- 07 11月, 2013 3 次提交
-
-
由 Cole Robinson 提交于
-
由 Michal Privoznik 提交于
Since 16bcb3 we have a regression. The hard_limit is set unconditionally. By default the limit is zero. Hence, if user hasn't configured any, we set the zero in cgroup subsystem making the kernel kill the corresponding qemu process immediately. The proper fix is to set hard_limit iff user has configured any. (cherry picked from commit 94a24dd3) Conflicts: src/qemu/qemu_cgroup.c
-
由 Michal Privoznik 提交于
This function is to guess the correct limit for maximal memory usage by qemu for given domain. This can never be guessed correctly, not to mention all the pains and sleepless nights this code has caused. Once somebody discovers algorithm to solve the Halting Problem, we can compute the limit algorithmically. But till then, this code should never see the light of the release again. (cherry picked from commit 16bcb3b6) Conflicts: src/qemu/qemu_cgroup.c src/qemu/qemu_command.c src/qemu/qemu_domain.c src/qemu/qemu_domain.h src/qemu/qemu_hotplug.c
-
- 18 10月, 2013 2 次提交
-
-
由 Zhou Yimin 提交于
Introduced by 7b87a3 When I quit the process which only register VIR_DOMAIN_EVENT_ID_REBOOT, I got error like: "libvirt: XML-RPC error : internal error: domain event 0 not registered". Then I add the following code, it fixed. Signed-off-by: NZhou Yimin <zhouyimin@huawei.com> Signed-off-by: NEric Blake <eblake@redhat.com> (cherry picked from commit 9712c251)
-
由 Martin Kletzander 提交于
Commit a0b6a36f "fixed" what abfff210 broke (URI precedence), but there was still one more thing missing to fix. When using virsh parameters to setup debugging, those weren't honored, because at the time debugging was initializing, arguments weren't parsed yet. To make ewerything work as expected, we need to initialize the debugging twice, once before debugging (so we can debug option parsing properly) and then again after these options are parsed. As a side effect, this patch also fixes a leak when virsh is ran with multiple '-l' parameters. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com> (cherry picked from commit ac43da70)
-
- 15 10月, 2013 6 次提交
-
-
由 Martin Kletzander 提交于
Commit abfff210 changed the order of vshParseArgv() and vshInit() in order to make fix debugging of parameter parsing. However, vshInit() did a vshReconnect() even though ctl->name wasn't set according to the '-c' parameter yet. In order to keep both issues fixed, I've split the vshInit() into vshInitDebug() and vshInit(). One simple memleak of ctl->name is fixed as a part of this patch, since it is related to the issue it's fixing. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=999323 (cherry picked from commit a0b6a36f)
-
由 Liuji (Jeremy) 提交于
After freeing the bitmap pointer, it must set the pointer to NULL. This will avoid any other use of the freed memory of the bitmap pointer. https://bugzilla.redhat.com/show_bug.cgi?id=1006710Signed-off-by: NLiuji (Jeremy) <jeremy.liu@huawei.com> (cherry picked from commit ef5d51d4)
-
由 Daniel Hansel 提交于
Introduced by commit 3f029fb5 the RPM build was broken due to a missing LXC textcase. Signed-off-by: NDaniel Hansel <daniel.hansel@linux.vnet.ibm.com> (cherry picked from commit 6285c17f)
-
由 Ján Tomko 提交于
Since 76b644c3 when the support for RAM filesystems was introduced, libvirt accepted the following XML: <source usage='1024' unit='KiB'/> This was parsed correctly and internally stored in bytes, but it was formatted as (with an extra 's'): <source usage='1024' units='KiB'/> When read again, this was treated as if the units were missing, meaning libvirt was unable to parse its own XML correctly. The usage attribute was documented as being in KiB, but it was not scaled if the unit was missing. Transient domains still worked, because this was balanced by an extra 'k' in the mount options. This patch: Changes the parser to use 'units' instead of 'unit', as the latter was never documented (fixing persistent domains) and some programs (libvirt-glib, libvirt-sandbox) already parse the 'units' attribute. Removes the extra 'k' from the tmpfs mount options, which is needed because now we parse our own XML correctly. Changes the default input unit to KiB to match documentation, fixing: https://bugzilla.redhat.com/show_bug.cgi?id=1015689 (cherry picked from commit 3f029fb5) Conflicts: src/conf/domain_conf.c src/conf/domain_conf.h - missing format src/lxc/lxc_container.c - virAsprintf doesn't report OOM errors tests/lxcxml2xmltest.c - missing format test
-
由 Michal Privoznik 提交于
After successful @cmd construction the memory where @keys points to is part of @cmd. Avoid double freeing it. (cherry picked from commit 3e8343e1)
-
由 Jiri Denemark 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1006864 Commit 38ab1225 changed the default value of ret from true to false but forgot to set ret = true when job is NONE. Thus, virsh domjobinfo returned 1 when there was no job running for a domain but it used to (and should) return 0 in this case. (cherry picked from commit f084caae)
-
- 07 10月, 2013 7 次提交
-
-
由 Daniel P. Berrange 提交于
The virConnectPtr is passed around loads of nwfilter code in order to provide it as a parameter to the callback registered by the virt drivers. None of the virt drivers use this param though, so it serves no purpose. Avoiding the need to pass a virConnectPtr means that the nwfilterStateReload method no longer needs to open a bogus QEMU driver connection. This addresses a race condition that can lead to a crash on startup. The nwfilter driver starts before the QEMU driver and registers some callbacks with DBus to detect firewalld reload. If the firewalld reload happens while the QEMU driver is still starting up though, the nwfilterStateReload method will open a connection to the partially initialized QEMU driver and cause a crash. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit 999d72fb) Conflicts: src/nwfilter/nwfilter_driver.c
-
由 Daniel P. Berrange 提交于
The nwfilter driver only needs a reference to its private state object, not a full virConnectPtr. Update the domUpdateCBStruct struct to have a 'void *opaque' field instead of a virConnectPtr. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit ebca369e)
-
由 Daniel P. Berrange 提交于
None of the virNWFilterDefParse* methods require a virConnectPtr arg, so just drop it Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit b77b16ce) Conflicts: tests/nwfilterxml2xmltest.c
-
由 Michal Privoznik 提交于
So far the virNetDevBandwidthEqual() expected both ->in and ->out items to be allocated for both @a and @b compared. This is not necessary true for all our code. For instance, running 'update-device' twice over a NIC with the very same XML results in SIGSEGV-ing in this function. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> (cherry picked from commit ee02fbc8)
-
由 Michal Privoznik 提交于
The qemuDomainChangeNet() is called when 'virsh update-device' is invoked on a NIC. Currently, we fail to update the QoS even though we have routines for that. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> (cherry picked from commit 9fa10d39)
-
由 Peter Krempa 提交于
In the original implementation of external checkpoints I've mistakenly used the live definition to be stored in the save image. The normal approach is to use the "migratable" definition. This was discovered when commit 07966f6a changed the behavior to use a converted XML from the user to do the compatibility check to fix problem when using the regular machine saving. As the previous patch added a compatibility layer, we can now change the type of the XML in the image. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1008340 (cherry picked from commit 1b7bfa65)
-
由 Peter Krempa 提交于
External checkpoints have a bug in the implementation where they use the normal definition instead of the "migratable" one. This causes errors when the snapshot is being reverted using the workaround method via qemuDomainRestoreFlags() with a custom XML. This issue was introduced when commit 07966f6a changed the code to compare "migratable" XMLs from the user as we should have used migratable in the image too. This patch adds a compatibility layer, so that fixing the snapshot code won't make existing snapshots fail to load. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1008340 (cherry picked from commit 59898a88)
-
- 03 10月, 2013 1 次提交
-
-
由 Osier Yang 提交于
Introduced by commit 1daa4ba3. vshCommandOptStringReq returns 0 on *success* or the option is not required && not present, both are right result. Error out when returning 0 is not correct. the caller, it doesn't have to check wether it (cherry picked from commit 2a3a725c)
-
- 21 9月, 2013 2 次提交
-
-
由 Cole Robinson 提交于
-
由 Guannan Ren 提交于
Resolves:https://bugzilla.redhat.com/show_bug.cgi?id=923053 When cdrom is block type, the virsh change-media failed to insert source info because virsh uses "<source block='/dev/sdb'/>" while the correct name of the attribute for block disks is "dev". (cherry picked from commit 7729a168)
-
- 19 9月, 2013 3 次提交
-
-
由 Daniel P. Berrange 提交于
The 'stats' variable was not initialized to NULL, so if some early validation of the RPC call fails, it is possible to jump to the 'cleanup' label and VIR_FREE an uninitialized pointer. This is a security flaw, since the API can be called from a readonly connection which can trigger the validation checks. This was introduced in release v0.9.1 onwards by commit 158ba873 Author: Daniel P. Berrange <berrange@redhat.com> Date: Wed Apr 13 16:21:35 2011 +0100 Merge all returns paths from dispatcher into single path Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit e7f400a1) Conflicts: daemon/remote.c - context
-
由 Daniel P. Berrange 提交于
With the existing pkcheck (pid, start time) tuple for identifying the process, there is a race condition, where a process can make a libvirt RPC call and in another thread exec a setuid application, causing it to change to effective UID 0. This in turn causes polkit to do its permission check based on the wrong UID. To address this, libvirt must get the UID the caller had at time of connect() (from SO_PEERCRED) and pass a (pid, start time, uid) triple to the pkcheck program. Signed-off-by: NColin Walters <walters@redhat.com> Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit 922b7fda) Conflicts: src/access/viraccessdriverpolkit.c Resolution: Dropped file that does not exist in this branch.
-
由 Daniel P. Berrange 提交于
Since PIDs can be reused, polkit prefers to be given a (PID,start time) pair. If given a PID on its own, it will attempt to lookup the start time in /proc/pid/stat, though this is subject to races. It is safer if the client app resolves the PID start time itself, because as long as the app has the client socket open, the client PID won't be reused. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit 979e9c56) Signed-off-by: NEric Blake <eblake@redhat.com> Conflicts: src/rpc/virnetsocket.h - context src/util/virprocess.c - needed #include "virstring.h" src/util/virstring.c - context src/util/virstring.h - context
-
- 12 9月, 2013 1 次提交
-
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1006697 Currently, we have a bug when updating a graphics device. A graphics device can have a listen address set. This address is either defined by user (in which case it's type is VIR_DOMAIN_GRAPHICS_LISTEN_TYPE_ADDRESS) or it can be inherited from a network (in which case it's type is VIR_DOMAIN_GRAPHICS_LISTEN_TYPE_NETWORK). However, in both cases we have a listen address to process (e.g. during migration, as I've tried to fix in 7f15ebc7). Later, when a user tries to update the graphics device (e.g. set a password), we check if listen addresses match the original as qemu doesn't know how to change listen address yet. Hence, users are required to not change the listen address. The implementation then just dumps listen addresses and compare them. Previously, while dumping the listen addresses, NULL was returned for NETWORK. After my patch, this is no longer true, and we get a listen address for olddev even if it is a type of NETWORK. So we have a real string on one side, the NULL from user's XML on the other side and hence we think user wants to change the listen address and we refuse it. Therefore, we must take the type of listen address into account as well. (cherry picked from commit 752596b5)
-
- 29 8月, 2013 1 次提交
-
-
由 Eric Blake 提交于
Commit 29fe5d74 (released in 1.1.1) introduced a latent problem for any caller of virSecurityManagerSetProcessLabel and where the domain already had a uid:gid label to be parsed. Such a setup would collect the list of supplementary groups during virSecurityManagerPreFork, but then ignores that information, and thus fails to call setgroups() to adjust the supplementary groups of the process. Upstream does not use virSecurityManagerSetProcessLabel for qemu (it uses virSecurityManagerSetChildProcessLabel instead), so this problem remained latent until backporting the initial commit into v0.10.2-maint (commit c061ff5e, released in 0.10.2.7), where virSecurityManagerSetChildProcessLabel has not been backported. As a result of using a different code path in the backport, attempts to start a qemu domain that runs as qemu:qemu will end up with supplementary groups unchanged from the libvirtd parent process, rather than the desired supplementary groups of the qemu user. This can lead to failure to start a domain (typical Fedora setup assigns user 107 'qemu' to both group 107 'qemu' and group 36 'kvm', so a disk image that is only readable under kvm group rights is locked out). Worse, it is a security hole (the qemu process will inherit supplemental group rights from the parent libvirtd process, which means it has access rights to files owned by group 0 even when such files should not normally be visible to user qemu). LXC does not use the DAC security driver, so it is not vulnerable at this time. Still, it is better to plug the latent hole on the master branch first, before cherry-picking it to the only vulnerable branch v0.10.2-maint. * src/security/security_dac.c (virSecurityDACGetIds): Always populate groups and ngroups, rather than only when no label is parsed. Signed-off-by: NEric Blake <eblake@redhat.com> (cherry picked from commit 745aa55f)
-
- 21 8月, 2013 1 次提交
-
-
由 Guannan Ren 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=999077 Currently, when there is no blockjob, dom.blockJobInfo('vda') still reports error because it doesn't distinguish return value 0 from -1. libvirt.libvirtError: virDomainGetBlockJobInfo() failed virDomainGetBlockJobInfo() API return value: -1 in case of failure, 0 when nothing found, 1 found. And use PyDict_SetItemString instead of PyDict_SetItem when key is of string type. PyDict_SetItemString increments key/value reference count, so call Py_DECREF() for value. For key, we don't need to do this, because PyDict_SetItemString will handle it internally. (cherry picked from commit 0f9e67bf)
-
- 20 8月, 2013 1 次提交
-
-
由 Peter Krempa 提交于
The virBitmapParse function was calling virBitmapIsSet() function that requires the caller to check the bounds of the bitmap without checking them. This resulted into crashes when parsing a bitmap string that was exceeding the bounds used as argument. This patch refactors the function to use virBitmapSetBit without checking if the bit is set (this function does the checks internally) and then counts the bits in the bitmap afterwards (instead of keeping track while parsing the string). This patch also changes the "parse_error" label to a more common "error". The refactor should also get rid of the need to call sa_assert on the returned variable as the callpath should allow coverity to infer the possible return values. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=997367 Thanks to Alex Jia for tracking down the issue. This issue is introduced by commit 0fc89098. (cherry picked from commit 47b9127e)
-
- 02 8月, 2013 1 次提交
-
-
由 Cole Robinson 提交于
-
- 01 8月, 2013 4 次提交
-
-
由 Ján Tomko 提交于
Decrementing it when it was already 0 causes an invalid free in virNetworkDefUpdateDNSHost if virNetworkDNSHostDefParseXML fails and virNetworkDNSHostDefClear gets called twice. virNetworkForwardDefClear left the number untouched even if it freed all the elements. (cherry picked from commit c4e23388)
-
由 Ján Tomko 提交于
This fixes a crash if one of them is missing. https://bugzilla.redhat.com/show_bug.cgi?id=988718 (cherry picked from commit 461fd86a)
-
由 Ján Tomko 提交于
Reuse the buffer for getline and track buffer allocation separately from the string length to prevent unlikely out-of-bounds memory access. This fixes the following leak that happened when zero bytes were read: ==404== 120 bytes in 1 blocks are definitely lost in loss record 1,344 of 1,671 ==404== at 0x4C2C71B: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==404== by 0x906F862: getdelim (iogetdelim.c:68) ==404== by 0x52A48FB: virCgroupPartitionNeedsEscaping (vircgroup.c:1136) ==404== by 0x52A0FB4: virCgroupPartitionEscape (vircgroup.c:1171) ==404== by 0x52A0EA4: virCgroupNewDomainPartition (vircgroup.c:1450) (cherry picked from commit cc732931)
-
由 Wido den Hollander 提交于
Not all RBD (Ceph) storage pools have cephx authentication turned on, so "secret" might not be initialized. It could also be that the secret couldn't be located. Only call virSecretFree() if "secret" is initialized earlier. Signed-off-by: NWido den Hollander <wido@widodh.nl> (cherry picked from commit d58c8478)
-
- 30 7月, 2013 7 次提交
-
-
由 Guannan Ren 提交于
libvirt: https://bugzilla.redhat.com/show_bug.cgi?id=986384 qemu: https://bugzilla.redhat.com/show_bug.cgi?id=981094 The commit 0ad9025e introduce qemu flag QEMU_CAPS_DEVICE_VIDEO_PRIMARY for using -device VGA, -device cirrus-vga, -device vmware-svga and -device qxl-vga. In use, for -device qxl-vga, mouse doesn't display in guest window like the desciption in above bug. This patch try to use -device for primary video when qemu >=1.6 which contains the bug fix patch (cherry picked from commit e3f2686b) Conflicts: src/qemu/qemu_capabilities.c - context with other new capabilities not backported
-
由 Eric Blake 提交于
Mingw *printf is a moving target; newer mingw now provides a version of asprintf() that fails to understand %lld: CC event_test-event-test.o ../../../../examples/domain-events/events-c/event-test.c: In function 'myDomainEventRTCChangeCallback': ../../../../examples/domain-events/events-c/event-test.c:270:18: error: unknown conversion type character 'l' in format [-Werror=format=] virDomainGetID(dom), offset) < 0) ^ But since our examples already admitted that they were hacking around a mingw deficiency, it is easier to just use printf() directly, coupled with <inttypes.h> macros, for a more portable work-around. * examples/domain-events/events-c/event-test.c (myDomainEventRTCChangeCallback): Use PRIdMAX instead of asprintf. Signed-off-by: NEric Blake <eblake@redhat.com> (cherry picked from commit 6f4458a0)
-
由 Eric Blake 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=964358 On platforms without decent group support, the build failed: Cannot export virGetGroupList: symbol not defined ./.libs/libvirt_security_manager.a(libvirt_security_manager_la-security_dac.o): In function `virSecurityDACPreFork': /home/eblake/libvirt-tmp/build/src/../../src/security/security_dac.c:248: undefined reference to `virGetGroupList' collect2: error: ld returned 1 exit status * src/util/virutil.c (virGetGroupList): Provide dummy implementation. Signed-off-by: NEric Blake <eblake@redhat.com> (cherry picked from commit cd725c7a)
-
由 Eric Blake 提交于
On Fedora 18, when cross-compiling to mingw with the mingw*-dbus packages installed, compilation fails with: CC libvirt_net_rpc_server_la-virnetserver.lo In file included from /usr/i686-w64-mingw32/sys-root/mingw/include/dbus-1.0/dbus/dbus-connection.h:32:0, from /usr/i686-w64-mingw32/sys-root/mingw/include/dbus-1.0/dbus/dbus-bus.h:30, from /usr/i686-w64-mingw32/sys-root/mingw/include/dbus-1.0/dbus/dbus.h:31, from ../../src/util/virdbus.h:26, from ../../src/rpc/virnetserver.c:39: /usr/i686-w64-mingw32/sys-root/mingw/include/dbus-1.0/dbus/dbus-message.h:74:58: error: expected ';', ',' or ')' before 'struct' I have reported this as a bug against two packages: - mingw-headers, for polluting the namespace https://bugzilla.redhat.com/show_bug.cgi?id=980270 - dbus, for not dealing with the pollution https://bugzilla.redhat.com/show_bug.cgi?id=980278 At least dbus has agreed that a future version of dbus headers will do s/interface/iface/, regardless of what happens in mingw. But it is also easy to workaround in libvirt in the meantime, without having to wait for either mingw or dbus to upgrade. * src/util/virdbus.h (includes): Undo mingw's pollution so that dbus doesn't fail. Signed-off-by: NEric Blake <eblake@redhat.com> (cherry picked from commit 1528e8b2)
-
由 Eric Blake 提交于
On mingw, configure sets the name of the lxc symfile to libvirt_lxc.defs rather than libvirt_lxc.syms. But tarballs must be arch-independent, regardless of the configure options used for the tree where we ran 'make dist'. This led to the following failure in autobuild.sh: CCLD libvirt-lxc.la CCLD libvirt-qemu.la /usr/lib64/gcc/i686-w64-mingw32/4.7.2/../../../../i686-w64-mingw32/bin/ld: cannot find libvirt_lxc.def: No such file or directory collect2: error: ld returned 1 exit status make[3]: *** [libvirt-lxc.la] Error 1 make[3]: *** Waiting for unfinished jobs.... We were already doing the right thing with libvirt_qemu.syms. * src/Makefile.am (EXTRA_DIST): Don't ship a built file which depends on configure for its final name. Signed-off-by: NEric Blake <eblake@redhat.com> (cherry picked from commit d79c9273)
-
由 Eric Blake 提交于
Found while trying to cross-compile to mingw: CC libvirt_driver_remote_la-remote_driver.lo ../../src/remote/remote_driver.c: In function 'doRemoteOpen': ../../src/remote/remote_driver.c:487:23: error: variable 'verify' set but not used [-Werror=unused-but-set-variable] * src/remote/remote_driver.c (doRemoteOpen): Also ignore 'verify'. Signed-off-by: NEric Blake <eblake@redhat.com> (cherry picked from commit 4e6a78e7)
-