Commit Graph

22961 Commits

Author SHA1 Message Date
John Ferlan
abd2272c02 secret: Alter virSecretGetSecretString
Rather than returning a "char *" indicating perhaps some sized set of
characters that is NUL terminated, alter the function to return 0 or -1
for success/failure and add two parameters to handle returning the
buffer and it's size.

The function no longer encodes the returned secret, rather it returns
the unencoded secret forcing callers to make the necessary adjustments.

Alter the callers to handle the adjusted model.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-05-16 12:58:48 +02:00
Peter Krempa
fb1dddfb00 qemu: domain: Fix names for functions that clear security info
They don't free the structure itself so they should be called *Clear
rather than *Free.
2016-05-16 12:58:48 +02:00
John Ferlan
1cf5af40b9 util: string: Introduce helper to determine whether a byte buffer is printable
Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-05-16 12:58:48 +02:00
Peter Krempa
cb2e3e50ee util: string: Introduce virStringEncodeBase64
Add a new helper that sanitizes error semantics of base64_encode_alloc.
2016-05-16 12:58:48 +02:00
Peter Krempa
1d632c3924 secret: util: Refactor virSecretGetSecretString
Call the internal driver callbacks rather than the public APIs to avoid
calling unnecessarily the error dispatching code and don't overwrite
the error messages provided by the APIs. They are good enough to
describe which secret is missing either by UUID or the usage (basically
name).
2016-05-16 12:58:48 +02:00
Peter Krempa
eb2116fd9a util: alloc: Introduce freeing helpers that clear the memory before freeing
For a few cases where we handle secret information it's good to clear
the buffers containing sensitive data before freeing them.

Introduce VIR_DISPOSE, VIR_DISPOSE_N and VIR_DISPOSE_STRING that allow
simple clearing fo the buffers holding sensitive information on cleanup
paths.
2016-05-16 12:58:48 +02:00
Jiri Denemark
ced1e846a0 capabilities: Advertise cpuselection if -cpu host is usable
When -cpu host is supported by a QEMU binary, a user can use
<cpu mode='host-passthrough'/> in domain XML even when libvirtd failed
to find a matching model for the host CPU. Let's make it obvious by
advertising <cpuselection/> guest capability whenever -cpu host is
supported.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-05-16 10:42:28 +02:00
Jiri Denemark
1522503189 qemuaincapstest: Give better names to test data files
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-05-16 10:37:29 +02:00
Jiri Denemark
9ac9b039c4 domaincapstest: Give better names to test data files
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-05-16 10:37:29 +02:00
Jiri Denemark
8ba37e7a6e domaincapstest: Use arch strings
They are shorter and most of the code requires the strings anyway.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-05-16 10:37:29 +02:00
Michal Privoznik
4b3a46ca6a tests: Introduce check-file-access.pl
This script will check output generated by virtestmock against a
white list. All non matching records found are printed out. So
far, the white list is rather sparse at the moment.
This test should be ran only after all other tests finished, and
should cleanup the temporary file before their execution. Because
I'm unable to reflect these requirements in Makefile.am
correctly, I've introduced new target 'check-access' under which
this test is available.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-14 09:46:44 +02:00
Michal Privoznik
6326865e6b virtestmock: Print invalid file accesses into a file
All the accesses to files outside our build or source directories
are now identified and appended into a file for later processing.
The location of the file that contains all the records can be
controlled via VIR_TEST_FILE_ACCESS env variable and defaults to
abs_builddir "/test_file_access.txt".

The script that will process the access file is to be added in
next commit.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-14 09:46:23 +02:00
Michal Privoznik
47d2dc831a tests: Introduce global mock library
The intent is that this library is going to be called every time
to check if we are not touching anything outside srcdir or
builddir.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-14 09:30:25 +02:00
Michal Privoznik
86d1705a8a virmock.h: Introduce VIR_MOCK_CALL_STAT
There is some magic going on when it comes to stat() or lstat().
Basically, stat() can either be a regular function, an inline
function that calls __xstat(_STAT_VER, ...) or a macro that does
the same as the inline func. Don't ask why is that, just read the
documentation in sys/stat.h and make sure you have a bucket next
to you. Anyway, currently there will not be both stat and __xstat
symbols at the same time, as one of them gets overwritten to the
other one during compilation. But this is not true anymore once
we start chaining our mocking libraries. Therefore we need a
wrapper that calls desired function from glibc.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-14 09:25:56 +02:00
Michal Privoznik
a1ffedc682 securityselinuxhelper: Adapt to virmock.h
Instead of introducing our own wrapper for dlsym()
we can use the one provided by virmock.h.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-14 09:22:12 +02:00
Michal Privoznik
ca88c0e7b2 nssmock: Adapt to virmock.h
Instead of introducing our own wrapper for dlsym()
we can use the one provided by virmock.h.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-14 09:19:51 +02:00
Michal Privoznik
d16b7a8853 vircgroupmock: Adapt to virmock.h
Instead of introducing our own wrapper for dlsym()
we can use the one provided by virmock.h.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-14 09:18:14 +02:00
Michal Privoznik
57c484dbac virpcimock: Adapt to virmock.h
Instead of introducing our own wrapper for dlsym()
we can use the one provided by virmock.h.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-14 09:10:40 +02:00
Fabian Freyer
9055faebd4 qemu: remove ATTRIBUTE_UNUSED in connectGetType
This is not needed here, since the conn parameter is used in the ACL
checking calls, which were introduced in abf75aea2.
2016-05-13 15:52:11 -04:00
Fabian Freyer
126e630e85 bhyve: implement virConnectGetType
This implements virConnectGetType for the bhyve driver.
2016-05-13 21:10:58 +03:00
Jim Fehlig
b90c4b5f50 xlconfigtests: use qemu-xen in all test data files
Some of the test configuration files in tests/xlconfigdata
use the old qemu-dm as the emulator. Many of the configuration
features tested (spice, rbd, multi-usb) are not even usable with
the old qemu. Change these files to use the new qemu-xen (also
known as qemu upstream) emulator.

Note: This change fixes xlconfigtest failures when the old
qemu is actually installed on the system. During device post
parse, the libxl driver attempts to invoke the emulator to
determine if it is the old or new qemu so it can properly set
video RAM defaults. With the old qemu installed, the default
video RAM was set differently than the expected value.
Changing all the test data files to use qemu-xen ensures
predictable results wrt default video RAM size.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2016-05-13 10:08:34 -06:00
Jim Fehlig
400e716d7d libxl: don't attempt to probe a non-existent emulator
When probing the <emulator> with '-help' to determine if
it is the old qemu, errors are reported if the emulator
doesn't exist

libvirt:  error : internal error: Child process
(/usr/lib/xen/bin/qemu-dm -help) unexpected exit status 127:
libvirt:  error : cannot execute binary /usr/lib/xen/bin/qemu-dm:
No such file or directory

Avoid the probe if the specified emulator doesn't exist,
squelching the error. There is no behavior change since
libxlDomainGetEmulatorType() would return
LIBXL_DEVICE_MODEL_VERSION_QEMU_XEN if the probe failed
via virCommandRun().

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2016-05-13 10:08:34 -06:00
Pavel Hrdina
3902f634bf virt-aa-helper: remove replace_string and use virStringReplace instead
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-05-13 17:42:57 +02:00
Laine Stump
9575cb8554 network: log error when <bandwidth> is requested for hostdev interfaces
This would previously be silently ignored.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1319044
2016-05-13 10:02:20 -04:00
Michal Privoznik
7fccf12482 virfile: Introduce virFileRemoveLastComponent
Move some parts of virStorageFileRemoveLastPathComponent
into a separate function so they can be reused.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-13 14:17:15 +02:00
Shivaprasad G Bhat
be1a7e6d31 leave out the default USB controller only on i440fx during migration
Further followup discussions in list on commit 192a53e concluded
that we should be leaving out the USB controller only for
i440fx machines as default USB can be used by someone on q35
at random slots.

Signed-off-by: Shivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
2016-05-13 10:11:00 +02:00
Peter Krempa
2a1a9808b1 qemu: domain: Fix name of macro defining AES IV length
The initialization vector is a technical term by itself different from
the key.
2016-05-12 17:13:09 +02:00
John Ferlan
677b94f487 qemu: Change from SecretIV or _IV to SecretAES or _AES
The preferred name will be AES not IV, change current references

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-05-12 09:30:08 -04:00
Christophe Fergeau
28675d633b schemas: Improve outdated comment 2016-05-12 14:53:24 +02:00
Ján Tomko
96b21fb0ec Fix tests to include video ram size
My commit 3e42867 started filling out the video size in post-parse,
but did not adjust the tests.
2016-05-12 14:32:17 +02:00
Ján Tomko
538012c8a3 Fill out default vram in DeviceDefPostParse
Move filling out the default video (v)ram to DeviceDefPostParse.

This means it can be removed from virDomainVideoDefParseXML
and qemuParseCommandLine. Also, we no longer need to special case
VIR_DOMAIN_VIRT_XEN, since the per-driver callback gets called
before the generic one.
2016-05-12 08:22:08 +02:00
Ján Tomko
3e42867032 Call per-device post-parse callback even on implicit video
Commit 6879be48 moved adding of an implicit video device after XML
parsing. As a result, libxlDomainDeviceDefPostParse() is no longer
called to set the default vram when adding an implicit device.
Commit 6879be48 assumes virDomainVideoDefaultRAM() will set the
default vram, but it returns 0 if the domain virtType is
VIR_DOMAIN_VIRT_XEN. Attempting to start an HVM domain with vram=0
results in

error: unsupported configuration: videoram must be at least 4MB for CIRRUS

The default vram setting for Xen HVM domains depends on the device
model used (qemu-xen vs qemu-traditional), hence setting the
default is deferred to libxlDomainDeviceDefPostParse().

Call the device post-parse callback even for implicit video,
to fill out the default vram even for VIR_DOMAIN_VIRT_XEN.

https://bugzilla.redhat.com/show_bug.cgi?id=1334557
Most-of-commit-message-by: Jim Fehlig <jfehlig@suse.com>
2016-05-12 08:22:08 +02:00
Ján Tomko
e4d131b8cb Move virDomainDefPostParseInternal after virDomainDeviceDefPostParse
Future commit will call DeviceDefPostParse on a device auto-added
in DomainDefPostParse.
2016-05-12 08:22:08 +02:00
Erik Skultety
e711a3918f util: Fix virGetLastErrorMessage to return proper error when 'err' is NULL
Both virGetLastError and virGetLastErrorMessage call virLastErrorObject method
that returns a thread-local error object. However, if a direct call to malloc
or pthread_setspecific (probably also due to malloc, since it sets ENOMEM)
fail, virLastErrorObject returns NULL which, although incorrectly interpreted
by virGetLastError as no error, still requires the caller to check for NULL
pointer. This isn't the case with virGetLastErrorMessage that also treated it
incorrectly as no error, but returned the literal "no error".
This patch tweaks the checks in the virGetLastErrorMessage function, so that
if virLastErrorObject failed, it returned "unknown error" which is equivalent
to the current approach with virGetLastError and if it returned NULL,
"unknown error" was set.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-05-11 20:10:35 +02:00
Erik Skultety
df4d908d30 spec: Fix broken indentation reported by syntax-check
syntax-check complained about broken indentation in libvirt.spec.in which was
broken by commit 3694e038

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-05-11 20:03:57 +02:00
Daniel P. Berrange
7375948933 libvit.spec.in: Add missing BuildRequires against sheepdog
We were adding a sheepdog requirement at runtime, but forgetting
to turn it on at build time, so the underlying code was never
built.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00
Daniel P. Berrange
f008d918ad libvirt.spec.in: remove all changelog entries
The %changelog entries in the RPM are just a poor immitation
of the release notes, which is not what %changelog section
is for. It should be reflecting changes in the RPM packaging,
not changes in the application releases. Further, this bogus
list of changes has to be manually deleted every time we sync
the RPM with Fedora. Remove them, since they serve no useful
purpose.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00
Daniel P. Berrange
c3b1c51ed5 libvirt.spec.in: use explicit --with-xxx for all features
Rather than letting the configure script auto-detect features
we expect, use --with-xxx to explicitly mandate them. This
ensures that we get an error upfront when running configure,
rather than a failure later during build or RPM file packaging
time.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00
Daniel P. Berrange
4cc7c987c2 libvirt.spec.in: remove nss plugin conditional
Both RHEL and Fedora build the nss plugin at all times.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00
Daniel P. Berrange
5097fef87d libvirt.spec.in: remove libnl conditional
Both RHEL and Fedora build with libnl3 at all times.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00
Daniel P. Berrange
2c14e90d61 libvirt.spec.in: remove macvtap conditional
Both RHEL and Fedora build with macvtap at all times.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00
Daniel P. Berrange
4c6c4ca40e libvirt.spec.in: remove libpcap conditional
Both RHEL and Fedora build with libpcap at all times.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00
Daniel P. Berrange
01e681c49f libvirt.spec.in: remove nwfilter driver conditional
Both RHEL and Fedora build with the nwfilter driver enabled
at all times

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00
Daniel P. Berrange
c8bcff8143 libvirt.spec.in: remove nodedev conditional
Both RHEL and Fedora build with the nodedev driver enabled
at all times.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00
Daniel P. Berrange
a659559bb0 libvirt.spec.in: remove most storage conditionals
Both RHEL and Fedora build with the storage driver and
most of its sub-drivers enabled at all times.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00
Daniel P. Berrange
3e4009752f libvirt.spec.in: remove network driver conditiaonl
Both RHEL and Fedora build with the network driver
enabled at all times.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00
Daniel P. Berrange
d8a9ae98ca libvirt.spec.in: remove interface driver conditional
Both RHEL and Fedora build with the interface driver
enabled at all times.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00
Daniel P. Berrange
24553e174c libvirt.spec.in: remove selinux conditional
Both RHEL and Fedora build with selinux enabled at all
times.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00
Daniel P. Berrange
46c81bc42a libvirt.spec.in: remove yajl conditional
Both RHEL and Fedora build with yajl enabled at all times.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00
Daniel P. Berrange
a770e90809 libvirt.spec.in: remove polkit conditional
Both RHEL and Fedora build with polkit enabled at all
times.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-05-11 16:42:38 +01:00