % · 768007ae
      Eric Blake 提交于
      Any time we have a string with no % passed through gettext, a
      translator can inject a % to cause a stack overread.  When there
      is nothing to format, it's easier to ask for a string that cannot
      be used as a formatter, by using a trivial "%s" format instead.
      
      In the past, we have used --disable-nls to catch some of the
      offenders, but that doesn't get run very often, and many more
      uses have crept in.  Syntax check to the rescue!
      
      The syntax check can catch uses such as
      virReportError(code,
                     _("split "
                       "string"));
      by using a sed script to fold context lines into one pattern
      space before checking for a string without %.
      
      This patch is just mechanical insertion of %s; there are probably
      several messages touched by this patch where we would be better
      off giving the user more information than a fixed string.
      
      * cfg.mk (sc_prohibit_diagnostic_without_format): New rule.
      * src/datatypes.c (virUnrefConnect, virGetDomain)
      (virUnrefDomain, virGetNetwork, virUnrefNetwork, virGetInterface)
      (virUnrefInterface, virGetStoragePool, virUnrefStoragePool)
      (virGetStorageVol, virUnrefStorageVol, virGetNodeDevice)
      (virGetSecret, virUnrefSecret, virGetNWFilter, virUnrefNWFilter)
      (virGetDomainSnapshot, virUnrefDomainSnapshot): Add %s wrapper.
      * src/lxc/lxc_driver.c (lxcDomainSetBlkioParameters)
      (lxcDomainGetBlkioParameters): Likewise.
      * src/conf/domain_conf.c (virSecurityDeviceLabelDefParseXML)
      (virDomainDiskDefParseXML, virDomainGraphicsDefParseXML):
      Likewise.
      * src/conf/network_conf.c (virNetworkDNSHostsDefParseXML)
      (virNetworkDefParseXML): Likewise.
      * src/conf/nwfilter_conf.c (virNWFilterIsValidChainName):
      Likewise.
      * src/conf/nwfilter_params.c (virNWFilterVarValueCreateSimple)
      (virNWFilterVarAccessParse): Likewise.
      * src/libvirt.c (virDomainSave, virDomainSaveFlags)
      (virDomainRestore, virDomainRestoreFlags)
      (virDomainSaveImageGetXMLDesc, virDomainSaveImageDefineXML)
      (virDomainCoreDump, virDomainGetXMLDesc)
      (virDomainMigrateVersion1, virDomainMigrateVersion2)
      (virDomainMigrateVersion3, virDomainMigrate, virDomainMigrate2)
      (virStreamSendAll, virStreamRecvAll)
      (virDomainSnapshotGetXMLDesc): Likewise.
      * src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
      (virNWFilterDHCPSnoopReq): Likewise.
      * src/openvz/openvz_driver.c (openvzUpdateDevice): Likewise.
      * src/openvz/openvz_util.c (openvzKBPerPages): Likewise.
      * src/qemu/qemu_cgroup.c (qemuSetupCgroup): Likewise.
      * src/qemu/qemu_command.c (qemuBuildHubDevStr, qemuBuildChrChardevStr)
      (qemuBuildCommandLine): Likewise.
      * src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Likewise.
      * src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
      * src/rpc/virnetsaslcontext.c (virNetSASLSessionGetIdentity):
      Likewise.
      * src/rpc/virnetsocket.c (virNetSocketNewConnectUNIX)
      (virNetSocketSendFD, virNetSocketRecvFD): Likewise.
      * src/storage/storage_backend_disk.c
      (virStorageBackendDiskBuildPool): Likewise.
      * src/storage/storage_backend_fs.c
      (virStorageBackendFileSystemProbe)
      (virStorageBackendFileSystemBuild): Likewise.
      * src/storage/storage_backend_rbd.c
      (virStorageBackendRBDOpenRADOSConn): Likewise.
      * src/storage/storage_driver.c (storageVolumeResize): Likewise.
      * src/test/test_driver.c (testInterfaceChangeBegin)
      (testInterfaceChangeCommit, testInterfaceChangeRollback):
      Likewise.
      * src/vbox/vbox_tmpl.c (vboxListAllDomains): Likewise.
      * src/xenxs/xen_sxpr.c (xenFormatSxprDisk, xenFormatSxpr):
      Likewise.
      * src/xenxs/xen_xm.c (xenXMConfigGetUUID, xenFormatXMDisk)
      (xenFormatXM): Likewise.
      768007ae
    • E
      maint: avoid empty regex in syntax checker · 72181978
      Eric Blake 提交于
      We were defining 'func_or' as '|VIR_ERROR|...', which when put
      inside 'func_re' resulted in a regex that matches everything in
      isolation.  Thankfully, we always used func_re with a leading
      anchor \<, and since the empty regex does not start a word, we
      happened to get the result we wanted; but it's better to define
      func_or without a leading space converted into a leading empty
      alternation.
      
      * cfg.mk (func_or): Strip leading space.
      72181978
  23. 26 7月, 2012 1 次提交
    • E
      build: update to latest gnulib, for secure tarball · f12e1396
      Eric Blake 提交于
      Pick up some build fixes in the latest gnulib.  In particular,
      we want to ensure that official tarballs are secure, but don't
      want to penalize people who don't run 'make dist', since fixed
      automake still hasn't hit common platforms like Fedora 17.
      
      * .gnulib: Update to latest, for Automake CVE-2012-3386 detection.
      * bootstrap: Resync from gnulib.
      * bootstrap.conf (gnulib_extra_files): Drop missing, since gnulib
      has dropped it in favor of Automake's version.
      * cfg.mk (local-checks-to-skip): Conditionally skip the security
      check in cases where it doesn't matter.
      f12e1396