2007-07-19 16:22:40 +00:00
|
|
|
/*
|
2012-12-13 17:44:57 +00:00
|
|
|
* virutil.c: common, generic utility functions
|
2007-07-19 16:22:40 +00:00
|
|
|
*
|
2013-01-09 23:34:15 +00:00
|
|
|
* Copyright (C) 2006-2013 Red Hat, Inc.
|
2007-07-19 16:22:40 +00:00
|
|
|
* Copyright (C) 2006 Daniel P. Berrange
|
|
|
|
|
* Copyright (C) 2006, 2007 Binary Karma
|
|
|
|
|
* Copyright (C) 2006 Shuveb Hussain
|
|
|
|
|
*
|
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
2012-09-20 22:30:55 +00:00
|
|
|
* License along with this library. If not, see
|
2012-07-21 10:06:23 +00:00
|
|
|
* <http://www.gnu.org/licenses/>.
|
2007-07-19 16:22:40 +00:00
|
|
|
*
|
|
|
|
|
* Author: Daniel P. Berrange <berrange@redhat.com>
|
|
|
|
|
* File created Jul 18, 2007 - Shuveb Hussain <shuveb@binarykarma.com>
|
|
|
|
|
*/
|
|
|
|
|
|
2008-01-29 18:15:54 +00:00
|
|
|
#include <config.h>
|
2007-12-03 16:19:41 +00:00
|
|
|
|
2013-03-25 16:43:40 +00:00
|
|
|
#include <dirent.h>
|
2007-07-19 16:22:40 +00:00
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdarg.h>
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <fcntl.h>
|
|
|
|
|
#include <errno.h>
|
2008-11-05 18:57:42 +00:00
|
|
|
#include <poll.h>
|
2007-12-03 14:30:46 +00:00
|
|
|
#include <sys/stat.h>
|
2011-05-10 18:42:59 +00:00
|
|
|
#include <sys/types.h>
|
2009-01-20 16:36:34 +00:00
|
|
|
#include <sys/ioctl.h>
|
2007-12-03 16:19:41 +00:00
|
|
|
#include <string.h>
|
2010-09-22 18:08:58 +00:00
|
|
|
#include <termios.h>
|
2012-08-11 19:13:00 +00:00
|
|
|
#include <locale.h>
|
2011-11-03 20:56:13 +00:00
|
|
|
|
2011-02-18 19:00:47 +00:00
|
|
|
#if HAVE_LIBDEVMAPPER_H
|
|
|
|
|
# include <libdevmapper.h>
|
|
|
|
|
#endif
|
2007-12-03 16:19:41 +00:00
|
|
|
|
2007-12-07 14:45:39 +00:00
|
|
|
#ifdef HAVE_PATHS_H
|
2010-03-09 18:22:22 +00:00
|
|
|
# include <paths.h>
|
2007-12-07 14:45:39 +00:00
|
|
|
#endif
|
2009-01-07 10:43:16 +00:00
|
|
|
#include <netdb.h>
|
2009-01-22 19:41:48 +00:00
|
|
|
#ifdef HAVE_GETPWUID_R
|
2010-03-09 18:22:22 +00:00
|
|
|
# include <pwd.h>
|
|
|
|
|
# include <grp.h>
|
2009-01-22 19:41:48 +00:00
|
|
|
#endif
|
2012-09-20 14:17:56 +00:00
|
|
|
#if WITH_CAPNG
|
2010-03-09 18:22:22 +00:00
|
|
|
# include <cap-ng.h>
|
util: virSetUIDGIDWithCaps - change uid while keeping caps
Normally when a process' uid is changed to non-0, all the capabilities
bits are cleared, even those explicitly set with calls to
capng_update()/capng_apply() made immediately before setuid. And
*after* the process' uid has been changed, it no longer has the
necessary privileges to add capabilities back to the process.
In order to set a non-0 uid while still maintaining any capabilities
bits, it is necessary to either call capng_change_id() (which
unfortunately doesn't currently call initgroups to setup auxiliary
group membership), or to perform the small amount of calisthenics
contained in the new utility function virSetUIDGIDWithCaps().
Another very important difference between the capabilities
setting/clearing in virSetUIDGIDWithCaps() and virCommand's
virSetCapabilities() (which it will replace in the next patch) is that
the new function properly clears the capabilities bounding set, so it
will not be possible for a child process to set any new
capabilities.
A short description of what is done by virSetUIDGIDWithCaps():
1) clear all capabilities then set all those desired by the caller (in
capBits) plus CAP_SETGID, CAP_SETUID, and CAP_SETPCAP (which is needed
to change the capabilities bounding set).
2) call prctl(), telling it that we want to maintain current
capabilities across an upcoming setuid().
3) switch to the new uid/gid
4) again call prctl(), telling it we will no longer want capabilities
maintained if this process does another setuid().
5) clear the capabilities that we added to allow us to
setuid/setgid/change the bounding set (unless they were also requested
by the caller via the virCommand API).
Because the modification/maintaining of capabilities is intermingled
with setting the uid, this is necessarily done in a single function,
rather than having two independent functions.
Note that, due to the way that effective capabilities are computed (at
time of execve) for a process that has uid != 0, the *file*
capabilities of the binary being executed must also have the desired
capabilities bit(s) set (see "man 7 capabilities"). This can be done
with the "filecap" command. (e.g. "filecap /usr/bin/qemu-kvm sys_rawio").
2013-02-05 15:30:32 +00:00
|
|
|
# include <sys/prctl.h>
|
2009-06-29 17:00:52 +00:00
|
|
|
#endif
|
2007-12-07 14:45:39 +00:00
|
|
|
|
2012-05-24 13:37:54 +00:00
|
|
|
#ifdef WIN32
|
2012-06-21 13:37:34 +00:00
|
|
|
# ifdef HAVE_WINSOCK2_H
|
|
|
|
|
# include <winsock2.h>
|
|
|
|
|
# endif
|
2012-05-24 13:37:54 +00:00
|
|
|
# include <windows.h>
|
|
|
|
|
# include <shlobj.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
2011-11-03 20:56:13 +00:00
|
|
|
#include "c-ctype.h"
|
2012-12-13 18:21:53 +00:00
|
|
|
#include "virerror.h"
|
2012-12-12 17:59:27 +00:00
|
|
|
#include "virlog.h"
|
2012-12-04 12:04:07 +00:00
|
|
|
#include "virbuffer.h"
|
2012-12-12 18:06:53 +00:00
|
|
|
#include "viralloc.h"
|
2012-12-13 15:49:48 +00:00
|
|
|
#include "virthread.h"
|
2010-04-29 03:36:03 +00:00
|
|
|
#include "verify.h"
|
2013-05-09 18:59:04 +00:00
|
|
|
#include "virfile.h"
|
|
|
|
|
#include "vircommand.h"
|
|
|
|
|
#include "nonblocking.h"
|
|
|
|
|
#include "virprocess.h"
|
|
|
|
|
#include "virstring.h"
|
|
|
|
|
#include "virutil.h"
|
2007-12-03 14:30:46 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
#ifndef NSIG
|
|
|
|
|
# define NSIG 32
|
|
|
|
|
#endif
|
2012-10-20 21:11:31 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
verify(sizeof(gid_t) <= sizeof(unsigned int) &&
|
|
|
|
|
sizeof(uid_t) <= sizeof(unsigned int));
|
2011-07-06 13:39:21 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
#define VIR_FROM_THIS VIR_FROM_NONE
|
2011-07-06 13:39:21 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
#ifndef WIN32
|
2007-12-03 14:30:46 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
int virSetInherit(int fd, bool inherit) {
|
|
|
|
|
int fflags;
|
|
|
|
|
if ((fflags = fcntl(fd, F_GETFD)) < 0)
|
2011-07-05 21:02:53 +00:00
|
|
|
return -1;
|
2013-05-09 18:59:04 +00:00
|
|
|
if (inherit)
|
|
|
|
|
fflags &= ~FD_CLOEXEC;
|
|
|
|
|
else
|
|
|
|
|
fflags |= FD_CLOEXEC;
|
|
|
|
|
if ((fcntl(fd, F_SETFD, fflags)) < 0)
|
2011-07-05 21:02:53 +00:00
|
|
|
return -1;
|
2007-12-03 14:30:46 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
#else /* WIN32 */
|
2012-07-10 11:24:04 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
int virSetInherit(int fd ATTRIBUTE_UNUSED, bool inherit ATTRIBUTE_UNUSED)
|
2010-01-26 13:47:02 +00:00
|
|
|
{
|
2013-05-09 18:59:04 +00:00
|
|
|
/* FIXME: Currently creating child processes is not supported on
|
|
|
|
|
* Win32, so there is no point in failing calls that are only relevant
|
|
|
|
|
* when creating child processes. So just pretend that we changed the
|
|
|
|
|
* inheritance property of the given fd as requested. */
|
|
|
|
|
return 0;
|
2010-01-26 13:47:02 +00:00
|
|
|
}
|
|
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
#endif /* WIN32 */
|
2011-04-03 09:21:14 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
int virSetBlocking(int fd, bool blocking) {
|
|
|
|
|
return set_nonblocking_flag(fd, !blocking);
|
2007-12-03 14:30:46 +00:00
|
|
|
}
|
|
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
int virSetNonBlock(int fd) {
|
|
|
|
|
return virSetBlocking(fd, false);
|
2011-10-20 09:02:27 +00:00
|
|
|
}
|
2008-08-13 10:52:15 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
int virSetCloseExec(int fd)
|
2012-05-24 13:37:54 +00:00
|
|
|
{
|
2013-05-09 18:59:04 +00:00
|
|
|
return virSetInherit(fd, false);
|
2012-05-24 13:37:54 +00:00
|
|
|
}
|
|
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
int
|
|
|
|
|
virPipeReadUntilEOF(int outfd, int errfd,
|
|
|
|
|
char **outbuf, char **errbuf) {
|
2012-05-24 13:37:54 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
struct pollfd fds[2];
|
|
|
|
|
int i;
|
|
|
|
|
int finished[2];
|
2012-05-24 13:37:54 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
fds[0].fd = outfd;
|
|
|
|
|
fds[0].events = POLLIN;
|
|
|
|
|
fds[0].revents = 0;
|
|
|
|
|
finished[0] = 0;
|
|
|
|
|
fds[1].fd = errfd;
|
|
|
|
|
fds[1].events = POLLIN;
|
|
|
|
|
fds[1].revents = 0;
|
|
|
|
|
finished[1] = 0;
|
2012-05-24 13:37:54 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
while (!(finished[0] && finished[1])) {
|
2012-05-24 13:37:54 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
if (poll(fds, ARRAY_CARDINALITY(fds), -1) < 0) {
|
|
|
|
|
if ((errno == EAGAIN) || (errno == EINTR))
|
|
|
|
|
continue;
|
|
|
|
|
goto pollerr;
|
2012-05-24 13:37:54 +00:00
|
|
|
}
|
|
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
for (i = 0; i < ARRAY_CARDINALITY(fds); ++i) {
|
|
|
|
|
char data[1024], **buf;
|
|
|
|
|
int got, size;
|
2012-05-24 13:37:54 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
if (!(fds[i].revents))
|
|
|
|
|
continue;
|
|
|
|
|
else if (fds[i].revents & POLLHUP)
|
|
|
|
|
finished[i] = 1;
|
2012-05-24 13:37:54 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
if (!(fds[i].revents & POLLIN)) {
|
|
|
|
|
if (fds[i].revents & POLLHUP)
|
|
|
|
|
continue;
|
2012-05-24 13:37:54 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("Unknown poll response."));
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
2012-05-24 13:37:54 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
got = read(fds[i].fd, data, sizeof(data));
|
2012-05-24 13:37:54 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
if (got == sizeof(data))
|
|
|
|
|
finished[i] = 0;
|
2009-10-08 14:55:58 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
if (got == 0) {
|
|
|
|
|
finished[i] = 1;
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (got < 0) {
|
|
|
|
|
if (errno == EINTR)
|
|
|
|
|
continue;
|
|
|
|
|
if (errno == EAGAIN)
|
|
|
|
|
break;
|
|
|
|
|
goto pollerr;
|
|
|
|
|
}
|
2009-10-08 14:55:58 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
buf = ((fds[i].fd == outfd) ? outbuf : errbuf);
|
|
|
|
|
size = (*buf ? strlen(*buf) : 0);
|
|
|
|
|
if (VIR_REALLOC_N(*buf, size+got+1) < 0) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
memmove(*buf+size, data, got);
|
|
|
|
|
(*buf)[size+got] = '\0';
|
2009-10-08 14:55:58 +00:00
|
|
|
}
|
2013-05-09 18:59:04 +00:00
|
|
|
continue;
|
2010-05-20 15:41:31 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
pollerr:
|
|
|
|
|
virReportSystemError(errno,
|
|
|
|
|
"%s", _("poll error"));
|
|
|
|
|
goto error;
|
2010-05-20 15:41:31 +00:00
|
|
|
}
|
|
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
return 0;
|
2010-05-20 15:41:31 +00:00
|
|
|
|
2013-05-09 18:59:04 +00:00
|
|
|
error:
|
|
|
|
|
VIR_FREE(*outbuf);
|
|
|
|
|
VIR_FREE(*errbuf);
|
|
|
|
|
return -1;
|
2010-05-20 15:41:31 +00:00
|
|
|
}
|
|
|
|
|
|
2010-08-27 21:13:45 +00:00
|
|
|
/* Convert C from hexadecimal character to integer. */
|
|
|
|
|
int
|
|
|
|
|
virHexToBin(unsigned char c)
|
|
|
|
|
{
|
|
|
|
|
switch (c) {
|
|
|
|
|
default: return c - '0';
|
|
|
|
|
case 'a': case 'A': return 10;
|
|
|
|
|
case 'b': case 'B': return 11;
|
|
|
|
|
case 'c': case 'C': return 12;
|
|
|
|
|
case 'd': case 'D': return 13;
|
|
|
|
|
case 'e': case 'E': return 14;
|
|
|
|
|
case 'f': case 'F': return 15;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-03-05 16:28:59 +00:00
|
|
|
/* Scale an integer VALUE in-place by an optional case-insensitive
|
|
|
|
|
* SUFFIX, defaulting to SCALE if suffix is NULL or empty (scale is
|
|
|
|
|
* typically 1 or 1024). Recognized suffixes include 'b' or 'bytes',
|
|
|
|
|
* as well as power-of-two scaling via binary abbreviations ('KiB',
|
|
|
|
|
* 'MiB', ...) or their one-letter counterpart ('k', 'M', ...), and
|
|
|
|
|
* power-of-ten scaling via SI abbreviations ('KB', 'MB', ...).
|
|
|
|
|
* Ensure that the result does not exceed LIMIT. Return 0 on success,
|
|
|
|
|
* -1 with error message raised on failure. */
|
|
|
|
|
int
|
|
|
|
|
virScaleInteger(unsigned long long *value, const char *suffix,
|
|
|
|
|
unsigned long long scale, unsigned long long limit)
|
|
|
|
|
{
|
|
|
|
|
if (!suffix || !*suffix) {
|
|
|
|
|
if (!scale) {
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("invalid scale %llu"), scale);
|
2012-03-05 16:28:59 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
suffix = "";
|
|
|
|
|
} else if (STRCASEEQ(suffix, "b") || STRCASEEQ(suffix, "byte") ||
|
|
|
|
|
STRCASEEQ(suffix, "bytes")) {
|
|
|
|
|
scale = 1;
|
|
|
|
|
} else {
|
|
|
|
|
int base;
|
|
|
|
|
|
|
|
|
|
if (!suffix[1] || STRCASEEQ(suffix + 1, "iB")) {
|
|
|
|
|
base = 1024;
|
|
|
|
|
} else if (c_tolower(suffix[1]) == 'b' && !suffix[2]) {
|
|
|
|
|
base = 1000;
|
|
|
|
|
} else {
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INVALID_ARG,
|
2012-03-05 16:28:59 +00:00
|
|
|
_("unknown suffix '%s'"), suffix);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
scale = 1;
|
|
|
|
|
switch (c_tolower(*suffix)) {
|
|
|
|
|
case 'e':
|
|
|
|
|
scale *= base;
|
|
|
|
|
/* fallthrough */
|
|
|
|
|
case 'p':
|
|
|
|
|
scale *= base;
|
|
|
|
|
/* fallthrough */
|
|
|
|
|
case 't':
|
|
|
|
|
scale *= base;
|
|
|
|
|
/* fallthrough */
|
|
|
|
|
case 'g':
|
|
|
|
|
scale *= base;
|
|
|
|
|
/* fallthrough */
|
|
|
|
|
case 'm':
|
|
|
|
|
scale *= base;
|
|
|
|
|
/* fallthrough */
|
|
|
|
|
case 'k':
|
|
|
|
|
scale *= base;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INVALID_ARG,
|
|
|
|
|
_("unknown suffix '%s'"), suffix);
|
2012-03-05 16:28:59 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-03-05 15:13:21 +00:00
|
|
|
if (*value && *value > (limit / scale)) {
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_OVERFLOW, _("value too large: %llu%s"),
|
|
|
|
|
*value, suffix);
|
2012-03-05 16:28:59 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
*value *= scale;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2011-06-29 17:47:08 +00:00
|
|
|
|
2008-02-27 04:35:08 +00:00
|
|
|
/**
|
|
|
|
|
* virParseNumber:
|
|
|
|
|
* @str: pointer to the char pointer used
|
|
|
|
|
*
|
|
|
|
|
* Parse an unsigned number
|
|
|
|
|
*
|
|
|
|
|
* Returns the unsigned number or -1 in case of error. @str will be
|
|
|
|
|
* updated to skip the number.
|
|
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
virParseNumber(const char **str)
|
|
|
|
|
{
|
|
|
|
|
int ret = 0;
|
|
|
|
|
const char *cur = *str;
|
|
|
|
|
|
|
|
|
|
if ((*cur < '0') || (*cur > '9'))
|
2012-03-22 11:33:35 +00:00
|
|
|
return -1;
|
2008-02-27 04:35:08 +00:00
|
|
|
|
start using c-ctype functions
Up to now, we've been avoiding ctype functions like isspace, isdigit,
etc. because they are locale-dependent. Now that we have the c-ctype
functions, we can start using *them*, to make the code more readable
with changes like these:
- /* This may not work on EBCDIC. */
- if ((*p >= 'a' && *p <= 'z') ||
- (*p >= 'A' && *p <= 'Z') ||
- (*p >= '0' && *p <= '9'))
+ if (c_isalnum(*p))
- while ((*cur >= '0') && (*cur <= '9')) {
+ while (c_isdigit(*cur)) {
Also, some macros in conf.c used names that conflicted with
standard meaning of "BLANK" and "SPACE", so I've adjusted them
to be in line with the definition of e.g., isblank.
In addition, I've wrapped those statement macros with do {...} while (0),
so that we can't forget the ";" after a use. There was one like that
already (fixed below). The missing semicolon would mess up automatic
indenting.
* src/buf.c (virBufferURIEncodeString):
* src/conf.c (IS_EOL, SKIP_BLANKS_AND_EOL, SKIP_BLANKS)
(virConfParseLong, virConfParseValue, virConfParseName)
(virConfParseSeparator, virConfParseStatement, IS_BLANK, IS_CHAR)
(IS_DIGIT, IS_SPACE, SKIP_SPACES):
* src/nodeinfo.c:
* src/qemu_conf.c (qemudParseInterfaceXML):
* src/qemu_driver.c (qemudDomainBlockStats):
* src/sexpr.c:
* src/stats_linux.c:
* src/util.c (virParseNumber, virDiskNameToIndex):
* src/uuid.c (hextobin, virUUIDParse):
* src/virsh.c:
* src/xml.c (parseCpuNumber, virParseCpuSet):
2008-05-16 09:37:44 +00:00
|
|
|
while (c_isdigit(*cur)) {
|
2008-02-27 04:35:08 +00:00
|
|
|
unsigned int c = *cur - '0';
|
|
|
|
|
|
|
|
|
|
if ((ret > INT_MAX / 10) ||
|
|
|
|
|
((ret == INT_MAX / 10) && (c > INT_MAX % 10)))
|
2012-03-22 11:33:35 +00:00
|
|
|
return -1;
|
2008-02-27 04:35:08 +00:00
|
|
|
ret = ret * 10 + c;
|
|
|
|
|
cur++;
|
|
|
|
|
}
|
|
|
|
|
*str = cur;
|
2012-03-22 11:33:35 +00:00
|
|
|
return ret;
|
2008-02-27 04:35:08 +00:00
|
|
|
}
|
2008-02-08 09:15:16 +00:00
|
|
|
|
2010-03-30 14:15:13 +00:00
|
|
|
/**
|
|
|
|
|
* virParseVersionString:
|
|
|
|
|
* @str: const char pointer to the version string
|
|
|
|
|
* @version: unsigned long pointer to output the version number
|
2011-07-01 13:23:02 +00:00
|
|
|
* @allowMissing: true to treat 3 like 3.0.0, false to error out on
|
|
|
|
|
* missing minor or micro
|
2010-03-30 14:15:13 +00:00
|
|
|
*
|
|
|
|
|
* Parse an unsigned version number from a version string. Expecting
|
|
|
|
|
* 'major.minor.micro' format, ignoring an optional suffix.
|
|
|
|
|
*
|
|
|
|
|
* The major, minor and micro numbers are encoded into a single version number:
|
|
|
|
|
*
|
|
|
|
|
* 1000000 * major + 1000 * minor + micro
|
|
|
|
|
*
|
|
|
|
|
* Returns the 0 for success, -1 for error.
|
|
|
|
|
*/
|
|
|
|
|
int
|
2011-07-01 13:23:02 +00:00
|
|
|
virParseVersionString(const char *str, unsigned long *version,
|
|
|
|
|
bool allowMissing)
|
2010-03-30 14:15:13 +00:00
|
|
|
{
|
2011-07-01 10:40:21 +00:00
|
|
|
unsigned int major, minor = 0, micro = 0;
|
2010-03-30 14:15:13 +00:00
|
|
|
char *tmp;
|
|
|
|
|
|
2011-07-01 10:40:21 +00:00
|
|
|
if (virStrToLong_ui(str, &tmp, 10, &major) < 0)
|
2010-03-30 14:15:13 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2011-07-01 13:23:02 +00:00
|
|
|
if (!allowMissing && *tmp != '.')
|
|
|
|
|
return -1;
|
|
|
|
|
|
2011-07-01 10:40:21 +00:00
|
|
|
if ((*tmp == '.') && virStrToLong_ui(tmp + 1, &tmp, 10, &minor) < 0)
|
2010-03-30 14:15:13 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2011-07-01 13:23:02 +00:00
|
|
|
if (!allowMissing && *tmp != '.')
|
|
|
|
|
return -1;
|
|
|
|
|
|
2011-07-01 10:40:21 +00:00
|
|
|
if ((*tmp == '.') && virStrToLong_ui(tmp + 1, &tmp, 10, µ) < 0)
|
2010-03-30 14:15:13 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2011-07-01 13:23:02 +00:00
|
|
|
if (major > UINT_MAX / 1000000 || minor > 999 || micro > 999)
|
|
|
|
|
return -1;
|
|
|
|
|
|
2010-03-30 14:15:13 +00:00
|
|
|
*version = 1000000 * major + 1000 * minor + micro;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2008-06-24 15:00:15 +00:00
|
|
|
int virEnumFromString(const char *const*types,
|
|
|
|
|
unsigned int ntypes,
|
|
|
|
|
const char *type)
|
|
|
|
|
{
|
|
|
|
|
unsigned int i;
|
2009-06-22 16:37:52 +00:00
|
|
|
if (!type)
|
|
|
|
|
return -1;
|
|
|
|
|
|
2008-06-24 15:00:15 +00:00
|
|
|
for (i = 0 ; i < ntypes ; i++)
|
|
|
|
|
if (STREQ(types[i], type))
|
|
|
|
|
return i;
|
|
|
|
|
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2012-08-11 19:13:00 +00:00
|
|
|
/* In case thread-safe locales are available */
|
|
|
|
|
#if HAVE_NEWLOCALE
|
|
|
|
|
|
|
|
|
|
static locale_t virLocale;
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
virLocaleOnceInit(void)
|
|
|
|
|
{
|
|
|
|
|
virLocale = newlocale(LC_ALL_MASK, "C", (locale_t)0);
|
|
|
|
|
if (!virLocale)
|
|
|
|
|
return -1;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
VIR_ONCE_GLOBAL_INIT(virLocale)
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* virDoubleToStr
|
|
|
|
|
*
|
|
|
|
|
* converts double to string with C locale (thread-safe).
|
|
|
|
|
*
|
|
|
|
|
* Returns -1 on error, size of the string otherwise.
|
|
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
virDoubleToStr(char **strp, double number)
|
|
|
|
|
{
|
|
|
|
|
int ret = -1;
|
|
|
|
|
|
|
|
|
|
#if HAVE_NEWLOCALE
|
|
|
|
|
|
|
|
|
|
locale_t old_loc;
|
|
|
|
|
|
|
|
|
|
if (virLocaleInitialize() < 0)
|
|
|
|
|
goto error;
|
|
|
|
|
|
|
|
|
|
old_loc = uselocale(virLocale);
|
|
|
|
|
ret = virAsprintf(strp, "%lf", number);
|
|
|
|
|
uselocale(old_loc);
|
|
|
|
|
|
|
|
|
|
#else
|
|
|
|
|
|
|
|
|
|
char *radix, *tmp;
|
|
|
|
|
struct lconv *lc;
|
|
|
|
|
|
2012-08-14 10:12:38 +00:00
|
|
|
if ((ret = virAsprintf(strp, "%lf", number) < 0))
|
2012-08-11 19:13:00 +00:00
|
|
|
goto error;
|
|
|
|
|
|
|
|
|
|
lc = localeconv();
|
|
|
|
|
radix = lc->decimal_point;
|
|
|
|
|
tmp = strstr(*strp, radix);
|
|
|
|
|
if (tmp) {
|
|
|
|
|
*tmp = '.';
|
|
|
|
|
if (strlen(radix) > 1)
|
2012-08-14 10:12:38 +00:00
|
|
|
memmove(tmp + 1, tmp + strlen(radix), strlen(*strp) - (tmp - *strp));
|
2012-08-11 19:13:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endif /* HAVE_NEWLOCALE */
|
|
|
|
|
error:
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-25 17:31:01 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Format @val as a base-10 decimal number, in the
|
|
|
|
|
* buffer @buf of size @buflen. To allocate a suitable
|
|
|
|
|
* sized buffer, the INT_BUFLEN(int) macro should be
|
|
|
|
|
* used
|
|
|
|
|
*
|
|
|
|
|
* Returns pointer to start of the number in @buf
|
|
|
|
|
*/
|
|
|
|
|
char *
|
|
|
|
|
virFormatIntDecimal(char *buf, size_t buflen, int val)
|
|
|
|
|
{
|
|
|
|
|
char *p = buf + buflen - 1;
|
|
|
|
|
*p = '\0';
|
|
|
|
|
if (val >= 0) {
|
|
|
|
|
do {
|
|
|
|
|
*--p = '0' + (val % 10);
|
|
|
|
|
val /= 10;
|
|
|
|
|
} while (val != 0);
|
|
|
|
|
} else {
|
|
|
|
|
do {
|
|
|
|
|
*--p = '0' - (val % 10);
|
|
|
|
|
val /= 10;
|
|
|
|
|
} while (val != 0);
|
|
|
|
|
*--p = '-';
|
|
|
|
|
}
|
|
|
|
|
return p;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2008-06-24 15:00:15 +00:00
|
|
|
const char *virEnumToString(const char *const*types,
|
|
|
|
|
unsigned int ntypes,
|
|
|
|
|
int type)
|
|
|
|
|
{
|
|
|
|
|
if (type < 0 || type >= ntypes)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
return types[type];
|
|
|
|
|
}
|
|
|
|
|
|
2010-03-19 17:26:09 +00:00
|
|
|
/* Translates a device name of the form (regex) /^[fhv]d[a-z]+[0-9]*$/
|
|
|
|
|
* into the corresponding index (e.g. sda => 0, hdz => 25, vdaa => 26)
|
|
|
|
|
* Note that any trailing string of digits is simply ignored.
|
2008-05-09 16:41:19 +00:00
|
|
|
* @param name The name of the device
|
|
|
|
|
* @return name's index, or -1 on failure
|
|
|
|
|
*/
|
|
|
|
|
int virDiskNameToIndex(const char *name) {
|
|
|
|
|
const char *ptr = NULL;
|
|
|
|
|
int idx = 0;
|
2010-08-10 11:46:46 +00:00
|
|
|
static char const* const drive_prefix[] = {"fd", "hd", "vd", "sd", "xvd", "ubd"};
|
2008-05-15 16:05:41 +00:00
|
|
|
unsigned int i;
|
2008-05-09 16:41:19 +00:00
|
|
|
|
2008-05-15 16:05:41 +00:00
|
|
|
for (i = 0; i < ARRAY_CARDINALITY(drive_prefix); i++) {
|
|
|
|
|
if (STRPREFIX(name, drive_prefix[i])) {
|
|
|
|
|
ptr = name + strlen(drive_prefix[i]);
|
2008-05-09 16:41:19 +00:00
|
|
|
break;
|
2008-05-15 16:05:41 +00:00
|
|
|
}
|
2008-05-09 16:41:19 +00:00
|
|
|
}
|
|
|
|
|
|
2008-05-15 16:05:41 +00:00
|
|
|
if (!ptr)
|
2008-05-09 16:41:19 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2008-10-10 08:37:35 +00:00
|
|
|
for (i = 0; *ptr; i++) {
|
start using c-ctype functions
Up to now, we've been avoiding ctype functions like isspace, isdigit,
etc. because they are locale-dependent. Now that we have the c-ctype
functions, we can start using *them*, to make the code more readable
with changes like these:
- /* This may not work on EBCDIC. */
- if ((*p >= 'a' && *p <= 'z') ||
- (*p >= 'A' && *p <= 'Z') ||
- (*p >= '0' && *p <= '9'))
+ if (c_isalnum(*p))
- while ((*cur >= '0') && (*cur <= '9')) {
+ while (c_isdigit(*cur)) {
Also, some macros in conf.c used names that conflicted with
standard meaning of "BLANK" and "SPACE", so I've adjusted them
to be in line with the definition of e.g., isblank.
In addition, I've wrapped those statement macros with do {...} while (0),
so that we can't forget the ";" after a use. There was one like that
already (fixed below). The missing semicolon would mess up automatic
indenting.
* src/buf.c (virBufferURIEncodeString):
* src/conf.c (IS_EOL, SKIP_BLANKS_AND_EOL, SKIP_BLANKS)
(virConfParseLong, virConfParseValue, virConfParseName)
(virConfParseSeparator, virConfParseStatement, IS_BLANK, IS_CHAR)
(IS_DIGIT, IS_SPACE, SKIP_SPACES):
* src/nodeinfo.c:
* src/qemu_conf.c (qemudParseInterfaceXML):
* src/qemu_driver.c (qemudDomainBlockStats):
* src/sexpr.c:
* src/stats_linux.c:
* src/util.c (virParseNumber, virDiskNameToIndex):
* src/uuid.c (hextobin, virUUIDParse):
* src/virsh.c:
* src/xml.c (parseCpuNumber, virParseCpuSet):
2008-05-16 09:37:44 +00:00
|
|
|
if (!c_islower(*ptr))
|
2010-03-19 17:26:09 +00:00
|
|
|
break;
|
2008-05-09 16:41:19 +00:00
|
|
|
|
2012-11-22 14:56:08 +00:00
|
|
|
idx = (idx + (i < 1 ? 0 : 1)) * 26;
|
2008-05-09 16:41:19 +00:00
|
|
|
idx += *ptr - 'a';
|
|
|
|
|
ptr++;
|
|
|
|
|
}
|
|
|
|
|
|
2010-03-19 17:26:09 +00:00
|
|
|
/* Count the trailing digits. */
|
|
|
|
|
size_t n_digits = strspn(ptr, "0123456789");
|
|
|
|
|
if (ptr[n_digits] != '\0')
|
|
|
|
|
return -1;
|
|
|
|
|
|
2008-05-09 16:41:19 +00:00
|
|
|
return idx;
|
|
|
|
|
}
|
2009-01-06 17:46:46 +00:00
|
|
|
|
2009-12-03 16:17:40 +00:00
|
|
|
char *virIndexToDiskName(int idx, const char *prefix)
|
|
|
|
|
{
|
|
|
|
|
char *name = NULL;
|
|
|
|
|
int i, k, offset;
|
|
|
|
|
|
|
|
|
|
if (idx < 0) {
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("Disk index %d is negative"), idx);
|
2009-12-03 16:17:40 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for (i = 0, k = idx; k >= 0; ++i, k = k / 26 - 1) { }
|
|
|
|
|
|
|
|
|
|
offset = strlen(prefix);
|
|
|
|
|
|
|
|
|
|
if (VIR_ALLOC_N(name, offset + i + 1)) {
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2009-12-03 16:17:40 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
strcpy(name, prefix);
|
|
|
|
|
name[offset + i] = '\0';
|
|
|
|
|
|
|
|
|
|
for (i = i - 1, k = idx; k >= 0; --i, k = k / 26 - 1) {
|
|
|
|
|
name[offset + i] = 'a' + (k % 26);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return name;
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-07 10:43:16 +00:00
|
|
|
#ifndef AI_CANONIDN
|
2010-03-09 18:22:22 +00:00
|
|
|
# define AI_CANONIDN 0
|
2009-01-07 10:43:16 +00:00
|
|
|
#endif
|
|
|
|
|
|
2010-05-20 17:16:30 +00:00
|
|
|
/* Who knew getting a hostname could be so delicate. In Linux (and Unices
|
|
|
|
|
* in general), many things depend on "hostname" returning a value that will
|
|
|
|
|
* resolve one way or another. In the modern world where networks frequently
|
|
|
|
|
* come and go this is often being hard-coded to resolve to "localhost". If
|
|
|
|
|
* it *doesn't* resolve to localhost, then we would prefer to have the FQDN.
|
|
|
|
|
* That leads us to 3 possibilities:
|
|
|
|
|
*
|
|
|
|
|
* 1) gethostname() returns an FQDN (not localhost) - we return the string
|
|
|
|
|
* as-is, it's all of the information we want
|
|
|
|
|
* 2) gethostname() returns "localhost" - we return localhost; doing further
|
|
|
|
|
* work to try to resolve it is pointless
|
|
|
|
|
* 3) gethostname() returns a shortened hostname - in this case, we want to
|
|
|
|
|
* try to resolve this to a fully-qualified name. Therefore we pass it
|
|
|
|
|
* to getaddrinfo(). There are two possible responses:
|
|
|
|
|
* a) getaddrinfo() resolves to a FQDN - return the FQDN
|
2011-10-14 14:25:50 +00:00
|
|
|
* b) getaddrinfo() fails or resolves to localhost - in this case, the
|
2011-10-13 14:19:37 +00:00
|
|
|
* data we got from gethostname() is actually more useful than what
|
|
|
|
|
* we got from getaddrinfo(). Return the value from gethostname()
|
|
|
|
|
* and hope for the best.
|
2010-05-20 17:16:30 +00:00
|
|
|
*/
|
2013-04-26 16:39:11 +00:00
|
|
|
char *virGetHostname(void)
|
2009-01-07 10:43:16 +00:00
|
|
|
{
|
|
|
|
|
int r;
|
|
|
|
|
char hostname[HOST_NAME_MAX+1], *result;
|
2010-05-20 17:16:30 +00:00
|
|
|
struct addrinfo hints, *info;
|
2009-01-07 10:43:16 +00:00
|
|
|
|
2012-10-17 09:23:12 +00:00
|
|
|
r = gethostname(hostname, sizeof(hostname));
|
2009-10-23 17:01:22 +00:00
|
|
|
if (r == -1) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
|
|
|
|
"%s", _("failed to determine host name"));
|
2009-01-07 10:43:16 +00:00
|
|
|
return NULL;
|
2009-10-23 17:01:22 +00:00
|
|
|
}
|
2009-01-07 10:43:16 +00:00
|
|
|
NUL_TERMINATE(hostname);
|
|
|
|
|
|
2010-05-20 17:16:30 +00:00
|
|
|
if (STRPREFIX(hostname, "localhost") || strchr(hostname, '.')) {
|
|
|
|
|
/* in this case, gethostname returned localhost (meaning we can't
|
|
|
|
|
* do any further canonicalization), or it returned an FQDN (and
|
|
|
|
|
* we don't need to do any further canonicalization). Return the
|
|
|
|
|
* string as-is; it's up to callers to check whether "localhost"
|
|
|
|
|
* is allowed.
|
|
|
|
|
*/
|
|
|
|
|
result = strdup(hostname);
|
|
|
|
|
goto check_and_return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* otherwise, it's a shortened, non-localhost, hostname. Attempt to
|
|
|
|
|
* canonicalize the hostname by running it through getaddrinfo
|
|
|
|
|
*/
|
|
|
|
|
|
2009-01-07 10:43:16 +00:00
|
|
|
memset(&hints, 0, sizeof(hints));
|
|
|
|
|
hints.ai_flags = AI_CANONNAME|AI_CANONIDN;
|
|
|
|
|
hints.ai_family = AF_UNSPEC;
|
|
|
|
|
r = getaddrinfo(hostname, NULL, &hints, &info);
|
2009-10-23 17:01:22 +00:00
|
|
|
if (r != 0) {
|
2011-10-13 14:19:37 +00:00
|
|
|
VIR_WARN("getaddrinfo failed for '%s': %s",
|
|
|
|
|
hostname, gai_strerror(r));
|
|
|
|
|
result = strdup(hostname);
|
|
|
|
|
goto check_and_return;
|
2009-10-23 17:01:22 +00:00
|
|
|
}
|
2010-02-19 15:15:21 +00:00
|
|
|
|
2010-04-07 15:23:24 +00:00
|
|
|
/* Tell static analyzers about getaddrinfo semantics. */
|
2012-10-17 09:23:12 +00:00
|
|
|
sa_assert(info);
|
2010-04-07 15:23:24 +00:00
|
|
|
|
2010-05-20 17:16:30 +00:00
|
|
|
if (info->ai_canonname == NULL ||
|
|
|
|
|
STRPREFIX(info->ai_canonname, "localhost"))
|
|
|
|
|
/* in this case, we tried to canonicalize and we ended up back with
|
|
|
|
|
* localhost. Ignore the canonicalized name and just return the
|
|
|
|
|
* original hostname
|
|
|
|
|
*/
|
|
|
|
|
result = strdup(hostname);
|
|
|
|
|
else
|
|
|
|
|
/* Caller frees this string. */
|
2012-10-17 09:23:12 +00:00
|
|
|
result = strdup(info->ai_canonname);
|
2010-02-19 15:15:21 +00:00
|
|
|
|
2010-05-20 17:16:30 +00:00
|
|
|
freeaddrinfo(info);
|
2009-01-07 10:43:16 +00:00
|
|
|
|
2010-05-20 17:16:30 +00:00
|
|
|
check_and_return:
|
|
|
|
|
if (result == NULL)
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2009-01-07 10:43:16 +00:00
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-22 19:41:48 +00:00
|
|
|
#ifdef HAVE_GETPWUID_R
|
2009-07-10 10:40:04 +00:00
|
|
|
enum {
|
|
|
|
|
VIR_USER_ENT_DIRECTORY,
|
|
|
|
|
VIR_USER_ENT_NAME,
|
|
|
|
|
};
|
|
|
|
|
|
2010-02-04 20:02:58 +00:00
|
|
|
static char *virGetUserEnt(uid_t uid,
|
2009-07-10 10:40:04 +00:00
|
|
|
int field)
|
2009-01-22 19:41:48 +00:00
|
|
|
{
|
|
|
|
|
char *strbuf;
|
|
|
|
|
char *ret;
|
|
|
|
|
struct passwd pwbuf;
|
2009-01-30 15:43:05 +00:00
|
|
|
struct passwd *pw = NULL;
|
2010-01-28 12:37:05 +00:00
|
|
|
long val = sysconf(_SC_GETPW_R_SIZE_MAX);
|
|
|
|
|
size_t strbuflen = val;
|
2011-05-16 21:37:15 +00:00
|
|
|
int rc;
|
2010-01-28 12:37:05 +00:00
|
|
|
|
2011-05-16 21:37:15 +00:00
|
|
|
/* sysconf is a hint; if it fails, fall back to a reasonable size */
|
|
|
|
|
if (val < 0)
|
|
|
|
|
strbuflen = 1024;
|
2009-01-22 19:41:48 +00:00
|
|
|
|
|
|
|
|
if (VIR_ALLOC_N(strbuf, strbuflen) < 0) {
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2009-01-22 19:41:48 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-30 15:43:05 +00:00
|
|
|
/*
|
|
|
|
|
* From the manpage (terrifying but true):
|
|
|
|
|
*
|
|
|
|
|
* ERRORS
|
|
|
|
|
* 0 or ENOENT or ESRCH or EBADF or EPERM or ...
|
|
|
|
|
* The given name or uid was not found.
|
|
|
|
|
*/
|
2011-05-16 21:37:15 +00:00
|
|
|
while ((rc = getpwuid_r(uid, &pwbuf, strbuf, strbuflen, &pw)) == ERANGE) {
|
|
|
|
|
if (VIR_RESIZE_N(strbuf, strbuflen, strbuflen, strbuflen) < 0) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
VIR_FREE(strbuf);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (rc != 0 || pw == NULL) {
|
|
|
|
|
virReportSystemError(rc,
|
2010-04-29 03:36:03 +00:00
|
|
|
_("Failed to find user record for uid '%u'"),
|
|
|
|
|
(unsigned int) uid);
|
2009-01-22 19:41:48 +00:00
|
|
|
VIR_FREE(strbuf);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2009-07-10 10:40:04 +00:00
|
|
|
if (field == VIR_USER_ENT_DIRECTORY)
|
|
|
|
|
ret = strdup(pw->pw_dir);
|
|
|
|
|
else
|
|
|
|
|
ret = strdup(pw->pw_name);
|
2009-01-22 19:41:48 +00:00
|
|
|
|
|
|
|
|
VIR_FREE(strbuf);
|
|
|
|
|
if (!ret)
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2009-01-22 19:41:48 +00:00
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
2009-07-15 21:25:01 +00:00
|
|
|
|
2011-12-16 00:55:19 +00:00
|
|
|
static char *virGetGroupEnt(gid_t gid)
|
|
|
|
|
{
|
|
|
|
|
char *strbuf;
|
|
|
|
|
char *ret;
|
|
|
|
|
struct group grbuf;
|
|
|
|
|
struct group *gr = NULL;
|
|
|
|
|
long val = sysconf(_SC_GETGR_R_SIZE_MAX);
|
|
|
|
|
size_t strbuflen = val;
|
|
|
|
|
int rc;
|
|
|
|
|
|
|
|
|
|
/* sysconf is a hint; if it fails, fall back to a reasonable size */
|
|
|
|
|
if (val < 0)
|
|
|
|
|
strbuflen = 1024;
|
|
|
|
|
|
|
|
|
|
if (VIR_ALLOC_N(strbuf, strbuflen) < 0) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* From the manpage (terrifying but true):
|
|
|
|
|
*
|
|
|
|
|
* ERRORS
|
|
|
|
|
* 0 or ENOENT or ESRCH or EBADF or EPERM or ...
|
|
|
|
|
* The given name or gid was not found.
|
|
|
|
|
*/
|
|
|
|
|
while ((rc = getgrgid_r(gid, &grbuf, strbuf, strbuflen, &gr)) == ERANGE) {
|
|
|
|
|
if (VIR_RESIZE_N(strbuf, strbuflen, strbuflen, strbuflen) < 0) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
VIR_FREE(strbuf);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (rc != 0 || gr == NULL) {
|
|
|
|
|
virReportSystemError(rc,
|
|
|
|
|
_("Failed to find group record for gid '%u'"),
|
|
|
|
|
(unsigned int) gid);
|
|
|
|
|
VIR_FREE(strbuf);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = strdup(gr->gr_name);
|
|
|
|
|
|
|
|
|
|
VIR_FREE(strbuf);
|
|
|
|
|
if (!ret)
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2012-05-24 12:29:42 +00:00
|
|
|
char *virGetUserDirectory(void)
|
2009-07-10 10:40:04 +00:00
|
|
|
{
|
2012-05-24 12:29:42 +00:00
|
|
|
return virGetUserEnt(geteuid(), VIR_USER_ENT_DIRECTORY);
|
2009-07-10 10:40:04 +00:00
|
|
|
}
|
|
|
|
|
|
2012-05-24 12:29:42 +00:00
|
|
|
static char *virGetXDGDirectory(const char *xdgenvname, const char *xdgdefdir)
|
2012-05-03 16:36:27 +00:00
|
|
|
{
|
2012-05-24 12:29:42 +00:00
|
|
|
const char *path = getenv(xdgenvname);
|
2012-05-03 16:36:27 +00:00
|
|
|
char *ret = NULL;
|
2012-05-24 12:29:42 +00:00
|
|
|
char *home = virGetUserEnt(geteuid(), VIR_USER_ENT_DIRECTORY);
|
2012-05-03 16:36:27 +00:00
|
|
|
|
|
|
|
|
if (path && path[0]) {
|
2012-05-15 15:49:26 +00:00
|
|
|
if (virAsprintf(&ret, "%s/libvirt", path) < 0)
|
2012-05-03 16:36:27 +00:00
|
|
|
goto no_memory;
|
|
|
|
|
} else {
|
2012-05-15 15:49:26 +00:00
|
|
|
if (virAsprintf(&ret, "%s/%s/libvirt", home, xdgdefdir) < 0)
|
2012-05-03 16:36:27 +00:00
|
|
|
goto no_memory;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
VIR_FREE(home);
|
|
|
|
|
return ret;
|
|
|
|
|
no_memory:
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2012-05-24 12:29:42 +00:00
|
|
|
char *virGetUserConfigDirectory(void)
|
2012-05-03 16:36:27 +00:00
|
|
|
{
|
2012-05-24 12:29:42 +00:00
|
|
|
return virGetXDGDirectory("XDG_CONFIG_HOME", ".config");
|
2012-05-03 16:36:27 +00:00
|
|
|
}
|
|
|
|
|
|
2012-05-24 12:29:42 +00:00
|
|
|
char *virGetUserCacheDirectory(void)
|
2012-05-03 16:36:27 +00:00
|
|
|
{
|
2012-05-24 12:29:42 +00:00
|
|
|
return virGetXDGDirectory("XDG_CACHE_HOME", ".cache");
|
2012-05-03 16:36:27 +00:00
|
|
|
}
|
|
|
|
|
|
2012-05-24 12:29:42 +00:00
|
|
|
char *virGetUserRuntimeDirectory(void)
|
2012-05-03 16:36:27 +00:00
|
|
|
{
|
2012-05-24 12:29:42 +00:00
|
|
|
const char *path = getenv("XDG_RUNTIME_DIR");
|
2012-05-03 16:36:27 +00:00
|
|
|
|
|
|
|
|
if (!path || !path[0]) {
|
2012-05-24 12:29:42 +00:00
|
|
|
return virGetUserCacheDirectory();
|
2012-05-03 16:36:27 +00:00
|
|
|
} else {
|
|
|
|
|
char *ret;
|
|
|
|
|
|
2012-05-15 15:49:26 +00:00
|
|
|
if (virAsprintf(&ret, "%s/libvirt", path) < 0) {
|
2012-05-03 16:36:27 +00:00
|
|
|
virReportOOMError();
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2010-02-04 22:41:52 +00:00
|
|
|
char *virGetUserName(uid_t uid)
|
2009-07-10 10:40:04 +00:00
|
|
|
{
|
2010-02-04 20:02:58 +00:00
|
|
|
return virGetUserEnt(uid, VIR_USER_ENT_NAME);
|
2009-07-10 10:40:04 +00:00
|
|
|
}
|
|
|
|
|
|
2011-12-16 00:55:19 +00:00
|
|
|
char *virGetGroupName(gid_t gid)
|
|
|
|
|
{
|
|
|
|
|
return virGetGroupEnt(gid);
|
|
|
|
|
}
|
|
|
|
|
|
2012-10-08 20:37:01 +00:00
|
|
|
/* Search in the password database for a user id that matches the user name
|
|
|
|
|
* `name`. Returns 0 on success, -1 on failure or 1 if name cannot be found.
|
|
|
|
|
*/
|
|
|
|
|
static int
|
|
|
|
|
virGetUserIDByName(const char *name, uid_t *uid)
|
2009-07-15 21:25:01 +00:00
|
|
|
{
|
2012-10-08 20:37:01 +00:00
|
|
|
char *strbuf = NULL;
|
2009-07-15 21:25:01 +00:00
|
|
|
struct passwd pwbuf;
|
|
|
|
|
struct passwd *pw = NULL;
|
2010-02-01 20:45:06 +00:00
|
|
|
long val = sysconf(_SC_GETPW_R_SIZE_MAX);
|
|
|
|
|
size_t strbuflen = val;
|
2011-05-16 21:37:15 +00:00
|
|
|
int rc;
|
2012-10-08 20:37:01 +00:00
|
|
|
int ret = -1;
|
2010-02-01 20:45:06 +00:00
|
|
|
|
2011-05-16 21:37:15 +00:00
|
|
|
/* sysconf is a hint; if it fails, fall back to a reasonable size */
|
|
|
|
|
if (val < 0)
|
|
|
|
|
strbuflen = 1024;
|
2009-07-15 21:25:01 +00:00
|
|
|
|
|
|
|
|
if (VIR_ALLOC_N(strbuf, strbuflen) < 0) {
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2012-10-08 20:37:01 +00:00
|
|
|
goto cleanup;
|
2009-07-15 21:25:01 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 21:37:15 +00:00
|
|
|
while ((rc = getpwnam_r(name, &pwbuf, strbuf, strbuflen, &pw)) == ERANGE) {
|
|
|
|
|
if (VIR_RESIZE_N(strbuf, strbuflen, strbuflen, strbuflen) < 0) {
|
|
|
|
|
virReportOOMError();
|
2012-10-08 20:37:01 +00:00
|
|
|
goto cleanup;
|
2011-05-16 21:37:15 +00:00
|
|
|
}
|
|
|
|
|
}
|
2012-10-08 20:37:01 +00:00
|
|
|
|
|
|
|
|
if (!pw) {
|
2012-12-11 20:26:52 +00:00
|
|
|
if (rc != 0) {
|
|
|
|
|
char buf[1024];
|
|
|
|
|
/* log the possible error from getpwnam_r. Unfortunately error
|
|
|
|
|
* reporting from this function is bad and we can't really
|
|
|
|
|
* rely on it, so we just report that the user wasn't found */
|
2012-12-12 13:19:03 +00:00
|
|
|
VIR_WARN("User record for user '%s' was not found: %s",
|
2012-12-11 20:26:52 +00:00
|
|
|
name, virStrerror(rc, buf, sizeof(buf)));
|
|
|
|
|
}
|
|
|
|
|
|
2012-10-08 20:37:01 +00:00
|
|
|
ret = 1;
|
|
|
|
|
goto cleanup;
|
2009-07-15 21:25:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*uid = pw->pw_uid;
|
2012-10-08 20:37:01 +00:00
|
|
|
ret = 0;
|
2009-07-15 21:25:01 +00:00
|
|
|
|
2012-10-08 20:37:01 +00:00
|
|
|
cleanup:
|
2009-07-15 21:25:01 +00:00
|
|
|
VIR_FREE(strbuf);
|
|
|
|
|
|
2012-10-08 20:37:01 +00:00
|
|
|
return ret;
|
2009-07-15 21:25:01 +00:00
|
|
|
}
|
|
|
|
|
|
2012-10-08 20:37:01 +00:00
|
|
|
/* Try to match a user id based on `user`. The default behavior is to parse
|
|
|
|
|
* `user` first as a user name and then as a user id. However if `user`
|
|
|
|
|
* contains a leading '+', the rest of the string is always parsed as a uid.
|
|
|
|
|
*
|
|
|
|
|
* Returns 0 on success and -1 otherwise.
|
|
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
virGetUserID(const char *user, uid_t *uid)
|
|
|
|
|
{
|
|
|
|
|
unsigned int uint_uid;
|
|
|
|
|
|
|
|
|
|
if (*user == '+') {
|
|
|
|
|
user++;
|
|
|
|
|
} else {
|
|
|
|
|
int rc = virGetUserIDByName(user, uid);
|
|
|
|
|
if (rc <= 0)
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virStrToLong_ui(user, NULL, 10, &uint_uid) < 0 ||
|
|
|
|
|
((uid_t) uint_uid) != uint_uid) {
|
|
|
|
|
virReportError(VIR_ERR_INVALID_ARG, _("Failed to parse user '%s'"),
|
|
|
|
|
user);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*uid = uint_uid;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2009-07-15 21:25:01 +00:00
|
|
|
|
2012-10-08 20:37:01 +00:00
|
|
|
/* Search in the group database for a group id that matches the group name
|
|
|
|
|
* `name`. Returns 0 on success, -1 on failure or 1 if name cannot be found.
|
|
|
|
|
*/
|
|
|
|
|
static int
|
|
|
|
|
virGetGroupIDByName(const char *name, gid_t *gid)
|
2009-07-15 21:25:01 +00:00
|
|
|
{
|
2012-10-08 20:37:01 +00:00
|
|
|
char *strbuf = NULL;
|
2009-07-15 21:25:01 +00:00
|
|
|
struct group grbuf;
|
|
|
|
|
struct group *gr = NULL;
|
2010-02-01 20:45:06 +00:00
|
|
|
long val = sysconf(_SC_GETGR_R_SIZE_MAX);
|
|
|
|
|
size_t strbuflen = val;
|
2011-05-16 21:37:15 +00:00
|
|
|
int rc;
|
2012-10-08 20:37:01 +00:00
|
|
|
int ret = -1;
|
2010-02-01 20:45:06 +00:00
|
|
|
|
2011-05-16 21:37:15 +00:00
|
|
|
/* sysconf is a hint; if it fails, fall back to a reasonable size */
|
|
|
|
|
if (val < 0)
|
|
|
|
|
strbuflen = 1024;
|
2009-07-15 21:25:01 +00:00
|
|
|
|
|
|
|
|
if (VIR_ALLOC_N(strbuf, strbuflen) < 0) {
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2012-10-08 20:37:01 +00:00
|
|
|
goto cleanup;
|
2009-07-15 21:25:01 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 21:37:15 +00:00
|
|
|
while ((rc = getgrnam_r(name, &grbuf, strbuf, strbuflen, &gr)) == ERANGE) {
|
|
|
|
|
if (VIR_RESIZE_N(strbuf, strbuflen, strbuflen, strbuflen) < 0) {
|
|
|
|
|
virReportOOMError();
|
2012-10-08 20:37:01 +00:00
|
|
|
goto cleanup;
|
2011-05-16 21:37:15 +00:00
|
|
|
}
|
|
|
|
|
}
|
2012-10-08 20:37:01 +00:00
|
|
|
|
|
|
|
|
if (!gr) {
|
2012-12-11 20:26:52 +00:00
|
|
|
if (rc != 0) {
|
|
|
|
|
char buf[1024];
|
|
|
|
|
/* log the possible error from getgrnam_r. Unfortunately error
|
|
|
|
|
* reporting from this function is bad and we can't really
|
|
|
|
|
* rely on it, so we just report that the user wasn't found */
|
2012-12-12 13:19:03 +00:00
|
|
|
VIR_WARN("Group record for user '%s' was not found: %s",
|
2012-12-11 20:26:52 +00:00
|
|
|
name, virStrerror(rc, buf, sizeof(buf)));
|
|
|
|
|
}
|
|
|
|
|
|
2012-10-08 20:37:01 +00:00
|
|
|
ret = 1;
|
|
|
|
|
goto cleanup;
|
2009-07-15 21:25:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*gid = gr->gr_gid;
|
2012-10-08 20:37:01 +00:00
|
|
|
ret = 0;
|
2009-07-15 21:25:01 +00:00
|
|
|
|
2012-10-08 20:37:01 +00:00
|
|
|
cleanup:
|
2009-07-15 21:25:01 +00:00
|
|
|
VIR_FREE(strbuf);
|
|
|
|
|
|
2012-10-08 20:37:01 +00:00
|
|
|
return ret;
|
2009-07-15 21:25:01 +00:00
|
|
|
}
|
2010-03-17 00:06:31 +00:00
|
|
|
|
2012-10-08 20:37:01 +00:00
|
|
|
/* Try to match a group id based on `group`. The default behavior is to parse
|
|
|
|
|
* `group` first as a group name and then as a group id. However if `group`
|
|
|
|
|
* contains a leading '+', the rest of the string is always parsed as a guid.
|
|
|
|
|
*
|
|
|
|
|
* Returns 0 on success and -1 otherwise.
|
|
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
virGetGroupID(const char *group, gid_t *gid)
|
|
|
|
|
{
|
|
|
|
|
unsigned int uint_gid;
|
|
|
|
|
|
|
|
|
|
if (*group == '+') {
|
|
|
|
|
group++;
|
|
|
|
|
} else {
|
|
|
|
|
int rc = virGetGroupIDByName(group, gid);
|
|
|
|
|
if (rc <= 0)
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virStrToLong_ui(group, NULL, 10, &uint_gid) < 0 ||
|
|
|
|
|
((gid_t) uint_gid) != uint_gid) {
|
|
|
|
|
virReportError(VIR_ERR_INVALID_ARG, _("Failed to parse group '%s'"),
|
|
|
|
|
group);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*gid = uint_gid;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2010-12-23 06:44:02 +00:00
|
|
|
|
|
|
|
|
/* Set the real and effective uid and gid to the given values, and call
|
|
|
|
|
* initgroups so that the process has all the assumed group membership of
|
2011-05-22 14:16:44 +00:00
|
|
|
* that uid. return 0 on success, -1 on failure (the original system error
|
|
|
|
|
* remains in errno).
|
2010-12-23 06:44:02 +00:00
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
virSetUIDGID(uid_t uid, gid_t gid)
|
|
|
|
|
{
|
2011-05-22 14:16:44 +00:00
|
|
|
int err;
|
2012-08-28 14:51:05 +00:00
|
|
|
char *buf = NULL;
|
2011-05-22 14:16:44 +00:00
|
|
|
|
2013-01-31 18:18:45 +00:00
|
|
|
if (gid != (gid_t)-1) {
|
2010-12-23 06:44:02 +00:00
|
|
|
if (setregid(gid, gid) < 0) {
|
2011-05-22 14:16:44 +00:00
|
|
|
virReportSystemError(err = errno,
|
2013-02-22 16:36:30 +00:00
|
|
|
_("cannot change to '%u' group"),
|
2011-01-03 22:26:33 +00:00
|
|
|
(unsigned int) gid);
|
2011-05-22 14:16:44 +00:00
|
|
|
goto error;
|
2010-12-23 06:44:02 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-01-31 18:18:45 +00:00
|
|
|
if (uid != (uid_t)-1) {
|
2010-12-23 06:44:02 +00:00
|
|
|
# ifdef HAVE_INITGROUPS
|
|
|
|
|
struct passwd pwd, *pwd_result;
|
|
|
|
|
size_t bufsize;
|
2011-05-16 21:37:15 +00:00
|
|
|
int rc;
|
2010-12-23 06:44:02 +00:00
|
|
|
|
|
|
|
|
bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
|
|
|
|
|
if (bufsize == -1)
|
|
|
|
|
bufsize = 16384;
|
|
|
|
|
|
|
|
|
|
if (VIR_ALLOC_N(buf, bufsize) < 0) {
|
|
|
|
|
virReportOOMError();
|
2011-05-22 14:16:44 +00:00
|
|
|
err = ENOMEM;
|
|
|
|
|
goto error;
|
2010-12-23 06:44:02 +00:00
|
|
|
}
|
2011-05-16 21:37:15 +00:00
|
|
|
while ((rc = getpwuid_r(uid, &pwd, buf, bufsize,
|
|
|
|
|
&pwd_result)) == ERANGE) {
|
|
|
|
|
if (VIR_RESIZE_N(buf, bufsize, bufsize, bufsize) < 0) {
|
|
|
|
|
virReportOOMError();
|
2011-05-22 14:16:44 +00:00
|
|
|
err = ENOMEM;
|
|
|
|
|
goto error;
|
2011-05-16 21:37:15 +00:00
|
|
|
}
|
|
|
|
|
}
|
2012-08-28 14:51:05 +00:00
|
|
|
|
|
|
|
|
if (rc) {
|
2013-02-22 16:36:30 +00:00
|
|
|
virReportSystemError(err = rc, _("cannot getpwuid_r(%u)"),
|
2011-01-03 22:26:33 +00:00
|
|
|
(unsigned int) uid);
|
2011-05-22 14:16:44 +00:00
|
|
|
goto error;
|
2010-12-23 06:44:02 +00:00
|
|
|
}
|
2012-08-28 14:51:05 +00:00
|
|
|
|
|
|
|
|
if (!pwd_result) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("getpwuid_r failed to retrieve data "
|
2013-02-22 16:36:30 +00:00
|
|
|
"for uid '%u'"),
|
2012-08-28 14:51:05 +00:00
|
|
|
(unsigned int) uid);
|
|
|
|
|
err = EINVAL;
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
|
2010-12-23 06:44:02 +00:00
|
|
|
if (initgroups(pwd.pw_name, pwd.pw_gid) < 0) {
|
2011-05-22 14:16:44 +00:00
|
|
|
virReportSystemError(err = errno,
|
2010-12-23 06:44:02 +00:00
|
|
|
_("cannot initgroups(\"%s\", %d)"),
|
2011-01-03 22:26:33 +00:00
|
|
|
pwd.pw_name, (unsigned int) pwd.pw_gid);
|
2011-05-22 14:16:44 +00:00
|
|
|
goto error;
|
2010-12-23 06:44:02 +00:00
|
|
|
}
|
|
|
|
|
# endif
|
|
|
|
|
if (setreuid(uid, uid) < 0) {
|
2011-05-22 14:16:44 +00:00
|
|
|
virReportSystemError(err = errno,
|
2013-02-22 16:36:30 +00:00
|
|
|
_("cannot change to uid to '%u'"),
|
2011-01-03 22:26:33 +00:00
|
|
|
(unsigned int) uid);
|
2011-05-22 14:16:44 +00:00
|
|
|
goto error;
|
2010-12-23 06:44:02 +00:00
|
|
|
}
|
|
|
|
|
}
|
2012-08-28 14:51:05 +00:00
|
|
|
|
|
|
|
|
VIR_FREE(buf);
|
2010-12-23 06:44:02 +00:00
|
|
|
return 0;
|
2011-05-22 14:16:44 +00:00
|
|
|
|
|
|
|
|
error:
|
2012-08-28 14:51:05 +00:00
|
|
|
VIR_FREE(buf);
|
2011-05-22 14:16:44 +00:00
|
|
|
errno = err;
|
|
|
|
|
return -1;
|
2010-12-23 06:44:02 +00:00
|
|
|
}
|
|
|
|
|
|
2012-05-24 13:37:54 +00:00
|
|
|
#else /* ! HAVE_GETPWUID_R */
|
|
|
|
|
|
|
|
|
|
# ifdef WIN32
|
|
|
|
|
/* These methods are adapted from GLib2 under terms of LGPLv2+ */
|
|
|
|
|
static int
|
|
|
|
|
virGetWin32SpecialFolder(int csidl, char **path)
|
|
|
|
|
{
|
|
|
|
|
char buf[MAX_PATH+1];
|
|
|
|
|
LPITEMIDLIST pidl = NULL;
|
|
|
|
|
int ret = 0;
|
|
|
|
|
|
|
|
|
|
*path = NULL;
|
|
|
|
|
|
|
|
|
|
if (SHGetSpecialFolderLocation(NULL, csidl, &pidl) == S_OK) {
|
|
|
|
|
if (SHGetPathFromIDList(pidl, buf)) {
|
|
|
|
|
if (!(*path = strdup(buf))) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
ret = -1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
CoTaskMemFree(pidl);
|
|
|
|
|
}
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
virGetWin32DirectoryRoot(char **path)
|
|
|
|
|
{
|
|
|
|
|
char windowsdir[MAX_PATH];
|
|
|
|
|
int ret = 0;
|
|
|
|
|
|
|
|
|
|
*path = NULL;
|
|
|
|
|
|
|
|
|
|
if (GetWindowsDirectory(windowsdir, ARRAY_CARDINALITY(windowsdir)))
|
|
|
|
|
{
|
|
|
|
|
const char *tmp;
|
|
|
|
|
/* Usually X:\Windows, but in terminal server environments
|
|
|
|
|
* might be an UNC path, AFAIK.
|
|
|
|
|
*/
|
|
|
|
|
tmp = virFileSkipRoot(windowsdir);
|
|
|
|
|
if (VIR_FILE_IS_DIR_SEPARATOR(tmp[-1]) &&
|
|
|
|
|
tmp[-2] != ':')
|
|
|
|
|
tmp--;
|
|
|
|
|
|
|
|
|
|
windowsdir[tmp - windowsdir] = '\0';
|
|
|
|
|
} else {
|
|
|
|
|
strcpy(windowsdir, "C:\\");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(*path = strdup(windowsdir))) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
ret = -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
char *
|
|
|
|
|
virGetUserDirectory(void)
|
|
|
|
|
{
|
|
|
|
|
const char *dir;
|
|
|
|
|
char *ret;
|
|
|
|
|
|
|
|
|
|
dir = getenv("HOME");
|
|
|
|
|
|
|
|
|
|
/* Only believe HOME if it is an absolute path and exists */
|
|
|
|
|
if (dir) {
|
|
|
|
|
if (!virFileIsAbsPath(dir) ||
|
|
|
|
|
!virFileExists(dir))
|
|
|
|
|
dir = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* In case HOME is Unix-style (it happens), convert it to
|
|
|
|
|
* Windows style.
|
|
|
|
|
*/
|
|
|
|
|
if (dir) {
|
|
|
|
|
char *p;
|
2012-10-17 09:23:12 +00:00
|
|
|
while ((p = strchr(dir, '/')) != NULL)
|
2012-05-24 13:37:54 +00:00
|
|
|
*p = '\\';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!dir)
|
|
|
|
|
/* USERPROFILE is probably the closest equivalent to $HOME? */
|
|
|
|
|
dir = getenv("USERPROFILE");
|
|
|
|
|
|
|
|
|
|
if (dir) {
|
|
|
|
|
if (!(ret = strdup(dir))) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!ret &&
|
|
|
|
|
virGetWin32SpecialFolder(CSIDL_PROFILE, &ret) < 0)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
if (!ret &&
|
|
|
|
|
virGetWin32DirectoryRoot(&ret) < 0)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
if (!ret) {
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
|
|
|
|
_("Unable to determine home directory"));
|
2012-05-24 13:37:54 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char *
|
|
|
|
|
virGetUserConfigDirectory(void)
|
|
|
|
|
{
|
|
|
|
|
char *ret;
|
|
|
|
|
if (virGetWin32SpecialFolder(CSIDL_LOCAL_APPDATA, &ret) < 0)
|
|
|
|
|
return NULL;
|
2010-03-17 00:06:31 +00:00
|
|
|
|
2012-05-24 13:37:54 +00:00
|
|
|
if (!ret) {
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
|
|
|
|
_("Unable to determine config directory"));
|
2012-05-24 13:37:54 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char *
|
|
|
|
|
virGetUserCacheDirectory(void)
|
|
|
|
|
{
|
|
|
|
|
char *ret;
|
|
|
|
|
if (virGetWin32SpecialFolder(CSIDL_INTERNET_CACHE, &ret) < 0)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
if (!ret) {
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
|
|
|
|
_("Unable to determine config directory"));
|
2012-05-24 13:37:54 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char *
|
|
|
|
|
virGetUserRuntimeDirectory(void)
|
|
|
|
|
{
|
|
|
|
|
return virGetUserCacheDirectory();
|
|
|
|
|
}
|
|
|
|
|
# else /* !HAVE_GETPWUID_R && !WIN32 */
|
2010-03-17 00:06:31 +00:00
|
|
|
char *
|
2012-05-24 12:29:42 +00:00
|
|
|
virGetUserDirectory(void)
|
2010-03-17 00:06:31 +00:00
|
|
|
{
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("virGetUserDirectory is not available"));
|
2010-03-17 00:06:31 +00:00
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2012-05-24 13:37:54 +00:00
|
|
|
char *
|
|
|
|
|
virGetUserConfigDirectory(void)
|
|
|
|
|
{
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("virGetUserConfigDirectory is not available"));
|
2012-05-24 13:37:54 +00:00
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char *
|
|
|
|
|
virGetUserCacheDirectory(void)
|
|
|
|
|
{
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("virGetUserCacheDirectory is not available"));
|
2012-05-24 13:37:54 +00:00
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char *
|
|
|
|
|
virGetUserRuntimeDirectory(void)
|
|
|
|
|
{
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("virGetUserRuntimeDirectory is not available"));
|
2012-05-24 13:37:54 +00:00
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
# endif /* ! HAVE_GETPWUID_R && ! WIN32 */
|
|
|
|
|
|
2010-03-17 00:06:31 +00:00
|
|
|
char *
|
|
|
|
|
virGetUserName(uid_t uid ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("virGetUserName is not available"));
|
2010-03-17 00:06:31 +00:00
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int virGetUserID(const char *name ATTRIBUTE_UNUSED,
|
|
|
|
|
uid_t *uid ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("virGetUserID is not available"));
|
2010-03-17 00:06:31 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
int virGetGroupID(const char *name ATTRIBUTE_UNUSED,
|
|
|
|
|
gid_t *gid ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("virGetGroupID is not available"));
|
2010-03-17 00:06:31 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2010-12-23 06:44:02 +00:00
|
|
|
|
|
|
|
|
int
|
|
|
|
|
virSetUIDGID(uid_t uid ATTRIBUTE_UNUSED,
|
|
|
|
|
gid_t gid ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("virSetUIDGID is not available"));
|
2010-12-23 06:44:02 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2012-01-25 18:54:43 +00:00
|
|
|
|
|
|
|
|
char *
|
|
|
|
|
virGetGroupName(gid_t gid ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
2012-07-18 10:26:24 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("virGetGroupName is not available"));
|
2012-01-25 18:54:43 +00:00
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2010-03-17 00:06:31 +00:00
|
|
|
#endif /* HAVE_GETPWUID_R */
|
Support configuration of huge pages in guests
Add option to domain XML for
<memoryBacking>
<hugepages/>
</memoryBacking>
* configure.in: Add check for mntent.h
* qemud/libvirtd_qemu.aug, qemud/test_libvirtd_qemu.aug, src/qemu.conf
Add 'hugetlbfs_mount' config parameter
* src/qemu_conf.c, src/qemu_conf.h: Check for -mem-path flag in QEMU,
and pass it when hugepages are requested.
Load hugetlbfs_mount config parameter, search for mount if not given.
* src/qemu_driver.c: Free hugetlbfs_mount/path parameter in driver shutdown.
Create directory for QEMU hugepage usage, chowning if required.
* docs/formatdomain.html.in: Document memoryBacking/hugepages elements
* docs/schemas/domain.rng: Add memoryBacking/hugepages elements to schema
* src/util.c, src/util.h, src/libvirt_private.syms: Add virFileFindMountPoint
helper API
* tests/qemuhelptest.c: Add -mem-path constants
* tests/qemuxml2argvtest.c, tests/qemuxml2xmltest.c: Add tests for hugepage
handling
* tests/qemuxml2argvdata/qemuxml2argv-hugepages.xml,
tests/qemuxml2argvdata/qemuxml2argv-hugepages.args: Data files for
hugepage tests
2009-08-25 14:05:18 +00:00
|
|
|
|
util: virSetUIDGIDWithCaps - change uid while keeping caps
Normally when a process' uid is changed to non-0, all the capabilities
bits are cleared, even those explicitly set with calls to
capng_update()/capng_apply() made immediately before setuid. And
*after* the process' uid has been changed, it no longer has the
necessary privileges to add capabilities back to the process.
In order to set a non-0 uid while still maintaining any capabilities
bits, it is necessary to either call capng_change_id() (which
unfortunately doesn't currently call initgroups to setup auxiliary
group membership), or to perform the small amount of calisthenics
contained in the new utility function virSetUIDGIDWithCaps().
Another very important difference between the capabilities
setting/clearing in virSetUIDGIDWithCaps() and virCommand's
virSetCapabilities() (which it will replace in the next patch) is that
the new function properly clears the capabilities bounding set, so it
will not be possible for a child process to set any new
capabilities.
A short description of what is done by virSetUIDGIDWithCaps():
1) clear all capabilities then set all those desired by the caller (in
capBits) plus CAP_SETGID, CAP_SETUID, and CAP_SETPCAP (which is needed
to change the capabilities bounding set).
2) call prctl(), telling it that we want to maintain current
capabilities across an upcoming setuid().
3) switch to the new uid/gid
4) again call prctl(), telling it we will no longer want capabilities
maintained if this process does another setuid().
5) clear the capabilities that we added to allow us to
setuid/setgid/change the bounding set (unless they were also requested
by the caller via the virCommand API).
Because the modification/maintaining of capabilities is intermingled
with setting the uid, this is necessarily done in a single function,
rather than having two independent functions.
Note that, due to the way that effective capabilities are computed (at
time of execve) for a process that has uid != 0, the *file*
capabilities of the binary being executed must also have the desired
capabilities bit(s) set (see "man 7 capabilities"). This can be done
with the "filecap" command. (e.g. "filecap /usr/bin/qemu-kvm sys_rawio").
2013-02-05 15:30:32 +00:00
|
|
|
#if WITH_CAPNG
|
|
|
|
|
/* Set the real and effective uid and gid to the given values, while
|
|
|
|
|
* maintaining the capabilities indicated by bits in @capBits. Return
|
|
|
|
|
* 0 on success, -1 on failure (the original system error remains in
|
|
|
|
|
* errno).
|
|
|
|
|
*/
|
|
|
|
|
int
|
2013-03-13 19:26:35 +00:00
|
|
|
virSetUIDGIDWithCaps(uid_t uid, gid_t gid, unsigned long long capBits,
|
|
|
|
|
bool clearExistingCaps)
|
util: virSetUIDGIDWithCaps - change uid while keeping caps
Normally when a process' uid is changed to non-0, all the capabilities
bits are cleared, even those explicitly set with calls to
capng_update()/capng_apply() made immediately before setuid. And
*after* the process' uid has been changed, it no longer has the
necessary privileges to add capabilities back to the process.
In order to set a non-0 uid while still maintaining any capabilities
bits, it is necessary to either call capng_change_id() (which
unfortunately doesn't currently call initgroups to setup auxiliary
group membership), or to perform the small amount of calisthenics
contained in the new utility function virSetUIDGIDWithCaps().
Another very important difference between the capabilities
setting/clearing in virSetUIDGIDWithCaps() and virCommand's
virSetCapabilities() (which it will replace in the next patch) is that
the new function properly clears the capabilities bounding set, so it
will not be possible for a child process to set any new
capabilities.
A short description of what is done by virSetUIDGIDWithCaps():
1) clear all capabilities then set all those desired by the caller (in
capBits) plus CAP_SETGID, CAP_SETUID, and CAP_SETPCAP (which is needed
to change the capabilities bounding set).
2) call prctl(), telling it that we want to maintain current
capabilities across an upcoming setuid().
3) switch to the new uid/gid
4) again call prctl(), telling it we will no longer want capabilities
maintained if this process does another setuid().
5) clear the capabilities that we added to allow us to
setuid/setgid/change the bounding set (unless they were also requested
by the caller via the virCommand API).
Because the modification/maintaining of capabilities is intermingled
with setting the uid, this is necessarily done in a single function,
rather than having two independent functions.
Note that, due to the way that effective capabilities are computed (at
time of execve) for a process that has uid != 0, the *file*
capabilities of the binary being executed must also have the desired
capabilities bit(s) set (see "man 7 capabilities"). This can be done
with the "filecap" command. (e.g. "filecap /usr/bin/qemu-kvm sys_rawio").
2013-02-05 15:30:32 +00:00
|
|
|
{
|
|
|
|
|
int ii, capng_ret, ret = -1;
|
|
|
|
|
bool need_setgid = false, need_setuid = false;
|
2013-03-25 14:25:28 +00:00
|
|
|
bool need_setpcap = false;
|
util: virSetUIDGIDWithCaps - change uid while keeping caps
Normally when a process' uid is changed to non-0, all the capabilities
bits are cleared, even those explicitly set with calls to
capng_update()/capng_apply() made immediately before setuid. And
*after* the process' uid has been changed, it no longer has the
necessary privileges to add capabilities back to the process.
In order to set a non-0 uid while still maintaining any capabilities
bits, it is necessary to either call capng_change_id() (which
unfortunately doesn't currently call initgroups to setup auxiliary
group membership), or to perform the small amount of calisthenics
contained in the new utility function virSetUIDGIDWithCaps().
Another very important difference between the capabilities
setting/clearing in virSetUIDGIDWithCaps() and virCommand's
virSetCapabilities() (which it will replace in the next patch) is that
the new function properly clears the capabilities bounding set, so it
will not be possible for a child process to set any new
capabilities.
A short description of what is done by virSetUIDGIDWithCaps():
1) clear all capabilities then set all those desired by the caller (in
capBits) plus CAP_SETGID, CAP_SETUID, and CAP_SETPCAP (which is needed
to change the capabilities bounding set).
2) call prctl(), telling it that we want to maintain current
capabilities across an upcoming setuid().
3) switch to the new uid/gid
4) again call prctl(), telling it we will no longer want capabilities
maintained if this process does another setuid().
5) clear the capabilities that we added to allow us to
setuid/setgid/change the bounding set (unless they were also requested
by the caller via the virCommand API).
Because the modification/maintaining of capabilities is intermingled
with setting the uid, this is necessarily done in a single function,
rather than having two independent functions.
Note that, due to the way that effective capabilities are computed (at
time of execve) for a process that has uid != 0, the *file*
capabilities of the binary being executed must also have the desired
capabilities bit(s) set (see "man 7 capabilities"). This can be done
with the "filecap" command. (e.g. "filecap /usr/bin/qemu-kvm sys_rawio").
2013-02-05 15:30:32 +00:00
|
|
|
|
2013-03-13 19:26:35 +00:00
|
|
|
/* First drop all caps (unless the requested uid is "unchanged" or
|
|
|
|
|
* root and clearExistingCaps wasn't requested), then add back
|
|
|
|
|
* those in capBits + the extra ones we need to change uid/gid and
|
|
|
|
|
* change the capabilities bounding set.
|
util: virSetUIDGIDWithCaps - change uid while keeping caps
Normally when a process' uid is changed to non-0, all the capabilities
bits are cleared, even those explicitly set with calls to
capng_update()/capng_apply() made immediately before setuid. And
*after* the process' uid has been changed, it no longer has the
necessary privileges to add capabilities back to the process.
In order to set a non-0 uid while still maintaining any capabilities
bits, it is necessary to either call capng_change_id() (which
unfortunately doesn't currently call initgroups to setup auxiliary
group membership), or to perform the small amount of calisthenics
contained in the new utility function virSetUIDGIDWithCaps().
Another very important difference between the capabilities
setting/clearing in virSetUIDGIDWithCaps() and virCommand's
virSetCapabilities() (which it will replace in the next patch) is that
the new function properly clears the capabilities bounding set, so it
will not be possible for a child process to set any new
capabilities.
A short description of what is done by virSetUIDGIDWithCaps():
1) clear all capabilities then set all those desired by the caller (in
capBits) plus CAP_SETGID, CAP_SETUID, and CAP_SETPCAP (which is needed
to change the capabilities bounding set).
2) call prctl(), telling it that we want to maintain current
capabilities across an upcoming setuid().
3) switch to the new uid/gid
4) again call prctl(), telling it we will no longer want capabilities
maintained if this process does another setuid().
5) clear the capabilities that we added to allow us to
setuid/setgid/change the bounding set (unless they were also requested
by the caller via the virCommand API).
Because the modification/maintaining of capabilities is intermingled
with setting the uid, this is necessarily done in a single function,
rather than having two independent functions.
Note that, due to the way that effective capabilities are computed (at
time of execve) for a process that has uid != 0, the *file*
capabilities of the binary being executed must also have the desired
capabilities bit(s) set (see "man 7 capabilities"). This can be done
with the "filecap" command. (e.g. "filecap /usr/bin/qemu-kvm sys_rawio").
2013-02-05 15:30:32 +00:00
|
|
|
*/
|
|
|
|
|
|
2013-03-14 22:28:29 +00:00
|
|
|
if (clearExistingCaps || (uid != (uid_t)-1 && uid != 0))
|
2013-03-13 19:26:35 +00:00
|
|
|
capng_clear(CAPNG_SELECT_BOTH);
|
util: virSetUIDGIDWithCaps - change uid while keeping caps
Normally when a process' uid is changed to non-0, all the capabilities
bits are cleared, even those explicitly set with calls to
capng_update()/capng_apply() made immediately before setuid. And
*after* the process' uid has been changed, it no longer has the
necessary privileges to add capabilities back to the process.
In order to set a non-0 uid while still maintaining any capabilities
bits, it is necessary to either call capng_change_id() (which
unfortunately doesn't currently call initgroups to setup auxiliary
group membership), or to perform the small amount of calisthenics
contained in the new utility function virSetUIDGIDWithCaps().
Another very important difference between the capabilities
setting/clearing in virSetUIDGIDWithCaps() and virCommand's
virSetCapabilities() (which it will replace in the next patch) is that
the new function properly clears the capabilities bounding set, so it
will not be possible for a child process to set any new
capabilities.
A short description of what is done by virSetUIDGIDWithCaps():
1) clear all capabilities then set all those desired by the caller (in
capBits) plus CAP_SETGID, CAP_SETUID, and CAP_SETPCAP (which is needed
to change the capabilities bounding set).
2) call prctl(), telling it that we want to maintain current
capabilities across an upcoming setuid().
3) switch to the new uid/gid
4) again call prctl(), telling it we will no longer want capabilities
maintained if this process does another setuid().
5) clear the capabilities that we added to allow us to
setuid/setgid/change the bounding set (unless they were also requested
by the caller via the virCommand API).
Because the modification/maintaining of capabilities is intermingled
with setting the uid, this is necessarily done in a single function,
rather than having two independent functions.
Note that, due to the way that effective capabilities are computed (at
time of execve) for a process that has uid != 0, the *file*
capabilities of the binary being executed must also have the desired
capabilities bit(s) set (see "man 7 capabilities"). This can be done
with the "filecap" command. (e.g. "filecap /usr/bin/qemu-kvm sys_rawio").
2013-02-05 15:30:32 +00:00
|
|
|
|
|
|
|
|
for (ii = 0; ii <= CAP_LAST_CAP; ii++) {
|
|
|
|
|
if (capBits & (1ULL << ii)) {
|
|
|
|
|
capng_update(CAPNG_ADD,
|
|
|
|
|
CAPNG_EFFECTIVE|CAPNG_INHERITABLE|
|
|
|
|
|
CAPNG_PERMITTED|CAPNG_BOUNDING_SET,
|
|
|
|
|
ii);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (gid != (gid_t)-1 &&
|
|
|
|
|
!capng_have_capability(CAPNG_EFFECTIVE, CAP_SETGID)) {
|
|
|
|
|
need_setgid = true;
|
|
|
|
|
capng_update(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SETGID);
|
|
|
|
|
}
|
|
|
|
|
if (uid != (uid_t)-1 &&
|
|
|
|
|
!capng_have_capability(CAPNG_EFFECTIVE, CAP_SETUID)) {
|
|
|
|
|
need_setuid = true;
|
|
|
|
|
capng_update(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SETUID);
|
|
|
|
|
}
|
|
|
|
|
# ifdef PR_CAPBSET_DROP
|
|
|
|
|
/* If newer kernel, we need also need setpcap to change the bounding set */
|
|
|
|
|
if ((capBits || need_setgid || need_setuid) &&
|
|
|
|
|
!capng_have_capability(CAPNG_EFFECTIVE, CAP_SETPCAP)) {
|
|
|
|
|
need_setpcap = true;
|
|
|
|
|
}
|
|
|
|
|
if (need_setpcap)
|
|
|
|
|
capng_update(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SETPCAP);
|
|
|
|
|
# endif
|
|
|
|
|
|
|
|
|
|
/* Tell system we want to keep caps across uid change */
|
2013-03-25 14:25:28 +00:00
|
|
|
if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) {
|
util: virSetUIDGIDWithCaps - change uid while keeping caps
Normally when a process' uid is changed to non-0, all the capabilities
bits are cleared, even those explicitly set with calls to
capng_update()/capng_apply() made immediately before setuid. And
*after* the process' uid has been changed, it no longer has the
necessary privileges to add capabilities back to the process.
In order to set a non-0 uid while still maintaining any capabilities
bits, it is necessary to either call capng_change_id() (which
unfortunately doesn't currently call initgroups to setup auxiliary
group membership), or to perform the small amount of calisthenics
contained in the new utility function virSetUIDGIDWithCaps().
Another very important difference between the capabilities
setting/clearing in virSetUIDGIDWithCaps() and virCommand's
virSetCapabilities() (which it will replace in the next patch) is that
the new function properly clears the capabilities bounding set, so it
will not be possible for a child process to set any new
capabilities.
A short description of what is done by virSetUIDGIDWithCaps():
1) clear all capabilities then set all those desired by the caller (in
capBits) plus CAP_SETGID, CAP_SETUID, and CAP_SETPCAP (which is needed
to change the capabilities bounding set).
2) call prctl(), telling it that we want to maintain current
capabilities across an upcoming setuid().
3) switch to the new uid/gid
4) again call prctl(), telling it we will no longer want capabilities
maintained if this process does another setuid().
5) clear the capabilities that we added to allow us to
setuid/setgid/change the bounding set (unless they were also requested
by the caller via the virCommand API).
Because the modification/maintaining of capabilities is intermingled
with setting the uid, this is necessarily done in a single function,
rather than having two independent functions.
Note that, due to the way that effective capabilities are computed (at
time of execve) for a process that has uid != 0, the *file*
capabilities of the binary being executed must also have the desired
capabilities bit(s) set (see "man 7 capabilities"). This can be done
with the "filecap" command. (e.g. "filecap /usr/bin/qemu-kvm sys_rawio").
2013-02-05 15:30:32 +00:00
|
|
|
virReportSystemError(errno, "%s",
|
|
|
|
|
_("prctl failed to set KEEPCAPS"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Change to the temp capabilities */
|
2013-03-25 14:25:28 +00:00
|
|
|
if ((capng_ret = capng_apply(CAPNG_SELECT_CAPS)) < 0) {
|
2013-03-25 14:25:29 +00:00
|
|
|
/* Failed. If we are running unprivileged, and the arguments make sense
|
|
|
|
|
* for this scenario, assume we're starting some kind of setuid helper:
|
|
|
|
|
* do not set any of capBits in the permitted or effective sets, and let
|
|
|
|
|
* the program get them on its own.
|
|
|
|
|
*
|
|
|
|
|
* (Too bad we cannot restrict the bounding set to the capabilities we
|
|
|
|
|
* would like the helper to have!).
|
|
|
|
|
*/
|
|
|
|
|
if (getuid() > 0 && clearExistingCaps && !need_setuid && !need_setgid) {
|
|
|
|
|
capng_clear(CAPNG_SELECT_CAPS);
|
|
|
|
|
} else {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("cannot apply process capabilities %d"), capng_ret);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
util: virSetUIDGIDWithCaps - change uid while keeping caps
Normally when a process' uid is changed to non-0, all the capabilities
bits are cleared, even those explicitly set with calls to
capng_update()/capng_apply() made immediately before setuid. And
*after* the process' uid has been changed, it no longer has the
necessary privileges to add capabilities back to the process.
In order to set a non-0 uid while still maintaining any capabilities
bits, it is necessary to either call capng_change_id() (which
unfortunately doesn't currently call initgroups to setup auxiliary
group membership), or to perform the small amount of calisthenics
contained in the new utility function virSetUIDGIDWithCaps().
Another very important difference between the capabilities
setting/clearing in virSetUIDGIDWithCaps() and virCommand's
virSetCapabilities() (which it will replace in the next patch) is that
the new function properly clears the capabilities bounding set, so it
will not be possible for a child process to set any new
capabilities.
A short description of what is done by virSetUIDGIDWithCaps():
1) clear all capabilities then set all those desired by the caller (in
capBits) plus CAP_SETGID, CAP_SETUID, and CAP_SETPCAP (which is needed
to change the capabilities bounding set).
2) call prctl(), telling it that we want to maintain current
capabilities across an upcoming setuid().
3) switch to the new uid/gid
4) again call prctl(), telling it we will no longer want capabilities
maintained if this process does another setuid().
5) clear the capabilities that we added to allow us to
setuid/setgid/change the bounding set (unless they were also requested
by the caller via the virCommand API).
Because the modification/maintaining of capabilities is intermingled
with setting the uid, this is necessarily done in a single function,
rather than having two independent functions.
Note that, due to the way that effective capabilities are computed (at
time of execve) for a process that has uid != 0, the *file*
capabilities of the binary being executed must also have the desired
capabilities bit(s) set (see "man 7 capabilities"). This can be done
with the "filecap" command. (e.g. "filecap /usr/bin/qemu-kvm sys_rawio").
2013-02-05 15:30:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virSetUIDGID(uid, gid) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* Tell it we are done keeping capabilities */
|
2013-03-25 14:25:28 +00:00
|
|
|
if (prctl(PR_SET_KEEPCAPS, 0, 0, 0, 0)) {
|
util: virSetUIDGIDWithCaps - change uid while keeping caps
Normally when a process' uid is changed to non-0, all the capabilities
bits are cleared, even those explicitly set with calls to
capng_update()/capng_apply() made immediately before setuid. And
*after* the process' uid has been changed, it no longer has the
necessary privileges to add capabilities back to the process.
In order to set a non-0 uid while still maintaining any capabilities
bits, it is necessary to either call capng_change_id() (which
unfortunately doesn't currently call initgroups to setup auxiliary
group membership), or to perform the small amount of calisthenics
contained in the new utility function virSetUIDGIDWithCaps().
Another very important difference between the capabilities
setting/clearing in virSetUIDGIDWithCaps() and virCommand's
virSetCapabilities() (which it will replace in the next patch) is that
the new function properly clears the capabilities bounding set, so it
will not be possible for a child process to set any new
capabilities.
A short description of what is done by virSetUIDGIDWithCaps():
1) clear all capabilities then set all those desired by the caller (in
capBits) plus CAP_SETGID, CAP_SETUID, and CAP_SETPCAP (which is needed
to change the capabilities bounding set).
2) call prctl(), telling it that we want to maintain current
capabilities across an upcoming setuid().
3) switch to the new uid/gid
4) again call prctl(), telling it we will no longer want capabilities
maintained if this process does another setuid().
5) clear the capabilities that we added to allow us to
setuid/setgid/change the bounding set (unless they were also requested
by the caller via the virCommand API).
Because the modification/maintaining of capabilities is intermingled
with setting the uid, this is necessarily done in a single function,
rather than having two independent functions.
Note that, due to the way that effective capabilities are computed (at
time of execve) for a process that has uid != 0, the *file*
capabilities of the binary being executed must also have the desired
capabilities bit(s) set (see "man 7 capabilities"). This can be done
with the "filecap" command. (e.g. "filecap /usr/bin/qemu-kvm sys_rawio").
2013-02-05 15:30:32 +00:00
|
|
|
virReportSystemError(errno, "%s",
|
|
|
|
|
_("prctl failed to reset KEEPCAPS"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-03-25 14:25:28 +00:00
|
|
|
/* Set bounding set while we have CAP_SETPCAP. Unfortunately we cannot
|
|
|
|
|
* do this if we failed to get the capability above, so ignore the
|
|
|
|
|
* return value.
|
|
|
|
|
*/
|
|
|
|
|
capng_apply(CAPNG_SELECT_BOUNDS);
|
|
|
|
|
|
util: virSetUIDGIDWithCaps - change uid while keeping caps
Normally when a process' uid is changed to non-0, all the capabilities
bits are cleared, even those explicitly set with calls to
capng_update()/capng_apply() made immediately before setuid. And
*after* the process' uid has been changed, it no longer has the
necessary privileges to add capabilities back to the process.
In order to set a non-0 uid while still maintaining any capabilities
bits, it is necessary to either call capng_change_id() (which
unfortunately doesn't currently call initgroups to setup auxiliary
group membership), or to perform the small amount of calisthenics
contained in the new utility function virSetUIDGIDWithCaps().
Another very important difference between the capabilities
setting/clearing in virSetUIDGIDWithCaps() and virCommand's
virSetCapabilities() (which it will replace in the next patch) is that
the new function properly clears the capabilities bounding set, so it
will not be possible for a child process to set any new
capabilities.
A short description of what is done by virSetUIDGIDWithCaps():
1) clear all capabilities then set all those desired by the caller (in
capBits) plus CAP_SETGID, CAP_SETUID, and CAP_SETPCAP (which is needed
to change the capabilities bounding set).
2) call prctl(), telling it that we want to maintain current
capabilities across an upcoming setuid().
3) switch to the new uid/gid
4) again call prctl(), telling it we will no longer want capabilities
maintained if this process does another setuid().
5) clear the capabilities that we added to allow us to
setuid/setgid/change the bounding set (unless they were also requested
by the caller via the virCommand API).
Because the modification/maintaining of capabilities is intermingled
with setting the uid, this is necessarily done in a single function,
rather than having two independent functions.
Note that, due to the way that effective capabilities are computed (at
time of execve) for a process that has uid != 0, the *file*
capabilities of the binary being executed must also have the desired
capabilities bit(s) set (see "man 7 capabilities"). This can be done
with the "filecap" command. (e.g. "filecap /usr/bin/qemu-kvm sys_rawio").
2013-02-05 15:30:32 +00:00
|
|
|
/* Drop the caps that allow setuid/gid (unless they were requested) */
|
|
|
|
|
if (need_setgid)
|
|
|
|
|
capng_update(CAPNG_DROP, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SETGID);
|
|
|
|
|
if (need_setuid)
|
|
|
|
|
capng_update(CAPNG_DROP, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SETUID);
|
|
|
|
|
/* Throw away CAP_SETPCAP so no more changes */
|
|
|
|
|
if (need_setpcap)
|
|
|
|
|
capng_update(CAPNG_DROP, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SETPCAP);
|
|
|
|
|
|
2013-03-25 14:25:28 +00:00
|
|
|
if (((capng_ret = capng_apply(CAPNG_SELECT_CAPS)) < 0)) {
|
util: virSetUIDGIDWithCaps - change uid while keeping caps
Normally when a process' uid is changed to non-0, all the capabilities
bits are cleared, even those explicitly set with calls to
capng_update()/capng_apply() made immediately before setuid. And
*after* the process' uid has been changed, it no longer has the
necessary privileges to add capabilities back to the process.
In order to set a non-0 uid while still maintaining any capabilities
bits, it is necessary to either call capng_change_id() (which
unfortunately doesn't currently call initgroups to setup auxiliary
group membership), or to perform the small amount of calisthenics
contained in the new utility function virSetUIDGIDWithCaps().
Another very important difference between the capabilities
setting/clearing in virSetUIDGIDWithCaps() and virCommand's
virSetCapabilities() (which it will replace in the next patch) is that
the new function properly clears the capabilities bounding set, so it
will not be possible for a child process to set any new
capabilities.
A short description of what is done by virSetUIDGIDWithCaps():
1) clear all capabilities then set all those desired by the caller (in
capBits) plus CAP_SETGID, CAP_SETUID, and CAP_SETPCAP (which is needed
to change the capabilities bounding set).
2) call prctl(), telling it that we want to maintain current
capabilities across an upcoming setuid().
3) switch to the new uid/gid
4) again call prctl(), telling it we will no longer want capabilities
maintained if this process does another setuid().
5) clear the capabilities that we added to allow us to
setuid/setgid/change the bounding set (unless they were also requested
by the caller via the virCommand API).
Because the modification/maintaining of capabilities is intermingled
with setting the uid, this is necessarily done in a single function,
rather than having two independent functions.
Note that, due to the way that effective capabilities are computed (at
time of execve) for a process that has uid != 0, the *file*
capabilities of the binary being executed must also have the desired
capabilities bit(s) set (see "man 7 capabilities"). This can be done
with the "filecap" command. (e.g. "filecap /usr/bin/qemu-kvm sys_rawio").
2013-02-05 15:30:32 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("cannot apply process capabilities %d"), capng_ret);
|
|
|
|
|
ret = -1;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
cleanup:
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#else
|
|
|
|
|
/*
|
|
|
|
|
* On platforms without libcapng, the capabilities setting is treated
|
|
|
|
|
* as a NOP.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
int
|
|
|
|
|
virSetUIDGIDWithCaps(uid_t uid, gid_t gid,
|
2013-03-13 19:26:35 +00:00
|
|
|
unsigned long long capBits ATTRIBUTE_UNUSED,
|
|
|
|
|
bool clearExistingCaps ATTRIBUTE_UNUSED)
|
util: virSetUIDGIDWithCaps - change uid while keeping caps
Normally when a process' uid is changed to non-0, all the capabilities
bits are cleared, even those explicitly set with calls to
capng_update()/capng_apply() made immediately before setuid. And
*after* the process' uid has been changed, it no longer has the
necessary privileges to add capabilities back to the process.
In order to set a non-0 uid while still maintaining any capabilities
bits, it is necessary to either call capng_change_id() (which
unfortunately doesn't currently call initgroups to setup auxiliary
group membership), or to perform the small amount of calisthenics
contained in the new utility function virSetUIDGIDWithCaps().
Another very important difference between the capabilities
setting/clearing in virSetUIDGIDWithCaps() and virCommand's
virSetCapabilities() (which it will replace in the next patch) is that
the new function properly clears the capabilities bounding set, so it
will not be possible for a child process to set any new
capabilities.
A short description of what is done by virSetUIDGIDWithCaps():
1) clear all capabilities then set all those desired by the caller (in
capBits) plus CAP_SETGID, CAP_SETUID, and CAP_SETPCAP (which is needed
to change the capabilities bounding set).
2) call prctl(), telling it that we want to maintain current
capabilities across an upcoming setuid().
3) switch to the new uid/gid
4) again call prctl(), telling it we will no longer want capabilities
maintained if this process does another setuid().
5) clear the capabilities that we added to allow us to
setuid/setgid/change the bounding set (unless they were also requested
by the caller via the virCommand API).
Because the modification/maintaining of capabilities is intermingled
with setting the uid, this is necessarily done in a single function,
rather than having two independent functions.
Note that, due to the way that effective capabilities are computed (at
time of execve) for a process that has uid != 0, the *file*
capabilities of the binary being executed must also have the desired
capabilities bit(s) set (see "man 7 capabilities"). This can be done
with the "filecap" command. (e.g. "filecap /usr/bin/qemu-kvm sys_rawio").
2013-02-05 15:30:32 +00:00
|
|
|
{
|
|
|
|
|
return virSetUIDGID(uid, gid);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
Support configuration of huge pages in guests
Add option to domain XML for
<memoryBacking>
<hugepages/>
</memoryBacking>
* configure.in: Add check for mntent.h
* qemud/libvirtd_qemu.aug, qemud/test_libvirtd_qemu.aug, src/qemu.conf
Add 'hugetlbfs_mount' config parameter
* src/qemu_conf.c, src/qemu_conf.h: Check for -mem-path flag in QEMU,
and pass it when hugepages are requested.
Load hugetlbfs_mount config parameter, search for mount if not given.
* src/qemu_driver.c: Free hugetlbfs_mount/path parameter in driver shutdown.
Create directory for QEMU hugepage usage, chowning if required.
* docs/formatdomain.html.in: Document memoryBacking/hugepages elements
* docs/schemas/domain.rng: Add memoryBacking/hugepages elements to schema
* src/util.c, src/util.h, src/libvirt_private.syms: Add virFileFindMountPoint
helper API
* tests/qemuhelptest.c: Add -mem-path constants
* tests/qemuxml2argvtest.c, tests/qemuxml2xmltest.c: Add tests for hugepage
handling
* tests/qemuxml2argvdata/qemuxml2argv-hugepages.xml,
tests/qemuxml2argvdata/qemuxml2argv-hugepages.args: Data files for
hugepage tests
2009-08-25 14:05:18 +00:00
|
|
|
|
2010-11-08 16:32:02 +00:00
|
|
|
#if defined(UDEVADM) || defined(UDEVSETTLE)
|
2010-02-04 22:41:52 +00:00
|
|
|
void virFileWaitForDevices(void)
|
2009-09-10 13:21:10 +00:00
|
|
|
{
|
2010-11-08 16:32:02 +00:00
|
|
|
# ifdef UDEVADM
|
2009-09-10 13:21:10 +00:00
|
|
|
const char *const settleprog[] = { UDEVADM, "settle", NULL };
|
2010-11-08 16:32:02 +00:00
|
|
|
# else
|
2009-09-10 13:21:10 +00:00
|
|
|
const char *const settleprog[] = { UDEVSETTLE, NULL };
|
2010-11-08 16:32:02 +00:00
|
|
|
# endif
|
2009-09-10 13:21:10 +00:00
|
|
|
int exitstatus;
|
|
|
|
|
|
|
|
|
|
if (access(settleprog[0], X_OK) != 0)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* NOTE: we ignore errors here; this is just to make sure that any device
|
|
|
|
|
* nodes that are being created finish before we try to scan them.
|
|
|
|
|
* If this fails for any reason, we still have the backup of polling for
|
|
|
|
|
* 5 seconds for device nodes.
|
|
|
|
|
*/
|
2010-02-04 22:41:52 +00:00
|
|
|
if (virRun(settleprog, &exitstatus) < 0)
|
2009-10-16 10:09:13 +00:00
|
|
|
{}
|
2009-09-10 13:21:10 +00:00
|
|
|
}
|
2010-11-08 16:32:02 +00:00
|
|
|
#else
|
2010-02-04 22:41:52 +00:00
|
|
|
void virFileWaitForDevices(void) {}
|
2009-09-10 13:21:10 +00:00
|
|
|
#endif
|
2009-11-12 21:48:24 +00:00
|
|
|
|
2011-02-18 19:00:47 +00:00
|
|
|
#if HAVE_LIBDEVMAPPER_H
|
2011-02-17 07:29:07 +00:00
|
|
|
bool
|
2011-09-16 12:05:58 +00:00
|
|
|
virIsDevMapperDevice(const char *dev_name)
|
2011-02-17 07:29:07 +00:00
|
|
|
{
|
|
|
|
|
struct stat buf;
|
|
|
|
|
|
2011-09-16 12:05:58 +00:00
|
|
|
if (!stat(dev_name, &buf) &&
|
2011-02-17 07:29:07 +00:00
|
|
|
S_ISBLK(buf.st_mode) &&
|
|
|
|
|
dm_is_dm_major(major(buf.st_rdev)))
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2011-02-18 19:00:47 +00:00
|
|
|
#else
|
2011-09-16 12:05:58 +00:00
|
|
|
bool virIsDevMapperDevice(const char *dev_name ATTRIBUTE_UNUSED)
|
2011-02-18 19:00:47 +00:00
|
|
|
{
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
2012-09-11 08:57:02 +00:00
|
|
|
|
|
|
|
|
bool
|
|
|
|
|
virValidateWWN(const char *wwn) {
|
|
|
|
|
int i;
|
qemu: Allow the disk wwn to have "0x" prefix
The recent qemu requires "0x" prefix for the disk wwn, this patch
changes virValidateWWN to allow the prefix, and prepend "0x" if
it's not specified. E.g.
qemu-kvm: -device scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,\
drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,wwn=6000c60016ea71ad:
Property 'scsi-hd.wwn' doesn't take value '6000c60016ea71ad'
Though it's a qemu regression, but it's nice to allow the prefix,
and doesn't hurt for us to always output "0x".
2013-04-17 13:23:44 +00:00
|
|
|
const char *p = wwn;
|
2012-09-11 08:57:02 +00:00
|
|
|
|
qemu: Allow the disk wwn to have "0x" prefix
The recent qemu requires "0x" prefix for the disk wwn, this patch
changes virValidateWWN to allow the prefix, and prepend "0x" if
it's not specified. E.g.
qemu-kvm: -device scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,\
drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,wwn=6000c60016ea71ad:
Property 'scsi-hd.wwn' doesn't take value '6000c60016ea71ad'
Though it's a qemu regression, but it's nice to allow the prefix,
and doesn't hurt for us to always output "0x".
2013-04-17 13:23:44 +00:00
|
|
|
if (STRPREFIX(wwn, "0x")) {
|
|
|
|
|
p += 2;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for (i = 0; p[i]; i++) {
|
|
|
|
|
if (!c_isxdigit(p[i]))
|
2012-09-11 08:57:02 +00:00
|
|
|
break;
|
qemu: Allow the disk wwn to have "0x" prefix
The recent qemu requires "0x" prefix for the disk wwn, this patch
changes virValidateWWN to allow the prefix, and prepend "0x" if
it's not specified. E.g.
qemu-kvm: -device scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,\
drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,wwn=6000c60016ea71ad:
Property 'scsi-hd.wwn' doesn't take value '6000c60016ea71ad'
Though it's a qemu regression, but it's nice to allow the prefix,
and doesn't hurt for us to always output "0x".
2013-04-17 13:23:44 +00:00
|
|
|
}
|
2012-09-11 08:57:02 +00:00
|
|
|
|
qemu: Allow the disk wwn to have "0x" prefix
The recent qemu requires "0x" prefix for the disk wwn, this patch
changes virValidateWWN to allow the prefix, and prepend "0x" if
it's not specified. E.g.
qemu-kvm: -device scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,\
drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,wwn=6000c60016ea71ad:
Property 'scsi-hd.wwn' doesn't take value '6000c60016ea71ad'
Though it's a qemu regression, but it's nice to allow the prefix,
and doesn't hurt for us to always output "0x".
2013-04-17 13:23:44 +00:00
|
|
|
if (i != 16 || p[i]) {
|
2012-09-11 08:57:02 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
|
|
|
|
_("Malformed wwn: %s"));
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2012-12-06 10:23:02 +00:00
|
|
|
|
|
|
|
|
bool
|
|
|
|
|
virStrIsPrint(const char *str)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
for (i = 0; str[i]; i++)
|
|
|
|
|
if (!c_isprint(str[i]))
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2013-01-02 14:37:06 +00:00
|
|
|
|
|
|
|
|
#if defined(major) && defined(minor)
|
|
|
|
|
int
|
|
|
|
|
virGetDeviceID(const char *path, int *maj, int *min)
|
|
|
|
|
{
|
|
|
|
|
struct stat sb;
|
|
|
|
|
|
2013-01-09 23:34:15 +00:00
|
|
|
if (stat(path, &sb) < 0)
|
2013-01-02 14:37:06 +00:00
|
|
|
return -errno;
|
|
|
|
|
|
2013-01-09 23:34:15 +00:00
|
|
|
if (!S_ISBLK(sb.st_mode))
|
2013-01-02 14:37:06 +00:00
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
|
|
if (maj)
|
|
|
|
|
*maj = major(sb.st_rdev);
|
|
|
|
|
if (min)
|
|
|
|
|
*min = minor(sb.st_rdev);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
#else
|
|
|
|
|
int
|
2013-02-15 22:01:44 +00:00
|
|
|
virGetDeviceID(const char *path ATTRIBUTE_UNUSED,
|
|
|
|
|
int *maj ATTRIBUTE_UNUSED,
|
|
|
|
|
int *min ATTRIBUTE_UNUSED)
|
2013-01-02 14:37:06 +00:00
|
|
|
{
|
|
|
|
|
|
|
|
|
|
return -ENOSYS;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#define SYSFS_DEV_BLOCK_PATH "/sys/dev/block"
|
|
|
|
|
|
2013-01-02 14:37:10 +00:00
|
|
|
char *
|
2013-01-02 14:37:06 +00:00
|
|
|
virGetUnprivSGIOSysfsPath(const char *path,
|
|
|
|
|
const char *sysfs_dir)
|
|
|
|
|
{
|
|
|
|
|
int maj, min;
|
|
|
|
|
char *sysfs_path = NULL;
|
|
|
|
|
int rc;
|
|
|
|
|
|
|
|
|
|
if ((rc = virGetDeviceID(path, &maj, &min)) < 0) {
|
|
|
|
|
virReportSystemError(-rc,
|
|
|
|
|
_("Unable to get device ID '%s'"),
|
|
|
|
|
path);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virAsprintf(&sysfs_path, "%s/%d:%d/queue/unpriv_sgio",
|
|
|
|
|
sysfs_dir ? sysfs_dir : SYSFS_DEV_BLOCK_PATH,
|
|
|
|
|
maj, min) < 0) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return sysfs_path;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int
|
|
|
|
|
virSetDeviceUnprivSGIO(const char *path,
|
|
|
|
|
const char *sysfs_dir,
|
|
|
|
|
int unpriv_sgio)
|
|
|
|
|
{
|
|
|
|
|
char *sysfs_path = NULL;
|
|
|
|
|
char *val = NULL;
|
|
|
|
|
int ret = -1;
|
|
|
|
|
int rc;
|
|
|
|
|
|
|
|
|
|
if (!(sysfs_path = virGetUnprivSGIOSysfsPath(path, sysfs_dir)))
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
if (!virFileExists(sysfs_path)) {
|
|
|
|
|
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
|
|
|
|
|
_("unpriv_sgio is not supported by this kernel"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virAsprintf(&val, "%d", unpriv_sgio) < 0) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((rc = virFileWriteStr(sysfs_path, val, 0)) < 0) {
|
|
|
|
|
virReportSystemError(-rc, _("failed to set %s"), sysfs_path);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
cleanup:
|
|
|
|
|
VIR_FREE(sysfs_path);
|
|
|
|
|
VIR_FREE(val);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int
|
|
|
|
|
virGetDeviceUnprivSGIO(const char *path,
|
|
|
|
|
const char *sysfs_dir,
|
|
|
|
|
int *unpriv_sgio)
|
|
|
|
|
{
|
|
|
|
|
char *sysfs_path = NULL;
|
|
|
|
|
char *buf = NULL;
|
|
|
|
|
char *tmp = NULL;
|
|
|
|
|
int ret = -1;
|
|
|
|
|
|
|
|
|
|
if (!(sysfs_path = virGetUnprivSGIOSysfsPath(path, sysfs_dir)))
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
if (!virFileExists(sysfs_path)) {
|
|
|
|
|
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
|
|
|
|
|
_("unpriv_sgio is not supported by this kernel"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virFileReadAll(sysfs_path, 1024, &buf) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if ((tmp = strchr(buf, '\n')))
|
|
|
|
|
*tmp = '\0';
|
|
|
|
|
|
|
|
|
|
if (virStrToLong_i(buf, NULL, 10, unpriv_sgio) < 0) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("failed to parse value of %s"), sysfs_path);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
cleanup:
|
|
|
|
|
VIR_FREE(sysfs_path);
|
|
|
|
|
VIR_FREE(buf);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
2013-01-07 17:05:29 +00:00
|
|
|
|
|
|
|
|
#ifdef __linux__
|
|
|
|
|
# define SYSFS_FC_HOST_PATH "/sys/class/fc_host/"
|
2013-01-07 17:05:31 +00:00
|
|
|
# define SYSFS_SCSI_HOST_PATH "/sys/class/scsi_host/"
|
2013-01-07 17:05:29 +00:00
|
|
|
|
|
|
|
|
/* virReadFCHost:
|
|
|
|
|
* @sysfs_prefix: "fc_host" sysfs path, defaults to SYSFS_FC_HOST_PATH
|
|
|
|
|
* @host: Host number, E.g. 5 of "fc_host/host5"
|
|
|
|
|
* @entry: Name of the sysfs entry to read
|
|
|
|
|
* @result: Return the entry value as string
|
|
|
|
|
*
|
|
|
|
|
* Read the value of sysfs "fc_host" entry.
|
|
|
|
|
*
|
|
|
|
|
* Returns 0 on success, and @result is filled with the entry value.
|
|
|
|
|
* as string, Otherwise returns -1. Caller must free @result after
|
|
|
|
|
* use.
|
|
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
virReadFCHost(const char *sysfs_prefix,
|
|
|
|
|
int host,
|
|
|
|
|
const char *entry,
|
|
|
|
|
char **result)
|
|
|
|
|
{
|
|
|
|
|
char *sysfs_path = NULL;
|
|
|
|
|
char *p = NULL;
|
|
|
|
|
int ret = -1;
|
|
|
|
|
char *buf = NULL;
|
|
|
|
|
|
|
|
|
|
if (virAsprintf(&sysfs_path, "%s/host%d/%s",
|
|
|
|
|
sysfs_prefix ? sysfs_prefix : SYSFS_FC_HOST_PATH,
|
|
|
|
|
host, entry) < 0) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virFileReadAll(sysfs_path, 1024, &buf) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if ((p = strchr(buf, '\n')))
|
|
|
|
|
*p = '\0';
|
|
|
|
|
|
|
|
|
|
if ((p = strstr(buf, "0x")))
|
|
|
|
|
p += strlen("0x");
|
|
|
|
|
else
|
|
|
|
|
p = buf;
|
|
|
|
|
|
2013-05-06 12:45:11 +00:00
|
|
|
if (VIR_STRDUP(*result, p) < 0)
|
2013-01-07 17:05:29 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
cleanup:
|
|
|
|
|
VIR_FREE(sysfs_path);
|
|
|
|
|
VIR_FREE(buf);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
2013-01-07 17:05:31 +00:00
|
|
|
|
2013-05-06 12:45:14 +00:00
|
|
|
bool
|
2013-01-07 17:05:31 +00:00
|
|
|
virIsCapableFCHost(const char *sysfs_prefix,
|
|
|
|
|
int host)
|
|
|
|
|
{
|
|
|
|
|
char *sysfs_path = NULL;
|
2013-05-06 12:45:14 +00:00
|
|
|
bool ret = false;
|
2013-01-07 17:05:31 +00:00
|
|
|
|
2013-05-06 12:45:13 +00:00
|
|
|
if (virAsprintf(&sysfs_path, "%s/host%d",
|
2013-01-07 17:05:31 +00:00
|
|
|
sysfs_prefix ? sysfs_prefix : SYSFS_FC_HOST_PATH,
|
|
|
|
|
host) < 0) {
|
|
|
|
|
virReportOOMError();
|
2013-05-06 12:45:14 +00:00
|
|
|
return false;
|
2013-01-07 17:05:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (access(sysfs_path, F_OK) == 0)
|
2013-05-06 12:45:14 +00:00
|
|
|
ret = true;
|
2013-01-07 17:05:31 +00:00
|
|
|
|
|
|
|
|
VIR_FREE(sysfs_path);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-06 12:45:14 +00:00
|
|
|
bool
|
2013-01-07 17:05:31 +00:00
|
|
|
virIsCapableVport(const char *sysfs_prefix,
|
|
|
|
|
int host)
|
|
|
|
|
{
|
|
|
|
|
char *scsi_host_path = NULL;
|
|
|
|
|
char *fc_host_path = NULL;
|
2013-05-06 12:45:14 +00:00
|
|
|
int ret = false;
|
2013-01-07 17:05:31 +00:00
|
|
|
|
|
|
|
|
if (virAsprintf(&fc_host_path,
|
2013-05-06 12:45:13 +00:00
|
|
|
"%s/host%d/%s",
|
2013-01-07 17:05:31 +00:00
|
|
|
sysfs_prefix ? sysfs_prefix : SYSFS_FC_HOST_PATH,
|
|
|
|
|
host,
|
|
|
|
|
"vport_create") < 0) {
|
|
|
|
|
virReportOOMError();
|
2013-05-06 12:45:14 +00:00
|
|
|
return false;
|
2013-01-07 17:05:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virAsprintf(&scsi_host_path,
|
2013-05-06 12:45:13 +00:00
|
|
|
"%s/host%d/%s",
|
2013-01-07 17:05:31 +00:00
|
|
|
sysfs_prefix ? sysfs_prefix : SYSFS_SCSI_HOST_PATH,
|
|
|
|
|
host,
|
|
|
|
|
"vport_create") < 0) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((access(fc_host_path, F_OK) == 0) ||
|
|
|
|
|
(access(scsi_host_path, F_OK) == 0))
|
2013-05-06 12:45:14 +00:00
|
|
|
ret = true;
|
2013-01-07 17:05:31 +00:00
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
VIR_FREE(fc_host_path);
|
|
|
|
|
VIR_FREE(scsi_host_path);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
2013-01-07 17:05:34 +00:00
|
|
|
|
|
|
|
|
int
|
|
|
|
|
virManageVport(const int parent_host,
|
|
|
|
|
const char *wwpn,
|
|
|
|
|
const char *wwnn,
|
|
|
|
|
int operation)
|
|
|
|
|
{
|
|
|
|
|
int ret = -1;
|
|
|
|
|
char *operation_path = NULL, *vport_name = NULL;
|
|
|
|
|
const char *operation_file = NULL;
|
|
|
|
|
|
|
|
|
|
switch (operation) {
|
|
|
|
|
case VPORT_CREATE:
|
|
|
|
|
operation_file = "vport_create";
|
|
|
|
|
break;
|
|
|
|
|
case VPORT_DELETE:
|
|
|
|
|
operation_file = "vport_delete";
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
virReportError(VIR_ERR_OPERATION_INVALID,
|
|
|
|
|
_("Invalid vport operation (%d)"), operation);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virAsprintf(&operation_path,
|
2013-05-06 12:45:13 +00:00
|
|
|
"%s/host%d/%s",
|
2013-01-07 17:05:34 +00:00
|
|
|
SYSFS_FC_HOST_PATH,
|
|
|
|
|
parent_host,
|
|
|
|
|
operation_file) < 0) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!virFileExists(operation_path)) {
|
|
|
|
|
VIR_FREE(operation_path);
|
|
|
|
|
if (virAsprintf(&operation_path,
|
2013-05-06 12:45:13 +00:00
|
|
|
"%s/host%d/%s",
|
2013-01-07 17:05:34 +00:00
|
|
|
SYSFS_SCSI_HOST_PATH,
|
|
|
|
|
parent_host,
|
|
|
|
|
operation_file) < 0) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!virFileExists(operation_path)) {
|
|
|
|
|
virReportError(VIR_ERR_OPERATION_INVALID,
|
|
|
|
|
_("vport operation '%s' is not supported for host%d"),
|
|
|
|
|
operation_file, parent_host);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virAsprintf(&vport_name,
|
|
|
|
|
"%s:%s",
|
2013-02-04 13:32:03 +00:00
|
|
|
wwnn,
|
|
|
|
|
wwpn) < 0) {
|
2013-01-07 17:05:34 +00:00
|
|
|
virReportOOMError();
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virFileWriteStr(operation_path, vport_name, 0) == 0)
|
|
|
|
|
ret = 0;
|
|
|
|
|
else
|
|
|
|
|
virReportSystemError(errno,
|
|
|
|
|
_("Write of '%s' to '%s' during "
|
|
|
|
|
"vport create/delete failed"),
|
|
|
|
|
vport_name, operation_path);
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
VIR_FREE(vport_name);
|
|
|
|
|
VIR_FREE(operation_path);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
2013-03-25 16:43:40 +00:00
|
|
|
|
|
|
|
|
/* virGetHostNameByWWN:
|
|
|
|
|
*
|
2013-05-06 12:45:15 +00:00
|
|
|
* Iterate over the sysfs tree to get FC host name (e.g. host5)
|
2013-03-25 16:43:40 +00:00
|
|
|
* by wwnn,wwpn pair.
|
|
|
|
|
*/
|
|
|
|
|
char *
|
|
|
|
|
virGetFCHostNameByWWN(const char *sysfs_prefix,
|
|
|
|
|
const char *wwnn,
|
|
|
|
|
const char *wwpn)
|
|
|
|
|
{
|
|
|
|
|
const char *prefix = sysfs_prefix ? sysfs_prefix : SYSFS_FC_HOST_PATH;
|
|
|
|
|
struct dirent *entry = NULL;
|
|
|
|
|
DIR *dir = NULL;
|
|
|
|
|
char *wwnn_path = NULL;
|
|
|
|
|
char *wwpn_path = NULL;
|
|
|
|
|
char *wwnn_buf = NULL;
|
|
|
|
|
char *wwpn_buf = NULL;
|
|
|
|
|
char *p;
|
|
|
|
|
char *ret = NULL;
|
|
|
|
|
|
|
|
|
|
if (!(dir = opendir(prefix))) {
|
|
|
|
|
virReportSystemError(errno,
|
|
|
|
|
_("Failed to opendir path '%s'"),
|
|
|
|
|
prefix);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# define READ_WWN(wwn_path, buf) \
|
|
|
|
|
do { \
|
|
|
|
|
if (virFileReadAll(wwn_path, 1024, &buf) < 0) \
|
|
|
|
|
goto cleanup; \
|
|
|
|
|
if ((p = strchr(buf, '\n'))) \
|
|
|
|
|
*p = '\0'; \
|
|
|
|
|
if (STRPREFIX(buf, "0x")) \
|
|
|
|
|
p = buf + strlen("0x"); \
|
|
|
|
|
else \
|
|
|
|
|
p = buf; \
|
|
|
|
|
} while (0)
|
|
|
|
|
|
|
|
|
|
while ((entry = readdir(dir))) {
|
|
|
|
|
if (entry->d_name[0] == '.')
|
|
|
|
|
continue;
|
|
|
|
|
|
2013-05-06 12:45:13 +00:00
|
|
|
if (virAsprintf(&wwnn_path, "%s/%s/node_name", prefix,
|
2013-03-25 16:43:40 +00:00
|
|
|
entry->d_name) < 0) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!virFileExists(wwnn_path)) {
|
|
|
|
|
VIR_FREE(wwnn_path);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
READ_WWN(wwnn_path, wwnn_buf);
|
|
|
|
|
|
|
|
|
|
if (STRNEQ(wwnn, p)) {
|
|
|
|
|
VIR_FREE(wwnn_buf);
|
|
|
|
|
VIR_FREE(wwnn_path);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-06 12:45:13 +00:00
|
|
|
if (virAsprintf(&wwpn_path, "%s/%s/port_name", prefix,
|
2013-03-25 16:43:40 +00:00
|
|
|
entry->d_name) < 0) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!virFileExists(wwpn_path)) {
|
|
|
|
|
VIR_FREE(wwnn_buf);
|
|
|
|
|
VIR_FREE(wwnn_path);
|
|
|
|
|
VIR_FREE(wwpn_path);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
READ_WWN(wwpn_path, wwpn_buf);
|
|
|
|
|
|
|
|
|
|
if (STRNEQ(wwpn, p)) {
|
|
|
|
|
VIR_FREE(wwnn_path);
|
|
|
|
|
VIR_FREE(wwpn_path);
|
|
|
|
|
VIR_FREE(wwnn_buf);
|
|
|
|
|
VIR_FREE(wwpn_buf);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = strdup(entry->d_name);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
# undef READ_WWN
|
|
|
|
|
closedir(dir);
|
|
|
|
|
VIR_FREE(wwnn_path);
|
|
|
|
|
VIR_FREE(wwpn_path);
|
|
|
|
|
VIR_FREE(wwnn_buf);
|
|
|
|
|
VIR_FREE(wwpn_buf);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
2013-03-25 16:43:42 +00:00
|
|
|
|
|
|
|
|
# define PORT_STATE_ONLINE "Online"
|
|
|
|
|
|
|
|
|
|
/* virFindFCHostCapableVport:
|
|
|
|
|
*
|
|
|
|
|
* Iterate over the sysfs and find out the first online HBA which
|
|
|
|
|
* supports vport, and not saturated,.
|
|
|
|
|
*/
|
|
|
|
|
char *
|
|
|
|
|
virFindFCHostCapableVport(const char *sysfs_prefix)
|
|
|
|
|
{
|
|
|
|
|
const char *prefix = sysfs_prefix ? sysfs_prefix : SYSFS_FC_HOST_PATH;
|
|
|
|
|
DIR *dir = NULL;
|
|
|
|
|
struct dirent *entry = NULL;
|
|
|
|
|
char *max_vports = NULL;
|
|
|
|
|
char *vports = NULL;
|
|
|
|
|
char *state = NULL;
|
|
|
|
|
char *ret = NULL;
|
|
|
|
|
|
|
|
|
|
if (!(dir = opendir(prefix))) {
|
|
|
|
|
virReportSystemError(errno,
|
|
|
|
|
_("Failed to opendir path '%s'"),
|
|
|
|
|
prefix);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
while ((entry = readdir(dir))) {
|
|
|
|
|
unsigned int host;
|
|
|
|
|
char *p = NULL;
|
|
|
|
|
|
|
|
|
|
if (entry->d_name[0] == '.')
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
p = entry->d_name + strlen("host");
|
|
|
|
|
if (virStrToLong_ui(p, NULL, 10, &host) == -1) {
|
|
|
|
|
VIR_DEBUG("Failed to parse host number from '%s'",
|
|
|
|
|
entry->d_name);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!virIsCapableVport(NULL, host))
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
if (virReadFCHost(NULL, host, "port_state", &state) < 0) {
|
|
|
|
|
VIR_DEBUG("Failed to read port_state for host%d", host);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Skip the not online FC host */
|
|
|
|
|
if (STRNEQ(state, PORT_STATE_ONLINE)) {
|
|
|
|
|
VIR_FREE(state);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
VIR_FREE(state);
|
|
|
|
|
|
|
|
|
|
if (virReadFCHost(NULL, host, "max_npiv_vports", &max_vports) < 0) {
|
|
|
|
|
VIR_DEBUG("Failed to read max_npiv_vports for host%d", host);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virReadFCHost(NULL, host, "npiv_vports_inuse", &vports) < 0) {
|
|
|
|
|
VIR_DEBUG("Failed to read npiv_vports_inuse for host%d", host);
|
|
|
|
|
VIR_FREE(max_vports);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Compare from the strings directly, instead of converting
|
|
|
|
|
* the strings to integers first
|
|
|
|
|
*/
|
|
|
|
|
if ((strlen(max_vports) >= strlen(vports)) ||
|
|
|
|
|
((strlen(max_vports) == strlen(vports)) &&
|
|
|
|
|
strcmp(max_vports, vports) > 0)) {
|
|
|
|
|
ret = strdup(entry->d_name);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
VIR_FREE(max_vports);
|
|
|
|
|
VIR_FREE(vports);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
closedir(dir);
|
|
|
|
|
VIR_FREE(max_vports);
|
|
|
|
|
VIR_FREE(vports);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
2013-01-07 17:05:29 +00:00
|
|
|
#else
|
|
|
|
|
int
|
|
|
|
|
virReadFCHost(const char *sysfs_prefix ATTRIBUTE_UNUSED,
|
|
|
|
|
int host ATTRIBUTE_UNUSED,
|
|
|
|
|
const char *entry ATTRIBUTE_UNUSED,
|
|
|
|
|
char **result ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
virReportSystemError(ENOSYS, "%s", _("Not supported on this platform"));
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2013-01-07 17:05:31 +00:00
|
|
|
|
2013-05-06 12:45:14 +00:00
|
|
|
bool
|
2013-03-28 12:17:05 +00:00
|
|
|
virIsCapableFCHost(const char *sysfs_prefix ATTRIBUTE_UNUSED,
|
|
|
|
|
int host ATTRIBUTE_UNUSED)
|
2013-01-07 17:05:31 +00:00
|
|
|
{
|
|
|
|
|
virReportSystemError(ENOSYS, "%s", _("Not supported on this platform"));
|
2013-05-06 12:45:14 +00:00
|
|
|
return false;
|
2013-01-07 17:05:31 +00:00
|
|
|
}
|
|
|
|
|
|
2013-05-06 12:45:14 +00:00
|
|
|
bool
|
2013-03-28 12:20:41 +00:00
|
|
|
virIsCapableVport(const char *sysfs_prefix ATTRIBUTE_UNUSED,
|
|
|
|
|
int host ATTRIBUTE_UNUSED)
|
2013-01-07 17:05:31 +00:00
|
|
|
{
|
|
|
|
|
virReportSystemError(ENOSYS, "%s", _("Not supported on this platform"));
|
2013-05-06 12:45:14 +00:00
|
|
|
return false;
|
2013-01-07 17:05:31 +00:00
|
|
|
}
|
2013-01-07 17:05:34 +00:00
|
|
|
|
|
|
|
|
int
|
|
|
|
|
virManageVport(const int parent_host ATTRIBUTE_UNUSED,
|
|
|
|
|
const char *wwpn ATTRIBUTE_UNUSED,
|
|
|
|
|
const char *wwnn ATTRIBUTE_UNUSED,
|
|
|
|
|
int operation ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
virReportSystemError(ENOSYS, "%s", _("Not supported on this platform"));
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2013-03-25 16:43:40 +00:00
|
|
|
char *
|
|
|
|
|
virGetFCHostNameByWWN(const char *sysfs_prefix ATTRIBUTE_UNUSED,
|
|
|
|
|
const char *wwnn ATTRIBUTE_UNUSED,
|
|
|
|
|
const char *wwpn ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
virReportSystemError(ENOSYS, "%s", _("Not supported on this platform"));
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2013-03-25 16:43:42 +00:00
|
|
|
char *
|
|
|
|
|
virFindFCHostCapableVport(const char *sysfs_prefix ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
virReportSystemError(ENOSYS, "%s", _("Not supported on this platform"));
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2013-01-07 17:05:29 +00:00
|
|
|
#endif /* __linux__ */
|
2013-04-17 15:50:56 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* virCompareLimitUlong:
|
|
|
|
|
*
|
|
|
|
|
* Compare two unsigned long long numbers. Value '0' of the arguments has a
|
|
|
|
|
* special meaning of 'unlimited' and thus greater than any other value.
|
|
|
|
|
*
|
|
|
|
|
* Returns 0 if the numbers are equal, -1 if b is greater, 1 if a is greater.
|
|
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
virCompareLimitUlong(unsigned long long a, unsigned long b)
|
|
|
|
|
{
|
|
|
|
|
if (a == b)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
if (a == 0 || a > b)
|
|
|
|
|
return 1;
|
|
|
|
|
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
