2005-11-02 13:19:10 +00:00
|
|
|
/*
|
|
|
|
* internal.h: internal definitions just used by code from the library
|
2013-05-14 23:42:12 +00:00
|
|
|
*
|
2013-12-20 14:02:49 +00:00
|
|
|
* Copyright (C) 2006-2014 Red Hat, Inc.
|
2013-05-14 23:42:12 +00:00
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
* License along with this library. If not, see
|
|
|
|
* <http://www.gnu.org/licenses/>.
|
2005-11-02 13:19:10 +00:00
|
|
|
*/
|
|
|
|
|
2005-12-05 11:16:07 +00:00
|
|
|
#ifndef __VIR_INTERNAL_H__
|
2010-03-09 18:22:22 +00:00
|
|
|
# define __VIR_INTERNAL_H__
|
2005-11-02 13:19:10 +00:00
|
|
|
|
2010-03-09 18:22:22 +00:00
|
|
|
# include <errno.h>
|
|
|
|
# include <limits.h>
|
|
|
|
# include <verify.h>
|
2011-02-23 11:37:03 +00:00
|
|
|
# include <stdbool.h>
|
2012-08-09 21:37:03 +00:00
|
|
|
# include <stdint.h>
|
2018-09-18 13:21:22 +00:00
|
|
|
# include <stdio.h>
|
2018-04-03 15:39:17 +00:00
|
|
|
# include <string.h>
|
Wed Dec 5 13:48:00 UTC 2007 Richard W.M. Jones <rjones@redhat.com>
* python/libvir.c, python/libvirt_wrap.h, qemud/qemud.c,
qemud/remote.c, src/internal.h, src/openvz_conf.c,
src/openvz_driver.c, src/proxy_internal.h, src/qemu_conf.c,
src/qemu_driver.c, src/remote_internal.h, src/test.h, src/util.c,
src/xen_unified.c, src/xen_unified.h, tests/nodeinfotest.c,
tests/qemuxml2argvtest.c, tests/qemuxml2xmltest.c, tests/reconnect.c,
tests/sexpr2xmltest.c, tests/virshtest.c, tests/xencapstest.c,
tests/xmconfigtest.c, tests/xml2sexprtest.c:
Change #include <> to #include "" for local includes.
Removed many includes from src/internal.h and put them in
the C files which actually use them.
Removed <ansidecl.h> - unused.
Added a comment around __func__.
Removed a clashing redefinition of VERSION symbol.
All limits (PATH_MAX etc) now done in src/internal.h, so we
don't need to include those headers in other files.
2007-12-05 13:56:22 +00:00
|
|
|
|
2010-04-07 14:13:17 +00:00
|
|
|
# if STATIC_ANALYSIS
|
|
|
|
# undef NDEBUG /* Don't let a prior NDEBUG definition cause trouble. */
|
|
|
|
# include <assert.h>
|
|
|
|
# define sa_assert(expr) assert (expr)
|
|
|
|
# else
|
|
|
|
# define sa_assert(expr) /* empty */
|
|
|
|
# endif
|
|
|
|
|
2008-05-23 08:32:08 +00:00
|
|
|
/* The library itself is allowed to use deprecated functions /
|
|
|
|
* variables, so effectively undefine the deprecated attribute
|
|
|
|
* which would otherwise be defined in libvirt.h.
|
|
|
|
*/
|
2012-01-20 18:43:28 +00:00
|
|
|
# undef VIR_DEPRECATED
|
2010-03-09 18:22:22 +00:00
|
|
|
# define VIR_DEPRECATED /*empty*/
|
2008-05-23 08:32:08 +00:00
|
|
|
|
2012-01-20 18:43:28 +00:00
|
|
|
/* The library itself needs to know enum sizes. */
|
|
|
|
# define VIR_ENUM_SENTINELS
|
|
|
|
|
2018-04-03 15:39:17 +00:00
|
|
|
# ifdef HAVE_LIBINTL_H
|
|
|
|
# define DEFAULT_TEXT_DOMAIN PACKAGE
|
|
|
|
# include <libintl.h>
|
|
|
|
# define _(str) dgettext(PACKAGE, str)
|
|
|
|
# else /* HAVE_LIBINTL_H */
|
|
|
|
# define _(str) str
|
|
|
|
# endif /* HAVE_LIBINTL_H */
|
2010-11-16 19:01:37 +00:00
|
|
|
# define N_(str) str
|
2007-12-07 14:52:24 +00:00
|
|
|
|
2010-03-09 18:22:22 +00:00
|
|
|
# include "libvirt/libvirt.h"
|
Introduce an LXC specific public API & library
This patch introduces support for LXC specific public APIs. In
common with what was done for QEMU, this creates a libvirt_lxc.so
library and libvirt/libvirt-lxc.h header file.
The actual APIs are
int virDomainLxcOpenNamespace(virDomainPtr domain,
int **fdlist,
unsigned int flags);
int virDomainLxcEnterNamespace(virDomainPtr domain,
unsigned int nfdlist,
int *fdlist,
unsigned int *noldfdlist,
int **oldfdlist,
unsigned int flags);
which provide a way to use the setns() system call to move the
calling process into the container's namespace. It is not
practical to write in a generically applicable manner. The
nearest that we could get to such an API would be an API which
allows to pass a command + argv to be executed inside a
container. Even if we had such a generic API, this LXC specific
API is still useful, because it allows the caller to maintain
the current process context, in particular any I/O streams they
have open.
NB the virDomainLxcEnterNamespace() API is special in that it
runs client side, so does not involve the internal driver API.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-12-21 13:15:19 +00:00
|
|
|
# include "libvirt/libvirt-lxc.h"
|
2011-02-02 15:37:10 +00:00
|
|
|
# include "libvirt/libvirt-qemu.h"
|
2015-04-15 14:16:24 +00:00
|
|
|
# include "libvirt/libvirt-admin.h"
|
2010-03-09 18:22:22 +00:00
|
|
|
# include "libvirt/virterror.h"
|
Wed Dec 5 13:48:00 UTC 2007 Richard W.M. Jones <rjones@redhat.com>
* python/libvir.c, python/libvirt_wrap.h, qemud/qemud.c,
qemud/remote.c, src/internal.h, src/openvz_conf.c,
src/openvz_driver.c, src/proxy_internal.h, src/qemu_conf.c,
src/qemu_driver.c, src/remote_internal.h, src/test.h, src/util.c,
src/xen_unified.c, src/xen_unified.h, tests/nodeinfotest.c,
tests/qemuxml2argvtest.c, tests/qemuxml2xmltest.c, tests/reconnect.c,
tests/sexpr2xmltest.c, tests/virshtest.c, tests/xencapstest.c,
tests/xmconfigtest.c, tests/xml2sexprtest.c:
Change #include <> to #include "" for local includes.
Removed many includes from src/internal.h and put them in
the C files which actually use them.
Removed <ansidecl.h> - unused.
Added a comment around __func__.
Removed a clashing redefinition of VERSION symbol.
All limits (PATH_MAX etc) now done in src/internal.h, so we
don't need to include those headers in other files.
2007-12-05 13:56:22 +00:00
|
|
|
|
2011-03-31 02:26:27 +00:00
|
|
|
# include "c-strcase.h"
|
2012-06-08 13:29:17 +00:00
|
|
|
# include "ignore-value.h"
|
2014-11-18 16:13:38 +00:00
|
|
|
# include "count-leading-zeros.h"
|
2011-03-31 02:26:27 +00:00
|
|
|
|
2007-06-22 11:42:22 +00:00
|
|
|
/* String equality tests, suggested by Jim Meyering. */
|
2014-08-22 12:59:28 +00:00
|
|
|
# define STREQ(a, b) (strcmp(a, b) == 0)
|
|
|
|
# define STRCASEEQ(a, b) (c_strcasecmp(a, b) == 0)
|
|
|
|
# define STRNEQ(a, b) (strcmp(a, b) != 0)
|
|
|
|
# define STRCASENEQ(a, b) (c_strcasecmp(a, b) != 0)
|
|
|
|
# define STREQLEN(a, b, n) (strncmp(a, b, n) == 0)
|
|
|
|
# define STRCASEEQLEN(a, b, n) (c_strncasecmp(a, b, n) == 0)
|
|
|
|
# define STRNEQLEN(a, b, n) (strncmp(a, b, n) != 0)
|
|
|
|
# define STRCASENEQLEN(a, b, n) (c_strncasecmp(a, b, n) != 0)
|
|
|
|
# define STRPREFIX(a, b) (strncmp(a, b, strlen(b)) == 0)
|
2018-03-28 11:40:20 +00:00
|
|
|
# define STRCASEPREFIX(a, b) (c_strncasecmp(a, b, strlen(b)) == 0)
|
2014-08-22 12:59:28 +00:00
|
|
|
# define STRSKIP(a, b) (STRPREFIX(a, b) ? (a) + strlen(b) : NULL)
|
2010-03-09 18:22:22 +00:00
|
|
|
|
2017-11-03 12:09:47 +00:00
|
|
|
# define STREQ_NULLABLE(a, b) \
|
2016-12-09 10:52:28 +00:00
|
|
|
((a) ? (b) && STREQ((a), (b)) : !(b))
|
2017-11-03 12:09:47 +00:00
|
|
|
# define STRNEQ_NULLABLE(a, b) \
|
2016-12-09 10:52:28 +00:00
|
|
|
((a) ? !(b) || STRNEQ((a), (b)) : !!(b))
|
2010-03-22 18:44:58 +00:00
|
|
|
|
2010-03-09 18:22:22 +00:00
|
|
|
# define NUL_TERMINATE(buf) do { (buf)[sizeof(buf)-1] = '\0'; } while (0)
|
2012-03-29 09:52:04 +00:00
|
|
|
# define ARRAY_CARDINALITY(Array) (sizeof(Array) / sizeof(*(Array)))
|
2008-04-25 20:46:13 +00:00
|
|
|
|
2005-11-07 17:16:18 +00:00
|
|
|
/**
|
|
|
|
* ATTRIBUTE_UNUSED:
|
|
|
|
*
|
2012-10-11 16:31:20 +00:00
|
|
|
* Macro to flag consciously unused parameters to functions
|
2005-11-07 17:16:18 +00:00
|
|
|
*/
|
2017-07-05 09:35:32 +00:00
|
|
|
# ifndef ATTRIBUTE_UNUSED
|
|
|
|
# define ATTRIBUTE_UNUSED __attribute__((__unused__))
|
|
|
|
# endif
|
2007-03-16 15:03:21 +00:00
|
|
|
|
2010-07-16 16:16:19 +00:00
|
|
|
/**
|
|
|
|
* ATTRIBUTE_NORETURN:
|
|
|
|
*
|
|
|
|
* Macro to indicate that a function won't return to the caller
|
|
|
|
*/
|
2017-07-05 09:35:32 +00:00
|
|
|
# ifndef ATTRIBUTE_NORETURN
|
|
|
|
# define ATTRIBUTE_NORETURN __attribute__((__noreturn__))
|
|
|
|
# endif
|
2010-07-16 16:16:19 +00:00
|
|
|
|
2009-11-06 09:39:13 +00:00
|
|
|
/**
|
|
|
|
* ATTRIBUTE_SENTINEL:
|
|
|
|
*
|
|
|
|
* Macro to check for NULL-terminated varargs lists
|
|
|
|
*/
|
2017-07-05 09:35:32 +00:00
|
|
|
# ifndef ATTRIBUTE_SENTINEL
|
|
|
|
# define ATTRIBUTE_SENTINEL __attribute__((__sentinel__))
|
|
|
|
# endif
|
2009-11-06 09:39:13 +00:00
|
|
|
|
2017-04-07 14:07:49 +00:00
|
|
|
/**
|
2017-07-12 10:07:17 +00:00
|
|
|
* ATTRIBUTE_NOINLINE:
|
2017-04-07 14:07:49 +00:00
|
|
|
*
|
2017-07-12 10:07:17 +00:00
|
|
|
* Force compiler not to inline a method. Should be used if
|
|
|
|
* the method need to be overridable by test mocks.
|
2017-04-07 14:07:49 +00:00
|
|
|
*/
|
2017-07-12 10:07:17 +00:00
|
|
|
# ifndef ATTRIBUTE_NOINLINE
|
|
|
|
# define ATTRIBUTE_NOINLINE __attribute__((__noinline__))
|
2017-07-05 09:35:32 +00:00
|
|
|
# endif
|
2017-04-07 14:07:49 +00:00
|
|
|
|
2007-03-16 15:03:21 +00:00
|
|
|
/**
|
Fix misc Win32 compile warnings
GCC >= 4.4 assumes the 'printf' attribute refers to the native
runtime libraries format specifiers. Thanks to gnulib, libvirt
has GNU format specifiers everywhere. This means we need to
use 'gnu_printf' with GCC >= 4.4 to get correct compiler
checking of printf format specifiers.
* HACKING: Document new rules for ATTRIBUTE_FMT_PRINTF
* autobuild.sh, mingw32-libvirt.spec.in: Disable OpenNebula
driver on mingw32 builds
* qemud/dispatch.h, qemud/qemu.h, src/buf.h src/internal.h,
src/logging.h, src/security.h, src/sexpr.h, src/util.h,
src/virterror_internal.h, src/xend_internal.c: Change
over to ATTRIBUTE_FMT_PRINTF.
* src/virsh.c: Disable 'cd' and 'pwd' commands on Win32
since they don't compile
* src/threads-win32.c: Add missing return value check
2009-07-23 15:07:32 +00:00
|
|
|
* ATTRIBUTE_FMT_PRINTF
|
2007-03-16 15:03:21 +00:00
|
|
|
*
|
Fix misc Win32 compile warnings
GCC >= 4.4 assumes the 'printf' attribute refers to the native
runtime libraries format specifiers. Thanks to gnulib, libvirt
has GNU format specifiers everywhere. This means we need to
use 'gnu_printf' with GCC >= 4.4 to get correct compiler
checking of printf format specifiers.
* HACKING: Document new rules for ATTRIBUTE_FMT_PRINTF
* autobuild.sh, mingw32-libvirt.spec.in: Disable OpenNebula
driver on mingw32 builds
* qemud/dispatch.h, qemud/qemu.h, src/buf.h src/internal.h,
src/logging.h, src/security.h, src/sexpr.h, src/util.h,
src/virterror_internal.h, src/xend_internal.c: Change
over to ATTRIBUTE_FMT_PRINTF.
* src/virsh.c: Disable 'cd' and 'pwd' commands on Win32
since they don't compile
* src/threads-win32.c: Add missing return value check
2009-07-23 15:07:32 +00:00
|
|
|
* Macro used to check printf like functions, if compiling
|
2007-03-16 15:03:21 +00:00
|
|
|
* with gcc.
|
Fix misc Win32 compile warnings
GCC >= 4.4 assumes the 'printf' attribute refers to the native
runtime libraries format specifiers. Thanks to gnulib, libvirt
has GNU format specifiers everywhere. This means we need to
use 'gnu_printf' with GCC >= 4.4 to get correct compiler
checking of printf format specifiers.
* HACKING: Document new rules for ATTRIBUTE_FMT_PRINTF
* autobuild.sh, mingw32-libvirt.spec.in: Disable OpenNebula
driver on mingw32 builds
* qemud/dispatch.h, qemud/qemu.h, src/buf.h src/internal.h,
src/logging.h, src/security.h, src/sexpr.h, src/util.h,
src/virterror_internal.h, src/xend_internal.c: Change
over to ATTRIBUTE_FMT_PRINTF.
* src/virsh.c: Disable 'cd' and 'pwd' commands on Win32
since they don't compile
* src/threads-win32.c: Add missing return value check
2009-07-23 15:07:32 +00:00
|
|
|
*
|
2011-07-20 22:53:31 +00:00
|
|
|
* We use gnulib which guarantees we always have GNU style
|
Fix misc Win32 compile warnings
GCC >= 4.4 assumes the 'printf' attribute refers to the native
runtime libraries format specifiers. Thanks to gnulib, libvirt
has GNU format specifiers everywhere. This means we need to
use 'gnu_printf' with GCC >= 4.4 to get correct compiler
checking of printf format specifiers.
* HACKING: Document new rules for ATTRIBUTE_FMT_PRINTF
* autobuild.sh, mingw32-libvirt.spec.in: Disable OpenNebula
driver on mingw32 builds
* qemud/dispatch.h, qemud/qemu.h, src/buf.h src/internal.h,
src/logging.h, src/security.h, src/sexpr.h, src/util.h,
src/virterror_internal.h, src/xend_internal.c: Change
over to ATTRIBUTE_FMT_PRINTF.
* src/virsh.c: Disable 'cd' and 'pwd' commands on Win32
since they don't compile
* src/threads-win32.c: Add missing return value check
2009-07-23 15:07:32 +00:00
|
|
|
* printf format specifiers even on broken Win32 platforms
|
|
|
|
* hence we have to force 'gnu_printf' for new GCC
|
2007-03-16 15:03:21 +00:00
|
|
|
*/
|
2017-07-05 09:35:32 +00:00
|
|
|
# ifndef ATTRIBUTE_FMT_PRINTF
|
|
|
|
# ifndef __clang__
|
|
|
|
# define ATTRIBUTE_FMT_PRINTF(fmtpos, argpos) \
|
|
|
|
__attribute__((__format__ (__gnu_printf__, fmtpos, argpos)))
|
|
|
|
# else
|
|
|
|
# define ATTRIBUTE_FMT_PRINTF(fmtpos, argpos) \
|
|
|
|
__attribute__((__format__ (__printf__, fmtpos, argpos)))
|
2010-03-09 18:22:22 +00:00
|
|
|
# endif
|
2017-07-05 09:35:32 +00:00
|
|
|
# endif
|
2010-03-09 18:22:22 +00:00
|
|
|
|
2017-07-05 09:35:32 +00:00
|
|
|
# ifndef ATTRIBUTE_RETURN_CHECK
|
|
|
|
# define ATTRIBUTE_RETURN_CHECK __attribute__((__warn_unused_result__))
|
|
|
|
# endif
|
2010-03-09 18:22:22 +00:00
|
|
|
|
nwfilter: Support for learning a VM's IP address
This patch implements support for learning a VM's IP address. It uses
the pcap library to listen on the VM's backend network interface (tap)
or the physical ethernet device (macvtap) and tries to capture packets
with source or destination MAC address of the VM and learn from DHCP
Offers, ARP traffic, or first-sent IPv4 packet what the IP address of
the VM's interface is. This then allows to instantiate the network
traffic filtering rules without the user having to provide the IP
parameter somewhere in the filter description or in the interface
description as a parameter. This only supports to detect the parameter
IP, which is for the assumed single IPv4 address of a VM. There is not
support for interfaces that may have multiple IP addresses (IP
aliasing) or IPv6 that may then require more than one valid IP address
to be detected. A VM can have multiple independent interfaces that each
uses a different IP address and in that case it will be attempted to
detect each one of the address independently.
So, when for example an interface description in the domain XML has
looked like this up to now:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'>
<parameter name='IP' value='10.2.3.4'/>
</filterref>
</interface>
you may omit the IP parameter:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'/>
</interface>
Internally I am walking the 'tree' of a VM's referenced network filters
and determine with the given variables which variables are missing. Now,
the above IP parameter may be missing and this causes a libvirt-internal
thread to be started that uses the pcap library's API to listen to the
backend interface (in case of macvtap to the physical interface) in an
attempt to determine the missing IP parameter. If the backend interface
disappears the thread terminates assuming the VM was brought down. In
case of a macvtap device a timeout is being used to wait for packets
from the given VM (filtering by VM's interface MAC address). If the VM's
macvtap device disappeared the thread also terminates. In all other
cases it tries to determine the IP address of the VM and will then apply
the rules late on the given interface, which would have happened
immediately if the IP parameter had been explicitly given. In case an
error happens while the firewall rules are applied, the VM's backend
interface is 'down'ed preventing it to communicate. Reasons for failure
for applying the network firewall rules may that an ebtables/iptables
command failes or OOM errors. Essentially the same failure reasons may
occur as when the firewall rules are applied immediately on VM start,
except that due to the late application of the filtering rules the VM
now is already running and cannot be hindered anymore from starting.
Bringing down the whole VM would probably be considered too drastic.
While a VM's IP address is attempted to be determined only limited
updates to network filters are allowed. In particular it is prevented
that filters are modified in such a way that they would introduce new
variables.
A caveat: The algorithm does not know which one is the appropriate IP
address of a VM. If the VM spoofs an IP address in its first ARP traffic
or IPv4 packets its filtering rules will be instantiated for this IP
address, thus 'locking' it to the found IP address. So, it's still
'safer' to explicitly provide the IP address of a VM's interface in the
filter description if it is known beforehand.
* configure.ac: detect libpcap
* libvirt.spec.in: require libpcap[-devel] if qemu is built
* src/internal.h: add the new ATTRIBUTE_PACKED define
* src/Makefile.am src/libvirt_private.syms: add the new modules and symbols
* src/nwfilter/nwfilter_learnipaddr.[ch]: new module being added
* src/nwfilter/nwfilter_driver.c src/conf/nwfilter_conf.[ch]
src/nwfilter/nwfilter_ebiptables_driver.[ch]
src/nwfilter/nwfilter_gentech_driver.[ch]: plu the new functionality in
* tests/nwfilterxml2xmltest: extend testing
2010-04-07 21:02:18 +00:00
|
|
|
/**
|
|
|
|
* ATTRIBUTE_PACKED
|
|
|
|
*
|
|
|
|
* force a structure to be packed, i.e. not following architecture and
|
|
|
|
* compiler best alignments for its sub components. It's needed for example
|
|
|
|
* for the network filetering code when defining the content of raw
|
|
|
|
* ethernet packets.
|
|
|
|
* Others compiler than gcc may use something different e.g. #pragma pack(1)
|
|
|
|
*/
|
2017-07-05 09:35:32 +00:00
|
|
|
# ifndef ATTRIBUTE_PACKED
|
|
|
|
# define ATTRIBUTE_PACKED __attribute__((packed))
|
|
|
|
# endif
|
nwfilter: Support for learning a VM's IP address
This patch implements support for learning a VM's IP address. It uses
the pcap library to listen on the VM's backend network interface (tap)
or the physical ethernet device (macvtap) and tries to capture packets
with source or destination MAC address of the VM and learn from DHCP
Offers, ARP traffic, or first-sent IPv4 packet what the IP address of
the VM's interface is. This then allows to instantiate the network
traffic filtering rules without the user having to provide the IP
parameter somewhere in the filter description or in the interface
description as a parameter. This only supports to detect the parameter
IP, which is for the assumed single IPv4 address of a VM. There is not
support for interfaces that may have multiple IP addresses (IP
aliasing) or IPv6 that may then require more than one valid IP address
to be detected. A VM can have multiple independent interfaces that each
uses a different IP address and in that case it will be attempted to
detect each one of the address independently.
So, when for example an interface description in the domain XML has
looked like this up to now:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'>
<parameter name='IP' value='10.2.3.4'/>
</filterref>
</interface>
you may omit the IP parameter:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'/>
</interface>
Internally I am walking the 'tree' of a VM's referenced network filters
and determine with the given variables which variables are missing. Now,
the above IP parameter may be missing and this causes a libvirt-internal
thread to be started that uses the pcap library's API to listen to the
backend interface (in case of macvtap to the physical interface) in an
attempt to determine the missing IP parameter. If the backend interface
disappears the thread terminates assuming the VM was brought down. In
case of a macvtap device a timeout is being used to wait for packets
from the given VM (filtering by VM's interface MAC address). If the VM's
macvtap device disappeared the thread also terminates. In all other
cases it tries to determine the IP address of the VM and will then apply
the rules late on the given interface, which would have happened
immediately if the IP parameter had been explicitly given. In case an
error happens while the firewall rules are applied, the VM's backend
interface is 'down'ed preventing it to communicate. Reasons for failure
for applying the network firewall rules may that an ebtables/iptables
command failes or OOM errors. Essentially the same failure reasons may
occur as when the firewall rules are applied immediately on VM start,
except that due to the late application of the filtering rules the VM
now is already running and cannot be hindered anymore from starting.
Bringing down the whole VM would probably be considered too drastic.
While a VM's IP address is attempted to be determined only limited
updates to network filters are allowed. In particular it is prevented
that filters are modified in such a way that they would introduce new
variables.
A caveat: The algorithm does not know which one is the appropriate IP
address of a VM. If the VM spoofs an IP address in its first ARP traffic
or IPv4 packets its filtering rules will be instantiated for this IP
address, thus 'locking' it to the found IP address. So, it's still
'safer' to explicitly provide the IP address of a VM's interface in the
filter description if it is known beforehand.
* configure.ac: detect libpcap
* libvirt.spec.in: require libpcap[-devel] if qemu is built
* src/internal.h: add the new ATTRIBUTE_PACKED define
* src/Makefile.am src/libvirt_private.syms: add the new modules and symbols
* src/nwfilter/nwfilter_learnipaddr.[ch]: new module being added
* src/nwfilter/nwfilter_driver.c src/conf/nwfilter_conf.[ch]
src/nwfilter/nwfilter_ebiptables_driver.[ch]
src/nwfilter/nwfilter_gentech_driver.[ch]: plu the new functionality in
* tests/nwfilterxml2xmltest: extend testing
2010-04-07 21:02:18 +00:00
|
|
|
|
build: force correct gcc syntax for attribute_nonnull
Gcc lets you do:
int ATTRIBUTE_NONNULL(1) foo(void *param);
int foo(void *param) ATTRIBUTE_NONNULL(1);
int ATTRIBUTE_NONNULL(1) foo(void *param) { ... }
but chokes on:
int foo(void *param) ATTRIBUTE_NONNULL(1) { ... }
However, since commit eefb881, we have intentionally been disabling
ATTRIBUTE_NONNULL because of lame gcc handling of the attribute (that
is, gcc doesn't do decent warning reporting, then compiles code that
mysteriously fails if you break the contract of the attribute, which
is surprisingly easy to do), leaving it on only for Coverity (which
does a much better job of improved static analysis when the attribute
is present).
But completely eliding the macro makes it too easy to write code that
uses the fourth syntax option, if you aren't using Coverity. So this
patch forces us to avoid syntax errors, even when not using the
attribute under gcc. It also documents WHY we disable the warning
under gcc, rather than forcing you to find the commit log.
* src/internal.h (ATTRIBUTE_NONNULL): Expand to empty attribute,
rather than nothing, when on gcc.
2013-02-18 20:34:58 +00:00
|
|
|
/* gcc's handling of attribute nonnull is less than stellar - it does
|
|
|
|
* NOT improve diagnostics, and merely allows gcc to optimize away
|
|
|
|
* null code checks even when the caller manages to pass null in spite
|
|
|
|
* of the attribute, leading to weird crashes. Coverity, on the other
|
|
|
|
* hand, knows how to do better static analysis based on knowing
|
|
|
|
* whether a parameter is nonnull. Make this attribute conditional
|
|
|
|
* based on whether we are compiling for real or for analysis, while
|
|
|
|
* still requiring correct gcc syntax when it is turned off. See also
|
|
|
|
* http://gcc.gnu.org/bugzilla/show_bug.cgi?id=17308 */
|
2017-07-05 09:35:32 +00:00
|
|
|
# ifndef ATTRIBUTE_NONNULL
|
|
|
|
# if STATIC_ANALYSIS
|
|
|
|
# define ATTRIBUTE_NONNULL(m) __attribute__((__nonnull__(m)))
|
|
|
|
# else
|
|
|
|
# define ATTRIBUTE_NONNULL(m) __attribute__(())
|
2017-02-22 17:37:09 +00:00
|
|
|
# endif
|
2017-07-05 09:35:32 +00:00
|
|
|
# endif
|
2017-02-22 17:37:09 +00:00
|
|
|
|
2017-07-05 09:35:32 +00:00
|
|
|
# ifndef ATTRIBUTE_FALLTHROUGH
|
|
|
|
# if __GNUC_PREREQ (7, 0)
|
|
|
|
# define ATTRIBUTE_FALLTHROUGH __attribute__((fallthrough))
|
|
|
|
# else
|
2017-02-22 17:37:09 +00:00
|
|
|
# define ATTRIBUTE_FALLTHROUGH do {} while(0)
|
|
|
|
# endif
|
2017-07-05 09:35:32 +00:00
|
|
|
# endif
|
2013-04-03 14:52:40 +00:00
|
|
|
|
2013-05-13 11:41:07 +00:00
|
|
|
# if WORKING_PRAGMA_PUSH
|
2013-04-03 14:52:40 +00:00
|
|
|
# define VIR_WARNINGS_NO_CAST_ALIGN \
|
|
|
|
_Pragma ("GCC diagnostic push") \
|
|
|
|
_Pragma ("GCC diagnostic ignored \"-Wcast-align\"")
|
2015-01-16 14:45:08 +00:00
|
|
|
|
2017-04-07 14:43:38 +00:00
|
|
|
# define VIR_WARNINGS_NO_DEPRECATED \
|
|
|
|
_Pragma ("GCC diagnostic push") \
|
|
|
|
_Pragma ("GCC diagnostic ignored \"-Wdeprecated-declarations\"")
|
|
|
|
|
2015-01-16 14:45:08 +00:00
|
|
|
# if HAVE_SUGGEST_ATTRIBUTE_FORMAT
|
|
|
|
# define VIR_WARNINGS_NO_PRINTF \
|
2014-11-18 14:50:05 +00:00
|
|
|
_Pragma ("GCC diagnostic push") \
|
|
|
|
_Pragma ("GCC diagnostic ignored \"-Wsuggest-attribute=format\"")
|
2015-01-16 14:45:08 +00:00
|
|
|
# else
|
|
|
|
# define VIR_WARNINGS_NO_PRINTF \
|
|
|
|
_Pragma ("GCC diagnostic push")
|
|
|
|
# endif
|
2013-04-03 14:52:40 +00:00
|
|
|
|
2016-04-10 16:22:20 +00:00
|
|
|
/* Workaround bogus GCC 6.0 for logical 'or' equal expression warnings.
|
|
|
|
* (GCC bz 69602) */
|
|
|
|
# if BROKEN_GCC_WLOGICALOP_EQUAL_EXPR
|
2017-11-03 12:09:47 +00:00
|
|
|
# define VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR \
|
|
|
|
_Pragma ("GCC diagnostic push") \
|
2016-04-10 16:22:20 +00:00
|
|
|
_Pragma ("GCC diagnostic ignored \"-Wlogical-op\"")
|
|
|
|
# else
|
2017-11-03 12:09:47 +00:00
|
|
|
# define VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR \
|
2016-04-10 16:22:20 +00:00
|
|
|
_Pragma ("GCC diagnostic push")
|
|
|
|
# endif
|
|
|
|
|
2013-04-03 14:52:40 +00:00
|
|
|
# define VIR_WARNINGS_RESET \
|
|
|
|
_Pragma ("GCC diagnostic pop")
|
|
|
|
# else
|
|
|
|
# define VIR_WARNINGS_NO_CAST_ALIGN
|
2017-04-07 14:43:38 +00:00
|
|
|
# define VIR_WARNINGS_NO_DEPRECATED
|
2014-11-18 14:50:05 +00:00
|
|
|
# define VIR_WARNINGS_NO_PRINTF
|
2016-04-10 16:22:20 +00:00
|
|
|
# define VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR
|
2013-04-03 14:52:40 +00:00
|
|
|
# define VIR_WARNINGS_RESET
|
|
|
|
# endif
|
|
|
|
|
2016-04-10 16:21:13 +00:00
|
|
|
/* Workaround bogus GCC < 4.6 that produces false -Wlogical-op warnings for
|
|
|
|
* strchr(). Those old GCCs don't support push/pop. */
|
|
|
|
# if BROKEN_GCC_WLOGICALOP_STRCHR
|
2017-11-03 12:09:47 +00:00
|
|
|
# define VIR_WARNINGS_NO_WLOGICALOP_STRCHR \
|
2016-04-10 16:21:13 +00:00
|
|
|
_Pragma ("GCC diagnostic ignored \"-Wlogical-op\"")
|
|
|
|
# else
|
|
|
|
# define VIR_WARNINGS_NO_WLOGICALOP_STRCHR
|
|
|
|
# endif
|
|
|
|
|
|
|
|
|
2009-01-15 17:54:20 +00:00
|
|
|
/*
|
|
|
|
* Use this when passing possibly-NULL strings to printf-a-likes.
|
|
|
|
*/
|
2014-02-05 17:39:23 +00:00
|
|
|
# define NULLSTR(s) ((s) ? (s) : "<null>")
|
2009-01-15 17:54:20 +00:00
|
|
|
|
2014-06-23 21:01:52 +00:00
|
|
|
/*
|
|
|
|
* Similar to NULLSTR, but print '-' to make it more user friendly.
|
|
|
|
*/
|
|
|
|
# define EMPTYSTR(s) ((s) ? (s) : "-")
|
|
|
|
|
2014-06-06 16:09:01 +00:00
|
|
|
/**
|
|
|
|
* SWAP:
|
|
|
|
*
|
|
|
|
* In place exchange of two values
|
|
|
|
*/
|
2017-11-03 12:09:47 +00:00
|
|
|
# define SWAP(a, b) \
|
|
|
|
do { \
|
|
|
|
(a) = (a) ^ (b); \
|
|
|
|
(b) = (a) ^ (b); \
|
|
|
|
(a) = (a) ^ (b); \
|
2014-06-06 16:09:01 +00:00
|
|
|
} while (0)
|
|
|
|
|
2016-07-31 12:02:08 +00:00
|
|
|
/**
|
|
|
|
* VIR_STEAL_PTR:
|
|
|
|
*
|
|
|
|
* Steals pointer passed as second argument into the first argument. Second
|
|
|
|
* argument must not have side effects.
|
|
|
|
*/
|
2017-11-03 12:09:47 +00:00
|
|
|
# define VIR_STEAL_PTR(a, b) \
|
|
|
|
do { \
|
|
|
|
(a) = (b); \
|
|
|
|
(b) = NULL; \
|
2016-07-31 12:02:08 +00:00
|
|
|
} while (0)
|
|
|
|
|
2010-04-13 13:48:04 +00:00
|
|
|
/**
|
|
|
|
* virCheckFlags:
|
|
|
|
* @supported: an OR'ed set of supported flags
|
|
|
|
* @retval: return value in case unsupported flags were passed
|
|
|
|
*
|
|
|
|
* To avoid memory leaks this macro has to be used before any non-trivial
|
|
|
|
* code which could possibly allocate some memory.
|
|
|
|
*
|
|
|
|
* Returns nothing. Exits the caller function if unsupported flags were
|
|
|
|
* passed to it.
|
|
|
|
*/
|
2017-11-03 12:09:47 +00:00
|
|
|
# define virCheckFlags(supported, retval) \
|
|
|
|
do { \
|
|
|
|
unsigned long __unsuppflags = flags & ~(supported); \
|
|
|
|
if (__unsuppflags) { \
|
|
|
|
virReportInvalidArg(flags, \
|
Santize the reporting of VIR_ERR_INVALID_ERROR
To ensure consistent error reporting of invalid arguments,
provide a number of predefined helper methods & macros.
- An arg which must not be NULL:
virCheckNonNullArgReturn(argname, retvalue)
virCheckNonNullArgGoto(argname, label)
- An arg which must be NULL
virCheckNullArgGoto(argname, label)
- An arg which must be positive (ie 1 or greater)
virCheckPositiveArgGoto(argname, label)
- An arg which must not be 0
virCheckNonZeroArgGoto(argname, label)
- An arg which must be zero
virCheckZeroArgGoto(argname, label)
- An arg which must not be negative (ie 0 or greater)
virCheckNonNegativeArgGoto(argname, label)
* src/libvirt.c, src/libvirt-qemu.c,
src/nodeinfo.c, src/datatypes.c: Update to use
virCheckXXXX macros
* po/POTFILES.in: Add libvirt-qemu.c and virterror_internal.h
* src/internal.h: Define macros for checking invalid args
* src/util/virterror_internal.h: Define macros for reporting
invalid args
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-25 17:41:07 +00:00
|
|
|
_("unsupported flags (0x%lx) in function %s"), \
|
2017-11-03 12:09:47 +00:00
|
|
|
__unsuppflags, __FUNCTION__); \
|
|
|
|
return retval; \
|
|
|
|
} \
|
2010-04-13 13:48:04 +00:00
|
|
|
} while (0)
|
|
|
|
|
2012-08-03 09:27:07 +00:00
|
|
|
/**
|
|
|
|
* virCheckFlagsGoto:
|
|
|
|
* @supported: an OR'ed set of supported flags
|
|
|
|
* @label: label to jump to on error
|
|
|
|
*
|
|
|
|
* To avoid memory leaks this macro has to be used before any non-trivial
|
|
|
|
* code which could possibly allocate some memory.
|
|
|
|
*
|
|
|
|
* Returns nothing. Jumps to a label if unsupported flags were
|
|
|
|
* passed to it.
|
|
|
|
*/
|
2017-11-03 12:09:47 +00:00
|
|
|
# define virCheckFlagsGoto(supported, label) \
|
|
|
|
do { \
|
|
|
|
unsigned long __unsuppflags = flags & ~(supported); \
|
|
|
|
if (__unsuppflags) { \
|
|
|
|
virReportInvalidArg(flags, \
|
2012-08-03 09:27:07 +00:00
|
|
|
_("unsupported flags (0x%lx) in function %s"), \
|
2017-11-03 12:09:47 +00:00
|
|
|
__unsuppflags, __FUNCTION__); \
|
|
|
|
goto label; \
|
|
|
|
} \
|
2012-08-03 09:27:07 +00:00
|
|
|
} while (0)
|
|
|
|
|
2015-03-20 14:38:59 +00:00
|
|
|
/* Macros to help dealing with mutually exclusive flags. */
|
|
|
|
|
|
|
|
/**
|
|
|
|
* VIR_EXCLUSIVE_FLAGS_RET:
|
|
|
|
*
|
|
|
|
* @FLAG1: First flag to be checked.
|
|
|
|
* @FLAG2: Second flag to be checked.
|
|
|
|
* @RET: Return value.
|
|
|
|
*
|
|
|
|
* Reject mutually exclusive API flags. The checked flags are compared
|
|
|
|
* with flags variable.
|
|
|
|
*
|
|
|
|
* This helper does an early return and therefore it has to be called
|
|
|
|
* before anything that would require cleanup.
|
|
|
|
*/
|
2017-11-03 12:09:47 +00:00
|
|
|
# define VIR_EXCLUSIVE_FLAGS_RET(FLAG1, FLAG2, RET) \
|
|
|
|
do { \
|
|
|
|
if ((flags & FLAG1) && (flags & FLAG2)) { \
|
|
|
|
virReportInvalidArg(ctl, \
|
|
|
|
_("Flags '%s' and '%s' are mutually " \
|
|
|
|
"exclusive"), \
|
|
|
|
#FLAG1, #FLAG2); \
|
|
|
|
return RET; \
|
|
|
|
} \
|
2015-03-20 14:38:59 +00:00
|
|
|
} while (0)
|
|
|
|
|
|
|
|
/**
|
|
|
|
* VIR_EXCLUSIVE_FLAGS_GOTO:
|
|
|
|
*
|
|
|
|
* @FLAG1: First flag to be checked.
|
|
|
|
* @FLAG2: Second flag to be checked.
|
|
|
|
* @LABEL: Label to jump to.
|
|
|
|
*
|
|
|
|
* Reject mutually exclusive API flags. The checked flags are compared
|
|
|
|
* with flags variable.
|
|
|
|
*
|
|
|
|
* Returns nothing. Jumps to a label if unsupported flags were
|
|
|
|
* passed to it.
|
|
|
|
*/
|
2017-11-03 12:09:47 +00:00
|
|
|
# define VIR_EXCLUSIVE_FLAGS_GOTO(FLAG1, FLAG2, LABEL) \
|
|
|
|
do { \
|
|
|
|
if ((flags & FLAG1) && (flags & FLAG2)) { \
|
|
|
|
virReportInvalidArg(ctl, \
|
|
|
|
_("Flags '%s' and '%s' are mutually " \
|
|
|
|
"exclusive"), \
|
|
|
|
#FLAG1, #FLAG2); \
|
|
|
|
goto LABEL; \
|
|
|
|
} \
|
2015-03-25 12:11:38 +00:00
|
|
|
} while (0)
|
|
|
|
|
|
|
|
/* Macros to help dealing with flag requirements. */
|
|
|
|
|
|
|
|
/**
|
|
|
|
* VIR_REQUIRE_FLAG_RET:
|
|
|
|
*
|
|
|
|
* @FLAG1: First flag to be checked.
|
|
|
|
* @FLAG2: Second flag that is required by first flag.
|
|
|
|
* @RET: Return value.
|
|
|
|
*
|
|
|
|
* Check whether required flag is set. The checked flags are compared
|
|
|
|
* with flags variable.
|
|
|
|
*
|
|
|
|
* This helper does an early return and therefore it has to be called
|
|
|
|
* before anything that would require cleanup.
|
|
|
|
*/
|
2017-11-03 12:09:47 +00:00
|
|
|
# define VIR_REQUIRE_FLAG_RET(FLAG1, FLAG2, RET) \
|
|
|
|
do { \
|
|
|
|
if ((flags & FLAG1) && !(flags & FLAG2)) { \
|
|
|
|
virReportInvalidArg(ctl, \
|
|
|
|
_("Flag '%s' is required by flag '%s'"), \
|
|
|
|
#FLAG2, #FLAG1); \
|
|
|
|
return RET; \
|
|
|
|
} \
|
2015-03-25 12:11:38 +00:00
|
|
|
} while (0)
|
|
|
|
|
|
|
|
/**
|
|
|
|
* VIR_REQUIRE_FLAG_GOTO:
|
|
|
|
*
|
|
|
|
* @FLAG1: First flag to be checked.
|
|
|
|
* @FLAG2: Second flag that is required by first flag.
|
|
|
|
* @LABEL: Label to jump to.
|
|
|
|
*
|
|
|
|
* Check whether required flag is set. The checked flags are compared
|
|
|
|
* with flags variable.
|
|
|
|
*
|
|
|
|
* Returns nothing. Jumps to a label if required flag is not set.
|
|
|
|
*/
|
2017-11-03 12:09:47 +00:00
|
|
|
# define VIR_REQUIRE_FLAG_GOTO(FLAG1, FLAG2, LABEL) \
|
|
|
|
do { \
|
|
|
|
if ((flags & FLAG1) && !(flags & FLAG2)) { \
|
|
|
|
virReportInvalidArg(ctl, \
|
|
|
|
_("Flag '%s' is required by flag '%s'"), \
|
|
|
|
#FLAG2, #FLAG1); \
|
|
|
|
goto LABEL; \
|
|
|
|
} \
|
2015-03-20 14:38:59 +00:00
|
|
|
} while (0)
|
|
|
|
|
2017-11-03 12:09:47 +00:00
|
|
|
# define virCheckNonNullArgReturn(argname, retval) \
|
|
|
|
do { \
|
|
|
|
if (argname == NULL) { \
|
|
|
|
virReportInvalidNonNullArg(argname); \
|
|
|
|
return retval; \
|
|
|
|
} \
|
Santize the reporting of VIR_ERR_INVALID_ERROR
To ensure consistent error reporting of invalid arguments,
provide a number of predefined helper methods & macros.
- An arg which must not be NULL:
virCheckNonNullArgReturn(argname, retvalue)
virCheckNonNullArgGoto(argname, label)
- An arg which must be NULL
virCheckNullArgGoto(argname, label)
- An arg which must be positive (ie 1 or greater)
virCheckPositiveArgGoto(argname, label)
- An arg which must not be 0
virCheckNonZeroArgGoto(argname, label)
- An arg which must be zero
virCheckZeroArgGoto(argname, label)
- An arg which must not be negative (ie 0 or greater)
virCheckNonNegativeArgGoto(argname, label)
* src/libvirt.c, src/libvirt-qemu.c,
src/nodeinfo.c, src/datatypes.c: Update to use
virCheckXXXX macros
* po/POTFILES.in: Add libvirt-qemu.c and virterror_internal.h
* src/internal.h: Define macros for checking invalid args
* src/util/virterror_internal.h: Define macros for reporting
invalid args
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-25 17:41:07 +00:00
|
|
|
} while (0)
|
2017-11-03 12:09:47 +00:00
|
|
|
# define virCheckNullArgGoto(argname, label) \
|
|
|
|
do { \
|
|
|
|
if (argname != NULL) { \
|
|
|
|
virReportInvalidNullArg(argname); \
|
|
|
|
goto label; \
|
|
|
|
} \
|
Santize the reporting of VIR_ERR_INVALID_ERROR
To ensure consistent error reporting of invalid arguments,
provide a number of predefined helper methods & macros.
- An arg which must not be NULL:
virCheckNonNullArgReturn(argname, retvalue)
virCheckNonNullArgGoto(argname, label)
- An arg which must be NULL
virCheckNullArgGoto(argname, label)
- An arg which must be positive (ie 1 or greater)
virCheckPositiveArgGoto(argname, label)
- An arg which must not be 0
virCheckNonZeroArgGoto(argname, label)
- An arg which must be zero
virCheckZeroArgGoto(argname, label)
- An arg which must not be negative (ie 0 or greater)
virCheckNonNegativeArgGoto(argname, label)
* src/libvirt.c, src/libvirt-qemu.c,
src/nodeinfo.c, src/datatypes.c: Update to use
virCheckXXXX macros
* po/POTFILES.in: Add libvirt-qemu.c and virterror_internal.h
* src/internal.h: Define macros for checking invalid args
* src/util/virterror_internal.h: Define macros for reporting
invalid args
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-25 17:41:07 +00:00
|
|
|
} while (0)
|
2017-11-03 12:09:47 +00:00
|
|
|
# define virCheckNonNullArgGoto(argname, label) \
|
|
|
|
do { \
|
|
|
|
if (argname == NULL) { \
|
|
|
|
virReportInvalidNonNullArg(argname); \
|
|
|
|
goto label; \
|
|
|
|
} \
|
Santize the reporting of VIR_ERR_INVALID_ERROR
To ensure consistent error reporting of invalid arguments,
provide a number of predefined helper methods & macros.
- An arg which must not be NULL:
virCheckNonNullArgReturn(argname, retvalue)
virCheckNonNullArgGoto(argname, label)
- An arg which must be NULL
virCheckNullArgGoto(argname, label)
- An arg which must be positive (ie 1 or greater)
virCheckPositiveArgGoto(argname, label)
- An arg which must not be 0
virCheckNonZeroArgGoto(argname, label)
- An arg which must be zero
virCheckZeroArgGoto(argname, label)
- An arg which must not be negative (ie 0 or greater)
virCheckNonNegativeArgGoto(argname, label)
* src/libvirt.c, src/libvirt-qemu.c,
src/nodeinfo.c, src/datatypes.c: Update to use
virCheckXXXX macros
* po/POTFILES.in: Add libvirt-qemu.c and virterror_internal.h
* src/internal.h: Define macros for checking invalid args
* src/util/virterror_internal.h: Define macros for reporting
invalid args
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-25 17:41:07 +00:00
|
|
|
} while (0)
|
2015-06-23 15:35:16 +00:00
|
|
|
# define virCheckNonEmptyStringArgGoto(argname, label) \
|
2017-11-03 12:09:47 +00:00
|
|
|
do { \
|
|
|
|
if (argname == NULL) { \
|
|
|
|
virReportInvalidNonNullArg(argname); \
|
|
|
|
goto label; \
|
|
|
|
} \
|
|
|
|
if (*argname == '\0') { \
|
|
|
|
virReportInvalidEmptyStringArg(argname); \
|
|
|
|
goto label; \
|
|
|
|
} \
|
2015-06-23 15:35:16 +00:00
|
|
|
} while (0)
|
2017-11-03 12:09:47 +00:00
|
|
|
# define virCheckPositiveArgGoto(argname, label) \
|
|
|
|
do { \
|
|
|
|
if (argname <= 0) { \
|
|
|
|
virReportInvalidPositiveArg(argname); \
|
|
|
|
goto label; \
|
|
|
|
} \
|
Santize the reporting of VIR_ERR_INVALID_ERROR
To ensure consistent error reporting of invalid arguments,
provide a number of predefined helper methods & macros.
- An arg which must not be NULL:
virCheckNonNullArgReturn(argname, retvalue)
virCheckNonNullArgGoto(argname, label)
- An arg which must be NULL
virCheckNullArgGoto(argname, label)
- An arg which must be positive (ie 1 or greater)
virCheckPositiveArgGoto(argname, label)
- An arg which must not be 0
virCheckNonZeroArgGoto(argname, label)
- An arg which must be zero
virCheckZeroArgGoto(argname, label)
- An arg which must not be negative (ie 0 or greater)
virCheckNonNegativeArgGoto(argname, label)
* src/libvirt.c, src/libvirt-qemu.c,
src/nodeinfo.c, src/datatypes.c: Update to use
virCheckXXXX macros
* po/POTFILES.in: Add libvirt-qemu.c and virterror_internal.h
* src/internal.h: Define macros for checking invalid args
* src/util/virterror_internal.h: Define macros for reporting
invalid args
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-25 17:41:07 +00:00
|
|
|
} while (0)
|
2017-11-03 12:09:47 +00:00
|
|
|
# define virCheckPositiveArgReturn(argname, retval) \
|
|
|
|
do { \
|
|
|
|
if (argname <= 0) { \
|
|
|
|
virReportInvalidPositiveArg(argname); \
|
|
|
|
return retval; \
|
|
|
|
} \
|
2017-05-18 06:27:27 +00:00
|
|
|
} while (0)
|
2017-11-03 12:09:47 +00:00
|
|
|
# define virCheckNonZeroArgGoto(argname, label) \
|
|
|
|
do { \
|
|
|
|
if (argname == 0) { \
|
|
|
|
virReportInvalidNonZeroArg(argname); \
|
|
|
|
goto label; \
|
|
|
|
} \
|
Santize the reporting of VIR_ERR_INVALID_ERROR
To ensure consistent error reporting of invalid arguments,
provide a number of predefined helper methods & macros.
- An arg which must not be NULL:
virCheckNonNullArgReturn(argname, retvalue)
virCheckNonNullArgGoto(argname, label)
- An arg which must be NULL
virCheckNullArgGoto(argname, label)
- An arg which must be positive (ie 1 or greater)
virCheckPositiveArgGoto(argname, label)
- An arg which must not be 0
virCheckNonZeroArgGoto(argname, label)
- An arg which must be zero
virCheckZeroArgGoto(argname, label)
- An arg which must not be negative (ie 0 or greater)
virCheckNonNegativeArgGoto(argname, label)
* src/libvirt.c, src/libvirt-qemu.c,
src/nodeinfo.c, src/datatypes.c: Update to use
virCheckXXXX macros
* po/POTFILES.in: Add libvirt-qemu.c and virterror_internal.h
* src/internal.h: Define macros for checking invalid args
* src/util/virterror_internal.h: Define macros for reporting
invalid args
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-25 17:41:07 +00:00
|
|
|
} while (0)
|
2017-11-03 12:09:47 +00:00
|
|
|
# define virCheckZeroArgGoto(argname, label) \
|
|
|
|
do { \
|
|
|
|
if (argname != 0) { \
|
|
|
|
virReportInvalidNonZeroArg(argname); \
|
|
|
|
goto label; \
|
|
|
|
} \
|
Santize the reporting of VIR_ERR_INVALID_ERROR
To ensure consistent error reporting of invalid arguments,
provide a number of predefined helper methods & macros.
- An arg which must not be NULL:
virCheckNonNullArgReturn(argname, retvalue)
virCheckNonNullArgGoto(argname, label)
- An arg which must be NULL
virCheckNullArgGoto(argname, label)
- An arg which must be positive (ie 1 or greater)
virCheckPositiveArgGoto(argname, label)
- An arg which must not be 0
virCheckNonZeroArgGoto(argname, label)
- An arg which must be zero
virCheckZeroArgGoto(argname, label)
- An arg which must not be negative (ie 0 or greater)
virCheckNonNegativeArgGoto(argname, label)
* src/libvirt.c, src/libvirt-qemu.c,
src/nodeinfo.c, src/datatypes.c: Update to use
virCheckXXXX macros
* po/POTFILES.in: Add libvirt-qemu.c and virterror_internal.h
* src/internal.h: Define macros for checking invalid args
* src/util/virterror_internal.h: Define macros for reporting
invalid args
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-25 17:41:07 +00:00
|
|
|
} while (0)
|
2017-11-03 12:09:47 +00:00
|
|
|
# define virCheckNonNegativeArgGoto(argname, label) \
|
|
|
|
do { \
|
|
|
|
if (argname < 0) { \
|
|
|
|
virReportInvalidNonNegativeArg(argname); \
|
|
|
|
goto label; \
|
|
|
|
} \
|
Santize the reporting of VIR_ERR_INVALID_ERROR
To ensure consistent error reporting of invalid arguments,
provide a number of predefined helper methods & macros.
- An arg which must not be NULL:
virCheckNonNullArgReturn(argname, retvalue)
virCheckNonNullArgGoto(argname, label)
- An arg which must be NULL
virCheckNullArgGoto(argname, label)
- An arg which must be positive (ie 1 or greater)
virCheckPositiveArgGoto(argname, label)
- An arg which must not be 0
virCheckNonZeroArgGoto(argname, label)
- An arg which must be zero
virCheckZeroArgGoto(argname, label)
- An arg which must not be negative (ie 0 or greater)
virCheckNonNegativeArgGoto(argname, label)
* src/libvirt.c, src/libvirt-qemu.c,
src/nodeinfo.c, src/datatypes.c: Update to use
virCheckXXXX macros
* po/POTFILES.in: Add libvirt-qemu.c and virterror_internal.h
* src/internal.h: Define macros for checking invalid args
* src/util/virterror_internal.h: Define macros for reporting
invalid args
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-25 17:41:07 +00:00
|
|
|
} while (0)
|
2017-11-03 12:09:47 +00:00
|
|
|
# define virCheckReadOnlyGoto(flags, label) \
|
|
|
|
do { \
|
|
|
|
if ((flags) & VIR_CONNECT_RO) { \
|
2013-12-20 14:02:49 +00:00
|
|
|
virReportRestrictedError(_("read only access prevents %s"), \
|
2017-11-03 12:09:47 +00:00
|
|
|
__FUNCTION__); \
|
|
|
|
goto label; \
|
|
|
|
} \
|
2013-12-20 14:02:49 +00:00
|
|
|
} while (0)
|
|
|
|
|
Santize the reporting of VIR_ERR_INVALID_ERROR
To ensure consistent error reporting of invalid arguments,
provide a number of predefined helper methods & macros.
- An arg which must not be NULL:
virCheckNonNullArgReturn(argname, retvalue)
virCheckNonNullArgGoto(argname, label)
- An arg which must be NULL
virCheckNullArgGoto(argname, label)
- An arg which must be positive (ie 1 or greater)
virCheckPositiveArgGoto(argname, label)
- An arg which must not be 0
virCheckNonZeroArgGoto(argname, label)
- An arg which must be zero
virCheckZeroArgGoto(argname, label)
- An arg which must not be negative (ie 0 or greater)
virCheckNonNegativeArgGoto(argname, label)
* src/libvirt.c, src/libvirt-qemu.c,
src/nodeinfo.c, src/datatypes.c: Update to use
virCheckXXXX macros
* po/POTFILES.in: Add libvirt-qemu.c and virterror_internal.h
* src/internal.h: Define macros for checking invalid args
* src/util/virterror_internal.h: Define macros for reporting
invalid args
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-25 17:41:07 +00:00
|
|
|
|
|
|
|
|
2011-01-28 21:03:24 +00:00
|
|
|
/* divide value by size, rounding up */
|
|
|
|
# define VIR_DIV_UP(value, size) (((value) + (size) - 1) / (size))
|
|
|
|
|
2013-05-14 13:48:21 +00:00
|
|
|
/* round up value to the closest multiple of size */
|
|
|
|
# define VIR_ROUND_UP(value, size) (VIR_DIV_UP(value, size) * (size))
|
|
|
|
|
2014-11-18 16:13:38 +00:00
|
|
|
/* Round up to the next closest power of 2. It will return rounded number or 0
|
|
|
|
* for 0 or number more than 2^31 (for 32bit unsigned int). */
|
2017-11-03 12:09:47 +00:00
|
|
|
# define VIR_ROUND_UP_POWER_OF_TWO(value) \
|
|
|
|
((value) > 0 && (value) <= 1U << (sizeof(unsigned int) * 8 - 1) ? \
|
2014-11-18 16:13:38 +00:00
|
|
|
1U << (sizeof(unsigned int) * 8 - count_leading_zeros((value) - 1)) : 0)
|
|
|
|
|
Rewrite all the DTrace/SystemTAP probing
The libvirtd daemon had a few crude system tap probes. Some of
these were broken during the RPC rewrite. The new modular RPC
code is structured in a way that allows much more effective
tracing. Instead of trying to hook up the original probes,
define a new set of probes for the RPC and event code.
The master probes file is now src/probes.d. This contains
probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
probes for the poll event loop.
The src/dtrace2systemtap.pl script can convert the probes.d
file into a libvirt_probes.stp file to make use from systemtap
much simpler.
The src/rpc/gensystemtap.pl script can generate a set of
systemtap functions for translating RPC enum values into
printable strings. This works for all RPC header enums (program,
type, status, procedure) and also the authentication enum
The PROBE macro will automatically generate a VIR_DEBUG
statement, so any place with a PROBE can remove any existing
manual DEBUG statements.
* daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
* daemon/libvirtd.h: Remove probe macros
* daemon/Makefile.am: Remove all probe buildings/install
* daemon/remote.c: Update authentication probes
* src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
to generate STP files
* src/internal.h: Add probe macros
* src/probes.d: Master list of probes
* src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
src/util/event_poll.c: Insert probe points, removing any
DEBUG statements that duplicate the info
2011-09-30 13:40:23 +00:00
|
|
|
|
2014-02-19 01:06:50 +00:00
|
|
|
/* Specific error values for use in forwarding programs such as
|
|
|
|
* virt-login-shell; these values match what GNU env does. */
|
|
|
|
enum {
|
|
|
|
EXIT_CANCELED = 125, /* Failed before attempting exec */
|
|
|
|
EXIT_CANNOT_INVOKE = 126, /* Exists but couldn't exec */
|
|
|
|
EXIT_ENOENT = 127, /* Could not find program to exec */
|
|
|
|
};
|
Rewrite all the DTrace/SystemTAP probing
The libvirtd daemon had a few crude system tap probes. Some of
these were broken during the RPC rewrite. The new modular RPC
code is structured in a way that allows much more effective
tracing. Instead of trying to hook up the original probes,
define a new set of probes for the RPC and event code.
The master probes file is now src/probes.d. This contains
probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
probes for the poll event loop.
The src/dtrace2systemtap.pl script can convert the probes.d
file into a libvirt_probes.stp file to make use from systemtap
much simpler.
The src/rpc/gensystemtap.pl script can generate a set of
systemtap functions for translating RPC enum values into
printable strings. This works for all RPC header enums (program,
type, status, procedure) and also the authentication enum
The PROBE macro will automatically generate a VIR_DEBUG
statement, so any place with a PROBE can remove any existing
manual DEBUG statements.
* daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
* daemon/libvirtd.h: Remove probe macros
* daemon/Makefile.am: Remove all probe buildings/install
* daemon/remote.c: Update authentication probes
* src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
to generate STP files
* src/internal.h: Add probe macros
* src/probes.d: Master list of probes
* src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
src/util/event_poll.c: Insert probe points, removing any
DEBUG statements that duplicate the info
2011-09-30 13:40:23 +00:00
|
|
|
|
2016-04-07 06:51:11 +00:00
|
|
|
# ifndef ENODATA
|
|
|
|
# define ENODATA EIO
|
|
|
|
# endif
|
|
|
|
|
2006-03-15 12:13:25 +00:00
|
|
|
#endif /* __VIR_INTERNAL_H__ */
|