Starting with commit id 'fab9d6e1' the formatting of:
{ "command-name", QEMU_CAPS_NAME },
was altered to:
{ "command-name", QEMU_CAPS_NAME},
and then commit id 'e2b05c9a' altered that to:
{ "command-name", QEMU_CAPS_NAME}
So, let's just fix that up to make things consistent with the
rest of the structures.
Signed-off-by: John Ferlan <jferlan@redhat.com>
virQEMUQAPISchemaTraverse would return previous-to-last queried item on
a query. It would not be a problem if checking if the given path exists
since error reporting works properly but if the caller is interested in
the result, it would be wrong.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
The JSON array was processed to the hash table used by the query apis in
the monitor code. Move it to a new helper in qemu_qapi.c.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Change the prefix of the functions to 'virQEMUQapi' and rename the two
public APIs so that the verb is put last.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
The code that calls VIR_WARN after a function fails, doesn't
report the error message raised by the failing function.
Such error messages are now reported in lxc/lxc_driver.c
Signed-off-by: Prafullkumar Tale <talep158@gmail.com>
Most of the augeas test files use ::CONFIG:: to pull in the master
config file for testing. This ensures that entries added to the config
file are actually tested by augeas.
This identified the missing admin_max_clients example in the virtlogd
config file, which in turn prompted a change in description of the
max_clients parameter, since these daemons don't have separate
readonly & readwrite sockets.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The global log buffer feature was deleted in:
commit c0c8c1d7bb
Author: Daniel P. Berrange <berrange@redhat.com>
Date: Mon Mar 3 14:54:33 2014 +0000
Remove global log buffer feature entirely
A earlier commit changed the global log buffer so that it only
records messages that are explicitly requested via the log
filters setting. This removes the performance burden, and
improves the signal/noise ratio for messages in the global
buffer. At the same time though, it is somewhat pointless, since
all the recorded log messages are already going to be sent to an
explicit log output like syslog, stderr or the journal. The
global log buffer is thus just duplicating this data on stderr
upon crash.
The log_buffer_size config parameter is left in the augeas
lens to prevent breakage for users on upgrade. It is however
completely ignored hereafter.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This was in the 1.2.3 release, and 4 years is sufficient time for a
graceful upgrade path for augeas, so all remaining traces are now
removed.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
nvdimm memory is backed by a path on the host. This currently works only via
hotplug where the AppArmor label is created via the domain label callbacks.
This adds the virt-aa-helper support for nvdimm memory devices to generate
rules for the needed paths from the initial guest definition as well.
Example in domain xml:
<memory model='nvdimm'>
<source>
<path>/tmp/nvdimm-base</path>
</source>
<target>
<size unit='KiB'>524288</size>
<node>0</node>
</target>
</memory>
Works to start now and creates:
"/tmp/nvdimm-base" rw,
Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1757085
Acked-by: Jamie Strandboge <jamie@canonical.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Input devices can passthrough an event device. This currently works only via
hotplug where the AppArmor label is created via the domain label callbacks.
This adds the virt-aa-helper support for passthrough input devices to generate
rules for the needed paths from the initial guest definition as well.
Example in domain xml:
<input type='passthrough' bus='virtio'>
<source evdev='/dev/input/event0' />
</input>
Works to start now and creates:
"/dev/input/event0" rw,
Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1757085
Acked-by: Jamie Strandboge <jamie@canonical.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
d8116b5a "security: Introduce functions for input device hot(un)plug"
implemented the code (Set|Restore)InputLabel for several security modules,
this patch adds an AppArmor implementation for it as well.
That fixes hot-plugging event input devices by generating a rule for the
path that needs to be accessed.
Example hot adding:
<input type='passthrough' bus='virtio'>
<source evdev='/dev/input/event0' />
</input>
Creates now:
"/dev/input/event0" rwk,
Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1755153
Acked-by: Jamie Strandboge <jamie@canonical.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Recent changes have made implementing this mandatory to hot add any
memory.
Implementing this in apparmor fixes this as well as allows hot-add of nvdimm
tpye memory with an nvdimmPath set generating a AppArmor rule for that
path.
Example hot adding:
<memory model='nvdimm'>
<source>
<path>/tmp/nvdimm-test</path>
</source>
<target>
<size unit='KiB'>524288</size>
<node>0</node>
</target>
</memory>
Creates now:
"/tmp/nvdimm-test" rwk,
Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1755153
Acked-by: Jamie Strandboge <jamie@canonical.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
The set of arguments was changed a long time ago (040d996342
which dates back to July 2013) but the corresponding
documentation was not updated.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Laine Stump <laine@laine.org>
The flags passed to virCommandPassFD() are unnamed and
documentation to this function doesn't list them either.
Give them name and mention it in documentation to functions
using them.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Laine Stump <laine@laine.org>
Long ago in commit dfa1e1dd53 the scheduler weight was accidentally
hardcoded to 1000. Weight is a setting with no unit since it is
relative to the weight of other domains. If no weight is specified,
libxl defaults to 256.
Instead of hardcoding the weight to 1000, honor any <shares> specified
in <cputune>. libvirt's notion of shares is synonomous to libxl's
scheduler weight setting. If shares is unspecified, defer default
weight setting to libxl.
Removing the hardcoded weight required some test fixup. While at it,
add an explicit test for <shares> conversion to scheduler weight.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Inspired by commit ffb7954f to improve readability of the libxl
migration APIs.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
In libxlDomainMigrationPrepare it is possible to dereference a NULL
libxlDomainObjPrivatePtr in early error paths. Check for a valid
'priv' before using it.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Similar to other uses of virDomainObjListAdd, on success add a ref to the
virDomainObj so that virDomainObjEndAPI can be called as usual.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
If starting the domain fails in libxlDomainCreateXML, we mistakenly
jumped to cleanup without calling libxlDomainObjEndJob. Remove the
jump to 'cleanup'.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Most libxl driver API use the pattern of lock and add a ref to
virDomainObj, perform API, then decrement ref and unlock in
virDomainEndAPI. In some cases the API may call
virDomainObjListRemove, which unlocks the virDomainObj. Relock
the object in such cases so EndAPI is called with a locked object.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Fix comments for virConnectListAllNodeDevices and
virConnectListAllSecrets.
Signed-off-by: Han Han <hhan@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
https://bugzilla.redhat.com/show_bug.cgi?id=1556828
When defining a domain that has <interface type='hostdev'/> our
parser creates two entries in virDomainDef: one for <interface/>
and one for <hostdev/>. However, some info is shared between the
two which makes user alias validation fail because alias belongs
to the set of shared info.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Lists in Python are mutable and when used as a default value of a
parameter for class constructor, its value will be shared between
all class instances.
Example:
class Test:
def __init__(self, mylist=[]):
self.mylist = mylist
A = Test()
B = Test()
A.mylist.append("mylist from instance A")
print(B.mylist) # Will print ['mylist from instance A']
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
PEP8 recommends not having spaces around = in a keyword argument or
a default parameter value.
https://www.python.org/dev/peps/pep-0008/#other-recommendations
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
Reduce the number of if-statements and use a single return.
Utilise a dictionary to map between occurrences and values.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
The function generate_helper_header() only returns a formatted string.
This could be achieved without performing string concatenation.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
The generate_helper_source() function returns a formatted string.
This could be achieved without the use of a local variable "source"
and string concatenation.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
PEP8 recommends removing whitespace immediately before a comma,
semicolon, or colon [1]. In addition remove multiple spaces after
keyword (PEP8 - E271).
1: https://www.python.org/dev/peps/pep-0008/#whitespace-in-expressions-and-statements
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
<memballoon model='none'/> is the only way to disable balloon driver
since libvirt will add one automatically if the memballoon element is
missing. In other words, there's no balloon device if model is 'none'
and generating an alias for it makes no sense. The alias will be ignored
when parsing the XML and it will disappear once libvirtd is restarted.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
In a recent change b932ed69: "virt-aa-helper: resolve yet to be created
paths" several cases with symlinks in paths were fixed, but it regressed
cases where the file being last element of the path was the actual link.
In the case of the last element being the symlink realpath can (and shall)
be called on the full path that was passed.
Examples would be zfs/lvm block devices like:
<disk type='block' device='disk'>
<driver name='qemu' type='raw'/>
<source dev='/dev/mapper/testlvm-testvol1'/>
<target dev='vdd' bus='virtio'/>
</disk>
With the target being:
/dev/mapper/testlvm-testvol1 -> ../dm-0
That currently is rendered as
"/dev/mapper/testlvm-testvol1" rwk,
but instead should be (and is with the fix):
"/dev/dm-0" rwk,
Fixes: b932ed69: "virt-aa-helper: resolve yet to be created paths"
Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1756394
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Some of our scripts are known to work both with Python 2 and
Python 3, so for them we shouldn't be forcing any specific
version of the interpreter when they're called directly; we
always use $(PYTHON) explicitly in our build rules anyway.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Commit b4c2ac8d56 made a false assumption that IOMMU support necessary
for an mdev device to be assigned to a VM. Unlike direct PCI assignment,
IOMMU support is not needed for mediated devices, as the physical parent
device provides the isolation, therefore, simply checking for VFIO
presence is enough to successfully start a VM.
Luckily, this issue is not serious, since as of yet, libvirt mandates
mdevs to be pre-created prior to a domain's launch - if it is,
everything does work smoothly even with IOMMU disabled, because the
parent device will ensure the iommu groups we try to access exist.
However, if there are *no* IOMMU groups yet, thus no mdev exists yet, one
would see the following error:
"unsupported configuration: Mediated host device assignment requires VFIO
support"
The error msg above is simply wrong and doesn't even reflect the IOMMU
reality, so after applying this patch one would rather see the following
error in such case instead:
"device not found: mediated device '<UUID>' not found"
Signed-off-by: Erik Skultety <eskultet@redhat.com>
What one currently gets is:
failed to read '/sys/bus/mdev/devices/<UUID>/mdev_type/device_api': No
such file or directory
This indicates that something is missing within the device's sysfs tree
which likely might be not be the case here because the device simply
doesn't exist yet. So, when creating our internal mdev obj, let's check
whether the device exists first prior to trying to verify the
user-provided model within domain XML.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
==16451== 32,768 bytes in 2 blocks are definitely lost in loss record 1,007 of 1,013
==16451== at 0x4C2AF0F: malloc (vg_replace_malloc.c:299)
==16451== by 0x7CADB40: nl_recv (in /usr/lib64/libnl-3.so.200.23.0)
==16451== by 0x532DFAC: virNetlinkDumpCommand (virnetlink.c:363)
==16451== by 0x53236AE: virNetDevIPCheckIPv6Forwarding (virnetdevip.c:641)
==16451== by 0xE3E4A1A: networkStartNetworkVirtual (bridge_driver.c:2490)
==16451== by 0xE3E55F5: networkStartNetwork (bridge_driver.c:2832)
==16451== by 0xE3DFFE5: networkAutostartConfig (bridge_driver.c:531)
==16451== by 0x53F47E0: virNetworkObjListForEachHelper (virnetworkobj.c:1412)
==16451== by 0x52FE69F: virHashForEach (virhash.c:606)
==16451== by 0x53F4857: virNetworkObjListForEach (virnetworkobj.c:1439)
==16451== by 0xE3E0BF4: networkStateAutoStart (bridge_driver.c:808)
==16451== by 0x55689CE: virStateInitialize (libvirt.c:758)
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
libxlDomainMigrationPrepare adds the incoming domain def to the list
of domains via virDomainObjListAdd, but never adds its own ref to the
returned virDomainObj as other callers of virDomainObjListAdd do.
libxlDomainMigrationPrepareTunnel3 suffers the same discrepancy.
Change both to add a ref to the virDomainObj after a successful
virDomainObjListAdd, similar to other callers. This ensures a consistent
pattern throughout the drivers and allows using the virDomainObjEndAPI
function for cleanup.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
For libxlDomainLookupByID and libxlDomainLookupByUUID let's
return a locked and referenced @vm object so that callers can
then use the common and more consistent virDomainObjEndAPI in
order to handle cleanup rather than needing to know that the
returned object is locked and calling virObjectUnlock.
The LookupByName already returns the ref counted and locked object,
so this will make things more consistent.
Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
Commit id '9ac945078' altered libxlDomObjFromDomain to return
a locked *and* ref counted object for some specific purposes;
however, it neglected to alter all the consumers of the helper
to use virDomainObjEndAPI thus leaving many objects with extra
ref counts.
Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
libxlDomObjFromDomain to returns locked and ref counted virDomainObj but
libxlDomainMigratePerform3Params only unlocks the object on exit. Convert
it to use the virDomainObjEndAPI function for cleanup.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
The libxlDomainMigrateConfirm3Params API locks and ref counts the associated
virDomainObj but relies on the helper function libxlDomainMigrationConfirm
to unlock the object. Unref'ing the object is not done in either function.
libxlDomainMigrationConfirm is also used by libxlDomainMigratePerform3Params
for p2p migration, but in that case the lock/ref and unref/unlock are
properly handled in the API entry point.
Remove the unlock from libxlDomainMigrationConfirm and adjust
libxlDomainMigrateConfirm3Params to properly unref/unlock the virDomainObj
on success and error paths.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
The libxlDomainMigrateBegin3Params API locks and ref counts the associated
virDomainObj but relies on the helper function libxlDomainMigrationBegin
to unref/unlock the object. libxlDomainMigrationBegin is also used by
libxlDomainMigratePerform3Params for p2p migration, but in that case the
lock/ref and unref/unlock are properly handled in the API entry point. So
p2p migrations suffer a double unref/unlock in the Perform API.
Remove the unref/unlock (virDomainObjEndAPI) from libxlDomainMigrationBegin
and adjust libxlDomainMigrateBegin3Params to properly unref/unlock
the virDomainObj on success and error paths.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
https://bugzilla.redhat.com/show_bug.cgi?id=1552127
When building command line for USB controllers we have to do more
than just put controller's alias onto the command line. QEMU has
concept of these joined USB controllers. For instance ehci and
uhci controllers need to create the same USB bus. To achieve that
the slave controller needs to refer the master controller. This
worked until we've introduced user aliases because both master
and slave had the same alias. With user aliases slave can have
different alias than master. Therefore, when generating command
line for slave we need to look up the master's alias.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
commit 7210cef452 'qemu: build command line for virtio input devices'
introduced an error, by checking if input bus type is
VIR_DOMAIN_DISK_BUS_VIRTIO.
Fix it by using the correct bus type for input devices.
Signed-off-by: Farhan Ali <alifm@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Commit id '177db487' renamed 'qemuValidateDevicePCISlotsChipsets' to
'qemuDomainValidateDevicePCISlotsChipsets', but didn't adjust comment.
Signed-off-by: Farhan Ali <alifm@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
We have to use VIR_WARNINGS_NO_CAST_ALIGN to avoid clang warning
about increased required alignment caused by some netlink macros.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Set the eventID for remoteRelayDomainQemuMonitorEvent explicitly to an
invalid value. Although the value is not used by
remoteRelayDomainQemuMonitorEvent, but it might be less prone to
errors for further refactorings.
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Use stream->prog instead of a hard-coded "remoteProgram" since at
stream creation in daemonCreateClientStream "remoteProgram" is used
so we should use that especially since these functions are intended
as generic helpers for streams.
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Remove unneeded global variables and convert them into local variables
where they're needed.
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
In case of an error do the cleanup of the private data of the
connection.
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Refactor testConnectClose as it's then obvious that conn->privateData
is set to NULL in all cases. In addition, 'testConnectCloseInternal'
can be better reused.
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Rename the variable @defaultConn to @defaultPrivconn as it doesn't
point to a default connection but to the private data used for the
shared default connection of the test driver.
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Set privateData to NULL also for a connection that uses @defaultConn
as privateData regardless of whether @defaultConn was freed or
not. @defaultConn is shared between multiple connections and it's
ensured that there will be no memory leak by counting references.
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
The two code paths have some cleanup in common so lets refactor it.
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Add typedef for the anonymous enum used for the driver features. This
allows the usage of the type in a switch statement and taking
advantage of the compilers feature to detect uncovered cases.
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
This deals with cls.version possibly being None.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
We use text operations on the contents after reading them.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
The keys() method no longer returns a list, so converting the
return value would be necessary before calling sort() on it;
alternatively, we can just call sorted(), which returns a
sorted list.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Commit ce7ae55ea1 introduced a typo in virtlockd-admin socket file
/usr/lib/systemd/system/virtlockd-admin.socket:7: Unknown lvalue
'Server' in section 'Socket'
Change 'Server' to 'Service'.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
And at the same time, do that from .c rather than .h file.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Chen Hanxiao<chenhanxiao@gmail.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
The setuid-rpc-client.la is intended to be small and contain only
bare minimum of source files. virarptable.c is not one of them.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Chen Hanxiao<chenhanxiao@gmail.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
introduce VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_ARP to get ip address
of VM from the message of netlink RTM_GETNEIGH
Signed-off-by: Chen Hanxiao <chenhanxiao@gmail.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
introduce helper to parse RTM_GETNEIGH query message and
store it in struct virArpTable.
Signed-off-by: Chen Hanxiao <chenhanxiao@gmail.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Libvirt provides full path to the backing file since commit
fec8f9c49a. This made qemu create the backend object but did not
delete it. This was fixed for unplug case in 4d83a6722f but not in case
of failure to hotplug the frontend. We'd leave the files behind which
would make memory unusable in case of hugepages.
https://bugzilla.redhat.com/show_bug.cgi?id=1553085
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Having to repeat "./job[1]/" XPath prefix for every single element or
attribute we want to parse is suboptimal. And even more so once we
further extract code from qemuDomainObjPrivateXMLParseJob into separate
functions.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Commit dc567cc22b introduced qemuDomainObjPrivateXMLParseJob, but forgot
to move "./job[1]/@type" parsing into it.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
The daemonStreamHandleWriteData() function is called whenever
server side of stream is able to receive some data. Nevertheless,
it calls virStreamSend() (to pass data down to virFDStream) and
depending on its return value it may abort the stream. However,
the functions it called when doing so are public APIs and as such
reset any error set previously. Therefore, if there was any error
in writing data to stream (i.e. repored in virStreamSend) it is
reset before virNetServerProgramSendReplyError() can get to it.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Some fields reported by dmidecode have plenty of useless spaces
(in fact some have nothing but spaces). To deal with this we have
introduced virSkipSpacesBackwards() and use it in
virSysinfoParseX86Processor() and virSysinfoParseX86Memory().
However, other functions (e.g. virSysinfoParseX86Chassis()) don't
use it at all and thus we are reporting nonsense:
<sysinfo type='smbios'>
<chassis>
<entry name='manufacturer'>FUJITSU</entry>
<entry name='version'> </entry>
<entry name='serial'> </entry>
<entry name='asset'> </entry>
<entry name='sku'>Default string</entry>
</chassis>
</sysinfo>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
We read from the agent until seeing a \r\n pair to indicate a completed
reply or event. To avoid memory denial-of-service though, we must have a
size limit on amount of data we buffer. 10 MB is large enough that it
ought to cope with normal agent replies, and small enough that we're not
consuming unreasonable mem.
This is identical to the flaw we had reading from the QEMU monitor
as CVE-2018-5748, so rather embarrassing that we forgot to fix
the agent code at the same time.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Policy-Kit has been replaced by polkit (referred to, respectively,
as POLKIT0 and POLKIT1 in our Makefiles).
The last build fix with old Policy-Kit was in May 2013:
commit <442eb2ba> and build with -Wunused-label was broken
since April 2016: commit <8437130>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Split out the parser and separate it from the private data part so that
it can be later reused in other parts of the code.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Since seclabels are formatted along with the source element and will
also make sense to be passed for the backing chain we should parse them
in the place where we parse the disk source. Same applies for
validation.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Rather than checking that the security label is legal when parsing it
move the code into a separate function.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Since we already parse the <backingStore> of a disk source, we should
also validate the configuration for the whole backing chain and not only
for the top level image.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Move out formatting of 'startuPolicy' which is a property of the disk
out of the <source> element. Extracting the code formating the content
and attributes will also allow reuse in other parts of the code.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
The wrapper functionality can be moved to the only user
virDomainDiskSourceFormatInternal. Also removes comment which does not
reflect the truth any more.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Now that the function is using virXMLFormatElement we don't need to
conditionally format anything, since we'll format the element according
to the presence of content.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
We're freeing individual items in it but not the array itself.
==19200== 40 bytes in 1 blocks are definitely lost in loss record 847 of 1,059
==19200== at 0x4C2D12F: realloc (vg_replace_malloc.c:785)
==19200== by 0x52C5532: virReallocN (viralloc.c:245)
==19200== by 0x52C5628: virExpandN (viralloc.c:294)
==19200== by 0x52C58FC: virInsertElementsN (viralloc.c:436)
==19200== by 0x542856B: virSecurityDACChownListAppend (security_dac.c:115)
==19200== by 0x54286B4: virSecurityDACTransactionAppend (security_dac.c:167)
==19200== by 0x542902F: virSecurityDACSetOwnershipInternal (security_dac.c:560)
==19200== by 0x54295D6: virSecurityDACSetOwnership (security_dac.c:650)
==19200== by 0x542AEE0: virSecurityDACSetInputLabel (security_dac.c:1472)
==19200== by 0x542B61D: virSecurityDACSetAllLabel (security_dac.c:1693)
==19200== by 0x542DD67: virSecurityManagerSetAllLabel (security_manager.c:869)
==19200== by 0x54279C2: virSecurityStackSetAllLabel (security_stack.c:361)
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Probably due to copy-paste error we're storing asset tag into
def->sku which we even use in the next step to store SKU number
and thus the asset tag leaks.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Modernize the code by using the clever formatter rather than checking
manually when to format the end of the element.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
The code overwrote the internal job type and then fixed it back. Since
the job type is not accessed in the code this does not make much sense.
Use the temporary value instead.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
