Commit Graph

12763 Commits

Author SHA1 Message Date
Michal Privoznik
15784e21cf virprocess: Introduce our own setns() wrapper
From time to time weird bugreports occur on the list, e.g [1].
Even though the kernel supports setns syscall, there's an older
glibc in the system that misses a wrapper over the syscall.
Hence, after the configure phase we think there's no setns
support in the system, which is obviously wrong. On the other
hand, we can't rely on linux distributions to provide newer glibc
soon. Therefore we need to introduce the wrapper on or own.

1: https://www.redhat.com/archives/libvir-list/2014-September/msg00492.html

Signed-off-by: Stephan Sachse <ste.sachse@gmail.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-10 12:19:10 +02:00
Peter Krempa
692c4ea673 qemu: dump: Resume CPUs only when the VM is still alive
Check if the VM is alive after we possibly called into monitor to reset
the guest.
2014-09-10 10:12:42 +02:00
Peter Krempa
736ea71bf6 qemu: dump: Fix formatting of function headers and code inline
Also drop a comment with obvious content.
2014-09-10 10:12:42 +02:00
Peter Krempa
bc068034ba util: process: Don't report OOM errors in helper
virProcessTranslateStatus is used on error paths that should not spoil
the returned error. As the errors are ignored, use the quiet versions of
virAsprintf to create the message.
2014-09-10 10:12:41 +02:00
Michal Privoznik
742b08e30f qemu: Automatically create NVRAM store
When using split UEFI image, it may come handy if libvirt manages per
domain _VARS file automatically. While the _CODE file is RO and can be
shared among multiple domains, you certainly don't want to do that on
the _VARS file. This latter one needs to be per domain. So at the
domain startup process, if it's determined that domain needs _VARS
file it's copied from this master _VARS file. The location of the
master file is configurable in qemu.conf.

Temporary, on per domain basis the location of master NVRAM file can
be overridden by this @template attribute I'm inventing to the
<nvram/> element. All it does is holding path to the master NVRAM file
from which local copy is created. If that's the case, the map in
qemu.conf is not consulted.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2014-09-10 09:38:07 +02:00
Michal Privoznik
542899168c qemu: Implement extended loader and nvram
QEMU now supports UEFI with the following command line:

  -drive file=/usr/share/OVMF/OVMF_CODE.fd,if=pflash,format=raw,unit=0,readonly=on \
  -drive file=/usr/share/OVMF/OVMF_VARS.fd,if=pflash,format=raw,unit=1 \

where the first line reflects <loader> and the second one <nvram>.
Moreover, these two lines obsolete the -bios argument.

Note that UEFI is unusable without ACPI. This is handled properly now.
Among with this extension, the variable file is expected to be
writable and hence we need security drivers to label it.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
2014-09-10 09:38:07 +02:00
Michal Privoznik
68bf13dbef conf: Extend <loader/> and introduce <nvram/>
Up to now, users can configure BIOS via the <loader/> element. With
the upcoming implementation of UEFI this is not enough as BIOS and
UEFI are conceptually different. For instance, while BIOS is ROM, UEFI
is programmable flash (although all writes to code section are
denied). Therefore we need new attribute @type which will
differentiate the two. Then, new attribute @readonly is introduced to
reflect the fact that some images are RO.

Moreover, the OVMF (which is going to be used mostly), works in two
modes:
1) Code and UEFI variable store is mixed in one file.
2) Code and UEFI variable store is separated in two files

The latter has advantage of updating the UEFI code without losing the
configuration. However, in order to represent the latter case we need
yet another XML element: <nvram/>. Currently, it has no additional
attributes, it's just a bare element containing path to the variable
store file.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-10 09:38:07 +02:00
Jiri Denemark
a1c0180d0e qemu: Transfer recomputed stats back to source
After the previous commit, migration statistics on the source and
destination hosts are not equal because the destination updated time
statistics. Let's send the result back so that the same data can be
queried on both sides of the migration.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-10 09:37:35 +02:00
Jiri Denemark
eaee338ae6 qemu: Recompute downtime and total time when migration completes
Total time of a migration and total downtime transfered from a source to
a destination host do not count with the transfer time to the
destination host and with the time elapsed before guest CPUs are
resumed. Thus, source libvirtd remembers when migration started and when
guest CPUs were paused. Both timestamps are transferred to destination
libvirtd which uses them to compute total migration time and total
downtime. Obviously, this requires the time to be synchronized between
the two hosts. The reported times are useless otherwise but they would
be equally useless if we didn't do this recomputation so don't lose
anything by doing it.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-10 09:37:34 +02:00
Jiri Denemark
5d6fb96338 qemu: Transfer migration statistics to destination
When migrating a transient domain or with VIR_MIGRATE_UNDEFINE_SOURCE
flag, the domain may disappear from source host. And so will migration
statistics associated with the domain. We need to transfer the
statistics at the end of a migration so that they can be queried at the
destination host.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-10 09:37:34 +02:00
Jiri Denemark
1ffff046ac qemu: Silence coverity on optional migration stats
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-10 09:37:34 +02:00
Jiri Denemark
3a8688162e Add support for fetching statistics of completed jobs
virDomainGetJobStats gains new VIR_DOMAIN_JOB_STATS_COMPLETED flag that
can be used to fetch statistics of a completed job rather than a
currently running job.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-10 09:37:34 +02:00
Jiri Denemark
4365247677 qemu: Avoid incrementing jobs_queued if virTimeMillisNow fails
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-10 09:37:33 +02:00
Jiri Denemark
6fcddfcd8f Refactor job statistics
Job statistics data were tracked in several structures and variables.
Let's make a new qemuDomainJobInfo structure which can be used as a
single source of statistics data as a preparation for storing data about
completed a job.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-10 09:37:33 +02:00
Martin Kletzander
1120c06b43 util: let virSetSockReuseAddr report unified error message
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-09-09 15:14:24 +02:00
Eric Blake
37588b2596 blockcopy: add a way to parse disk source
The new blockcopy API wants to reuse only a subset of the disk
hotplug parser - namely, we only care about the embedded
virStorageSourcePtr inside a <disk> XML.  Strange as it may
seem, it was easier to just parse an entire disk definition,
then throw away everything but the embedded source, than it
was to disentangle the source parsing code from the rest of
the overall disk parsing function.  All that I needed was a
couple of tweaks and a new internal flag that determines
whether the normally-mandatory target element can be
gracefully skipped, since everything else was already optional.

* src/conf/domain_conf.h (virDomainDiskSourceParse): New
prototype.
* src/conf/domain_conf.c (VIR_DOMAIN_XML_INTERNAL_DISK_SOURCE):
New flag.
(virDomainDiskDefParseXML): Honor flag to make target optional.
(virDomainDiskSourceParse): New function.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-08 15:50:39 -06:00
Erik Skultety
afb4c6b663 qemu: panic device: check for invalid address type
qemu now checks for invalid address type for a panic device, which is
currently implemented only to use ISA address type, thus rejecting
any other options, except for leaving XML attributes blank, in that case,
defaults are used (this behaviour remains the same from earlier verions).

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1138125

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-09-08 14:09:05 +02:00
Jiri Denemark
03890605dc qemu: Propagate QEMU errors during incoming migrations
When QEMU fails during incoming migration after we successfully started
it (i.e., during Perform or Finish phase), we report a rather unhelpful
message

    Unable to read from monitor: Connection reset by peer

We already have a code that takes error messages from QEMU's error
output but we disable it once QEMU successfully starts. This patch
postpones this until the end of Finish phase during incoming migration
so that we can report a much better error message:

    internal error: early end of file from monitor: possible problem:
    Unknown savevm section or instance '0000:00:05.0/virtio-balloon' 0
    load of migration failed

https://bugzilla.redhat.com/show_bug.cgi?id=1090093

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-08 13:33:44 +02:00
Peter Krempa
2990db96b6 qemu: snapshot: Simplify error paths
Return failure right away when the domain object can't be looked up
instead of jumping to cleanup. This allows to remove the condition
before unlocking the domain object.
2014-09-08 12:00:06 +02:00
Peter Krempa
d03044717d qemu: snapshot: Fix snapshot function header formatting and spacing 2014-09-08 11:58:03 +02:00
Jincheng Miao
a4065dc3e7 qemu: snapshot: Acquire job earlier on snapshot revert/delete
The code would lookup the snapshot object before acquiring the job. This
could lead to a crash as one thread could delete the snapshot object,
while a second thread already had the reference.

Signed-off-by: Jincheng Miao <jmiao@redhat.com>
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2014-09-08 11:51:33 +02:00
Peter Krempa
b3d2a42e80 qemu: snapshot: Fix job handling when creating snapshots
Creating snapshots modifies the domain state. Currently we wouldn't
enter the job for certain operations although they would modify the
state. Refactor job handling so that everything is covered by an async
job.
2014-09-08 11:49:46 +02:00
Peter Krempa
4be8855699 qemu: Rename DEFAULT_JOB_MASK to QEMU_DEFAULT_JOB_MASK
Be consistent with naming of private defines. Also line up code
correctly in few places where the macro is used.
2014-09-08 11:32:29 +02:00
Shivaprasad G Bhat
a48362cdfe selinux: Avoid label reservations for type = none
For security type='none' libvirt according to the docs should not
generate seclabel be it for selinux or any model. So, skip the
reservation of labels when type is none.

Signed-off-by: Shivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
2014-09-07 17:09:34 +02:00
Eric Blake
1069e3b90c blockcopy: remote implementation for new API
Fairly straightforward - I got lucky that the generated functions
worked out of the box :)

* src/remote/remote_protocol.x (remote_domain_block_copy_args):
New struct.
(REMOTE_PROC_DOMAIN_BLOCK_COPY): New RPC.
* src/remote/remote_driver.c (remote_driver): Wire it up.
* src/remote_protocol-structs: Regenerate.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-06 21:46:30 -06:00
Eric Blake
0e8bed8177 maint: update to latest gnulib
The usual portability fixes; and this includes a fix that adds
a new syntax check for double semicolons (commit 28de556 fixed
some, but gnulib found a better check).

* .gnulib: Update to latest.
* src/xenconfig/xen_common.c (xenFormatConfigCommon): Fix offender.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-06 19:14:43 -06:00
Pradipta Kr. Banerjee
119b6dfc40 storage_conf: Fix libvirtd crash when defining scsi storage pool
Since 9f781da69d

Resolve a libvirtd crash in virStoragePoolSourceFindDuplicate()
when there is an existing SCSI pool defined with adapter type as
'scsi_host' and defining a new SCSI pool with adapter type as
'fc_host' and parent attribute missing or vice versa.

For example, if there is an existing SCSI pool with adapter type
as 'scsi_host' defined using the following XML

<pool type='scsi'>
  <name>TEST_SCSI_POOL</name>
    <source>
       <adapter type='scsi_host' name='scsi_host1'/>
    </source>
    <target>
        <path>/dev/disk/by-path</path>
    </target>
</pool>

When defining another SCSI pool with adapter type as 'fc_host' using the
following XML will crash libvirtd

<pool type='scsi'>
  <name>TEST_SCSI_FC_POOL</name>
  <source>
     <adapter type='fc_host' wwnn='1234567890abcdef' wwpn='abcdef1234567890'/>
  </source>
  <target>
     <path>/dev/disk/by-path</path>
  </target>
</pool>

Same is true for the reverse case as well where there exists a SCSI pool
with adapter type as 'fc_host' and another SCSI pool is defined with
adapter type as 'scsi_host'.

This happens because for fc_host 'name' is optional attribute whereas for
scsi_host its mandatory. However the check in libvirt for finding duplicate
storage pools didn't take that into account while comparing

Signed-off-by: Pradipta Kr. Banerjee <bpradip@in.ibm.com>
2014-09-05 15:32:49 -04:00
Eric Blake
b7e73585a8 blockcopy: allow block device destination
To date, anyone performing a block copy and pivot ends up with
the destination being treated as <disk type='file'>.  While this
works for data access for a block device, it has at least one
noticeable shortcoming: virDomainGetBlockInfo() reports allocation
differently for block devices visited as files (the size of the
device) than for block devices visited as <disk type='block'>
(the maximum sector used, as reported by qemu); and this difference
is significant when trying to manage qcow2 format on block devices
that can be grown as needed.

Of course, the more powerful virDomainBlockCopy() API can already
express the ability to set the <disk> type.  But a new API can't
be backported, while a new flag to an existing API can; and it is
also rather inconvenient to have to resort to the full power of
generating XML when just adding a flag to the older call will do
the trick.  So this patch enhances blockcopy to let the user flag
when the resulting XML after the copy must list the device as
type='block'.

* include/libvirt/libvirt.h.in (VIR_DOMAIN_BLOCK_REBASE_COPY_DEV):
New flag.
* src/libvirt.c (virDomainBlockRebase): Document it.
* tools/virsh-domain.c (opts_block_copy, blockJobImpl): Add
--blockdev option.
* tools/virsh.pod (blockcopy): Document it.
* src/qemu/qemu_driver.c (qemuDomainBlockRebase): Allow new flag.
(qemuDomainBlockCopy): Remember the flag, and make sure it is only
used on actual block devices.
* tests/qemuxml2argvdata/qemuxml2argv-disk-mirror.xml: Test it.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-05 13:13:50 -06:00
Eric Blake
db33cc2494 blockjob: allow finer bandwidth tuning for query
While reviewing the new virDomainBlockCopy API, Peter Krempa
pointed out that our existing design of using MiB/s for block
job bandwidth is rather coarse, especially since qemu tracks
it in bytes/s; so virDomainBlockCopy only accepts bytes/s.
But once the new API is implemented for qemu, we will be in
the situation where it is possible to set a value that cannot
be accurately reflected back to the user, because the existing
virDomainGetBlockJobInfo defaults to the coarser units.

Fortunately, we have an escape hatch; and one that has already
served us well in the past: we can use the flags argument to
specify which scale to use (see virDomainBlockResize for prior
art).  This patch fixes the query side of the API; made easier
by previous patches that split the query side out from the
modification code.  Later patches will address the virsh
interface, as well retrofitting all other blockjob APIs to
also accept a flag for toggling bandwidth units.

* include/libvirt/libvirt.h.in (_virDomainBlockJobInfo)
(VIR_DOMAIN_BLOCK_COPY_BANDWIDTH): Document sizing issues.
(virDomainBlockJobInfoFlags): New enum.
* src/libvirt.c (virDomainGetBlockJobInfo): Document new flag.
* src/qemu/qemu_monitor.h (qemuMonitorBlockJobInfo): Add parameter.
* src/qemu/qemu_monitor.c (qemuMonitorBlockJobInfo): Likewise.
* src/qemu/qemu_monitor_json.h (qemuMonitorJSONBlockJobInfo):
Likewise.
* src/qemu/qemu_monitor_json.c (qemuMonitorJSONBlockJobInfo)
(qemuMonitorJSONGetBlockJobInfoOne): Likewise. Don't scale here.
* src/qemu/qemu_migration.c (qemuMigrationDriveMirror): Update
callers.
* src/qemu/qemu_driver.c (qemuDomainBlockPivot)
(qemuDomainBlockJobImpl): Likewise.
(qemuDomainGetBlockJobInfo): Likewise, and support new flag.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-05 11:20:12 -06:00
Eric Blake
fcbeb2e9d1 blockjob: add new monitor json conversions
The previous patch hoisted some bounds checks to the callers;
but someone that is not aware of the hoisted check could now
try passing an integer between LLONG_MAX and ULLONG_MAX.  As a
safety measure, add new json conversion modes that let libvirt
error out early instead of pass bad numbers to qemu, if the
caller ever makes a mistake due to later refactoring.

Convert the various blockjob QMP calls to use the new modes,
and switch some of them to be optional (QMP has always supported
an omitted "speed" the same as "speed":0, for everything except
block-job-set-speed).

* src/qemu/qemu_monitor_json.c (qemuMonitorJSONMakeCommandRaw):
Add 'j'/'y' and 'J'/'Y' to error out on negative input.
(qemuMonitorJSONDriveMirror, qemuMonitorJSONBlockCommit)
(qemuMonitorJSONBlockJob): Use it.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-05 10:48:45 -06:00
Eric Blake
08cc14f72c blockjob: hoist bandwidth scaling out of monitor code
qemu treats blockjob bandwidth as a 64-bit number, in the units
of bytes/second.  But we stupidly modeled block job bandwidth
after migration bandwidth, which in turn was an 'unsigned long'
and therefore subject to 32-bit vs. 64-bit interpretations, and
with a scale of MiB/s.  Our code already has to convert between
the two scales, and report overflow as appropriate; although
this conversion currently lives in the monitor code.  In fact,
our conversion code limited things to 63 bits, because we
checked against LLONG_MAX and reject what would be negative
bandwidth if treated as signed.

On the bright side, our use of MiB/s means that even with a
32-bit unsigned long, we still have no problem representing a
bandwidth of 2GiB/s, which is starting to be more feasible as
10-gigabit or even faster interfaces are used.  And once you
get past the physical speeds of existing interfaces, any larger
bandwidth number behaves the same - effectively unlimited.
But on the low side, the granularity of 1MiB/s tuning is rather
coarse.  So the new virDomainBlockJob API decided to go with
a direct 64-bit bytes/sec number instead of the scaled number
that prior blockjob APIs had used.  But there is no point in
rounding this number to MiB/s just to scale it back to bytes/s
for handing to qemu.

In order to make future code sharing possible between the old
virDomainBlockRebase and the new virDomainBlockCopy, this patch
moves the scaling and overflow detection into the driver code.
Several of the block job calls that can set speed are fed
through a common interface, so it was easier to adjust all block
jobs at once, for consistency.  This patch is just code motion;
there should be no user-visible change in behavior.

* src/qemu/qemu_monitor.h (qemuMonitorBlockJob)
(qemuMonitorBlockCommit, qemuMonitorDriveMirror): Change
parameter type and scale.
* src/qemu/qemu_monitor.c (qemuMonitorBlockJob)
(qemuMonitorBlockCommit, qemuMonitorDriveMirror): Move scaling
and overflow detection...
* src/qemu/qemu_driver.c (qemuDomainBlockJobImpl)
(qemuDomainBlockRebase, qemuDomainBlockCommit): ...here.
(qemuDomainBlockCopy): Use bytes/sec.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-05 10:42:07 -06:00
Eric Blake
ced813652b blockjob: split out block info monitor handling
Another layer of overly-multiplexed code that deserves to be
split into obviously separate paths for query vs. modify.
This continues the cleanup started in commit cefe0ba.

In the process, make some tweaks to simplify the logic when
parsing the JSON reply.  There should be no user-visible
semantic changes.

* src/qemu/qemu_monitor.h (qemuMonitorBlockJob): Drop parameter.
(qemuMonitorBlockJobInfo): New prototype.
(BLOCK_JOB_INFO): Drop enum.
* src/qemu/qemu_monitor_json.h (qemuMonitorJSONBlockJob)
(qemuMonitorJSONBlockJobInfo): Likewise.
* src/qemu/qemu_monitor.c (qemuMonitorBlockJob): Split...
(qemuMonitorBlockJobInfo): ...into second function.
* src/qemu/qemu_monitor_json.c (qemuMonitorJSONBlockJob): Move
block info portions...
(qemuMonitorJSONGetBlockJobInfo): ...here, and rename...
(qemuMonitorJSONBlockJobInfo): ...and export.
(qemuMonitorJSONGetBlockJobInfoOne): Alter return semantics.
* src/qemu/qemu_driver.c (qemuDomainBlockPivot)
(qemuDomainBlockJobImpl, qemuDomainGetBlockJobInfo): Adjust
callers.
* src/qemu/qemu_migration.c (qemuMigrationDriveMirror)
(qemuMigrationCancelDriveMirror): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-05 10:37:08 -06:00
Ján Tomko
de0aeafe9c Don't include non-migratable features in host-model
Commit fba6bc4 introduced support for the 'invtsc' feature,
which blocks migration. We should not include it in the
host-model CPU by default, because it's intended to be used
with migration.

https://bugzilla.redhat.com/show_bug.cgi?id=1138221
2014-09-05 12:45:19 +02:00
Michal Privoznik
d869a6ea03 conf: Fix even implicit labels
https://bugzilla.redhat.com/show_bug.cgi?id=1027096#c8

There are two ways in which security model can make it way into
<seclabel/>. One is as the @model attribute, the second one is
via security_driver knob in qemu.conf. Then, while parsing
<seclabel/> several checks and fix ups of old, stale combinations
are performed. However, iff @model is specified. They are not
done in the latter case. So it's still possible to feed libvirt
with senseless combinations (if qemu.conf is adjusted correctly).

One example of a seclabel that needs some adjustment (in case
security_driver=none in qemu.conf) is:

    <seclabel type='dynamic' relabel='yes'/>

The fixup code is copied from virSecurityLabelDefParseXML
(covering the former case) into virSecurityLabelDefsParseXML
(which handles the latter case).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-05 08:35:34 +02:00
Eric Blake
cefe0ba3db blockjob: split out block info driver handling
The qemu implementation for virDomainGetBlockJobInfo() has a
minor bug: it grabs the qemu job with intent to QEMU_JOB_MODIFY,
which means it cannot be run in parallel with any other
domain-modifying command.  Among others, virDomainBlockJobAbort()
is such a modifying command, and it defaults to being
synchronous, and can wait as long as several seconds to ensure
that the job has actually finished.  Due to the job rules, this
means a user cannot obtain status about the job during that
timeframe, even though we know that some client management code
exists which is using a polling loop on status to see when a job
finishes.

This bug has been present ever since blockpull support was first
introduced (commit b976165, v0.9.4 in Jul 2011), all because we
stupidly tried to cram too much multiplexing through a single
helper routine, but was made worse in 97c59b9 (v1.2.7) when
BlockJobAbort was fixed to wait longer.  It's time to disentangle
some of the mess in qemuDomainBlockJobImpl, and in the process
relax block job query to use QEMU_JOB_QUERY, since it can safely
be used in parallel with any long running modify command.

Technically, there is one case where getting block job info can
modify domain XML - we do snooping to see if a 2-phase job has
transitioned into the second phase, for an optimization in the
case of old qemu that lacked an event for the transition.  I
claim this optimization is safe (the jobs are all about modifying
qemu state, not necessarily xml state); but if it proves to be
a problem, we could use the difference between the capabilities
QEMU_CAPS_BLOCKJOB_{ASYNC,SYNC} to determine whether we even
need snooping, and only request a modifying job in the case of
older qemu.

* src/qemu/qemu_driver.c (qemuDomainBlockJobImpl): Move info
handling...
(qemuDomainGetBlockJobInfo): ...here, and relax job type.
(qemuDomainBlockJobAbort, qemuDomainBlockJobSetSpeed)
(qemuDomainBlockRebase, qemuDomainBlockPull): Adjust callers.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-04 17:46:35 -06:00
Eric Blake
02d2bd7d91 blockjob: shuffle block rebase code
The existing virDomainBlockRebase code rejected the combination of
_RELATIVE and _COPY flags, but only by accident.  It makes sense
to add support for the combination someday, at least for the case
of _SHALLOW and not _REUSE_EXT; but to implement it, libvirt would
have to pre-create the file with a relative backing name, and I'm
not ready to code that in yet.

Meanwhile, the code to forward on to the block copy code is getting
longer, and reorganizing the function to have the block pull done
early makes it easier to add even more block copy prep code.

This patch should have no semantic difference other than the quality
of the error message on the unsupported flag combination.  Pre-patch:

error: unsupported flags (0x10) in function qemuDomainBlockCopy

Post-patch:

error: argument unsupported: Relative backing during copy not supported yet

* src/qemu/qemu_driver.c (qemuDomainBlockRebase): Reorder code,
and improve error message of relative copy.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-04 17:23:33 -06:00
Eric Blake
625e04a86e maint: use hanging curly braces
Our style overwhelmingly uses hanging braces (the open brace
hangs at the end of the compound condition, rather than on
its own line), with the primary exception of the top level function
body.  Fix the few remaining outliers, before adding a syntax
check in a later patch.

* src/interface/interface_backend_netcf.c (netcfStateReload)
(netcfInterfaceClose, netcf_to_vir_err): Correct use of { in
compound statement.
* src/conf/domain_conf.c (virDomainHostdevDefFormatSubsys)
(virDomainHostdevDefFormatCaps): Likewise.
* src/network/bridge_driver.c (networkAllocateActualDevice):
Likewise.
* src/util/virfile.c (virBuildPathInternal): Likewise.
* src/util/virnetdev.c (virNetDevGetVirtualFunctions): Likewise.
* src/util/virnetdevmacvlan.c
(virNetDevMacVLanVPortProfileCallback): Likewise.
* src/util/virtypedparam.c (virTypedParameterAssign): Likewise.
* src/util/virutil.c (virGetWin32DirectoryRoot)
(virFileWaitForDevices): Likewise.
* src/vbox/vbox_common.c (vboxDumpNetwork): Likewise.
* tests/seclabeltest.c (main): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-04 15:18:43 -06:00
Eric Blake
d194d6e7e6 maint: use consistent if-else braces in remaining spots
I'm about to add a syntax check that enforces our documented
HACKING style of always using matching {} on if-else statements.

This patch focuses on all remaining problems, where there weren't
enough issues to warrant splitting it further.

* src/remote/remote_driver.c (doRemoteOpen): Correct use of {}.
* src/security/virt-aa-helper.c (vah_add_path, valid_path, main):
Likewise.
* src/rpc/virnetsocket.c (virNetSocketNewConnectLibSSH2):
Likewise.
* src/esx/esx_vi_types.c (esxVI_Type_FromString): Likewise.
* src/uml/uml_driver.c (umlDomainDetachDevice): Likewise.
* src/util/viralloc.c (virShrinkN): Likewise.
* src/util/virbuffer.c (virBufferURIEncodeString): Likewise.
* src/util/virdbus.c (virDBusCall): Likewise.
* src/util/virnetdev.c (virNetDevValidateConfig): Likewise.
* src/util/virnetdevvportprofile.c
(virNetDevVPortProfileGetNthParent): Likewise.
* src/util/virpci.c (virPCIDeviceIterDevices)
(virPCIDeviceWaitForCleanup)
(virPCIDeviceIsBehindSwitchLackingACS): Likewise.
* src/util/virsocketaddr.c (virSocketAddrGetNumNetmaskBits):
Likewise.
* src/util/viruri.c (virURIParseParams): Likewise.
* daemon/stream.c (daemonStreamHandleAbort): Likewise.
* tests/testutils.c (virtTestResult): Likewise.
* tests/cputest.c (cpuTestBaseline): Likewise.
* tools/virsh-domain.c (cmdDomPMSuspend): Likewise.
* tools/virsh-host.c (cmdNodeSuspend): Likewise.
* src/esx/esx_vi_generator.py (Type.generate_typefromstring):
Tweak generated code.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-04 14:34:03 -06:00
Eric Blake
279b1b106d maint: use consistent if-else braces in lxc, vbox, phyp
I'm about to add a syntax check that enforces our documented
HACKING style of always using matching {} on if-else statements.

This patch focuses on drivers that had several issues.

* src/lxc/lxc_fuse.c (lxcProcGetattr, lxcProcReadMeminfo): Correct
use of {}.
* src/lxc/lxc_driver.c (lxcDomainMergeBlkioDevice): Likewise.
* src/phyp/phyp_driver.c (phypConnectNumOfDomainsGeneric)
(phypUUIDTable_Init, openSSHSession, phypStoragePoolListVolumes)
(phypConnectListStoragePools, phypDomainSetVcpusFlags)
(phypStorageVolGetXMLDesc, phypStoragePoolGetXMLDesc)
(phypConnectListDefinedDomains): Likewise.
* src/vbox/vbox_common.c (vboxAttachSound, vboxDumpDisplay)
(vboxDomainRevertToSnapshot, vboxDomainSnapshotDelete): Likewise.
* src/vbox/vbox_tmpl.c (vboxStorageVolGetXMLDesc): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-04 08:53:21 -06:00
Eric Blake
fb6d650717 maint: use consistent if-else braces in xen and friends
I'm about to add a syntax check that enforces our documented
HACKING style of always using matching {} on if-else statements.

This patch focuses on code related to xen.

* src/libxl/libxl_conf.c (libxlCapsInitGuests)
(libxlMakeDomBuildInfo): Correct use of {}.
* src/xen/xen_hypervisor.c (virXen_getvcpusinfo)
(xenHypervisorMakeCapabilitiesInternal): Likewise.
* src/xen/xend_internal.c (xenDaemonOpen)
(xenDaemonDomainMigratePerform, xend_detect_config_version)
(xenDaemonDetachDeviceFlags, xenDaemonDomainMigratePerform)
(xenDaemonDomainBlockPeek): Likewise.
* src/xenapi/xenapi_driver.c (xenapiConnectListDomains)
(xenapiDomainLookupByUUID, xenapiDomainGetOSType): Likewise.
* src/xenconfig/xen_common.c (xenParseCPUFeatures, xenFormatNet):
Likewise.
* src/xenconfig/xen_sxpr.c (xenParseSxpr, xenFormatSxprNet)
(xenFormatSxpr): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-04 08:53:21 -06:00
Eric Blake
44e30277d8 maint: use consistent if-else braces in qemu
I'm about to add a syntax check that enforces our documented
HACKING style of always using matching {} on if-else statements.

This commit focuses on the qemu driver.

* src/qemu/qemu_command.c (qemuParseISCSIString)
(qemuParseCommandLineDisk, qemuParseCommandLine)
(qemuBuildSmpArgStr, qemuBuildCommandLine)
(qemuParseCommandLineDisk, qemuParseCommandLineSmp): Correct use
of {}.
* src/qemu/qemu_capabilities.c (virQEMUCapsProbeCPUModels):
Likewise.
* src/qemu/qemu_driver.c (qemuDomainCoreDumpWithFormat)
(qemuDomainRestoreFlags, qemuDomainGetInfo)
(qemuDomainMergeBlkioDevice): Likewise.
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
* src/qemu/qemu_monitor_text.c (qemuMonitorTextCreateSnapshot)
(qemuMonitorTextLoadSnapshot, qemuMonitorTextDeleteSnapshot):
Likewise.
* src/qemu/qemu_process.c (qemuProcessStop): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-04 08:53:21 -06:00
Eric Blake
ff78ff7c93 maint: use consistent if-else braces in conf and friends
I'm about to add a syntax check that enforces our documented
HACKING style of always using matching {} on if-else statements.

This patch focuses on code shared between multiple drivers.

* src/conf/domain_conf.c (virDomainFSDefParseXML)
(virSysinfoParseXML, virDomainNetDefParseXML)
(virDomainWatchdogDefParseXML)
(virDomainRedirFilterUSBDevDefParseXML): Correct use of {}.
* src/conf/interface_conf.c (virInterfaceDefParseDhcp)
(virInterfaceDefParseIp, virInterfaceVlanDefFormat)
(virInterfaceDefParseStartMode, virInterfaceDefParseBondMode)
(virInterfaceDefParseBondMiiCarrier)
(virInterfaceDefParseBondArpValid): Likewise.
* src/conf/node_device_conf.c (virNodeDevCapStorageParseXML):
Likewise.
* src/conf/nwfilter_conf.c (virNWFilterRuleDetailsParse)
(virNWFilterRuleParse, virNWFilterDefParseXML): Likewise.
* src/conf/secret_conf.c (secretXMLParseNode): Likewise.
* src/cpu/cpu_x86.c (x86Baseline, x86FeatureLoad, x86ModelLoad):
Likewise.
* src/network/bridge_driver.c (networkKillDaemon)
(networkDnsmasqConfContents): Likewise.
* src/node_device/node_device_hal.c (dev_refresh): Likewise.
* src/nwfilter/nwfilter_gentech_driver.c (virNWFilterInstantiate):
Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c
(_iptablesCreateRuleInstance): Likewise.
* src/storage/storage_backend_disk.c
(virStorageBackendDiskBuildPool): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-04 08:53:21 -06:00
Chen Hanxiao
3020594ac5 LXC: add HOME environment variable
We lacked of HOME environment variable,
set 'HOME=/' as default.

The kernel sets up $HOME for the init process.
Therefore any init can assume that $HOME is set.
libvirt currently violates that implicit rule.

Signed-off-by: Chen Hanxiao <chenhanxiao@cn.fujitsu.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-04 08:40:15 -06:00
Giuseppe Scrivano
ab22096710 security: fix DH key generation when FIPS mode is on
When FIPS mode is on, gnutls_dh_params_generate2 will fail if 1024 is
specified as the prime's number of bits, a bigger value works in both
cases.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2014-09-04 11:56:36 +02:00
Wang Rui
5bb47e0ca7 lxc_container: Resolve Coverity RESOURCE_LEAK
Memory is allocated for 'mnt_src' by VIR_STRDUP in the loop. Next
loop it will be allocated again. So we need to free 'mnt_src'
before continue the loop.

Signed-off-by: Wang Rui <moon.wangrui@huawei.com>
2014-09-03 15:01:11 -04:00
Wang Rui
d01a062be6 vircgroup: Resolve Coverity RESOURCE_LEAK
Need to free 'root' and 'opts' before 'return -1' if symlink fails.

Signed-off-by: Wang Rui <moon.wangrui@huawei.com>
2014-09-03 15:00:19 -04:00
Wang Rui
4f2ad084bc qemu_process: Resolve Coverity RESOURCE_LEAK
If virSecurityManagerClearSocketLabel() fails, 'agent' won't
be freed before jumping to cleanup.

Signed-off-by: Wang Rui <moon.wangrui@huawei.com>
2014-09-03 15:00:19 -04:00
Martin Kletzander
e9f6937454 util: don't shadow global umask declaration
Commit 0e1a1a8c introduced umask for virCommand, but the variables
used emit a warning on older compilers about shadowed global
declaration.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-09-03 15:39:15 +02:00
Jiri Denemark
760cf5d30e sanlock: Avoid freeing uninitialized value
https://bugzilla.redhat.com/show_bug.cgi?id=1136788
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-03 15:22:10 +02:00
Chunyan Liu
0e1a1a8c47 qemu: ensure sane umask for qemu process
Add umask to _virCommand, allow user to set umask to command.
Set umask(002) to qemu process to overwrite the default umask
of 022 set by many distros, so that unix sockets created for
virtio-serial has expected permissions.

Fix problem reported here:
https://sourceware.org/bugzilla/show_bug.cgi?id=13078#c11
https://bugzilla.novell.com/show_bug.cgi?id=888166

To use virtio-serial device, unix socket created for chardev with
default umask(022) has insufficient permissions.
e.g.:
-device virtio-serial \
-chardev socket,path=/tmp/foo,server,nowait,id=foo \
-device virtserialport,chardev=foo,name=org.fedoraproject.port.0

srwxr-xr-x 1 qemu qemu 0 21. Jul 14:19 /tmp/somefile.sock

Other users in the same group (like real user, test engines, etc)
cannot write to this socket.

Signed-off-by: Chunyan Liu <cyliu@suse.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-03 05:58:15 -06:00
Peter Krempa
137d0165cd remote: Fix memory leak on error path when deserializing bulk stats
The 'elem' variable along with the domain object would be leaked when
taking the error path.

Found by coverity.
2014-09-02 15:16:47 +02:00
Matthew Rosato
7199d2c523 util: Introduce flags field for macvtap creation
Currently, there is one flag passed in during macvtap creation
(withTap) -- Let's convert this field to an unsigned int flag
field for future expansion.

Signed-off-by: Matthew Rosato <mjrosato@linux.vnet.ibm.com>
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-09-02 13:34:32 +02:00
Ján Tomko
628c2255a9 Free ifname in testDomainGenerateIfnames
https://bugzilla.redhat.com/show_bug.cgi?id=1135388
2014-09-02 11:57:39 +02:00
Martin Kletzander
a443193139 selinux: properly label tap FDs with imagelabel
The cleanup in commit cf976d9d used secdef->label to label the tap
FDs, but that is not possible since it's process-only label (svirt_t)
and not a object label (e.g. svirt_image_t).  Starting a domain failed
with EPERM, but simply using secdef->imagelabel instead of
secdef->label fixes it.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-09-01 15:36:23 +02:00
Christophe Fergeau
0f03ca6d29 Fix connection to already running session libvirtd
Since 1b807f92, connecting with virsh to an already running session
libvirtd fails with:
$ virsh list --all
error: failed to connect to the hypervisor
error: no valid connection
error: Failed to connect socket to
'/run/user/1000/libvirt/libvirt-sock': Transport endpoint is already
connected

This is caused by a logic error in virNetSocketNewConnectUnix: even if
the connection to the daemon socket succeeded, we still try to spawn the
daemon and then connect to it.
This commit changes the logic to not try to spawn libvirtd if we
successfully connected to its socket.

Most of this commit is whitespace changes, use of -w is recommended to
look at it.
2014-09-01 11:20:32 +02:00
Roman Bogorodskiy
c4d2a10238 storage: zfs: fix double listing of new volumes
Currently, after calling commands to create a new volumes,
virStorageBackendZFSCreateVol calls virStorageBackendZFSFindVols that
calls virStorageBackendZFSParseVol.

virStorageBackendZFSParseVol checks if a volume already exists by
trying to get it using virStorageVolDefFindByName.

For a just created volume it returns NULL, so volume is reported as
new and appended to pool->volumes. This causes a volume to be listed
twice as storageVolCreateXML appends this new volume to the list as
well.

Fix that by passing a new volume definition to
virStorageBackendZFSParseVol so it could determine if it needs to add
this volume to the list.
2014-08-29 20:45:42 +04:00
John Ferlan
5c0dad7b39 qemu_driver: Resolve Coverity FORWARD_NULL
In qemuDomainSnapshotCreateDiskActive() if we jumped to cleanup from a
failed actions = virJSONValueNewArray(), then 'cfg' would be NULL.

So just return -1, which in turn removes the need for cleanup:
2014-08-28 19:18:52 -04:00
John Ferlan
e387f4c1f1 virnetserverservice: Resolve Coverity ARRAY_VS_SINGLETON
Coverity complained about the following:

(3) Event ptr_arith:
   Performing pointer arithmetic on "cur_fd" in expression "cur_fd++".
130             return virNetServerServiceNewFD(*cur_fd++,

The complaint is that pointer arithmetic taking place instead of the
expected auto increment of the variable...  Adding some well placed
parentheses ensures our order of operation.
2014-08-28 19:18:37 -04:00
John Ferlan
ef8da2ad11 qemu: Allow use of iothreads for disk definitions
For virtio-blk-pci disks with the disk iothread attribute that are
running the correct emulator, add the "iothread=iothread#" to the
-device command line in order to enable iothreads for the disk as
long as the command is available, the disk iothread value provided is
valid, and is supported for the disk device being added
2014-08-28 16:27:54 -04:00
John Ferlan
e2523de554 domain_conf: Add support for iothreads in disk definition
Add a new disk "driver" attribute "iothread" to be parsed as the thread
number for the disk to use. In order to more easily facilitate the usage
and configuration of the iothread, a "zero" for the attribute indicates
iothreads are not supported for the device and a positive value indicates
the specific thread to try and use.
2014-08-28 16:27:54 -04:00
John Ferlan
72edaae78f qemu: Add support for iothreads
Add a new capability to ensure the iothreads feature exists for the qemu
emulator being run - requires the "query-iothreads" QMP command. Using the
domain XML add correspoding command argument in order to generate the
threads. The iothreads will use a name space "iothread#" where, the
future patch to add support for using an iothread to a disk definition to
merely define which of the available threads to use.

Add tests to ensure the xml/argv processing is correct.  Note that no
change was made to qemuargv2xmltest.c as processing the -object element
would require knowing more than just iothreads.
2014-08-28 16:27:53 -04:00
John Ferlan
ee3a9620da domain_conf: Introduce iothreads XML
Introduce XML to allowing adding iothreads to the domain. These can be
used by virtio-blk-pci devices in order to assign a specific thread to
handle the workload for the device.  The iothreads are the official
implementation of the virtio-blk Data Plane that's been in tech preview
for QEMU.
2014-08-28 16:27:53 -04:00
John Ferlan
0322643ed5 libxl_migration: Resolve Coverity NULL_RETURNS
Coverity noted that all callers to libxlDomainEventQueue() could ensure
the second parameter (event) was true before calling except this case.
As I look at the code and how events are used - it seems that prior to
generating an event for the dom == NULL condition, the resume/suspend
event should be queue'd after the virDomainSaveStatus() call which will
goto cleanup and queue the saved event anyway.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2014-08-28 14:59:56 -04:00
Peter Krempa
d1bde8eda3 qemu: Implement bulk stats API and one of the stats groups to return
Implement the API function for virDomainListGetStats and
virConnectGetAllDomainStats in a modular way and implement the
VIR_DOMAIN_STATS_STATE group of statistics.

Although it may look like the function looks universal I'd rather not
expose it to other drivers as the coming stats groups are likely to do
qemu specific stuff to obtain the stats.
2014-08-28 14:59:08 +02:00
John Ferlan
84bfb11b69 qemu_command: Resolve Coverity DEADCODE
One useless warning, but the other one rather pertinent. On entry
the 'trans' variable is initialized to VIR_DOMAIN_DISK_TRANS_DEFAULT.
When the "trans" was found in the parsing loop it def->geometry.trans
was assigned to the return from virDomainDiskGeometryTransTypeFromString
and then 'trans' was used to do the comparison to see if it was valid.

So remove 'trans' and use def->geometry.trans properly
2014-08-28 08:12:17 -04:00
John Ferlan
ec10ff9eb9 qemu_driver: Resolve Coverity DEADCODE
A bunch of false positives brought on by our own doings
2014-08-28 08:12:17 -04:00
John Ferlan
dad6ef18aa domain_conf: Resolve Coverity DEADCODE
A bunch of a useless warnings brought on by our own doing.
2014-08-28 08:12:17 -04:00
John Ferlan
ee8b6245e9 qemu_monitor: Resolve Coverity NESTING_INDENT_MISMATCH
The PROBE macro can expand to more than one line/statement - put curly
braces around the if statement to be safe
2014-08-28 08:12:17 -04:00
John Ferlan
91a60a560f storage_conf: Resolve Coverity RESOURCE_LEAK
If there was a failure processing 'authdef' and the code went to cleanup
before the setting to source->auth, then it'd be leaked.
2014-08-28 08:12:17 -04:00
John Ferlan
69e433bc22 qemu_driver: Resolve Coverity RESOURCE_LEAK
Coverity found that the 'buf' wasn't VIR_FREE'd at exit.
2014-08-28 08:12:17 -04:00
John Ferlan
bc9929958d phyp_driver: Resolve Coverity RESOURCE_LEAK
Coverity determines that when jumping to the connected: label, the
addressinfo (ai) is not free'd.
2014-08-28 08:12:17 -04:00
John Ferlan
ad4966d91a libxl_migration: Resolve Coverity RESOURCE_LEAK
In libxlDomainMigrationPrepare() if the uri_in is false, then
'hostname' is allocated and used "generically" in the routine,
but not freed.  Conversely, if uri_in is true, then a uri is
allocated and hostname is set to the uri->hostname value and
likewise generically used.

At function exit, hostname wasn't free'd in the !uri_in path,
so that was added.  To just make it clearer on usage the else
path became the call to virURIFree() although I suppose technically
it didn't have to since it would be a call using (NULL)
2014-08-28 08:12:16 -04:00
John Ferlan
2a4e26bdc1 bridge_driver: Resolve Coverity RESOURCE_LEAK
In the error path the 'ipaddr' wasn't VIR_FREE'd before jumping to cleanup
2014-08-28 08:12:16 -04:00
John Ferlan
0cec79b91b network_conf: Resolve Coverity RESOURCE_LEAK
Need to VIR_FREE the startip/endip we allocated for the error message
2014-08-28 08:12:16 -04:00
John Ferlan
2f7ced36e6 qemu_capabilities: Resolve Coverity RESOURCE_LEAK
Coverity determined that on error path that 'mach' wouldn't be free'd
Since virCapabilitiesFreeGuestMachine() isn't globally available, we'll
insert first and then if the VIR_STRDUP's fail they it will eventually
cause the 'mach' to be freed in the error path
2014-08-28 08:12:16 -04:00
John Ferlan
2cc03c8050 libxl_domain: Resolve Coverity RESOURCE_LEAK
On the error path need to free the chrdef
2014-08-28 08:12:16 -04:00
John Ferlan
6f8a4f6d65 qemu_agent: Resolve Coverity RESOURCE_LEAK
Coverity found that on error paths, the 'arg' value wasn't be cleaned
up. Followed the example in qemuAgentSetVCPUs() where upon successful call
to qemuAgentCommand() the 'cpus' is set to NULL; otherwise, when cleanup
occurs the free the memory for 'arg'
2014-08-28 08:12:16 -04:00
John Ferlan
461fb55599 qemu_command: Resolve Coverity RESOURCE_LEAK
In qemuParseISCSIString() if an error was returned, then the call
to qemuParseDriveURIString() where the uri is free'd wouldn't be run
2014-08-28 08:12:16 -04:00
John Ferlan
be7b82a283 cpu_x86: Resolve Coverity RESOURCE_LEAK
Coverity determined that the copied 'oldguest' would be leaked for
both error and success paths.
2014-08-28 08:12:16 -04:00
John Ferlan
f9c827e383 domain_conf: Resolve Coverity RESOURCE_LEAK
Resolve a few RESOURCE_LEAK's identified by Coverity
2014-08-28 08:12:10 -04:00
Wang Rui
6781d5b5a8 qemu_capabilities: Resolve Coverity RESOURCE_LEAK
In function virQEMUCapsParseMachineTypesStr, VIR_STRNDUP allocates
memory for 'name' in {do,while} loop. If 'name' isn't freed before
'continue', its memory will be allocated again in the next loop.
In this case the memory allocated for 'name' in privious loop is
useless and not freed. Free it before continue this loop to fix that.

Signed-off-by: Wang Rui <moon.wangrui@huawei.com>
2014-08-28 12:52:42 +02:00
Wang Rui
8879185cce util: Resolve Coverity RESOURCE_LEAK
Coverity determined that 'conflict' would be leaked.

Signed-off-by: Wang Rui <moon.wangrui@huawei.com>
2014-08-28 12:52:42 +02:00
Peter Krempa
89a706681c remote: Implement bulk domain stats APIs in the remote driver
Implement the remote driver support for shuffling the domain stats
around.
2014-08-28 11:59:21 +02:00
Peter Krempa
1438807b7e lib: Add few flags for the bulk stats APIs
Add domain list filtering functions and a flag to enforce checking
whether the remote daemon supports the requested stats groups.
2014-08-28 11:31:38 +02:00
Peter Krempa
e41512246c conf: Add helper to free domain list
Add helper to free a list of virDomainPtrs without raising or clearing
errors. Use it in one place and prepare it for reuse.
2014-08-28 11:18:29 +02:00
John Ferlan
cabebc0c56 qemu_capabilities: Resolve Coverity NULL_RETURNS
Adjust the initialization of qemuCaps() to check for a NULL before
attempting to dereference like other callers/users do.
2014-08-27 12:52:54 -04:00
John Ferlan
9d7254de43 qemu_driver: Resolve Coverity CONSTANT_EXPRESSION_RESULT
The call to virDomainSnapshotRedefinePrep() had a spurrious ! in front of
it which caused Coverity to complan that the expression is always false.
2014-08-27 12:52:27 -04:00
John Ferlan
0c5ca98597 domain_conf: Resolve Coverity REVERSE_INULL
Coverity complains that checking for domain->def being non NULL in the
if (live) path of virDomainObjAssignDef() would be unnecessary or a
NULL deref since the call to virDomainObjIsActive() would already
dereference domain->def when checking if the def->id field was != -1.

Checked all callers to virDomainObjAssignDef() and each at some point
dereferences (vm)->def->{field} prior to calling when live is true.
2014-08-27 12:52:27 -04:00
John Ferlan
39b9c12148 qemu_command: Resolve Coverity REVERSE_INULL
In qemuNetworkIfaceConnect() a call to virNetDevBandwidthSet() is
made where the function prototype requires the first parameter
(net->ifname) to be non NULL.  Coverity complains that the subsequent
non NULL check for net->ifname prior to the next call gets flagged as
an unnecessary check.  Resolve by removing the extra check
2014-08-27 12:52:27 -04:00
John Ferlan
9ba04deca6 domain_conf: Resolve Coverity REVERSE_INULL
In virDomainActualNetDefFormat() a call to virDomainNetGetActualType(def)
was made before a check for (!def) a few lines later. This triggered
Coverity to note the possible NULL deref.  Just moving the initialization
to after the !def checks resolves the issue
2014-08-27 12:52:27 -04:00
John Ferlan
bab35f7419 storage_driver: Resolve Coverity REVERSE_INULL
There were two occurrances of attempting to initialize actualType by
calling virStorageSourceGetActualType(src) prior to a check if (!src)
resulting in Coverity complaining about the possible NULL dereference
in virStorageSourceGetActualType() of src.

Resolve by moving the actualType setting until after checking !src
2014-08-27 12:52:27 -04:00
John Ferlan
cfbbeb36cf xen_xm: Resolve Coverity USE_AFTER_FREE
If virDomainDiskDefFree(disk) is called in 'skipdisk:', then it's possible
to either return to skipdisk without reallocating a new disk (via the if
condition just prior) or to end the loop having deleted the disk. Since
virDomainDiskDefFree() does not pass by reference, disk isn't changed in
this context, thus the possible issue.
2014-08-27 12:52:27 -04:00
John Ferlan
0454f23c31 xen_common: Resolve Coverity USE_AFTER_FREE
There were two warnings in this module

  If the VIR_ALLOC_N(def->serials, 1) fails, then a virDomainChrDefFree(chr)
  is called and we jump to cleanup which makes the same call. Just remove
  the one after VIR_ALLOC_N()

  In the label "skipnic:" a virDomainNetDefFree(net) is made; however, if
  in going back to the top of the loop we jump back down to skipnic for any
  reason, the call will attempt to free an already freed structure since
  "net" was not passed by reference to virDomainNetDefFree().  Just set
  net = NULL in skipnic: to resolve the issue.
2014-08-27 12:52:27 -04:00
John Ferlan
0da9a8a8bf parallels: Resolve Coverity USE_AFTER_FREE
Coverity complains that calling virNetworkDefFree(def), then jumping
to the cleanup: label which calls virNetworkDefFree(def) could result
in a double_free.  Just remove the call from the if statement.
2014-08-27 12:52:26 -04:00
Martin Kletzander
a6a210b879 conf: fix leak with def->mem.hugepages
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-08-27 15:40:37 +02:00
Michal Privoznik
dbb4cbf532 vbox: Register per partes
Since times when vbox moved to the daemon (due to some licensing
issue) the subdrivers that vbox implements were registered, but not
opened since our generic subdrivers took priority. I've tried to fix
this in 65b7d553f3 but it was not correct. Apparently moving
vbox driver registration upfront changes the default connection URI
which makes some users sad. So, this commit breaks vbox into pieces
and register vbox's network and storage drivers first, and vbox driver
then at the end. This way, the vbox driver is registered in the order
it always was, but its subdrivers are registered prior the generic
ones.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-08-27 08:05:25 +02:00
Michal Privoznik
27d59ab7cd virDriverLoadModule: Honor libvirt func name tranlsation
There's this unwritten rule in libvirt that vir_function is translated
into virFunction when needed (e.g. in remote protocol definition,
python, ...). Up till now we ignored such translation in driver module
loading and did fine. Well, we didn't have any module with an
underscore in its name. But this will change in next commit. The
problem is, once an a module is dlopen()-ed, we derive register
function name from its name. So instead of "driver_subdriverRegister"
do some magic to turn that into "driverSubdriverRegister".

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-08-27 07:41:48 +02:00
Eric Blake
79f4c4e694 domain_conf: fix internal flag verification
While working on virDomainBlockCopy, I noticed we had a verify()
concerning internal XML flags that was incomplete after several
recent flag additions; move that up higher in the code to make it
harder to forget to modify on the next flag addition.  Adjust
some formatting while at it.

* src/conf/domain_conf.c (verify): Move closer to internal flag
definitions.  Cover missing flags ALLOW_ROM and ALLOW_BOOT.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-08-26 22:34:03 -06:00
Jincheng Miao
03b994fac0 qemu: call endjob in RevertToSnapshot
In qemuDomainRevertToSnapshot(), it will check snap->def->state.
But when the state is PMSUSPENDED/NOSTATE/BLOCKED, it forgets to
call qemuDomainObjEndJob.

https://bugzilla.redhat.com/show_bug.cgi?id=1134154
Bug introduced in commit 1e833899.

Signed-off-by: Jincheng Miao <jmiao@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-08-26 21:11:16 -06:00
Eric Blake
b259e459b9 API: Tweak virDomainOpenGraphics to return fd directly
Let's fix this before we bake in a painful API.  Since we know
that we have exactly one non-negative fd on success, we might
as well return the fd directly instead of forcing the user to
pass in a pointer.  Furthermore, I found some memory and fd
leaks while reviewing the code - the idea is that on success,
libvirtd will have handed two fds in two different directions:
one to qemu, and one to the RPC client.

* include/libvirt/libvirt.h.in (virDomainOpenGraphicsFD): Drop
unneeded parameter.
* src/driver.h (virDrvDomainOpenGraphicsFD): Likewise.
* src/libvirt.c (virDomainOpenGraphicsFD): Adjust interface to
return fd directly.
* daemon/remote.c (remoteDispatchDomainOpenGraphicsFd): Adjust
semantics.
* src/qemu/qemu_driver.c (qemuDomainOpenGraphicsFD): Likewise,
and plug fd leak.
* src/remote/remote_driver.c (remoteDomainOpenGraphicsFD):
Likewise, and plug memory and fd leak.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-08-26 16:36:32 -06:00