Commit Graph

2132 Commits

Author SHA1 Message Date
Cédric Bosdonnat
433b427ff8 ip link needs 'name' in 3.16 to create the veth pair
Due to a change (or bug?) in ip link implementation, the command
    'ip link add vnet0...'
is forced into
    'ip link add name vnet0...'
The changed command also works on older versions of iproute2, just the
'name' parameter has been made mandatory.
2014-11-25 11:40:55 +01:00
Peter Krempa
b7d1bee2b9 storage: rbd: Implement support for passing config file option
To be able to express some use cases of the RBD backing with libvirt, we
need to be able to specify a config file for the RBD client to qemu as
that is one of the commonly used options.
2014-11-21 14:37:03 +01:00
Peter Krempa
0255660658 storage: rbd: qemu: Add support for specifying internal RBD snapshots
Some storage systems have internal support for snapshots. Libvirt should
be able to select a correct snapshot when starting a VM.

This patch adds a XML element to select a storage source snapshot for
the RBD protocol which supports this feature.
2014-11-21 14:37:02 +01:00
Peter Krempa
930b77598b storage: Allow parsing of RBD backing strings when building backing chain
As we now have a common function to parse backing store string for RBD
backing store we can reuse it in the backing store walker so that we
don't fail on files backed by RBD storage.

This patch also adds a few tests to verify that the parsing works as
expected.
2014-11-21 14:37:02 +01:00
Peter Krempa
b327df87be util: storagefile: Split out parsing of NBD string into a separate func
Split out the code so that the function looks homogenous after adding
more protocol specific parsers.
2014-11-21 14:37:02 +01:00
Peter Krempa
5604c056bf util: split out qemuParseRBDString into a common helper
To allow reuse this non-trivial parser code in the backing store parser
this part of the command line parser needs to be split out into a
separate funciton.
2014-11-21 14:37:02 +01:00
Peter Krempa
c264ea58e9 util: storage: Copy hosts of a storage file only if they exist
If there are no hosts for a storage source virStorageSourceCopy and
virStorageSourceNewFromBackingRelative would try to copy them anyways.
As the success of virStorageNetHostDefCopy is determined by returning
a pointer and malloc of 0 elements might return NULL according to the
implementation, the result of the copy function may vary.

Fix this by copying the hosts array only if there are hosts defined.
2014-11-21 14:37:02 +01:00
Peter Krempa
ceb3e59530 util: storage: Add notice for extension of struct virStorageSource
As we now have a deep copy function for struct virStorageSource add a
notice that extensions of the structure require also appropriate changes
to the virStorageSourceCopy func.
2014-11-21 14:37:02 +01:00
Peter Krempa
7be41e787d util: buffer: Clarify scope of the escape operation in virBufferEscape
The escaping is applied only to the string, not the format argument.
State this fact in the docs.
2014-11-21 14:37:01 +01:00
Peter Krempa
7e130e8b35 storage: qemu: Fix security labelling of new image chain elements
When creating a disk image snapshot the libvirt code would blindly copy
the parents label to the newly created image. This runs into problems
when you start a VM from an image hosted on NFS (or other storage system
that doesn't support selinux labels) and the snapshot destination is on
a storage system that does support selinux labels. Libvirt's code in
that case generates a different security label for the image hosted on
NFS. This label is valid only for NFS images and doesn't allow access in
case of a locally stored image.

To fix this issue libvirt needs to refrain from copying security
information in cases where the default domain seclabel is a better
choice.

This patch repurposes the now unused @force argument of
virStorageSourceInitChainElement to denote whether a copy of the
security labelling stuff should be attempted or not. This allows to
fine-control the copy operation for cases where we need to keep the
label of the old disk vs. the cases where we need to keep the label
unset to use the default domain imagelabel.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1151718
2014-11-21 09:28:26 +01:00
Eric Blake
be90aa0026 build: fix build when not using dbus
Commit c0e7022 breaks on a machine that lacks dbus headers:

In file included from util/virdbus.c:24:0:
util/virdbuspriv.h:31:3: error: unknown type name 'dbus_int16_t'

* src/util/virdbuspriv.h (DBusBasicValue): Only provide fallback
when dbus is compiled.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-11-20 08:48:19 -07:00
Eric Blake
c0e7022161 build: fix build with older dbus headers
Compilation on a RHEL 5 host failed, due to the older dbus headers
present on that machine, and triggered by commit 2aa167ca:

util/virdbus.c: In function 'virDBusMessageIterDecode':
util/virdbus.c:952: error: 'DBusBasicValue' undeclared (first use in this function)

* m4/virt-dbus.m4 (LIBVIRT_CHECK_DBUS): Check for DBusBasicValue.
* src/util/virdbuspriv.h (DBusBasicValue): Provide fallback.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-11-20 06:41:53 -07:00
Eric Blake
5bc033e293 util: don't log failure when older iptables lacks -w
Commit dc33e6e4 caused older platforms like Fedora 20 to emit
scary log messages at startup:

2014-11-19 23:12:58.800+0000: 28906: error : virCommandWait:2532 : internal error: Child process (/usr/sbin/iptables -w -L -n) unexpected exit status 2: iptables v1.4.19.1: unknown option "-w"
Try `iptables -h' or 'iptables --help' for more information.

Since we are probing and expect to handle the case where -w is not
supported, we should not let virCommand log it as an error.

* src/util/virfirewall.c (virFirewallCheckUpdateLock): Handle
non-zero status ourselves.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-11-20 06:12:28 -07:00
Eric Blake
eb9093763f maint: forbid 'int foo = true'
I noticed this while working on qemuDomainGetBlockInfo.  Assigning
a bool value to an int variable compiles fine, but raises red flags
on the maintenance front as it becomes too easy to assign -1 or 2
or any other non-bool value to the same variable.

* cfg.mk (sc_prohibit_int_assign_bool): New rule.
* src/conf/snapshot_conf.c (virDomainSnapshotRedefinePrep): Fix
offenders.
* src/qemu/qemu_driver.c (qemuDomainGetBlockInfo)
(qemuDomainSnapshotCreateXML): Likewise.
* src/test/test_driver.c (testDomainSnapshotAlignDisks):
Likewise.
* src/util/vircgroup.c (virCgroupSupportsCpuBW): Likewise.
* src/util/virpci.c (virPCIDeviceBindToStub): Likewise.
* src/util/virutil.c (virIsCapableVport): Likewise.
* tools/virsh-domain-monitor.c (cmdDomMemStat): Likewise.
* tools/virsh-domain.c (cmdBlockResize, cmdScreenshot)
(cmdInjectNMI, cmdSendKey, cmdSendProcessSignal)
(cmdDetachInterface): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-11-19 08:20:39 -07:00
Eric Blake
2aa167cafd virdbus: don't force users to pass int for bool values
Use of an 'int' to represent a 'bool' value is confusing.  Just
because dbus made the mistake of cementing their 4-byte wire
format of dbus_bool_t into their API doesn't mean we have to
repeat the mistake.  With a little bit of finesse, we can
guarantee that we provide a large-enough value to the DBus
code, while still copying only the relevant one-byte bool
to the client code, and isolate the rest of our code base from
the DBus stupidity.

* src/util/virdbus.c (GET_NEXT_VAL): Add parameter.
(virDBusMessageIterDecode): Adjust all clients.
* src/util/virpolkit.c (virPolkitCheckAuth): Use nicer type.
* tests/virdbustest.c (testMessageSimple, testMessageStruct):
Test new behavior.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-11-19 08:20:39 -07:00
Anirban Chakraborty
22cff52a2b network: Add network bandwidth support to ethernet interfaces
Ethernet interfaces in libvirt currently do not support bandwidth setting.
For example, following xml file for an interface will not apply these
settings to corresponding qdiscs.

    <interface type="ethernet">
      <mac address="02:36:1d:18:2a:e4"/>
      <model type="virtio"/>
      <script path=""/>
      <target dev="tap361d182a-e4"/>
      <bandwidth>
        <inbound average="984" peak="1024" burst="64"/>
        <outbound average="2000" peak="2048" burst="128"/>
      </bandwidth>
    </interface>

Signed-off-by: Anirban Chakraborty <abchak@juniper.net>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-11-19 10:36:49 +01:00
Martin Kletzander
1b7f8ca6bd Remove unnecessary curly brackets in src/util/
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-11-14 17:13:35 +01:00
Daniel P. Berrange
dc33e6e4a5 Re-add use of locking with iptables/ip6tables/ebtables
A previous commit introduced use of locking with invocation
of iptables in the viriptables.c module

  commit ba95426d6f
  Author: Serge Hallyn <serge.hallyn@ubuntu.com>
  Date:   Fri Nov 1 12:36:59 2013 -0500

    util: use -w flag when calling iptables

This only ever had effect with the virtual network driver,
as it was not wired up into the nwfilter driver. Unfortunately
in the firewall refactoring the use of the -w flag was
accidentally lost.

This patch introduces it to the virfirewall.c module so that
both the virtual network and nwfilter drivers will be using
it. It also ensures that the equivalent --concurrent flag
to ebtables is used.
2014-11-14 15:15:16 +00:00
Hao Liu
12bd207e21 Fix invalid log, misused option types and a typo
This patch fixes the following issues.

1)  When an invalid wwn is introduced, libvirt reports
    "Malformed wwn: %s". The template won't be replaced.

2)  "target" option for dompmsuspend and "xml" option for
    save-image-define are required options and should use
    VSH_OT_DATA instead of VSH_OT_STRING as an option type.

3)  A typo.

Signed-off-by: Hao Liu <hliu@redhat.com>
2014-11-11 11:05:43 +01:00
Chen Fan
fc313364b1 virnuma: add nodeset NULL check in virNumaSetupMemoryPolicy
Introduced by commit c63ef0452b, when nodeset is NULL, validation will
pass in virNumaSetupMemoryPolicy, but virBitmapNextSetBit must ensure
bitmap is not NULL, otherwise that might cause a segmentation fault.
This patch fixes it.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
2014-11-07 12:04:57 +01:00
Prerna Saxena
da636d83dc Cpu: Add support for Power LE Architecture.
This adds support for PowerPC Little Endian architecture.,
and allows libvirt to spawn VMs based on 'ppc64le' architecture.

Signed-off-by: Pradipta Kr. Banerjee <bpradip@in.ibm.com>
Signed-off-by: Prerna Saxena <prerna@linux.vnet.ibm.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2014-11-07 09:16:37 +01:00
Michal Privoznik
cef5ff76e2 virnetdevbandwidth: Include virutil.h
One of the latest patches (9a8fc3efc2) introduced call of
geteuid(). However, not all systems have the function
implemented, e.g. mingw. Therefore, we fail to build on those
system. The fix consist of including virutil.h which defines
geteuid in needed. Sigh.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-11-06 15:30:13 +01:00
Martin Kletzander
877a222449 numa: fix assumption in virNumaNodeIsAvailable()
When compiled without full numa support, the stub function for
virNumaNodeIsAvailable() just checks whether specified node is in range
<0, max); where max is maximum NUMA node available on the host.  But
because the maximum node number is the highest usabe number (and not the
count of nodes), the check is incorrect as it should check whether the
specified node is in range <0, max> instead.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-11-06 15:13:55 +01:00
Martin Kletzander
c63ef0452b numa: split util/ and conf/ and support non-contiguous nodesets
This is a reaction to Michal's fix [1] for non-NUMA systems that also
splits out conf/ out of util/ because libvirt_util shouldn't require
libvirt_conf if it is the other way around.  This particular use case
worked, but we're trying to avoid it as mentioned [2], many times.

The only functions from virnuma.c that needed numatune_conf were
virDomainNumatuneNodesetIsAvailable() and virNumaSetupMemoryPolicy().
The first one should be in numatune_conf as it works with
virDomainNumatune, the second one just needs nodeset and mode, both of
which can be passed without the need of numatune_conf.

Apart from fixing that, this patch also fixes recently added
code (between commits d2460f85^..5c8515620) that doesn't support
non-contiguous nodesets.  It uses new function
virNumaNodesetIsAvailable(), which doesn't need a stub as it doesn't use
any libnuma functions, to check if every specified nodeset is available.

[1] https://www.redhat.com/archives/libvir-list/2014-November/msg00118.html
[2] http://www.redhat.com/archives/libvir-list/2011-June/msg01040.html

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-11-06 15:13:55 +01:00
Erik Skultety
9a8fc3efc2 Iface: disallow network tuning in session mode globally
Patch 43b67f2e disallowed network tuning only with qemu driver, however
this patch moved the check for root privileges into
virNetDevBandwidthSet function, so the call should now
fail in all possible cases. A mock function was created so that the test
suite doesn't fail because of unsufficient privileges.
2014-11-06 14:28:37 +01:00
Michal Privoznik
dda1a235c1 virnuma: Add some more comments
Well, in fact only add comments to mark ifdef,
else and endif sections.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-11-06 09:08:47 +01:00
Martin Kletzander
3f43bb8326 util: fix releasing pidfile in cleanup
Coverity found out the very obvious problem in the code.  That is that
virPidFileReleasePath() was called only if
virPidFileAcquirePath() returned 0.  But virPidFileAcquirePath() doesn't
return only 0 on success, but the FD that needs to be closed.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-11-04 12:06:38 +01:00
Chen Fan
5c8515620b virnuma: use virNumaNodesetIsAvailable checking nodeset in virNumaSetupMemoryPolicy
Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
2014-11-04 07:03:36 +01:00
Chen Fan
902864184e numatune: add check for numatune nodeset range
There was no check for 'nodeset' attribute in numatune-related
elements.  This patch adds validation that any nodeset specified does
not exceed maximum host node.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
2014-11-04 07:03:36 +01:00
Chen Fan
d2460f85d3 bitmap: add virBitmapLastSetBit for finding the last bit position of bitmap
Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
2014-11-04 07:03:36 +01:00
Martin Kletzander
d1fd086eb4 util: Introduce virPidFileForceCleanupPath
This function is used to cleanup a pidfile doing whatever it takes, even
killing the owning process.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-11-03 16:43:23 +01:00
Pavel Hrdina
d91c8e640b mingw: fix build failure
This macro seems to be defined only on linux/unix and it fails during
mingw build. Its value is '16' (taken from net/if.h) so define it if
it's not defined.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-11-01 01:35:40 +01:00
Roman Bogorodskiy
44178b8e80 virutil: fix virGetSCSIHostNumber stub return type
The virGetSCSIHostNumber function return type is int, however
its stubbed version returns NULL. That results in a build fail
on systems that use the stubbed version. Fix by using a proper
return type.
2014-10-30 08:54:17 +03:00
Roman Bogorodskiy
00fa136d0b virnetdev: stub virNetDev{Add,Del}Multi on FreeBSD
Currently, build fails on FreeBSD because its struct ifreq does not
have ifr_hwaddr member. In order to fix that, check if this member
is present, otherwise fall back to the stub version of the
virNetDev{Add,Del}Multi functions.
2014-10-30 07:59:39 +03:00
John Ferlan
9babbaa5fe virnetdev: Resolve Coverity RESOURCE_LEAK
virFileReadAll returns a chunk of memory that needs to be free'd when
done
2014-10-29 18:56:06 -04:00
John Ferlan
f099726c46 virnetdev: Resolve Coverity FORWARD_NULL
The complaint is that if cleanup is called when virFileReadAll fails,
then mcast->entries is NULL and could be dereferenced in the clear
function. After following the code some - I saw that the caller to
the function (virNetDevGetMulticastTable) will also call
virNetDevMcastListClear if this function returns -1, so this
isn't necessary, so I removed the call.
2014-10-29 18:56:06 -04:00
John Ferlan
764deecbd9 virnetdev: Resolve Coverity DEADCODE
Coverity complains that because the for loop is from 0 to 5 (max tokens)
and the impending switch/case statements used each of the #define values
that the 'default' wouldn't reachable. This patch will convert the #define's
into enum's and add the obligatory dead_error_begin marker for these type
situations.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2014-10-29 18:56:06 -04:00
Peter Krempa
98784369fd storage: Fix crash when parsing backing store URI with schema
The code that parses the schema from the URI touches the "hosts[0]"
member of the storage file source structure in case the URI contains a
schema. The hosts array was not yet allocated at the point in the code
where the transport protocol was parsed and set. This lead to a crash of
libvirtd.

Fix the code by allocating the "hosts" array upfront and add a test case
to verify this scenario. (Unfortunately this requires shuffling the test
case numbers too).

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1156288
2014-10-29 17:10:42 +01:00
Eric Blake
39871fce1a maint: avoid static zero init in core files
C guarantees that static variables are zero-initialized.  Some older
compilers (and also gcc -fno-zero-initialized-in-bss) create larger
binaries if you explicitly zero-initialize a static variable.

* src/libvirt.c: Fix initialization.
* src/util/viralloc.c: Likewise.
* src/util/virdbus.c: Likewise.
* src/util/virevent.c: Likewise.
* src/util/virfile.c (safezero): Likewise.
* src/util/virlog.c: Likewise.
* src/util/virnetlink.c: Likewise.
* src/util/virthread.h (VIR_ONCE_GLOBAL_INIT): Likewise.
* src/util/virprocess.c (virProcessGetStartTime): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-10-29 09:55:09 -06:00
Eric Blake
0fe384f38e audit: use bool for audit log choice
We weren't ever using the value for anything other than being non-zero.

* src/util/viraudit.h (virAuditLog): Change signature.
* src/util/viraudit.c (virAuditLog): Update user.
* daemon/libvirtd.c (main): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-10-29 09:55:09 -06:00
John Ferlan
beff5d4e1b virutil: Introduce virGetSCSIHostNameByParentaddr
Create the function from the code in getAdapterName() in order to return
the "host#" name for the provided parentaddr values.
2014-10-28 21:25:32 -04:00
John Ferlan
55f439599c virutil: Introduce virGetSCSIHostNumber
Create/use virGetSCSIHostNumber to replace the static getHostNumber

Removed the "if (result &&" since result is now required to be non NULL
on input.
2014-10-28 21:25:26 -04:00
Cédric Bosdonnat
90712bb5c0 Renamed internal __mon_yday into mon_yday to avoid conflicts
libc has another constant with the same name, which leads to
redefinition error when building against static libvirt
2014-10-28 14:44:18 -06:00
Tony Krowiak
cc0e8c244d util: Functions to update host network device's multicast filter
This patch provides the utility functions to needed to synchronize the
changes made to a guest domain network device's multicast filter
with the corresponding macvtap device's filter on the host:

* Get/add/remove multicast MAC addresses
* Get the macvtap device's RX filter list

Signed-off-by: Tony Krowiak <akrowiak@linux.vnet.ibm.com>
Signed-off-by: Laine Stump <laine@laine.org>
2014-10-28 14:14:25 -04:00
Laine Stump
f9f9699f40 util: eliminate "use after free" in callers of virNetDevLinkDump
virNetDevLinkDump() gets a message from netlink into "resp", then
calls nlmsg_parse() to fill the table "tb" with pointers into resp. It
then returns tb to its caller, but not before freeing the buffer at
resp. That means that all the callers of virNetDevLinkDump() are
examining memory that has already been freed. This can be verified by
filling the buffer at resp with garbage prior to freeing it (or, I
suppose, just running libvirtd under valgrind) then performing some
operation that calls virNetDevLinkDump().

The code has been like this ever since virNetDevLinkDump() was written
- the original author didn't notice it, and neither did later
additional users of the function. It has only been pure luck (or maybe
a lack of heavy load, and/or maybe an allocation algorithm in malloc()
that delays re-use of just-freed memory) that has kept this from
causing errors, for example when configuring a PCI passthrough or
macvtap passthrough network interface.

The solution taken in this patch is the simplest - just return resp to
the caller along with tb, then have the caller free it after they are
finished using the data (pointers) in tb. I alternately could have
made a cleaner interface by creating a new struct that put tb and resp
together along with a vir*Free() function for it, but this function is
only used in a couple places, and I'm not sure there will be
additional new uses of virNetDevLinkDump(), so the value of adding a
new type, extra APIs, etc. is dubious.
2014-10-26 12:23:23 -04:00
Peter Krempa
0eeafeedeb util: string: Add helper to check whether string is empty
The helper checks whether a string contains only whitespace or is NULL.
This will be helpful to skip cases where a user string is optional, but
may be provided empty with the same meaning.
2014-10-22 17:51:18 +02:00
Rick Harris
7e037f64c0 Add support for /run/initctl
Newer versions of Debian use '/run/initctl' instead of '/dev/initctl'.
This patch updates the code to search for the FIFO from a list of
well-known locations.
2014-10-22 13:09:49 +01:00
Roman Bogorodskiy
82e4f85ce0 Fix cast errors with clang
Build with clang fails with:

  CC       util/libvirt_util_la-virsocketaddr.lo
util/virsocketaddr.c:904:17: error: cast from 'struct sockaddr *' to
'struct sockaddr_in *' increases required alignment from 1 to 4
[-Werror,-Wcast-align]
        inet4 = (struct sockaddr_in*) res->ai_addr;
                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
util/virsocketaddr.c:909:17: error: cast from 'struct sockaddr *' to
'struct sockaddr_in6 *' increases required alignment from 1 to 4
[-Werror,-Wcast-align]
        inet6 = (struct sockaddr_in6*) res->ai_addr;
                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2 errors generated.

Fix that by replacing virSocketAddrParseInternal() call with
virSocketAddrParse() in the virSocketAddrIsNumericLocalhost() function.
virSocketAddrParse stores an address in virSocketAddr.
virSocketAddr uses a union to store an address, so it doesn't
need casting.
2014-10-22 12:54:38 +04:00
Chen Fan
fb41a3eee2 conf: fix an memory leak in virSocketAddrIsNumericLocalhost()
Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
2014-10-15 11:56:00 +02:00
Peter Krempa
ddf52d01f8 util: json: Add option to skip adding a JSON object if it is NULL
Add a new option specifier that will optionally add a JSON key=value pair
containing a nested object if the added object isn't NULL.
2014-10-15 10:27:50 +02:00