2007-06-11 11:47:01 +00:00
|
|
|
/*
|
2009-07-10 11:20:03 +00:00
|
|
|
* remote.c: handlers for RPC method calls
|
2007-06-11 11:47:01 +00:00
|
|
|
*
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
* Copyright (C) 2007-2014 Red Hat, Inc.
|
2007-06-11 11:47:01 +00:00
|
|
|
*
|
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
2012-09-20 22:30:55 +00:00
|
|
|
* License along with this library. If not, see
|
2012-07-21 10:06:23 +00:00
|
|
|
* <http://www.gnu.org/licenses/>.
|
2007-06-11 11:47:01 +00:00
|
|
|
*
|
|
|
|
|
* Author: Richard W.M. Jones <rjones@redhat.com>
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
|
|
2012-12-13 18:21:53 +00:00
|
|
|
#include "virerror.h"
|
2007-06-11 11:47:01 +00:00
|
|
|
|
2013-01-08 22:19:00 +00:00
|
|
|
#if WITH_POLKIT0
|
2010-03-09 18:22:22 +00:00
|
|
|
# include <polkit/polkit.h>
|
|
|
|
|
# include <polkit-dbus/polkit-dbus.h>
|
2007-12-05 18:21:27 +00:00
|
|
|
#endif
|
|
|
|
|
|
2009-07-10 11:20:03 +00:00
|
|
|
#include "remote.h"
|
2011-05-16 17:13:11 +00:00
|
|
|
#include "libvirtd.h"
|
2008-11-04 23:22:06 +00:00
|
|
|
#include "libvirt_internal.h"
|
|
|
|
|
#include "datatypes.h"
|
2012-12-12 18:06:53 +00:00
|
|
|
#include "viralloc.h"
|
2012-12-12 17:59:27 +00:00
|
|
|
#include "virlog.h"
|
2009-09-30 10:51:54 +00:00
|
|
|
#include "stream.h"
|
2012-12-13 18:01:25 +00:00
|
|
|
#include "viruuid.h"
|
2012-12-12 16:27:01 +00:00
|
|
|
#include "vircommand.h"
|
2011-06-24 18:16:05 +00:00
|
|
|
#include "intprops.h"
|
2011-05-16 17:13:11 +00:00
|
|
|
#include "virnetserverservice.h"
|
2011-07-07 21:12:26 +00:00
|
|
|
#include "virnetserver.h"
|
2011-10-21 11:49:23 +00:00
|
|
|
#include "virfile.h"
|
2012-01-02 22:03:19 +00:00
|
|
|
#include "virtypedparam.h"
|
2012-04-19 14:34:35 +00:00
|
|
|
#include "virdbus.h"
|
2012-09-24 17:10:37 +00:00
|
|
|
#include "virprocess.h"
|
2011-05-16 17:13:11 +00:00
|
|
|
#include "remote_protocol.h"
|
|
|
|
|
#include "qemu_protocol.h"
|
2012-12-21 14:20:04 +00:00
|
|
|
#include "lxc_protocol.h"
|
2013-04-03 10:36:23 +00:00
|
|
|
#include "virstring.h"
|
2013-12-11 10:38:01 +00:00
|
|
|
#include "object_event.h"
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
#include "domain_conf.h"
|
|
|
|
|
#include "network_conf.h"
|
2014-02-27 13:41:11 +00:00
|
|
|
#include "virprobe.h"
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
#include "viraccessapicheck.h"
|
2014-01-29 22:30:44 +00:00
|
|
|
#include "viraccessapicheckqemu.h"
|
2011-05-16 17:13:11 +00:00
|
|
|
|
|
|
|
|
#define VIR_FROM_THIS VIR_FROM_RPC
|
2007-12-05 15:24:15 +00:00
|
|
|
|
2014-02-28 12:16:17 +00:00
|
|
|
VIR_LOG_INIT("daemon.remote");
|
|
|
|
|
|
2011-05-30 10:58:57 +00:00
|
|
|
#if SIZEOF_LONG < 8
|
2012-03-02 23:58:05 +00:00
|
|
|
# define HYPER_TO_TYPE(_type, _to, _from) \
|
|
|
|
|
do { \
|
|
|
|
|
if ((_from) != (_type)(_from)) { \
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_OVERFLOW, \
|
|
|
|
|
_("conversion from hyper to %s overflowed"), \
|
|
|
|
|
#_type); \
|
2012-03-02 23:58:05 +00:00
|
|
|
goto cleanup; \
|
|
|
|
|
} \
|
|
|
|
|
(_to) = (_from); \
|
2011-05-30 10:58:57 +00:00
|
|
|
} while (0)
|
|
|
|
|
|
|
|
|
|
# define HYPER_TO_LONG(_to, _from) HYPER_TO_TYPE(long, _to, _from)
|
|
|
|
|
# define HYPER_TO_ULONG(_to, _from) HYPER_TO_TYPE(unsigned long, _to, _from)
|
|
|
|
|
#else
|
|
|
|
|
# define HYPER_TO_LONG(_to, _from) (_to) = (_from)
|
|
|
|
|
# define HYPER_TO_ULONG(_to, _from) (_to) = (_from)
|
|
|
|
|
#endif
|
|
|
|
|
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
struct daemonClientEventCallback {
|
|
|
|
|
virNetServerClientPtr client;
|
|
|
|
|
int eventID;
|
|
|
|
|
int callbackID;
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
bool legacy;
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
};
|
|
|
|
|
|
2011-04-12 16:34:30 +00:00
|
|
|
static virDomainPtr get_nonnull_domain(virConnectPtr conn, remote_nonnull_domain domain);
|
|
|
|
|
static virNetworkPtr get_nonnull_network(virConnectPtr conn, remote_nonnull_network network);
|
|
|
|
|
static virInterfacePtr get_nonnull_interface(virConnectPtr conn, remote_nonnull_interface iface);
|
|
|
|
|
static virStoragePoolPtr get_nonnull_storage_pool(virConnectPtr conn, remote_nonnull_storage_pool pool);
|
|
|
|
|
static virStorageVolPtr get_nonnull_storage_vol(virConnectPtr conn, remote_nonnull_storage_vol vol);
|
|
|
|
|
static virSecretPtr get_nonnull_secret(virConnectPtr conn, remote_nonnull_secret secret);
|
|
|
|
|
static virNWFilterPtr get_nonnull_nwfilter(virConnectPtr conn, remote_nonnull_nwfilter nwfilter);
|
2011-04-13 18:10:03 +00:00
|
|
|
static virDomainSnapshotPtr get_nonnull_domain_snapshot(virDomainPtr dom, remote_nonnull_domain_snapshot snapshot);
|
2011-04-12 16:34:30 +00:00
|
|
|
static void make_nonnull_domain(remote_nonnull_domain *dom_dst, virDomainPtr dom_src);
|
|
|
|
|
static void make_nonnull_network(remote_nonnull_network *net_dst, virNetworkPtr net_src);
|
|
|
|
|
static void make_nonnull_interface(remote_nonnull_interface *interface_dst, virInterfacePtr interface_src);
|
|
|
|
|
static void make_nonnull_storage_pool(remote_nonnull_storage_pool *pool_dst, virStoragePoolPtr pool_src);
|
|
|
|
|
static void make_nonnull_storage_vol(remote_nonnull_storage_vol *vol_dst, virStorageVolPtr vol_src);
|
|
|
|
|
static void make_nonnull_node_device(remote_nonnull_node_device *dev_dst, virNodeDevicePtr dev_src);
|
|
|
|
|
static void make_nonnull_secret(remote_nonnull_secret *secret_dst, virSecretPtr secret_src);
|
|
|
|
|
static void make_nonnull_nwfilter(remote_nonnull_nwfilter *net_dst, virNWFilterPtr nwfilter_src);
|
|
|
|
|
static void make_nonnull_domain_snapshot(remote_nonnull_domain_snapshot *snapshot_dst, virDomainSnapshotPtr snapshot_src);
|
2007-06-11 11:47:01 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
static virTypedParameterPtr
|
|
|
|
|
remoteDeserializeTypedParameters(remote_typed_param *args_params_val,
|
|
|
|
|
u_int args_params_len,
|
|
|
|
|
int limit,
|
|
|
|
|
int *nparams);
|
2008-12-04 22:03:24 +00:00
|
|
|
|
2012-01-31 06:42:31 +00:00
|
|
|
static int
|
|
|
|
|
remoteSerializeDomainDiskErrors(virDomainDiskErrorPtr errors,
|
|
|
|
|
int nerrors,
|
|
|
|
|
remote_domain_disk_error **ret_errors_val,
|
|
|
|
|
u_int *ret_errors_len);
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
#include "remote_dispatch.h"
|
|
|
|
|
#include "qemu_dispatch.h"
|
2012-12-21 14:20:04 +00:00
|
|
|
#include "lxc_dispatch.h"
|
2010-04-17 02:09:25 +00:00
|
|
|
|
|
|
|
|
|
2008-10-23 13:18:18 +00:00
|
|
|
/* Prototypes */
|
|
|
|
|
static void
|
2013-11-28 15:06:40 +00:00
|
|
|
remoteDispatchObjectEventSend(virNetServerClientPtr client,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetServerProgramPtr program,
|
2011-04-12 16:34:30 +00:00
|
|
|
int procnr,
|
|
|
|
|
xdrproc_t proc,
|
|
|
|
|
void *data);
|
2007-12-05 15:24:15 +00:00
|
|
|
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
static void
|
|
|
|
|
remoteEventCallbackFree(void *opaque)
|
|
|
|
|
{
|
|
|
|
|
VIR_FREE(opaque);
|
|
|
|
|
}
|
|
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
|
|
|
|
|
static bool
|
|
|
|
|
remoteRelayDomainEventCheckACL(virNetServerClientPtr client,
|
|
|
|
|
virConnectPtr conn, virDomainPtr dom)
|
|
|
|
|
{
|
|
|
|
|
virDomainDef def;
|
|
|
|
|
virIdentityPtr identity = NULL;
|
|
|
|
|
bool ret = false;
|
|
|
|
|
|
|
|
|
|
/* For now, we just create a virDomainDef with enough contents to
|
|
|
|
|
* satisfy what viraccessdriverpolkit.c references. This is a bit
|
|
|
|
|
* fragile, but I don't know of anything better. */
|
|
|
|
|
def.name = dom->name;
|
|
|
|
|
memcpy(def.uuid, dom->uuid, VIR_UUID_BUFLEN);
|
|
|
|
|
|
|
|
|
|
if (!(identity = virNetServerClientGetIdentity(client)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
if (virIdentitySetCurrent(identity) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
ret = virConnectDomainEventRegisterAnyCheckACL(conn, &def);
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
ignore_value(virIdentitySetCurrent(NULL));
|
|
|
|
|
virObjectUnref(identity);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static bool
|
|
|
|
|
remoteRelayNetworkEventCheckACL(virNetServerClientPtr client,
|
|
|
|
|
virConnectPtr conn, virNetworkPtr net)
|
|
|
|
|
{
|
|
|
|
|
virNetworkDef def;
|
|
|
|
|
virIdentityPtr identity = NULL;
|
|
|
|
|
bool ret = false;
|
|
|
|
|
|
|
|
|
|
/* For now, we just create a virNetworkDef with enough contents to
|
|
|
|
|
* satisfy what viraccessdriverpolkit.c references. This is a bit
|
|
|
|
|
* fragile, but I don't know of anything better. */
|
|
|
|
|
def.name = net->name;
|
|
|
|
|
memcpy(def.uuid, net->uuid, VIR_UUID_BUFLEN);
|
|
|
|
|
|
|
|
|
|
if (!(identity = virNetServerClientGetIdentity(client)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
if (virIdentitySetCurrent(identity) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
ret = virConnectNetworkEventRegisterAnyCheckACL(conn, &def);
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
ignore_value(virIdentitySetCurrent(NULL));
|
|
|
|
|
virObjectUnref(identity);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2014-01-29 22:30:44 +00:00
|
|
|
static bool
|
|
|
|
|
remoteRelayDomainQemuMonitorEventCheckACL(virNetServerClientPtr client,
|
|
|
|
|
virConnectPtr conn, virDomainPtr dom)
|
|
|
|
|
{
|
|
|
|
|
virDomainDef def;
|
|
|
|
|
virIdentityPtr identity = NULL;
|
|
|
|
|
bool ret = false;
|
|
|
|
|
|
|
|
|
|
/* For now, we just create a virDomainDef with enough contents to
|
|
|
|
|
* satisfy what viraccessdriverpolkit.c references. This is a bit
|
|
|
|
|
* fragile, but I don't know of anything better. */
|
|
|
|
|
def.name = dom->name;
|
|
|
|
|
memcpy(def.uuid, dom->uuid, VIR_UUID_BUFLEN);
|
|
|
|
|
|
|
|
|
|
if (!(identity = virNetServerClientGetIdentity(client)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
if (virIdentitySetCurrent(identity) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
ret = virConnectDomainQemuMonitorEventRegisterCheckACL(conn, &def);
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2014-01-29 22:30:44 +00:00
|
|
|
ignore_value(virIdentitySetCurrent(NULL));
|
|
|
|
|
virObjectUnref(identity);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
static int
|
|
|
|
|
remoteRelayDomainEventLifecycle(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
|
|
|
|
int event,
|
|
|
|
|
int detail,
|
|
|
|
|
void *opaque)
|
2008-10-23 13:18:18 +00:00
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
2010-03-19 14:28:23 +00:00
|
|
|
remote_domain_event_lifecycle_msg data;
|
2008-10-23 13:18:18 +00:00
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
return -1;
|
|
|
|
|
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
VIR_DEBUG("Relaying domain lifecycle event %d %d, callback %d legacy %d",
|
|
|
|
|
event, detail, callback->callbackID, callback->legacy);
|
2009-07-10 11:48:50 +00:00
|
|
|
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
/* build return data */
|
2012-03-29 09:52:04 +00:00
|
|
|
memset(&data, 0, sizeof(data));
|
2011-04-12 16:34:30 +00:00
|
|
|
make_nonnull_domain(&data.dom, dom);
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
data.event = event;
|
|
|
|
|
data.detail = detail;
|
2009-01-20 19:25:15 +00:00
|
|
|
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_LIFECYCLE,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_lifecycle_msg,
|
|
|
|
|
&data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_lifecycle_msg msg = { callback->callbackID,
|
|
|
|
|
data };
|
|
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_lifecycle_msg,
|
|
|
|
|
&msg);
|
|
|
|
|
}
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
|
2008-10-23 13:18:18 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
2007-12-05 15:24:15 +00:00
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
static int
|
|
|
|
|
remoteRelayDomainEventReboot(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
|
|
|
|
void *opaque)
|
2010-03-18 15:25:38 +00:00
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
2010-03-18 15:25:38 +00:00
|
|
|
remote_domain_event_reboot_msg data;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
2010-03-18 15:25:38 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
VIR_DEBUG("Relaying domain reboot event %s %d, callback %d legacy %d",
|
|
|
|
|
dom->name, dom->id, callback->callbackID, callback->legacy);
|
2010-03-18 15:25:38 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
2012-03-29 09:52:04 +00:00
|
|
|
memset(&data, 0, sizeof(data));
|
2011-04-12 16:34:30 +00:00
|
|
|
make_nonnull_domain(&data.dom, dom);
|
2010-03-18 15:25:38 +00:00
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_REBOOT,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_reboot_msg, &data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_reboot_msg msg = { callback->callbackID,
|
|
|
|
|
data };
|
|
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_REBOOT,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_reboot_msg, &msg);
|
|
|
|
|
}
|
2010-03-18 15:25:38 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2007-12-05 15:24:15 +00:00
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
static int
|
|
|
|
|
remoteRelayDomainEventRTCChange(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
|
|
|
|
long long offset,
|
|
|
|
|
void *opaque)
|
2010-03-18 18:28:15 +00:00
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
2010-03-18 18:28:15 +00:00
|
|
|
remote_domain_event_rtc_change_msg data;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
2010-03-18 18:28:15 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
VIR_DEBUG("Relaying domain rtc change event %s %d %lld, callback %d legacy %d",
|
|
|
|
|
dom->name, dom->id, offset,
|
|
|
|
|
callback->callbackID, callback->legacy);
|
2010-03-18 18:28:15 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
2012-03-29 09:52:04 +00:00
|
|
|
memset(&data, 0, sizeof(data));
|
2011-04-12 16:34:30 +00:00
|
|
|
make_nonnull_domain(&data.dom, dom);
|
2010-03-18 18:28:15 +00:00
|
|
|
data.offset = offset;
|
|
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_RTC_CHANGE,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_rtc_change_msg, &data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_rtc_change_msg msg = { callback->callbackID,
|
|
|
|
|
data };
|
|
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_RTC_CHANGE,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_rtc_change_msg, &msg);
|
|
|
|
|
}
|
2010-03-18 18:28:15 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
static int
|
|
|
|
|
remoteRelayDomainEventWatchdog(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
|
|
|
|
int action,
|
|
|
|
|
void *opaque)
|
Add support for an explicit watchdog event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_WATCHDOG
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_WATCHDOG_NONE = 0,
VIR_DOMAIN_EVENT_WATCHDOG_PAUSE,
VIR_DOMAIN_EVENT_WATCHDOG_RESET,
VIR_DOMAIN_EVENT_WATCHDOG_POWEROFF,
VIR_DOMAIN_EVENT_WATCHDOG_SHUTDOWN,
VIR_DOMAIN_EVENT_WATCHDOG_DEBUG,
} virDomainEventWatchdogAction;
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventWatchdogCallback)(virConnectPtr conn,
virDomainPtr dom,
int action,
void *opaque);
* daemon/remote.c: Dispatch watchdog events to client
* examples/domain-events/events-c/event-test.c: Watch for
watchdog events
* include/libvirt/libvirt.h.in: Define new watchdg event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle watchdog events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for watchdogs and emit a libvirt watchdog event
* src/remote/remote_driver.c: Receive and dispatch watchdog
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
watchdog events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for WATCHDOG event
from QEMU monitor
2010-03-18 19:07:48 +00:00
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
Add support for an explicit watchdog event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_WATCHDOG
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_WATCHDOG_NONE = 0,
VIR_DOMAIN_EVENT_WATCHDOG_PAUSE,
VIR_DOMAIN_EVENT_WATCHDOG_RESET,
VIR_DOMAIN_EVENT_WATCHDOG_POWEROFF,
VIR_DOMAIN_EVENT_WATCHDOG_SHUTDOWN,
VIR_DOMAIN_EVENT_WATCHDOG_DEBUG,
} virDomainEventWatchdogAction;
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventWatchdogCallback)(virConnectPtr conn,
virDomainPtr dom,
int action,
void *opaque);
* daemon/remote.c: Dispatch watchdog events to client
* examples/domain-events/events-c/event-test.c: Watch for
watchdog events
* include/libvirt/libvirt.h.in: Define new watchdg event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle watchdog events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for watchdogs and emit a libvirt watchdog event
* src/remote/remote_driver.c: Receive and dispatch watchdog
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
watchdog events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for WATCHDOG event
from QEMU monitor
2010-03-18 19:07:48 +00:00
|
|
|
remote_domain_event_watchdog_msg data;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
Add support for an explicit watchdog event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_WATCHDOG
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_WATCHDOG_NONE = 0,
VIR_DOMAIN_EVENT_WATCHDOG_PAUSE,
VIR_DOMAIN_EVENT_WATCHDOG_RESET,
VIR_DOMAIN_EVENT_WATCHDOG_POWEROFF,
VIR_DOMAIN_EVENT_WATCHDOG_SHUTDOWN,
VIR_DOMAIN_EVENT_WATCHDOG_DEBUG,
} virDomainEventWatchdogAction;
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventWatchdogCallback)(virConnectPtr conn,
virDomainPtr dom,
int action,
void *opaque);
* daemon/remote.c: Dispatch watchdog events to client
* examples/domain-events/events-c/event-test.c: Watch for
watchdog events
* include/libvirt/libvirt.h.in: Define new watchdg event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle watchdog events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for watchdogs and emit a libvirt watchdog event
* src/remote/remote_driver.c: Receive and dispatch watchdog
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
watchdog events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for WATCHDOG event
from QEMU monitor
2010-03-18 19:07:48 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DEBUG("Relaying domain watchdog event %s %d %d, callback %d",
|
|
|
|
|
dom->name, dom->id, action, callback->callbackID);
|
Add support for an explicit watchdog event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_WATCHDOG
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_WATCHDOG_NONE = 0,
VIR_DOMAIN_EVENT_WATCHDOG_PAUSE,
VIR_DOMAIN_EVENT_WATCHDOG_RESET,
VIR_DOMAIN_EVENT_WATCHDOG_POWEROFF,
VIR_DOMAIN_EVENT_WATCHDOG_SHUTDOWN,
VIR_DOMAIN_EVENT_WATCHDOG_DEBUG,
} virDomainEventWatchdogAction;
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventWatchdogCallback)(virConnectPtr conn,
virDomainPtr dom,
int action,
void *opaque);
* daemon/remote.c: Dispatch watchdog events to client
* examples/domain-events/events-c/event-test.c: Watch for
watchdog events
* include/libvirt/libvirt.h.in: Define new watchdg event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle watchdog events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for watchdogs and emit a libvirt watchdog event
* src/remote/remote_driver.c: Receive and dispatch watchdog
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
watchdog events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for WATCHDOG event
from QEMU monitor
2010-03-18 19:07:48 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
2012-03-29 09:52:04 +00:00
|
|
|
memset(&data, 0, sizeof(data));
|
2011-04-12 16:34:30 +00:00
|
|
|
make_nonnull_domain(&data.dom, dom);
|
Add support for an explicit watchdog event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_WATCHDOG
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_WATCHDOG_NONE = 0,
VIR_DOMAIN_EVENT_WATCHDOG_PAUSE,
VIR_DOMAIN_EVENT_WATCHDOG_RESET,
VIR_DOMAIN_EVENT_WATCHDOG_POWEROFF,
VIR_DOMAIN_EVENT_WATCHDOG_SHUTDOWN,
VIR_DOMAIN_EVENT_WATCHDOG_DEBUG,
} virDomainEventWatchdogAction;
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventWatchdogCallback)(virConnectPtr conn,
virDomainPtr dom,
int action,
void *opaque);
* daemon/remote.c: Dispatch watchdog events to client
* examples/domain-events/events-c/event-test.c: Watch for
watchdog events
* include/libvirt/libvirt.h.in: Define new watchdg event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle watchdog events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for watchdogs and emit a libvirt watchdog event
* src/remote/remote_driver.c: Receive and dispatch watchdog
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
watchdog events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for WATCHDOG event
from QEMU monitor
2010-03-18 19:07:48 +00:00
|
|
|
data.action = action;
|
|
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_WATCHDOG,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_watchdog_msg, &data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_watchdog_msg msg = { callback->callbackID,
|
|
|
|
|
data };
|
|
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_WATCHDOG,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_watchdog_msg, &msg);
|
|
|
|
|
}
|
Add support for an explicit watchdog event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_WATCHDOG
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_WATCHDOG_NONE = 0,
VIR_DOMAIN_EVENT_WATCHDOG_PAUSE,
VIR_DOMAIN_EVENT_WATCHDOG_RESET,
VIR_DOMAIN_EVENT_WATCHDOG_POWEROFF,
VIR_DOMAIN_EVENT_WATCHDOG_SHUTDOWN,
VIR_DOMAIN_EVENT_WATCHDOG_DEBUG,
} virDomainEventWatchdogAction;
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventWatchdogCallback)(virConnectPtr conn,
virDomainPtr dom,
int action,
void *opaque);
* daemon/remote.c: Dispatch watchdog events to client
* examples/domain-events/events-c/event-test.c: Watch for
watchdog events
* include/libvirt/libvirt.h.in: Define new watchdg event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle watchdog events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for watchdogs and emit a libvirt watchdog event
* src/remote/remote_driver.c: Receive and dispatch watchdog
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
watchdog events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for WATCHDOG event
from QEMU monitor
2010-03-18 19:07:48 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
static int
|
|
|
|
|
remoteRelayDomainEventIOError(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
|
|
|
|
const char *srcPath,
|
|
|
|
|
const char *devAlias,
|
|
|
|
|
int action,
|
|
|
|
|
void *opaque)
|
Add support for an explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_IO_ERROR_NONE = 0,
VIR_DOMAIN_EVENT_IO_ERROR_PAUSE,
VIR_DOMAIN_EVENT_IO_ERROR_REPORT,
} virDomainEventIOErrorAction;
In addition it has the source path of the disk that had the
error and its unique device alias. It does not include the
target device name (/dev/sda), since this would preclude
triggering IO errors from other file backed devices (eg
serial ports connected to a file)
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
Add support for an explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_IO_ERROR_NONE = 0,
VIR_DOMAIN_EVENT_IO_ERROR_PAUSE,
VIR_DOMAIN_EVENT_IO_ERROR_REPORT,
} virDomainEventIOErrorAction;
In addition it has the source path of the disk that had the
error and its unique device alias. It does not include the
target device name (/dev/sda), since this would preclude
triggering IO errors from other file backed devices (eg
serial ports connected to a file)
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
remote_domain_event_io_error_msg data;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
Add support for an explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_IO_ERROR_NONE = 0,
VIR_DOMAIN_EVENT_IO_ERROR_PAUSE,
VIR_DOMAIN_EVENT_IO_ERROR_REPORT,
} virDomainEventIOErrorAction;
In addition it has the source path of the disk that had the
error and its unique device alias. It does not include the
target device name (/dev/sda), since this would preclude
triggering IO errors from other file backed devices (eg
serial ports connected to a file)
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DEBUG("Relaying domain io error %s %d %s %s %d, callback %d",
|
|
|
|
|
dom->name, dom->id, srcPath, devAlias, action,
|
|
|
|
|
callback->callbackID);
|
Add support for an explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_IO_ERROR_NONE = 0,
VIR_DOMAIN_EVENT_IO_ERROR_PAUSE,
VIR_DOMAIN_EVENT_IO_ERROR_REPORT,
} virDomainEventIOErrorAction;
In addition it has the source path of the disk that had the
error and its unique device alias. It does not include the
target device name (/dev/sda), since this would preclude
triggering IO errors from other file backed devices (eg
serial ports connected to a file)
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
2012-03-29 09:52:04 +00:00
|
|
|
memset(&data, 0, sizeof(data));
|
2013-05-03 12:39:39 +00:00
|
|
|
if (VIR_STRDUP(data.srcPath, srcPath) < 0 ||
|
|
|
|
|
VIR_STRDUP(data.devAlias, devAlias) < 0)
|
|
|
|
|
goto error;
|
2011-04-12 16:34:30 +00:00
|
|
|
make_nonnull_domain(&data.dom, dom);
|
Add support for an explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_IO_ERROR_NONE = 0,
VIR_DOMAIN_EVENT_IO_ERROR_PAUSE,
VIR_DOMAIN_EVENT_IO_ERROR_REPORT,
} virDomainEventIOErrorAction;
In addition it has the source path of the disk that had the
error and its unique device alias. It does not include the
target device name (/dev/sda), since this would preclude
triggering IO errors from other file backed devices (eg
serial ports connected to a file)
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
data.action = action;
|
|
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_IO_ERROR,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_io_error_msg, &data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_io_error_msg msg = { callback->callbackID,
|
|
|
|
|
data };
|
|
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_IO_ERROR,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_io_error_msg, &msg);
|
|
|
|
|
}
|
Add support for an explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_IO_ERROR_NONE = 0,
VIR_DOMAIN_EVENT_IO_ERROR_PAUSE,
VIR_DOMAIN_EVENT_IO_ERROR_REPORT,
} virDomainEventIOErrorAction;
In addition it has the source path of the disk that had the
error and its unique device alias. It does not include the
target device name (/dev/sda), since this would preclude
triggering IO errors from other file backed devices (eg
serial ports connected to a file)
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
|
|
|
|
|
return 0;
|
2014-03-25 06:45:38 +00:00
|
|
|
error:
|
2011-09-20 18:11:32 +00:00
|
|
|
VIR_FREE(data.srcPath);
|
|
|
|
|
VIR_FREE(data.devAlias);
|
2011-09-20 03:51:50 +00:00
|
|
|
return -1;
|
Add support for an explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_IO_ERROR_NONE = 0,
VIR_DOMAIN_EVENT_IO_ERROR_PAUSE,
VIR_DOMAIN_EVENT_IO_ERROR_REPORT,
} virDomainEventIOErrorAction;
In addition it has the source path of the disk that had the
error and its unique device alias. It does not include the
target device name (/dev/sda), since this would preclude
triggering IO errors from other file backed devices (eg
serial ports connected to a file)
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
static int
|
|
|
|
|
remoteRelayDomainEventIOErrorReason(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
|
|
|
|
const char *srcPath,
|
|
|
|
|
const char *devAlias,
|
|
|
|
|
int action,
|
|
|
|
|
const char *reason,
|
|
|
|
|
void *opaque)
|
Add support for another explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR_REASON
This event is the same as the previous VIR_DOMAIN_ID_IO_ERROR
event, but also includes a string describing the cause of
the event.
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorReasonCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
const char *reason,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
Add support for another explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR_REASON
This event is the same as the previous VIR_DOMAIN_ID_IO_ERROR
event, but also includes a string describing the cause of
the event.
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorReasonCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
const char *reason,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
remote_domain_event_io_error_reason_msg data;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
Add support for another explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR_REASON
This event is the same as the previous VIR_DOMAIN_ID_IO_ERROR
event, but also includes a string describing the cause of
the event.
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorReasonCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
const char *reason,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DEBUG("Relaying domain io error %s %d %s %s %d %s, callback %d",
|
|
|
|
|
dom->name, dom->id, srcPath, devAlias, action, reason,
|
|
|
|
|
callback->callbackID);
|
Add support for another explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR_REASON
This event is the same as the previous VIR_DOMAIN_ID_IO_ERROR
event, but also includes a string describing the cause of
the event.
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorReasonCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
const char *reason,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
2012-03-29 09:52:04 +00:00
|
|
|
memset(&data, 0, sizeof(data));
|
2013-05-03 12:39:39 +00:00
|
|
|
if (VIR_STRDUP(data.srcPath, srcPath) < 0 ||
|
|
|
|
|
VIR_STRDUP(data.devAlias, devAlias) < 0 ||
|
|
|
|
|
VIR_STRDUP(data.reason, reason) < 0)
|
|
|
|
|
goto error;
|
Add support for another explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR_REASON
This event is the same as the previous VIR_DOMAIN_ID_IO_ERROR
event, but also includes a string describing the cause of
the event.
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorReasonCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
const char *reason,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
data.action = action;
|
2011-09-20 03:51:50 +00:00
|
|
|
|
|
|
|
|
make_nonnull_domain(&data.dom, dom);
|
Add support for another explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR_REASON
This event is the same as the previous VIR_DOMAIN_ID_IO_ERROR
event, but also includes a string describing the cause of
the event.
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorReasonCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
const char *reason,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_IO_ERROR_REASON,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_io_error_reason_msg, &data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_io_error_reason_msg msg = { callback->callbackID,
|
|
|
|
|
data };
|
|
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_IO_ERROR_REASON,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_io_error_reason_msg, &msg);
|
|
|
|
|
}
|
Add support for another explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR_REASON
This event is the same as the previous VIR_DOMAIN_ID_IO_ERROR
event, but also includes a string describing the cause of
the event.
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorReasonCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
const char *reason,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
|
|
|
|
|
return 0;
|
2011-09-20 03:51:50 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
error:
|
2011-09-20 18:11:32 +00:00
|
|
|
VIR_FREE(data.srcPath);
|
|
|
|
|
VIR_FREE(data.devAlias);
|
|
|
|
|
VIR_FREE(data.reason);
|
2011-09-20 03:51:50 +00:00
|
|
|
return -1;
|
Add support for another explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR_REASON
This event is the same as the previous VIR_DOMAIN_ID_IO_ERROR
event, but also includes a string describing the cause of
the event.
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorReasonCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
const char *reason,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
static int
|
|
|
|
|
remoteRelayDomainEventGraphics(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
|
|
|
|
int phase,
|
|
|
|
|
virDomainEventGraphicsAddressPtr local,
|
|
|
|
|
virDomainEventGraphicsAddressPtr remote,
|
|
|
|
|
const char *authScheme,
|
|
|
|
|
virDomainEventGraphicsSubjectPtr subject,
|
|
|
|
|
void *opaque)
|
Add domain events for graphics network clients
This introduces a new event type
VIR_DOMAIN_EVENT_ID_GRAPHICS
The same event can be emitted in 3 scenarios
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0,
VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE,
VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT,
} virDomainEventGraphicsPhase;
Connect/disconnect are triggered at socket accept/close.
The initialize phase is immediately after the protocol
setup and authentication has completed. ie when the
client is authorized and about to start interacting with
the graphical desktop
This event comes with *a lot* of potential information
- IP address, port & address family of client
- IP address, port & address family of server
- Authentication scheme (arbitrary string)
- Authenticated subject identity. A subject may have
multiple identities with some authentication schemes.
For example, vencrypt+sasl results in a x509dname
and saslUsername identities.
This results in a very complicated callback :-(
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4,
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6,
} virDomainEventGraphicsAddressType;
struct _virDomainEventGraphicsAddress {
int family;
const char *node;
const char *service;
};
typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress;
typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr;
struct _virDomainEventGraphicsSubject {
int nidentity;
struct {
const char *type;
const char *name;
} *identities;
};
typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject;
typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr;
typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn,
virDomainPtr dom,
int phase,
virDomainEventGraphicsAddressPtr local,
virDomainEventGraphicsAddressPtr remote,
const char *authScheme,
virDomainEventGraphicsSubjectPtr subject,
void *opaque);
The wire protocol is similarly complex
struct remote_domain_event_graphics_address {
int family;
remote_nonnull_string node;
remote_nonnull_string service;
};
const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20;
struct remote_domain_event_graphics_identity {
remote_nonnull_string type;
remote_nonnull_string name;
};
struct remote_domain_event_graphics_msg {
remote_nonnull_domain dom;
int phase;
remote_domain_event_graphics_address local;
remote_domain_event_graphics_address remote;
remote_nonnull_string authScheme;
remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>;
};
This is currently implemented in QEMU for the VNC graphics
protocol, but designed to be usable with SPICE graphics in
the future too.
* daemon/remote.c: Dispatch graphics events to client
* examples/domain-events/events-c/event-test.c: Watch for
graphics events
* include/libvirt/libvirt.h.in: Define new graphics event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle graphics events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for VNC events and emit a libvirt graphics event
* src/remote/remote_driver.c: Receive and dispatch graphics
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
graphics events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED,
VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
2010-03-19 13:27:45 +00:00
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
Add domain events for graphics network clients
This introduces a new event type
VIR_DOMAIN_EVENT_ID_GRAPHICS
The same event can be emitted in 3 scenarios
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0,
VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE,
VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT,
} virDomainEventGraphicsPhase;
Connect/disconnect are triggered at socket accept/close.
The initialize phase is immediately after the protocol
setup and authentication has completed. ie when the
client is authorized and about to start interacting with
the graphical desktop
This event comes with *a lot* of potential information
- IP address, port & address family of client
- IP address, port & address family of server
- Authentication scheme (arbitrary string)
- Authenticated subject identity. A subject may have
multiple identities with some authentication schemes.
For example, vencrypt+sasl results in a x509dname
and saslUsername identities.
This results in a very complicated callback :-(
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4,
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6,
} virDomainEventGraphicsAddressType;
struct _virDomainEventGraphicsAddress {
int family;
const char *node;
const char *service;
};
typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress;
typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr;
struct _virDomainEventGraphicsSubject {
int nidentity;
struct {
const char *type;
const char *name;
} *identities;
};
typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject;
typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr;
typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn,
virDomainPtr dom,
int phase,
virDomainEventGraphicsAddressPtr local,
virDomainEventGraphicsAddressPtr remote,
const char *authScheme,
virDomainEventGraphicsSubjectPtr subject,
void *opaque);
The wire protocol is similarly complex
struct remote_domain_event_graphics_address {
int family;
remote_nonnull_string node;
remote_nonnull_string service;
};
const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20;
struct remote_domain_event_graphics_identity {
remote_nonnull_string type;
remote_nonnull_string name;
};
struct remote_domain_event_graphics_msg {
remote_nonnull_domain dom;
int phase;
remote_domain_event_graphics_address local;
remote_domain_event_graphics_address remote;
remote_nonnull_string authScheme;
remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>;
};
This is currently implemented in QEMU for the VNC graphics
protocol, but designed to be usable with SPICE graphics in
the future too.
* daemon/remote.c: Dispatch graphics events to client
* examples/domain-events/events-c/event-test.c: Watch for
graphics events
* include/libvirt/libvirt.h.in: Define new graphics event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle graphics events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for VNC events and emit a libvirt graphics event
* src/remote/remote_driver.c: Receive and dispatch graphics
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
graphics events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED,
VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
2010-03-19 13:27:45 +00:00
|
|
|
remote_domain_event_graphics_msg data;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
Add domain events for graphics network clients
This introduces a new event type
VIR_DOMAIN_EVENT_ID_GRAPHICS
The same event can be emitted in 3 scenarios
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0,
VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE,
VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT,
} virDomainEventGraphicsPhase;
Connect/disconnect are triggered at socket accept/close.
The initialize phase is immediately after the protocol
setup and authentication has completed. ie when the
client is authorized and about to start interacting with
the graphical desktop
This event comes with *a lot* of potential information
- IP address, port & address family of client
- IP address, port & address family of server
- Authentication scheme (arbitrary string)
- Authenticated subject identity. A subject may have
multiple identities with some authentication schemes.
For example, vencrypt+sasl results in a x509dname
and saslUsername identities.
This results in a very complicated callback :-(
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4,
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6,
} virDomainEventGraphicsAddressType;
struct _virDomainEventGraphicsAddress {
int family;
const char *node;
const char *service;
};
typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress;
typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr;
struct _virDomainEventGraphicsSubject {
int nidentity;
struct {
const char *type;
const char *name;
} *identities;
};
typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject;
typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr;
typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn,
virDomainPtr dom,
int phase,
virDomainEventGraphicsAddressPtr local,
virDomainEventGraphicsAddressPtr remote,
const char *authScheme,
virDomainEventGraphicsSubjectPtr subject,
void *opaque);
The wire protocol is similarly complex
struct remote_domain_event_graphics_address {
int family;
remote_nonnull_string node;
remote_nonnull_string service;
};
const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20;
struct remote_domain_event_graphics_identity {
remote_nonnull_string type;
remote_nonnull_string name;
};
struct remote_domain_event_graphics_msg {
remote_nonnull_domain dom;
int phase;
remote_domain_event_graphics_address local;
remote_domain_event_graphics_address remote;
remote_nonnull_string authScheme;
remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>;
};
This is currently implemented in QEMU for the VNC graphics
protocol, but designed to be usable with SPICE graphics in
the future too.
* daemon/remote.c: Dispatch graphics events to client
* examples/domain-events/events-c/event-test.c: Watch for
graphics events
* include/libvirt/libvirt.h.in: Define new graphics event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle graphics events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for VNC events and emit a libvirt graphics event
* src/remote/remote_driver.c: Receive and dispatch graphics
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
graphics events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED,
VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
2010-03-19 13:27:45 +00:00
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
Add domain events for graphics network clients
This introduces a new event type
VIR_DOMAIN_EVENT_ID_GRAPHICS
The same event can be emitted in 3 scenarios
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0,
VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE,
VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT,
} virDomainEventGraphicsPhase;
Connect/disconnect are triggered at socket accept/close.
The initialize phase is immediately after the protocol
setup and authentication has completed. ie when the
client is authorized and about to start interacting with
the graphical desktop
This event comes with *a lot* of potential information
- IP address, port & address family of client
- IP address, port & address family of server
- Authentication scheme (arbitrary string)
- Authenticated subject identity. A subject may have
multiple identities with some authentication schemes.
For example, vencrypt+sasl results in a x509dname
and saslUsername identities.
This results in a very complicated callback :-(
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4,
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6,
} virDomainEventGraphicsAddressType;
struct _virDomainEventGraphicsAddress {
int family;
const char *node;
const char *service;
};
typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress;
typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr;
struct _virDomainEventGraphicsSubject {
int nidentity;
struct {
const char *type;
const char *name;
} *identities;
};
typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject;
typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr;
typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn,
virDomainPtr dom,
int phase,
virDomainEventGraphicsAddressPtr local,
virDomainEventGraphicsAddressPtr remote,
const char *authScheme,
virDomainEventGraphicsSubjectPtr subject,
void *opaque);
The wire protocol is similarly complex
struct remote_domain_event_graphics_address {
int family;
remote_nonnull_string node;
remote_nonnull_string service;
};
const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20;
struct remote_domain_event_graphics_identity {
remote_nonnull_string type;
remote_nonnull_string name;
};
struct remote_domain_event_graphics_msg {
remote_nonnull_domain dom;
int phase;
remote_domain_event_graphics_address local;
remote_domain_event_graphics_address remote;
remote_nonnull_string authScheme;
remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>;
};
This is currently implemented in QEMU for the VNC graphics
protocol, but designed to be usable with SPICE graphics in
the future too.
* daemon/remote.c: Dispatch graphics events to client
* examples/domain-events/events-c/event-test.c: Watch for
graphics events
* include/libvirt/libvirt.h.in: Define new graphics event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle graphics events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for VNC events and emit a libvirt graphics event
* src/remote/remote_driver.c: Receive and dispatch graphics
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
graphics events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED,
VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
2010-03-19 13:27:45 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DEBUG("Relaying domain graphics event %s %d %d - %d %s %s - %d %s %s - %s, callback %d",
|
|
|
|
|
dom->name, dom->id, phase,
|
2011-04-13 15:10:01 +00:00
|
|
|
local->family, local->service, local->node,
|
|
|
|
|
remote->family, remote->service, remote->node,
|
2014-01-06 00:23:55 +00:00
|
|
|
authScheme, callback->callbackID);
|
Add domain events for graphics network clients
This introduces a new event type
VIR_DOMAIN_EVENT_ID_GRAPHICS
The same event can be emitted in 3 scenarios
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0,
VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE,
VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT,
} virDomainEventGraphicsPhase;
Connect/disconnect are triggered at socket accept/close.
The initialize phase is immediately after the protocol
setup and authentication has completed. ie when the
client is authorized and about to start interacting with
the graphical desktop
This event comes with *a lot* of potential information
- IP address, port & address family of client
- IP address, port & address family of server
- Authentication scheme (arbitrary string)
- Authenticated subject identity. A subject may have
multiple identities with some authentication schemes.
For example, vencrypt+sasl results in a x509dname
and saslUsername identities.
This results in a very complicated callback :-(
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4,
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6,
} virDomainEventGraphicsAddressType;
struct _virDomainEventGraphicsAddress {
int family;
const char *node;
const char *service;
};
typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress;
typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr;
struct _virDomainEventGraphicsSubject {
int nidentity;
struct {
const char *type;
const char *name;
} *identities;
};
typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject;
typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr;
typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn,
virDomainPtr dom,
int phase,
virDomainEventGraphicsAddressPtr local,
virDomainEventGraphicsAddressPtr remote,
const char *authScheme,
virDomainEventGraphicsSubjectPtr subject,
void *opaque);
The wire protocol is similarly complex
struct remote_domain_event_graphics_address {
int family;
remote_nonnull_string node;
remote_nonnull_string service;
};
const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20;
struct remote_domain_event_graphics_identity {
remote_nonnull_string type;
remote_nonnull_string name;
};
struct remote_domain_event_graphics_msg {
remote_nonnull_domain dom;
int phase;
remote_domain_event_graphics_address local;
remote_domain_event_graphics_address remote;
remote_nonnull_string authScheme;
remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>;
};
This is currently implemented in QEMU for the VNC graphics
protocol, but designed to be usable with SPICE graphics in
the future too.
* daemon/remote.c: Dispatch graphics events to client
* examples/domain-events/events-c/event-test.c: Watch for
graphics events
* include/libvirt/libvirt.h.in: Define new graphics event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle graphics events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for VNC events and emit a libvirt graphics event
* src/remote/remote_driver.c: Receive and dispatch graphics
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
graphics events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED,
VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
2010-03-19 13:27:45 +00:00
|
|
|
|
2011-04-13 15:10:01 +00:00
|
|
|
VIR_DEBUG("Subject %d", subject->nidentity);
|
2013-05-21 07:45:26 +00:00
|
|
|
for (i = 0; i < subject->nidentity; i++) {
|
2011-04-13 15:10:01 +00:00
|
|
|
VIR_DEBUG(" %s=%s", subject->identities[i].type, subject->identities[i].name);
|
Add domain events for graphics network clients
This introduces a new event type
VIR_DOMAIN_EVENT_ID_GRAPHICS
The same event can be emitted in 3 scenarios
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0,
VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE,
VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT,
} virDomainEventGraphicsPhase;
Connect/disconnect are triggered at socket accept/close.
The initialize phase is immediately after the protocol
setup and authentication has completed. ie when the
client is authorized and about to start interacting with
the graphical desktop
This event comes with *a lot* of potential information
- IP address, port & address family of client
- IP address, port & address family of server
- Authentication scheme (arbitrary string)
- Authenticated subject identity. A subject may have
multiple identities with some authentication schemes.
For example, vencrypt+sasl results in a x509dname
and saslUsername identities.
This results in a very complicated callback :-(
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4,
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6,
} virDomainEventGraphicsAddressType;
struct _virDomainEventGraphicsAddress {
int family;
const char *node;
const char *service;
};
typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress;
typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr;
struct _virDomainEventGraphicsSubject {
int nidentity;
struct {
const char *type;
const char *name;
} *identities;
};
typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject;
typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr;
typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn,
virDomainPtr dom,
int phase,
virDomainEventGraphicsAddressPtr local,
virDomainEventGraphicsAddressPtr remote,
const char *authScheme,
virDomainEventGraphicsSubjectPtr subject,
void *opaque);
The wire protocol is similarly complex
struct remote_domain_event_graphics_address {
int family;
remote_nonnull_string node;
remote_nonnull_string service;
};
const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20;
struct remote_domain_event_graphics_identity {
remote_nonnull_string type;
remote_nonnull_string name;
};
struct remote_domain_event_graphics_msg {
remote_nonnull_domain dom;
int phase;
remote_domain_event_graphics_address local;
remote_domain_event_graphics_address remote;
remote_nonnull_string authScheme;
remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>;
};
This is currently implemented in QEMU for the VNC graphics
protocol, but designed to be usable with SPICE graphics in
the future too.
* daemon/remote.c: Dispatch graphics events to client
* examples/domain-events/events-c/event-test.c: Watch for
graphics events
* include/libvirt/libvirt.h.in: Define new graphics event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle graphics events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for VNC events and emit a libvirt graphics event
* src/remote/remote_driver.c: Receive and dispatch graphics
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
graphics events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED,
VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
2010-03-19 13:27:45 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* build return data */
|
2012-03-29 09:52:04 +00:00
|
|
|
memset(&data, 0, sizeof(data));
|
Add domain events for graphics network clients
This introduces a new event type
VIR_DOMAIN_EVENT_ID_GRAPHICS
The same event can be emitted in 3 scenarios
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0,
VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE,
VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT,
} virDomainEventGraphicsPhase;
Connect/disconnect are triggered at socket accept/close.
The initialize phase is immediately after the protocol
setup and authentication has completed. ie when the
client is authorized and about to start interacting with
the graphical desktop
This event comes with *a lot* of potential information
- IP address, port & address family of client
- IP address, port & address family of server
- Authentication scheme (arbitrary string)
- Authenticated subject identity. A subject may have
multiple identities with some authentication schemes.
For example, vencrypt+sasl results in a x509dname
and saslUsername identities.
This results in a very complicated callback :-(
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4,
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6,
} virDomainEventGraphicsAddressType;
struct _virDomainEventGraphicsAddress {
int family;
const char *node;
const char *service;
};
typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress;
typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr;
struct _virDomainEventGraphicsSubject {
int nidentity;
struct {
const char *type;
const char *name;
} *identities;
};
typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject;
typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr;
typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn,
virDomainPtr dom,
int phase,
virDomainEventGraphicsAddressPtr local,
virDomainEventGraphicsAddressPtr remote,
const char *authScheme,
virDomainEventGraphicsSubjectPtr subject,
void *opaque);
The wire protocol is similarly complex
struct remote_domain_event_graphics_address {
int family;
remote_nonnull_string node;
remote_nonnull_string service;
};
const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20;
struct remote_domain_event_graphics_identity {
remote_nonnull_string type;
remote_nonnull_string name;
};
struct remote_domain_event_graphics_msg {
remote_nonnull_domain dom;
int phase;
remote_domain_event_graphics_address local;
remote_domain_event_graphics_address remote;
remote_nonnull_string authScheme;
remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>;
};
This is currently implemented in QEMU for the VNC graphics
protocol, but designed to be usable with SPICE graphics in
the future too.
* daemon/remote.c: Dispatch graphics events to client
* examples/domain-events/events-c/event-test.c: Watch for
graphics events
* include/libvirt/libvirt.h.in: Define new graphics event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle graphics events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for VNC events and emit a libvirt graphics event
* src/remote/remote_driver.c: Receive and dispatch graphics
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
graphics events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED,
VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
2010-03-19 13:27:45 +00:00
|
|
|
data.phase = phase;
|
|
|
|
|
data.local.family = local->family;
|
|
|
|
|
data.remote.family = remote->family;
|
2013-05-03 12:39:39 +00:00
|
|
|
if (VIR_STRDUP(data.authScheme, authScheme) < 0 ||
|
|
|
|
|
VIR_STRDUP(data.local.node, local->node) < 0 ||
|
|
|
|
|
VIR_STRDUP(data.local.service, local->service) < 0 ||
|
|
|
|
|
VIR_STRDUP(data.remote.node, remote->node) < 0 ||
|
|
|
|
|
VIR_STRDUP(data.remote.service, remote->service) < 0)
|
|
|
|
|
goto error;
|
Add domain events for graphics network clients
This introduces a new event type
VIR_DOMAIN_EVENT_ID_GRAPHICS
The same event can be emitted in 3 scenarios
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0,
VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE,
VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT,
} virDomainEventGraphicsPhase;
Connect/disconnect are triggered at socket accept/close.
The initialize phase is immediately after the protocol
setup and authentication has completed. ie when the
client is authorized and about to start interacting with
the graphical desktop
This event comes with *a lot* of potential information
- IP address, port & address family of client
- IP address, port & address family of server
- Authentication scheme (arbitrary string)
- Authenticated subject identity. A subject may have
multiple identities with some authentication schemes.
For example, vencrypt+sasl results in a x509dname
and saslUsername identities.
This results in a very complicated callback :-(
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4,
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6,
} virDomainEventGraphicsAddressType;
struct _virDomainEventGraphicsAddress {
int family;
const char *node;
const char *service;
};
typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress;
typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr;
struct _virDomainEventGraphicsSubject {
int nidentity;
struct {
const char *type;
const char *name;
} *identities;
};
typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject;
typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr;
typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn,
virDomainPtr dom,
int phase,
virDomainEventGraphicsAddressPtr local,
virDomainEventGraphicsAddressPtr remote,
const char *authScheme,
virDomainEventGraphicsSubjectPtr subject,
void *opaque);
The wire protocol is similarly complex
struct remote_domain_event_graphics_address {
int family;
remote_nonnull_string node;
remote_nonnull_string service;
};
const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20;
struct remote_domain_event_graphics_identity {
remote_nonnull_string type;
remote_nonnull_string name;
};
struct remote_domain_event_graphics_msg {
remote_nonnull_domain dom;
int phase;
remote_domain_event_graphics_address local;
remote_domain_event_graphics_address remote;
remote_nonnull_string authScheme;
remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>;
};
This is currently implemented in QEMU for the VNC graphics
protocol, but designed to be usable with SPICE graphics in
the future too.
* daemon/remote.c: Dispatch graphics events to client
* examples/domain-events/events-c/event-test.c: Watch for
graphics events
* include/libvirt/libvirt.h.in: Define new graphics event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle graphics events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for VNC events and emit a libvirt graphics event
* src/remote/remote_driver.c: Receive and dispatch graphics
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
graphics events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED,
VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
2010-03-19 13:27:45 +00:00
|
|
|
|
|
|
|
|
data.subject.subject_len = subject->nidentity;
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(data.subject.subject_val, data.subject.subject_len) < 0)
|
2013-05-03 12:39:39 +00:00
|
|
|
goto error;
|
2011-09-20 03:51:50 +00:00
|
|
|
|
2013-05-21 07:45:26 +00:00
|
|
|
for (i = 0; i < data.subject.subject_len; i++) {
|
2013-05-03 12:39:39 +00:00
|
|
|
if (VIR_STRDUP(data.subject.subject_val[i].type, subject->identities[i].type) < 0 ||
|
|
|
|
|
VIR_STRDUP(data.subject.subject_val[i].name, subject->identities[i].name) < 0)
|
|
|
|
|
goto error;
|
Add domain events for graphics network clients
This introduces a new event type
VIR_DOMAIN_EVENT_ID_GRAPHICS
The same event can be emitted in 3 scenarios
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0,
VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE,
VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT,
} virDomainEventGraphicsPhase;
Connect/disconnect are triggered at socket accept/close.
The initialize phase is immediately after the protocol
setup and authentication has completed. ie when the
client is authorized and about to start interacting with
the graphical desktop
This event comes with *a lot* of potential information
- IP address, port & address family of client
- IP address, port & address family of server
- Authentication scheme (arbitrary string)
- Authenticated subject identity. A subject may have
multiple identities with some authentication schemes.
For example, vencrypt+sasl results in a x509dname
and saslUsername identities.
This results in a very complicated callback :-(
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4,
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6,
} virDomainEventGraphicsAddressType;
struct _virDomainEventGraphicsAddress {
int family;
const char *node;
const char *service;
};
typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress;
typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr;
struct _virDomainEventGraphicsSubject {
int nidentity;
struct {
const char *type;
const char *name;
} *identities;
};
typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject;
typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr;
typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn,
virDomainPtr dom,
int phase,
virDomainEventGraphicsAddressPtr local,
virDomainEventGraphicsAddressPtr remote,
const char *authScheme,
virDomainEventGraphicsSubjectPtr subject,
void *opaque);
The wire protocol is similarly complex
struct remote_domain_event_graphics_address {
int family;
remote_nonnull_string node;
remote_nonnull_string service;
};
const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20;
struct remote_domain_event_graphics_identity {
remote_nonnull_string type;
remote_nonnull_string name;
};
struct remote_domain_event_graphics_msg {
remote_nonnull_domain dom;
int phase;
remote_domain_event_graphics_address local;
remote_domain_event_graphics_address remote;
remote_nonnull_string authScheme;
remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>;
};
This is currently implemented in QEMU for the VNC graphics
protocol, but designed to be usable with SPICE graphics in
the future too.
* daemon/remote.c: Dispatch graphics events to client
* examples/domain-events/events-c/event-test.c: Watch for
graphics events
* include/libvirt/libvirt.h.in: Define new graphics event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle graphics events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for VNC events and emit a libvirt graphics event
* src/remote/remote_driver.c: Receive and dispatch graphics
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
graphics events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED,
VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
2010-03-19 13:27:45 +00:00
|
|
|
}
|
2011-09-20 03:51:50 +00:00
|
|
|
make_nonnull_domain(&data.dom, dom);
|
Add domain events for graphics network clients
This introduces a new event type
VIR_DOMAIN_EVENT_ID_GRAPHICS
The same event can be emitted in 3 scenarios
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0,
VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE,
VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT,
} virDomainEventGraphicsPhase;
Connect/disconnect are triggered at socket accept/close.
The initialize phase is immediately after the protocol
setup and authentication has completed. ie when the
client is authorized and about to start interacting with
the graphical desktop
This event comes with *a lot* of potential information
- IP address, port & address family of client
- IP address, port & address family of server
- Authentication scheme (arbitrary string)
- Authenticated subject identity. A subject may have
multiple identities with some authentication schemes.
For example, vencrypt+sasl results in a x509dname
and saslUsername identities.
This results in a very complicated callback :-(
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4,
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6,
} virDomainEventGraphicsAddressType;
struct _virDomainEventGraphicsAddress {
int family;
const char *node;
const char *service;
};
typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress;
typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr;
struct _virDomainEventGraphicsSubject {
int nidentity;
struct {
const char *type;
const char *name;
} *identities;
};
typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject;
typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr;
typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn,
virDomainPtr dom,
int phase,
virDomainEventGraphicsAddressPtr local,
virDomainEventGraphicsAddressPtr remote,
const char *authScheme,
virDomainEventGraphicsSubjectPtr subject,
void *opaque);
The wire protocol is similarly complex
struct remote_domain_event_graphics_address {
int family;
remote_nonnull_string node;
remote_nonnull_string service;
};
const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20;
struct remote_domain_event_graphics_identity {
remote_nonnull_string type;
remote_nonnull_string name;
};
struct remote_domain_event_graphics_msg {
remote_nonnull_domain dom;
int phase;
remote_domain_event_graphics_address local;
remote_domain_event_graphics_address remote;
remote_nonnull_string authScheme;
remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>;
};
This is currently implemented in QEMU for the VNC graphics
protocol, but designed to be usable with SPICE graphics in
the future too.
* daemon/remote.c: Dispatch graphics events to client
* examples/domain-events/events-c/event-test.c: Watch for
graphics events
* include/libvirt/libvirt.h.in: Define new graphics event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle graphics events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for VNC events and emit a libvirt graphics event
* src/remote/remote_driver.c: Receive and dispatch graphics
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
graphics events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED,
VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
2010-03-19 13:27:45 +00:00
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_GRAPHICS,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_graphics_msg, &data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_graphics_msg msg = { callback->callbackID,
|
|
|
|
|
data };
|
|
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_GRAPHICS,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_graphics_msg, &msg);
|
|
|
|
|
}
|
Add domain events for graphics network clients
This introduces a new event type
VIR_DOMAIN_EVENT_ID_GRAPHICS
The same event can be emitted in 3 scenarios
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0,
VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE,
VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT,
} virDomainEventGraphicsPhase;
Connect/disconnect are triggered at socket accept/close.
The initialize phase is immediately after the protocol
setup and authentication has completed. ie when the
client is authorized and about to start interacting with
the graphical desktop
This event comes with *a lot* of potential information
- IP address, port & address family of client
- IP address, port & address family of server
- Authentication scheme (arbitrary string)
- Authenticated subject identity. A subject may have
multiple identities with some authentication schemes.
For example, vencrypt+sasl results in a x509dname
and saslUsername identities.
This results in a very complicated callback :-(
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4,
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6,
} virDomainEventGraphicsAddressType;
struct _virDomainEventGraphicsAddress {
int family;
const char *node;
const char *service;
};
typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress;
typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr;
struct _virDomainEventGraphicsSubject {
int nidentity;
struct {
const char *type;
const char *name;
} *identities;
};
typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject;
typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr;
typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn,
virDomainPtr dom,
int phase,
virDomainEventGraphicsAddressPtr local,
virDomainEventGraphicsAddressPtr remote,
const char *authScheme,
virDomainEventGraphicsSubjectPtr subject,
void *opaque);
The wire protocol is similarly complex
struct remote_domain_event_graphics_address {
int family;
remote_nonnull_string node;
remote_nonnull_string service;
};
const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20;
struct remote_domain_event_graphics_identity {
remote_nonnull_string type;
remote_nonnull_string name;
};
struct remote_domain_event_graphics_msg {
remote_nonnull_domain dom;
int phase;
remote_domain_event_graphics_address local;
remote_domain_event_graphics_address remote;
remote_nonnull_string authScheme;
remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>;
};
This is currently implemented in QEMU for the VNC graphics
protocol, but designed to be usable with SPICE graphics in
the future too.
* daemon/remote.c: Dispatch graphics events to client
* examples/domain-events/events-c/event-test.c: Watch for
graphics events
* include/libvirt/libvirt.h.in: Define new graphics event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle graphics events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for VNC events and emit a libvirt graphics event
* src/remote/remote_driver.c: Receive and dispatch graphics
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
graphics events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED,
VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
2010-03-19 13:27:45 +00:00
|
|
|
|
|
|
|
|
return 0;
|
2011-09-20 03:51:50 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
error:
|
2011-09-20 18:11:32 +00:00
|
|
|
VIR_FREE(data.authScheme);
|
|
|
|
|
VIR_FREE(data.local.node);
|
|
|
|
|
VIR_FREE(data.local.service);
|
|
|
|
|
VIR_FREE(data.remote.node);
|
|
|
|
|
VIR_FREE(data.remote.service);
|
2011-09-20 03:51:50 +00:00
|
|
|
if (data.subject.subject_val != NULL) {
|
2013-05-21 07:45:26 +00:00
|
|
|
for (i = 0; i < data.subject.subject_len; i++) {
|
2011-09-20 18:11:32 +00:00
|
|
|
VIR_FREE(data.subject.subject_val[i].type);
|
|
|
|
|
VIR_FREE(data.subject.subject_val[i].name);
|
2011-09-20 03:51:50 +00:00
|
|
|
}
|
2011-09-20 18:11:32 +00:00
|
|
|
VIR_FREE(data.subject.subject_val);
|
2011-09-20 03:51:50 +00:00
|
|
|
}
|
|
|
|
|
return -1;
|
Add domain events for graphics network clients
This introduces a new event type
VIR_DOMAIN_EVENT_ID_GRAPHICS
The same event can be emitted in 3 scenarios
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0,
VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE,
VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT,
} virDomainEventGraphicsPhase;
Connect/disconnect are triggered at socket accept/close.
The initialize phase is immediately after the protocol
setup and authentication has completed. ie when the
client is authorized and about to start interacting with
the graphical desktop
This event comes with *a lot* of potential information
- IP address, port & address family of client
- IP address, port & address family of server
- Authentication scheme (arbitrary string)
- Authenticated subject identity. A subject may have
multiple identities with some authentication schemes.
For example, vencrypt+sasl results in a x509dname
and saslUsername identities.
This results in a very complicated callback :-(
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4,
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6,
} virDomainEventGraphicsAddressType;
struct _virDomainEventGraphicsAddress {
int family;
const char *node;
const char *service;
};
typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress;
typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr;
struct _virDomainEventGraphicsSubject {
int nidentity;
struct {
const char *type;
const char *name;
} *identities;
};
typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject;
typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr;
typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn,
virDomainPtr dom,
int phase,
virDomainEventGraphicsAddressPtr local,
virDomainEventGraphicsAddressPtr remote,
const char *authScheme,
virDomainEventGraphicsSubjectPtr subject,
void *opaque);
The wire protocol is similarly complex
struct remote_domain_event_graphics_address {
int family;
remote_nonnull_string node;
remote_nonnull_string service;
};
const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20;
struct remote_domain_event_graphics_identity {
remote_nonnull_string type;
remote_nonnull_string name;
};
struct remote_domain_event_graphics_msg {
remote_nonnull_domain dom;
int phase;
remote_domain_event_graphics_address local;
remote_domain_event_graphics_address remote;
remote_nonnull_string authScheme;
remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>;
};
This is currently implemented in QEMU for the VNC graphics
protocol, but designed to be usable with SPICE graphics in
the future too.
* daemon/remote.c: Dispatch graphics events to client
* examples/domain-events/events-c/event-test.c: Watch for
graphics events
* include/libvirt/libvirt.h.in: Define new graphics event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle graphics events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for VNC events and emit a libvirt graphics event
* src/remote/remote_driver.c: Receive and dispatch graphics
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
graphics events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED,
VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
2010-03-19 13:27:45 +00:00
|
|
|
}
|
|
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
static int
|
|
|
|
|
remoteRelayDomainEventBlockJob(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
|
|
|
|
const char *path,
|
|
|
|
|
int type,
|
|
|
|
|
int status,
|
|
|
|
|
void *opaque)
|
2011-07-22 05:57:42 +00:00
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
2011-07-22 05:57:42 +00:00
|
|
|
remote_domain_event_block_job_msg data;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
2011-07-22 05:57:42 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DEBUG("Relaying domain block job event %s %d %s %i, %i, callback %d",
|
|
|
|
|
dom->name, dom->id, path, type, status, callback->callbackID);
|
2011-07-22 05:57:42 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
2012-03-29 09:52:04 +00:00
|
|
|
memset(&data, 0, sizeof(data));
|
2013-05-03 12:39:39 +00:00
|
|
|
if (VIR_STRDUP(data.path, path) < 0)
|
|
|
|
|
goto error;
|
2011-07-22 05:57:42 +00:00
|
|
|
data.type = type;
|
|
|
|
|
data.status = status;
|
2011-09-20 03:51:50 +00:00
|
|
|
make_nonnull_domain(&data.dom, dom);
|
2011-07-22 05:57:42 +00:00
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_BLOCK_JOB,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_block_job_msg, &data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_block_job_msg msg = { callback->callbackID,
|
|
|
|
|
data };
|
|
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_BLOCK_JOB,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_block_job_msg, &msg);
|
|
|
|
|
}
|
2011-07-22 05:57:42 +00:00
|
|
|
|
|
|
|
|
return 0;
|
2014-03-25 06:45:38 +00:00
|
|
|
error:
|
2011-09-20 18:11:32 +00:00
|
|
|
VIR_FREE(data.path);
|
2011-09-20 03:51:50 +00:00
|
|
|
return -1;
|
2011-07-22 05:57:42 +00:00
|
|
|
}
|
|
|
|
|
|
Add domain events for graphics network clients
This introduces a new event type
VIR_DOMAIN_EVENT_ID_GRAPHICS
The same event can be emitted in 3 scenarios
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0,
VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE,
VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT,
} virDomainEventGraphicsPhase;
Connect/disconnect are triggered at socket accept/close.
The initialize phase is immediately after the protocol
setup and authentication has completed. ie when the
client is authorized and about to start interacting with
the graphical desktop
This event comes with *a lot* of potential information
- IP address, port & address family of client
- IP address, port & address family of server
- Authentication scheme (arbitrary string)
- Authenticated subject identity. A subject may have
multiple identities with some authentication schemes.
For example, vencrypt+sasl results in a x509dname
and saslUsername identities.
This results in a very complicated callback :-(
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4,
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6,
} virDomainEventGraphicsAddressType;
struct _virDomainEventGraphicsAddress {
int family;
const char *node;
const char *service;
};
typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress;
typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr;
struct _virDomainEventGraphicsSubject {
int nidentity;
struct {
const char *type;
const char *name;
} *identities;
};
typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject;
typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr;
typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn,
virDomainPtr dom,
int phase,
virDomainEventGraphicsAddressPtr local,
virDomainEventGraphicsAddressPtr remote,
const char *authScheme,
virDomainEventGraphicsSubjectPtr subject,
void *opaque);
The wire protocol is similarly complex
struct remote_domain_event_graphics_address {
int family;
remote_nonnull_string node;
remote_nonnull_string service;
};
const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20;
struct remote_domain_event_graphics_identity {
remote_nonnull_string type;
remote_nonnull_string name;
};
struct remote_domain_event_graphics_msg {
remote_nonnull_domain dom;
int phase;
remote_domain_event_graphics_address local;
remote_domain_event_graphics_address remote;
remote_nonnull_string authScheme;
remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>;
};
This is currently implemented in QEMU for the VNC graphics
protocol, but designed to be usable with SPICE graphics in
the future too.
* daemon/remote.c: Dispatch graphics events to client
* examples/domain-events/events-c/event-test.c: Watch for
graphics events
* include/libvirt/libvirt.h.in: Define new graphics event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle graphics events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for VNC events and emit a libvirt graphics event
* src/remote/remote_driver.c: Receive and dispatch graphics
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
graphics events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED,
VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
2010-03-19 13:27:45 +00:00
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
static int
|
|
|
|
|
remoteRelayDomainEventControlError(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
|
|
|
|
void *opaque)
|
2011-05-29 12:21:53 +00:00
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
2011-05-29 12:21:53 +00:00
|
|
|
remote_domain_event_control_error_msg data;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
2011-05-29 12:21:53 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DEBUG("Relaying domain control error %s %d, callback %d",
|
|
|
|
|
dom->name, dom->id, callback->callbackID);
|
2011-05-29 12:21:53 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
2012-03-29 09:52:04 +00:00
|
|
|
memset(&data, 0, sizeof(data));
|
2011-05-29 12:21:53 +00:00
|
|
|
make_nonnull_domain(&data.dom, dom);
|
|
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CONTROL_ERROR,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_control_error_msg, &data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_control_error_msg msg = { callback->callbackID,
|
|
|
|
|
data };
|
|
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_CONTROL_ERROR,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_control_error_msg, &msg);
|
|
|
|
|
}
|
2011-05-29 12:21:53 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
static int
|
|
|
|
|
remoteRelayDomainEventDiskChange(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
|
|
|
|
const char *oldSrcPath,
|
|
|
|
|
const char *newSrcPath,
|
|
|
|
|
const char *devAlias,
|
|
|
|
|
int reason,
|
|
|
|
|
void *opaque)
|
2011-10-18 14:15:42 +00:00
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
2011-10-18 14:15:42 +00:00
|
|
|
remote_domain_event_disk_change_msg data;
|
|
|
|
|
char **oldSrcPath_p = NULL, **newSrcPath_p = NULL;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
2011-10-18 14:15:42 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DEBUG("Relaying domain %s %d disk change %s %s %s %d, callback %d",
|
|
|
|
|
dom->name, dom->id, oldSrcPath, newSrcPath, devAlias, reason,
|
|
|
|
|
callback->callbackID);
|
2011-10-18 14:15:42 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
2012-03-29 09:52:04 +00:00
|
|
|
memset(&data, 0, sizeof(data));
|
2011-10-18 14:15:42 +00:00
|
|
|
if (oldSrcPath &&
|
|
|
|
|
((VIR_ALLOC(oldSrcPath_p) < 0) ||
|
2013-05-03 12:39:39 +00:00
|
|
|
VIR_STRDUP(*oldSrcPath_p, oldSrcPath) < 0))
|
2013-07-04 09:58:18 +00:00
|
|
|
goto error;
|
2011-10-18 14:15:42 +00:00
|
|
|
|
|
|
|
|
if (newSrcPath &&
|
|
|
|
|
((VIR_ALLOC(newSrcPath_p) < 0) ||
|
2013-05-03 12:39:39 +00:00
|
|
|
VIR_STRDUP(*newSrcPath_p, newSrcPath) < 0))
|
2013-07-04 09:58:18 +00:00
|
|
|
goto error;
|
2011-10-18 14:15:42 +00:00
|
|
|
|
|
|
|
|
data.oldSrcPath = oldSrcPath_p;
|
|
|
|
|
data.newSrcPath = newSrcPath_p;
|
2013-05-03 12:39:39 +00:00
|
|
|
if (VIR_STRDUP(data.devAlias, devAlias) < 0)
|
|
|
|
|
goto error;
|
2011-10-18 14:15:42 +00:00
|
|
|
data.reason = reason;
|
|
|
|
|
|
|
|
|
|
make_nonnull_domain(&data.dom, dom);
|
|
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_DISK_CHANGE,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_disk_change_msg, &data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_disk_change_msg msg = { callback->callbackID,
|
|
|
|
|
data };
|
|
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_DISK_CHANGE,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_disk_change_msg, &msg);
|
|
|
|
|
}
|
2011-10-18 14:15:42 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
error:
|
2011-10-26 09:12:45 +00:00
|
|
|
VIR_FREE(oldSrcPath_p);
|
|
|
|
|
VIR_FREE(newSrcPath_p);
|
2011-10-18 14:15:42 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
static int
|
|
|
|
|
remoteRelayDomainEventTrayChange(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
|
|
|
|
const char *devAlias,
|
|
|
|
|
int reason,
|
|
|
|
|
void *opaque)
|
|
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
2012-03-23 13:44:50 +00:00
|
|
|
remote_domain_event_tray_change_msg data;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
2012-03-23 13:44:50 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DEBUG("Relaying domain %s %d tray change devAlias: %s reason: %d, callback %d",
|
|
|
|
|
dom->name, dom->id, devAlias, reason, callback->callbackID);
|
2012-03-23 13:44:50 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
2012-03-29 09:52:04 +00:00
|
|
|
memset(&data, 0, sizeof(data));
|
2012-03-23 13:44:50 +00:00
|
|
|
|
2013-05-03 12:39:39 +00:00
|
|
|
if (VIR_STRDUP(data.devAlias, devAlias) < 0)
|
2012-03-23 13:44:50 +00:00
|
|
|
return -1;
|
|
|
|
|
data.reason = reason;
|
|
|
|
|
|
|
|
|
|
make_nonnull_domain(&data.dom, dom);
|
|
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_TRAY_CHANGE,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_tray_change_msg, &data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_tray_change_msg msg = { callback->callbackID,
|
|
|
|
|
data };
|
|
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_TRAY_CHANGE,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_tray_change_msg, &msg);
|
|
|
|
|
}
|
2012-03-23 13:44:50 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
static int
|
|
|
|
|
remoteRelayDomainEventPMWakeup(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
2014-01-29 00:41:34 +00:00
|
|
|
int reason,
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
void *opaque)
|
|
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
2012-03-23 14:43:14 +00:00
|
|
|
remote_domain_event_pmwakeup_msg data;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
2012-03-23 14:43:14 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DEBUG("Relaying domain %s %d system pmwakeup, callback %d",
|
|
|
|
|
dom->name, dom->id, callback->callbackID);
|
2012-03-23 14:43:14 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
2012-03-29 09:52:04 +00:00
|
|
|
memset(&data, 0, sizeof(data));
|
2012-03-23 14:43:14 +00:00
|
|
|
make_nonnull_domain(&data.dom, dom);
|
|
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_PMWAKEUP,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_pmwakeup_msg, &data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_pmwakeup_msg msg = { callback->callbackID,
|
2014-01-29 00:41:34 +00:00
|
|
|
reason, data };
|
2014-01-09 18:22:53 +00:00
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_PMWAKEUP,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_pmwakeup_msg, &msg);
|
|
|
|
|
}
|
2012-03-23 14:43:14 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
static int
|
|
|
|
|
remoteRelayDomainEventPMSuspend(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
2014-01-29 00:41:34 +00:00
|
|
|
int reason,
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
void *opaque)
|
|
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
2012-03-23 14:50:36 +00:00
|
|
|
remote_domain_event_pmsuspend_msg data;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
2012-03-23 14:50:36 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DEBUG("Relaying domain %s %d system pmsuspend, callback %d",
|
|
|
|
|
dom->name, dom->id, callback->callbackID);
|
2012-03-23 14:50:36 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
2012-03-29 09:52:04 +00:00
|
|
|
memset(&data, 0, sizeof(data));
|
2012-03-23 14:50:36 +00:00
|
|
|
make_nonnull_domain(&data.dom, dom);
|
|
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_PMSUSPEND,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_pmsuspend_msg, &data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_pmsuspend_msg msg = { callback->callbackID,
|
2014-01-29 00:41:34 +00:00
|
|
|
reason, data };
|
2014-01-09 18:22:53 +00:00
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_PMSUSPEND,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_pmsuspend_msg, &msg);
|
|
|
|
|
}
|
2012-03-23 14:50:36 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2012-07-13 09:05:17 +00:00
|
|
|
static int
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
remoteRelayDomainEventBalloonChange(virConnectPtr conn,
|
2012-07-13 09:05:17 +00:00
|
|
|
virDomainPtr dom,
|
|
|
|
|
unsigned long long actual,
|
|
|
|
|
void *opaque)
|
|
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
2012-07-13 09:05:17 +00:00
|
|
|
remote_domain_event_balloon_change_msg data;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
2012-07-13 09:05:17 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DEBUG("Relaying domain balloon change event %s %d %lld, callback %d",
|
|
|
|
|
dom->name, dom->id, actual, callback->callbackID);
|
2012-07-13 09:05:17 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
|
|
|
|
memset(&data, 0, sizeof(data));
|
|
|
|
|
make_nonnull_domain(&data.dom, dom);
|
|
|
|
|
data.actual = actual;
|
|
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_BALLOON_CHANGE,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_balloon_change_msg, &data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_balloon_change_msg msg = { callback->callbackID,
|
|
|
|
|
data };
|
|
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_BALLOON_CHANGE,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_balloon_change_msg, &msg);
|
|
|
|
|
}
|
2012-07-13 09:05:17 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
static int
|
|
|
|
|
remoteRelayDomainEventPMSuspendDisk(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
2014-01-29 00:41:34 +00:00
|
|
|
int reason,
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
void *opaque)
|
|
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
2012-10-12 19:13:39 +00:00
|
|
|
remote_domain_event_pmsuspend_disk_msg data;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
2012-10-12 19:13:39 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DEBUG("Relaying domain %s %d system pmsuspend-disk, callback %d",
|
|
|
|
|
dom->name, dom->id, callback->callbackID);
|
2012-10-12 19:13:39 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
|
|
|
|
memset(&data, 0, sizeof(data));
|
|
|
|
|
make_nonnull_domain(&data.dom, dom);
|
|
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_PMSUSPEND_DISK,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_pmsuspend_disk_msg, &data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_pmsuspend_disk_msg msg = { callback->callbackID,
|
2014-01-29 00:41:34 +00:00
|
|
|
reason, data };
|
2014-01-09 18:22:53 +00:00
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_PMSUSPEND_DISK,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_pmsuspend_disk_msg, &msg);
|
|
|
|
|
}
|
2012-10-12 19:13:39 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2013-06-19 13:27:29 +00:00
|
|
|
static int
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
remoteRelayDomainEventDeviceRemoved(virConnectPtr conn,
|
2013-06-19 13:27:29 +00:00
|
|
|
virDomainPtr dom,
|
|
|
|
|
const char *devAlias,
|
|
|
|
|
void *opaque)
|
|
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
2013-06-19 13:27:29 +00:00
|
|
|
remote_domain_event_device_removed_msg data;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainEventCheckACL(callback->client, conn, dom))
|
2013-06-19 13:27:29 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DEBUG("Relaying domain device removed event %s %d %s, callback %d",
|
|
|
|
|
dom->name, dom->id, devAlias, callback->callbackID);
|
2013-06-19 13:27:29 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
|
|
|
|
memset(&data, 0, sizeof(data));
|
|
|
|
|
|
|
|
|
|
if (VIR_STRDUP(data.devAlias, devAlias) < 0)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
make_nonnull_domain(&data.dom, dom);
|
|
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (callback->legacy) {
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_DEVICE_REMOVED,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_device_removed_msg,
|
|
|
|
|
&data);
|
|
|
|
|
} else {
|
|
|
|
|
remote_domain_event_callback_device_removed_msg msg = { callback->callbackID,
|
|
|
|
|
data };
|
|
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
|
|
|
|
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_DEVICE_REMOVED,
|
|
|
|
|
(xdrproc_t)xdr_remote_domain_event_callback_device_removed_msg,
|
|
|
|
|
&msg);
|
|
|
|
|
}
|
2013-06-19 13:27:29 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2012-10-12 19:13:39 +00:00
|
|
|
|
2010-03-18 15:25:38 +00:00
|
|
|
static virConnectDomainEventGenericCallback domainEventCallbacks[] = {
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventLifecycle),
|
2010-03-18 15:25:38 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventReboot),
|
2010-03-18 18:28:15 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventRTCChange),
|
Add support for an explicit watchdog event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_WATCHDOG
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_WATCHDOG_NONE = 0,
VIR_DOMAIN_EVENT_WATCHDOG_PAUSE,
VIR_DOMAIN_EVENT_WATCHDOG_RESET,
VIR_DOMAIN_EVENT_WATCHDOG_POWEROFF,
VIR_DOMAIN_EVENT_WATCHDOG_SHUTDOWN,
VIR_DOMAIN_EVENT_WATCHDOG_DEBUG,
} virDomainEventWatchdogAction;
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventWatchdogCallback)(virConnectPtr conn,
virDomainPtr dom,
int action,
void *opaque);
* daemon/remote.c: Dispatch watchdog events to client
* examples/domain-events/events-c/event-test.c: Watch for
watchdog events
* include/libvirt/libvirt.h.in: Define new watchdg event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle watchdog events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for watchdogs and emit a libvirt watchdog event
* src/remote/remote_driver.c: Receive and dispatch watchdog
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
watchdog events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for WATCHDOG event
from QEMU monitor
2010-03-18 19:07:48 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventWatchdog),
|
Add support for an explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR
This event includes the action that is about to be taken
as a result of the watchdog triggering
typedef enum {
VIR_DOMAIN_EVENT_IO_ERROR_NONE = 0,
VIR_DOMAIN_EVENT_IO_ERROR_PAUSE,
VIR_DOMAIN_EVENT_IO_ERROR_REPORT,
} virDomainEventIOErrorAction;
In addition it has the source path of the disk that had the
error and its unique device alias. It does not include the
target device name (/dev/sda), since this would preclude
triggering IO errors from other file backed devices (eg
serial ports connected to a file)
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventIOError),
|
Add domain events for graphics network clients
This introduces a new event type
VIR_DOMAIN_EVENT_ID_GRAPHICS
The same event can be emitted in 3 scenarios
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_CONNECT = 0,
VIR_DOMAIN_EVENT_GRAPHICS_INITIALIZE,
VIR_DOMAIN_EVENT_GRAPHICS_DISCONNECT,
} virDomainEventGraphicsPhase;
Connect/disconnect are triggered at socket accept/close.
The initialize phase is immediately after the protocol
setup and authentication has completed. ie when the
client is authorized and about to start interacting with
the graphical desktop
This event comes with *a lot* of potential information
- IP address, port & address family of client
- IP address, port & address family of server
- Authentication scheme (arbitrary string)
- Authenticated subject identity. A subject may have
multiple identities with some authentication schemes.
For example, vencrypt+sasl results in a x509dname
and saslUsername identities.
This results in a very complicated callback :-(
typedef enum {
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV4,
VIR_DOMAIN_EVENT_GRAPHICS_ADDRESS_IPV6,
} virDomainEventGraphicsAddressType;
struct _virDomainEventGraphicsAddress {
int family;
const char *node;
const char *service;
};
typedef struct _virDomainEventGraphicsAddress virDomainEventGraphicsAddress;
typedef virDomainEventGraphicsAddress *virDomainEventGraphicsAddressPtr;
struct _virDomainEventGraphicsSubject {
int nidentity;
struct {
const char *type;
const char *name;
} *identities;
};
typedef struct _virDomainEventGraphicsSubject virDomainEventGraphicsSubject;
typedef virDomainEventGraphicsSubject *virDomainEventGraphicsSubjectPtr;
typedef void (*virConnectDomainEventGraphicsCallback)(virConnectPtr conn,
virDomainPtr dom,
int phase,
virDomainEventGraphicsAddressPtr local,
virDomainEventGraphicsAddressPtr remote,
const char *authScheme,
virDomainEventGraphicsSubjectPtr subject,
void *opaque);
The wire protocol is similarly complex
struct remote_domain_event_graphics_address {
int family;
remote_nonnull_string node;
remote_nonnull_string service;
};
const REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX = 20;
struct remote_domain_event_graphics_identity {
remote_nonnull_string type;
remote_nonnull_string name;
};
struct remote_domain_event_graphics_msg {
remote_nonnull_domain dom;
int phase;
remote_domain_event_graphics_address local;
remote_domain_event_graphics_address remote;
remote_nonnull_string authScheme;
remote_domain_event_graphics_identity subject<REMOTE_DOMAIN_EVENT_GRAPHICS_IDENTITY_MAX>;
};
This is currently implemented in QEMU for the VNC graphics
protocol, but designed to be usable with SPICE graphics in
the future too.
* daemon/remote.c: Dispatch graphics events to client
* examples/domain-events/events-c/event-test.c: Watch for
graphics events
* include/libvirt/libvirt.h.in: Define new graphics event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle graphics events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for VNC events and emit a libvirt graphics event
* src/remote/remote_driver.c: Receive and dispatch graphics
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
graphics events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for VNC_CONNECTED,
VNC_INITIALIZED & VNC_DISCONNETED events from QEMU monitor
2010-03-19 13:27:45 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventGraphics),
|
Add support for another explicit IO error event
This introduces a new event type
VIR_DOMAIN_EVENT_ID_IO_ERROR_REASON
This event is the same as the previous VIR_DOMAIN_ID_IO_ERROR
event, but also includes a string describing the cause of
the event.
Thus there is a new callback definition for this event type
typedef void (*virConnectDomainEventIOErrorReasonCallback)(virConnectPtr conn,
virDomainPtr dom,
const char *srcPath,
const char *devAlias,
int action,
const char *reason,
void *opaque);
This is currently wired up to the QEMU block IO error events
* daemon/remote.c: Dispatch IO error events to client
* examples/domain-events/events-c/event-test.c: Watch for
IO error events
* include/libvirt/libvirt.h.in: Define new IO error event ID
and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle IO error events
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block IO errors and emit a libvirt IO error event
* src/remote/remote_driver.c: Receive and dispatch IO error
events to application
* src/remote/remote_protocol.x: Wire protocol definition for
IO error events
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_IO_ERROR event
from QEMU monitor
2010-03-18 19:37:44 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventIOErrorReason),
|
2011-05-29 12:21:53 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventControlError),
|
2011-07-22 05:57:42 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventBlockJob),
|
2011-10-18 14:15:42 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventDiskChange),
|
2012-03-23 13:44:50 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventTrayChange),
|
2012-03-23 14:43:14 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventPMWakeup),
|
2012-03-23 14:50:36 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventPMSuspend),
|
2012-07-13 09:05:17 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventBalloonChange),
|
2012-10-12 19:13:39 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventPMSuspendDisk),
|
2013-06-19 13:27:29 +00:00
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventDeviceRemoved),
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
verify(ARRAY_CARDINALITY(domainEventCallbacks) == VIR_DOMAIN_EVENT_ID_LAST);
|
|
|
|
|
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
static int
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
remoteRelayNetworkEventLifecycle(virConnectPtr conn,
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
virNetworkPtr net,
|
|
|
|
|
int event,
|
|
|
|
|
int detail,
|
|
|
|
|
void *opaque)
|
2013-12-11 10:38:01 +00:00
|
|
|
{
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
2013-12-11 10:38:01 +00:00
|
|
|
remote_network_event_lifecycle_msg data;
|
|
|
|
|
|
event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839
Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send. But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr. But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.
Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions. So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.
If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event. But
setting up that back-reference is a bit invasive. Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity. As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration. Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.
Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so. In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.
* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-28 21:50:02 +00:00
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayNetworkEventCheckACL(callback->client, conn, net))
|
2013-12-11 10:38:01 +00:00
|
|
|
return -1;
|
|
|
|
|
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
VIR_DEBUG("Relaying network lifecycle event %d, detail %d, callback %d",
|
|
|
|
|
event, detail, callback->callbackID);
|
2013-12-11 10:38:01 +00:00
|
|
|
|
|
|
|
|
/* build return data */
|
|
|
|
|
memset(&data, 0, sizeof(data));
|
|
|
|
|
make_nonnull_network(&data.net, net);
|
event: wire up RPC for server-side network event filtering
We haven't had a release with network events yet, so we are free
to fix the RPC so that it actually does what we want. Doing
client-side filtering of per-network events is inefficient if a
connection is only interested in events on a single network out
of hundreds available on the server. But to do server-side
per-network filtering, the server needs to know which network
to filter on - so we need to pass an optional network over on
registration. Furthermore, it is possible to have a client with
both a global and per-network filter; in the existing code, the
server sends only one event and the client replicates to both
callbacks. But with server-side filtering, the server will send
the event twice, so we need a way for the client to know which
callbackID is sending an event, to ensure that the client can
filter out events from a registration that does not match the
callbackID from the server. Likewise, the existing style of
deregistering by eventID alone is fine; but in the new style,
we have to remember which callbackID to delete.
This patch fixes the RPC wire definition to contain all the
needed pieces of information, and hooks into the server and
client side improvements of the previous patches, in order to
switch over to full server-side filtering of network events.
Also, since we fixed this in time, all released versions of
libvirtd that support network events also support per-network
filtering, so we can hard-code that assumption into
network_event.c.
Converting domain events to server-side filtering will require
the introduction of new RPC numbers, as well as a server
feature bit that the client can use to tell whether to use
old-style (server only supports global events) or new-style
(server supports filtered events), so that is deferred to a
later set of patches.
* src/conf/network_event.c (virNetworkEventStateRegisterClient):
Assume server-side filtering.
* src/remote/remote_protocol.x
(remote_connect_network_event_register_any_args): Add network
argument.
(remote_connect_network_event_register_any_ret): Return callbackID
instead of count.
(remote_connect_network_event_deregister_any_args): Pass
callbackID instead of eventID.
(remote_connect_network_event_deregister_any_ret): Drop unused
type.
(remote_network_event_lifecycle_msg): Add callbackID.
* daemon/remote.c
(remoteDispatchConnectNetworkEventDeregisterAny): Drop unused arg,
and deal with callbackID from client.
(remoteRelayNetworkEventLifecycle): Pass callbackID.
(remoteDispatchConnectNetworkEventRegisterAny): Likewise, and
recognize non-NULL network.
* src/remote/remote_driver.c
(remoteConnectNetworkEventRegisterAny): Pass network, and track
server side id.
(remoteConnectNetworkEventDeregisterAny): Deregister by callback id.
(remoteNetworkBuildEventLifecycle): Pass remote id to event queue.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:24:22 +00:00
|
|
|
data.callbackID = callback->callbackID;
|
2013-12-11 10:38:01 +00:00
|
|
|
data.event = event;
|
|
|
|
|
data.detail = detail;
|
|
|
|
|
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
remoteDispatchObjectEventSend(callback->client, remoteProgram,
|
2013-12-11 10:38:01 +00:00
|
|
|
REMOTE_PROC_NETWORK_EVENT_LIFECYCLE,
|
|
|
|
|
(xdrproc_t)xdr_remote_network_event_lifecycle_msg, &data);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static virConnectNetworkEventGenericCallback networkEventCallbacks[] = {
|
|
|
|
|
VIR_NETWORK_EVENT_CALLBACK(remoteRelayNetworkEventLifecycle),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
verify(ARRAY_CARDINALITY(networkEventCallbacks) == VIR_NETWORK_EVENT_ID_LAST);
|
|
|
|
|
|
2014-01-29 22:30:44 +00:00
|
|
|
static void
|
|
|
|
|
remoteRelayDomainQemuMonitorEvent(virConnectPtr conn,
|
|
|
|
|
virDomainPtr dom,
|
|
|
|
|
const char *event,
|
|
|
|
|
long long seconds,
|
|
|
|
|
unsigned int micros,
|
|
|
|
|
const char *details,
|
|
|
|
|
void *opaque)
|
|
|
|
|
{
|
|
|
|
|
daemonClientEventCallbackPtr callback = opaque;
|
|
|
|
|
qemu_domain_monitor_event_msg data;
|
|
|
|
|
char **details_p = NULL;
|
|
|
|
|
|
|
|
|
|
if (callback->callbackID < 0 ||
|
|
|
|
|
!remoteRelayDomainQemuMonitorEventCheckACL(callback->client, conn,
|
|
|
|
|
dom))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
VIR_DEBUG("Relaying qemu monitor event %s %s, callback %d",
|
|
|
|
|
event, details, callback->callbackID);
|
|
|
|
|
|
|
|
|
|
/* build return data */
|
|
|
|
|
memset(&data, 0, sizeof(data));
|
|
|
|
|
data.callbackID = callback->callbackID;
|
|
|
|
|
if (VIR_STRDUP(data.event, event) < 0)
|
|
|
|
|
goto error;
|
|
|
|
|
data.seconds = seconds;
|
|
|
|
|
data.micros = micros;
|
|
|
|
|
if (details &&
|
|
|
|
|
((VIR_ALLOC(details_p) < 0) ||
|
|
|
|
|
VIR_STRDUP(*details_p, details) < 0))
|
|
|
|
|
goto error;
|
|
|
|
|
data.details = details_p;
|
|
|
|
|
make_nonnull_domain(&data.dom, dom);
|
|
|
|
|
|
|
|
|
|
remoteDispatchObjectEventSend(callback->client, qemuProgram,
|
|
|
|
|
QEMU_PROC_DOMAIN_MONITOR_EVENT,
|
|
|
|
|
(xdrproc_t)xdr_qemu_domain_monitor_event_msg,
|
|
|
|
|
&data);
|
|
|
|
|
return;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
error:
|
2014-01-29 22:30:44 +00:00
|
|
|
VIR_FREE(data.event);
|
|
|
|
|
VIR_FREE(details_p);
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
/*
|
|
|
|
|
* You must hold lock for at least the client
|
|
|
|
|
* We don't free stuff here, merely disconnect the client's
|
|
|
|
|
* network socket & resources.
|
|
|
|
|
* We keep the libvirt connection open until any async
|
|
|
|
|
* jobs have finished, then clean it up elsewhere
|
|
|
|
|
*/
|
2012-08-09 11:31:34 +00:00
|
|
|
void remoteClientFreeFunc(void *data)
|
2011-05-16 17:13:11 +00:00
|
|
|
{
|
|
|
|
|
struct daemonClientPrivate *priv = data;
|
|
|
|
|
|
|
|
|
|
/* Deregister event delivery callback */
|
|
|
|
|
if (priv->conn) {
|
2013-09-27 14:46:07 +00:00
|
|
|
virIdentityPtr sysident = virIdentityGetSystem();
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2011-05-16 17:13:11 +00:00
|
|
|
|
2013-09-27 14:46:07 +00:00
|
|
|
virIdentitySetCurrent(sysident);
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
for (i = 0; i < priv->ndomainEventCallbacks; i++) {
|
|
|
|
|
int callbackID = priv->domainEventCallbacks[i]->callbackID;
|
|
|
|
|
if (callbackID < 0) {
|
|
|
|
|
VIR_WARN("unexpected incomplete domain callback %zu", i);
|
|
|
|
|
continue;
|
2011-05-16 17:13:11 +00:00
|
|
|
}
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DEBUG("Deregistering remote domain event relay %d",
|
|
|
|
|
callbackID);
|
|
|
|
|
priv->domainEventCallbacks[i]->callbackID = -1;
|
|
|
|
|
if (virConnectDomainEventDeregisterAny(priv->conn, callbackID) < 0)
|
|
|
|
|
VIR_WARN("unexpected domain event deregister failure");
|
2011-05-16 17:13:11 +00:00
|
|
|
}
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_FREE(priv->domainEventCallbacks);
|
2011-05-16 17:13:11 +00:00
|
|
|
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
for (i = 0; i < priv->nnetworkEventCallbacks; i++) {
|
|
|
|
|
int callbackID = priv->networkEventCallbacks[i]->callbackID;
|
|
|
|
|
if (callbackID < 0) {
|
|
|
|
|
VIR_WARN("unexpected incomplete network callback %zu", i);
|
|
|
|
|
continue;
|
2013-12-11 10:38:01 +00:00
|
|
|
}
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
VIR_DEBUG("Deregistering remote network event relay %d",
|
|
|
|
|
callbackID);
|
|
|
|
|
priv->networkEventCallbacks[i]->callbackID = -1;
|
|
|
|
|
if (virConnectNetworkEventDeregisterAny(priv->conn,
|
|
|
|
|
callbackID) < 0)
|
|
|
|
|
VIR_WARN("unexpected network event deregister failure");
|
2013-12-11 10:38:01 +00:00
|
|
|
}
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
VIR_FREE(priv->networkEventCallbacks);
|
2013-12-11 10:38:01 +00:00
|
|
|
|
2014-01-29 22:30:44 +00:00
|
|
|
for (i = 0; i < priv->nqemuEventCallbacks; i++) {
|
|
|
|
|
int callbackID = priv->qemuEventCallbacks[i]->callbackID;
|
|
|
|
|
if (callbackID < 0) {
|
|
|
|
|
VIR_WARN("unexpected incomplete qemu monitor callback %zu", i);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
VIR_DEBUG("Deregistering remote qemu monitor event relay %d",
|
|
|
|
|
callbackID);
|
|
|
|
|
priv->qemuEventCallbacks[i]->callbackID = -1;
|
|
|
|
|
if (virConnectDomainQemuMonitorEventDeregister(priv->conn,
|
|
|
|
|
callbackID) < 0)
|
|
|
|
|
VIR_WARN("unexpected qemu monitor event deregister failure");
|
|
|
|
|
}
|
|
|
|
|
VIR_FREE(priv->qemuEventCallbacks);
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
virConnectClose(priv->conn);
|
2013-09-27 14:46:07 +00:00
|
|
|
|
|
|
|
|
virIdentitySetCurrent(NULL);
|
|
|
|
|
virObjectUnref(sysident);
|
2011-05-16 17:13:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
VIR_FREE(priv);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2011-08-14 22:44:45 +00:00
|
|
|
static void remoteClientCloseFunc(virNetServerClientPtr client)
|
|
|
|
|
{
|
|
|
|
|
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
daemonRemoveAllClientStreams(priv->streams);
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
|
2012-08-09 11:31:34 +00:00
|
|
|
void *remoteClientInitHook(virNetServerClientPtr client,
|
|
|
|
|
void *opaque ATTRIBUTE_UNUSED)
|
2011-05-16 17:13:11 +00:00
|
|
|
{
|
|
|
|
|
struct daemonClientPrivate *priv;
|
|
|
|
|
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC(priv) < 0)
|
2012-08-09 11:31:34 +00:00
|
|
|
return NULL;
|
2011-05-16 17:13:11 +00:00
|
|
|
|
|
|
|
|
if (virMutexInit(&priv->lock) < 0) {
|
|
|
|
|
VIR_FREE(priv);
|
2013-07-04 09:58:18 +00:00
|
|
|
virReportSystemError(errno, "%s", _("unable to init mutex"));
|
2012-08-09 11:31:34 +00:00
|
|
|
return NULL;
|
2011-05-16 17:13:11 +00:00
|
|
|
}
|
|
|
|
|
|
2011-08-14 22:44:45 +00:00
|
|
|
virNetServerClientSetCloseHook(client, remoteClientCloseFunc);
|
2012-08-09 11:31:34 +00:00
|
|
|
return priv;
|
2011-05-16 17:13:11 +00:00
|
|
|
}
|
|
|
|
|
|
2007-06-11 11:47:01 +00:00
|
|
|
/*----- Functions. -----*/
|
|
|
|
|
|
|
|
|
|
static int
|
2013-04-18 11:07:23 +00:00
|
|
|
remoteDispatchConnectOpen(virNetServerPtr server,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
struct remote_connect_open_args *args)
|
2007-06-11 11:47:01 +00:00
|
|
|
{
|
|
|
|
|
const char *name;
|
2011-07-07 17:53:04 +00:00
|
|
|
unsigned int flags;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2007-06-11 11:47:01 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
VIR_DEBUG("priv=%p conn=%p", priv, priv->conn);
|
|
|
|
|
virMutexLock(&priv->lock);
|
|
|
|
|
/* Already opened? */
|
|
|
|
|
if (priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection already open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2011-08-24 13:33:34 +00:00
|
|
|
if (virNetServerKeepAliveRequired(server) && !priv->keepalive_supported) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_OPERATION_FAILED, "%s",
|
|
|
|
|
_("keepalive support is required to connect"));
|
2011-08-24 13:33:34 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2007-06-11 11:47:01 +00:00
|
|
|
name = args->name ? *args->name : NULL;
|
|
|
|
|
|
|
|
|
|
/* If this connection arrived on a readonly socket, force
|
|
|
|
|
* the connection to be readonly.
|
|
|
|
|
*/
|
|
|
|
|
flags = args->flags;
|
2011-05-16 17:13:11 +00:00
|
|
|
if (virNetServerClientGetReadonly(client))
|
|
|
|
|
flags |= VIR_CONNECT_RO;
|
2007-06-11 11:47:01 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
priv->conn =
|
2007-06-11 11:47:01 +00:00
|
|
|
flags & VIR_CONNECT_RO
|
2011-04-12 16:34:30 +00:00
|
|
|
? virConnectOpenReadOnly(name)
|
|
|
|
|
: virConnectOpen(name);
|
2007-06-11 11:47:01 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (priv->conn == NULL)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
2008-12-04 22:12:53 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
virMutexUnlock(&priv->lock);
|
2011-04-13 15:21:35 +00:00
|
|
|
return rv;
|
2007-06-11 11:47:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2013-04-18 11:07:23 +00:00
|
|
|
remoteDispatchConnectClose(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED)
|
2007-06-11 11:47:01 +00:00
|
|
|
{
|
2011-07-08 11:54:29 +00:00
|
|
|
virNetServerClientDelayedClose(client);
|
2008-12-04 22:12:53 +00:00
|
|
|
return 0;
|
2007-06-11 11:47:01 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
|
2007-06-22 13:16:10 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainGetSchedulerType(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-12 16:34:30 +00:00
|
|
|
remote_domain_get_scheduler_type_args *args,
|
|
|
|
|
remote_domain_get_scheduler_type_ret *ret)
|
2007-06-22 13:16:10 +00:00
|
|
|
{
|
2011-04-13 15:21:35 +00:00
|
|
|
virDomainPtr dom = NULL;
|
2007-06-22 13:16:10 +00:00
|
|
|
char *type;
|
|
|
|
|
int nparams;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2007-06-22 13:16:10 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2007-06-22 13:16:10 +00:00
|
|
|
|
2011-04-13 17:50:40 +00:00
|
|
|
if (!(type = virDomainGetSchedulerType(dom, &nparams)))
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2007-06-22 13:16:10 +00:00
|
|
|
|
|
|
|
|
ret->type = type;
|
|
|
|
|
ret->nparams = nparams;
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-13 15:21:35 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
2007-06-22 13:16:10 +00:00
|
|
|
}
|
|
|
|
|
|
2011-10-12 09:26:34 +00:00
|
|
|
/* Helper to serialize typed parameters. This also filters out any string
|
|
|
|
|
* parameters that must not be returned to older clients. */
|
2011-05-17 20:58:40 +00:00
|
|
|
static int
|
|
|
|
|
remoteSerializeTypedParameters(virTypedParameterPtr params,
|
|
|
|
|
int nparams,
|
2011-05-30 18:12:18 +00:00
|
|
|
remote_typed_param **ret_params_val,
|
2011-10-12 09:26:34 +00:00
|
|
|
u_int *ret_params_len,
|
|
|
|
|
unsigned int flags)
|
2011-05-17 20:58:40 +00:00
|
|
|
{
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
|
|
|
|
size_t j;
|
2011-05-17 20:58:40 +00:00
|
|
|
int rv = -1;
|
|
|
|
|
remote_typed_param *val;
|
|
|
|
|
|
|
|
|
|
*ret_params_len = nparams;
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(val, nparams) < 0)
|
2011-05-17 20:58:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
2011-10-12 09:26:34 +00:00
|
|
|
for (i = 0, j = 0; i < nparams; ++i) {
|
2012-01-28 06:21:31 +00:00
|
|
|
/* virDomainGetCPUStats can return a sparse array; also, we
|
|
|
|
|
* can't pass back strings to older clients. */
|
|
|
|
|
if (!params[i].type ||
|
|
|
|
|
(!(flags & VIR_TYPED_PARAM_STRING_OKAY) &&
|
|
|
|
|
params[i].type == VIR_TYPED_PARAM_STRING)) {
|
2011-10-12 09:26:34 +00:00
|
|
|
--*ret_params_len;
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-17 20:58:40 +00:00
|
|
|
/* remoteDispatchClientRequest will free this: */
|
2013-05-03 12:39:39 +00:00
|
|
|
if (VIR_STRDUP(val[j].field, params[i].field) < 0)
|
2011-05-17 20:58:40 +00:00
|
|
|
goto cleanup;
|
2011-10-12 09:26:34 +00:00
|
|
|
val[j].value.type = params[i].type;
|
2011-11-16 08:38:11 +00:00
|
|
|
switch (params[i].type) {
|
2011-05-17 20:58:40 +00:00
|
|
|
case VIR_TYPED_PARAM_INT:
|
2011-10-12 09:26:34 +00:00
|
|
|
val[j].value.remote_typed_param_value_u.i = params[i].value.i;
|
2011-05-17 20:58:40 +00:00
|
|
|
break;
|
|
|
|
|
case VIR_TYPED_PARAM_UINT:
|
2011-10-12 09:26:34 +00:00
|
|
|
val[j].value.remote_typed_param_value_u.ui = params[i].value.ui;
|
2011-05-17 20:58:40 +00:00
|
|
|
break;
|
|
|
|
|
case VIR_TYPED_PARAM_LLONG:
|
2011-10-12 09:26:34 +00:00
|
|
|
val[j].value.remote_typed_param_value_u.l = params[i].value.l;
|
2011-05-17 20:58:40 +00:00
|
|
|
break;
|
|
|
|
|
case VIR_TYPED_PARAM_ULLONG:
|
2011-10-12 09:26:34 +00:00
|
|
|
val[j].value.remote_typed_param_value_u.ul = params[i].value.ul;
|
2011-05-17 20:58:40 +00:00
|
|
|
break;
|
|
|
|
|
case VIR_TYPED_PARAM_DOUBLE:
|
2011-10-12 09:26:34 +00:00
|
|
|
val[j].value.remote_typed_param_value_u.d = params[i].value.d;
|
2011-05-17 20:58:40 +00:00
|
|
|
break;
|
|
|
|
|
case VIR_TYPED_PARAM_BOOLEAN:
|
2011-10-12 09:26:34 +00:00
|
|
|
val[j].value.remote_typed_param_value_u.b = params[i].value.b;
|
|
|
|
|
break;
|
|
|
|
|
case VIR_TYPED_PARAM_STRING:
|
2013-05-03 12:39:39 +00:00
|
|
|
if (VIR_STRDUP(val[j].value.remote_typed_param_value_u.s, params[i].value.s) < 0)
|
2011-10-12 09:26:34 +00:00
|
|
|
goto cleanup;
|
2011-05-17 20:58:40 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_RPC, _("unknown parameter type: %d"),
|
|
|
|
|
params[i].type);
|
2011-05-17 20:58:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2011-10-12 09:26:34 +00:00
|
|
|
j++;
|
2011-05-17 20:58:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*ret_params_val = val;
|
|
|
|
|
val = NULL;
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-05-17 20:58:40 +00:00
|
|
|
if (val) {
|
2011-10-12 09:26:34 +00:00
|
|
|
for (i = 0; i < nparams; i++) {
|
2011-05-17 20:58:40 +00:00
|
|
|
VIR_FREE(val[i].field);
|
2011-12-20 15:22:25 +00:00
|
|
|
if (val[i].value.type == VIR_TYPED_PARAM_STRING)
|
2011-10-12 09:26:34 +00:00
|
|
|
VIR_FREE(val[i].value.remote_typed_param_value_u.s);
|
|
|
|
|
}
|
2011-05-17 20:58:40 +00:00
|
|
|
VIR_FREE(val);
|
|
|
|
|
}
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Helper to deserialize typed parameters. */
|
|
|
|
|
static virTypedParameterPtr
|
2011-05-30 18:12:18 +00:00
|
|
|
remoteDeserializeTypedParameters(remote_typed_param *args_params_val,
|
|
|
|
|
u_int args_params_len,
|
2011-05-17 20:58:40 +00:00
|
|
|
int limit,
|
|
|
|
|
int *nparams)
|
|
|
|
|
{
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i = 0;
|
2011-05-17 20:58:40 +00:00
|
|
|
int rv = -1;
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
|
|
|
|
|
|
|
|
|
/* Check the length of the returned list carefully. */
|
2013-05-20 14:59:08 +00:00
|
|
|
if (limit && args_params_len > limit) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
2011-05-17 20:58:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(params, args_params_len) < 0)
|
2011-05-17 20:58:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
*nparams = args_params_len;
|
|
|
|
|
|
|
|
|
|
/* Deserialise the result. */
|
|
|
|
|
for (i = 0; i < args_params_len; ++i) {
|
|
|
|
|
if (virStrcpyStatic(params[i].field,
|
|
|
|
|
args_params_val[i].field) == NULL) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("Parameter %s too big for destination"),
|
|
|
|
|
args_params_val[i].field);
|
2011-05-17 20:58:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
params[i].type = args_params_val[i].value.type;
|
|
|
|
|
switch (params[i].type) {
|
|
|
|
|
case VIR_TYPED_PARAM_INT:
|
|
|
|
|
params[i].value.i =
|
|
|
|
|
args_params_val[i].value.remote_typed_param_value_u.i;
|
|
|
|
|
break;
|
|
|
|
|
case VIR_TYPED_PARAM_UINT:
|
|
|
|
|
params[i].value.ui =
|
|
|
|
|
args_params_val[i].value.remote_typed_param_value_u.ui;
|
|
|
|
|
break;
|
|
|
|
|
case VIR_TYPED_PARAM_LLONG:
|
|
|
|
|
params[i].value.l =
|
|
|
|
|
args_params_val[i].value.remote_typed_param_value_u.l;
|
|
|
|
|
break;
|
|
|
|
|
case VIR_TYPED_PARAM_ULLONG:
|
|
|
|
|
params[i].value.ul =
|
|
|
|
|
args_params_val[i].value.remote_typed_param_value_u.ul;
|
|
|
|
|
break;
|
|
|
|
|
case VIR_TYPED_PARAM_DOUBLE:
|
|
|
|
|
params[i].value.d =
|
|
|
|
|
args_params_val[i].value.remote_typed_param_value_u.d;
|
|
|
|
|
break;
|
|
|
|
|
case VIR_TYPED_PARAM_BOOLEAN:
|
|
|
|
|
params[i].value.b =
|
|
|
|
|
args_params_val[i].value.remote_typed_param_value_u.b;
|
|
|
|
|
break;
|
2011-10-12 09:26:34 +00:00
|
|
|
case VIR_TYPED_PARAM_STRING:
|
2013-05-03 12:39:39 +00:00
|
|
|
if (VIR_STRDUP(params[i].value.s,
|
|
|
|
|
args_params_val[i].value.remote_typed_param_value_u.s) < 0)
|
2011-10-12 09:26:34 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
break;
|
2011-05-17 20:58:40 +00:00
|
|
|
default:
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, _("unknown parameter type: %d"),
|
|
|
|
|
params[i].type);
|
2011-05-17 20:58:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-10-12 09:26:34 +00:00
|
|
|
if (rv < 0) {
|
2013-01-15 23:42:35 +00:00
|
|
|
virTypedParamsFree(params, i);
|
|
|
|
|
params = NULL;
|
2011-10-12 09:26:34 +00:00
|
|
|
}
|
2011-05-17 20:58:40 +00:00
|
|
|
return params;
|
|
|
|
|
}
|
|
|
|
|
|
2007-06-22 13:16:10 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainGetSchedulerParameters(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-12 16:34:30 +00:00
|
|
|
remote_domain_get_scheduler_parameters_args *args,
|
|
|
|
|
remote_domain_get_scheduler_parameters_ret *ret)
|
2007-06-22 13:16:10 +00:00
|
|
|
{
|
2011-04-13 15:21:35 +00:00
|
|
|
virDomainPtr dom = NULL;
|
2011-05-26 17:39:04 +00:00
|
|
|
virTypedParameterPtr params = NULL;
|
2013-05-02 11:36:53 +00:00
|
|
|
int nparams = 0;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2007-06-22 13:16:10 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2013-05-02 11:36:53 +00:00
|
|
|
if (args->nparams > REMOTE_DOMAIN_SCHEDULER_PARAMETERS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2007-06-22 13:16:10 +00:00
|
|
|
}
|
2013-05-02 11:36:53 +00:00
|
|
|
if (args->nparams && VIR_ALLOC_N(params, args->nparams) < 0)
|
2013-07-04 09:58:18 +00:00
|
|
|
goto cleanup;
|
2013-05-02 11:36:53 +00:00
|
|
|
nparams = args->nparams;
|
2007-06-22 13:16:10 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2007-06-22 13:16:10 +00:00
|
|
|
|
2011-04-13 17:50:40 +00:00
|
|
|
if (virDomainGetSchedulerParameters(dom, params, &nparams) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2007-06-22 13:16:10 +00:00
|
|
|
|
2011-05-17 20:58:40 +00:00
|
|
|
if (remoteSerializeTypedParameters(params, nparams,
|
2011-05-30 18:12:18 +00:00
|
|
|
&ret->params.params_val,
|
2011-10-12 09:26:34 +00:00
|
|
|
&ret->params.params_len,
|
|
|
|
|
0) < 0)
|
2011-05-17 21:45:03 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-05-17 21:45:03 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2013-01-15 23:42:35 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
2011-05-17 21:45:03 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2012-05-20 14:26:36 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchConnectListAllDomains(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_connect_list_all_domains_args *args,
|
|
|
|
|
remote_connect_list_all_domains_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainPtr *doms = NULL;
|
|
|
|
|
int ndomains = 0;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2012-05-20 14:26:36 +00:00
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2012-05-20 14:26:36 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((ndomains = virConnectListAllDomains(priv->conn,
|
|
|
|
|
args->need_results ? &doms : NULL,
|
|
|
|
|
args->flags)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2013-08-19 13:23:31 +00:00
|
|
|
if (ndomains > REMOTE_DOMAIN_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many domains '%d' for limit '%d'"),
|
|
|
|
|
ndomains, REMOTE_DOMAIN_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2012-05-20 14:26:36 +00:00
|
|
|
if (doms && ndomains) {
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->domains.domains_val, ndomains) < 0)
|
2012-05-20 14:26:36 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->domains.domains_len = ndomains;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < ndomains; i++)
|
|
|
|
|
make_nonnull_domain(ret->domains.domains_val + i, doms[i]);
|
|
|
|
|
} else {
|
|
|
|
|
ret->domains.domains_len = 0;
|
|
|
|
|
ret->domains.domains_val = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret->ret = ndomains;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-05-20 14:26:36 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (doms) {
|
|
|
|
|
for (i = 0; i < ndomains; i++)
|
|
|
|
|
virDomainFree(doms[i]);
|
|
|
|
|
VIR_FREE(doms);
|
|
|
|
|
}
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-17 21:45:03 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainGetSchedulerParametersFlags(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-05-17 21:45:03 +00:00
|
|
|
remote_domain_get_scheduler_parameters_flags_args *args,
|
|
|
|
|
remote_domain_get_scheduler_parameters_flags_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
2013-05-02 11:36:53 +00:00
|
|
|
int nparams = 0;
|
2011-05-17 21:45:03 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-05-17 21:45:03 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-05-17 21:45:03 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-02 11:36:53 +00:00
|
|
|
if (args->nparams > REMOTE_DOMAIN_SCHEDULER_PARAMETERS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
2011-05-17 21:45:03 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2013-05-02 11:36:53 +00:00
|
|
|
if (args->nparams && VIR_ALLOC_N(params, args->nparams) < 0)
|
2013-07-04 09:58:18 +00:00
|
|
|
goto cleanup;
|
2013-05-02 11:36:53 +00:00
|
|
|
nparams = args->nparams;
|
2011-05-17 21:45:03 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-05-17 21:45:03 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (virDomainGetSchedulerParametersFlags(dom, params, &nparams,
|
|
|
|
|
args->flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (remoteSerializeTypedParameters(params, nparams,
|
2011-05-30 18:12:18 +00:00
|
|
|
&ret->params.params_val,
|
2011-10-12 09:26:34 +00:00
|
|
|
&ret->params.params_len,
|
|
|
|
|
args->flags) < 0)
|
2011-05-17 20:58:40 +00:00
|
|
|
goto cleanup;
|
2007-06-22 13:16:10 +00:00
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
2008-06-06 10:52:01 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-05-17 20:58:40 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2013-01-15 23:42:35 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
2011-04-13 15:21:35 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
2007-06-22 13:16:10 +00:00
|
|
|
}
|
|
|
|
|
|
2009-12-20 12:43:19 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainMemoryStats(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-12 16:34:30 +00:00
|
|
|
remote_domain_memory_stats_args *args,
|
|
|
|
|
remote_domain_memory_stats_ret *ret)
|
2009-12-20 12:43:19 +00:00
|
|
|
{
|
2011-04-13 15:21:35 +00:00
|
|
|
virDomainPtr dom = NULL;
|
2013-09-03 15:52:06 +00:00
|
|
|
struct _virDomainMemoryStat *stats = NULL;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
int nr_stats;
|
|
|
|
|
size_t i;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2009-12-20 12:43:19 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2009-12-20 12:43:19 +00:00
|
|
|
if (args->maxStats > REMOTE_DOMAIN_MEMORY_STATS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
|
|
|
|
_("maxStats > REMOTE_DOMAIN_MEMORY_STATS_MAX"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2009-12-20 12:43:19 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2009-12-20 12:43:19 +00:00
|
|
|
|
|
|
|
|
/* Allocate stats array for making dispatch call */
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(stats, args->maxStats) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2009-12-20 12:43:19 +00:00
|
|
|
|
libvirt: do not mix internal flags into public API
There were two API in driver.c that were silently masking flags
bits prior to calling out to the drivers, and several others
that were explicitly masking flags bits. This is not
forward-compatible - if we ever have that many flags in the
future, then talking to an old server that masks out the
flags would be indistinguishable from talking to a new server
that can honor the flag. In general, libvirt.c should forward
_all_ flags on to drivers, and only the drivers should reject
unknown flags.
In the case of virDrvSecretGetValue, the solution is to separate
the internal driver callback function to have two parameters
instead of one, with only one parameter affected by the public
API. In the case of virDomainGetXMLDesc, it turns out that
no one was ever mixing VIR_DOMAIN_XML_INTERNAL_STATUS with
the dumpxml path in the first place; that internal flag was
only used in saving and restoring state files, which happened
to be in functions internal to a single file, so there is no
mixing of the internal flag with a public flags argument.
Additionally, virDomainMemoryStats passed a flags argument
over RPC, but not to the driver.
* src/driver.h (VIR_DOMAIN_XML_FLAGS_MASK)
(VIR_SECRET_GET_VALUE_FLAGS_MASK): Delete.
(virDrvSecretGetValue): Separate out internal flags.
(virDrvDomainMemoryStats): Provide missing flags argument.
* src/driver.c (verify): Drop unused check.
* src/conf/domain_conf.h (virDomainObjParseFile): Delete
declaration.
(virDomainXMLInternalFlags): Move...
* src/conf/domain_conf.c: ...here. Delete redundant include.
(virDomainObjParseFile): Make static.
* src/libvirt.c (virDomainGetXMLDesc, virSecretGetValue): Update
clients.
(virDomainMemoryPeek, virInterfaceGetXMLDesc)
(virDomainMemoryStats, virDomainBlockPeek, virNetworkGetXMLDesc)
(virStoragePoolGetXMLDesc, virStorageVolGetXMLDesc)
(virNodeNumOfDevices, virNodeListDevices, virNWFilterGetXMLDesc):
Don't mask unknown flags.
* src/interface/netcf_driver.c (interfaceGetXMLDesc): Reject
unknown flags.
* src/secret/secret_driver.c (secretGetValue): Update clients.
* src/remote/remote_driver.c (remoteSecretGetValue)
(remoteDomainMemoryStats): Likewise.
* src/qemu/qemu_process.c (qemuProcessGetVolumeQcowPassphrase):
Likewise.
* src/qemu/qemu_driver.c (qemudDomainMemoryStats): Likewise.
* daemon/remote.c (remoteDispatchDomainMemoryStats): Likewise.
2011-07-13 21:31:56 +00:00
|
|
|
nr_stats = virDomainMemoryStats(dom, stats, args->maxStats, args->flags);
|
2011-04-13 17:23:00 +00:00
|
|
|
if (nr_stats < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2009-12-20 12:43:19 +00:00
|
|
|
|
|
|
|
|
/* Allocate return buffer */
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->stats.stats_val, args->maxStats) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2009-12-20 12:43:19 +00:00
|
|
|
|
|
|
|
|
/* Copy the stats into the xdr return structure */
|
|
|
|
|
for (i = 0; i < nr_stats; i++) {
|
|
|
|
|
ret->stats.stats_val[i].tag = stats[i].tag;
|
|
|
|
|
ret->stats.stats_val[i].val = stats[i].val;
|
|
|
|
|
}
|
|
|
|
|
ret->stats.stats_len = nr_stats;
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-13 15:21:35 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
2009-12-20 12:43:19 +00:00
|
|
|
VIR_FREE(stats);
|
2011-04-13 15:21:35 +00:00
|
|
|
return rv;
|
2009-12-20 12:43:19 +00:00
|
|
|
}
|
|
|
|
|
|
2008-06-05 21:12:26 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainBlockPeek(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-12 16:34:30 +00:00
|
|
|
remote_domain_block_peek_args *args,
|
|
|
|
|
remote_domain_block_peek_ret *ret)
|
2008-06-05 21:12:26 +00:00
|
|
|
{
|
2011-04-13 15:21:35 +00:00
|
|
|
virDomainPtr dom = NULL;
|
2008-06-05 21:12:26 +00:00
|
|
|
char *path;
|
|
|
|
|
unsigned long long offset;
|
|
|
|
|
size_t size;
|
|
|
|
|
unsigned int flags;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2008-06-05 21:12:26 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2008-06-05 21:12:26 +00:00
|
|
|
path = args->path;
|
|
|
|
|
offset = args->offset;
|
|
|
|
|
size = args->size;
|
|
|
|
|
flags = args->flags;
|
|
|
|
|
|
|
|
|
|
if (size > REMOTE_DOMAIN_BLOCK_PEEK_BUFFER_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("size > maximum buffer size"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2008-06-05 21:12:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret->buffer.buffer_len = size;
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->buffer.buffer_val, size) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2008-06-05 21:12:26 +00:00
|
|
|
|
2011-04-12 16:34:30 +00:00
|
|
|
if (virDomainBlockPeek(dom, path, offset, size,
|
2011-04-13 17:23:00 +00:00
|
|
|
ret->buffer.buffer_val, flags) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2008-06-05 21:12:26 +00:00
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0) {
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-13 15:21:35 +00:00
|
|
|
VIR_FREE(ret->buffer.buffer_val);
|
|
|
|
|
}
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
2008-06-05 21:12:26 +00:00
|
|
|
}
|
|
|
|
|
|
2011-09-05 08:20:03 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainBlockStatsFlags(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-09-05 08:20:03 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_block_stats_flags_args *args,
|
|
|
|
|
remote_domain_block_stats_flags_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
const char *path = args->path;
|
2013-05-02 11:36:53 +00:00
|
|
|
int nparams = 0;
|
2011-09-05 08:20:03 +00:00
|
|
|
unsigned int flags;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-09-05 08:20:03 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
flags = args->flags;
|
|
|
|
|
|
2013-05-02 11:36:53 +00:00
|
|
|
if (args->nparams > REMOTE_DOMAIN_BLOCK_STATS_PARAMETERS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
2011-09-05 08:20:03 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2013-07-04 09:58:18 +00:00
|
|
|
if (args->nparams && VIR_ALLOC_N(params, args->nparams) < 0)
|
2011-09-05 08:20:03 +00:00
|
|
|
goto cleanup;
|
2013-05-02 11:36:53 +00:00
|
|
|
nparams = args->nparams;
|
2011-09-05 08:20:03 +00:00
|
|
|
|
|
|
|
|
if (virDomainBlockStatsFlags(dom, path, params, &nparams, flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* In this case, we need to send back the number of parameters
|
|
|
|
|
* supported
|
|
|
|
|
*/
|
|
|
|
|
if (args->nparams == 0) {
|
|
|
|
|
ret->nparams = nparams;
|
|
|
|
|
goto success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Serialise the block stats. */
|
|
|
|
|
if (remoteSerializeTypedParameters(params, nparams,
|
|
|
|
|
&ret->params.params_val,
|
2011-10-12 09:26:34 +00:00
|
|
|
&ret->params.params_len,
|
|
|
|
|
args->flags) < 0)
|
2011-09-05 08:20:03 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
success:
|
2011-09-05 08:20:03 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-12-20 15:22:25 +00:00
|
|
|
if (rv < 0)
|
2011-09-05 08:20:03 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2013-01-15 23:42:35 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
2011-09-18 16:36:10 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
2011-09-05 08:20:03 +00:00
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2008-06-10 10:43:28 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainMemoryPeek(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-12 16:34:30 +00:00
|
|
|
remote_domain_memory_peek_args *args,
|
|
|
|
|
remote_domain_memory_peek_ret *ret)
|
2008-06-10 10:43:28 +00:00
|
|
|
{
|
2011-04-13 15:21:35 +00:00
|
|
|
virDomainPtr dom = NULL;
|
2008-06-10 10:43:28 +00:00
|
|
|
unsigned long long offset;
|
|
|
|
|
size_t size;
|
|
|
|
|
unsigned int flags;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2008-06-10 10:43:28 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2008-06-10 10:43:28 +00:00
|
|
|
offset = args->offset;
|
|
|
|
|
size = args->size;
|
|
|
|
|
flags = args->flags;
|
|
|
|
|
|
|
|
|
|
if (size > REMOTE_DOMAIN_MEMORY_PEEK_BUFFER_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("size > maximum buffer size"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2008-06-10 10:43:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret->buffer.buffer_len = size;
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->buffer.buffer_val, size) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2008-06-10 10:43:28 +00:00
|
|
|
|
2011-04-12 16:34:30 +00:00
|
|
|
if (virDomainMemoryPeek(dom, offset, size,
|
2011-04-13 17:23:00 +00:00
|
|
|
ret->buffer.buffer_val, flags) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2008-06-10 10:43:28 +00:00
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0) {
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-13 15:21:35 +00:00
|
|
|
VIR_FREE(ret->buffer.buffer_val);
|
|
|
|
|
}
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
2008-06-10 10:43:28 +00:00
|
|
|
}
|
|
|
|
|
|
2009-05-21 13:50:56 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainGetSecurityLabel(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-22 15:09:33 +00:00
|
|
|
remote_domain_get_security_label_args *args,
|
|
|
|
|
remote_domain_get_security_label_ret *ret)
|
2009-05-21 13:50:56 +00:00
|
|
|
{
|
2011-04-22 15:09:33 +00:00
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
virSecurityLabelPtr seclabel = NULL;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-04-13 15:21:35 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-04-22 15:09:33 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC(seclabel) < 0)
|
2011-04-22 15:09:33 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (virDomainGetSecurityLabel(dom, seclabel) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->label.label_len = strlen(seclabel->label) + 1;
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->label.label_val, ret->label.label_len) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-22 15:09:33 +00:00
|
|
|
strcpy(ret->label.label_val, seclabel->label);
|
|
|
|
|
ret->enforcing = seclabel->enforcing;
|
2011-04-13 17:50:40 +00:00
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-22 15:09:33 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
VIR_FREE(seclabel);
|
2011-04-13 15:21:35 +00:00
|
|
|
return rv;
|
2009-05-21 13:50:56 +00:00
|
|
|
}
|
|
|
|
|
|
2012-08-15 22:10:39 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainGetSecurityLabelList(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_get_security_label_list_args *args,
|
|
|
|
|
remote_domain_get_security_label_list_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
virSecurityLabelPtr seclabels = NULL;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
int len, rv = -1;
|
|
|
|
|
size_t i;
|
2012-08-15 22:10:39 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if ((len = virDomainGetSecurityLabelList(dom, &seclabels)) < 0) {
|
|
|
|
|
ret->ret = len;
|
|
|
|
|
ret->labels.labels_len = 0;
|
|
|
|
|
ret->labels.labels_val = NULL;
|
|
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->labels.labels_val, len) < 0)
|
2012-08-15 22:10:39 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < len; i++) {
|
|
|
|
|
size_t label_len = strlen(seclabels[i].label) + 1;
|
|
|
|
|
remote_domain_get_security_label_ret *cur = &ret->labels.labels_val[i];
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(cur->label.label_val, label_len) < 0)
|
2012-08-15 22:10:39 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
if (virStrcpy(cur->label.label_val, seclabels[i].label, label_len) == NULL) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
|
|
|
|
_("failed to copy security label"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
cur->label.label_len = label_len;
|
|
|
|
|
cur->enforcing = seclabels[i].enforcing;
|
|
|
|
|
}
|
|
|
|
|
ret->labels.labels_len = ret->ret = len;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
done:
|
2012-08-15 22:10:39 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-08-15 22:10:39 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
VIR_FREE(seclabels);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2009-05-21 13:50:56 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchNodeGetSecurityModel(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-22 15:09:33 +00:00
|
|
|
remote_node_get_security_model_ret *ret)
|
2009-05-21 13:50:56 +00:00
|
|
|
{
|
2011-04-22 15:09:33 +00:00
|
|
|
virSecurityModel secmodel;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-04-13 15:21:35 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2012-03-29 09:52:04 +00:00
|
|
|
memset(&secmodel, 0, sizeof(secmodel));
|
2011-05-16 17:13:11 +00:00
|
|
|
if (virNodeGetSecurityModel(priv->conn, &secmodel) < 0)
|
2011-04-22 15:09:33 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->model.model_len = strlen(secmodel.model) + 1;
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->model.model_val, ret->model.model_len) < 0)
|
2011-04-22 15:09:33 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
strcpy(ret->model.model_val, secmodel.model);
|
|
|
|
|
|
|
|
|
|
ret->doi.doi_len = strlen(secmodel.doi) + 1;
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->doi.doi_val, ret->doi.doi_len) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-22 15:09:33 +00:00
|
|
|
strcpy(ret->doi.doi_val, secmodel.doi);
|
2011-04-13 17:50:40 +00:00
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-13 15:21:35 +00:00
|
|
|
return rv;
|
2009-05-21 13:50:56 +00:00
|
|
|
}
|
|
|
|
|
|
2011-06-24 09:00:22 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainGetVcpuPinInfo(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-06-24 23:09:46 +00:00
|
|
|
remote_domain_get_vcpu_pin_info_args *args,
|
|
|
|
|
remote_domain_get_vcpu_pin_info_ret *ret)
|
2011-06-24 09:00:22 +00:00
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
unsigned char *cpumaps = NULL;
|
|
|
|
|
int num;
|
|
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-06-24 09:00:22 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-06-24 09:00:22 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-06-24 09:00:22 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (args->ncpumaps > REMOTE_VCPUINFO_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("ncpumaps > REMOTE_VCPUINFO_MAX"));
|
2011-06-24 09:00:22 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (INT_MULTIPLY_OVERFLOW(args->ncpumaps, args->maplen) ||
|
|
|
|
|
args->ncpumaps * args->maplen > REMOTE_CPUMAPS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("maxinfo * maplen > REMOTE_CPUMAPS_MAX"));
|
2011-06-24 09:00:22 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Allocate buffers to take the results. */
|
|
|
|
|
if (args->maplen > 0 &&
|
|
|
|
|
VIR_ALLOC_N(cpumaps, args->ncpumaps * args->maplen) < 0)
|
2013-07-04 09:58:18 +00:00
|
|
|
goto cleanup;
|
2011-06-24 09:00:22 +00:00
|
|
|
|
2011-06-24 23:09:46 +00:00
|
|
|
if ((num = virDomainGetVcpuPinInfo(dom,
|
2011-06-24 09:00:22 +00:00
|
|
|
args->ncpumaps,
|
|
|
|
|
cpumaps,
|
|
|
|
|
args->maplen,
|
|
|
|
|
args->flags)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->num = num;
|
|
|
|
|
/* Don't need to allocate/copy the cpumaps if we make the reasonable
|
|
|
|
|
* assumption that unsigned char and char are the same size.
|
|
|
|
|
* Note that remoteDispatchClientRequest will free.
|
|
|
|
|
*/
|
|
|
|
|
ret->cpumaps.cpumaps_len = args->ncpumaps * args->maplen;
|
|
|
|
|
ret->cpumaps.cpumaps_val = (char *) cpumaps;
|
2012-08-21 09:18:38 +00:00
|
|
|
cpumaps = NULL;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-08-21 09:18:38 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
VIR_FREE(cpumaps);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainPinEmulator(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_pin_emulator_args *args)
|
|
|
|
|
{
|
|
|
|
|
int rv = -1;
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (virDomainPinEmulator(dom,
|
|
|
|
|
(unsigned char *) args->cpumap.cpumap_val,
|
|
|
|
|
args->cpumap.cpumap_len,
|
|
|
|
|
args->flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-08-21 09:18:38 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainGetEmulatorPinInfo(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_get_emulator_pin_info_args *args,
|
|
|
|
|
remote_domain_get_emulator_pin_info_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
unsigned char *cpumaps = NULL;
|
|
|
|
|
int r;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* Allocate buffers to take the results */
|
|
|
|
|
if (args->maplen > 0 &&
|
|
|
|
|
VIR_ALLOC_N(cpumaps, args->maplen) < 0)
|
2013-07-04 09:58:18 +00:00
|
|
|
goto cleanup;
|
2012-08-21 09:18:38 +00:00
|
|
|
|
|
|
|
|
if ((r = virDomainGetEmulatorPinInfo(dom,
|
|
|
|
|
cpumaps,
|
|
|
|
|
args->maplen,
|
|
|
|
|
args->flags)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->ret = r;
|
|
|
|
|
ret->cpumaps.cpumaps_len = args->maplen;
|
|
|
|
|
ret->cpumaps.cpumaps_val = (char *) cpumaps;
|
2011-06-24 09:00:22 +00:00
|
|
|
cpumaps = NULL;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-06-24 09:00:22 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-06-24 09:00:22 +00:00
|
|
|
VIR_FREE(cpumaps);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2007-06-11 11:47:01 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainGetVcpus(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-22 15:09:33 +00:00
|
|
|
remote_domain_get_vcpus_args *args,
|
|
|
|
|
remote_domain_get_vcpus_ret *ret)
|
2007-06-11 11:47:01 +00:00
|
|
|
{
|
2011-04-13 15:21:35 +00:00
|
|
|
virDomainPtr dom = NULL;
|
2011-04-22 15:09:33 +00:00
|
|
|
virVcpuInfoPtr info = NULL;
|
|
|
|
|
unsigned char *cpumaps = NULL;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
int info_len;
|
|
|
|
|
size_t i;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2007-06-11 11:47:01 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2007-06-11 11:47:01 +00:00
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
if (args->maxinfo > REMOTE_VCPUINFO_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("maxinfo > REMOTE_VCPUINFO_MAX"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-22 15:09:33 +00:00
|
|
|
}
|
2011-04-13 15:21:35 +00:00
|
|
|
|
2011-06-24 18:16:05 +00:00
|
|
|
if (INT_MULTIPLY_OVERFLOW(args->maxinfo, args->maplen) ||
|
|
|
|
|
args->maxinfo * args->maplen > REMOTE_CPUMAPS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("maxinfo * maplen > REMOTE_CPUMAPS_MAX"));
|
2011-04-22 15:09:33 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Allocate buffers to take the results. */
|
|
|
|
|
if (VIR_ALLOC_N(info, args->maxinfo) < 0)
|
2013-07-04 09:58:18 +00:00
|
|
|
goto cleanup;
|
2011-04-22 15:09:33 +00:00
|
|
|
if (args->maplen > 0 &&
|
|
|
|
|
VIR_ALLOC_N(cpumaps, args->maxinfo * args->maplen) < 0)
|
2013-07-04 09:58:18 +00:00
|
|
|
goto cleanup;
|
2011-04-22 15:09:33 +00:00
|
|
|
|
|
|
|
|
if ((info_len = virDomainGetVcpus(dom,
|
|
|
|
|
info, args->maxinfo,
|
|
|
|
|
cpumaps, args->maplen)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* Allocate the return buffer for info. */
|
|
|
|
|
ret->info.info_len = info_len;
|
|
|
|
|
if (VIR_ALLOC_N(ret->info.info_val, info_len) < 0)
|
2013-07-04 09:58:18 +00:00
|
|
|
goto cleanup;
|
2011-04-22 15:09:33 +00:00
|
|
|
|
|
|
|
|
for (i = 0; i < info_len; ++i) {
|
|
|
|
|
ret->info.info_val[i].number = info[i].number;
|
|
|
|
|
ret->info.info_val[i].state = info[i].state;
|
|
|
|
|
ret->info.info_val[i].cpu_time = info[i].cpuTime;
|
|
|
|
|
ret->info.info_val[i].cpu = info[i].cpu;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Don't need to allocate/copy the cpumaps if we make the reasonable
|
|
|
|
|
* assumption that unsigned char and char are the same size.
|
|
|
|
|
* Note that remoteDispatchClientRequest will free.
|
|
|
|
|
*/
|
|
|
|
|
ret->cpumaps.cpumaps_len = args->maxinfo * args->maplen;
|
|
|
|
|
ret->cpumaps.cpumaps_val = (char *) cpumaps;
|
|
|
|
|
cpumaps = NULL;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
2011-04-13 15:21:35 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-22 15:09:33 +00:00
|
|
|
if (rv < 0) {
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-22 15:09:33 +00:00
|
|
|
VIR_FREE(ret->info.info_val);
|
|
|
|
|
}
|
|
|
|
|
VIR_FREE(cpumaps);
|
|
|
|
|
VIR_FREE(info);
|
2011-04-13 15:21:35 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
2007-06-11 11:47:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainMigratePrepare(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-22 15:09:33 +00:00
|
|
|
remote_domain_migrate_prepare_args *args,
|
|
|
|
|
remote_domain_migrate_prepare_ret *ret)
|
2007-06-11 11:47:01 +00:00
|
|
|
{
|
2011-04-22 15:09:33 +00:00
|
|
|
char *cookie = NULL;
|
|
|
|
|
int cookielen = 0;
|
|
|
|
|
char *uri_in;
|
|
|
|
|
char **uri_out;
|
|
|
|
|
char *dname;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2007-06-11 11:47:01 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
uri_in = args->uri_in == NULL ? NULL : *args->uri_in;
|
|
|
|
|
dname = args->dname == NULL ? NULL : *args->dname;
|
|
|
|
|
|
|
|
|
|
/* Wacky world of XDR ... */
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC(uri_out) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2007-06-11 11:47:01 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (virDomainMigratePrepare(priv->conn, &cookie, &cookielen,
|
2011-04-22 15:09:33 +00:00
|
|
|
uri_in, uri_out,
|
|
|
|
|
args->flags, dname, args->resource) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2007-06-11 11:47:01 +00:00
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
/* remoteDispatchClientRequest will free cookie, uri_out and
|
|
|
|
|
* the string if there is one.
|
|
|
|
|
*/
|
|
|
|
|
ret->cookie.cookie_len = cookielen;
|
|
|
|
|
ret->cookie.cookie_val = cookie;
|
|
|
|
|
if (*uri_out == NULL) {
|
|
|
|
|
ret->uri_out = NULL;
|
|
|
|
|
} else {
|
|
|
|
|
ret->uri_out = uri_out;
|
|
|
|
|
uri_out = NULL;
|
|
|
|
|
}
|
2007-06-11 11:47:01 +00:00
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
2007-07-24 14:21:03 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-22 15:09:33 +00:00
|
|
|
VIR_FREE(uri_out);
|
2011-04-13 15:21:35 +00:00
|
|
|
return rv;
|
2007-06-11 11:47:01 +00:00
|
|
|
}
|
|
|
|
|
|
2009-03-03 09:27:02 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainMigratePrepare2(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-22 15:09:33 +00:00
|
|
|
remote_domain_migrate_prepare2_args *args,
|
|
|
|
|
remote_domain_migrate_prepare2_ret *ret)
|
2009-03-03 09:27:02 +00:00
|
|
|
{
|
2011-04-22 15:09:33 +00:00
|
|
|
char *cookie = NULL;
|
|
|
|
|
int cookielen = 0;
|
|
|
|
|
char *uri_in;
|
|
|
|
|
char **uri_out;
|
|
|
|
|
char *dname;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2009-03-03 09:27:02 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
uri_in = args->uri_in == NULL ? NULL : *args->uri_in;
|
|
|
|
|
dname = args->dname == NULL ? NULL : *args->dname;
|
2009-03-03 09:27:02 +00:00
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
/* Wacky world of XDR ... */
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC(uri_out) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-03 09:21:25 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (virDomainMigratePrepare2(priv->conn, &cookie, &cookielen,
|
2011-04-22 15:09:33 +00:00
|
|
|
uri_in, uri_out,
|
|
|
|
|
args->flags, dname, args->resource,
|
|
|
|
|
args->dom_xml) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2009-03-03 09:27:02 +00:00
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
/* remoteDispatchClientRequest will free cookie, uri_out and
|
|
|
|
|
* the string if there is one.
|
|
|
|
|
*/
|
|
|
|
|
ret->cookie.cookie_len = cookielen;
|
|
|
|
|
ret->cookie.cookie_val = cookie;
|
|
|
|
|
ret->uri_out = *uri_out == NULL ? NULL : uri_out;
|
2009-03-03 09:27:02 +00:00
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-13 15:21:35 +00:00
|
|
|
return rv;
|
2009-03-03 09:27:02 +00:00
|
|
|
}
|
|
|
|
|
|
2009-09-30 10:51:54 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_get_memory_parameters_args *args,
|
|
|
|
|
remote_domain_get_memory_parameters_ret *ret)
|
2009-09-30 10:51:54 +00:00
|
|
|
{
|
2011-04-22 15:09:33 +00:00
|
|
|
virDomainPtr dom = NULL;
|
2011-05-26 17:39:04 +00:00
|
|
|
virTypedParameterPtr params = NULL;
|
2013-05-02 11:36:53 +00:00
|
|
|
int nparams = 0;
|
2011-04-22 15:09:33 +00:00
|
|
|
unsigned int flags;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-04-12 16:33:49 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
2009-09-30 10:51:54 +00:00
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
flags = args->flags;
|
2009-09-30 10:51:54 +00:00
|
|
|
|
2013-05-02 11:36:53 +00:00
|
|
|
if (args->nparams > REMOTE_DOMAIN_MEMORY_PARAMETERS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
2011-04-22 15:09:33 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2013-07-04 09:58:18 +00:00
|
|
|
if (args->nparams && VIR_ALLOC_N(params, args->nparams) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2013-05-02 11:36:53 +00:00
|
|
|
nparams = args->nparams;
|
2009-09-30 10:51:54 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2009-09-30 10:51:54 +00:00
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
if (virDomainGetMemoryParameters(dom, params, &nparams, flags) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2009-09-30 10:51:54 +00:00
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
/* In this case, we need to send back the number of parameters
|
|
|
|
|
* supported
|
|
|
|
|
*/
|
|
|
|
|
if (args->nparams == 0) {
|
|
|
|
|
ret->nparams = nparams;
|
|
|
|
|
goto success;
|
2011-04-13 15:21:35 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-17 20:58:40 +00:00
|
|
|
if (remoteSerializeTypedParameters(params, nparams,
|
2011-05-30 18:12:18 +00:00
|
|
|
&ret->params.params_val,
|
2011-10-12 09:26:34 +00:00
|
|
|
&ret->params.params_len,
|
|
|
|
|
args->flags) < 0)
|
2011-05-17 20:58:40 +00:00
|
|
|
goto cleanup;
|
2007-06-11 11:47:01 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
success:
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-05-17 20:58:40 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2013-01-15 23:42:35 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
2011-04-13 15:21:35 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
2007-06-11 11:47:01 +00:00
|
|
|
}
|
|
|
|
|
|
2011-12-20 08:35:01 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainGetNumaParameters(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_get_numa_parameters_args *args,
|
|
|
|
|
remote_domain_get_numa_parameters_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
2013-05-02 11:36:53 +00:00
|
|
|
int nparams = 0;
|
2011-12-20 08:35:01 +00:00
|
|
|
unsigned int flags;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-12-20 08:35:01 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
flags = args->flags;
|
|
|
|
|
|
2013-05-02 11:36:53 +00:00
|
|
|
if (args->nparams > REMOTE_DOMAIN_NUMA_PARAMETERS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
2011-12-20 08:35:01 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2013-07-04 09:58:18 +00:00
|
|
|
if (args->nparams && VIR_ALLOC_N(params, args->nparams) < 0)
|
2011-12-20 08:35:01 +00:00
|
|
|
goto cleanup;
|
2013-05-02 11:36:53 +00:00
|
|
|
nparams = args->nparams;
|
2011-12-20 08:35:01 +00:00
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (virDomainGetNumaParameters(dom, params, &nparams, flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* In this case, we need to send back the number of parameters
|
|
|
|
|
* supported
|
|
|
|
|
*/
|
|
|
|
|
if (args->nparams == 0) {
|
|
|
|
|
ret->nparams = nparams;
|
|
|
|
|
goto success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (remoteSerializeTypedParameters(params, nparams,
|
|
|
|
|
&ret->params.params_val,
|
|
|
|
|
&ret->params.params_len,
|
|
|
|
|
flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
success:
|
2011-12-20 08:35:01 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-12-20 08:35:01 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
2013-01-15 23:42:35 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
2011-12-20 08:35:01 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2010-10-12 17:23:04 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainGetBlkioParameters(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_get_blkio_parameters_args *args,
|
|
|
|
|
remote_domain_get_blkio_parameters_ret *ret)
|
2010-10-12 17:23:04 +00:00
|
|
|
{
|
2011-04-13 15:21:35 +00:00
|
|
|
virDomainPtr dom = NULL;
|
2011-05-26 17:39:04 +00:00
|
|
|
virTypedParameterPtr params = NULL;
|
2013-05-02 11:36:53 +00:00
|
|
|
int nparams = 0;
|
2010-10-12 17:23:04 +00:00
|
|
|
unsigned int flags;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2010-10-12 17:23:04 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2010-10-12 17:23:04 +00:00
|
|
|
flags = args->flags;
|
|
|
|
|
|
2013-05-02 11:36:53 +00:00
|
|
|
if (args->nparams > REMOTE_DOMAIN_BLKIO_PARAMETERS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2010-10-12 17:23:04 +00:00
|
|
|
}
|
2013-07-04 09:58:18 +00:00
|
|
|
if (args->nparams && VIR_ALLOC_N(params, args->nparams) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2013-05-02 11:36:53 +00:00
|
|
|
nparams = args->nparams;
|
2010-10-12 17:23:04 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2010-10-12 17:23:04 +00:00
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
if (virDomainGetBlkioParameters(dom, params, &nparams, flags) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-13 17:50:40 +00:00
|
|
|
|
2010-10-12 17:23:04 +00:00
|
|
|
/* In this case, we need to send back the number of parameters
|
|
|
|
|
* supported
|
|
|
|
|
*/
|
|
|
|
|
if (args->nparams == 0) {
|
|
|
|
|
ret->nparams = nparams;
|
|
|
|
|
goto success;
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-17 20:58:40 +00:00
|
|
|
if (remoteSerializeTypedParameters(params, nparams,
|
2011-05-30 18:12:18 +00:00
|
|
|
&ret->params.params_val,
|
2011-10-12 09:26:34 +00:00
|
|
|
&ret->params.params_len,
|
|
|
|
|
args->flags) < 0)
|
2011-05-17 20:58:40 +00:00
|
|
|
goto cleanup;
|
2011-02-22 05:34:28 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
success:
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
2011-02-22 05:34:28 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-05-17 20:58:40 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2013-01-15 23:42:35 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
2011-04-13 15:21:35 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
2011-02-22 05:34:28 +00:00
|
|
|
}
|
|
|
|
|
|
2011-06-07 01:01:12 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchNodeGetCPUStats(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_node_get_cpu_stats_args *args,
|
|
|
|
|
remote_node_get_cpu_stats_ret *ret)
|
2011-06-07 01:01:12 +00:00
|
|
|
{
|
2011-06-15 10:39:57 +00:00
|
|
|
virNodeCPUStatsPtr params = NULL;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2011-06-07 01:01:12 +00:00
|
|
|
int cpuNum = args->cpuNum;
|
2013-05-02 11:36:53 +00:00
|
|
|
int nparams = 0;
|
2011-06-07 01:01:12 +00:00
|
|
|
unsigned int flags;
|
|
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-06-07 01:01:12 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-06-07 01:01:12 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
flags = args->flags;
|
|
|
|
|
|
2013-05-02 11:36:53 +00:00
|
|
|
if (args->nparams > REMOTE_NODE_CPU_STATS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
2011-06-07 01:01:12 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2013-07-04 09:58:18 +00:00
|
|
|
if (args->nparams && VIR_ALLOC_N(params, args->nparams) < 0)
|
2011-06-07 01:01:12 +00:00
|
|
|
goto cleanup;
|
2013-05-02 11:36:53 +00:00
|
|
|
nparams = args->nparams;
|
2011-06-07 01:01:12 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (virNodeGetCPUStats(priv->conn, cpuNum, params, &nparams, flags) < 0)
|
2011-06-07 01:01:12 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* In this case, we need to send back the number of stats
|
|
|
|
|
* supported
|
|
|
|
|
*/
|
|
|
|
|
if (args->nparams == 0) {
|
|
|
|
|
ret->nparams = nparams;
|
|
|
|
|
goto success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Serialise the memory parameters. */
|
|
|
|
|
ret->params.params_len = nparams;
|
|
|
|
|
if (VIR_ALLOC_N(ret->params.params_val, nparams) < 0)
|
2013-07-04 09:58:18 +00:00
|
|
|
goto cleanup;
|
2011-06-07 01:01:12 +00:00
|
|
|
|
|
|
|
|
for (i = 0; i < nparams; ++i) {
|
|
|
|
|
/* remoteDispatchClientRequest will free this: */
|
2013-05-03 12:39:39 +00:00
|
|
|
if (VIR_STRDUP(ret->params.params_val[i].field, params[i].field) < 0)
|
|
|
|
|
goto cleanup;
|
2011-06-07 01:01:12 +00:00
|
|
|
|
|
|
|
|
ret->params.params_val[i].value = params[i].value;
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
success:
|
2011-06-07 01:01:12 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-06-07 01:05:40 +00:00
|
|
|
if (rv < 0) {
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-06-07 01:05:40 +00:00
|
|
|
if (ret->params.params_val) {
|
|
|
|
|
for (i = 0; i < nparams; i++)
|
|
|
|
|
VIR_FREE(ret->params.params_val[i].field);
|
|
|
|
|
VIR_FREE(ret->params.params_val);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
VIR_FREE(params);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchNodeGetMemoryStats(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_node_get_memory_stats_args *args,
|
|
|
|
|
remote_node_get_memory_stats_ret *ret)
|
2011-06-07 01:05:40 +00:00
|
|
|
{
|
2011-06-15 10:39:57 +00:00
|
|
|
virNodeMemoryStatsPtr params = NULL;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2011-06-07 01:05:40 +00:00
|
|
|
int cellNum = args->cellNum;
|
2013-05-02 11:36:53 +00:00
|
|
|
int nparams = 0;
|
2011-06-07 01:05:40 +00:00
|
|
|
unsigned int flags;
|
|
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-06-07 01:05:40 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-06-07 01:05:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
flags = args->flags;
|
|
|
|
|
|
2013-05-02 11:36:53 +00:00
|
|
|
if (args->nparams > REMOTE_NODE_MEMORY_STATS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
2011-06-07 01:05:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2013-07-04 09:58:18 +00:00
|
|
|
if (args->nparams && VIR_ALLOC_N(params, args->nparams) < 0)
|
2011-06-07 01:05:40 +00:00
|
|
|
goto cleanup;
|
2013-05-02 11:36:53 +00:00
|
|
|
nparams = args->nparams;
|
2011-06-07 01:05:40 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (virNodeGetMemoryStats(priv->conn, cellNum, params, &nparams, flags) < 0)
|
2011-06-07 01:05:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* In this case, we need to send back the number of parameters
|
|
|
|
|
* supported
|
|
|
|
|
*/
|
|
|
|
|
if (args->nparams == 0) {
|
|
|
|
|
ret->nparams = nparams;
|
|
|
|
|
goto success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Serialise the memory parameters. */
|
|
|
|
|
ret->params.params_len = nparams;
|
|
|
|
|
if (VIR_ALLOC_N(ret->params.params_val, nparams) < 0)
|
2013-07-04 09:58:18 +00:00
|
|
|
goto cleanup;
|
2011-06-07 01:05:40 +00:00
|
|
|
|
|
|
|
|
for (i = 0; i < nparams; ++i) {
|
|
|
|
|
/* remoteDispatchClientRequest will free this: */
|
2013-05-03 12:39:39 +00:00
|
|
|
if (VIR_STRDUP(ret->params.params_val[i].field, params[i].field) < 0)
|
|
|
|
|
goto cleanup;
|
2011-06-07 01:05:40 +00:00
|
|
|
|
|
|
|
|
ret->params.params_val[i].value = params[i].value;
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
success:
|
2011-06-07 01:05:40 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-06-07 01:01:12 +00:00
|
|
|
if (rv < 0) {
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-06-07 01:01:12 +00:00
|
|
|
if (ret->params.params_val) {
|
|
|
|
|
for (i = 0; i < nparams; i++)
|
|
|
|
|
VIR_FREE(ret->params.params_val[i].field);
|
|
|
|
|
VIR_FREE(ret->params.params_val);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
VIR_FREE(params);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2011-07-22 05:31:16 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainGetBlockJobInfo(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-07-22 05:31:16 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_get_block_job_info_args *args,
|
|
|
|
|
remote_domain_get_block_job_info_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
virDomainBlockJobInfo tmp;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-07-22 05:31:16 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
rv = virDomainGetBlockJobInfo(dom, args->path, &tmp, args->flags);
|
|
|
|
|
if (rv <= 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->type = tmp.type;
|
|
|
|
|
ret->bandwidth = tmp.bandwidth;
|
|
|
|
|
ret->cur = tmp.cur;
|
|
|
|
|
ret->end = tmp.end;
|
|
|
|
|
ret->found = 1;
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-07-22 05:31:16 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2011-11-15 09:02:44 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainGetBlockIoTune(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr hdr ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_get_block_io_tune_args *args,
|
|
|
|
|
remote_domain_get_block_io_tune_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
2013-05-02 11:36:53 +00:00
|
|
|
int nparams = 0;
|
2011-11-15 09:02:44 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-11-15 09:02:44 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-02 11:36:53 +00:00
|
|
|
if (args->nparams > REMOTE_DOMAIN_BLOCK_IO_TUNE_PARAMETERS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
2011-11-15 09:02:44 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-07-04 09:58:18 +00:00
|
|
|
if (args->nparams && VIR_ALLOC_N(params, args->nparams) < 0)
|
2011-11-15 09:02:44 +00:00
|
|
|
goto cleanup;
|
2013-05-02 11:36:53 +00:00
|
|
|
nparams = args->nparams;
|
2011-11-15 09:02:44 +00:00
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (virDomainGetBlockIoTune(dom, args->disk ? *args->disk : NULL,
|
|
|
|
|
params, &nparams, args->flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* In this case, we need to send back the number of parameters
|
|
|
|
|
* supported
|
|
|
|
|
*/
|
|
|
|
|
if (args->nparams == 0) {
|
|
|
|
|
ret->nparams = nparams;
|
|
|
|
|
goto success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Serialise the block I/O tuning parameters. */
|
|
|
|
|
if (remoteSerializeTypedParameters(params, nparams,
|
|
|
|
|
&ret->params.params_val,
|
|
|
|
|
&ret->params.params_len,
|
|
|
|
|
args->flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
success:
|
2011-11-15 09:02:44 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-11-15 09:02:44 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
2013-01-15 23:42:35 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
2011-11-15 09:02:44 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
2011-07-22 05:31:16 +00:00
|
|
|
|
2009-05-20 14:26:49 +00:00
|
|
|
/*-------------------------------------------------------------*/
|
|
|
|
|
|
2007-12-05 15:24:15 +00:00
|
|
|
static int
|
2014-03-04 14:37:27 +00:00
|
|
|
remoteDispatchAuthList(virNetServerPtr server,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetServerClientPtr client,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-12 16:34:30 +00:00
|
|
|
remote_auth_list_ret *ret)
|
2007-12-05 15:24:15 +00:00
|
|
|
{
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
int auth = virNetServerClientGetAuth(client);
|
|
|
|
|
uid_t callerUid;
|
2011-12-16 00:18:22 +00:00
|
|
|
gid_t callerGid;
|
2011-05-16 17:13:11 +00:00
|
|
|
pid_t callerPid;
|
2013-04-25 16:05:00 +00:00
|
|
|
unsigned long long timestamp;
|
2011-05-16 17:13:11 +00:00
|
|
|
|
|
|
|
|
/* If the client is root then we want to bypass the
|
|
|
|
|
* policykit auth to avoid root being denied if
|
|
|
|
|
* some piece of polkit isn't present/running
|
|
|
|
|
*/
|
|
|
|
|
if (auth == VIR_NET_SERVER_SERVICE_AUTH_POLKIT) {
|
2012-01-26 00:49:48 +00:00
|
|
|
if (virNetServerClientGetUNIXIdentity(client, &callerUid, &callerGid,
|
2013-04-25 16:05:00 +00:00
|
|
|
&callerPid, ×tamp) < 0) {
|
2011-05-16 17:13:11 +00:00
|
|
|
/* Don't do anything on error - it'll be validated at next
|
|
|
|
|
* phase of auth anyway */
|
|
|
|
|
virResetLastError();
|
|
|
|
|
} else if (callerUid == 0) {
|
2012-01-26 00:49:48 +00:00
|
|
|
char *ident;
|
|
|
|
|
if (virAsprintf(&ident, "pid:%lld,uid:%d",
|
2013-07-04 09:58:18 +00:00
|
|
|
(long long) callerPid, (int) callerUid) < 0)
|
2012-02-15 17:01:50 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
VIR_INFO("Bypass polkit auth for privileged client %s", ident);
|
2012-01-20 16:56:31 +00:00
|
|
|
virNetServerClientSetAuth(client, 0);
|
2014-03-04 14:37:27 +00:00
|
|
|
virNetServerTrackCompletedAuth(server);
|
2012-01-20 16:56:31 +00:00
|
|
|
auth = VIR_NET_SERVER_SERVICE_AUTH_NONE;
|
2012-02-15 17:01:50 +00:00
|
|
|
VIR_FREE(ident);
|
2011-05-16 17:13:11 +00:00
|
|
|
}
|
|
|
|
|
}
|
2011-04-13 15:21:35 +00:00
|
|
|
|
2007-12-05 15:24:15 +00:00
|
|
|
ret->types.types_len = 1;
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->types.types_val, ret->types.types_len) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-05-16 17:13:11 +00:00
|
|
|
|
|
|
|
|
switch (auth) {
|
|
|
|
|
case VIR_NET_SERVER_SERVICE_AUTH_NONE:
|
|
|
|
|
ret->types.types_val[0] = REMOTE_AUTH_NONE;
|
|
|
|
|
break;
|
|
|
|
|
case VIR_NET_SERVER_SERVICE_AUTH_POLKIT:
|
|
|
|
|
ret->types.types_val[0] = REMOTE_AUTH_POLKIT;
|
|
|
|
|
break;
|
|
|
|
|
case VIR_NET_SERVER_SERVICE_AUTH_SASL:
|
|
|
|
|
ret->types.types_val[0] = REMOTE_AUTH_SASL;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
ret->types.types_val[0] = REMOTE_AUTH_NONE;
|
|
|
|
|
}
|
2008-12-04 22:16:40 +00:00
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-13 15:21:35 +00:00
|
|
|
return rv;
|
2007-12-05 15:24:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2012-09-20 11:58:29 +00:00
|
|
|
#ifdef WITH_SASL
|
2007-12-05 15:24:15 +00:00
|
|
|
/*
|
|
|
|
|
* Initializes the SASL session in prepare for authentication
|
2008-05-15 06:12:32 +00:00
|
|
|
* and gives the client a list of allowed mechanisms to choose
|
2007-12-05 15:24:15 +00:00
|
|
|
*/
|
|
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchAuthSaslInit(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-12 16:34:30 +00:00
|
|
|
remote_auth_sasl_init_ret *ret)
|
2007-12-05 15:24:15 +00:00
|
|
|
{
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetSASLSessionPtr sasl = NULL;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2007-12-05 15:24:15 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
virMutexLock(&priv->lock);
|
2008-12-04 22:16:40 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
VIR_DEBUG("Initialize SASL auth %d", virNetServerClientGetFD(client));
|
|
|
|
|
if (virNetServerClientGetAuth(client) != VIR_NET_SERVER_SERVICE_AUTH_SASL ||
|
|
|
|
|
priv->sasl != NULL) {
|
2011-05-09 09:24:09 +00:00
|
|
|
VIR_ERROR(_("client tried invalid SASL init request"));
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2007-12-05 15:24:15 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
sasl = virNetSASLSessionNewServer(saslCtxt,
|
|
|
|
|
"libvirt",
|
|
|
|
|
virNetServerClientLocalAddrString(client),
|
|
|
|
|
virNetServerClientRemoteAddrString(client));
|
|
|
|
|
if (!sasl)
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2007-12-05 15:24:15 +00:00
|
|
|
|
2013-01-08 21:02:05 +00:00
|
|
|
# if WITH_GNUTLS
|
2007-12-05 15:27:08 +00:00
|
|
|
/* Inform SASL that we've got an external SSF layer from TLS */
|
2011-05-16 17:13:11 +00:00
|
|
|
if (virNetServerClientHasTLSSession(client)) {
|
|
|
|
|
int ssf;
|
|
|
|
|
|
|
|
|
|
if ((ssf = virNetServerClientGetTLSKeySize(client)) < 0)
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2011-05-16 17:13:11 +00:00
|
|
|
|
|
|
|
|
ssf *= 8; /* key size is bytes, sasl wants bits */
|
|
|
|
|
|
|
|
|
|
VIR_DEBUG("Setting external SSF %d", ssf);
|
|
|
|
|
if (virNetSASLSessionExtKeySize(sasl, ssf) < 0)
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2007-12-05 15:27:08 +00:00
|
|
|
}
|
2013-01-07 14:54:18 +00:00
|
|
|
# endif
|
2007-12-05 15:27:08 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (virNetServerClientIsSecure(client))
|
2007-12-05 15:27:08 +00:00
|
|
|
/* If we've got TLS or UNIX domain sock, we don't care about SSF */
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetSASLSessionSecProps(sasl, 0, 0, true);
|
|
|
|
|
else
|
2007-12-05 15:27:08 +00:00
|
|
|
/* Plain TCP, better get an SSF layer */
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetSASLSessionSecProps(sasl,
|
|
|
|
|
56, /* Good enough to require kerberos */
|
|
|
|
|
100000, /* Arbitrary big number */
|
|
|
|
|
false); /* No anonymous */
|
2007-12-05 15:27:08 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(ret->mechlist = virNetSASLSessionListMechanisms(sasl)))
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2011-05-16 17:13:11 +00:00
|
|
|
VIR_DEBUG("Available mechanisms for client: '%s'", ret->mechlist);
|
2007-12-05 15:24:15 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
priv->sasl = sasl;
|
|
|
|
|
virMutexUnlock(&priv->lock);
|
2007-12-05 15:24:15 +00:00
|
|
|
return 0;
|
2008-12-04 22:16:40 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
authfail:
|
2011-05-16 17:13:11 +00:00
|
|
|
virResetLastError();
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_AUTH_FAILED, "%s",
|
|
|
|
|
_("authentication failed"));
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
Rewrite all the DTrace/SystemTAP probing
The libvirtd daemon had a few crude system tap probes. Some of
these were broken during the RPC rewrite. The new modular RPC
code is structured in a way that allows much more effective
tracing. Instead of trying to hook up the original probes,
define a new set of probes for the RPC and event code.
The master probes file is now src/probes.d. This contains
probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
probes for the poll event loop.
The src/dtrace2systemtap.pl script can convert the probes.d
file into a libvirt_probes.stp file to make use from systemtap
much simpler.
The src/rpc/gensystemtap.pl script can generate a set of
systemtap functions for translating RPC enum values into
printable strings. This works for all RPC header enums (program,
type, status, procedure) and also the authentication enum
The PROBE macro will automatically generate a VIR_DEBUG
statement, so any place with a PROBE can remove any existing
manual DEBUG statements.
* daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
* daemon/libvirtd.h: Remove probe macros
* daemon/Makefile.am: Remove all probe buildings/install
* daemon/remote.c: Update authentication probes
* src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
to generate STP files
* src/internal.h: Add probe macros
* src/probes.d: Master list of probes
* src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
src/util/event_poll.c: Insert probe points, removing any
DEBUG statements that duplicate the info
2011-09-30 13:40:23 +00:00
|
|
|
PROBE(RPC_SERVER_CLIENT_AUTH_FAIL,
|
|
|
|
|
"client=%p auth=%d",
|
|
|
|
|
client, REMOTE_AUTH_SASL);
|
2012-07-11 13:35:49 +00:00
|
|
|
virObjectUnref(sasl);
|
2011-05-16 17:13:11 +00:00
|
|
|
virMutexUnlock(&priv->lock);
|
2008-12-04 22:16:40 +00:00
|
|
|
return -1;
|
2007-12-05 15:24:15 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
/*
|
2010-09-14 16:50:25 +00:00
|
|
|
* Returns 0 if ok, -1 on error, -2 if rejected
|
|
|
|
|
*/
|
2007-12-05 15:27:08 +00:00
|
|
|
static int
|
2014-03-04 14:37:27 +00:00
|
|
|
remoteSASLFinish(virNetServerPtr server,
|
|
|
|
|
virNetServerClientPtr client)
|
2011-05-16 17:13:11 +00:00
|
|
|
{
|
|
|
|
|
const char *identity;
|
|
|
|
|
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
|
|
|
|
int ssf;
|
|
|
|
|
|
|
|
|
|
/* TLS or UNIX domain sockets trivially OK */
|
|
|
|
|
if (!virNetServerClientIsSecure(client)) {
|
|
|
|
|
if ((ssf = virNetSASLSessionGetKeySize(priv->sasl)) < 0)
|
|
|
|
|
goto error;
|
|
|
|
|
|
|
|
|
|
VIR_DEBUG("negotiated an SSF of %d", ssf);
|
|
|
|
|
if (ssf < 56) { /* 56 is good for Kerberos */
|
|
|
|
|
VIR_ERROR(_("negotiated SSF %d was not strong enough"), ssf);
|
|
|
|
|
return -2;
|
|
|
|
|
}
|
2007-12-05 15:27:08 +00:00
|
|
|
}
|
2011-05-16 17:13:11 +00:00
|
|
|
|
|
|
|
|
if (!(identity = virNetSASLSessionGetIdentity(priv->sasl)))
|
2010-09-14 16:50:25 +00:00
|
|
|
return -2;
|
2007-12-05 15:27:08 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!virNetSASLContextCheckIdentity(saslCtxt, identity))
|
|
|
|
|
return -2;
|
2007-12-05 15:27:08 +00:00
|
|
|
|
2012-01-20 16:56:31 +00:00
|
|
|
virNetServerClientSetAuth(client, 0);
|
2014-03-04 14:37:27 +00:00
|
|
|
virNetServerTrackCompletedAuth(server);
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetServerClientSetSASLSession(client, priv->sasl);
|
2007-12-05 15:34:05 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
VIR_DEBUG("Authentication successful %d", virNetServerClientGetFD(client));
|
2011-06-28 22:33:09 +00:00
|
|
|
|
Rewrite all the DTrace/SystemTAP probing
The libvirtd daemon had a few crude system tap probes. Some of
these were broken during the RPC rewrite. The new modular RPC
code is structured in a way that allows much more effective
tracing. Instead of trying to hook up the original probes,
define a new set of probes for the RPC and event code.
The master probes file is now src/probes.d. This contains
probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
probes for the poll event loop.
The src/dtrace2systemtap.pl script can convert the probes.d
file into a libvirt_probes.stp file to make use from systemtap
much simpler.
The src/rpc/gensystemtap.pl script can generate a set of
systemtap functions for translating RPC enum values into
printable strings. This works for all RPC header enums (program,
type, status, procedure) and also the authentication enum
The PROBE macro will automatically generate a VIR_DEBUG
statement, so any place with a PROBE can remove any existing
manual DEBUG statements.
* daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
* daemon/libvirtd.h: Remove probe macros
* daemon/Makefile.am: Remove all probe buildings/install
* daemon/remote.c: Update authentication probes
* src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
to generate STP files
* src/internal.h: Add probe macros
* src/probes.d: Master list of probes
* src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
src/util/event_poll.c: Insert probe points, removing any
DEBUG statements that duplicate the info
2011-09-30 13:40:23 +00:00
|
|
|
PROBE(RPC_SERVER_CLIENT_AUTH_ALLOW,
|
|
|
|
|
"client=%p auth=%d identity=%s",
|
|
|
|
|
client, REMOTE_AUTH_SASL, identity);
|
2007-12-05 15:34:05 +00:00
|
|
|
|
2012-07-11 13:35:49 +00:00
|
|
|
virObjectUnref(priv->sasl);
|
2011-05-16 17:13:11 +00:00
|
|
|
priv->sasl = NULL;
|
2007-12-05 15:34:05 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
return 0;
|
2007-12-05 15:34:05 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
error:
|
2011-05-16 17:13:11 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2007-12-05 15:34:05 +00:00
|
|
|
|
2007-12-05 15:24:15 +00:00
|
|
|
/*
|
|
|
|
|
* This starts the SASL authentication negotiation.
|
|
|
|
|
*/
|
|
|
|
|
static int
|
2014-03-04 14:37:27 +00:00
|
|
|
remoteDispatchAuthSaslStart(virNetServerPtr server,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetServerClientPtr client,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-12 16:34:30 +00:00
|
|
|
remote_auth_sasl_start_args *args,
|
|
|
|
|
remote_auth_sasl_start_ret *ret)
|
2007-12-05 15:24:15 +00:00
|
|
|
{
|
|
|
|
|
const char *serverout;
|
2011-05-16 17:13:11 +00:00
|
|
|
size_t serveroutlen;
|
2007-12-05 15:24:15 +00:00
|
|
|
int err;
|
2011-05-16 17:13:11 +00:00
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-06-28 22:33:09 +00:00
|
|
|
const char *identity;
|
2007-12-05 15:24:15 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
virMutexLock(&priv->lock);
|
2008-12-04 22:16:40 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
VIR_DEBUG("Start SASL auth %d", virNetServerClientGetFD(client));
|
|
|
|
|
if (virNetServerClientGetAuth(client) != VIR_NET_SERVER_SERVICE_AUTH_SASL ||
|
|
|
|
|
priv->sasl == NULL) {
|
2011-05-09 09:24:09 +00:00
|
|
|
VIR_ERROR(_("client tried invalid SASL start request"));
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2007-12-05 15:24:15 +00:00
|
|
|
}
|
|
|
|
|
|
2011-04-13 15:10:01 +00:00
|
|
|
VIR_DEBUG("Using SASL mechanism %s. Data %d bytes, nil: %d",
|
|
|
|
|
args->mech, args->data.data_len, args->nil);
|
2011-05-16 17:13:11 +00:00
|
|
|
err = virNetSASLSessionServerStart(priv->sasl,
|
|
|
|
|
args->mech,
|
|
|
|
|
/* NB, distinction of NULL vs "" is *critical* in SASL */
|
|
|
|
|
args->nil ? NULL : args->data.data_val,
|
|
|
|
|
args->data.data_len,
|
|
|
|
|
&serverout,
|
|
|
|
|
&serveroutlen);
|
|
|
|
|
if (err != VIR_NET_SASL_COMPLETE &&
|
|
|
|
|
err != VIR_NET_SASL_CONTINUE)
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2011-05-16 17:13:11 +00:00
|
|
|
|
2007-12-05 15:24:15 +00:00
|
|
|
if (serveroutlen > REMOTE_AUTH_SASL_DATA_MAX) {
|
2011-05-16 17:13:11 +00:00
|
|
|
VIR_ERROR(_("sasl start reply data too long %d"), (int)serveroutlen);
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2007-12-05 15:24:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* NB, distinction of NULL vs "" is *critical* in SASL */
|
|
|
|
|
if (serverout) {
|
2011-05-16 17:13:11 +00:00
|
|
|
if (VIR_ALLOC_N(ret->data.data_val, serveroutlen) < 0)
|
|
|
|
|
goto authfail;
|
2007-12-05 15:24:15 +00:00
|
|
|
memcpy(ret->data.data_val, serverout, serveroutlen);
|
|
|
|
|
} else {
|
|
|
|
|
ret->data.data_val = NULL;
|
|
|
|
|
}
|
|
|
|
|
ret->nil = serverout ? 0 : 1;
|
|
|
|
|
ret->data.data_len = serveroutlen;
|
|
|
|
|
|
2011-04-13 15:10:01 +00:00
|
|
|
VIR_DEBUG("SASL return data %d bytes, nil; %d", ret->data.data_len, ret->nil);
|
2011-05-16 17:13:11 +00:00
|
|
|
if (err == VIR_NET_SASL_CONTINUE) {
|
2007-12-05 15:24:15 +00:00
|
|
|
ret->complete = 0;
|
|
|
|
|
} else {
|
2007-12-05 15:34:05 +00:00
|
|
|
/* Check username whitelist ACL */
|
2014-03-04 14:37:27 +00:00
|
|
|
if ((err = remoteSASLFinish(server, client)) < 0) {
|
2010-09-14 16:50:25 +00:00
|
|
|
if (err == -2)
|
|
|
|
|
goto authdeny;
|
|
|
|
|
else
|
|
|
|
|
goto authfail;
|
|
|
|
|
}
|
2007-12-05 15:34:05 +00:00
|
|
|
|
2007-12-05 15:24:15 +00:00
|
|
|
ret->complete = 1;
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
virMutexUnlock(&priv->lock);
|
2007-12-05 15:24:15 +00:00
|
|
|
return 0;
|
2008-12-04 22:16:40 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
authfail:
|
Rewrite all the DTrace/SystemTAP probing
The libvirtd daemon had a few crude system tap probes. Some of
these were broken during the RPC rewrite. The new modular RPC
code is structured in a way that allows much more effective
tracing. Instead of trying to hook up the original probes,
define a new set of probes for the RPC and event code.
The master probes file is now src/probes.d. This contains
probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
probes for the poll event loop.
The src/dtrace2systemtap.pl script can convert the probes.d
file into a libvirt_probes.stp file to make use from systemtap
much simpler.
The src/rpc/gensystemtap.pl script can generate a set of
systemtap functions for translating RPC enum values into
printable strings. This works for all RPC header enums (program,
type, status, procedure) and also the authentication enum
The PROBE macro will automatically generate a VIR_DEBUG
statement, so any place with a PROBE can remove any existing
manual DEBUG statements.
* daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
* daemon/libvirtd.h: Remove probe macros
* daemon/Makefile.am: Remove all probe buildings/install
* daemon/remote.c: Update authentication probes
* src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
to generate STP files
* src/internal.h: Add probe macros
* src/probes.d: Master list of probes
* src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
src/util/event_poll.c: Insert probe points, removing any
DEBUG statements that duplicate the info
2011-09-30 13:40:23 +00:00
|
|
|
PROBE(RPC_SERVER_CLIENT_AUTH_FAIL,
|
|
|
|
|
"client=%p auth=%d",
|
|
|
|
|
client, REMOTE_AUTH_SASL);
|
2010-09-14 16:50:25 +00:00
|
|
|
goto error;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
authdeny:
|
2011-06-28 22:33:09 +00:00
|
|
|
identity = virNetSASLSessionGetIdentity(priv->sasl);
|
Rewrite all the DTrace/SystemTAP probing
The libvirtd daemon had a few crude system tap probes. Some of
these were broken during the RPC rewrite. The new modular RPC
code is structured in a way that allows much more effective
tracing. Instead of trying to hook up the original probes,
define a new set of probes for the RPC and event code.
The master probes file is now src/probes.d. This contains
probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
probes for the poll event loop.
The src/dtrace2systemtap.pl script can convert the probes.d
file into a libvirt_probes.stp file to make use from systemtap
much simpler.
The src/rpc/gensystemtap.pl script can generate a set of
systemtap functions for translating RPC enum values into
printable strings. This works for all RPC header enums (program,
type, status, procedure) and also the authentication enum
The PROBE macro will automatically generate a VIR_DEBUG
statement, so any place with a PROBE can remove any existing
manual DEBUG statements.
* daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
* daemon/libvirtd.h: Remove probe macros
* daemon/Makefile.am: Remove all probe buildings/install
* daemon/remote.c: Update authentication probes
* src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
to generate STP files
* src/internal.h: Add probe macros
* src/probes.d: Master list of probes
* src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
src/util/event_poll.c: Insert probe points, removing any
DEBUG statements that duplicate the info
2011-09-30 13:40:23 +00:00
|
|
|
PROBE(RPC_SERVER_CLIENT_AUTH_DENY,
|
|
|
|
|
"client=%p auth=%d identity=%s",
|
|
|
|
|
client, REMOTE_AUTH_SASL, identity);
|
2010-09-14 16:50:25 +00:00
|
|
|
goto error;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
error:
|
2012-07-11 13:35:49 +00:00
|
|
|
virObjectUnref(priv->sasl);
|
2011-05-16 17:13:11 +00:00
|
|
|
priv->sasl = NULL;
|
|
|
|
|
virResetLastError();
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_AUTH_FAILED, "%s",
|
|
|
|
|
_("authentication failed"));
|
2011-05-16 17:13:11 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
virMutexUnlock(&priv->lock);
|
2008-12-04 22:16:40 +00:00
|
|
|
return -1;
|
2007-12-05 15:24:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2014-03-04 14:37:27 +00:00
|
|
|
remoteDispatchAuthSaslStep(virNetServerPtr server,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetServerClientPtr client,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-12 16:34:30 +00:00
|
|
|
remote_auth_sasl_step_args *args,
|
|
|
|
|
remote_auth_sasl_step_ret *ret)
|
2007-12-05 15:24:15 +00:00
|
|
|
{
|
|
|
|
|
const char *serverout;
|
2011-05-16 17:13:11 +00:00
|
|
|
size_t serveroutlen;
|
2007-12-05 15:24:15 +00:00
|
|
|
int err;
|
2011-05-16 17:13:11 +00:00
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-06-28 22:33:09 +00:00
|
|
|
const char *identity;
|
2008-12-04 22:16:40 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
virMutexLock(&priv->lock);
|
|
|
|
|
|
|
|
|
|
VIR_DEBUG("Step SASL auth %d", virNetServerClientGetFD(client));
|
|
|
|
|
if (virNetServerClientGetAuth(client) != VIR_NET_SERVER_SERVICE_AUTH_SASL ||
|
|
|
|
|
priv->sasl == NULL) {
|
2011-05-09 09:24:09 +00:00
|
|
|
VIR_ERROR(_("client tried invalid SASL start request"));
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2007-12-05 15:24:15 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
VIR_DEBUG("Step using SASL Data %d bytes, nil: %d",
|
2011-04-13 15:10:01 +00:00
|
|
|
args->data.data_len, args->nil);
|
2011-05-16 17:13:11 +00:00
|
|
|
err = virNetSASLSessionServerStep(priv->sasl,
|
|
|
|
|
/* NB, distinction of NULL vs "" is *critical* in SASL */
|
|
|
|
|
args->nil ? NULL : args->data.data_val,
|
|
|
|
|
args->data.data_len,
|
|
|
|
|
&serverout,
|
|
|
|
|
&serveroutlen);
|
|
|
|
|
if (err != VIR_NET_SASL_COMPLETE &&
|
|
|
|
|
err != VIR_NET_SASL_CONTINUE)
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2007-12-05 15:24:15 +00:00
|
|
|
|
|
|
|
|
if (serveroutlen > REMOTE_AUTH_SASL_DATA_MAX) {
|
2009-01-06 18:32:03 +00:00
|
|
|
VIR_ERROR(_("sasl step reply data too long %d"),
|
2011-05-16 17:13:11 +00:00
|
|
|
(int)serveroutlen);
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2007-12-05 15:24:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* NB, distinction of NULL vs "" is *critical* in SASL */
|
|
|
|
|
if (serverout) {
|
2011-05-16 17:13:11 +00:00
|
|
|
if (VIR_ALLOC_N(ret->data.data_val, serveroutlen) < 0)
|
|
|
|
|
goto authfail;
|
2007-12-05 15:24:15 +00:00
|
|
|
memcpy(ret->data.data_val, serverout, serveroutlen);
|
|
|
|
|
} else {
|
|
|
|
|
ret->data.data_val = NULL;
|
|
|
|
|
}
|
|
|
|
|
ret->nil = serverout ? 0 : 1;
|
|
|
|
|
ret->data.data_len = serveroutlen;
|
|
|
|
|
|
2011-04-13 15:10:01 +00:00
|
|
|
VIR_DEBUG("SASL return data %d bytes, nil; %d", ret->data.data_len, ret->nil);
|
2011-05-16 17:13:11 +00:00
|
|
|
if (err == VIR_NET_SASL_CONTINUE) {
|
2007-12-05 15:24:15 +00:00
|
|
|
ret->complete = 0;
|
|
|
|
|
} else {
|
2007-12-05 15:34:05 +00:00
|
|
|
/* Check username whitelist ACL */
|
2014-03-04 14:37:27 +00:00
|
|
|
if ((err = remoteSASLFinish(server, client)) < 0) {
|
2010-09-14 16:50:25 +00:00
|
|
|
if (err == -2)
|
|
|
|
|
goto authdeny;
|
|
|
|
|
else
|
|
|
|
|
goto authfail;
|
|
|
|
|
}
|
2007-12-05 15:34:05 +00:00
|
|
|
|
2007-12-05 15:24:15 +00:00
|
|
|
ret->complete = 1;
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
virMutexUnlock(&priv->lock);
|
2007-12-05 15:24:15 +00:00
|
|
|
return 0;
|
2008-12-04 22:16:40 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
authfail:
|
Rewrite all the DTrace/SystemTAP probing
The libvirtd daemon had a few crude system tap probes. Some of
these were broken during the RPC rewrite. The new modular RPC
code is structured in a way that allows much more effective
tracing. Instead of trying to hook up the original probes,
define a new set of probes for the RPC and event code.
The master probes file is now src/probes.d. This contains
probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
probes for the poll event loop.
The src/dtrace2systemtap.pl script can convert the probes.d
file into a libvirt_probes.stp file to make use from systemtap
much simpler.
The src/rpc/gensystemtap.pl script can generate a set of
systemtap functions for translating RPC enum values into
printable strings. This works for all RPC header enums (program,
type, status, procedure) and also the authentication enum
The PROBE macro will automatically generate a VIR_DEBUG
statement, so any place with a PROBE can remove any existing
manual DEBUG statements.
* daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
* daemon/libvirtd.h: Remove probe macros
* daemon/Makefile.am: Remove all probe buildings/install
* daemon/remote.c: Update authentication probes
* src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
to generate STP files
* src/internal.h: Add probe macros
* src/probes.d: Master list of probes
* src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
src/util/event_poll.c: Insert probe points, removing any
DEBUG statements that duplicate the info
2011-09-30 13:40:23 +00:00
|
|
|
PROBE(RPC_SERVER_CLIENT_AUTH_FAIL,
|
|
|
|
|
"client=%p auth=%d",
|
|
|
|
|
client, REMOTE_AUTH_SASL);
|
2010-09-14 16:50:25 +00:00
|
|
|
goto error;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
authdeny:
|
2011-06-28 22:33:09 +00:00
|
|
|
identity = virNetSASLSessionGetIdentity(priv->sasl);
|
Rewrite all the DTrace/SystemTAP probing
The libvirtd daemon had a few crude system tap probes. Some of
these were broken during the RPC rewrite. The new modular RPC
code is structured in a way that allows much more effective
tracing. Instead of trying to hook up the original probes,
define a new set of probes for the RPC and event code.
The master probes file is now src/probes.d. This contains
probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
probes for the poll event loop.
The src/dtrace2systemtap.pl script can convert the probes.d
file into a libvirt_probes.stp file to make use from systemtap
much simpler.
The src/rpc/gensystemtap.pl script can generate a set of
systemtap functions for translating RPC enum values into
printable strings. This works for all RPC header enums (program,
type, status, procedure) and also the authentication enum
The PROBE macro will automatically generate a VIR_DEBUG
statement, so any place with a PROBE can remove any existing
manual DEBUG statements.
* daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
* daemon/libvirtd.h: Remove probe macros
* daemon/Makefile.am: Remove all probe buildings/install
* daemon/remote.c: Update authentication probes
* src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
to generate STP files
* src/internal.h: Add probe macros
* src/probes.d: Master list of probes
* src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
src/util/event_poll.c: Insert probe points, removing any
DEBUG statements that duplicate the info
2011-09-30 13:40:23 +00:00
|
|
|
PROBE(RPC_SERVER_CLIENT_AUTH_DENY,
|
|
|
|
|
"client=%p auth=%d identity=%s",
|
|
|
|
|
client, REMOTE_AUTH_SASL, identity);
|
2010-09-14 16:50:25 +00:00
|
|
|
goto error;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
error:
|
2012-07-11 13:35:49 +00:00
|
|
|
virObjectUnref(priv->sasl);
|
2011-05-16 17:13:11 +00:00
|
|
|
priv->sasl = NULL;
|
|
|
|
|
virResetLastError();
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_AUTH_FAILED, "%s",
|
|
|
|
|
_("authentication failed"));
|
2011-05-16 17:13:11 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
virMutexUnlock(&priv->lock);
|
2007-12-05 15:24:15 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2011-06-30 17:18:08 +00:00
|
|
|
#else
|
|
|
|
|
static int
|
|
|
|
|
remoteDispatchAuthSaslInit(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-06-30 17:18:08 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_auth_sasl_init_ret *ret ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
VIR_WARN("Client tried unsupported SASL auth");
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_AUTH_FAILED, "%s",
|
|
|
|
|
_("authentication failed"));
|
2011-06-30 17:18:08 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
static int
|
|
|
|
|
remoteDispatchAuthSaslStart(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-06-30 17:18:08 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_auth_sasl_start_args *args ATTRIBUTE_UNUSED,
|
|
|
|
|
remote_auth_sasl_start_ret *ret ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
VIR_WARN("Client tried unsupported SASL auth");
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_AUTH_FAILED, "%s",
|
|
|
|
|
_("authentication failed"));
|
2011-06-30 17:18:08 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
static int
|
|
|
|
|
remoteDispatchAuthSaslStep(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-06-30 17:18:08 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_auth_sasl_step_args *args ATTRIBUTE_UNUSED,
|
|
|
|
|
remote_auth_sasl_step_ret *ret ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
VIR_WARN("Client tried unsupported SASL auth");
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_AUTH_FAILED, "%s",
|
|
|
|
|
_("authentication failed"));
|
2011-06-30 17:18:08 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
2007-12-05 15:24:15 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2013-01-08 22:19:00 +00:00
|
|
|
#if WITH_POLKIT1
|
2009-08-06 12:54:08 +00:00
|
|
|
static int
|
2014-03-04 14:37:27 +00:00
|
|
|
remoteDispatchAuthPolkit(virNetServerPtr server,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetServerClientPtr client,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-12 16:34:30 +00:00
|
|
|
remote_auth_polkit_ret *ret)
|
2009-08-06 12:54:08 +00:00
|
|
|
{
|
2010-09-14 16:50:25 +00:00
|
|
|
pid_t callerPid = -1;
|
2011-12-16 00:18:22 +00:00
|
|
|
gid_t callerGid = -1;
|
2010-09-14 16:50:25 +00:00
|
|
|
uid_t callerUid = -1;
|
2013-04-25 16:05:00 +00:00
|
|
|
unsigned long long timestamp;
|
2009-08-06 12:54:08 +00:00
|
|
|
const char *action;
|
|
|
|
|
int status = -1;
|
2012-01-26 00:34:50 +00:00
|
|
|
char *ident = NULL;
|
2012-01-27 18:06:49 +00:00
|
|
|
bool authdismissed = 0;
|
2012-01-27 22:40:20 +00:00
|
|
|
char *pkout = NULL;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2012-01-26 00:34:50 +00:00
|
|
|
virCommandPtr cmd = NULL;
|
2013-09-19 12:55:38 +00:00
|
|
|
# ifndef PKCHECK_SUPPORTS_UID
|
2013-08-28 14:25:40 +00:00
|
|
|
static bool polkitInsecureWarned;
|
2013-09-19 12:55:38 +00:00
|
|
|
# endif
|
2010-09-14 16:50:25 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
virMutexLock(&priv->lock);
|
|
|
|
|
action = virNetServerClientGetReadonly(client) ?
|
2009-08-06 12:54:08 +00:00
|
|
|
"org.libvirt.unix.monitor" :
|
|
|
|
|
"org.libvirt.unix.manage";
|
|
|
|
|
|
2012-01-26 00:34:50 +00:00
|
|
|
cmd = virCommandNewArgList(PKCHECK_PATH, "--action-id", action, NULL);
|
2012-01-27 18:06:49 +00:00
|
|
|
virCommandSetOutputBuffer(cmd, &pkout);
|
2012-01-27 22:40:20 +00:00
|
|
|
virCommandSetErrorBuffer(cmd, &pkout);
|
2009-08-06 12:54:08 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
VIR_DEBUG("Start PolicyKit auth %d", virNetServerClientGetFD(client));
|
|
|
|
|
if (virNetServerClientGetAuth(client) != VIR_NET_SERVER_SERVICE_AUTH_POLKIT) {
|
2011-05-09 09:24:09 +00:00
|
|
|
VIR_ERROR(_("client tried invalid PolicyKit init request"));
|
2009-08-06 12:54:08 +00:00
|
|
|
goto authfail;
|
|
|
|
|
}
|
|
|
|
|
|
2012-01-26 00:34:50 +00:00
|
|
|
if (virNetServerClientGetUNIXIdentity(client, &callerUid, &callerGid,
|
2013-04-25 16:05:00 +00:00
|
|
|
&callerPid, ×tamp) < 0) {
|
2009-08-06 12:54:08 +00:00
|
|
|
goto authfail;
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-28 14:25:40 +00:00
|
|
|
if (timestamp == 0) {
|
|
|
|
|
VIR_WARN("Failing polkit auth due to missing client (pid=%lld) start time",
|
|
|
|
|
(long long)callerPid);
|
|
|
|
|
goto authfail;
|
|
|
|
|
}
|
|
|
|
|
|
2012-01-26 00:49:48 +00:00
|
|
|
VIR_INFO("Checking PID %lld running as %d",
|
|
|
|
|
(long long) callerPid, callerUid);
|
2009-08-06 12:54:08 +00:00
|
|
|
|
2012-01-26 00:34:50 +00:00
|
|
|
virCommandAddArg(cmd, "--process");
|
2013-09-19 12:55:38 +00:00
|
|
|
|
2013-08-28 14:25:40 +00:00
|
|
|
# ifdef PKCHECK_SUPPORTS_UID
|
2013-09-19 12:55:38 +00:00
|
|
|
virCommandAddArgFormat(cmd, "%lld,%llu,%lu",
|
|
|
|
|
(long long) callerPid,
|
|
|
|
|
timestamp,
|
|
|
|
|
(unsigned long) callerUid);
|
|
|
|
|
# else
|
|
|
|
|
if (!polkitInsecureWarned) {
|
|
|
|
|
VIR_WARN("No support for caller UID with pkcheck. "
|
|
|
|
|
"This deployment is known to be insecure.");
|
|
|
|
|
polkitInsecureWarned = true;
|
|
|
|
|
}
|
|
|
|
|
virCommandAddArgFormat(cmd, "%lld,%llu", (long long) callerPid, timestamp);
|
2013-08-28 14:25:40 +00:00
|
|
|
# endif
|
2013-09-19 12:55:38 +00:00
|
|
|
|
2012-01-26 00:34:50 +00:00
|
|
|
virCommandAddArg(cmd, "--allow-user-interaction");
|
2009-08-06 12:54:08 +00:00
|
|
|
|
2012-01-26 00:49:48 +00:00
|
|
|
if (virAsprintf(&ident, "pid:%lld,uid:%d",
|
2013-07-04 09:58:18 +00:00
|
|
|
(long long) callerPid, callerUid) < 0)
|
2010-09-14 16:50:25 +00:00
|
|
|
goto authfail;
|
|
|
|
|
|
2012-01-26 00:34:50 +00:00
|
|
|
if (virCommandRun(cmd, &status) < 0)
|
2009-08-25 16:18:27 +00:00
|
|
|
goto authfail;
|
2012-01-26 00:34:50 +00:00
|
|
|
|
2012-01-27 18:06:49 +00:00
|
|
|
authdismissed = (pkout && strstr(pkout, "dismissed=true"));
|
2009-08-06 12:54:08 +00:00
|
|
|
if (status != 0) {
|
2014-02-20 00:32:19 +00:00
|
|
|
VIR_ERROR(_("Policy kit denied action %s from pid %lld, uid %d "
|
|
|
|
|
"with status %d"),
|
|
|
|
|
action, (long long) callerPid, callerUid, status);
|
2010-09-14 16:50:25 +00:00
|
|
|
goto authdeny;
|
2009-08-06 12:54:08 +00:00
|
|
|
}
|
Rewrite all the DTrace/SystemTAP probing
The libvirtd daemon had a few crude system tap probes. Some of
these were broken during the RPC rewrite. The new modular RPC
code is structured in a way that allows much more effective
tracing. Instead of trying to hook up the original probes,
define a new set of probes for the RPC and event code.
The master probes file is now src/probes.d. This contains
probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
probes for the poll event loop.
The src/dtrace2systemtap.pl script can convert the probes.d
file into a libvirt_probes.stp file to make use from systemtap
much simpler.
The src/rpc/gensystemtap.pl script can generate a set of
systemtap functions for translating RPC enum values into
printable strings. This works for all RPC header enums (program,
type, status, procedure) and also the authentication enum
The PROBE macro will automatically generate a VIR_DEBUG
statement, so any place with a PROBE can remove any existing
manual DEBUG statements.
* daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
* daemon/libvirtd.h: Remove probe macros
* daemon/Makefile.am: Remove all probe buildings/install
* daemon/remote.c: Update authentication probes
* src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
to generate STP files
* src/internal.h: Add probe macros
* src/probes.d: Master list of probes
* src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
src/util/event_poll.c: Insert probe points, removing any
DEBUG statements that duplicate the info
2011-09-30 13:40:23 +00:00
|
|
|
PROBE(RPC_SERVER_CLIENT_AUTH_ALLOW,
|
|
|
|
|
"client=%p auth=%d identity=%s",
|
|
|
|
|
client, REMOTE_AUTH_POLKIT, ident);
|
2012-01-26 00:49:48 +00:00
|
|
|
VIR_INFO("Policy allowed action %s from pid %lld, uid %d",
|
|
|
|
|
action, (long long) callerPid, callerUid);
|
2009-08-06 12:54:08 +00:00
|
|
|
ret->complete = 1;
|
|
|
|
|
|
2012-01-20 16:56:31 +00:00
|
|
|
virNetServerClientSetAuth(client, 0);
|
2014-03-04 14:37:27 +00:00
|
|
|
virNetServerTrackCompletedAuth(server);
|
2011-05-16 17:13:11 +00:00
|
|
|
virMutexUnlock(&priv->lock);
|
2012-01-26 00:34:50 +00:00
|
|
|
virCommandFree(cmd);
|
2012-02-14 22:51:01 +00:00
|
|
|
VIR_FREE(pkout);
|
2012-01-26 00:34:50 +00:00
|
|
|
VIR_FREE(ident);
|
2011-05-16 17:13:11 +00:00
|
|
|
|
2009-08-06 12:54:08 +00:00
|
|
|
return 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
error:
|
2012-01-26 00:34:50 +00:00
|
|
|
virCommandFree(cmd);
|
|
|
|
|
VIR_FREE(ident);
|
2011-05-16 17:13:11 +00:00
|
|
|
virResetLastError();
|
2012-01-27 22:01:21 +00:00
|
|
|
|
2012-01-27 18:06:49 +00:00
|
|
|
if (authdismissed) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_AUTH_CANCELLED, "%s",
|
|
|
|
|
_("authentication cancelled by user"));
|
2012-12-16 22:59:08 +00:00
|
|
|
} else if (pkout && *pkout) {
|
|
|
|
|
virReportError(VIR_ERR_AUTH_FAILED, _("polkit: %s"), pkout);
|
2012-01-27 18:06:49 +00:00
|
|
|
} else {
|
2012-12-16 22:59:08 +00:00
|
|
|
virReportError(VIR_ERR_AUTH_FAILED, "%s", _("authentication failed"));
|
2012-01-27 18:06:49 +00:00
|
|
|
}
|
2012-01-27 22:01:21 +00:00
|
|
|
|
|
|
|
|
VIR_FREE(pkout);
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
virMutexUnlock(&priv->lock);
|
|
|
|
|
return -1;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
authfail:
|
Rewrite all the DTrace/SystemTAP probing
The libvirtd daemon had a few crude system tap probes. Some of
these were broken during the RPC rewrite. The new modular RPC
code is structured in a way that allows much more effective
tracing. Instead of trying to hook up the original probes,
define a new set of probes for the RPC and event code.
The master probes file is now src/probes.d. This contains
probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
probes for the poll event loop.
The src/dtrace2systemtap.pl script can convert the probes.d
file into a libvirt_probes.stp file to make use from systemtap
much simpler.
The src/rpc/gensystemtap.pl script can generate a set of
systemtap functions for translating RPC enum values into
printable strings. This works for all RPC header enums (program,
type, status, procedure) and also the authentication enum
The PROBE macro will automatically generate a VIR_DEBUG
statement, so any place with a PROBE can remove any existing
manual DEBUG statements.
* daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
* daemon/libvirtd.h: Remove probe macros
* daemon/Makefile.am: Remove all probe buildings/install
* daemon/remote.c: Update authentication probes
* src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
to generate STP files
* src/internal.h: Add probe macros
* src/probes.d: Master list of probes
* src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
src/util/event_poll.c: Insert probe points, removing any
DEBUG statements that duplicate the info
2011-09-30 13:40:23 +00:00
|
|
|
PROBE(RPC_SERVER_CLIENT_AUTH_FAIL,
|
|
|
|
|
"client=%p auth=%d",
|
|
|
|
|
client, REMOTE_AUTH_POLKIT);
|
2010-09-14 16:50:25 +00:00
|
|
|
goto error;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
authdeny:
|
Rewrite all the DTrace/SystemTAP probing
The libvirtd daemon had a few crude system tap probes. Some of
these were broken during the RPC rewrite. The new modular RPC
code is structured in a way that allows much more effective
tracing. Instead of trying to hook up the original probes,
define a new set of probes for the RPC and event code.
The master probes file is now src/probes.d. This contains
probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
probes for the poll event loop.
The src/dtrace2systemtap.pl script can convert the probes.d
file into a libvirt_probes.stp file to make use from systemtap
much simpler.
The src/rpc/gensystemtap.pl script can generate a set of
systemtap functions for translating RPC enum values into
printable strings. This works for all RPC header enums (program,
type, status, procedure) and also the authentication enum
The PROBE macro will automatically generate a VIR_DEBUG
statement, so any place with a PROBE can remove any existing
manual DEBUG statements.
* daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
* daemon/libvirtd.h: Remove probe macros
* daemon/Makefile.am: Remove all probe buildings/install
* daemon/remote.c: Update authentication probes
* src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
to generate STP files
* src/internal.h: Add probe macros
* src/probes.d: Master list of probes
* src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
src/util/event_poll.c: Insert probe points, removing any
DEBUG statements that duplicate the info
2011-09-30 13:40:23 +00:00
|
|
|
PROBE(RPC_SERVER_CLIENT_AUTH_DENY,
|
|
|
|
|
"client=%p auth=%d identity=%s",
|
2012-01-26 00:34:50 +00:00
|
|
|
client, REMOTE_AUTH_POLKIT, ident);
|
2010-09-14 16:50:25 +00:00
|
|
|
goto error;
|
2009-08-06 12:54:08 +00:00
|
|
|
}
|
2013-01-08 22:19:00 +00:00
|
|
|
#elif WITH_POLKIT0
|
2007-12-05 18:21:27 +00:00
|
|
|
static int
|
2014-03-04 14:37:27 +00:00
|
|
|
remoteDispatchAuthPolkit(virNetServerPtr server,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetServerClientPtr client,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-12 16:34:30 +00:00
|
|
|
remote_auth_polkit_ret *ret)
|
2007-12-05 18:21:27 +00:00
|
|
|
{
|
|
|
|
|
pid_t callerPid;
|
2011-12-16 00:18:22 +00:00
|
|
|
gid_t callerGid;
|
2007-12-05 18:21:27 +00:00
|
|
|
uid_t callerUid;
|
2008-04-04 15:09:19 +00:00
|
|
|
PolKitCaller *pkcaller = NULL;
|
|
|
|
|
PolKitAction *pkaction = NULL;
|
|
|
|
|
PolKitContext *pkcontext = NULL;
|
|
|
|
|
PolKitError *pkerr = NULL;
|
|
|
|
|
PolKitResult pkresult;
|
|
|
|
|
DBusError err;
|
2008-12-04 22:16:40 +00:00
|
|
|
const char *action;
|
2012-01-26 00:49:48 +00:00
|
|
|
char *ident = NULL;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2012-04-19 14:34:35 +00:00
|
|
|
DBusConnection *sysbus;
|
2013-05-09 15:46:29 +00:00
|
|
|
unsigned long long timestamp;
|
2010-09-14 16:50:25 +00:00
|
|
|
|
2011-07-07 21:12:26 +00:00
|
|
|
virMutexLock(&priv->lock);
|
2008-12-04 22:16:40 +00:00
|
|
|
|
2011-07-07 21:12:26 +00:00
|
|
|
action = virNetServerClientGetReadonly(client) ?
|
2008-04-04 15:09:19 +00:00
|
|
|
"org.libvirt.unix.monitor" :
|
|
|
|
|
"org.libvirt.unix.manage";
|
2007-12-05 18:21:27 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
VIR_DEBUG("Start PolicyKit auth %d", virNetServerClientGetFD(client));
|
2011-07-07 21:12:26 +00:00
|
|
|
if (virNetServerClientGetAuth(client) != VIR_NET_SERVER_SERVICE_AUTH_POLKIT) {
|
2011-05-09 09:24:09 +00:00
|
|
|
VIR_ERROR(_("client tried invalid PolicyKit init request"));
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2007-12-05 18:21:27 +00:00
|
|
|
}
|
|
|
|
|
|
2012-01-26 00:49:48 +00:00
|
|
|
if (virNetServerClientGetUNIXIdentity(client, &callerUid, &callerGid,
|
2013-05-09 15:46:29 +00:00
|
|
|
&callerPid, ×tamp) < 0) {
|
2011-05-09 09:24:09 +00:00
|
|
|
VIR_ERROR(_("cannot get peer socket identity"));
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2007-12-05 18:21:27 +00:00
|
|
|
}
|
|
|
|
|
|
2012-01-26 00:49:48 +00:00
|
|
|
if (virAsprintf(&ident, "pid:%lld,uid:%d",
|
2013-07-04 09:58:18 +00:00
|
|
|
(long long) callerPid, callerUid) < 0)
|
2010-09-14 16:50:25 +00:00
|
|
|
goto authfail;
|
|
|
|
|
|
2012-04-19 14:34:35 +00:00
|
|
|
if (!(sysbus = virDBusGetSystemBus()))
|
|
|
|
|
goto authfail;
|
|
|
|
|
|
2012-01-26 00:49:48 +00:00
|
|
|
VIR_INFO("Checking PID %lld running as %d",
|
|
|
|
|
(long long) callerPid, callerUid);
|
2008-04-04 15:09:19 +00:00
|
|
|
dbus_error_init(&err);
|
2012-04-19 14:34:35 +00:00
|
|
|
if (!(pkcaller = polkit_caller_new_from_pid(sysbus,
|
2008-04-04 15:09:19 +00:00
|
|
|
callerPid, &err))) {
|
2009-01-06 18:32:03 +00:00
|
|
|
VIR_ERROR(_("Failed to lookup policy kit caller: %s"), err.message);
|
2008-04-04 15:09:19 +00:00
|
|
|
dbus_error_free(&err);
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2008-04-04 15:09:19 +00:00
|
|
|
}
|
2007-12-05 18:21:27 +00:00
|
|
|
|
2008-04-04 15:09:19 +00:00
|
|
|
if (!(pkaction = polkit_action_new())) {
|
2009-02-05 16:28:30 +00:00
|
|
|
char ebuf[1024];
|
2010-01-19 13:17:20 +00:00
|
|
|
VIR_ERROR(_("Failed to create polkit action %s"),
|
2012-03-29 09:52:04 +00:00
|
|
|
virStrerror(errno, ebuf, sizeof(ebuf)));
|
2008-04-04 15:09:19 +00:00
|
|
|
polkit_caller_unref(pkcaller);
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2008-04-04 15:09:19 +00:00
|
|
|
}
|
|
|
|
|
polkit_action_set_action_id(pkaction, action);
|
|
|
|
|
|
|
|
|
|
if (!(pkcontext = polkit_context_new()) ||
|
|
|
|
|
!polkit_context_init(pkcontext, &pkerr)) {
|
2009-02-05 16:28:30 +00:00
|
|
|
char ebuf[1024];
|
2010-01-19 13:17:20 +00:00
|
|
|
VIR_ERROR(_("Failed to create polkit context %s"),
|
2009-01-06 18:32:03 +00:00
|
|
|
(pkerr ? polkit_error_get_error_message(pkerr)
|
2012-03-29 09:52:04 +00:00
|
|
|
: virStrerror(errno, ebuf, sizeof(ebuf))));
|
2008-04-04 15:09:19 +00:00
|
|
|
if (pkerr)
|
|
|
|
|
polkit_error_free(pkerr);
|
|
|
|
|
polkit_caller_unref(pkcaller);
|
|
|
|
|
polkit_action_unref(pkaction);
|
|
|
|
|
dbus_error_free(&err);
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2008-04-04 15:09:19 +00:00
|
|
|
}
|
2007-12-05 18:21:27 +00:00
|
|
|
|
2010-03-09 18:22:22 +00:00
|
|
|
# if HAVE_POLKIT_CONTEXT_IS_CALLER_AUTHORIZED
|
2008-04-04 15:09:19 +00:00
|
|
|
pkresult = polkit_context_is_caller_authorized(pkcontext,
|
|
|
|
|
pkaction,
|
|
|
|
|
pkcaller,
|
|
|
|
|
0,
|
|
|
|
|
&pkerr);
|
|
|
|
|
if (pkerr && polkit_error_is_set(pkerr)) {
|
2009-01-06 18:32:03 +00:00
|
|
|
VIR_ERROR(_("Policy kit failed to check authorization %d %s"),
|
|
|
|
|
polkit_error_get_error_code(pkerr),
|
|
|
|
|
polkit_error_get_error_message(pkerr));
|
2008-12-04 22:16:40 +00:00
|
|
|
goto authfail;
|
2008-04-04 15:09:19 +00:00
|
|
|
}
|
2010-03-09 18:22:22 +00:00
|
|
|
# else
|
2008-04-04 15:09:19 +00:00
|
|
|
pkresult = polkit_context_can_caller_do_action(pkcontext,
|
|
|
|
|
pkaction,
|
|
|
|
|
pkcaller);
|
2010-03-09 18:22:22 +00:00
|
|
|
# endif
|
2008-04-04 15:09:19 +00:00
|
|
|
polkit_context_unref(pkcontext);
|
|
|
|
|
polkit_caller_unref(pkcaller);
|
|
|
|
|
polkit_action_unref(pkaction);
|
|
|
|
|
if (pkresult != POLKIT_RESULT_YES) {
|
2012-01-26 00:49:48 +00:00
|
|
|
VIR_ERROR(_("Policy kit denied action %s from pid %lld, uid %d, result: %s"),
|
|
|
|
|
action, (long long) callerPid, callerUid,
|
2009-01-06 18:32:03 +00:00
|
|
|
polkit_result_to_string_representation(pkresult));
|
2010-09-14 16:50:25 +00:00
|
|
|
goto authdeny;
|
2007-12-05 18:21:27 +00:00
|
|
|
}
|
Rewrite all the DTrace/SystemTAP probing
The libvirtd daemon had a few crude system tap probes. Some of
these were broken during the RPC rewrite. The new modular RPC
code is structured in a way that allows much more effective
tracing. Instead of trying to hook up the original probes,
define a new set of probes for the RPC and event code.
The master probes file is now src/probes.d. This contains
probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
probes for the poll event loop.
The src/dtrace2systemtap.pl script can convert the probes.d
file into a libvirt_probes.stp file to make use from systemtap
much simpler.
The src/rpc/gensystemtap.pl script can generate a set of
systemtap functions for translating RPC enum values into
printable strings. This works for all RPC header enums (program,
type, status, procedure) and also the authentication enum
The PROBE macro will automatically generate a VIR_DEBUG
statement, so any place with a PROBE can remove any existing
manual DEBUG statements.
* daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
* daemon/libvirtd.h: Remove probe macros
* daemon/Makefile.am: Remove all probe buildings/install
* daemon/remote.c: Update authentication probes
* src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
to generate STP files
* src/internal.h: Add probe macros
* src/probes.d: Master list of probes
* src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
src/util/event_poll.c: Insert probe points, removing any
DEBUG statements that duplicate the info
2011-09-30 13:40:23 +00:00
|
|
|
PROBE(RPC_SERVER_CLIENT_AUTH_ALLOW,
|
|
|
|
|
"client=%p auth=%d identity=%s",
|
|
|
|
|
client, REMOTE_AUTH_POLKIT, ident);
|
2012-01-26 00:49:48 +00:00
|
|
|
VIR_INFO("Policy allowed action %s from pid %lld, uid %d, result %s",
|
|
|
|
|
action, (long long) callerPid, callerUid,
|
2011-04-22 15:09:33 +00:00
|
|
|
polkit_result_to_string_representation(pkresult));
|
|
|
|
|
ret->complete = 1;
|
2011-04-12 16:33:49 +00:00
|
|
|
|
2012-01-20 16:56:31 +00:00
|
|
|
virNetServerClientSetAuth(client, 0);
|
2014-03-04 14:37:27 +00:00
|
|
|
virNetServerTrackCompletedAuth(server);
|
2011-07-07 21:12:26 +00:00
|
|
|
virMutexUnlock(&priv->lock);
|
2012-01-26 00:49:48 +00:00
|
|
|
VIR_FREE(ident);
|
2011-04-22 15:09:33 +00:00
|
|
|
return 0;
|
2008-02-20 15:22:35 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
error:
|
2012-01-26 00:49:48 +00:00
|
|
|
VIR_FREE(ident);
|
2011-05-16 17:13:11 +00:00
|
|
|
virResetLastError();
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_AUTH_FAILED, "%s",
|
|
|
|
|
_("authentication failed"));
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-07-07 21:12:26 +00:00
|
|
|
virMutexUnlock(&priv->lock);
|
2011-05-16 17:13:11 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
authfail:
|
Rewrite all the DTrace/SystemTAP probing
The libvirtd daemon had a few crude system tap probes. Some of
these were broken during the RPC rewrite. The new modular RPC
code is structured in a way that allows much more effective
tracing. Instead of trying to hook up the original probes,
define a new set of probes for the RPC and event code.
The master probes file is now src/probes.d. This contains
probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
probes for the poll event loop.
The src/dtrace2systemtap.pl script can convert the probes.d
file into a libvirt_probes.stp file to make use from systemtap
much simpler.
The src/rpc/gensystemtap.pl script can generate a set of
systemtap functions for translating RPC enum values into
printable strings. This works for all RPC header enums (program,
type, status, procedure) and also the authentication enum
The PROBE macro will automatically generate a VIR_DEBUG
statement, so any place with a PROBE can remove any existing
manual DEBUG statements.
* daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
* daemon/libvirtd.h: Remove probe macros
* daemon/Makefile.am: Remove all probe buildings/install
* daemon/remote.c: Update authentication probes
* src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
to generate STP files
* src/internal.h: Add probe macros
* src/probes.d: Master list of probes
* src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
src/util/event_poll.c: Insert probe points, removing any
DEBUG statements that duplicate the info
2011-09-30 13:40:23 +00:00
|
|
|
PROBE(RPC_SERVER_CLIENT_AUTH_FAIL,
|
|
|
|
|
"client=%p auth=%d",
|
|
|
|
|
client, REMOTE_AUTH_POLKIT);
|
2011-04-22 15:09:33 +00:00
|
|
|
goto error;
|
2011-04-13 15:21:35 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
authdeny:
|
Rewrite all the DTrace/SystemTAP probing
The libvirtd daemon had a few crude system tap probes. Some of
these were broken during the RPC rewrite. The new modular RPC
code is structured in a way that allows much more effective
tracing. Instead of trying to hook up the original probes,
define a new set of probes for the RPC and event code.
The master probes file is now src/probes.d. This contains
probes for virNetServerClientPtr, virNetClientPtr, virSocketPtr
virNetTLSContextPtr and virNetTLSSessionPtr modules. Also add
probes for the poll event loop.
The src/dtrace2systemtap.pl script can convert the probes.d
file into a libvirt_probes.stp file to make use from systemtap
much simpler.
The src/rpc/gensystemtap.pl script can generate a set of
systemtap functions for translating RPC enum values into
printable strings. This works for all RPC header enums (program,
type, status, procedure) and also the authentication enum
The PROBE macro will automatically generate a VIR_DEBUG
statement, so any place with a PROBE can remove any existing
manual DEBUG statements.
* daemon/libvirtd.stp, daemon/probes.d: Remove obsolete probing
* daemon/libvirtd.h: Remove probe macros
* daemon/Makefile.am: Remove all probe buildings/install
* daemon/remote.c: Update authentication probes
* src/dtrace2systemtap.pl, src/rpc/gensystemtap.pl: Scripts
to generate STP files
* src/internal.h: Add probe macros
* src/probes.d: Master list of probes
* src/rpc/virnetclient.c, src/rpc/virnetserverclient.c,
src/rpc/virnetsocket.c, src/rpc/virnettlscontext.c,
src/util/event_poll.c: Insert probe points, removing any
DEBUG statements that duplicate the info
2011-09-30 13:40:23 +00:00
|
|
|
PROBE(RPC_SERVER_CLIENT_AUTH_DENY,
|
|
|
|
|
"client=%p auth=%d identity=%s",
|
|
|
|
|
client, REMOTE_AUTH_POLKIT, ident);
|
2011-04-22 15:09:33 +00:00
|
|
|
goto error;
|
2008-02-20 15:22:35 +00:00
|
|
|
}
|
|
|
|
|
|
2013-01-08 22:19:00 +00:00
|
|
|
#else /* !WITH_POLKIT0 & !HAVE_POLKIT1*/
|
2008-02-20 15:22:35 +00:00
|
|
|
|
|
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
|
2011-06-28 19:09:05 +00:00
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-22 15:09:33 +00:00
|
|
|
remote_auth_polkit_ret *ret ATTRIBUTE_UNUSED)
|
2008-02-20 15:22:35 +00:00
|
|
|
{
|
2011-05-09 09:24:09 +00:00
|
|
|
VIR_ERROR(_("client tried unsupported PolicyKit init request"));
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_AUTH_FAILED, "%s",
|
|
|
|
|
_("authentication failed"));
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-22 15:09:33 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2013-01-08 22:19:00 +00:00
|
|
|
#endif /* WITH_POLKIT1 */
|
2011-04-13 15:21:35 +00:00
|
|
|
|
|
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
/***************************************************************
|
|
|
|
|
* NODE INFO APIS
|
|
|
|
|
**************************************************************/
|
2008-11-21 12:31:04 +00:00
|
|
|
|
2009-07-28 02:01:00 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchNodeDeviceGetParent(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-22 15:09:33 +00:00
|
|
|
remote_node_device_get_parent_args *args,
|
|
|
|
|
remote_node_device_get_parent_ret *ret)
|
2009-07-28 02:01:00 +00:00
|
|
|
{
|
2011-04-22 15:09:33 +00:00
|
|
|
virNodeDevicePtr dev = NULL;
|
|
|
|
|
const char *parent = NULL;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2009-07-28 02:01:00 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dev = virNodeDeviceLookupByName(priv->conn, args->name)))
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
parent = virNodeDeviceGetParent(dev);
|
|
|
|
|
|
|
|
|
|
if (parent == NULL) {
|
|
|
|
|
ret->parent = NULL;
|
|
|
|
|
} else {
|
|
|
|
|
/* remoteDispatchClientRequest will free this. */
|
|
|
|
|
char **parent_p;
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC(parent_p) < 0)
|
2011-04-22 15:09:33 +00:00
|
|
|
goto cleanup;
|
2013-05-03 12:39:39 +00:00
|
|
|
if (VIR_STRDUP(*parent_p, parent) < 0) {
|
2011-04-22 15:09:33 +00:00
|
|
|
VIR_FREE(parent_p);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
ret->parent = parent_p;
|
|
|
|
|
}
|
|
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-22 15:09:33 +00:00
|
|
|
if (dev)
|
|
|
|
|
virNodeDeviceFree(dev);
|
2011-04-13 15:21:35 +00:00
|
|
|
return rv;
|
2009-07-28 02:01:00 +00:00
|
|
|
}
|
|
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
|
|
|
|
|
/***************************
|
|
|
|
|
* Register / deregister events
|
|
|
|
|
***************************/
|
|
|
|
|
static int
|
2013-04-18 11:07:23 +00:00
|
|
|
remoteDispatchConnectDomainEventRegister(virNetServerPtr server ATTRIBUTE_UNUSED,
|
2014-01-06 00:23:55 +00:00
|
|
|
virNetServerClientPtr client,
|
2013-04-18 11:07:23 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED,
|
|
|
|
|
remote_connect_domain_event_register_ret *ret ATTRIBUTE_UNUSED)
|
2010-11-15 03:23:34 +00:00
|
|
|
{
|
2011-04-22 15:09:33 +00:00
|
|
|
int callbackID;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = NULL;
|
|
|
|
|
daemonClientEventCallbackPtr ref;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2010-11-15 03:23:34 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
virMutexLock(&priv->lock);
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
/* If we call register first, we could append a complete callback
|
|
|
|
|
* to our array, but on OOM append failure, we'd have to then hope
|
|
|
|
|
* deregister works to undo our register. So instead we append an
|
|
|
|
|
* incomplete callback to our array, then register, then fix up
|
|
|
|
|
* our callback; but since VIR_APPEND_ELEMENT clears 'callback' on
|
|
|
|
|
* success, we use 'ref' to save a copy of the pointer. */
|
|
|
|
|
if (VIR_ALLOC(callback) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
callback->client = client;
|
|
|
|
|
callback->eventID = VIR_DOMAIN_EVENT_ID_LIFECYCLE;
|
|
|
|
|
callback->callbackID = -1;
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
callback->legacy = true;
|
2014-01-06 00:23:55 +00:00
|
|
|
ref = callback;
|
|
|
|
|
if (VIR_APPEND_ELEMENT(priv->domainEventCallbacks,
|
|
|
|
|
priv->ndomainEventCallbacks,
|
|
|
|
|
callback) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2010-11-15 03:23:34 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if ((callbackID = virConnectDomainEventRegisterAny(priv->conn,
|
2011-04-22 15:09:33 +00:00
|
|
|
NULL,
|
|
|
|
|
VIR_DOMAIN_EVENT_ID_LIFECYCLE,
|
|
|
|
|
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventLifecycle),
|
2014-01-06 00:23:55 +00:00
|
|
|
ref,
|
|
|
|
|
remoteEventCallbackFree)) < 0) {
|
|
|
|
|
VIR_SHRINK_N(priv->domainEventCallbacks,
|
|
|
|
|
priv->ndomainEventCallbacks, 1);
|
|
|
|
|
callback = ref;
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2014-01-06 00:23:55 +00:00
|
|
|
}
|
2010-11-15 03:23:34 +00:00
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
ref->callbackID = callbackID;
|
2011-04-22 15:09:33 +00:00
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_FREE(callback);
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
virMutexUnlock(&priv->lock);
|
2011-04-13 15:21:35 +00:00
|
|
|
return rv;
|
2010-11-15 03:23:34 +00:00
|
|
|
}
|
|
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
static int
|
2013-04-18 11:07:23 +00:00
|
|
|
remoteDispatchConnectDomainEventDeregister(virNetServerPtr server ATTRIBUTE_UNUSED,
|
2014-01-06 00:23:55 +00:00
|
|
|
virNetServerClientPtr client,
|
2013-04-18 11:07:23 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED,
|
|
|
|
|
remote_connect_domain_event_deregister_ret *ret ATTRIBUTE_UNUSED)
|
Implmentation of new APIs to checking state/persistence of objects
This implements the virConnectIsSecure, virConnectIsEncrypted,
virDomainIsPersistent, virDomainIsActive, virNetworkIsActive,
virNetworkIsPersistent, virStoragePoolIsActive,
virStoragePoolIsPersistent, virInterfaceIsActive APIs in
(nearly) all drivers. Exceptions are:
phyp: missing domainIsActive/Persistent
esx: missing domainIsPersistent
opennebula: missing domainIsActive/Persistent
* src/remote/remote_protocol.x: Define remote wire ABI for newly
added APIs.
* daemon/remote_dispatch*.h: Re-generated from remote_protocol.x
* src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/network/bridge_driver.c,
src/opennebula/one_driver.c, src/openvz/openvz_conf.c,
src/openvz/openvz_driver.c, src/phyp/phyp_driver.c,
src/remote/remote_driver.c, src/storage/storage_driver.c,
src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
src/xen/xen_driver.c, src/xen/xen_driver.h, src/xen/xen_inotify.c,
src/xen/xen_inotify.h: Implement all the new APIs where possible
2009-10-20 14:12:03 +00:00
|
|
|
{
|
2014-01-06 00:23:55 +00:00
|
|
|
int callbackID = -1;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2014-01-06 00:23:55 +00:00
|
|
|
size_t i;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
Implmentation of new APIs to checking state/persistence of objects
This implements the virConnectIsSecure, virConnectIsEncrypted,
virDomainIsPersistent, virDomainIsActive, virNetworkIsActive,
virNetworkIsPersistent, virStoragePoolIsActive,
virStoragePoolIsPersistent, virInterfaceIsActive APIs in
(nearly) all drivers. Exceptions are:
phyp: missing domainIsActive/Persistent
esx: missing domainIsPersistent
opennebula: missing domainIsActive/Persistent
* src/remote/remote_protocol.x: Define remote wire ABI for newly
added APIs.
* daemon/remote_dispatch*.h: Re-generated from remote_protocol.x
* src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/network/bridge_driver.c,
src/opennebula/one_driver.c, src/openvz/openvz_conf.c,
src/openvz/openvz_driver.c, src/phyp/phyp_driver.c,
src/remote/remote_driver.c, src/storage/storage_driver.c,
src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
src/xen/xen_driver.c, src/xen/xen_driver.h, src/xen/xen_inotify.c,
src/xen/xen_inotify.h: Implement all the new APIs where possible
2009-10-20 14:12:03 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
virMutexLock(&priv->lock);
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
for (i = 0; i < priv->ndomainEventCallbacks; i++) {
|
|
|
|
|
if (priv->domainEventCallbacks[i]->eventID == VIR_DOMAIN_EVENT_ID_LIFECYCLE) {
|
|
|
|
|
callbackID = priv->domainEventCallbacks[i]->callbackID;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (callbackID < 0) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("domain event %d not registered"),
|
|
|
|
|
VIR_DOMAIN_EVENT_ID_LIFECYCLE);
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-22 15:09:33 +00:00
|
|
|
}
|
Implmentation of new APIs to checking state/persistence of objects
This implements the virConnectIsSecure, virConnectIsEncrypted,
virDomainIsPersistent, virDomainIsActive, virNetworkIsActive,
virNetworkIsPersistent, virStoragePoolIsActive,
virStoragePoolIsPersistent, virInterfaceIsActive APIs in
(nearly) all drivers. Exceptions are:
phyp: missing domainIsActive/Persistent
esx: missing domainIsPersistent
opennebula: missing domainIsActive/Persistent
* src/remote/remote_protocol.x: Define remote wire ABI for newly
added APIs.
* daemon/remote_dispatch*.h: Re-generated from remote_protocol.x
* src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/network/bridge_driver.c,
src/opennebula/one_driver.c, src/openvz/openvz_conf.c,
src/openvz/openvz_driver.c, src/phyp/phyp_driver.c,
src/remote/remote_driver.c, src/storage/storage_driver.c,
src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
src/xen/xen_driver.c, src/xen/xen_driver.h, src/xen/xen_inotify.c,
src/xen/xen_inotify.h: Implement all the new APIs where possible
2009-10-20 14:12:03 +00:00
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
if (virConnectDomainEventDeregisterAny(priv->conn, callbackID) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
Implmentation of new APIs to checking state/persistence of objects
This implements the virConnectIsSecure, virConnectIsEncrypted,
virDomainIsPersistent, virDomainIsActive, virNetworkIsActive,
virNetworkIsPersistent, virStoragePoolIsActive,
virStoragePoolIsPersistent, virInterfaceIsActive APIs in
(nearly) all drivers. Exceptions are:
phyp: missing domainIsActive/Persistent
esx: missing domainIsPersistent
opennebula: missing domainIsActive/Persistent
* src/remote/remote_protocol.x: Define remote wire ABI for newly
added APIs.
* daemon/remote_dispatch*.h: Re-generated from remote_protocol.x
* src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/network/bridge_driver.c,
src/opennebula/one_driver.c, src/openvz/openvz_conf.c,
src/openvz/openvz_driver.c, src/phyp/phyp_driver.c,
src/remote/remote_driver.c, src/storage/storage_driver.c,
src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
src/xen/xen_driver.c, src/xen/xen_driver.h, src/xen/xen_inotify.c,
src/xen/xen_inotify.h: Implement all the new APIs where possible
2009-10-20 14:12:03 +00:00
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DELETE_ELEMENT(priv->domainEventCallbacks, i,
|
|
|
|
|
priv->ndomainEventCallbacks);
|
2011-05-16 17:13:11 +00:00
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-22 15:09:33 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
virMutexUnlock(&priv->lock);
|
2011-04-22 15:09:33 +00:00
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2013-11-28 15:06:40 +00:00
|
|
|
remoteDispatchObjectEventSend(virNetServerClientPtr client,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetServerProgramPtr program,
|
2011-04-22 15:09:33 +00:00
|
|
|
int procnr,
|
|
|
|
|
xdrproc_t proc,
|
|
|
|
|
void *data)
|
|
|
|
|
{
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessagePtr msg;
|
2011-04-22 15:09:33 +00:00
|
|
|
|
Fix tracking of RPC messages wrt streams
Commit 2c85644b0b51fbe5b6244e6773531af29933a727 attempted to
fix a problem with tracking RPC messages from streams by doing
- if (msg->header.type == VIR_NET_REPLY) {
+ if (msg->header.type == VIR_NET_REPLY ||
+ (msg->header.type == VIR_NET_STREAM &&
+ msg->header.status != VIR_NET_CONTINUE)) {
client->nrequests--;
In other words any stream packet, with status NET_OK or NET_ERROR
would cause nrequests to be decremented. This is great if the
packet from from a synchronous virStreamFinish or virStreamAbort
API call, but wildly wrong if from a server initiated abort.
The latter resulted in 'nrequests' being decremented below zero.
This then causes all I/O for that client to be stopped.
Instead of trying to infer whether we need to decrement the
nrequests field, from the message type/status, introduce an
explicit 'bool tracked' field to mark whether the virNetMessagePtr
object is subject to tracking.
Also add a virNetMessageClear function to allow a message
contents to be cleared out, without adversely impacting the
'tracked' field as a naive memset() would do
* src/rpc/virnetmessage.c, src/rpc/virnetmessage.h: Add
a 'bool tracked' field and virNetMessageClear() API
* daemon/remote.c, daemon/stream.c, src/rpc/virnetclientprogram.c,
src/rpc/virnetclientstream.c, src/rpc/virnetserverclient.c,
src/rpc/virnetserverprogram.c: Switch over to use
virNetMessageClear() and pass in the 'bool tracked' value
when creating messages.
2011-08-31 16:42:58 +00:00
|
|
|
if (!(msg = virNetMessageNew(false)))
|
2011-08-31 15:50:09 +00:00
|
|
|
goto cleanup;
|
2011-04-22 15:09:33 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
msg->header.prog = virNetServerProgramGetID(program);
|
|
|
|
|
msg->header.vers = virNetServerProgramGetVersion(program);
|
|
|
|
|
msg->header.proc = procnr;
|
|
|
|
|
msg->header.type = VIR_NET_MESSAGE;
|
|
|
|
|
msg->header.serial = 1;
|
|
|
|
|
msg->header.status = VIR_NET_OK;
|
2011-04-22 15:09:33 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (virNetMessageEncodeHeader(msg) < 0)
|
2011-04-22 15:09:33 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (virNetMessageEncodePayload(msg, proc, data) < 0)
|
|
|
|
|
goto cleanup;
|
2011-04-22 15:09:33 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
VIR_DEBUG("Queue event %d %zu", procnr, msg->bufferLength);
|
|
|
|
|
virNetServerClientSendMessage(client, msg);
|
2011-04-22 15:09:33 +00:00
|
|
|
|
2011-08-31 15:50:09 +00:00
|
|
|
xdr_free(proc, data);
|
2011-04-22 15:09:33 +00:00
|
|
|
return;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageFree(msg);
|
2011-08-31 15:50:09 +00:00
|
|
|
xdr_free(proc, data);
|
Implmentation of new APIs to checking state/persistence of objects
This implements the virConnectIsSecure, virConnectIsEncrypted,
virDomainIsPersistent, virDomainIsActive, virNetworkIsActive,
virNetworkIsPersistent, virStoragePoolIsActive,
virStoragePoolIsPersistent, virInterfaceIsActive APIs in
(nearly) all drivers. Exceptions are:
phyp: missing domainIsActive/Persistent
esx: missing domainIsPersistent
opennebula: missing domainIsActive/Persistent
* src/remote/remote_protocol.x: Define remote wire ABI for newly
added APIs.
* daemon/remote_dispatch*.h: Re-generated from remote_protocol.x
* src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/network/bridge_driver.c,
src/opennebula/one_driver.c, src/openvz/openvz_conf.c,
src/openvz/openvz_driver.c, src/phyp/phyp_driver.c,
src/remote/remote_driver.c, src/storage/storage_driver.c,
src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
src/xen/xen_driver.c, src/xen/xen_driver.h, src/xen/xen_inotify.c,
src/xen/xen_inotify.h: Implement all the new APIs where possible
2009-10-20 14:12:03 +00:00
|
|
|
}
|
|
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchSecretGetValue(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-22 15:09:33 +00:00
|
|
|
remote_secret_get_value_args *args,
|
|
|
|
|
remote_secret_get_value_ret *ret)
|
Implmentation of new APIs to checking state/persistence of objects
This implements the virConnectIsSecure, virConnectIsEncrypted,
virDomainIsPersistent, virDomainIsActive, virNetworkIsActive,
virNetworkIsPersistent, virStoragePoolIsActive,
virStoragePoolIsPersistent, virInterfaceIsActive APIs in
(nearly) all drivers. Exceptions are:
phyp: missing domainIsActive/Persistent
esx: missing domainIsPersistent
opennebula: missing domainIsActive/Persistent
* src/remote/remote_protocol.x: Define remote wire ABI for newly
added APIs.
* daemon/remote_dispatch*.h: Re-generated from remote_protocol.x
* src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/network/bridge_driver.c,
src/opennebula/one_driver.c, src/openvz/openvz_conf.c,
src/openvz/openvz_driver.c, src/phyp/phyp_driver.c,
src/remote/remote_driver.c, src/storage/storage_driver.c,
src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
src/xen/xen_driver.c, src/xen/xen_driver.h, src/xen/xen_inotify.c,
src/xen/xen_inotify.h: Implement all the new APIs where possible
2009-10-20 14:12:03 +00:00
|
|
|
{
|
2011-04-22 15:09:33 +00:00
|
|
|
virSecretPtr secret = NULL;
|
|
|
|
|
size_t value_size;
|
|
|
|
|
unsigned char *value;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
Implmentation of new APIs to checking state/persistence of objects
This implements the virConnectIsSecure, virConnectIsEncrypted,
virDomainIsPersistent, virDomainIsActive, virNetworkIsActive,
virNetworkIsPersistent, virStoragePoolIsActive,
virStoragePoolIsPersistent, virInterfaceIsActive APIs in
(nearly) all drivers. Exceptions are:
phyp: missing domainIsActive/Persistent
esx: missing domainIsPersistent
opennebula: missing domainIsActive/Persistent
* src/remote/remote_protocol.x: Define remote wire ABI for newly
added APIs.
* daemon/remote_dispatch*.h: Re-generated from remote_protocol.x
* src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/network/bridge_driver.c,
src/opennebula/one_driver.c, src/openvz/openvz_conf.c,
src/openvz/openvz_driver.c, src/phyp/phyp_driver.c,
src/remote/remote_driver.c, src/storage/storage_driver.c,
src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
src/xen/xen_driver.c, src/xen/xen_driver.h, src/xen/xen_inotify.c,
src/xen/xen_inotify.h: Implement all the new APIs where possible
2009-10-20 14:12:03 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(secret = get_nonnull_secret(priv->conn, args->secret)))
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
Implmentation of new APIs to checking state/persistence of objects
This implements the virConnectIsSecure, virConnectIsEncrypted,
virDomainIsPersistent, virDomainIsActive, virNetworkIsActive,
virNetworkIsPersistent, virStoragePoolIsActive,
virStoragePoolIsPersistent, virInterfaceIsActive APIs in
(nearly) all drivers. Exceptions are:
phyp: missing domainIsActive/Persistent
esx: missing domainIsPersistent
opennebula: missing domainIsActive/Persistent
* src/remote/remote_protocol.x: Define remote wire ABI for newly
added APIs.
* daemon/remote_dispatch*.h: Re-generated from remote_protocol.x
* src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/network/bridge_driver.c,
src/opennebula/one_driver.c, src/openvz/openvz_conf.c,
src/openvz/openvz_driver.c, src/phyp/phyp_driver.c,
src/remote/remote_driver.c, src/storage/storage_driver.c,
src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
src/xen/xen_driver.c, src/xen/xen_driver.h, src/xen/xen_inotify.c,
src/xen/xen_inotify.h: Implement all the new APIs where possible
2009-10-20 14:12:03 +00:00
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
if (!(value = virSecretGetValue(secret, &value_size, args->flags)))
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
Implmentation of new APIs to checking state/persistence of objects
This implements the virConnectIsSecure, virConnectIsEncrypted,
virDomainIsPersistent, virDomainIsActive, virNetworkIsActive,
virNetworkIsPersistent, virStoragePoolIsActive,
virStoragePoolIsPersistent, virInterfaceIsActive APIs in
(nearly) all drivers. Exceptions are:
phyp: missing domainIsActive/Persistent
esx: missing domainIsPersistent
opennebula: missing domainIsActive/Persistent
* src/remote/remote_protocol.x: Define remote wire ABI for newly
added APIs.
* daemon/remote_dispatch*.h: Re-generated from remote_protocol.x
* src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/network/bridge_driver.c,
src/opennebula/one_driver.c, src/openvz/openvz_conf.c,
src/openvz/openvz_driver.c, src/phyp/phyp_driver.c,
src/remote/remote_driver.c, src/storage/storage_driver.c,
src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
src/xen/xen_driver.c, src/xen/xen_driver.h, src/xen/xen_inotify.c,
src/xen/xen_inotify.h: Implement all the new APIs where possible
2009-10-20 14:12:03 +00:00
|
|
|
|
2011-04-22 15:09:33 +00:00
|
|
|
ret->value.value_len = value_size;
|
|
|
|
|
ret->value.value_val = (char *)value;
|
|
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-22 15:09:33 +00:00
|
|
|
if (secret)
|
|
|
|
|
virSecretFree(secret);
|
2011-04-13 15:21:35 +00:00
|
|
|
return rv;
|
Implmentation of new APIs to checking state/persistence of objects
This implements the virConnectIsSecure, virConnectIsEncrypted,
virDomainIsPersistent, virDomainIsActive, virNetworkIsActive,
virNetworkIsPersistent, virStoragePoolIsActive,
virStoragePoolIsPersistent, virInterfaceIsActive APIs in
(nearly) all drivers. Exceptions are:
phyp: missing domainIsActive/Persistent
esx: missing domainIsPersistent
opennebula: missing domainIsActive/Persistent
* src/remote/remote_protocol.x: Define remote wire ABI for newly
added APIs.
* daemon/remote_dispatch*.h: Re-generated from remote_protocol.x
* src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/network/bridge_driver.c,
src/opennebula/one_driver.c, src/openvz/openvz_conf.c,
src/openvz/openvz_driver.c, src/phyp/phyp_driver.c,
src/remote/remote_driver.c, src/storage/storage_driver.c,
src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
src/xen/xen_driver.c, src/xen/xen_driver.h, src/xen/xen_inotify.c,
src/xen/xen_inotify.h: Implement all the new APIs where possible
2009-10-20 14:12:03 +00:00
|
|
|
}
|
|
|
|
|
|
2011-04-26 14:47:22 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainGetState(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-04-26 14:47:22 +00:00
|
|
|
remote_domain_get_state_args *args,
|
|
|
|
|
remote_domain_get_state_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-04-26 14:47:22 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-26 14:47:22 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-04-26 14:47:22 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (virDomainGetState(dom, &ret->state, &ret->reason, args->flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-26 14:47:22 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-26 14:47:22 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
|
|
|
|
|
/* Due to back-compat reasons, two RPC calls map to the same libvirt
|
|
|
|
|
* API of virConnectDomainEventRegisterAny. A client should only use
|
|
|
|
|
* the new call if they have probed
|
|
|
|
|
* VIR_DRV_SUPPORTS_FEATURE(VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK),
|
|
|
|
|
* and must not mix the two styles. */
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
static int
|
2013-04-18 11:07:23 +00:00
|
|
|
remoteDispatchConnectDomainEventRegisterAny(virNetServerPtr server ATTRIBUTE_UNUSED,
|
2014-01-06 00:23:55 +00:00
|
|
|
virNetServerClientPtr client,
|
2013-04-18 11:07:23 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED,
|
|
|
|
|
remote_connect_domain_event_register_any_args *args)
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
{
|
|
|
|
|
int callbackID;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2014-01-06 00:23:55 +00:00
|
|
|
daemonClientEventCallbackPtr callback = NULL;
|
|
|
|
|
daemonClientEventCallbackPtr ref;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
virMutexLock(&priv->lock);
|
|
|
|
|
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
/* We intentionally do not use VIR_DOMAIN_EVENT_ID_LAST here; any
|
|
|
|
|
* new domain events added after this point should only use the
|
|
|
|
|
* modern callback style of RPC. */
|
|
|
|
|
if (args->eventID > VIR_DOMAIN_EVENT_ID_DEVICE_REMOVED ||
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
args->eventID < 0) {
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, _("unsupported event ID %d"),
|
|
|
|
|
args->eventID);
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
}
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
/* If we call register first, we could append a complete callback
|
|
|
|
|
* to our array, but on OOM append failure, we'd have to then hope
|
|
|
|
|
* deregister works to undo our register. So instead we append an
|
|
|
|
|
* incomplete callback to our array, then register, then fix up
|
|
|
|
|
* our callback; but since VIR_APPEND_ELEMENT clears 'callback' on
|
|
|
|
|
* success, we use 'ref' to save a copy of the pointer. */
|
|
|
|
|
if (VIR_ALLOC(callback) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
callback->client = client;
|
|
|
|
|
callback->eventID = args->eventID;
|
|
|
|
|
callback->callbackID = -1;
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
callback->legacy = true;
|
2014-01-06 00:23:55 +00:00
|
|
|
ref = callback;
|
|
|
|
|
if (VIR_APPEND_ELEMENT(priv->domainEventCallbacks,
|
|
|
|
|
priv->ndomainEventCallbacks,
|
|
|
|
|
callback) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if ((callbackID = virConnectDomainEventRegisterAny(priv->conn,
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
NULL,
|
|
|
|
|
args->eventID,
|
|
|
|
|
domainEventCallbacks[args->eventID],
|
2014-01-06 00:23:55 +00:00
|
|
|
ref,
|
|
|
|
|
remoteEventCallbackFree)) < 0) {
|
|
|
|
|
VIR_SHRINK_N(priv->domainEventCallbacks,
|
|
|
|
|
priv->ndomainEventCallbacks, 1);
|
|
|
|
|
callback = ref;
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2014-01-06 00:23:55 +00:00
|
|
|
}
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
ref->callbackID = callbackID;
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_FREE(callback);
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
virMutexUnlock(&priv->lock);
|
2011-04-13 15:21:35 +00:00
|
|
|
return rv;
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchConnectDomainEventCallbackRegisterAny(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED,
|
|
|
|
|
remote_connect_domain_event_callback_register_any_args *args,
|
|
|
|
|
remote_connect_domain_event_callback_register_any_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
int callbackID;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
daemonClientEventCallbackPtr callback = NULL;
|
|
|
|
|
daemonClientEventCallbackPtr ref;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
virMutexLock(&priv->lock);
|
|
|
|
|
|
|
|
|
|
if (args->dom &&
|
|
|
|
|
!(dom = get_nonnull_domain(priv->conn, *args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2014-01-09 18:22:53 +00:00
|
|
|
if (args->eventID >= VIR_DOMAIN_EVENT_ID_LAST || args->eventID < 0) {
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, _("unsupported event ID %d"),
|
|
|
|
|
args->eventID);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* If we call register first, we could append a complete callback
|
|
|
|
|
* to our array, but on OOM append failure, we'd have to then hope
|
|
|
|
|
* deregister works to undo our register. So instead we append an
|
|
|
|
|
* incomplete callback to our array, then register, then fix up
|
|
|
|
|
* our callback; but since VIR_APPEND_ELEMENT clears 'callback' on
|
|
|
|
|
* success, we use 'ref' to save a copy of the pointer. */
|
|
|
|
|
if (VIR_ALLOC(callback) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
callback->client = client;
|
|
|
|
|
callback->eventID = args->eventID;
|
|
|
|
|
callback->callbackID = -1;
|
|
|
|
|
ref = callback;
|
|
|
|
|
if (VIR_APPEND_ELEMENT(priv->domainEventCallbacks,
|
|
|
|
|
priv->ndomainEventCallbacks,
|
|
|
|
|
callback) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if ((callbackID = virConnectDomainEventRegisterAny(priv->conn,
|
|
|
|
|
dom,
|
|
|
|
|
args->eventID,
|
|
|
|
|
domainEventCallbacks[args->eventID],
|
|
|
|
|
ref,
|
|
|
|
|
remoteEventCallbackFree)) < 0) {
|
|
|
|
|
VIR_SHRINK_N(priv->domainEventCallbacks,
|
|
|
|
|
priv->ndomainEventCallbacks, 1);
|
|
|
|
|
callback = ref;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ref->callbackID = callbackID;
|
|
|
|
|
ret->callbackID = callbackID;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
VIR_FREE(callback);
|
|
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
virMutexUnlock(&priv->lock);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
static int
|
2013-04-18 11:07:23 +00:00
|
|
|
remoteDispatchConnectDomainEventDeregisterAny(virNetServerPtr server ATTRIBUTE_UNUSED,
|
2014-01-06 00:23:55 +00:00
|
|
|
virNetServerClientPtr client,
|
2013-04-18 11:07:23 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED,
|
|
|
|
|
remote_connect_domain_event_deregister_any_args *args)
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
{
|
|
|
|
|
int callbackID = -1;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2014-01-06 00:23:55 +00:00
|
|
|
size_t i;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
virMutexLock(&priv->lock);
|
|
|
|
|
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
/* We intentionally do not use VIR_DOMAIN_EVENT_ID_LAST here; any
|
|
|
|
|
* new domain events added after this point should only use the
|
|
|
|
|
* modern callback style of RPC. */
|
|
|
|
|
if (args->eventID > VIR_DOMAIN_EVENT_ID_DEVICE_REMOVED ||
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
args->eventID < 0) {
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, _("unsupported event ID %d"),
|
|
|
|
|
args->eventID);
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
}
|
|
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
for (i = 0; i < priv->ndomainEventCallbacks; i++) {
|
|
|
|
|
if (priv->domainEventCallbacks[i]->eventID == args->eventID) {
|
|
|
|
|
callbackID = priv->domainEventCallbacks[i]->callbackID;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2011-05-16 17:13:11 +00:00
|
|
|
if (callbackID < 0) {
|
2014-01-06 00:23:55 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("domain event %d not registered"), args->eventID);
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (virConnectDomainEventDeregisterAny(priv->conn, callbackID) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
|
2014-01-06 00:23:55 +00:00
|
|
|
VIR_DELETE_ELEMENT(priv->domainEventCallbacks, i,
|
|
|
|
|
priv->ndomainEventCallbacks);
|
2011-05-16 17:13:11 +00:00
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
virMutexUnlock(&priv->lock);
|
2011-04-13 15:21:35 +00:00
|
|
|
return rv;
|
Remote driver & daemon impl of new event API
This wires up the remote driver to handle the new events APIs.
The public API allows an application to request a callback filters
events to a specific domain object, and register multiple callbacks
for the same event type. On the wire there are two strategies for
this
- Register multiple callbacks with the remote daemon, each
with filtering as needed
- Register only one callback per event type, with no filtering
Both approaches have potential inefficiency. In the first scheme,
the same event gets sent over the wire many times if multiple
callbacks are registered. With the second scheme, unneccessary
events get sent over the wire if a per-domain filter is set on
the client. The second scheme is far easier to implement though,
so this patch takes that approach.
* daemon/dispatch.h: Don't export remoteRelayDomainEvent since it
is no longer needed for unregistering callbacks, instead the
unique callback ID is used
* daemon/libvirtd.c, daemon/libvirtd.h: Track and unregister
callbacks based on callback ID, instead of function pointer
* daemon/remote.c: Switch over to using virConnectDomainEventRegisterAny
instead of legacy virConnectDomainEventRegister function. Refactor
remoteDispatchDomainEventSend() to cope with arbitrary event types
* src/driver.h, src/driver.c: Move verify() call into source file
instead of header, to avoid polluting the global namespace with
the verify function name
* src/remote/remote_driver.c: Implement new APIs for event
registration. Refactor processCallDispatchMessage() to cope
with arbitrary incoming event types. Merge remoteDomainQueueEvent()
into processCallDispatchMessage() to avoid duplication of code.
Rename remoteDomainReadEvent() to remoteDomainReadEventLifecycle()
* src/remote/remote_protocol.x: Define wire format for the new
virConnectDomainEventRegisterAny and virConnectDomainEventDeregisterAny
functions
2010-03-18 14:56:56 +00:00
|
|
|
}
|
|
|
|
|
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
remoteDispatchConnectDomainEventCallbackDeregisterAny(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED,
|
|
|
|
|
remote_connect_domain_event_callback_deregister_any_args *args)
|
|
|
|
|
{
|
|
|
|
|
int rv = -1;
|
|
|
|
|
size_t i;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
virMutexLock(&priv->lock);
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < priv->ndomainEventCallbacks; i++) {
|
|
|
|
|
if (priv->domainEventCallbacks[i]->callbackID == args->callbackID)
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if (i == priv->ndomainEventCallbacks) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("domain event callback %d not registered"),
|
|
|
|
|
args->callbackID);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virConnectDomainEventDeregisterAny(priv->conn, args->callbackID) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
VIR_DELETE_ELEMENT(priv->domainEventCallbacks, i,
|
|
|
|
|
priv->ndomainEventCallbacks);
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
virMutexUnlock(&priv->lock);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2010-04-17 02:09:25 +00:00
|
|
|
static int
|
2013-04-18 11:07:23 +00:00
|
|
|
qemuDispatchDomainMonitorCommand(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
qemu_domain_monitor_command_args *args,
|
|
|
|
|
qemu_domain_monitor_command_ret *ret)
|
2010-04-17 02:09:25 +00:00
|
|
|
{
|
2011-04-13 18:10:03 +00:00
|
|
|
virDomainPtr dom = NULL;
|
2011-04-13 15:21:35 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2010-04-17 02:09:25 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2011-04-12 16:33:49 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2010-04-17 02:09:25 +00:00
|
|
|
|
2011-04-13 18:10:03 +00:00
|
|
|
if (virDomainQemuMonitorCommand(dom, args->cmd, &ret->result,
|
2011-04-13 17:23:00 +00:00
|
|
|
args->flags) < 0)
|
2011-04-13 15:21:35 +00:00
|
|
|
goto cleanup;
|
2010-04-17 02:09:25 +00:00
|
|
|
|
2011-04-13 15:21:35 +00:00
|
|
|
rv = 0;
|
2010-04-17 02:09:25 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-04-13 15:21:35 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-04-13 18:10:03 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
2011-04-13 15:21:35 +00:00
|
|
|
return rv;
|
2010-04-17 02:09:25 +00:00
|
|
|
}
|
|
|
|
|
|
2010-04-27 19:29:15 +00:00
|
|
|
|
2011-02-01 14:23:40 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainMigrateBegin3(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-02-01 14:23:40 +00:00
|
|
|
remote_domain_migrate_begin3_args *args,
|
|
|
|
|
remote_domain_migrate_begin3_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
char *xml = NULL;
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
char *dname;
|
2011-05-18 09:26:30 +00:00
|
|
|
char *xmlin;
|
2011-02-01 14:23:40 +00:00
|
|
|
char *cookieout = NULL;
|
|
|
|
|
int cookieoutlen = 0;
|
|
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-02-01 14:23:40 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-02-01 14:23:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-02-01 14:23:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
2011-05-18 09:26:30 +00:00
|
|
|
xmlin = args->xmlin == NULL ? NULL : *args->xmlin;
|
2011-02-01 14:23:40 +00:00
|
|
|
dname = args->dname == NULL ? NULL : *args->dname;
|
|
|
|
|
|
2011-05-18 09:26:30 +00:00
|
|
|
if (!(xml = virDomainMigrateBegin3(dom, xmlin,
|
2011-02-01 14:23:40 +00:00
|
|
|
&cookieout, &cookieoutlen,
|
|
|
|
|
args->flags, dname, args->resource)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* remoteDispatchClientRequest will free cookie and
|
|
|
|
|
* the xml string if there is one.
|
|
|
|
|
*/
|
|
|
|
|
ret->cookie_out.cookie_out_len = cookieoutlen;
|
|
|
|
|
ret->cookie_out.cookie_out_val = cookieout;
|
|
|
|
|
ret->xml = xml;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-02-01 14:23:40 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-02-01 14:23:40 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainMigratePrepare3(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-02-01 14:23:40 +00:00
|
|
|
remote_domain_migrate_prepare3_args *args,
|
|
|
|
|
remote_domain_migrate_prepare3_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
char *cookieout = NULL;
|
|
|
|
|
int cookieoutlen = 0;
|
|
|
|
|
char *uri_in;
|
|
|
|
|
char **uri_out;
|
|
|
|
|
char *dname;
|
|
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-02-01 14:23:40 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-02-01 14:23:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uri_in = args->uri_in == NULL ? NULL : *args->uri_in;
|
|
|
|
|
dname = args->dname == NULL ? NULL : *args->dname;
|
|
|
|
|
|
|
|
|
|
/* Wacky world of XDR ... */
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC(uri_out) < 0)
|
2011-02-01 14:23:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (virDomainMigratePrepare3(priv->conn,
|
2011-02-01 14:23:40 +00:00
|
|
|
args->cookie_in.cookie_in_val,
|
|
|
|
|
args->cookie_in.cookie_in_len,
|
|
|
|
|
&cookieout, &cookieoutlen,
|
|
|
|
|
uri_in, uri_out,
|
|
|
|
|
args->flags, dname, args->resource,
|
|
|
|
|
args->dom_xml) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* remoteDispatchClientRequest will free cookie, uri_out and
|
|
|
|
|
* the string if there is one.
|
|
|
|
|
*/
|
|
|
|
|
ret->cookie_out.cookie_out_len = cookieoutlen;
|
|
|
|
|
ret->cookie_out.cookie_out_val = cookieout;
|
|
|
|
|
ret->uri_out = *uri_out == NULL ? NULL : uri_out;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-02-01 14:23:40 +00:00
|
|
|
if (rv < 0) {
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-02-01 14:23:40 +00:00
|
|
|
VIR_FREE(uri_out);
|
|
|
|
|
}
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
|
2011-02-01 14:23:40 +00:00
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainMigratePerform3(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-02-01 14:23:40 +00:00
|
|
|
remote_domain_migrate_perform3_args *args,
|
|
|
|
|
remote_domain_migrate_perform3_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
2011-05-18 09:26:30 +00:00
|
|
|
char *xmlin;
|
2011-02-01 14:23:40 +00:00
|
|
|
char *dname;
|
Add a second URI parameter to virDomainMigratePerform3 method
The virDomainMigratePerform3 currently has a single URI parameter
whose meaning varies. It is either
- A QEMU migration URI (normal migration)
- A libvirtd connection URI (peer2peer migration)
Unfortunately when using peer2peer migration, without also
using tunnelled migration, it is possible that both URIs are
required.
This adds a second URI parameter to the virDomainMigratePerform3
method, to cope with this scenario. Each parameter how has a fixed
meaning.
NB, there is no way to actually take advantage of this yet,
since virDomainMigrate/virDomainMigrateToURI do not have any
way to provide the 2 separate URIs
* daemon/remote.c, src/remote/remote_driver.c,
src/remote/remote_protocol.x, src/remote_protocol-structs: Add
the second URI parameter to perform3 message
* src/driver.h, src/libvirt.c, src/libvirt_internal.h: Add
the second URI parameter to Perform3 method
* src/libvirt_internal.h, src/qemu/qemu_migration.c,
src/qemu/qemu_migration.h: Update to handle URIs correctly
2011-05-18 13:18:53 +00:00
|
|
|
char *uri;
|
|
|
|
|
char *dconnuri;
|
2011-02-01 14:23:40 +00:00
|
|
|
char *cookieout = NULL;
|
|
|
|
|
int cookieoutlen = 0;
|
|
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-02-01 14:23:40 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-02-01 14:23:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-02-01 14:23:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
2011-05-18 09:26:30 +00:00
|
|
|
xmlin = args->xmlin == NULL ? NULL : *args->xmlin;
|
2011-02-01 14:23:40 +00:00
|
|
|
dname = args->dname == NULL ? NULL : *args->dname;
|
Add a second URI parameter to virDomainMigratePerform3 method
The virDomainMigratePerform3 currently has a single URI parameter
whose meaning varies. It is either
- A QEMU migration URI (normal migration)
- A libvirtd connection URI (peer2peer migration)
Unfortunately when using peer2peer migration, without also
using tunnelled migration, it is possible that both URIs are
required.
This adds a second URI parameter to the virDomainMigratePerform3
method, to cope with this scenario. Each parameter how has a fixed
meaning.
NB, there is no way to actually take advantage of this yet,
since virDomainMigrate/virDomainMigrateToURI do not have any
way to provide the 2 separate URIs
* daemon/remote.c, src/remote/remote_driver.c,
src/remote/remote_protocol.x, src/remote_protocol-structs: Add
the second URI parameter to perform3 message
* src/driver.h, src/libvirt.c, src/libvirt_internal.h: Add
the second URI parameter to Perform3 method
* src/libvirt_internal.h, src/qemu/qemu_migration.c,
src/qemu/qemu_migration.h: Update to handle URIs correctly
2011-05-18 13:18:53 +00:00
|
|
|
uri = args->uri == NULL ? NULL : *args->uri;
|
|
|
|
|
dconnuri = args->dconnuri == NULL ? NULL : *args->dconnuri;
|
2011-02-01 14:23:40 +00:00
|
|
|
|
2011-05-18 09:26:30 +00:00
|
|
|
if (virDomainMigratePerform3(dom, xmlin,
|
2011-02-01 14:23:40 +00:00
|
|
|
args->cookie_in.cookie_in_val,
|
|
|
|
|
args->cookie_in.cookie_in_len,
|
|
|
|
|
&cookieout, &cookieoutlen,
|
Add a second URI parameter to virDomainMigratePerform3 method
The virDomainMigratePerform3 currently has a single URI parameter
whose meaning varies. It is either
- A QEMU migration URI (normal migration)
- A libvirtd connection URI (peer2peer migration)
Unfortunately when using peer2peer migration, without also
using tunnelled migration, it is possible that both URIs are
required.
This adds a second URI parameter to the virDomainMigratePerform3
method, to cope with this scenario. Each parameter how has a fixed
meaning.
NB, there is no way to actually take advantage of this yet,
since virDomainMigrate/virDomainMigrateToURI do not have any
way to provide the 2 separate URIs
* daemon/remote.c, src/remote/remote_driver.c,
src/remote/remote_protocol.x, src/remote_protocol-structs: Add
the second URI parameter to perform3 message
* src/driver.h, src/libvirt.c, src/libvirt_internal.h: Add
the second URI parameter to Perform3 method
* src/libvirt_internal.h, src/qemu/qemu_migration.c,
src/qemu/qemu_migration.h: Update to handle URIs correctly
2011-05-18 13:18:53 +00:00
|
|
|
dconnuri, uri,
|
2011-02-01 14:23:40 +00:00
|
|
|
args->flags, dname, args->resource) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* remoteDispatchClientRequest will free cookie
|
|
|
|
|
*/
|
|
|
|
|
ret->cookie_out.cookie_out_len = cookieoutlen;
|
|
|
|
|
ret->cookie_out.cookie_out_val = cookieout;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-02-01 14:23:40 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-02-01 14:23:40 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainMigrateFinish3(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
2011-02-01 14:23:40 +00:00
|
|
|
remote_domain_migrate_finish3_args *args,
|
|
|
|
|
remote_domain_migrate_finish3_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
char *cookieout = NULL;
|
|
|
|
|
int cookieoutlen = 0;
|
Add a second URI parameter to virDomainMigratePerform3 method
The virDomainMigratePerform3 currently has a single URI parameter
whose meaning varies. It is either
- A QEMU migration URI (normal migration)
- A libvirtd connection URI (peer2peer migration)
Unfortunately when using peer2peer migration, without also
using tunnelled migration, it is possible that both URIs are
required.
This adds a second URI parameter to the virDomainMigratePerform3
method, to cope with this scenario. Each parameter how has a fixed
meaning.
NB, there is no way to actually take advantage of this yet,
since virDomainMigrate/virDomainMigrateToURI do not have any
way to provide the 2 separate URIs
* daemon/remote.c, src/remote/remote_driver.c,
src/remote/remote_protocol.x, src/remote_protocol-structs: Add
the second URI parameter to perform3 message
* src/driver.h, src/libvirt.c, src/libvirt_internal.h: Add
the second URI parameter to Perform3 method
* src/libvirt_internal.h, src/qemu/qemu_migration.c,
src/qemu/qemu_migration.h: Update to handle URIs correctly
2011-05-18 13:18:53 +00:00
|
|
|
char *uri;
|
|
|
|
|
char *dconnuri;
|
2011-02-01 14:23:40 +00:00
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-02-01 14:23:40 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-02-01 14:23:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
Add a second URI parameter to virDomainMigratePerform3 method
The virDomainMigratePerform3 currently has a single URI parameter
whose meaning varies. It is either
- A QEMU migration URI (normal migration)
- A libvirtd connection URI (peer2peer migration)
Unfortunately when using peer2peer migration, without also
using tunnelled migration, it is possible that both URIs are
required.
This adds a second URI parameter to the virDomainMigratePerform3
method, to cope with this scenario. Each parameter how has a fixed
meaning.
NB, there is no way to actually take advantage of this yet,
since virDomainMigrate/virDomainMigrateToURI do not have any
way to provide the 2 separate URIs
* daemon/remote.c, src/remote/remote_driver.c,
src/remote/remote_protocol.x, src/remote_protocol-structs: Add
the second URI parameter to perform3 message
* src/driver.h, src/libvirt.c, src/libvirt_internal.h: Add
the second URI parameter to Perform3 method
* src/libvirt_internal.h, src/qemu/qemu_migration.c,
src/qemu/qemu_migration.h: Update to handle URIs correctly
2011-05-18 13:18:53 +00:00
|
|
|
uri = args->uri == NULL ? NULL : *args->uri;
|
|
|
|
|
dconnuri = args->dconnuri == NULL ? NULL : *args->dconnuri;
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = virDomainMigrateFinish3(priv->conn, args->dname,
|
Fix the signature of virDomainMigrateFinish3 for error reporting
The current virDomainMigrateFinish3 method signature attempts to
distinguish two types of errors, by allowing return with ret== 0,
but ddomain == NULL, to indicate a failure to start the guest.
This is flawed, because when ret == 0, there is no way for the
virErrorPtr details to be sent back to the client.
Change the signature of virDomainMigrateFinish3 so it simply
returns a virDomainPtr, in the same way as virDomainMigrateFinish2
The disk locking code will protect against the only possible
failure mode this doesn't account for (loosing conenctivity to
libvirtd after Finish3 starts the CPUs, but before the client
sees the reply for Finish3).
* src/driver.h, src/libvirt.c, src/libvirt_internal.h: Change
virDomainMigrateFinish3 to return a virDomainPtr instead of int
* src/remote/remote_driver.c, src/remote/remote_protocol.x,
daemon/remote.c, src/qemu/qemu_driver.c, src/qemu/qemu_migration.c:
Update for API change
2011-05-24 12:05:33 +00:00
|
|
|
args->cookie_in.cookie_in_val,
|
|
|
|
|
args->cookie_in.cookie_in_len,
|
|
|
|
|
&cookieout, &cookieoutlen,
|
|
|
|
|
dconnuri, uri,
|
|
|
|
|
args->flags,
|
|
|
|
|
args->cancelled)))
|
2011-02-01 14:23:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
Fix the signature of virDomainMigrateFinish3 for error reporting
The current virDomainMigrateFinish3 method signature attempts to
distinguish two types of errors, by allowing return with ret== 0,
but ddomain == NULL, to indicate a failure to start the guest.
This is flawed, because when ret == 0, there is no way for the
virErrorPtr details to be sent back to the client.
Change the signature of virDomainMigrateFinish3 so it simply
returns a virDomainPtr, in the same way as virDomainMigrateFinish2
The disk locking code will protect against the only possible
failure mode this doesn't account for (loosing conenctivity to
libvirtd after Finish3 starts the CPUs, but before the client
sees the reply for Finish3).
* src/driver.h, src/libvirt.c, src/libvirt_internal.h: Change
virDomainMigrateFinish3 to return a virDomainPtr instead of int
* src/remote/remote_driver.c, src/remote/remote_protocol.x,
daemon/remote.c, src/qemu/qemu_driver.c, src/qemu/qemu_migration.c:
Update for API change
2011-05-24 12:05:33 +00:00
|
|
|
make_nonnull_domain(&ret->dom, dom);
|
2011-02-01 14:23:40 +00:00
|
|
|
|
|
|
|
|
/* remoteDispatchClientRequest will free cookie
|
|
|
|
|
*/
|
|
|
|
|
ret->cookie_out.cookie_out_len = cookieoutlen;
|
|
|
|
|
ret->cookie_out.cookie_out_val = cookieout;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-02-01 14:23:40 +00:00
|
|
|
if (rv < 0) {
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-02-01 14:23:40 +00:00
|
|
|
VIR_FREE(cookieout);
|
|
|
|
|
}
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2011-05-16 17:13:11 +00:00
|
|
|
remoteDispatchDomainMigrateConfirm3(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
2011-10-21 11:12:28 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_migrate_confirm3_args *args)
|
2011-02-01 14:23:40 +00:00
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
int rv = -1;
|
2011-05-16 17:13:11 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
2011-02-01 14:23:40 +00:00
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-02-01 14:23:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-16 17:13:11 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
2011-02-01 14:23:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (virDomainMigrateConfirm3(dom,
|
|
|
|
|
args->cookie_in.cookie_in_val,
|
|
|
|
|
args->cookie_in.cookie_in_len,
|
|
|
|
|
args->flags, args->cancelled) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-02-01 14:23:40 +00:00
|
|
|
if (rv < 0)
|
2011-05-16 17:13:11 +00:00
|
|
|
virNetMessageSaveError(rerr);
|
2011-02-01 14:23:40 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2013-04-18 11:07:23 +00:00
|
|
|
static int remoteDispatchConnectSupportsFeature(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_connect_supports_feature_args *args,
|
|
|
|
|
remote_connect_supports_feature_ret *ret)
|
2011-10-21 11:12:28 +00:00
|
|
|
{
|
|
|
|
|
int rv = -1;
|
|
|
|
|
int supported;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
2011-08-24 13:33:34 +00:00
|
|
|
/* This feature is checked before opening the connection, thus we must
|
|
|
|
|
* check it first.
|
|
|
|
|
*/
|
|
|
|
|
if (args->feature == VIR_DRV_FEATURE_PROGRAM_KEEPALIVE) {
|
|
|
|
|
if (virNetServerClientStartKeepAlive(client) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
supported = 1;
|
|
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
|
2011-10-21 11:12:28 +00:00
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-10-21 11:12:28 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
switch (args->feature) {
|
|
|
|
|
case VIR_DRV_FEATURE_FD_PASSING:
|
event: server RPC protocol tweaks for domain lifecycle events
This patch adds some new RPC call numbers, but for ease of review,
they sit idle until a later patch adds the client counterpart to
drive the new RPCs. Also for ease of review, I limited this patch
to just the lifecycle event; although converting the remaining
15 domain events will be quite mechanical. On the server side,
we have to have a function per RPC call, largely with duplicated
bodies (the key difference being that we store in our callback
opaque pointer whether events should be fired with old or new
style); meanwhile, a single function can drive multiple RPC
messages. With a strategic choice of XDR struct layout, we can
make the event generation code for both styles fairly compact.
I debated about adding a tri-state witness variable per
connection (values 'unknown', 'legacy', 'modern'). It would start
as 'unknown', move to 'legacy' if any RPC call is made to a legacy
event call, and move to 'modern' if the feature probe is made;
then the event code could issue an error if the witness state is
incorrect (a legacy RPC call while in 'modern', a modern RPC call
while in 'unknown' or 'legacy', and a feature probe while in
'legacy' or 'modern'). But while it might prevent odd behavior
caused by protocol fuzzing, I don't see that it would prevent
any security holes, so I considered it bloat.
Note that sticking @acl markers on the new RPCs generates unused
functions in access/viraccessapicheck.c, because there is no new
API call that needs to use the new checks; however, having a
consistent .x file is worth the dead code.
* src/libvirt_internal.h (VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK):
New feature.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_REGISTER_ANY)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_CALLBACK_DEREGISTER_ANY)
(REMOTE_PROC_DOMAIN_EVENT_CALLBACK_LIFECYCLE): New RPCs.
* daemon/remote.c (daemonClientCallback): Add field.
(remoteDispatchConnectDomainEventCallbackRegisterAny)
(remoteDispatchConnectDomainEventCallbackDeregisterAny): New
functions.
(remoteDispatchConnectDomainEventRegisterAny)
(remoteDispatchConnectDomainEventDeregisterAny): Mark legacy use.
(remoteRelayDomainEventLifecycle): Change message based on legacy
or new use.
(remoteDispatchConnectSupportsFeature): Advertise new feature.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:59:35 +00:00
|
|
|
case VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK:
|
2011-10-21 11:12:28 +00:00
|
|
|
supported = 1;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
2013-04-22 17:26:01 +00:00
|
|
|
if ((supported = virConnectSupportsFeature(priv->conn, args->feature)) < 0)
|
2011-10-21 11:12:28 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
done:
|
2011-10-21 11:12:28 +00:00
|
|
|
ret->supported = supported;
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-10-21 11:12:28 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2011-10-21 11:49:23 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainOpenGraphics(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_open_graphics_args *args)
|
|
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
int fd = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-10-21 11:49:23 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if ((fd = virNetMessageDupFD(msg, 0)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (virDomainOpenGraphics(dom,
|
|
|
|
|
args->idx,
|
|
|
|
|
fd,
|
|
|
|
|
args->flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-10-21 11:49:23 +00:00
|
|
|
VIR_FORCE_CLOSE(fd);
|
|
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2011-12-29 07:33:18 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainGetInterfaceParameters(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_get_interface_parameters_args *args,
|
|
|
|
|
remote_domain_get_interface_parameters_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
|
|
|
|
const char *device = args->device;
|
2013-05-02 11:36:53 +00:00
|
|
|
int nparams = 0;
|
2011-12-29 07:33:18 +00:00
|
|
|
unsigned int flags;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2011-12-29 07:33:18 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
flags = args->flags;
|
|
|
|
|
|
2013-05-02 11:36:53 +00:00
|
|
|
if (args->nparams > REMOTE_DOMAIN_INTERFACE_PARAMETERS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
2011-12-29 07:33:18 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2013-07-04 09:58:18 +00:00
|
|
|
if (args->nparams && VIR_ALLOC_N(params, args->nparams) < 0)
|
2011-12-29 07:33:18 +00:00
|
|
|
goto cleanup;
|
2013-05-02 11:36:53 +00:00
|
|
|
nparams = args->nparams;
|
2011-12-29 07:33:18 +00:00
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (virDomainGetInterfaceParameters(dom, device, params, &nparams, flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* In this case, we need to send back the number of parameters
|
|
|
|
|
* supported
|
|
|
|
|
*/
|
|
|
|
|
if (args->nparams == 0) {
|
|
|
|
|
ret->nparams = nparams;
|
|
|
|
|
goto success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (remoteSerializeTypedParameters(params, nparams,
|
|
|
|
|
&ret->params.params_val,
|
|
|
|
|
&ret->params.params_len,
|
|
|
|
|
flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
success:
|
2011-12-29 07:33:18 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2011-12-29 07:33:18 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
2013-01-15 23:42:35 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
2011-12-29 07:33:18 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
2011-10-21 11:49:23 +00:00
|
|
|
|
2012-01-28 06:21:31 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainGetCPUStats(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr hdr ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_get_cpu_stats_args *args,
|
|
|
|
|
remote_domain_get_cpu_stats_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
struct daemonClientPrivate *priv;
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
int percpu_len = 0;
|
|
|
|
|
|
|
|
|
|
priv = virNetServerClientGetPrivateData(client);
|
|
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2012-01-28 06:21:31 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (args->nparams > REMOTE_NODE_CPU_STATS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
2012-01-28 06:21:31 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
if (args->ncpus > REMOTE_DOMAIN_GET_CPU_STATS_NCPUS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("ncpus too large"));
|
2012-01-28 06:21:31 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (args->nparams > 0 &&
|
2013-07-04 09:58:18 +00:00
|
|
|
VIR_ALLOC_N(params, args->ncpus * args->nparams) < 0)
|
2012-01-28 06:21:31 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
percpu_len = virDomainGetCPUStats(dom, params, args->nparams,
|
|
|
|
|
args->start_cpu, args->ncpus,
|
|
|
|
|
args->flags);
|
|
|
|
|
if (percpu_len < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
/* If nparams == 0, the function returns a single value */
|
|
|
|
|
if (args->nparams == 0)
|
|
|
|
|
goto success;
|
|
|
|
|
|
|
|
|
|
if (remoteSerializeTypedParameters(params, args->nparams * args->ncpus,
|
|
|
|
|
&ret->params.params_val,
|
|
|
|
|
&ret->params.params_len,
|
|
|
|
|
args->flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
success:
|
2012-01-28 06:21:31 +00:00
|
|
|
rv = 0;
|
|
|
|
|
ret->nparams = percpu_len;
|
rpc: allow truncated return for virDomainGetCPUStats
The RPC code assumed that the array returned by the driver would be
fully populated; that is, ncpus on entry resulted in ncpus * return
value on exit. However, while we don't support holes in the middle
of ncpus, we do want to permit the case of ncpus on entry being
longer than the array returned by the driver (that is, it should be
safe for the caller to pass ncpus=128 on entry, and the driver will
stop populating the array when it hits max_id).
Additionally, a successful return implies that the caller will then
use virTypedParamArrayClear on the entire array; for this to not
free uninitialized memory, the driver must ensure that all skipped
entries are explicitly zeroed (the RPC driver did this, but not
the qemu driver).
There are now three cases:
server 0.9.10 and client 0.9.10 or newer: No impact - there were no
hypervisor drivers that supported cpu stats
server 0.9.11 or newer and client 0.9.10: if the client calls with
ncpus beyond the max, then the rpc call will fail on the client side
and disconnect the client, but the server is no worse for the wear
server 0.9.11 or newer and client 0.9.11: the server can return a
truncated array and the client will do just fine
I reproduced the problem by using a host with 2 CPUs, and doing:
virsh cpu-stats $dom --start 1 --count 2
* daemon/remote.c (remoteDispatchDomainGetCPUStats): Allow driver
to omit tail of array.
* src/remote/remote_driver.c (remoteDomainGetCPUStats):
Accommodate driver that omits tail of array.
* src/libvirt.c (virDomainGetCPUStats): Document this.
* src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Clear all
unpopulated entries.
2012-03-07 04:36:53 +00:00
|
|
|
if (args->nparams && !(args->flags & VIR_TYPED_PARAM_STRING_OKAY)) {
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
rpc: allow truncated return for virDomainGetCPUStats
The RPC code assumed that the array returned by the driver would be
fully populated; that is, ncpus on entry resulted in ncpus * return
value on exit. However, while we don't support holes in the middle
of ncpus, we do want to permit the case of ncpus on entry being
longer than the array returned by the driver (that is, it should be
safe for the caller to pass ncpus=128 on entry, and the driver will
stop populating the array when it hits max_id).
Additionally, a successful return implies that the caller will then
use virTypedParamArrayClear on the entire array; for this to not
free uninitialized memory, the driver must ensure that all skipped
entries are explicitly zeroed (the RPC driver did this, but not
the qemu driver).
There are now three cases:
server 0.9.10 and client 0.9.10 or newer: No impact - there were no
hypervisor drivers that supported cpu stats
server 0.9.11 or newer and client 0.9.10: if the client calls with
ncpus beyond the max, then the rpc call will fail on the client side
and disconnect the client, but the server is no worse for the wear
server 0.9.11 or newer and client 0.9.11: the server can return a
truncated array and the client will do just fine
I reproduced the problem by using a host with 2 CPUs, and doing:
virsh cpu-stats $dom --start 1 --count 2
* daemon/remote.c (remoteDispatchDomainGetCPUStats): Allow driver
to omit tail of array.
* src/remote/remote_driver.c (remoteDomainGetCPUStats):
Accommodate driver that omits tail of array.
* src/libvirt.c (virDomainGetCPUStats): Document this.
* src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Clear all
unpopulated entries.
2012-03-07 04:36:53 +00:00
|
|
|
|
|
|
|
|
for (i = 0; i < percpu_len; i++) {
|
|
|
|
|
if (params[i].type == VIR_TYPED_PARAM_STRING)
|
|
|
|
|
ret->nparams--;
|
|
|
|
|
}
|
|
|
|
|
}
|
2012-01-28 06:21:31 +00:00
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-01-28 06:21:31 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
2013-01-15 23:42:35 +00:00
|
|
|
virTypedParamsFree(params, args->ncpus * args->nparams);
|
2012-01-28 06:21:31 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2013-09-03 20:36:20 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainGetDiskErrors(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_get_disk_errors_args *args,
|
|
|
|
|
remote_domain_get_disk_errors_ret *ret)
|
2012-01-31 06:42:31 +00:00
|
|
|
{
|
|
|
|
|
int rv = -1;
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
virDomainDiskErrorPtr errors = NULL;
|
2012-02-01 15:10:46 +00:00
|
|
|
int len = 0;
|
2012-01-31 06:42:31 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2012-01-31 06:42:31 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (args->maxerrors > REMOTE_DOMAIN_DISK_ERRORS_MAX) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
|
|
|
|
_("maxerrors too large"));
|
2012-01-31 06:42:31 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (args->maxerrors &&
|
2013-07-04 09:58:18 +00:00
|
|
|
VIR_ALLOC_N(errors, args->maxerrors) < 0)
|
2012-01-31 06:42:31 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if ((len = virDomainGetDiskErrors(dom, errors,
|
|
|
|
|
args->maxerrors,
|
|
|
|
|
args->flags)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->nerrors = len;
|
|
|
|
|
if (errors &&
|
|
|
|
|
remoteSerializeDomainDiskErrors(errors, len,
|
|
|
|
|
&ret->errors.errors_val,
|
|
|
|
|
&ret->errors.errors_len) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-01-31 06:42:31 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
if (errors) {
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2012-01-31 06:42:31 +00:00
|
|
|
for (i = 0; i < len; i++)
|
|
|
|
|
VIR_FREE(errors[i].disk);
|
|
|
|
|
}
|
|
|
|
|
VIR_FREE(errors);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2012-06-10 03:24:57 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainListAllSnapshots(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_list_all_snapshots_args *args,
|
|
|
|
|
remote_domain_list_all_snapshots_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainSnapshotPtr *snaps = NULL;
|
|
|
|
|
int nsnaps = 0;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2012-06-10 03:24:57 +00:00
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2012-06-10 03:24:57 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if ((nsnaps = virDomainListAllSnapshots(dom,
|
|
|
|
|
args->need_results ? &snaps : NULL,
|
|
|
|
|
args->flags)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2013-08-19 11:55:53 +00:00
|
|
|
if (nsnaps > REMOTE_DOMAIN_SNAPSHOT_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many domain snapshots '%d' for limit '%d'"),
|
|
|
|
|
nsnaps, REMOTE_DOMAIN_SNAPSHOT_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2012-06-10 03:24:57 +00:00
|
|
|
if (snaps && nsnaps) {
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->snapshots.snapshots_val, nsnaps) < 0)
|
2012-06-10 03:24:57 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->snapshots.snapshots_len = nsnaps;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < nsnaps; i++)
|
|
|
|
|
make_nonnull_domain_snapshot(ret->snapshots.snapshots_val + i,
|
|
|
|
|
snaps[i]);
|
|
|
|
|
} else {
|
|
|
|
|
ret->snapshots.snapshots_len = 0;
|
|
|
|
|
ret->snapshots.snapshots_val = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret->ret = nsnaps;
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-06-10 03:24:57 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
if (snaps) {
|
|
|
|
|
for (i = 0; i < nsnaps; i++)
|
|
|
|
|
virDomainSnapshotFree(snaps[i]);
|
|
|
|
|
VIR_FREE(snaps);
|
|
|
|
|
}
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainSnapshotListAllChildren(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_snapshot_list_all_children_args *args,
|
|
|
|
|
remote_domain_snapshot_list_all_children_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainSnapshotPtr *snaps = NULL;
|
|
|
|
|
int nsnaps = 0;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2012-06-10 03:24:57 +00:00
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
virDomainSnapshotPtr snapshot = NULL;
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
2012-07-18 18:30:53 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
2012-06-10 03:24:57 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->snapshot.dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (!(snapshot = get_nonnull_domain_snapshot(dom, args->snapshot)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if ((nsnaps = virDomainSnapshotListAllChildren(snapshot,
|
|
|
|
|
args->need_results ? &snaps : NULL,
|
|
|
|
|
args->flags)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2013-08-19 11:55:53 +00:00
|
|
|
if (nsnaps > REMOTE_DOMAIN_SNAPSHOT_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many domain snapshots '%d' for limit '%d'"),
|
|
|
|
|
nsnaps, REMOTE_DOMAIN_SNAPSHOT_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2012-06-10 03:24:57 +00:00
|
|
|
if (snaps && nsnaps) {
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->snapshots.snapshots_val, nsnaps) < 0)
|
2012-06-10 03:24:57 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->snapshots.snapshots_len = nsnaps;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < nsnaps; i++)
|
|
|
|
|
make_nonnull_domain_snapshot(ret->snapshots.snapshots_val + i,
|
|
|
|
|
snaps[i]);
|
|
|
|
|
} else {
|
|
|
|
|
ret->snapshots.snapshots_len = 0;
|
|
|
|
|
ret->snapshots.snapshots_val = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret->ret = nsnaps;
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-06-10 03:24:57 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (snapshot)
|
|
|
|
|
virDomainSnapshotFree(snapshot);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
if (snaps) {
|
|
|
|
|
for (i = 0; i < nsnaps; i++)
|
|
|
|
|
virDomainSnapshotFree(snaps[i]);
|
|
|
|
|
VIR_FREE(snaps);
|
|
|
|
|
}
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-04 15:16:26 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchConnectListAllStoragePools(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_connect_list_all_storage_pools_args *args,
|
|
|
|
|
remote_connect_list_all_storage_pools_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virStoragePoolPtr *pools = NULL;
|
|
|
|
|
int npools = 0;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2012-09-04 15:16:26 +00:00
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((npools = virConnectListAllStoragePools(priv->conn,
|
|
|
|
|
args->need_results ? &pools : NULL,
|
|
|
|
|
args->flags)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2013-08-19 13:27:56 +00:00
|
|
|
if (npools > REMOTE_STORAGE_POOL_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many storage pools '%d' for limit '%d'"),
|
|
|
|
|
npools, REMOTE_STORAGE_POOL_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-04 15:16:26 +00:00
|
|
|
if (pools && npools) {
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->pools.pools_val, npools) < 0)
|
2012-09-04 15:16:26 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->pools.pools_len = npools;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < npools; i++)
|
|
|
|
|
make_nonnull_storage_pool(ret->pools.pools_val + i, pools[i]);
|
|
|
|
|
} else {
|
|
|
|
|
ret->pools.pools_len = 0;
|
|
|
|
|
ret->pools.pools_val = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret->ret = npools;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-09-04 15:16:26 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (pools) {
|
|
|
|
|
for (i = 0; i < npools; i++)
|
|
|
|
|
virStoragePoolFree(pools[i]);
|
|
|
|
|
VIR_FREE(pools);
|
|
|
|
|
}
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-04 15:32:54 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchStoragePoolListAllVolumes(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_storage_pool_list_all_volumes_args *args,
|
|
|
|
|
remote_storage_pool_list_all_volumes_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virStorageVolPtr *vols = NULL;
|
|
|
|
|
virStoragePoolPtr pool = NULL;
|
|
|
|
|
int nvols = 0;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2012-09-04 15:32:54 +00:00
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(pool = get_nonnull_storage_pool(priv->conn, args->pool)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if ((nvols = virStoragePoolListAllVolumes(pool,
|
|
|
|
|
args->need_results ? &vols : NULL,
|
|
|
|
|
args->flags)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2013-08-19 13:33:58 +00:00
|
|
|
if (nvols > REMOTE_STORAGE_VOL_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many storage volumes '%d' for limit '%d'"),
|
|
|
|
|
nvols, REMOTE_STORAGE_VOL_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-04 15:32:54 +00:00
|
|
|
if (vols && nvols) {
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->vols.vols_val, nvols) < 0)
|
2012-09-04 15:32:54 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->vols.vols_len = nvols;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < nvols; i++)
|
|
|
|
|
make_nonnull_storage_vol(ret->vols.vols_val + i, vols[i]);
|
|
|
|
|
} else {
|
|
|
|
|
ret->vols.vols_len = 0;
|
|
|
|
|
ret->vols.vols_val = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret->ret = nvols;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-09-04 15:32:54 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (vols) {
|
|
|
|
|
for (i = 0; i < nvols; i++)
|
|
|
|
|
virStorageVolFree(vols[i]);
|
|
|
|
|
VIR_FREE(vols);
|
|
|
|
|
}
|
2013-04-12 15:30:56 +00:00
|
|
|
if (pool)
|
|
|
|
|
virStoragePoolFree(pool);
|
2012-09-04 15:32:54 +00:00
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-04 15:55:16 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchConnectListAllNetworks(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_connect_list_all_networks_args *args,
|
|
|
|
|
remote_connect_list_all_networks_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virNetworkPtr *nets = NULL;
|
|
|
|
|
int nnets = 0;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2012-09-04 15:55:16 +00:00
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((nnets = virConnectListAllNetworks(priv->conn,
|
|
|
|
|
args->need_results ? &nets : NULL,
|
|
|
|
|
args->flags)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2013-08-19 13:37:29 +00:00
|
|
|
if (nnets > REMOTE_NETWORK_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many networks '%d' for limit '%d'"),
|
|
|
|
|
nnets, REMOTE_NETWORK_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-04 15:55:16 +00:00
|
|
|
if (nets && nnets) {
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->nets.nets_val, nnets) < 0)
|
2012-09-04 15:55:16 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->nets.nets_len = nnets;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < nnets; i++)
|
|
|
|
|
make_nonnull_network(ret->nets.nets_val + i, nets[i]);
|
|
|
|
|
} else {
|
|
|
|
|
ret->nets.nets_len = 0;
|
|
|
|
|
ret->nets.nets_val = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret->ret = nnets;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-09-04 15:55:16 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (nets) {
|
|
|
|
|
for (i = 0; i < nnets; i++)
|
|
|
|
|
virNetworkFree(nets[i]);
|
|
|
|
|
VIR_FREE(nets);
|
|
|
|
|
}
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-04 16:10:16 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchConnectListAllInterfaces(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_connect_list_all_interfaces_args *args,
|
|
|
|
|
remote_connect_list_all_interfaces_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virInterfacePtr *ifaces = NULL;
|
|
|
|
|
int nifaces = 0;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2012-09-04 16:10:16 +00:00
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((nifaces = virConnectListAllInterfaces(priv->conn,
|
|
|
|
|
args->need_results ? &ifaces : NULL,
|
|
|
|
|
args->flags)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2013-08-19 13:41:56 +00:00
|
|
|
if (nifaces > REMOTE_INTERFACE_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many interfaces '%d' for limit '%d'"),
|
|
|
|
|
nifaces, REMOTE_INTERFACE_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-04 16:10:16 +00:00
|
|
|
if (ifaces && nifaces) {
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->ifaces.ifaces_val, nifaces) < 0)
|
2012-09-04 16:10:16 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->ifaces.ifaces_len = nifaces;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < nifaces; i++)
|
|
|
|
|
make_nonnull_interface(ret->ifaces.ifaces_val + i, ifaces[i]);
|
|
|
|
|
} else {
|
|
|
|
|
ret->ifaces.ifaces_len = 0;
|
|
|
|
|
ret->ifaces.ifaces_val = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret->ret = nifaces;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-09-04 16:10:16 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (ifaces) {
|
|
|
|
|
for (i = 0; i < nifaces; i++)
|
|
|
|
|
virInterfaceFree(ifaces[i]);
|
|
|
|
|
VIR_FREE(ifaces);
|
|
|
|
|
}
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-05 05:34:08 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchConnectListAllNodeDevices(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_connect_list_all_node_devices_args *args,
|
|
|
|
|
remote_connect_list_all_node_devices_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virNodeDevicePtr *devices = NULL;
|
|
|
|
|
int ndevices = 0;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2012-09-05 05:34:08 +00:00
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((ndevices = virConnectListAllNodeDevices(priv->conn,
|
|
|
|
|
args->need_results ? &devices : NULL,
|
|
|
|
|
args->flags)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2013-08-19 13:44:52 +00:00
|
|
|
if (ndevices > REMOTE_NODE_DEVICE_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many node devices '%d' for limit '%d'"),
|
|
|
|
|
ndevices, REMOTE_NODE_DEVICE_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-05 05:34:08 +00:00
|
|
|
if (devices && ndevices) {
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->devices.devices_val, ndevices) < 0)
|
2012-09-05 05:34:08 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->devices.devices_len = ndevices;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < ndevices; i++)
|
|
|
|
|
make_nonnull_node_device(ret->devices.devices_val + i, devices[i]);
|
|
|
|
|
} else {
|
|
|
|
|
ret->devices.devices_len = 0;
|
|
|
|
|
ret->devices.devices_val = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret->ret = ndevices;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-09-05 05:34:08 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (devices) {
|
|
|
|
|
for (i = 0; i < ndevices; i++)
|
|
|
|
|
virNodeDeviceFree(devices[i]);
|
|
|
|
|
VIR_FREE(devices);
|
|
|
|
|
}
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
2012-09-04 15:55:16 +00:00
|
|
|
|
2012-09-05 06:02:04 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchConnectListAllNWFilters(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_connect_list_all_nwfilters_args *args,
|
|
|
|
|
remote_connect_list_all_nwfilters_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virNWFilterPtr *filters = NULL;
|
|
|
|
|
int nfilters = 0;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2012-09-05 06:02:04 +00:00
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((nfilters = virConnectListAllNWFilters(priv->conn,
|
|
|
|
|
args->need_results ? &filters : NULL,
|
|
|
|
|
args->flags)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2013-08-19 13:47:22 +00:00
|
|
|
if (nfilters > REMOTE_NWFILTER_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many network filters '%d' for limit '%d'"),
|
|
|
|
|
nfilters, REMOTE_NWFILTER_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-05 06:02:04 +00:00
|
|
|
if (filters && nfilters) {
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->filters.filters_val, nfilters) < 0)
|
2012-09-05 06:02:04 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->filters.filters_len = nfilters;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < nfilters; i++)
|
|
|
|
|
make_nonnull_nwfilter(ret->filters.filters_val + i, filters[i]);
|
|
|
|
|
} else {
|
|
|
|
|
ret->filters.filters_len = 0;
|
|
|
|
|
ret->filters.filters_val = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret->ret = nfilters;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-09-05 06:02:04 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (filters) {
|
|
|
|
|
for (i = 0; i < nfilters; i++)
|
|
|
|
|
virNWFilterFree(filters[i]);
|
|
|
|
|
VIR_FREE(filters);
|
|
|
|
|
}
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-14 08:38:49 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchConnectListAllSecrets(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_connect_list_all_secrets_args *args,
|
|
|
|
|
remote_connect_list_all_secrets_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virSecretPtr *secrets = NULL;
|
|
|
|
|
int nsecrets = 0;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i;
|
2012-09-14 08:38:49 +00:00
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((nsecrets = virConnectListAllSecrets(priv->conn,
|
|
|
|
|
args->need_results ? &secrets : NULL,
|
|
|
|
|
args->flags)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2013-08-19 13:49:57 +00:00
|
|
|
if (nsecrets > REMOTE_SECRET_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many secrets '%d' for limit '%d'"),
|
|
|
|
|
nsecrets, REMOTE_SECRET_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-14 08:38:49 +00:00
|
|
|
if (secrets && nsecrets) {
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(ret->secrets.secrets_val, nsecrets) < 0)
|
2012-09-14 08:38:49 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->secrets.secrets_len = nsecrets;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < nsecrets; i++)
|
|
|
|
|
make_nonnull_secret(ret->secrets.secrets_val + i, secrets[i]);
|
|
|
|
|
} else {
|
|
|
|
|
ret->secrets.secrets_len = 0;
|
|
|
|
|
ret->secrets.secrets_val = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret->ret = nsecrets;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-09-14 08:38:49 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (secrets) {
|
|
|
|
|
for (i = 0; i < nsecrets; i++)
|
|
|
|
|
virSecretFree(secrets[i]);
|
|
|
|
|
VIR_FREE(secrets);
|
|
|
|
|
}
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-14 14:42:15 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchNodeGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_node_get_memory_parameters_args *args,
|
|
|
|
|
remote_node_get_memory_parameters_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
2013-05-02 11:36:53 +00:00
|
|
|
int nparams = 0;
|
2012-09-14 14:42:15 +00:00
|
|
|
unsigned int flags;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
flags = args->flags;
|
|
|
|
|
|
2013-05-02 11:36:53 +00:00
|
|
|
if (args->nparams > REMOTE_NODE_MEMORY_PARAMETERS_MAX) {
|
2012-09-14 14:42:15 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2013-07-04 09:58:18 +00:00
|
|
|
if (args->nparams && VIR_ALLOC_N(params, args->nparams) < 0)
|
2012-09-14 14:42:15 +00:00
|
|
|
goto cleanup;
|
2013-05-02 11:36:53 +00:00
|
|
|
nparams = args->nparams;
|
2012-09-14 14:42:15 +00:00
|
|
|
|
|
|
|
|
if (virNodeGetMemoryParameters(priv->conn, params, &nparams, flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* In this case, we need to send back the number of parameters
|
|
|
|
|
* supported
|
|
|
|
|
*/
|
|
|
|
|
if (args->nparams == 0) {
|
|
|
|
|
ret->nparams = nparams;
|
|
|
|
|
goto success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (remoteSerializeTypedParameters(params, nparams,
|
|
|
|
|
&ret->params.params_val,
|
|
|
|
|
&ret->params.params_len,
|
|
|
|
|
args->flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
success:
|
2012-09-14 14:42:15 +00:00
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-09-14 14:42:15 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
2013-01-15 23:42:35 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
2012-09-14 14:42:15 +00:00
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2012-10-16 14:05:11 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchNodeGetCPUMap(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_node_get_cpu_map_args *args,
|
|
|
|
|
remote_node_get_cpu_map_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
unsigned char *cpumap = NULL;
|
2012-11-01 23:55:43 +00:00
|
|
|
unsigned int online = 0;
|
2012-10-16 14:05:11 +00:00
|
|
|
unsigned int flags;
|
|
|
|
|
int cpunum;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
flags = args->flags;
|
|
|
|
|
|
2012-11-01 23:55:43 +00:00
|
|
|
cpunum = virNodeGetCPUMap(priv->conn, args->need_map ? &cpumap : NULL,
|
|
|
|
|
args->need_online ? &online : NULL, flags);
|
2012-10-16 14:05:11 +00:00
|
|
|
if (cpunum < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* 'serialize' return cpumap */
|
2012-11-01 23:55:43 +00:00
|
|
|
if (args->need_map) {
|
2012-10-16 14:05:11 +00:00
|
|
|
ret->cpumap.cpumap_len = VIR_CPU_MAPLEN(cpunum);
|
|
|
|
|
ret->cpumap.cpumap_val = (char *) cpumap;
|
|
|
|
|
cpumap = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret->online = online;
|
|
|
|
|
ret->ret = cpunum;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-10-16 14:05:11 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
VIR_FREE(cpumap);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2012-12-21 14:20:04 +00:00
|
|
|
static int
|
|
|
|
|
lxcDispatchDomainOpenNamespace(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
lxc_domain_open_namespace_args *args)
|
|
|
|
|
{
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
int *fdlist = NULL;
|
|
|
|
|
int ret;
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
size_t i;
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret = virDomainLxcOpenNamespace(dom,
|
|
|
|
|
&fdlist,
|
|
|
|
|
args->flags);
|
|
|
|
|
if (ret < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* We shouldn't have received any from the client,
|
|
|
|
|
* but in case they're playing games with us, prevent
|
|
|
|
|
* a resource leak
|
|
|
|
|
*/
|
2013-05-21 07:45:26 +00:00
|
|
|
for (i = 0; i < msg->nfds; i++)
|
2012-12-21 14:20:04 +00:00
|
|
|
VIR_FORCE_CLOSE(msg->fds[i]);
|
|
|
|
|
VIR_FREE(msg->fds);
|
|
|
|
|
msg->nfds = 0;
|
|
|
|
|
|
|
|
|
|
msg->fds = fdlist;
|
|
|
|
|
msg->nfds = ret;
|
|
|
|
|
|
|
|
|
|
rv = 1;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2012-12-21 14:20:04 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
2013-10-18 02:12:00 +00:00
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
2012-12-21 14:20:04 +00:00
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2013-01-30 09:49:28 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainGetJobStats(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_get_job_stats_args *args,
|
|
|
|
|
remote_domain_get_job_stats_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
|
|
|
|
int nparams = 0;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (virDomainGetJobStats(dom, &ret->type, ¶ms,
|
|
|
|
|
&nparams, args->flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2013-08-19 11:42:31 +00:00
|
|
|
if (nparams > REMOTE_DOMAIN_JOB_STATS_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many job stats '%d' for limit '%d'"),
|
|
|
|
|
nparams, REMOTE_DOMAIN_JOB_STATS_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-01-30 09:49:28 +00:00
|
|
|
if (remoteSerializeTypedParameters(params, nparams,
|
|
|
|
|
&ret->params.params_val,
|
|
|
|
|
&ret->params.params_len,
|
|
|
|
|
0) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2013-01-30 09:49:28 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
virTypedParamsFree(params, nparams);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-20 14:59:08 +00:00
|
|
|
static int
|
2013-09-03 20:36:20 +00:00
|
|
|
remoteDispatchDomainMigrateBegin3Params(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_migrate_begin3_params_args *args,
|
|
|
|
|
remote_domain_migrate_begin3_params_ret *ret)
|
2013-05-20 14:59:08 +00:00
|
|
|
{
|
|
|
|
|
char *xml = NULL;
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
|
|
|
|
int nparams = 0;
|
|
|
|
|
char *cookieout = NULL;
|
|
|
|
|
int cookieoutlen = 0;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-19 13:55:21 +00:00
|
|
|
if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many migration parameters '%d' for limit '%d'"),
|
|
|
|
|
args->params.params_len, REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-20 14:59:08 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (!(params = remoteDeserializeTypedParameters(args->params.params_val,
|
|
|
|
|
args->params.params_len,
|
|
|
|
|
0, &nparams)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (!(xml = virDomainMigrateBegin3Params(dom, params, nparams,
|
|
|
|
|
&cookieout, &cookieoutlen,
|
|
|
|
|
args->flags)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->cookie_out.cookie_out_len = cookieoutlen;
|
|
|
|
|
ret->cookie_out.cookie_out_val = cookieout;
|
|
|
|
|
ret->xml = xml;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2013-05-20 14:59:08 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
|
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2013-09-03 20:36:20 +00:00
|
|
|
remoteDispatchDomainMigratePrepare3Params(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_migrate_prepare3_params_args *args,
|
|
|
|
|
remote_domain_migrate_prepare3_params_ret *ret)
|
2013-05-20 14:59:08 +00:00
|
|
|
{
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
|
|
|
|
int nparams = 0;
|
|
|
|
|
char *cookieout = NULL;
|
|
|
|
|
int cookieoutlen = 0;
|
|
|
|
|
char **uri_out;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-19 13:55:21 +00:00
|
|
|
if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many migration parameters '%d' for limit '%d'"),
|
|
|
|
|
args->params.params_len, REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-20 14:59:08 +00:00
|
|
|
if (!(params = remoteDeserializeTypedParameters(args->params.params_val,
|
|
|
|
|
args->params.params_len,
|
|
|
|
|
0, &nparams)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* Wacky world of XDR ... */
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC(uri_out) < 0)
|
2013-05-20 14:59:08 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (virDomainMigratePrepare3Params(priv->conn, params, nparams,
|
|
|
|
|
args->cookie_in.cookie_in_val,
|
|
|
|
|
args->cookie_in.cookie_in_len,
|
|
|
|
|
&cookieout, &cookieoutlen,
|
|
|
|
|
uri_out, args->flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->cookie_out.cookie_out_len = cookieoutlen;
|
|
|
|
|
ret->cookie_out.cookie_out_val = cookieout;
|
|
|
|
|
ret->uri_out = !*uri_out ? NULL : uri_out;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2013-05-20 14:59:08 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
|
|
|
|
if (rv < 0) {
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
VIR_FREE(uri_out);
|
|
|
|
|
}
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2013-09-03 20:36:20 +00:00
|
|
|
remoteDispatchDomainMigratePrepareTunnel3Params(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_migrate_prepare_tunnel3_params_args *args,
|
|
|
|
|
remote_domain_migrate_prepare_tunnel3_params_ret *ret)
|
2013-05-20 14:59:08 +00:00
|
|
|
{
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
|
|
|
|
int nparams = 0;
|
|
|
|
|
char *cookieout = NULL;
|
|
|
|
|
int cookieoutlen = 0;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
virStreamPtr st = NULL;
|
|
|
|
|
daemonClientStreamPtr stream = NULL;
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-19 13:55:21 +00:00
|
|
|
if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many migration parameters '%d' for limit '%d'"),
|
|
|
|
|
args->params.params_len, REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-20 14:59:08 +00:00
|
|
|
if (!(params = remoteDeserializeTypedParameters(args->params.params_val,
|
|
|
|
|
args->params.params_len,
|
|
|
|
|
0, &nparams)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (!(st = virStreamNew(priv->conn, VIR_STREAM_NONBLOCK)) ||
|
|
|
|
|
!(stream = daemonCreateClientStream(client, st, remoteProgram,
|
|
|
|
|
&msg->header)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (virDomainMigratePrepareTunnel3Params(priv->conn, st, params, nparams,
|
|
|
|
|
args->cookie_in.cookie_in_val,
|
|
|
|
|
args->cookie_in.cookie_in_len,
|
|
|
|
|
&cookieout, &cookieoutlen,
|
|
|
|
|
args->flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (daemonAddClientStream(client, stream, false) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->cookie_out.cookie_out_val = cookieout;
|
|
|
|
|
ret->cookie_out.cookie_out_len = cookieoutlen;
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2013-05-20 14:59:08 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
|
|
|
|
if (rv < 0) {
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
VIR_FREE(cookieout);
|
|
|
|
|
if (stream) {
|
|
|
|
|
virStreamAbort(st);
|
|
|
|
|
daemonFreeClientStream(client, stream);
|
|
|
|
|
} else {
|
|
|
|
|
virStreamFree(st);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2013-09-03 20:36:20 +00:00
|
|
|
remoteDispatchDomainMigratePerform3Params(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_migrate_perform3_params_args *args,
|
|
|
|
|
remote_domain_migrate_perform3_params_ret *ret)
|
2013-05-20 14:59:08 +00:00
|
|
|
{
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
|
|
|
|
int nparams = 0;
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
char *cookieout = NULL;
|
|
|
|
|
int cookieoutlen = 0;
|
|
|
|
|
char *dconnuri;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-19 13:55:21 +00:00
|
|
|
if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many migration parameters '%d' for limit '%d'"),
|
|
|
|
|
args->params.params_len, REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-20 14:59:08 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (!(params = remoteDeserializeTypedParameters(args->params.params_val,
|
|
|
|
|
args->params.params_len,
|
|
|
|
|
0, &nparams)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
dconnuri = args->dconnuri == NULL ? NULL : *args->dconnuri;
|
|
|
|
|
|
|
|
|
|
if (virDomainMigratePerform3Params(dom, dconnuri, params, nparams,
|
|
|
|
|
args->cookie_in.cookie_in_val,
|
|
|
|
|
args->cookie_in.cookie_in_len,
|
|
|
|
|
&cookieout, &cookieoutlen,
|
|
|
|
|
args->flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
ret->cookie_out.cookie_out_len = cookieoutlen;
|
|
|
|
|
ret->cookie_out.cookie_out_val = cookieout;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2013-05-20 14:59:08 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
|
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2013-09-03 20:36:20 +00:00
|
|
|
remoteDispatchDomainMigrateFinish3Params(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_migrate_finish3_params_args *args,
|
|
|
|
|
remote_domain_migrate_finish3_params_ret *ret)
|
2013-05-20 14:59:08 +00:00
|
|
|
{
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
|
|
|
|
int nparams = 0;
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
char *cookieout = NULL;
|
|
|
|
|
int cookieoutlen = 0;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-19 13:55:21 +00:00
|
|
|
if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many migration parameters '%d' for limit '%d'"),
|
|
|
|
|
args->params.params_len, REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-20 14:59:08 +00:00
|
|
|
if (!(params = remoteDeserializeTypedParameters(args->params.params_val,
|
|
|
|
|
args->params.params_len,
|
|
|
|
|
0, &nparams)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
dom = virDomainMigrateFinish3Params(priv->conn, params, nparams,
|
|
|
|
|
args->cookie_in.cookie_in_val,
|
|
|
|
|
args->cookie_in.cookie_in_len,
|
|
|
|
|
&cookieout, &cookieoutlen,
|
|
|
|
|
args->flags, args->cancelled);
|
|
|
|
|
if (!dom)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
make_nonnull_domain(&ret->dom, dom);
|
|
|
|
|
|
|
|
|
|
ret->cookie_out.cookie_out_len = cookieoutlen;
|
|
|
|
|
ret->cookie_out.cookie_out_val = cookieout;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2013-05-20 14:59:08 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
|
|
|
|
if (rv < 0) {
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
VIR_FREE(cookieout);
|
|
|
|
|
}
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2013-09-03 20:36:20 +00:00
|
|
|
remoteDispatchDomainMigrateConfirm3Params(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_migrate_confirm3_params_args *args)
|
2013-05-20 14:59:08 +00:00
|
|
|
{
|
|
|
|
|
virTypedParameterPtr params = NULL;
|
|
|
|
|
int nparams = 0;
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-19 13:55:21 +00:00
|
|
|
if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many migration parameters '%d' for limit '%d'"),
|
|
|
|
|
args->params.params_len, REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-20 14:59:08 +00:00
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (!(params = remoteDeserializeTypedParameters(args->params.params_val,
|
|
|
|
|
args->params.params_len,
|
|
|
|
|
0, &nparams)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (virDomainMigrateConfirm3Params(dom, params, nparams,
|
|
|
|
|
args->cookie_in.cookie_in_val,
|
|
|
|
|
args->cookie_in.cookie_in_len,
|
|
|
|
|
args->flags, args->cancelled) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2013-05-20 14:59:08 +00:00
|
|
|
virTypedParamsFree(params, nparams);
|
|
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2013-09-23 09:46:00 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchConnectGetCPUModelNames(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_connect_get_cpu_model_names_args *args,
|
|
|
|
|
remote_connect_get_cpu_model_names_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
int len, rv = -1;
|
|
|
|
|
char **models = NULL;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
len = virConnectGetCPUModelNames(priv->conn, args->arch,
|
|
|
|
|
args->need_results ? &models : NULL,
|
|
|
|
|
args->flags);
|
|
|
|
|
if (len < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (len > REMOTE_CONNECT_CPU_MODELS_MAX) {
|
|
|
|
|
virReportError(VIR_ERR_RPC,
|
|
|
|
|
_("Too many CPU models '%d' for limit '%d'"),
|
|
|
|
|
len, REMOTE_CONNECT_CPU_MODELS_MAX);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (len && models) {
|
|
|
|
|
ret->models.models_val = models;
|
|
|
|
|
ret->models.models_len = len;
|
|
|
|
|
models = NULL;
|
|
|
|
|
} else {
|
|
|
|
|
ret->models.models_val = NULL;
|
|
|
|
|
ret->models.models_len = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret->ret = len;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2013-09-23 09:46:00 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
virStringFreeList(models);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2013-09-03 20:36:20 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchDomainCreateXMLWithFiles(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_create_xml_with_files_args *args,
|
|
|
|
|
remote_domain_create_xml_with_files_ret *ret)
|
2013-07-09 17:03:18 +00:00
|
|
|
{
|
|
|
|
|
int rv = -1;
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
int *files = NULL;
|
|
|
|
|
unsigned int nfiles = 0;
|
|
|
|
|
size_t i;
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (VIR_ALLOC_N(files, msg->nfds) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
for (i = 0; i < msg->nfds; i++) {
|
|
|
|
|
if ((files[i] = virNetMessageDupFD(msg, i)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
nfiles++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((dom = virDomainCreateXMLWithFiles(priv->conn, args->xml_desc,
|
|
|
|
|
nfiles, files,
|
|
|
|
|
args->flags)) == NULL)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
make_nonnull_domain(&ret->dom, dom);
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2013-07-09 17:03:18 +00:00
|
|
|
for (i = 0; i < nfiles; i++) {
|
|
|
|
|
VIR_FORCE_CLOSE(files[i]);
|
|
|
|
|
}
|
|
|
|
|
VIR_FREE(files);
|
|
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2013-09-03 20:36:20 +00:00
|
|
|
static int remoteDispatchDomainCreateWithFiles(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr,
|
|
|
|
|
remote_domain_create_with_files_args *args,
|
|
|
|
|
remote_domain_create_with_files_ret *ret)
|
2013-07-09 17:03:18 +00:00
|
|
|
{
|
|
|
|
|
int rv = -1;
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
int *files = NULL;
|
|
|
|
|
unsigned int nfiles = 0;
|
|
|
|
|
size_t i;
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (VIR_ALLOC_N(files, msg->nfds) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
for (i = 0; i < msg->nfds; i++) {
|
|
|
|
|
if ((files[i] = virNetMessageDupFD(msg, i)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
nfiles++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (virDomainCreateWithFiles(dom,
|
|
|
|
|
nfiles, files,
|
|
|
|
|
args->flags) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
make_nonnull_domain(&ret->dom, dom);
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2013-07-09 17:03:18 +00:00
|
|
|
for (i = 0; i < nfiles; i++) {
|
|
|
|
|
VIR_FORCE_CLOSE(files[i]);
|
|
|
|
|
}
|
|
|
|
|
VIR_FREE(files);
|
|
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2013-12-11 10:38:01 +00:00
|
|
|
static int
|
|
|
|
|
remoteDispatchConnectNetworkEventRegisterAny(virNetServerPtr server ATTRIBUTE_UNUSED,
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
virNetServerClientPtr client,
|
2013-12-11 10:38:01 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED,
|
|
|
|
|
remote_connect_network_event_register_any_args *args,
|
event: wire up RPC for server-side network event filtering
We haven't had a release with network events yet, so we are free
to fix the RPC so that it actually does what we want. Doing
client-side filtering of per-network events is inefficient if a
connection is only interested in events on a single network out
of hundreds available on the server. But to do server-side
per-network filtering, the server needs to know which network
to filter on - so we need to pass an optional network over on
registration. Furthermore, it is possible to have a client with
both a global and per-network filter; in the existing code, the
server sends only one event and the client replicates to both
callbacks. But with server-side filtering, the server will send
the event twice, so we need a way for the client to know which
callbackID is sending an event, to ensure that the client can
filter out events from a registration that does not match the
callbackID from the server. Likewise, the existing style of
deregistering by eventID alone is fine; but in the new style,
we have to remember which callbackID to delete.
This patch fixes the RPC wire definition to contain all the
needed pieces of information, and hooks into the server and
client side improvements of the previous patches, in order to
switch over to full server-side filtering of network events.
Also, since we fixed this in time, all released versions of
libvirtd that support network events also support per-network
filtering, so we can hard-code that assumption into
network_event.c.
Converting domain events to server-side filtering will require
the introduction of new RPC numbers, as well as a server
feature bit that the client can use to tell whether to use
old-style (server only supports global events) or new-style
(server supports filtered events), so that is deferred to a
later set of patches.
* src/conf/network_event.c (virNetworkEventStateRegisterClient):
Assume server-side filtering.
* src/remote/remote_protocol.x
(remote_connect_network_event_register_any_args): Add network
argument.
(remote_connect_network_event_register_any_ret): Return callbackID
instead of count.
(remote_connect_network_event_deregister_any_args): Pass
callbackID instead of eventID.
(remote_connect_network_event_deregister_any_ret): Drop unused
type.
(remote_network_event_lifecycle_msg): Add callbackID.
* daemon/remote.c
(remoteDispatchConnectNetworkEventDeregisterAny): Drop unused arg,
and deal with callbackID from client.
(remoteRelayNetworkEventLifecycle): Pass callbackID.
(remoteDispatchConnectNetworkEventRegisterAny): Likewise, and
recognize non-NULL network.
* src/remote/remote_driver.c
(remoteConnectNetworkEventRegisterAny): Pass network, and track
server side id.
(remoteConnectNetworkEventDeregisterAny): Deregister by callback id.
(remoteNetworkBuildEventLifecycle): Pass remote id to event queue.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:24:22 +00:00
|
|
|
remote_connect_network_event_register_any_ret *ret)
|
2013-12-11 10:38:01 +00:00
|
|
|
{
|
|
|
|
|
int callbackID;
|
|
|
|
|
int rv = -1;
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
daemonClientEventCallbackPtr callback = NULL;
|
|
|
|
|
daemonClientEventCallbackPtr ref;
|
2013-12-11 10:38:01 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
event: wire up RPC for server-side network event filtering
We haven't had a release with network events yet, so we are free
to fix the RPC so that it actually does what we want. Doing
client-side filtering of per-network events is inefficient if a
connection is only interested in events on a single network out
of hundreds available on the server. But to do server-side
per-network filtering, the server needs to know which network
to filter on - so we need to pass an optional network over on
registration. Furthermore, it is possible to have a client with
both a global and per-network filter; in the existing code, the
server sends only one event and the client replicates to both
callbacks. But with server-side filtering, the server will send
the event twice, so we need a way for the client to know which
callbackID is sending an event, to ensure that the client can
filter out events from a registration that does not match the
callbackID from the server. Likewise, the existing style of
deregistering by eventID alone is fine; but in the new style,
we have to remember which callbackID to delete.
This patch fixes the RPC wire definition to contain all the
needed pieces of information, and hooks into the server and
client side improvements of the previous patches, in order to
switch over to full server-side filtering of network events.
Also, since we fixed this in time, all released versions of
libvirtd that support network events also support per-network
filtering, so we can hard-code that assumption into
network_event.c.
Converting domain events to server-side filtering will require
the introduction of new RPC numbers, as well as a server
feature bit that the client can use to tell whether to use
old-style (server only supports global events) or new-style
(server supports filtered events), so that is deferred to a
later set of patches.
* src/conf/network_event.c (virNetworkEventStateRegisterClient):
Assume server-side filtering.
* src/remote/remote_protocol.x
(remote_connect_network_event_register_any_args): Add network
argument.
(remote_connect_network_event_register_any_ret): Return callbackID
instead of count.
(remote_connect_network_event_deregister_any_args): Pass
callbackID instead of eventID.
(remote_connect_network_event_deregister_any_ret): Drop unused
type.
(remote_network_event_lifecycle_msg): Add callbackID.
* daemon/remote.c
(remoteDispatchConnectNetworkEventDeregisterAny): Drop unused arg,
and deal with callbackID from client.
(remoteRelayNetworkEventLifecycle): Pass callbackID.
(remoteDispatchConnectNetworkEventRegisterAny): Likewise, and
recognize non-NULL network.
* src/remote/remote_driver.c
(remoteConnectNetworkEventRegisterAny): Pass network, and track
server side id.
(remoteConnectNetworkEventDeregisterAny): Deregister by callback id.
(remoteNetworkBuildEventLifecycle): Pass remote id to event queue.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:24:22 +00:00
|
|
|
virNetworkPtr net = NULL;
|
2013-12-11 10:38:01 +00:00
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
virMutexLock(&priv->lock);
|
|
|
|
|
|
event: wire up RPC for server-side network event filtering
We haven't had a release with network events yet, so we are free
to fix the RPC so that it actually does what we want. Doing
client-side filtering of per-network events is inefficient if a
connection is only interested in events on a single network out
of hundreds available on the server. But to do server-side
per-network filtering, the server needs to know which network
to filter on - so we need to pass an optional network over on
registration. Furthermore, it is possible to have a client with
both a global and per-network filter; in the existing code, the
server sends only one event and the client replicates to both
callbacks. But with server-side filtering, the server will send
the event twice, so we need a way for the client to know which
callbackID is sending an event, to ensure that the client can
filter out events from a registration that does not match the
callbackID from the server. Likewise, the existing style of
deregistering by eventID alone is fine; but in the new style,
we have to remember which callbackID to delete.
This patch fixes the RPC wire definition to contain all the
needed pieces of information, and hooks into the server and
client side improvements of the previous patches, in order to
switch over to full server-side filtering of network events.
Also, since we fixed this in time, all released versions of
libvirtd that support network events also support per-network
filtering, so we can hard-code that assumption into
network_event.c.
Converting domain events to server-side filtering will require
the introduction of new RPC numbers, as well as a server
feature bit that the client can use to tell whether to use
old-style (server only supports global events) or new-style
(server supports filtered events), so that is deferred to a
later set of patches.
* src/conf/network_event.c (virNetworkEventStateRegisterClient):
Assume server-side filtering.
* src/remote/remote_protocol.x
(remote_connect_network_event_register_any_args): Add network
argument.
(remote_connect_network_event_register_any_ret): Return callbackID
instead of count.
(remote_connect_network_event_deregister_any_args): Pass
callbackID instead of eventID.
(remote_connect_network_event_deregister_any_ret): Drop unused
type.
(remote_network_event_lifecycle_msg): Add callbackID.
* daemon/remote.c
(remoteDispatchConnectNetworkEventDeregisterAny): Drop unused arg,
and deal with callbackID from client.
(remoteRelayNetworkEventLifecycle): Pass callbackID.
(remoteDispatchConnectNetworkEventRegisterAny): Likewise, and
recognize non-NULL network.
* src/remote/remote_driver.c
(remoteConnectNetworkEventRegisterAny): Pass network, and track
server side id.
(remoteConnectNetworkEventDeregisterAny): Deregister by callback id.
(remoteNetworkBuildEventLifecycle): Pass remote id to event queue.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:24:22 +00:00
|
|
|
if (args->net &&
|
|
|
|
|
!(net = get_nonnull_network(priv->conn, *args->net)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
if (args->eventID >= VIR_NETWORK_EVENT_ID_LAST || args->eventID < 0) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("unsupported network event ID %d"), args->eventID);
|
2013-12-11 10:38:01 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
/* If we call register first, we could append a complete callback
|
|
|
|
|
* to our array, but on OOM append failure, we'd have to then hope
|
|
|
|
|
* deregister works to undo our register. So instead we append an
|
|
|
|
|
* incomplete callback to our array, then register, then fix up
|
|
|
|
|
* our callback; but since VIR_APPEND_ELEMENT clears 'callback' on
|
|
|
|
|
* success, we use 'ref' to save a copy of the pointer. */
|
|
|
|
|
if (VIR_ALLOC(callback) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
callback->client = client;
|
|
|
|
|
callback->eventID = args->eventID;
|
|
|
|
|
callback->callbackID = -1;
|
|
|
|
|
ref = callback;
|
|
|
|
|
if (VIR_APPEND_ELEMENT(priv->networkEventCallbacks,
|
|
|
|
|
priv->nnetworkEventCallbacks,
|
|
|
|
|
callback) < 0)
|
2013-12-11 10:38:01 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if ((callbackID = virConnectNetworkEventRegisterAny(priv->conn,
|
event: wire up RPC for server-side network event filtering
We haven't had a release with network events yet, so we are free
to fix the RPC so that it actually does what we want. Doing
client-side filtering of per-network events is inefficient if a
connection is only interested in events on a single network out
of hundreds available on the server. But to do server-side
per-network filtering, the server needs to know which network
to filter on - so we need to pass an optional network over on
registration. Furthermore, it is possible to have a client with
both a global and per-network filter; in the existing code, the
server sends only one event and the client replicates to both
callbacks. But with server-side filtering, the server will send
the event twice, so we need a way for the client to know which
callbackID is sending an event, to ensure that the client can
filter out events from a registration that does not match the
callbackID from the server. Likewise, the existing style of
deregistering by eventID alone is fine; but in the new style,
we have to remember which callbackID to delete.
This patch fixes the RPC wire definition to contain all the
needed pieces of information, and hooks into the server and
client side improvements of the previous patches, in order to
switch over to full server-side filtering of network events.
Also, since we fixed this in time, all released versions of
libvirtd that support network events also support per-network
filtering, so we can hard-code that assumption into
network_event.c.
Converting domain events to server-side filtering will require
the introduction of new RPC numbers, as well as a server
feature bit that the client can use to tell whether to use
old-style (server only supports global events) or new-style
(server supports filtered events), so that is deferred to a
later set of patches.
* src/conf/network_event.c (virNetworkEventStateRegisterClient):
Assume server-side filtering.
* src/remote/remote_protocol.x
(remote_connect_network_event_register_any_args): Add network
argument.
(remote_connect_network_event_register_any_ret): Return callbackID
instead of count.
(remote_connect_network_event_deregister_any_args): Pass
callbackID instead of eventID.
(remote_connect_network_event_deregister_any_ret): Drop unused
type.
(remote_network_event_lifecycle_msg): Add callbackID.
* daemon/remote.c
(remoteDispatchConnectNetworkEventDeregisterAny): Drop unused arg,
and deal with callbackID from client.
(remoteRelayNetworkEventLifecycle): Pass callbackID.
(remoteDispatchConnectNetworkEventRegisterAny): Likewise, and
recognize non-NULL network.
* src/remote/remote_driver.c
(remoteConnectNetworkEventRegisterAny): Pass network, and track
server side id.
(remoteConnectNetworkEventDeregisterAny): Deregister by callback id.
(remoteNetworkBuildEventLifecycle): Pass remote id to event queue.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:24:22 +00:00
|
|
|
net,
|
2013-12-11 10:38:01 +00:00
|
|
|
args->eventID,
|
|
|
|
|
networkEventCallbacks[args->eventID],
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
ref,
|
|
|
|
|
remoteEventCallbackFree)) < 0) {
|
|
|
|
|
VIR_SHRINK_N(priv->networkEventCallbacks,
|
|
|
|
|
priv->nnetworkEventCallbacks, 1);
|
|
|
|
|
callback = ref;
|
2013-12-11 10:38:01 +00:00
|
|
|
goto cleanup;
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
}
|
2013-12-11 10:38:01 +00:00
|
|
|
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
ref->callbackID = callbackID;
|
event: wire up RPC for server-side network event filtering
We haven't had a release with network events yet, so we are free
to fix the RPC so that it actually does what we want. Doing
client-side filtering of per-network events is inefficient if a
connection is only interested in events on a single network out
of hundreds available on the server. But to do server-side
per-network filtering, the server needs to know which network
to filter on - so we need to pass an optional network over on
registration. Furthermore, it is possible to have a client with
both a global and per-network filter; in the existing code, the
server sends only one event and the client replicates to both
callbacks. But with server-side filtering, the server will send
the event twice, so we need a way for the client to know which
callbackID is sending an event, to ensure that the client can
filter out events from a registration that does not match the
callbackID from the server. Likewise, the existing style of
deregistering by eventID alone is fine; but in the new style,
we have to remember which callbackID to delete.
This patch fixes the RPC wire definition to contain all the
needed pieces of information, and hooks into the server and
client side improvements of the previous patches, in order to
switch over to full server-side filtering of network events.
Also, since we fixed this in time, all released versions of
libvirtd that support network events also support per-network
filtering, so we can hard-code that assumption into
network_event.c.
Converting domain events to server-side filtering will require
the introduction of new RPC numbers, as well as a server
feature bit that the client can use to tell whether to use
old-style (server only supports global events) or new-style
(server supports filtered events), so that is deferred to a
later set of patches.
* src/conf/network_event.c (virNetworkEventStateRegisterClient):
Assume server-side filtering.
* src/remote/remote_protocol.x
(remote_connect_network_event_register_any_args): Add network
argument.
(remote_connect_network_event_register_any_ret): Return callbackID
instead of count.
(remote_connect_network_event_deregister_any_args): Pass
callbackID instead of eventID.
(remote_connect_network_event_deregister_any_ret): Drop unused
type.
(remote_network_event_lifecycle_msg): Add callbackID.
* daemon/remote.c
(remoteDispatchConnectNetworkEventDeregisterAny): Drop unused arg,
and deal with callbackID from client.
(remoteRelayNetworkEventLifecycle): Pass callbackID.
(remoteDispatchConnectNetworkEventRegisterAny): Likewise, and
recognize non-NULL network.
* src/remote/remote_driver.c
(remoteConnectNetworkEventRegisterAny): Pass network, and track
server side id.
(remoteConnectNetworkEventDeregisterAny): Deregister by callback id.
(remoteNetworkBuildEventLifecycle): Pass remote id to event queue.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:24:22 +00:00
|
|
|
ret->callbackID = callbackID;
|
2013-12-11 10:38:01 +00:00
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
VIR_FREE(callback);
|
2013-12-11 10:38:01 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
event: wire up RPC for server-side network event filtering
We haven't had a release with network events yet, so we are free
to fix the RPC so that it actually does what we want. Doing
client-side filtering of per-network events is inefficient if a
connection is only interested in events on a single network out
of hundreds available on the server. But to do server-side
per-network filtering, the server needs to know which network
to filter on - so we need to pass an optional network over on
registration. Furthermore, it is possible to have a client with
both a global and per-network filter; in the existing code, the
server sends only one event and the client replicates to both
callbacks. But with server-side filtering, the server will send
the event twice, so we need a way for the client to know which
callbackID is sending an event, to ensure that the client can
filter out events from a registration that does not match the
callbackID from the server. Likewise, the existing style of
deregistering by eventID alone is fine; but in the new style,
we have to remember which callbackID to delete.
This patch fixes the RPC wire definition to contain all the
needed pieces of information, and hooks into the server and
client side improvements of the previous patches, in order to
switch over to full server-side filtering of network events.
Also, since we fixed this in time, all released versions of
libvirtd that support network events also support per-network
filtering, so we can hard-code that assumption into
network_event.c.
Converting domain events to server-side filtering will require
the introduction of new RPC numbers, as well as a server
feature bit that the client can use to tell whether to use
old-style (server only supports global events) or new-style
(server supports filtered events), so that is deferred to a
later set of patches.
* src/conf/network_event.c (virNetworkEventStateRegisterClient):
Assume server-side filtering.
* src/remote/remote_protocol.x
(remote_connect_network_event_register_any_args): Add network
argument.
(remote_connect_network_event_register_any_ret): Return callbackID
instead of count.
(remote_connect_network_event_deregister_any_args): Pass
callbackID instead of eventID.
(remote_connect_network_event_deregister_any_ret): Drop unused
type.
(remote_network_event_lifecycle_msg): Add callbackID.
* daemon/remote.c
(remoteDispatchConnectNetworkEventDeregisterAny): Drop unused arg,
and deal with callbackID from client.
(remoteRelayNetworkEventLifecycle): Pass callbackID.
(remoteDispatchConnectNetworkEventRegisterAny): Likewise, and
recognize non-NULL network.
* src/remote/remote_driver.c
(remoteConnectNetworkEventRegisterAny): Pass network, and track
server side id.
(remoteConnectNetworkEventDeregisterAny): Deregister by callback id.
(remoteNetworkBuildEventLifecycle): Pass remote id to event queue.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:24:22 +00:00
|
|
|
if (net)
|
|
|
|
|
virNetworkFree(net);
|
2013-12-11 10:38:01 +00:00
|
|
|
virMutexUnlock(&priv->lock);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
remoteDispatchConnectNetworkEventDeregisterAny(virNetServerPtr server ATTRIBUTE_UNUSED,
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
virNetServerClientPtr client,
|
2013-12-11 10:38:01 +00:00
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED,
|
event: wire up RPC for server-side network event filtering
We haven't had a release with network events yet, so we are free
to fix the RPC so that it actually does what we want. Doing
client-side filtering of per-network events is inefficient if a
connection is only interested in events on a single network out
of hundreds available on the server. But to do server-side
per-network filtering, the server needs to know which network
to filter on - so we need to pass an optional network over on
registration. Furthermore, it is possible to have a client with
both a global and per-network filter; in the existing code, the
server sends only one event and the client replicates to both
callbacks. But with server-side filtering, the server will send
the event twice, so we need a way for the client to know which
callbackID is sending an event, to ensure that the client can
filter out events from a registration that does not match the
callbackID from the server. Likewise, the existing style of
deregistering by eventID alone is fine; but in the new style,
we have to remember which callbackID to delete.
This patch fixes the RPC wire definition to contain all the
needed pieces of information, and hooks into the server and
client side improvements of the previous patches, in order to
switch over to full server-side filtering of network events.
Also, since we fixed this in time, all released versions of
libvirtd that support network events also support per-network
filtering, so we can hard-code that assumption into
network_event.c.
Converting domain events to server-side filtering will require
the introduction of new RPC numbers, as well as a server
feature bit that the client can use to tell whether to use
old-style (server only supports global events) or new-style
(server supports filtered events), so that is deferred to a
later set of patches.
* src/conf/network_event.c (virNetworkEventStateRegisterClient):
Assume server-side filtering.
* src/remote/remote_protocol.x
(remote_connect_network_event_register_any_args): Add network
argument.
(remote_connect_network_event_register_any_ret): Return callbackID
instead of count.
(remote_connect_network_event_deregister_any_args): Pass
callbackID instead of eventID.
(remote_connect_network_event_deregister_any_ret): Drop unused
type.
(remote_network_event_lifecycle_msg): Add callbackID.
* daemon/remote.c
(remoteDispatchConnectNetworkEventDeregisterAny): Drop unused arg,
and deal with callbackID from client.
(remoteRelayNetworkEventLifecycle): Pass callbackID.
(remoteDispatchConnectNetworkEventRegisterAny): Likewise, and
recognize non-NULL network.
* src/remote/remote_driver.c
(remoteConnectNetworkEventRegisterAny): Pass network, and track
server side id.
(remoteConnectNetworkEventDeregisterAny): Deregister by callback id.
(remoteNetworkBuildEventLifecycle): Pass remote id to event queue.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:24:22 +00:00
|
|
|
remote_connect_network_event_deregister_any_args *args)
|
2013-12-11 10:38:01 +00:00
|
|
|
{
|
|
|
|
|
int rv = -1;
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
size_t i;
|
2013-12-11 10:38:01 +00:00
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
virMutexLock(&priv->lock);
|
|
|
|
|
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
for (i = 0; i < priv->nnetworkEventCallbacks; i++) {
|
event: wire up RPC for server-side network event filtering
We haven't had a release with network events yet, so we are free
to fix the RPC so that it actually does what we want. Doing
client-side filtering of per-network events is inefficient if a
connection is only interested in events on a single network out
of hundreds available on the server. But to do server-side
per-network filtering, the server needs to know which network
to filter on - so we need to pass an optional network over on
registration. Furthermore, it is possible to have a client with
both a global and per-network filter; in the existing code, the
server sends only one event and the client replicates to both
callbacks. But with server-side filtering, the server will send
the event twice, so we need a way for the client to know which
callbackID is sending an event, to ensure that the client can
filter out events from a registration that does not match the
callbackID from the server. Likewise, the existing style of
deregistering by eventID alone is fine; but in the new style,
we have to remember which callbackID to delete.
This patch fixes the RPC wire definition to contain all the
needed pieces of information, and hooks into the server and
client side improvements of the previous patches, in order to
switch over to full server-side filtering of network events.
Also, since we fixed this in time, all released versions of
libvirtd that support network events also support per-network
filtering, so we can hard-code that assumption into
network_event.c.
Converting domain events to server-side filtering will require
the introduction of new RPC numbers, as well as a server
feature bit that the client can use to tell whether to use
old-style (server only supports global events) or new-style
(server supports filtered events), so that is deferred to a
later set of patches.
* src/conf/network_event.c (virNetworkEventStateRegisterClient):
Assume server-side filtering.
* src/remote/remote_protocol.x
(remote_connect_network_event_register_any_args): Add network
argument.
(remote_connect_network_event_register_any_ret): Return callbackID
instead of count.
(remote_connect_network_event_deregister_any_args): Pass
callbackID instead of eventID.
(remote_connect_network_event_deregister_any_ret): Drop unused
type.
(remote_network_event_lifecycle_msg): Add callbackID.
* daemon/remote.c
(remoteDispatchConnectNetworkEventDeregisterAny): Drop unused arg,
and deal with callbackID from client.
(remoteRelayNetworkEventLifecycle): Pass callbackID.
(remoteDispatchConnectNetworkEventRegisterAny): Likewise, and
recognize non-NULL network.
* src/remote/remote_driver.c
(remoteConnectNetworkEventRegisterAny): Pass network, and track
server side id.
(remoteConnectNetworkEventDeregisterAny): Deregister by callback id.
(remoteNetworkBuildEventLifecycle): Pass remote id to event queue.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:24:22 +00:00
|
|
|
if (priv->networkEventCallbacks[i]->callbackID == args->callbackID)
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
break;
|
|
|
|
|
}
|
event: wire up RPC for server-side network event filtering
We haven't had a release with network events yet, so we are free
to fix the RPC so that it actually does what we want. Doing
client-side filtering of per-network events is inefficient if a
connection is only interested in events on a single network out
of hundreds available on the server. But to do server-side
per-network filtering, the server needs to know which network
to filter on - so we need to pass an optional network over on
registration. Furthermore, it is possible to have a client with
both a global and per-network filter; in the existing code, the
server sends only one event and the client replicates to both
callbacks. But with server-side filtering, the server will send
the event twice, so we need a way for the client to know which
callbackID is sending an event, to ensure that the client can
filter out events from a registration that does not match the
callbackID from the server. Likewise, the existing style of
deregistering by eventID alone is fine; but in the new style,
we have to remember which callbackID to delete.
This patch fixes the RPC wire definition to contain all the
needed pieces of information, and hooks into the server and
client side improvements of the previous patches, in order to
switch over to full server-side filtering of network events.
Also, since we fixed this in time, all released versions of
libvirtd that support network events also support per-network
filtering, so we can hard-code that assumption into
network_event.c.
Converting domain events to server-side filtering will require
the introduction of new RPC numbers, as well as a server
feature bit that the client can use to tell whether to use
old-style (server only supports global events) or new-style
(server supports filtered events), so that is deferred to a
later set of patches.
* src/conf/network_event.c (virNetworkEventStateRegisterClient):
Assume server-side filtering.
* src/remote/remote_protocol.x
(remote_connect_network_event_register_any_args): Add network
argument.
(remote_connect_network_event_register_any_ret): Return callbackID
instead of count.
(remote_connect_network_event_deregister_any_args): Pass
callbackID instead of eventID.
(remote_connect_network_event_deregister_any_ret): Drop unused
type.
(remote_network_event_lifecycle_msg): Add callbackID.
* daemon/remote.c
(remoteDispatchConnectNetworkEventDeregisterAny): Drop unused arg,
and deal with callbackID from client.
(remoteRelayNetworkEventLifecycle): Pass callbackID.
(remoteDispatchConnectNetworkEventRegisterAny): Likewise, and
recognize non-NULL network.
* src/remote/remote_driver.c
(remoteConnectNetworkEventRegisterAny): Pass network, and track
server side id.
(remoteConnectNetworkEventDeregisterAny): Deregister by callback id.
(remoteNetworkBuildEventLifecycle): Pass remote id to event queue.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:24:22 +00:00
|
|
|
if (i == priv->nnetworkEventCallbacks) {
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
event: wire up RPC for server-side network event filtering
We haven't had a release with network events yet, so we are free
to fix the RPC so that it actually does what we want. Doing
client-side filtering of per-network events is inefficient if a
connection is only interested in events on a single network out
of hundreds available on the server. But to do server-side
per-network filtering, the server needs to know which network
to filter on - so we need to pass an optional network over on
registration. Furthermore, it is possible to have a client with
both a global and per-network filter; in the existing code, the
server sends only one event and the client replicates to both
callbacks. But with server-side filtering, the server will send
the event twice, so we need a way for the client to know which
callbackID is sending an event, to ensure that the client can
filter out events from a registration that does not match the
callbackID from the server. Likewise, the existing style of
deregistering by eventID alone is fine; but in the new style,
we have to remember which callbackID to delete.
This patch fixes the RPC wire definition to contain all the
needed pieces of information, and hooks into the server and
client side improvements of the previous patches, in order to
switch over to full server-side filtering of network events.
Also, since we fixed this in time, all released versions of
libvirtd that support network events also support per-network
filtering, so we can hard-code that assumption into
network_event.c.
Converting domain events to server-side filtering will require
the introduction of new RPC numbers, as well as a server
feature bit that the client can use to tell whether to use
old-style (server only supports global events) or new-style
(server supports filtered events), so that is deferred to a
later set of patches.
* src/conf/network_event.c (virNetworkEventStateRegisterClient):
Assume server-side filtering.
* src/remote/remote_protocol.x
(remote_connect_network_event_register_any_args): Add network
argument.
(remote_connect_network_event_register_any_ret): Return callbackID
instead of count.
(remote_connect_network_event_deregister_any_args): Pass
callbackID instead of eventID.
(remote_connect_network_event_deregister_any_ret): Drop unused
type.
(remote_network_event_lifecycle_msg): Add callbackID.
* daemon/remote.c
(remoteDispatchConnectNetworkEventDeregisterAny): Drop unused arg,
and deal with callbackID from client.
(remoteRelayNetworkEventLifecycle): Pass callbackID.
(remoteDispatchConnectNetworkEventRegisterAny): Likewise, and
recognize non-NULL network.
* src/remote/remote_driver.c
(remoteConnectNetworkEventRegisterAny): Pass network, and track
server side id.
(remoteConnectNetworkEventDeregisterAny): Deregister by callback id.
(remoteNetworkBuildEventLifecycle): Pass remote id to event queue.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:24:22 +00:00
|
|
|
_("network event callback %d not registered"),
|
|
|
|
|
args->callbackID);
|
2013-12-11 10:38:01 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
event: wire up RPC for server-side network event filtering
We haven't had a release with network events yet, so we are free
to fix the RPC so that it actually does what we want. Doing
client-side filtering of per-network events is inefficient if a
connection is only interested in events on a single network out
of hundreds available on the server. But to do server-side
per-network filtering, the server needs to know which network
to filter on - so we need to pass an optional network over on
registration. Furthermore, it is possible to have a client with
both a global and per-network filter; in the existing code, the
server sends only one event and the client replicates to both
callbacks. But with server-side filtering, the server will send
the event twice, so we need a way for the client to know which
callbackID is sending an event, to ensure that the client can
filter out events from a registration that does not match the
callbackID from the server. Likewise, the existing style of
deregistering by eventID alone is fine; but in the new style,
we have to remember which callbackID to delete.
This patch fixes the RPC wire definition to contain all the
needed pieces of information, and hooks into the server and
client side improvements of the previous patches, in order to
switch over to full server-side filtering of network events.
Also, since we fixed this in time, all released versions of
libvirtd that support network events also support per-network
filtering, so we can hard-code that assumption into
network_event.c.
Converting domain events to server-side filtering will require
the introduction of new RPC numbers, as well as a server
feature bit that the client can use to tell whether to use
old-style (server only supports global events) or new-style
(server supports filtered events), so that is deferred to a
later set of patches.
* src/conf/network_event.c (virNetworkEventStateRegisterClient):
Assume server-side filtering.
* src/remote/remote_protocol.x
(remote_connect_network_event_register_any_args): Add network
argument.
(remote_connect_network_event_register_any_ret): Return callbackID
instead of count.
(remote_connect_network_event_deregister_any_args): Pass
callbackID instead of eventID.
(remote_connect_network_event_deregister_any_ret): Drop unused
type.
(remote_network_event_lifecycle_msg): Add callbackID.
* daemon/remote.c
(remoteDispatchConnectNetworkEventDeregisterAny): Drop unused arg,
and deal with callbackID from client.
(remoteRelayNetworkEventLifecycle): Pass callbackID.
(remoteDispatchConnectNetworkEventRegisterAny): Likewise, and
recognize non-NULL network.
* src/remote/remote_driver.c
(remoteConnectNetworkEventRegisterAny): Pass network, and track
server side id.
(remoteConnectNetworkEventDeregisterAny): Deregister by callback id.
(remoteNetworkBuildEventLifecycle): Pass remote id to event queue.
* src/remote_protocol-structs: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-08 20:24:22 +00:00
|
|
|
if (virConnectNetworkEventDeregisterAny(priv->conn, args->callbackID) < 0)
|
2013-12-11 10:38:01 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
event: track callbackID on daemon side of RPC
Right now, the daemon side of RPC events is hard-coded to at most
one callback per eventID. But when there are hundreds of domains
or networks coupled and multiple conections, then sending every
event to every connection that wants an event, even for the
connections that only care about events for a particular object,
is inefficient. In order to track more than one callback in the
server, we need to store callbacks by more than just their
eventID. This patch rearranges the daemon side to store network
callbacks in a dynamic array, which can eventually be used for
multiple callbacks of the same eventID, although actual behavior
is unchanged without further patches to the RPC protocol. For
ease of review, domain events are saved for a later patch, as
they touch more code.
While at it, fix a bug where a malicious client could send a
negative eventID to cause network event registration to access
outside of array bounds (thankfully not a CVE, since domain
events were already doing the bounds check, and since network
events have not been released).
* daemon/libvirtd.h (daemonClientPrivate): Alter the tracking of
network events.
* daemon/remote.c (daemonClientEventCallback): New struct.
(remoteEventCallbackFree): New function.
(remoteClientInitHook, remoteRelayNetworkEventLifecycle)
(remoteClientFreeFunc)
(remoteDispatchConnectNetworkEventRegisterAny): Track network
callbacks differently.
(remoteDispatchConnectNetworkEventDeregisterAny): Enforce bounds.
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-05 19:37:17 +00:00
|
|
|
VIR_DELETE_ELEMENT(priv->networkEventCallbacks, i,
|
|
|
|
|
priv->nnetworkEventCallbacks);
|
2013-12-11 10:38:01 +00:00
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2014-01-29 22:30:44 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
virMutexUnlock(&priv->lock);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
qemuDispatchConnectDomainMonitorEventRegister(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED,
|
|
|
|
|
qemu_connect_domain_monitor_event_register_args *args,
|
|
|
|
|
qemu_connect_domain_monitor_event_register_ret *ret)
|
|
|
|
|
{
|
|
|
|
|
int callbackID;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
daemonClientEventCallbackPtr callback = NULL;
|
|
|
|
|
daemonClientEventCallbackPtr ref;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
virDomainPtr dom = NULL;
|
|
|
|
|
const char *event = args->event ? *args->event : NULL;
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
virMutexLock(&priv->lock);
|
|
|
|
|
|
|
|
|
|
if (args->dom &&
|
|
|
|
|
!(dom = get_nonnull_domain(priv->conn, *args->dom)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
/* If we call register first, we could append a complete callback
|
|
|
|
|
* to our array, but on OOM append failure, we'd have to then hope
|
|
|
|
|
* deregister works to undo our register. So instead we append an
|
|
|
|
|
* incomplete callback to our array, then register, then fix up
|
|
|
|
|
* our callback; but since VIR_APPEND_ELEMENT clears 'callback' on
|
|
|
|
|
* success, we use 'ref' to save a copy of the pointer. */
|
|
|
|
|
if (VIR_ALLOC(callback) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
callback->client = client;
|
|
|
|
|
callback->callbackID = -1;
|
|
|
|
|
ref = callback;
|
|
|
|
|
if (VIR_APPEND_ELEMENT(priv->qemuEventCallbacks,
|
|
|
|
|
priv->nqemuEventCallbacks,
|
|
|
|
|
callback) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if ((callbackID = virConnectDomainQemuMonitorEventRegister(priv->conn,
|
|
|
|
|
dom,
|
|
|
|
|
event,
|
|
|
|
|
remoteRelayDomainQemuMonitorEvent,
|
|
|
|
|
ref,
|
|
|
|
|
remoteEventCallbackFree,
|
|
|
|
|
args->flags)) < 0) {
|
|
|
|
|
VIR_SHRINK_N(priv->qemuEventCallbacks,
|
|
|
|
|
priv->nqemuEventCallbacks, 1);
|
|
|
|
|
callback = ref;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ref->callbackID = callbackID;
|
|
|
|
|
ret->callbackID = callbackID;
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2014-01-29 22:30:44 +00:00
|
|
|
VIR_FREE(callback);
|
|
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
if (dom)
|
|
|
|
|
virDomainFree(dom);
|
|
|
|
|
virMutexUnlock(&priv->lock);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
qemuDispatchConnectDomainMonitorEventDeregister(virNetServerPtr server ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetServerClientPtr client,
|
|
|
|
|
virNetMessagePtr msg ATTRIBUTE_UNUSED,
|
|
|
|
|
virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED,
|
|
|
|
|
qemu_connect_domain_monitor_event_deregister_args *args)
|
|
|
|
|
{
|
|
|
|
|
int rv = -1;
|
|
|
|
|
size_t i;
|
|
|
|
|
struct daemonClientPrivate *priv =
|
|
|
|
|
virNetServerClientGetPrivateData(client);
|
|
|
|
|
|
|
|
|
|
if (!priv->conn) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
virMutexLock(&priv->lock);
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < priv->nqemuEventCallbacks; i++) {
|
|
|
|
|
if (priv->qemuEventCallbacks[i]->callbackID == args->callbackID)
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if (i == priv->nqemuEventCallbacks) {
|
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("qemu monitor event callback %d not registered"),
|
|
|
|
|
args->callbackID);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virConnectDomainQemuMonitorEventDeregister(priv->conn,
|
|
|
|
|
args->callbackID) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
VIR_DELETE_ELEMENT(priv->qemuEventCallbacks, i,
|
|
|
|
|
priv->nqemuEventCallbacks);
|
|
|
|
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
cleanup:
|
2013-12-11 10:38:01 +00:00
|
|
|
if (rv < 0)
|
|
|
|
|
virNetMessageSaveError(rerr);
|
|
|
|
|
virMutexUnlock(&priv->lock);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
|
|
|
|
|
2013-07-09 17:03:18 +00:00
|
|
|
|
2007-06-11 11:47:01 +00:00
|
|
|
/*----- Helpers. -----*/
|
|
|
|
|
|
|
|
|
|
/* get_nonnull_domain and get_nonnull_network turn an on-wire
|
|
|
|
|
* (name, uuid) pair into virDomainPtr or virNetworkPtr object.
|
|
|
|
|
* virDomainPtr or virNetworkPtr cannot be NULL.
|
|
|
|
|
*
|
|
|
|
|
* NB. If these return NULL then the caller must return an error.
|
|
|
|
|
*/
|
|
|
|
|
static virDomainPtr
|
2011-04-12 16:34:30 +00:00
|
|
|
get_nonnull_domain(virConnectPtr conn, remote_nonnull_domain domain)
|
2007-06-11 11:47:01 +00:00
|
|
|
{
|
|
|
|
|
virDomainPtr dom;
|
2011-04-12 16:34:30 +00:00
|
|
|
dom = virGetDomain(conn, domain.name, BAD_CAST domain.uuid);
|
2007-06-11 11:47:01 +00:00
|
|
|
/* Should we believe the domain.id sent by the client? Maybe
|
|
|
|
|
* this should be a check rather than an assignment? XXX
|
|
|
|
|
*/
|
|
|
|
|
if (dom) dom->id = domain.id;
|
|
|
|
|
return dom;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static virNetworkPtr
|
2011-04-12 16:34:30 +00:00
|
|
|
get_nonnull_network(virConnectPtr conn, remote_nonnull_network network)
|
2007-06-11 11:47:01 +00:00
|
|
|
{
|
2011-04-12 16:34:30 +00:00
|
|
|
return virGetNetwork(conn, network.name, BAD_CAST network.uuid);
|
2007-06-11 11:47:01 +00:00
|
|
|
}
|
|
|
|
|
|
2009-05-20 14:26:49 +00:00
|
|
|
static virInterfacePtr
|
2011-04-12 16:34:30 +00:00
|
|
|
get_nonnull_interface(virConnectPtr conn, remote_nonnull_interface iface)
|
2009-05-20 14:26:49 +00:00
|
|
|
{
|
2011-04-12 16:34:30 +00:00
|
|
|
return virGetInterface(conn, iface.name, iface.mac);
|
2009-05-20 14:26:49 +00:00
|
|
|
}
|
|
|
|
|
|
2008-02-20 15:22:35 +00:00
|
|
|
static virStoragePoolPtr
|
2011-04-12 16:34:30 +00:00
|
|
|
get_nonnull_storage_pool(virConnectPtr conn, remote_nonnull_storage_pool pool)
|
2008-02-20 15:22:35 +00:00
|
|
|
{
|
2012-11-10 07:18:07 +00:00
|
|
|
return virGetStoragePool(conn, pool.name, BAD_CAST pool.uuid,
|
|
|
|
|
NULL, NULL);
|
2008-02-20 15:22:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static virStorageVolPtr
|
2011-04-12 16:34:30 +00:00
|
|
|
get_nonnull_storage_vol(virConnectPtr conn, remote_nonnull_storage_vol vol)
|
2008-02-20 15:22:35 +00:00
|
|
|
{
|
|
|
|
|
virStorageVolPtr ret;
|
2012-11-10 07:18:07 +00:00
|
|
|
ret = virGetStorageVol(conn, vol.pool, vol.name, vol.key,
|
|
|
|
|
NULL, NULL);
|
2008-02-20 15:22:35 +00:00
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2009-07-28 02:01:00 +00:00
|
|
|
static virSecretPtr
|
2011-04-12 16:34:30 +00:00
|
|
|
get_nonnull_secret(virConnectPtr conn, remote_nonnull_secret secret)
|
2009-07-28 02:01:00 +00:00
|
|
|
{
|
2011-04-12 16:34:30 +00:00
|
|
|
return virGetSecret(conn, BAD_CAST secret.uuid, secret.usageType, secret.usageID);
|
2009-07-28 02:01:00 +00:00
|
|
|
}
|
|
|
|
|
|
2010-03-25 17:46:03 +00:00
|
|
|
static virNWFilterPtr
|
2011-04-12 16:34:30 +00:00
|
|
|
get_nonnull_nwfilter(virConnectPtr conn, remote_nonnull_nwfilter nwfilter)
|
2010-03-25 17:46:03 +00:00
|
|
|
{
|
2011-04-12 16:34:30 +00:00
|
|
|
return virGetNWFilter(conn, nwfilter.name, BAD_CAST nwfilter.uuid);
|
2010-03-25 17:46:03 +00:00
|
|
|
}
|
|
|
|
|
|
2010-03-31 20:33:13 +00:00
|
|
|
static virDomainSnapshotPtr
|
2011-04-13 18:10:03 +00:00
|
|
|
get_nonnull_domain_snapshot(virDomainPtr dom, remote_nonnull_domain_snapshot snapshot)
|
2010-03-31 20:33:13 +00:00
|
|
|
{
|
2011-04-13 18:10:03 +00:00
|
|
|
return virGetDomainSnapshot(dom, snapshot.name);
|
2010-03-31 20:33:13 +00:00
|
|
|
}
|
|
|
|
|
|
2007-06-11 11:47:01 +00:00
|
|
|
/* Make remote_nonnull_domain and remote_nonnull_network. */
|
|
|
|
|
static void
|
2011-04-12 16:34:30 +00:00
|
|
|
make_nonnull_domain(remote_nonnull_domain *dom_dst, virDomainPtr dom_src)
|
2007-06-11 11:47:01 +00:00
|
|
|
{
|
|
|
|
|
dom_dst->id = dom_src->id;
|
2013-05-03 12:39:39 +00:00
|
|
|
ignore_value(VIR_STRDUP_QUIET(dom_dst->name, dom_src->name));
|
2011-04-12 16:34:30 +00:00
|
|
|
memcpy(dom_dst->uuid, dom_src->uuid, VIR_UUID_BUFLEN);
|
2007-06-11 11:47:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2011-04-12 16:34:30 +00:00
|
|
|
make_nonnull_network(remote_nonnull_network *net_dst, virNetworkPtr net_src)
|
2007-06-11 11:47:01 +00:00
|
|
|
{
|
2013-05-03 12:39:39 +00:00
|
|
|
ignore_value(VIR_STRDUP_QUIET(net_dst->name, net_src->name));
|
2011-04-12 16:34:30 +00:00
|
|
|
memcpy(net_dst->uuid, net_src->uuid, VIR_UUID_BUFLEN);
|
2007-06-11 11:47:01 +00:00
|
|
|
}
|
|
|
|
|
|
2009-05-20 14:26:49 +00:00
|
|
|
static void
|
2011-04-12 16:34:30 +00:00
|
|
|
make_nonnull_interface(remote_nonnull_interface *interface_dst,
|
|
|
|
|
virInterfacePtr interface_src)
|
2009-05-20 14:26:49 +00:00
|
|
|
{
|
2013-05-03 12:39:39 +00:00
|
|
|
ignore_value(VIR_STRDUP_QUIET(interface_dst->name, interface_src->name));
|
|
|
|
|
ignore_value(VIR_STRDUP_QUIET(interface_dst->mac, interface_src->mac));
|
2009-05-20 14:26:49 +00:00
|
|
|
}
|
|
|
|
|
|
2008-02-20 15:22:35 +00:00
|
|
|
static void
|
2011-04-12 16:34:30 +00:00
|
|
|
make_nonnull_storage_pool(remote_nonnull_storage_pool *pool_dst, virStoragePoolPtr pool_src)
|
2008-02-20 15:22:35 +00:00
|
|
|
{
|
2013-05-03 12:39:39 +00:00
|
|
|
ignore_value(VIR_STRDUP_QUIET(pool_dst->name, pool_src->name));
|
2011-04-12 16:34:30 +00:00
|
|
|
memcpy(pool_dst->uuid, pool_src->uuid, VIR_UUID_BUFLEN);
|
2008-02-20 15:22:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2011-04-12 16:34:30 +00:00
|
|
|
make_nonnull_storage_vol(remote_nonnull_storage_vol *vol_dst, virStorageVolPtr vol_src)
|
2008-02-20 15:22:35 +00:00
|
|
|
{
|
2013-05-03 12:39:39 +00:00
|
|
|
ignore_value(VIR_STRDUP_QUIET(vol_dst->pool, vol_src->pool));
|
|
|
|
|
ignore_value(VIR_STRDUP_QUIET(vol_dst->name, vol_src->name));
|
|
|
|
|
ignore_value(VIR_STRDUP_QUIET(vol_dst->key, vol_src->key));
|
2008-02-20 15:22:35 +00:00
|
|
|
}
|
2008-11-21 12:31:04 +00:00
|
|
|
|
|
|
|
|
static void
|
2011-04-12 16:34:30 +00:00
|
|
|
make_nonnull_node_device(remote_nonnull_node_device *dev_dst, virNodeDevicePtr dev_src)
|
2008-11-21 12:31:04 +00:00
|
|
|
{
|
2013-05-03 12:39:39 +00:00
|
|
|
ignore_value(VIR_STRDUP_QUIET(dev_dst->name, dev_src->name));
|
2008-11-21 12:31:04 +00:00
|
|
|
}
|
2009-07-28 02:01:00 +00:00
|
|
|
|
|
|
|
|
static void
|
2011-04-12 16:34:30 +00:00
|
|
|
make_nonnull_secret(remote_nonnull_secret *secret_dst, virSecretPtr secret_src)
|
2009-07-28 02:01:00 +00:00
|
|
|
{
|
2011-04-12 16:34:30 +00:00
|
|
|
memcpy(secret_dst->uuid, secret_src->uuid, VIR_UUID_BUFLEN);
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
secret_dst->usageType = secret_src->usageType;
|
2013-05-03 12:39:39 +00:00
|
|
|
ignore_value(VIR_STRDUP_QUIET(secret_dst->usageID, secret_src->usageID));
|
2009-07-28 02:01:00 +00:00
|
|
|
}
|
2010-03-25 17:46:03 +00:00
|
|
|
|
|
|
|
|
static void
|
2011-04-12 16:34:30 +00:00
|
|
|
make_nonnull_nwfilter(remote_nonnull_nwfilter *nwfilter_dst, virNWFilterPtr nwfilter_src)
|
2010-03-25 17:46:03 +00:00
|
|
|
{
|
2013-05-03 12:39:39 +00:00
|
|
|
ignore_value(VIR_STRDUP_QUIET(nwfilter_dst->name, nwfilter_src->name));
|
2011-04-12 16:34:30 +00:00
|
|
|
memcpy(nwfilter_dst->uuid, nwfilter_src->uuid, VIR_UUID_BUFLEN);
|
2010-03-25 17:46:03 +00:00
|
|
|
}
|
2010-03-31 20:33:13 +00:00
|
|
|
|
|
|
|
|
static void
|
2011-04-12 16:34:30 +00:00
|
|
|
make_nonnull_domain_snapshot(remote_nonnull_domain_snapshot *snapshot_dst, virDomainSnapshotPtr snapshot_src)
|
2010-03-31 20:33:13 +00:00
|
|
|
{
|
2013-05-03 12:39:39 +00:00
|
|
|
ignore_value(VIR_STRDUP_QUIET(snapshot_dst->name, snapshot_src->name));
|
2011-04-22 13:40:31 +00:00
|
|
|
make_nonnull_domain(&snapshot_dst->dom, snapshot_src->domain);
|
2010-03-31 20:33:13 +00:00
|
|
|
}
|
2012-01-31 06:42:31 +00:00
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
remoteSerializeDomainDiskErrors(virDomainDiskErrorPtr errors,
|
|
|
|
|
int nerrors,
|
|
|
|
|
remote_domain_disk_error **ret_errors_val,
|
|
|
|
|
u_int *ret_errors_len)
|
|
|
|
|
{
|
|
|
|
|
remote_domain_disk_error *val = NULL;
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t i = 0;
|
2012-01-31 06:42:31 +00:00
|
|
|
|
2013-07-04 09:58:18 +00:00
|
|
|
if (VIR_ALLOC_N(val, nerrors) < 0)
|
2013-05-03 12:39:39 +00:00
|
|
|
goto error;
|
2012-01-31 06:42:31 +00:00
|
|
|
|
|
|
|
|
for (i = 0; i < nerrors; i++) {
|
2013-05-03 12:39:39 +00:00
|
|
|
if (VIR_STRDUP(val[i].disk, errors[i].disk) < 0)
|
|
|
|
|
goto error;
|
2012-01-31 06:42:31 +00:00
|
|
|
val[i].error = errors[i].error;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*ret_errors_len = nerrors;
|
|
|
|
|
*ret_errors_val = val;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
2014-03-25 06:45:38 +00:00
|
|
|
error:
|
2012-01-31 06:42:31 +00:00
|
|
|
if (val) {
|
Convert 'int i' to 'size_t i' in daemon/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
size_t j;
|
2012-01-31 06:42:31 +00:00
|
|
|
for (j = 0; j < i; j++)
|
|
|
|
|
VIR_FREE(val[j].disk);
|
|
|
|
|
VIR_FREE(val);
|
|
|
|
|
}
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
