14970 Commits

Author SHA1 Message Date
Erik Skultety
e9478d9a8b util: virfile: Fix 'unknown cause' error if NFS mount point creation fails
This happens if user requires creation of a directory with specified
UID/GID permissions. To accomplish this, we use fork approach and
set particular UID/GID permissions in child process. However, child
process doesn't have a valid descriptor to a logfile (this is prohibited
explicitly) and since parent process doesn't handle negative exit codes from
child in any way, 'uknown cause' error is returned to the user.

Commit 92d9114e tweaked the way we handle child errors when using fork
approach to set specific permissions (features originally introduced
by 98f6f381). The same logic should be used to create directories with
specified permissions as well.

https://bugzilla.redhat.com/show_bug.cgi?id=1230137
2015-06-16 16:26:20 +02:00
Erik Skultety
fdcb057a28 util: virDirCreate: Child now exits with positive errno-code
Previous patch of this series proposed a fix to virDirCreate, so that parent
process reports an error if child process failed its task.
However our logic still permits the child to exit with negative errno followed
by a check of the status on the parent side using WEXITSTATUS which, being
POSIX compliant, takes the lower 8 bits of the exit code and returns is to
the caller. However, by taking 8 bits from a negative exit code
(two's complement) the status value we read and append to stream is
'2^8 - abs(original exit code)' which doesn't quite reflect the real cause when
compared to the meaning of errno values.
2015-06-16 16:26:20 +02:00
Eric W. Biederman
24710414d4 lxc: set nosuid+nodev+noexec flags on /proc/sys mount
Future kernels will mandate the use of nosuid+nodev+noexec
flags when mounting the /proc/sys filesystem. Unconditionally
add them now since they don't harm things regardless and could
mitigate future security attacks.
2015-06-16 14:44:36 +01:00
John Ferlan
ad5fd9b87b util: Fix Coverity RESOURCE_LEAK
Commit id 'e44b0269c9' in advertently checked !dir before calling closedir
2015-06-16 09:15:10 -04:00
Martin Kletzander
4ec52c364b lxc: Rename daemon to dmn
On older systems it shadows global declaration of daemon() function.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 14:59:33 +02:00
Martin Kletzander
58031cb4b5 netserver: Remove duplicate forward declaration
Commit fa14207368820b264123ba8429927b62258f996e added forward
declaration of virNetServerPtr into virnetserver.h even though we are
keeping these in virnetserverprogram.h due to older compilers having
problems with duplicate ones.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 14:58:00 +02:00
Martin Kletzander
40082a7000 Revert "rpc: Add virNetServerGetNClients"
This reverts commit 6bda9f8aa2cd07a3defda571c7d61401fd66c226.

I mistakenly pushed it along with the Admin API series.
2015-06-16 14:09:09 +02:00
Martin Kletzander
2cc6c652cf Revert "admin: Add virAdmHello function"
This reverts commit 5792fabb7b712749147e9d03348c798dc1943651.

I mistakenly pushed it along with the Admin API series.
2015-06-16 14:08:59 +02:00
Martin Kletzander
9a8d916e89 Change livbirt version to 1.3.0 for the next release
Since the background for Admin API is merged upstream, we are bumping
the minor release version as discussed previously

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 13:46:22 +02:00
Martin Kletzander
5792fabb7b admin: Add virAdmHello function
Just one of the simplest functions that returns string "Clients: X"
where X is the number of connected clients to daemon's first
subserver (the original one), so it can be tested using virsh, ipython,
etc.

The subserver is gathered by incrementing its reference
counter (similarly to getting qemu capabilities), so there is no
deadlock with admin subserver in this API.

Here you can see how functions should be named in the client (virAdm*)
and server (adm*).

There is also a parameter @flags that must be 0, which helps testing
proper error propagation into the client.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 13:46:21 +02:00
Martin Kletzander
6bda9f8aa2 rpc: Add virNetServerGetNClients
This function accesses the number of connected clients while properly
locking the server it returns the data about.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 13:46:21 +02:00
Martin Kletzander
55e0c840af Add libvirt-admin library
Initial scratch of the admin library.  It has its own virAdmConnectPtr
that inherits from virAbstractConnectPtr and thus trivially supports
error reporting.

There's pkg-config file added and spec-file adjusted as well.

Since the library should be "minimalistic" and not depend on any other
library, the list of files is especially crafted for it.  Most of them
could've been put to it's own sub-libraries that would be LIBADD'd to
libvirt_util, libvirt_net_rpc and libvirt_setuid_rpc_client to minimize
the number of object files being built, but that's a refactoring that
isn't the orginal aim of this commit.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 13:46:20 +02:00
Martin Kletzander
653acbfd62 Add admin error domain
Just the addition of VIR_FROM_ADMIN to the enum of error domains.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 13:46:20 +02:00
Martin Kletzander
fb5a0d3388 Build client headers for admin protocol
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 13:46:20 +02:00
Martin Kletzander
8c8bed02af Add admin protocol
For now there are only CONNECT_OPEN and CONNECT_CLOSE procedures.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 13:46:20 +02:00
Martin Kletzander
87c2687943 Teach gendispatch how to handle admin dispatching files
Since this is just a new option for gendispatch, it looks more like a
cleanup.  The only differences handled by it are connect pointers,
private pointers and API naming customs.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 13:46:20 +02:00
Martin Kletzander
fa14207368 Move daemon-related parts of virNetServer to virNetDaemon
This allows to have more servers in one daemon which helps isolating
some resources.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 13:46:19 +02:00
Cédric Bosdonnat
387cb8c6b2 lxc: properly clean up qemu-nbd
Add the qemu-nbd tasks to the container cgroup to make sure those will
be killed when the container is stopped. In order to reliably get the
qemu-nbd tasks PIDs, we use /sys/devices/virtual/block/<DEV>/pid as
qemu-nbd is daemonizing itself.
2015-06-16 12:38:11 +02:00
Cédric Bosdonnat
e44b0269c9 Add virProcessGetPids to get all tasks of a process
This function gets all the PIDs listed in /proc/PID/task. This will be
needed at least to move all qmeu-nbd tasks to the container cgroup.
2015-06-16 12:38:03 +02:00
John Ferlan
29230951f1 storage: Generate correct parameters for CIFS
https://bugzilla.redhat.com/show_bug.cgi?id=1186969

When generating the path to the dir for a CIFS/Samba driver, the code
would generate a source path for the mount using "%s:%s" while the
mount.cifs expects to see "//%s/%s". So check for the cifsfs and
format the source path appropriately.

Additionally, since there is no means to authenticate, the mount
needs a "-o guest" on the command line in order to anonymously mount
the Samba directory.
2015-06-15 17:25:47 -04:00
John Ferlan
257250f764 storage: Adjust command arglist for gluster
In order for the glusterfs boolean to be set, the pool->def->type must be
VIR_STORAGE_POOL_NETFS, thus the check within virCommandNewArgList whether
pool->def->type is VIR_STORAGE_POOL_FS will never be true, so remove it
2015-06-15 17:25:47 -04:00
Martin Kletzander
fcc2aab688 rpc: Fix possible crash when MDNSAddEntry fails
If virNetServerMDNSAddEntry() fails when adding a service to a server,
it doesn't decrease the number of services.  Hence access to their
members segfaults (e.g. when free()-ing the sruct).

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-15 17:12:59 +02:00
Martin Kletzander
5e55534b9a build: Remove unnecessarily repeated rules for syms -> def
Suggested-by: Michal Prívozník <mprivozn@redhat.com>
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-15 17:12:59 +02:00
Boris Fiuczynski
840eca32ab qemu: monitor: Add memory balloon support for virtio-ccw
The search for the memory balloon driver object is extended by a
second known name "virtio-balloon-ccw" in support for virtio-ccw.

Signed-off-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: Daniel Hansel <daniel.hansel@linux.vnet.ibm.com>
Reviewed-by: Eric Farman <farman@linux.vnet.ibm.com>
Reviewed-by: Stefan Zimmermann <stzi@linux.vnet.ibm.com>
2015-06-15 17:05:32 +02:00
Peter Krempa
4ed2b9a7e4 qemu: emulatorpin: Don't reset pinning when pinning to all cpus
Similarly to a02a161bb8a6caf0db4dd446ed1cdf53d97b40 remove the default
pinning assumption from emulatorpin.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1227180
2015-06-15 16:18:49 +02:00
Michal Privoznik
c4bdfafcbb getOldStyleBlockDevice: Adjust formatting
Instead of initializing return value to zero (success) and overwriting
it on every failure just before the control jumps onto 'out' label,
let's initialize to an error value and set to zero only when we are
sure about the success. Just follow the pattern we have in the rest of
the code.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-06-15 14:13:39 +02:00
Michal Privoznik
71b66bec2b getNewStyleBlockDevice: Adjust formatting
Instead of initializing return value to zero (success) and overwriting
it on every failure just before the control jumps onto 'out' label,
let's initialize to an error value and set to zero only when we are
sure about the success. Just follow the pattern we have in the rest of
the code.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-06-15 14:13:34 +02:00
John Ferlan
84020f9a39 storage: Disallow wiping an extended disk partition
https://bugzilla.redhat.com/show_bug.cgi?id=1225694

Check if the disk partition to be wiped is the extended partition, if
so then disallow it. Do this via changing the wipeVol backend to check
the volume before passing to the common virStorageBackendVolWipeLocal
2015-06-15 07:45:06 -04:00
Ján Tomko
243bbcc5db qemu caps: spell queue 2015-06-15 13:32:44 +02:00
John Ferlan
4fce9e8479 qemu: Do not support 'serial' scsi-block 'lun' devices
https://bugzilla.redhat.com/show_bug.cgi?id=1021480

Seems the property has been deprecated for qemu, although seemingly ignored.

This patch enforces from a libvirt perspective that a scsi-block 'lun'
device should not provide the 'serial' property.
2015-06-15 07:30:29 -04:00
John Ferlan
1feaccf000 storage: Need to set secrettype for direct iscsi disk volume
https://bugzilla.redhat.com/show_bug.cgi?id=1200206

Commit id '1b4eaa61' added the ability to have a mode='direct' for
an iscsi disk volume.  It relied on virStorageTranslateDiskSourcePool
in order to copy any disk source pool authentication information to
the direct disk volume, but it neglected to also copy the 'secrettype'
field which ends up being used in the domain volume formatting code.
Adding a secrettype for this case will allow for proper formatting later
and allow disk snapshotting to work properly

Additionally libvirtd restart processing would fail to find the domain
since the translation processing code is run after domain xml processing,
so handle the the case where the authdef could have an empty secrettype
field when processing the auth and additionally ignore performing the
actual and expected auth secret type checks for a DISK_VOLUME since that
data will be reassembled later during translation processing of the
running domain.
2015-06-15 07:14:40 -04:00
Michal Privoznik
f886701290 virCapabilitiesDomainDataLookup: Produce saner error message
During a review, I've noticed this error message that was eventually
produced when I was trying to define a domain:

error: invalid argument: could not find capabilities for arch=mips64el
domaintype=(null)

Look at the (null). Why is it there? Well, during XML parsing, we try
to look up the default emulator for given OS type and possibly virt
type too. And this is the problem, because if we don't want to look up
by virt type, a -1 is passed to note this fact. Later, the code
handles -1 just right. Except for error message. When it is
constructed (in a very fabulous way I must say), the value is compared
to zero, not -1. And since we don't have any translation from -1 to a
virt type string, we just print (null).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-06-15 07:29:37 +02:00
Anthony PERARD
bcf1349bb1 libxl: Add timestamp to the libxl driver log.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
2015-06-12 19:13:59 -06:00
zhang bo
798461a1a3 qemu: update netdevs of the same mac addrs correctly
If a guest has multiple network devices with the same MAC address,
when we online update the second device, libvirtd always updates
the first one.

commit def31e4c forgot to fix the online updating scenario. We need to
use virDomainNetFindIdx() to find the correct network device.

Signed-off-by: Zhou Yimin <zhouyimin@huawei.com>
Signed-off-by: Zhang Bo <oscar.zhangbo@huawei.com>
2015-06-12 13:04:39 -04:00
John Ferlan
785a8940ef scsi: Need to translate disk source pool in config attach path
https://bugzilla.redhat.com/show_bug.cgi?id=1228007

When attaching a scsi volume lun via the attach-device --config or
--persistent options, there was no translation of the source pool
like there was for the live path, thus the attempt to modify the config
would fail since not enough was known about the disk.
2015-06-12 12:20:36 -04:00
Michal Privoznik
c1dff918c9 virsysinfo: s/system/sysdef/
A variable can't be named system, obviously. Well, it can if the
compiler is new enough to distinguish a variable named system and a
function call system(). And some older systems, don't have wise
compiler.

  CC     util/libvirt_util_la-virsysinfo.lo
cc1: warnings being treated as errors
../../src/util/virsysinfo.c: In function 'virSysinfoParseSystem':
../../src/util/virsysinfo.c:649: error: declaration of 'system' shadows a global declaration [-Wshadow]
/usr/include/stdlib.h:717: error: shadowed declaration is here [-Wshadow]
make[3]: *** [util/libvirt_util_la-virsysinfo.lo] Error 1

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-06-12 17:43:38 +02:00
Michal Privoznik
87c81cd5ee qemuBuildDriveStr: s/virBufferEscapeString/virBufferAsprintf/
We are using it to print a value that can't be NULL and does not need
any escaping anyway.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-06-12 16:44:24 +02:00
Michal Privoznik
c88bf57262 virQEMUCapsArch: openrisc vs or32
With a few exceptions, we assume that qemu binary for given
architecture has form of qemu-system-$arch. Well, openrisc is yet
another exception. It's binary is called qemu-system-or32.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-06-12 16:44:24 +02:00
Michal Privoznik
0b92974c15 virSysinfoDef: Exempt SYSTEM variables
Move all the system_* fields into a separate struct. Not only this
simplifies the code a bit it also helps us to identify whether BIOS
info is present. We don't have to check all the four variables for
being not-NULL, but we can just check the pointer to the struct.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-06-12 10:42:39 +02:00
Michal Privoznik
3f9cae18fe virSysinfoDef: Exempt BIOS variables
Move all the bios_* fields into a separate struct. Not only this
simplifies the code a bit it also helps us to identify whether BIOS
info is present. We don't have to check all the four variables for
being not-NULL, but we can just check the pointer to the struct.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-06-12 10:42:34 +02:00
Martin Kletzander
d9a610f90c util: add virJSONValueCopy
Faster version of virJSONValueFromString(virJSONValueToString()).

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-11 15:39:30 +02:00
Maxime Leroy
366c22f2bc qemu: add multiqueue vhost-user support
This patch adds the support of queues attribute of the driver element
for vhost-user interface type. Example:

<interface type='vhostuser'>
      <mac address='52:54:00:ee:96:6d'/>
      <source type='unix' path='/tmp/vhost2.sock' mode='client'/>
      <model type='virtio'/>
      <driver queues='4'/>
</interface>

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1207692

Signed-off-by: Maxime Leroy <maxime.leroy@6wind.com>
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-11 14:28:29 +02:00
Martin Kletzander
7971723b98 qemu: Add capability for vhost-user multiqueue
The support for this was added in QEMU with commit
830d70db692e374b55555f4407f96a1ceefdcc97.  Unfortunately we have to do
another ugly version-based capability check.  The other option would be
not to check for the capability at all and leave that to qemu as it's
done with multiqueue tap devices.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-11 14:18:41 +02:00
Martin Kletzander
181e02dfda conf: Ignore multiqueue with one queue.
Multi != One.  And indeed, libvirt behaves the same way for queues='1'
as without such setting.  Let's make it clear in the XML.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-11 14:17:46 +02:00
Peter Krempa
b0d2e31c5f util: Make virProcessGetAffinity more readable and fix coverity warning
Store the cpu count in an intermediate variable and reuse it rather than
caluclating the index.

Additionally add a coverity silencing comment.
2015-06-11 13:59:28 +02:00
Daniel P. Berrange
43c0a84cda rpc: add API for checking IPv4/6 availability
The socket test suite has a function for checking if IPv4
or IPv6 are available, and returning a free socket. The
first bit of that will be needed in another test, so pull
that logic out into a separate helper method.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-06-11 12:11:18 +01:00
Daniel P. Berrange
d587704cc7 rpc: allow selection of TCP address family
By default, getaddrinfo() will return addresses for both
IPv4 and IPv6 if both protocols are enabled, and so the
RPC code will listen/connect to both protocols too. There
may be cases where it is desirable to restrict this to
just one of the two protocols, so add an 'int family'
parameter to all the TCP related APIs.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-06-11 12:11:18 +01:00
Michal Privoznik
1c24cfe9d8 virNumaSetPagePoolSize: Produce friendlier error message
https://bugzilla.redhat.com/show_bug.cgi?id=1224587

The function takes two important arguments (among many others): @node
and @page_size. From these two a path under /sys is constructed. The
path is then used to read and write the desired size of huge pages
pool. However, if the path does not exists due to either @node or
@page_size having nonexistent value (e.g. there's no such NUMA node or
no page size like -2), an cryptic error message is produced:

  virsh # allocpages --pagesize 2049 --pagecount 8 --cellno -2
  error: Failed to open file '/sys/devices/system/node/node-2/hugepages/hugepages-2049kB/nr_hugepages': No such file or directory

Add two more checks to catch this and therefore produce much more
friendlier error messages.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-06-10 17:27:16 +02:00
John Ferlan
c178d38b8f logical: Fix typo in error message 2015-06-09 18:21:57 -04:00
Shivaprasad G Bhat
310c98d0c4 network: escape quotes for dsmasq conf contents
dnsmasq conf file contents needs to have quotes escaped for it to
work.  Because of this, the network-create/start for a network with
quotes in the name fails. The patch escapes strings for the entries
that go into the conf file.

Signed-off-by: Shivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
2015-06-09 13:56:00 -04:00