Commit Graph

2973 Commits

Author SHA1 Message Date
Matthias Bolte
d304352b19 esx: Generate method mappings via macros
This is actually a consequence of the reworked required parameter
checking: Unify the required parameter check into a Validate function
instead of doing it separately im the (de)serialization part.

The required parameter checking for the mapped methods parameter was
done in the (de)serialize functions before. Now it's explicitly done
in the mapped method itself.
2010-03-23 01:28:08 +01:00
Jim Fehlig
09fafa1e21 Avoid libvirtd crash when cgroups is not configured on host
Invoking virDomainSetMemory() on lxc driver results in libvirtd
segfault when cgroups has not been configured on the host.

Ensure driver->cgroup is non-null before invoking
virCgroupForDomain().  To prevent similar segfaults in the future,
ensure driver parameter to virCgroupForDomain() is non-null before
dereferencing.
2010-03-22 09:42:14 -06:00
Cole Robinson
65e97240e6 security: selinux: Fix crash when releasing non-existent label
This can be triggered by the qemuStartVMDaemon cleanup path if a
VM references a non-existent USB device (by product) in the XML.
2010-03-22 10:45:36 -04:00
Guido Günther
b7a7b33651 Don't crash without a security driver
"virsh dominfo <vm>" crashes if there's no primary security driver set
since we only intialize the secmodel.model and secmodel.doi if we have
one. Attached patch checks for securityPrimaryDriver instead of
securityDriver since the later is always set in qemudSecurityInit().

Closes: http://bugs.debian.org/574359
2010-03-22 10:43:45 +01:00
Jiri Denemark
7f4f1dd416 Implement virDomainMigrateSetMaxDowntime in qemu driver 2010-03-19 22:47:45 +01:00
Jiri Denemark
0ab6423579 Implement virDomainMigrateSetMaxDowntime in remote driver 2010-03-19 22:45:55 +01:00
Jiri Denemark
20ffaf59dc Wire protocol and dispatcher for virDomainMigrateSetMaxDowntime 2010-03-19 22:42:25 +01:00
Jiri Denemark
68f63673da Public virDomainMigrateSetMaxDowntime API 2010-03-19 22:33:09 +01:00
Jiri Denemark
7f7849c996 Internal driver API for virDomainMigrateSetMaxDowntime 2010-03-19 22:20:42 +01:00
David Allan
73adc0e5b7 Simplified version of volume wiping based on feedback from the list. 2010-03-19 14:43:40 -04:00
David Allan
3fdb9ba760 Implement remote bits for vol wiping 2010-03-19 14:43:02 -04:00
David Allan
d36b4e92ac Implement the public API for vol wiping 2010-03-19 14:37:51 -04:00
David Allan
b50ab42d41 Define the internal driver API for vol wiping
Also add vol wiping to ESX storage driver struct
2010-03-19 14:35:58 -04:00
David Allan
e10dc8666e Add public API for volume wiping 2010-03-19 14:31:48 -04:00
Laine Stump
598a0c00dc Support vhost-net mode at qemu startup for virtio network devices
Attempt to turn on vhost-net mode for devices of type NETWORK, BRIDGE,
and DIRECT (macvtap).

* src/qemu/qemu_conf.h: add vhostfd to qemuBuildHostNetStr prototype
  add qemudOpenVhostNet prototype new flag to set when :,vhost=" found in
  qemu help
* src/qemu/qemu_conf.c: * set QEMUD_CMD_FLAG_VNET_HOST is ",vhost=" found
  in qemu help
   - qemudOpenVhostNet - opens /dev/vhost-net to pass to qemu if everything
     is in place to use it.
   - qemuBuildHostNetStr - add vhostfd to commandline if it's not empty
     (higher levels decide whether or not to fill it in)
   - qemudBuildCommandLine - if /dev/vhost-net is successfully opened, add
     its fd to tapfds array so it isn't closed on qemu exec, and populate
     vhostfd_name to be passed in to commandline builder.
* src/qemu/qemu_driver.c: add filler 0 for new arg to qemuBuildHostNetStr,
  along with a note that this must be implemented in order for hot-plug of
  vhost-net virtio devices to work properly (once qemu "netdev_add" monitor
  command is implemented).
2010-03-19 16:58:14 +01:00
Matthias Bolte
caad0a8783 qemu: Fix FD leak in qemudStartVMDaemon
The logfile FD is dup2'ed in __virExec in the child. The FD needs to
be closed in the parent, otherwise it leaks.
2010-03-18 23:45:11 +01:00
Eric Blake
336fd879c0 util: ensure virMutexInit is not recursive
POSIX states that creation of a mutex with default attributes
is unspecified whether the mutex is recursive or non-recursive.
We specifically want non-recursive (deadlock is desirable in
flushing out coding bugs that used our mutex incorrectly).

* src/util/threads-pthread.c (virMutexInit): Specifically request
non-recursive mutex, rather than relying on unspecified default.
2010-03-18 21:37:32 +01:00
Eric Blake
0a33633579 maint: make Red Hat copyright notices consistent
Spell out 'Red Hat, Inc.':
 git grep -i 'Copyright.*Red Hat' | grep -v Inc

Include (C) consistently:
 git grep -i 'Copyright [^(].*Red Hat'

* src/lxc/lxc_container.c: Update copyright formatting.
* src/node_device/node_device_udev.c: Likewise.
* src/node_device/node_device_udev.h: Likewise.
* src/xen/xend_internal.h: Likewise.
* src/xen/xm_internal.c: Likewise.
* src/xen/xm_internal.h: Likewise.
* tests/xmconfigtest.c: Likewise.
* tests/object-locking.ml: Likewise.
* tools/virt-pki-validate.in: Likewise.
* tools/virt-xml-validate.in: Likewise.
2010-03-18 16:48:05 +01:00
Cole Robinson
89d8cdfc7e Fix make dist with XenAPI changes 2010-03-17 12:25:50 -04:00
Jiri Denemark
0c842417ef Allow suspend during live migration
Currently no command can be sent to a qemu process while another job is
active. This patch adds support for signaling long-running jobs (such as
migration) so that other threads may request predefined operations to be
done during such jobs. Two signals are defined so far:
    - QEMU_JOB_SIGNAL_CANCEL
    - QEMU_JOB_SIGNAL_SUSPEND

The first one is used by qemuDomainAbortJob.

The second one is used by qemudDomainSuspend for suspending a domain
during migration, which allows for changing live migration into offline
migration. However, there is a small issue in the way qemudDomainSuspend
is currently implemented for migrating domains. The API calls returns
immediately after signaling migration job which means it is asynchronous
in this specific case.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2010-03-17 14:38:46 +01:00
Matthias Bolte
fe2f1ba1db phyp: Use virRequestUsername and virRequestPassword 2010-03-16 20:17:54 +01:00
Matthias Bolte
b97befb6a2 xenapi: Don't leak url and caps in case of error 2010-03-16 20:17:50 +01:00
Matthias Bolte
2969eff86a xenapi: Check for NULL before accessing the scheme 2010-03-16 20:17:45 +01:00
Matthias Bolte
2ed0b3f935 xenapi: Request a username if there is non in the URI
Use virRequestUsername and virRequestPassword.
2010-03-16 20:17:40 +01:00
Matthias Bolte
45b6e68e09 xenapi: Check for valid private data in xenapiSessionErrorHandle 2010-03-16 20:17:35 +01:00
Matthias Bolte
3cdc4cb613 esx: Move username and password helper functions to authhelper.c 2010-03-16 20:15:32 +01:00
Jim Meyering
a31bc67503 fix two "make syntax check" failures
* src/xenapi/xenapi_driver.c (xenapiOpen): Remove useless-if-before-free.
* po/POTFILES.in: Add src/xenapi/xenapi_utils.c.
2010-03-16 19:32:05 +01:00
Jiri Denemark
e3c36a2575 Use fsync() at the end of file allocation instead of O_DSYNC
Instead of opening storage file with O_DSYNC, make sure data are written
to a disk only before we claim allocation has finished.
2010-03-16 16:04:39 +01:00
Jim Meyering
c78c9f5a9b Revert f5a6ce44ce
* src/qemu/qemu_driver.c (qemudDomainAttachSCSIDisk): The ".controller"
member is an index, and *may* be 0.  As such, the commit that we're
reverting broke SCSI disk hot-plug on controller 0.
Reported by Wolfgang Mauerer.
2010-03-15 18:24:38 +01:00
Cole Robinson
3f1aa08af6 security: Set permissions for kernel/initrd
Fixes URL installs when running virt-install as root on Fedora.
2010-03-15 12:36:50 -04:00
Cole Robinson
6d5c8a8f51 qemu: Fix USB by product with security enabled
We need to call PrepareHostdevs to determine the USB device path before
any security calls. PrepareHostUSBDevices was also incorrectly skipping
all USB devices.
2010-03-15 12:36:47 -04:00
Cole Robinson
3a44152201 qemu: Add some debugging at domain startup 2010-03-15 12:35:49 -04:00
Daniel Veillard
f92c041a1c qemu: pass the information when disks are read-only
* src/qemu/qemu_conf.c: add the ",readonly=on" for read-only disks
  and also parse it back in qemuParseCommandLineDisk()
* tests/qemuxml2argvtest.c
  tests/qemuxml2argvdata/qemuxml2argv-disk-drive-readonly-disk.args
  tests/qemuxml2argvdata/qemuxml2argv-disk-drive-readonly-disk.xml:
  add a specific regression test
2010-03-15 17:03:26 +01:00
Jiri Denemark
95a515fc44 Fix syntax-check errors
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2010-03-15 15:10:27 +01:00
Jiri Denemark
e6458393ab Fix error messages in qemu text monitor
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2010-03-15 15:10:27 +01:00
Sharadha Prabhakar
eb9945d9ae xenapi: Initial commit of the new driver 2010-03-14 19:30:00 +01:00
Matthias Bolte
5541cade86 macvtap: Only export symbols if support is enabled 2010-03-13 14:48:25 +01:00
Chris Lalancette
74383bfc42 Only use the numa functions when they are available.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-03-12 11:07:25 -05:00
Chris Lalancette
83988bd43b Make nodeGetInfo report the correct number of NUMA nodes.
The nodeGetInfo code was always assuming that machine had a
single NUMA node, which is not correct.  The good news is that
libnuma gives us this information pretty easily, so let's
properly report it.

NOTE: With recent hardware starting to support CPU hot-add
and hot-remove, both this code and the nodeCapsInitNUMA()
code are quickly going to become obsolete.  We'll have to
think of a more dynamic solution for dealing with NUMA
nodes and CPUs that can come and go at will.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-03-12 08:38:34 -05:00
Laine Stump
ca842a6bcb Silence compiler complaints about non-literal format strings
* src/util/macvtap.c: replace _("....") with "%s", _("...") in two places
2010-03-12 11:36:05 +01:00
Chris Lalancette
d376b7d63e Fix hang in qemudDomainCoreDump.
Currently if you dump the core of a qemu guest with
qemudDomainCoreDump, subsequent commands will hang
up libvirtd.  This is because qemudDomainCoreDump
uses qemuDomainWaitForMigrationComplete, which expects
the qemuDriverLock to be held when it's called.  This
patch does the simple thing and moves the qemuDriveUnlock
to the end of the qemudDomainCoreDump so that the driver
lock is held for the entirety of the call (as it is done
in qemudDomainSave).  We will probably want to make the
lock more fine-grained than that in the future, but
we can fix both qemudDomainCoreDump and qemudDomainSave
at the same time.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-03-11 12:45:05 -05:00
Chris Lalancette
2c555d87b0 Make sure qemudDomainSetVcpus doesn't hang.
The code to add job support into libvirtd caused a problem
in qemudDomainSetVcpus.  In particular, a qemuDomainObjEndJob()
call was added at the end of the function, but a
corresponding qemuDomainObjBeginJob() was not.  Additionally,
a call to qemuDomainObj{Enter,Exit}Monitor() was also missed
in qemudDomainHotplugVcpus().  These missing calls conspired to
cause a hang in the libvirtd process after the command was
finished.  Fix this by adding the missing calls.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-03-11 12:44:53 -05:00
Chris Lalancette
8a7f4b8dc1 Remove qemudDomainSetMaxMemory.
As previously discussed[1], this patch removes the
qemudDomainSetMaxMemory() function, since it doesn't
work.  This means that instead of getting somewhat
cryptic errors, you will now get:

error: Unable to change MaxMemorySize
error: this function is not supported by the hypervisor: virDomainSetMaxMemory

Which describes the situation perfectly.

[1] https://www.redhat.com/archives/libvir-list/2010-February/msg00928.html

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-03-11 10:39:29 -05:00
Chris Lalancette
ed3d86c9a9 Fix a JSON CPU information bug.
When using the JSON monitor, qemuMonitorJSONExtractCPUInfo
was returning 0 on success.  Unfortunately, higher levels of
the cpuinfo code expect that it returns the number of CPUs
it found on success.  This one-line patch fixes it so that
it returns the correct number.  This makes "virsh vcpuinfo <domain>"
work when using the JSON monitor.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-03-11 10:39:18 -05:00
Ed Swierk
e29439bd14 Allow devices without a parent
* Allow devices without parent links to be created and set their parent to the root "computer" node
2010-03-10 17:25:54 -05:00
David Allan
b978f31a93 Free resources on error in udev startup
* The udev driver didn't properly free resources that it allocates when setting up the 'computer' device in the error case.
2010-03-10 11:38:37 -05:00
Chris Lalancette
7be9270c24 Fix up nodeinfo parsing code.
As pointed out by eblake, I made a real hash of the
nodeinfo code with commit
aa2f6f96dd.  This patch
cleans it up:

1)  Do more work at compile time instead of runtime (minor)
2)  Properly handle the hex digits that come from
/sys/devices/system/cpu/cpu*/topology/thread_siblings
3)  Fix up some error paths that could cause SEGV
4)  Used unsigned's for the cpu numbers (cpu -1 doesn't
make any sense)

Along with the recent patch from jdenemar to zero out
the nodeinfo structure, I've re-tested this on the
machines having the problems, and it seems to be good.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-03-10 08:49:37 -05:00
Eric Blake
36d8e7d8d7 build: consistently indent preprocessor directives
* global: patch created by running:
for f in $(git ls-files '*.[ch]') ; do
    cppi $f > $f.t && mv $f.t $f
done
2010-03-09 19:22:28 +01:00
Eric Blake
f6876e10cf virsh: fix existing N_ uses
It is a bad idea to call gettext on an already-translated
string.  In cases where a string must be translated separately
from where it is exposed to xgettext, the gettext manual
recommends the idiom of N_() wrapping gettext_noop for
marking the string.

* src/internal.h (N_): Fix definition to match gettext manual.
* tools/virsh.c: (cmdHelp, cmdList, cmdDomstate, cmdDominfo)
(cmdVcpuinfo, vshUsage): Replace incorrect use of N_ with _.
(vshCmddefHelp): Likewise.  Mark C format strings appropriately.
2010-03-09 18:23:44 +01:00
Jiri Denemark
06b835607f Fix copy&paste typos in virProcessInfoGetAffinity
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2010-03-09 17:31:15 +01:00
Jiri Denemark
22e39d0ee4 Wipe nodeinfo structure before filling it
The nodeinfo structure wasn't initialized in qemu driver and with the
recent change in CPU topology parsing, old value of nodeinfo->sockets
could be used and incremented giving totally bogus results.

Let's just wipe the structure completely.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2010-03-09 17:31:15 +01:00
Laine Stump
618dc80c2f Fix format string warnings
A few more non-literal format strings in error log messages have crept
in. Fix them in the standard way - turn the format string into "%s"
with the original string as the arg.
2010-03-09 14:32:06 +01:00
Soren Hansen
1c36d0682a Fix virDomainGetXMLDesc cache settings output
If a special cache strategy for a disk has been specified in a domain
definition, but no driverName has been set, virDomainGetXMLDesc would not
include the <driver> tag at all.

* src/conf/domain_conf.c: make sure any <driver> tag setting is
  serialized if set.
2010-03-09 13:59:51 +01:00
Chris Lalancette
aa2f6f96dd Get thread and socket information in virsh nodeinfo.
The current code for "nodeinfo" is pretty naive
about socket and thread information.  To determine the
sockets, it just takes the number of cpus and divides
by the number of cores.  For the thread count, it always
sets it to 1.  With more recent Intel machines, however,
hyperthreading is again an option, meaning that these
heuristics no longer work and give bogus numbers.  This
patch goes through /sys to get the additional
information so we properly report it.

Note that I had to edit the tests not to report on
socket and thread counts, since these are determined
dynamically now.

v2: As pointed out by Eric Blake, gnulib provides
    count-one-bits (which is LGPLv2+).  Use it instead
    of a hand-coded popcnt.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-03-08 09:26:04 -05:00
Adam Litke
5140a2f626 Fix locking in qemudDomainMemoryStats
When adding domainMemoryStats API support for the qemu driver, I didn't
follow the locking rules exactly.  The job condition must be held when
executing monitor commands.  This corrects the segfaults I was seeing
when calling domainMemoryStats in a multi-threaded environment.

* src/qemu/qemu_driver.c: in qemudDomainMemoryStats() add missing
  calls to qemuDomainObjBeginJob/qemuDomainObjEndJob
2010-03-08 15:15:44 +01:00
Laine Stump
ecb5cf7cb2 Eliminate large stack buffer in doTunnelSendAll
doTunnelSendAll function (used by QEMU migration) uses a 64k buffer on
the stack, which could be problematic. This patch replaces that with a
buffer from the heap.

While in the neighborhood, this patch also improves error reporting in
the case that saferead fails - previously, virStreamAbort() was called
(resetting errno) before reporting the error. It's been changed to
report the error first.

* src/qemu/qemu_driver.c: fix doTunnelSendAll() to use a malloc'ed
  buffer
2010-03-08 15:01:52 +01:00
Eric Blake
2e56fb2bcc build: consistently use C99 varargs macros
Prior to this patch, there was an inconsistent mix between GNU and C99.

For consistency, and potential portability to other compilers, stick
with the C99 vararg macro syntax.

* src/conf/cpu_conf.c (virCPUReportError): Use C99 rather than GNU
  vararg macro syntax.
* src/conf/domain_conf.c (virDomainReportError): Likewise.
* src/conf/domain_event.c (eventReportError): Likewise.
* src/conf/interface_conf.c (virInterfaceReportError): Likewise.
* src/conf/network_conf.c (virNetworkReportError): Likewise.
* src/conf/node_device_conf.h (virNodeDeviceReportError): Likewise.
* src/conf/secret_conf.h (virSecretReportError): Likewise.
* src/conf/storage_conf.h (virStorageReportError): Likewise.
* src/esx/esx_device_monitor.c (ESX_ERROR): Use C99 rather than
  GNU vararg macro syntax.
* src/esx/esx_driver.c (ESX_ERROR): Likewise.
* src/esx/esx_interface_driver.c (ESX_ERROR): Likewise.
* src/esx/esx_network_driver.c (ESX_ERROR): Likewise.
* src/esx/esx_secret_driver.c (ESX_ERROR): Likewise.
* src/esx/esx_storage_driver.c (ESX_ERROR): Likewise.
* src/esx/esx_util.c (ESX_ERROR): Likewise.
* src/esx/esx_vi.c (ESX_VI_ERROR): Likewise.
* src/esx/esx_vi_methods.c (ESX_VI_ERROR): Likewise.
* src/esx/esx_vi_types.c (ESX_VI_ERROR): Likewise.
* src/esx/esx_vmx.c (ESX_ERROR): Likewise.
* src/util/hostusb.c (usbReportError): Use C99 rather than GNU
  vararg macro syntax.
* src/util/json.c (virJSONError): Likewise.
* src/util/macvtap.c (ReportError): Likewise.
* src/util/pci.c (pciReportError): Likewise.
* src/util/stats_linux.c (virStatsError): Likewise.
* src/util/util.c (virUtilError): Likewise.
* src/util/xml.c (virXMLError): Likewise.
* src/xen/proxy_internal.c (virProxyError): Use C99 rather than
  GNU vararg macro syntax.
* src/xen/sexpr.c (virSexprError): Likewise.
* src/xen/xen_driver.c (xenUnifiedError): Likewise.
* src/xen/xen_hypervisor.c (virXenError): Likewise.
* src/xen/xen_inotify.c (virXenInotifyError): Likewise.
* src/xen/xend_internal.c (virXendError): Likewise.
* src/xen/xm_internal.c (xenXMError): Likewise.
* src/xen/xs_internal.c (virXenStoreError): Likewise.
* src/cpu/cpu.h (virCPUReportError): Use C99 rather than GNU
  vararg macro syntax.
* src/datatypes.c (virLibConnError): Likewise.
* src/interface/netcf_driver.c (interfaceReportError): Likewise.
* src/libvirt.c (virLibStreamError): Likewise.
* src/lxc/lxc_conf.h (lxcError): Likewise.
* src/network/bridge_driver.c (networkReportError): Likewise.
* src/nodeinfo.c (nodeReportError): Likewise.
* src/opennebula/one_conf.h (oneError): Likewise.
* src/openvz/openvz_conf.h (openvzError): Likewise.
* src/phyp/phyp_driver.c (PHYP_ERROR): Likewise.
* src/qemu/qemu_conf.h (qemuReportError): Likewise.
* src/remote/remote_driver.c (errorf): Likewise.
* src/security/security_driver.h (virSecurityReportError): Likewise.
* src/test/test_driver.c (testError): Likewise.
* src/uml/uml_conf.h (umlReportError): Likewise.
* src/vbox/vbox_driver.c (vboxError): Likewise.
* src/vbox/vbox_tmpl.c (vboxError): Likewise.
2010-03-08 13:32:27 +01:00
Jim Meyering
4dbed7d9c4 ebtablesAddRemoveRule: avoid dead store
* src/util/ebtables.c (ebtablesAddRemoveRule): Avoid dead store
to local, "s".
2010-03-05 23:24:52 +01:00
Jim Meyering
c101092adf virInterfaceDefParseBond: avoid dead stores
* src/conf/interface_conf.c (virInterfaceDefParseBond): Avoid dead stores
to local, "node".  Remove declaration, too.
2010-03-05 23:24:47 +01:00
Jim Meyering
fbe65e5e1c xenXMDomainConfigParse: avoid dead store
* src/xen/xm_internal.c (xenXMDomainConfigParse): Avoid dead store
to local, "data".  Remove declaration, too.
2010-03-05 23:24:42 +01:00
Jim Meyering
f5a6ce44ce qemudDomainAttachSCSIDisk: handle empty controller list
* src/qemu/qemu_driver.c (qemudDomainAttachSCSIDisk): Handle
the (theoretical) case of an empty controller list, so that
clang does not think the subsequent dereference of "cont"
would dereference an undefined variable (due to preceding
loop not iterating even once).
2010-03-05 18:42:30 +01:00
Jim Meyering
1a4d5c9543 qemu restore: don't let corrupt input provoke unwarranted OOM
* src/qemu/qemu_driver.c (qemudDomainRestore): A corrupt save file
(in particular, a too-large header.xml_len value) would cause an
unwarranted out-of-memory error.  Do not trust the just-read
header.xml_len.  Instead, merely use that as a hint, and
read/allocate up to that number of bytes from the file.
Also verify that header.xml_len is positive; if it were negative,
passing it to virFileReadLimFD could cause trouble.
2010-03-05 18:32:34 +01:00
Jim Meyering
32884a7ef6 virFileReadLimFD: diagnose maxlen <= 0, rather than passing it on...
to saferead_lim, which interprets it as a size_t.
* src/util/util.c (virFileReadLimFD): Do not malfunction when
maxlen < -1.  Return -1,EINVAL in that case.  Handle maxlen==0
in the same manner.
2010-03-05 18:31:26 +01:00
Jim Meyering
ba918ac1b4 xen: don't let bogus packets trigger over-allocation and segfault
* src/xen/proxy_internal.c (xenProxyDomainDumpXML): An invalid packet
could include a too-large "ans.len" value, which would make us allocate
too much memory and then copy data from beyond the end of "ans",
possibly evoking a segfault.  Ensure that the value we use is no
larger than the remaining portion of "ans".
Also, change unnecessary memmove to memcpy (src and dest obviously
do not overlap, so no need to use memmove).
(xenProxyDomainGetOSType): Likewise.
(xenProxyGetCapabilities): Likewise.
2010-03-05 18:30:57 +01:00
Jim Meyering
4697def66b qemuMonitorTextGetMemoryStats: decrease risk of false positive in parsing
The code erroneously searched the entire "reply" for a comma, when
its intent was to search only that portion after "balloon: actual="
* src/qemu/qemu_monitor_text.c (qemuMonitorTextGetMemoryStats):
Search for "," only starting *after* the BALLOON_PREFIX string.
Otherwise, we'd be more prone to false positives.
2010-03-05 18:28:56 +01:00
Daniel P. Berrange
09ed07293f Fix USB passthrough based on product/vendor
Changeset

  commit 5073aa994a
  Author: Cole Robinson <crobinso@redhat.com>
  Date:   Mon Jan 11 11:40:46 2010 -0500

Added support for product/vendor based passthrough, but it only
worked at the security driver layer. The main guest XML config
was not updated with the resolved bus/device ID. When the QEMU
argv refactoring removed use of product/vendor, this then broke
launching guests.

THe solution is to move the product/vendor resolution up a layer
into the QEMU driver. So the first thing QEMU does is resolve
the product/vendor to a bus/device and updates the XML config
with this info. The rest of the code, including security drivers
and QEMU argv generated can now rely on bus/device always being
set.

* src/util/hostusb.c, src/util/hostusb.h: Split vendor/product
  resolution code out of usbGetDevice and into usbFindDevice.
  Add accessors for bus/device ID
* src/security/virt-aa-helper.c, src/security/security_selinux.c,
  src/qemu/qemu_security_dac.c: Remove vendor/product from the
  usbGetDevice() calls
* src/qemu/qemu_driver.c: Use usbFindDevice to resolve vendor/product
  into a bus/device ID
2010-03-05 15:05:14 +00:00
Daniel P. Berrange
84a25570cb Convert QEMU driver all hotunplug code from pci_del to device_del
The pci_del command is not being ported to QMP. Convert all the
QEMU hotplug code over to use device_del whenever it is available
to avoid the pci_del problem

* src/qemu/qemu_driver.c: Convert unplug code to device_del
2010-03-05 15:02:40 +00:00
Daniel P. Berrange
8c82479d83 Support hot-unplug for USB devices in QEMU
Previously hot-unplug could not be supported for USB devices
in QEMU, since usb_del required the guest visible address
which libvirt never knows. With 'device_del' command we can
now unplug based on device alias, so support that.

* src/qemu/qemu_driver.c: Use device_del to remove USB devices
2010-03-05 15:02:40 +00:00
Daniel P. Berrange
b70a1f455c Tweak container initialization to make upstart/init happier
Upstart crashes & burns in a heap if $TERM environment variable
is missing. Presumably the kernel always sets this when booting
init on a real machine, so libvirt should set it for containers
too.

To make a typical inittab / mingetty setup happier, we need to
symlink the primary console /dev/pts/0 to /dev/tty1.

Improve logging in certain scenarios to make troubleshooting
easier

* src/lxc/lxc_container.c: Create /dev/tty1 and set $TERM
2010-03-05 15:00:58 +00:00
Daniel P. Berrange
57db02e8c0 Misc fixes for LXC cgroups setup
When using the 'ns' cgroup controller, the moment a process calls
'unshare(CLONE_NEWNS)', it will be given a private cgroup tree
under its current location. This really messages up the LXC
controller process, because it ends up creating the containers'
cgroup in the wrong place. The fix is fairly easy, just move
the cgroup setup before the code which calls unshare(). The
'ns' controller will still create extra undesired cgroups, but
they at least won't break libvirt's setup now.

The patch also adds a missing cgroups allow rule for /dev/tty
device node
2010-03-05 15:00:58 +00:00
Daniel P. Berrange
ede3bc1128 Avoid creating top level cgroups if just querying for existance
When getting the driver/domain cgroup it is possible to specify
whether it should be auto created. If auto-creation was turned
off, libvirt still mistakenly created its own top level cgroup

* src/util/cgroup.c: Honour autocreate flag for top level cgroup
2010-03-05 15:00:58 +00:00
Laine Stump
219305df44 Change default for storage uid/gid from getuid()/getgid() to -1/-1
This allows the config to have a setting that means "leave it alone",
eg when building a pool where the directory already exists the user
may want the current uid/gid of the directory left intact. This
actually gets us back to older behavior - before recent changes to the
pool building code, we weren't as insistent about honoring the uid/gid
settings in the XML, and virt-manager was taking advantage of this
behavior.

As a side benefit, removing calls to getuid/getgid from the XML
parsing functions also seems like a good idea. And having a default
that is different from a common/useful value (0 == root) is a good
thing in general, as it removes ambiguity from decisions (at least one
place in the code was checking for (perms.uid == 0) to see if a
special uid was requested).

Note that this will only affect newly created pools and volumes. Due
to the way that the XML is parsed, then formatted for newly created
volumes, all existing pools/volumes already have an explicit uid and
gid set.

src/conf/storage_conf.c: Remove calls to setuid/setgid for default values
                         of uid/gid, and set them to -1 instead

src/storage/storage_backend.c:
src/storage/storage_backend_fs.c:
        Make account for the new default values of perms.uid
        and perms.gid.
2010-03-04 17:35:27 -05:00
Diego Elio Pettenò
c7434706a2 build: vbox: avoid build failure when linking with --no-add-needed
With the recent changes to the linking defaults in Fedora 13 (namely
enabling --no-add-needed behaviour by default), we have to pass the
dlopen()-providing libraries directly at the link of the module; use the
same AC_SEARCH_LIBS function as used before to look for it and add it to
the Makefile.
2010-03-04 17:25:22 +01:00
Daniel P. Berrange
e8d6c28955 Support VCPU hotplug in QEMU guests
QEMU has a monitor command 'set_cpu' which allows a specific
CPU to be toggled between online& offline state. libvirt CPU
hotplug does not work in terms of individual indexes CPUs.
Thus to support this, we iteratively toggle the online state
when the total number of vCPUs is adjusted via libvirt

NB, currently untested since QEMU segvs when running this!

* src/qemu/qemu_driver.c: Toggle online state for CPUs when
  doing hotplug
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
  src/qemu/qemu_monitor_json.c, src/qemu/qemu_monitor_json.h,
  src/qemu/qemu_monitor_text.c, src/qemu/qemu_monitor_text.h: Add
  monitor API for toggling a CPU's online status via 'set_cpu
2010-03-04 13:19:29 +00:00
Daniel P. Berrange
ce5ced1d00 Fix parser checking of storage pool device
The storage backend implementations all presume that the XML parser
is validating correctness of the source specification. The check for
a source device was lost at some point. This allowed for a potential
crash in the disk backend. Re-introduce the sanity check

* src/conf/storage_conf.c: Re-add check for source device
2010-03-04 11:57:06 +00:00
Daniel P. Berrange
e609aae673 Fix mis-leading error message in pool delete API
When trying to delete a pool the error message claimed the volume
could not be deleted.

* src/storage/storage_driver.c: Error message referred to
  volumes instead of pools
2010-03-04 11:56:50 +00:00
Daniel P. Berrange
1227d08640 Fix typo in QEMU migration command name
The QMP code was running query-migration instead of query-migrate.
This doesn't work so well

* src/qemu/qemu_monitor_json.c: s/query-migration/query-migrate/
2010-03-04 11:56:40 +00:00
Daniel P. Berrange
b50d48b158 Don't raise error message from cgroups if QEMU fails to start
The code to remove the cgroup after QEMU failed to startup could
be obscuring a real error from earlier on. It is not neccessary
to raise an error in this case, so tell cgroups to keep quiet

* src/qemu/qemu_driver.c: Don't raise cgroups error in QEMU start
  cleanup code.
2010-03-04 11:56:21 +00:00
Daniel P. Berrange
badfe6c75e Add missing device type check in QEMU PCI hotunplug
The QEMU hotunplug code for PCI devices was looking at host
devices in the guest config without first filtering non
PCI devices. This means it was reading garbage

* src/qemu/qemu_driver.c: Filter out non-PCI devices
2010-03-04 11:56:07 +00:00
Chris Lalancette
6ef5a5beeb Add a define for NFS_SUPER_MAGIC
Commit 3c12a67b76 added
a dependency on the NFS_SUPER_MAGIC macro, which is
defined in linux/magic.h.  Unfortunately linux/magic.h
is not available in RHEL-5, and causes a compile error.
Just define it locally, since this is something that
can't change.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-03-03 12:43:09 -05:00
Laine Stump
3c12a67b76 Make domain save work on root-squash NFS
Move *all* file operations related to creation and writing of libvirt
header to the domain save file into a hook function that is called by
virFileOperation. First try to call virFileOperation as root. If that
fails with EACCESS, and (in the case of Linux) statfs says that we're
trying to save the file on an NFS share, rerun virFileOperation,
telling it to fork a child process and setuid to the qemu user. This
is the only way we can successfully create a file on a root-squashed
NFS server.

This patch (along with setting dynamic_ownership=0 in qemu.conf)
makes qemudDomainSave work on root-squashed NFS.

* src/qemu/qemu_driver.c: provide new qemudDomainSaveFileOpHook()
  utility, use it in qemudDomainSave() if normal creation of the
  file as root failed, and after checking the filesystem type for
  the storage is NFS. In that case we also bypass the security
  driver, as this would fail on NFS.
2010-03-03 17:07:18 +01:00
Laine Stump
a03121bcfe Fix domain restore for files on root-squash NFS
If qemudDomainRestore fails to open the domain save file, create a
pipe, then fork a process that does setuid(qemu_user) and opens the
file, then reads this file and stuffs it into the pipe. the parent
libvirtd process will use the other end of the pipe as its fd, then
reap the child process after it's done reading.

This makes domain restore work on a root-squash NFS share that is only
visible to the qemu user.

* src/qemu/qemu_driver.c: add new qemudOpenAsUID() helper function,
  and use it in qemudDomainRestore() if reading as root directly failed.
2010-03-03 16:40:49 +01:00
Daniel P. Berrange
9882123d69 Fix USB/PCI device address aliases in QEMU hotplug driver
The USB/PCI device hotplug code for the QEMU driver was forgetting
to allocate a unique device alias.

* src/qemu/qemu_driver.c: Fill in device alias for USB/PCI devices
2010-03-03 14:56:15 +00:00
Daniel P. Berrange
44f687297a Fix detection of errors in QEMU device_add command
The code assumed that 'device_add' returned an empty string upon
success. This is not true, it sometimes prints random debug info.
THus we need to check for an explicit fail string

* src/qemu/qemu_monitor_text.c: Fix error checking of the device_add
  monitor command
2010-03-03 14:56:15 +00:00
Eric Blake
a8464c516b esx: don't ignore failure on close
Another warning caught by coverity.  Continue to perform best-effort
closing and resource release, but warn the caller about the failure.

* src/esx/esx_driver.c (esxClose): Return an error on failure to close.
2010-03-03 11:22:46 +01:00
Eric Blake
4acbb29821 uml: avoid crash on partial read
Coverity detected a potential dereference of uninitialized memory
if recvfrom got cut short.

* src/uml/uml_driver.c (umlMonitorCommand): Validate complete read
prior to dereferencing res.
2010-03-03 10:17:31 +01:00
Jiri Denemark
a64e3b3e68 Fix safezero()
Various safezero() implementations used either -1, errno or -errno
return values. This patch fixes them all to return -1 and set errno
appropriately.

There was also a bug in size parameter passed to safewrite() which could
result in an attempt to write gigabytes out of a megabyte buffer.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2010-03-02 18:16:32 +01:00
Daniel P. Berrange
cf1045338e Fix QEMU domain state after a save attempt fails
When a VM save attempt failed, the VM would be left in a paused
state. It is neccessary to resume CPU execution upon failure
if it was running originally

* src/qemu/qemu_driver.c: Resume CPUs upon save failure
2010-03-02 16:23:31 +00:00
Daniel P. Berrange
04c7abd9c3 Support job cancellation in QEMU driver
This supports cancellation of jobs for the QEMU driver against
the virDomainMigrate, virDomainSave and virDomainCoreDump APIs.
It is not yet supported for the virDomainRestore API, although
it is desirable.

* src/qemu/qemu_driver.c: Issue 'migrate_cancel' command if
  virDomainAbortJob is issued during a migration operation
* tools/virsh.c: Add a domjobabort command
2010-03-02 16:23:31 +00:00
Daniel P. Berrange
b1a7ebfdec Remote driver implementation for the virDomainAbortJob APi
This defines the wire protocol for the new API

* src/remote/remote_protocol.x: Wire protocol definition
* src/remote/remote_driver.c,daemon/remote.c: Client and server
  side implementation
* daemon/remote_dispatch_args.h, daemon/remote_dispatch_prototypes.h,
  daemon/remote_dispatch_table.h, src/remote/remote_protocol.c,
  src/remote/remote_protocol.h: Re-generate from remote_protocol.x
2010-03-02 16:23:31 +00:00
Daniel P. Berrange
0d8aa35f60 Wire up internal entry points for virDomainAbortJob API
This provides the internal glue for the driver API

* src/driver.h: Internal API contract
* src/libvirt.c, src/libvirt_public.syms: Connect public API
  to driver API
* src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/opennebula/one_driver.c,
  src/openvz/openvz_driver.c, src/phyp/phyp_driver.c,
  src/qemu/qemu_driver.c, src/remote/remote_driver.c,
  src/test/test_driver.c src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
  src/xen/xen_driver.c: Stub out entry points
2010-03-02 16:23:31 +00:00
Daniel P. Berrange
0d3eee7fe8 Add QEMU driver support for job info on migration ops
Introduce support for  virDomainGetJobInfo in the QEMU driver. This
allows for monitoring of any API that uses the 'info migrate' monitor
command. ie virDomainMigrate, virDomainSave and virDomainCoreDump

Unfortunately QEMU does not provide a way to monitor incoming migration
so we can't wire up virDomainRestore yet.

The virsh tool gets a new command 'domjobinfo' to query status

* src/qemu/qemu_driver.c: Record virDomainJobInfo and start time
  in qemuDomainObjPrivatePtr objects. Add generic shared handler
  for calling 'info migrate' with all migration based APIs.
* src/qemu/qemu_monitor_text.c: Fix parsing of 'info migration' reply
* tools/virsh.c: add new 'domjobinfo' command to query progress
2010-03-02 16:23:24 +00:00
Daniel P. Berrange
b85a53405c Remote driver implmentation of job info API
* src/remote/remote_protocol.x: Define wire protocol format
  for virDomainGetJobInfo API
* src/remote/remote_driver.c, daemon/remote.c: Implement client
  and server marshalling code for virDomainGetJobInfo()
* daemon/remote_dispatch_args.h, daemon/remote_dispatch_prototypes.h
  daemon/remote_dispatch_ret.h, daemon/remote_dispatch_table.h,
  src/remote/remote_protocol.c, src/remote/remote_protocol.h: Rebuild
  files from src/remote/remote_protocol.x
2010-03-02 16:22:31 +00:00
Daniel P. Berrange
92bd859a29 Stub out internal driver entry points for job processing
The internal glue layer for the new pubic API

* src/driver.h: Define internal driver API contract
* src/libvirt.c, src/libvirt_public.syms: Wire up public
  API to internal driver API
* src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/opennebula/one_driver.c,
  src/openvz/openvz_driver.c, src/phyp/phyp_driver.c,
  src/qemu/qemu_driver.c, src/remote/remote_driver.c,
  src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
  src/xen/xen_driver.c: Stub new entry point
2010-03-02 16:22:31 +00:00
Eric Blake
84ef5aecca build: silence coverity warning in node_device
All other uses of get_str_prop in this file that ignored
failure explicitly cast to void.

* src/node_device/node_device_hal.c (dev_create): Silence coverity
warning.
2010-03-02 16:12:48 +01:00
Rolf Eike Beer
bc0f737dd7 Fix error messages when parsing USB devices in QEMU
A number of the error messages raised when parsing USB devices
refered to PCI devices by mistake

* src/qemu/qemu_conf.c: s/PCI/USB/ in qemuParseCommandLineUSB()
2010-03-02 12:30:18 +00:00
Rolf Eike Beer
06973f7065 Fix USB hotplug device string in QEMU driver
The USB hotplug method was mistakenly generating a PCI address
string

* src/qemu/qemu_driver.c: Fix USB hotplug device string
2010-03-02 12:30:18 +00:00
Wolfgang Mauerer
8540dadbe9 Use device_del to remove SCSI controllers
when the underlying qemu supports the drive/device model and the
controller has been added this way.
* src/qemu/qemu_driver.c: use qemuMonitorDelDevice() when detaching
  PCI controller and if supported
* src/qemu/qemu_monitor.[ch]: add new qemuMonitorDelDevice() function
* src/qemu/qemu_monitor_json.[ch]: JSON backend for DelDevice command
* src/qemu/qemu_monitor_text.[ch]: Text backend for DelDevice command
2010-03-02 09:40:51 +01:00
Wolfgang Mauerer
55946f23a6 Fix PCI address handling when controllers are deleted
* src/qemu/qemu_driver.c: in qemudDomainDetachPciControllerDevice()
  when a controller is not present in the system anymore, the PCI
  address must be deleted from libvirt's hashtable because it can
  be re-used for other purposes.
2010-03-02 09:28:26 +01:00
Wolfgang Mauerer
24cc058e5e Fix data structure handling when controllers are attached
* src/qemu/qemu_driver.c: in qemudDomainAttachDevice(), one must not
  delete the data part when the operation succeeds because it is
  required later on. The correct pattern to handlethe parsed
  representation of the device information on success
  is dev->data.controller = NULL; virDomainDeviceDefFree(dev);,
  which leaves the structure pointed at by data in memory.
2010-03-02 09:24:59 +01:00