Commit Graph

775 Commits

Author SHA1 Message Date
Jim Fehlig
412afdb8f4 util: introduce virSocketAddrParseAny
When preparing for migration, the libxl driver creates a new TCP listen
socket for the incoming migration by calling virNetSocketNewListenTCP,
passing the destination host name. virNetSocketNewListenTCP calls
virSocketAddrParse to check if the host name is a wildcard address, in
which case it avoids adding the AI_ADDRCONFIG flag to the hints passed to
getaddrinfo. If the host name is not an IP address, virSocketAddrParse
reports an error

error : virSocketAddrParseInternal:121 : Cannot parse socket address
'myhost.example.com': Name or service not known

But virNetSocketNewListenTCP succeeds regardless and the overall migration
operation succeeds.

Introduce virSocketAddrParseAny and use it when simply testing if a host
name/addr is parsable.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-04-05 14:50:15 -06:00
Daniel P. Berrangé
86cae503a4 rpc: avoid crashing in pre-exec if no workers are present
If max_workers is set to zero, then the worker thread pool won't be
created, so when serializing state for pre-exec we must set various
parameters to zero.

Reviewed-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-08 15:40:29 +00:00
Daniel P. Berrangé
06e7ebb608 rpc: invoke the message dispatch callback with client unlocked
Currently if the virNetServer instance is created with max_workers==0 to
request a non-threaded dispatch process, we deadlock during dispatch

  #0  0x00007fb845f6f42d in __lll_lock_wait () from /lib64/libpthread.so.0
  #1  0x00007fb845f681d3 in pthread_mutex_lock () from /lib64/libpthread.so.0
  #2  0x000055a6628bb305 in virMutexLock (m=<optimized out>) at util/virthread.c:89
  #3  0x000055a6628a984b in virObjectLock (anyobj=<optimized out>) at util/virobject.c:435
  #4  0x000055a66286fcde in virNetServerClientIsAuthenticated (client=client@entry=0x55a663a7b960)
      at rpc/virnetserverclient.c:1565
  #5  0x000055a66286cc17 in virNetServerProgramDispatchCall (msg=0x55a663a7bc50, client=0x55a663a7b960,
      server=0x55a663a77550, prog=0x55a663a78020) at rpc/virnetserverprogram.c:407
  #6  virNetServerProgramDispatch (prog=prog@entry=0x55a663a78020, server=server@entry=0x55a663a77550,
      client=client@entry=0x55a663a7b960, msg=msg@entry=0x55a663a7bc50) at rpc/virnetserverprogram.c:307
  #7  0x000055a662871d56 in virNetServerProcessMsg (msg=0x55a663a7bc50, prog=0x55a663a78020, client=0x55a663a7b960,
      srv=0x55a663a77550) at rpc/virnetserver.c:148
  #8  virNetServerDispatchNewMessage (client=0x55a663a7b960, msg=0x55a663a7bc50, opaque=0x55a663a77550)
      at rpc/virnetserver.c:227
  #9  0x000055a66286e4c0 in virNetServerClientDispatchRead (client=client@entry=0x55a663a7b960)
      at rpc/virnetserverclient.c:1322
  #10 0x000055a66286e813 in virNetServerClientDispatchEvent (sock=<optimized out>, events=1, opaque=0x55a663a7b960)
      at rpc/virnetserverclient.c:1507
  #11 0x000055a662899be0 in virEventPollDispatchHandles (fds=0x55a663a7bdc0, nfds=<optimized out>)
      at util/vireventpoll.c:508
  #12 virEventPollRunOnce () at util/vireventpoll.c:657
  #13 0x000055a6628982f1 in virEventRunDefaultImpl () at util/virevent.c:327
  #14 0x000055a6628716d5 in virNetDaemonRun (dmn=0x55a663a771b0) at rpc/virnetdaemon.c:858
  #15 0x000055a662864c1d in main (argc=<optimized out>,
  #argv=0x7ffd105b4838) at logging/log_daemon.c:1235

Reviewed-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-08 15:40:29 +00:00
Daniel P. Berrangé
c6f1d5190b rpc: simplify calling convention of virNetServerClientDispatchFunc
Currently virNetServerClientDispatchFunc implementations are only
responsible for free'ing the "msg" parameter upon success. Simplify the
calling convention by making it their unconditional responsibility to
free the "msg", and close the client if desired.

Reviewed-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-08 15:40:29 +00:00
Daniel P. Berrangé
464889fff8 rpc: push ref acquisition into RPC dispatch function
There's no reason why the virNetServerClientDispatchRead method needs to
acquire an extra reference on the "client" object. An extra reference is
only needed if the registered dispatch callback is going to keep hold of
the "client" for work in the background. Thus we can push reference
acquisition into virNetServerDispatchNewMessage.

Reviewed-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-08 15:40:29 +00:00
Daniel P. Berrangé
d7d96a6d14 make: split RPC build rules into rpc/Makefile.inc.am
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-05 17:12:01 +00:00
Daniel P. Berrangé
6c84533f04 rpc: handle missing switch enum cases
Ensure all enum cases are listed in switch statements.

Reviewed-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-02-21 16:59:28 +00:00
John Ferlan
a8ef7b69dc netserver: Remove ServiceToggle during ServerDispose
No sense in calling ServiceToggle for all nservices during
ServiceDispose since ServerClose calls ServiceClose which
removes the IOCallback that's being toggled via ServiceToggle.

Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-02-02 18:01:00 -05:00
Daniel P. Berrangé
1b9fe756ec rpc: fix non-NULL annotations when GNUTLS is disabled
The position of various parameters changes depending on the WITH_GNUTLS
macro.

Reviewed-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-02-02 13:00:48 +00:00
Daniel P. Berrangé
17398ccef3 rpc: assume private data callbacks are always non-NULL
Since we annotate the APIs are having non-NULL parameters, we can remove
the checks for NULL in the code too.

Reviewed-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-02-02 13:00:48 +00:00
Daniel P. Berrange
8aca141081 rpc: refactor virNetServer setup for post-exec restarts
With the current code it is neccessary to call

  virNetDaemonNewPostExecRestart()

and then for each server that needs restarting you are supposed
to call

  virNetDaemonAddSeverPostExecRestart()

This is fine if there's only ever one server, but as soon as you
have two servers it is impossible to use this design. The code
has no idea which servers were recorded in the JSON state doc,
nor in which order the hash table serialized its keys.

So this patch changes things so that we only call

  virNetDaemonNewPostExecRestart()

passing in a callback, which is invoked once for each server
found int he JSON state doc.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2018-01-31 15:17:14 +00:00
Daniel P. Berrange
e72f3e5933 rpc: add method for checking if a named server exists
It is not possible to blindly call virNetDaemonGetServer()
because in a post-exec restart scenario, some servers may
not exist and this method will pollute the error logs.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2018-01-31 15:16:40 +00:00
Daniel P. Berrange
9da0cc9ddb rpc: annotate various parameters as being required to be non-NULL
The server name and client data callbacks need to be non-NULL or the
system will crash at various times. This is particularly bad when some
of the crashes only occur post-exec restart.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2018-01-31 15:16:03 +00:00
Daniel P. Berrange
b41780e47a rpc: pass virNetServer to post-exec restart callback in typesafe manner
The virNetServer class is passing a pointer to itself to the
virNetServerClient as a 'void *' pointer. This is presumably due to fact
that the virnetserverclient.h file doesn't see the virNetServerPtr
typedef. The typedef is easily movable though, which lets us get
typesafe parameter passing, removing the confusion of passing two
distinct 'void *' pointers to one method.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2018-01-31 15:15:25 +00:00
Daniel P. Berrange
2c76fa91d3 rpc: clarify "void *" values passed to client callbacks
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2018-01-31 15:14:47 +00:00
Daniel P. Berrange
4e13fb02fe rpc: fix race sending and encoding sasl data
The virNetSocketWriteSASL method has to encode the buffer it is given and then
write it to the underlying socket. This write is not guaranteed to send the
full amount of data that was encoded by SASL. We cache the SASL encoded data so
that on the next invocation of virNetSocketWriteSASL we carry on sending it.

The subtle problem is that the 'len' value passed into virNetSocketWriteSASL on
the 2nd call may be larger than the original value. So when we've completed
sending the SASL encoded data we previously cached, we must return the original
length we encoded, not the new length.

This flaw means we could potentially have been discarded queued data without
sending it. This would have exhibited itself as a libvirt client never receiving
the reply to a method it invokes, async events silently going missing, or worse
stream data silently getting dropped.

For this to be a problem libvirtd would have to be queued data to send to the
client, while at the same time the TCP socket send buffer is full (due to a very
slow client). This is quite unlikely so if this bug was ever triggered by a real
world user it would be almost impossible to reproduce or diagnose, if indeed it
was ever noticed at all.

Reviewed-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2018-01-25 16:29:24 +00:00
Pavel Hrdina
fae22fced4 rpc: remove redundant logic
Introduced by commit <0eaa59dce1>.  That comparison already returns
true or false.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2018-01-04 14:22:49 +01:00
Marc Hartmayer
68cdad8785 rpc: Replace virNetServerClientNeedAuth with virNetServerClientIsAuthenticated
Replace virNetServerClientNeedAuth with
virNetServerClientIsAuthenticated because it makes it clearer what it
means.

Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: Stefan Zimmermann <stzi@linux.vnet.ibm.com>
2018-01-04 06:55:31 -05:00
Marc Hartmayer
4f6a654e95 rpc: Remove virNetServerClientNeedAuthLocked
'Squash' virNetServerClientNeedAuthLocked into
virNetServerClientNeedAuth and remove virNetServerClientNeedAuthLocked
as it's not longer needed.

Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: Stefan Zimmermann <stzi@linux.vnet.ibm.com>
2018-01-04 06:55:31 -05:00
Marc Hartmayer
94bbbcee1f rpc: virnetserver: Fix race on srv->nclients_unauth
There is a race between virNetServerProcessClients (main thread) and
remoteDispatchAuthList/remoteDispatchAuthPolkit/remoteSASLFinish (worker
thread) that can lead to decrementing srv->nclients_unauth when it's
zero. Since virNetServerCheckLimits relies on the value
srv->nclients_unauth the underrun causes libvirtd to stop accepting
new connections forever.

Example race scenario (assuming libvirtd is using policykit and the
client is privileged):
  1. The client calls the RPC remoteDispatchAuthList =>
     remoteDispatchAuthList is executed on a worker thread (Thread
     T1). We're assuming now the execution stops for some time before
     the line 'virNetServerClientSetAuth(client, 0)'
  2. The client closes the connection irregularly. This causes the
     event loop to wake up and virNetServerProcessClient to be
     called (on the main thread T0). During the
     virNetServerProcessClients the srv lock is hold. The condition
     virNetServerClientNeedAuth(client) will be checked and as the
     authentication is not finished right now
     virNetServerTrackCompletedAuthLocked(srv) will be called =>
     --srv->nclients_unauth => 0
  3. The Thread T1 continues, marks the client as authenticated, and
     calls virNetServerTrackCompletedAuthLocked(srv) =>
     --srv->nclients_unauth => --0 => wrap around as nclient_unauth is
     unsigned
  4. virNetServerCheckLimits(srv) will disable the services forever

To fix it, add an auth_pending field to the client struct so that it
is now possible to determine if the authentication process has already
been handled for this client.

Setting the authentication method to none for the client in
virNetServerProcessClients is not a proper way to indicate that the
counter has been decremented, as this would imply that the client is
authenticated.

Additionally, adjust the existing test cases for this new field.

Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
2018-01-04 06:55:31 -05:00
Marc Hartmayer
f1d8251972 rpc: Introduce virNetServerSetClientAuthenticated
Combine virNetServerClientSetAuth(client,
VIR_NET_SERVER_SERVICE_AUTH_NONE) and virNetServerTrackCompletedAuth
into one new function named virNetServerSetClientAuthenticated.

After using this new function the function
virNetServerTrackCompletedAuth was superfluous and is therefore
removed. In addition, it is not very common that a
'{{function}}' (virNetServerTrackCompletedAuth) does more than just
the locking compared to
'{{function}}Locked' (virNetServerTrackCompletedAuthLocked).

virNetServerTrackPendingAuth was already superfluous and therefore
it's also removed.

Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: Stefan Zimmermann <stzi@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-01-04 06:55:31 -05:00
Marc Hartmayer
0eaa59dce1 rpc: Correct locking and simplify the function
The lock for @client must not only be held for the duration of
checking whether the client wants to close, but also for as long as
we're closing the client. The same applies to the tracking of
authentications.

Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
2018-01-04 06:55:31 -05:00
Marc Hartmayer
be680bed4a rpc: Refactor the condition whether a client needs authentication
Add virNetServerClientAuthMethodImpliesAuthenticated() for deciding
whether a authentication method implies that a client is automatically
authenticated or not. Use this new function in
virNetServerClientNeedAuthLocked().

Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: Stefan Zimmermann <stzi@linux.vnet.ibm.com>
2018-01-04 06:55:31 -05:00
Marc Hartmayer
c10103e941 rpc: First test if authentication is required
This makes the code more efficient.

Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: Stefan Zimmermann <stzi@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-01-04 06:55:31 -05:00
Marc Hartmayer
ee8bb0511d rpc: Be more precise in which cases the authentication is needed and introduce *Locked
Be more precise in which cases the authentication is needed and
introduce *Locked.

Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>
Reviewed-by: Stefan Zimmermann <stzi@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-01-04 06:55:31 -05:00
Marc Hartmayer
6e7e553180 rpc: Add typedef for the anonymous enum used for authentication methods
Add typedef for the anonymous enum used for the authentication methods
and remove the default case. This allows the usage of the type in a
switch statement and taking advantage of the compilers feature to
detect uncovered cases.

Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: Stefan Zimmermann <stzi@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-01-04 06:55:31 -05:00
Marc Hartmayer
125f7d9e10 rpc: Remove duplicate declaration of virNetServerAddClient
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: Stefan Zimmermann <stzi@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-01-04 06:55:31 -05:00
Cédric Bosdonnat
2089ab2112 netserver: close clients before stopping all drivers
So far clients were closed when disposing the daemon, after the state
driver cleanup. This was leading to libvirtd crashing at shutdown due
to missing driver.

Moving the client close in virNetServerClose() fixes the problem.

Reviewed-by: Erik Skultety <eskultet@redhat.com>
2017-12-21 13:17:26 +01:00
Erik Skultety
a8582e3656 admin: Use the connection to determine a client is connected readonly
Prior to this change, we relied solely on the inherited readonly
attribute of a service's socket. This only worked for our UNIX sockets
(and only to some degree), but doesn't work for TCP sockets which are RW
by default, but such connections support RO as well. This patch forces
an update on the client object once we have established a connection to
reflect the nature of the connection itself rather than relying on the
underlying socket's attributes.
Clients connected to the admin server have always been connected as RW
only.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1524399
Signed-off-by: Erik Skultety <eskultet@redhat.com>
2017-12-18 08:42:29 +01:00
Nikolay Shirokovskiy
47eb77fb33 rpc,lockd: Add missing netserver refcount increment on reload
After the virNetDaemonAddServerPostExec call in virtlogd we should have
netserver refcount set to 2. One goes to netdaemon servers hashtable
and one goes to virt{logd,lock} own reference to netserver. Let's add
the missing increment in virNetDaemonAddServerPostExec itself while
holding the daemon lock.

Since lockd defers management of the @srv object by the presence
in the hash table, virLockDaemonNewPostExecRestart must Unref the
alloc'd Ref on the @srv object done as part of virNetDaemonAddServerPostExec
and virNetServerNewPostExecRestart processing. The virNetDaemonGetServer
in lock_daemon main will also take a reference which is Unref'd during
main cleanup.
2017-11-06 16:19:11 -05:00
Andrea Bolognani
3e7db8d3e8 Remove backslash alignment attempts
Right-aligning backslashes when defining macros or using complex
commands in Makefiles looks cute, but as soon as any changes is
required to the code you end up with either distractingly broken
alignment or unnecessarily big diffs where most of the changes
are just pushing all backslashes a few characters to one side.

Generated using

  $ git grep -El '[[:blank:]][[:blank:]]\\$' | \
    grep -E '*\.([chx]|am|mk)$$' | \
    while read f; do \
      sed -Ei 's/[[:blank:]]*[[:blank:]]\\$/ \\/g' "$f"; \
    done

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2017-11-03 13:24:12 +01:00
Pavel Hrdina
5c52aed174 rpc: for messages with FDs always decode count of FDs from the message
The packet with passed FD has the following format:

    --------------------------
    | len | header | payload |
    --------------------------

where "payload" has an additional count of FDs before the actual data:

    ------------------
    | nfds | payload |
    ------------------

When the packet is received we parse the "header", which as a side
effect updates msg->bufferOffset to point to the beginning of "payload".
If the message call contains FDs, we need to also parse the count of
FDs, which also updates the msg->bufferOffset.

The issue here is that when we attempt to read the FDs data from the
socket and we receive EAGAIN we finish the reading and call poll()
to wait for the data the we need.  When the data arrives we already have
the packet in our buffer so we read the "header" again but this time
we don't read the count of FDs because we already have it stored.

That means that the msg->bufferOffset is not updated to point to the
actual beginning of the payload data, but it points to the count of
FDs.  After all FDs are processed we dispatch the message to process
it and decode the payload.  Since the msg->bufferOffset points to wrong
data, we decode the wrong payload and the API call fails with
error messages:

    Domain not found: no domain with matching uuid '67656e65-7269-6300-0c87-5003ca6941f2' ()

Broken by commit 133c511b52 which fixed a FD and memory leak.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2017-09-27 18:56:32 +02:00
Daniel P. Berrange
32d6c7386d Print hex values with '0x' prefix and octal with '0' in debug messages
Seeing a log message saying 'flags=93' is ambiguous & confusing unless
you happen to know that libvirt always prints flags as hex.  Change our
debug messages so that they always add a '0x' prefix when printing flags,
and '0' prefix when printing mode. A few other misc places gain a '0x'
prefix in error messages too.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-09-25 13:34:53 +01:00
Andrea Bolognani
90b17aef1a perl: Don't hardcode interpreter path
This is particularly useful on operating systems that don't ship
Perl as part of the base system (eg. FreeBSD) while still working
just as well as it did before on Linux.

In one case (src/rpc/genprotocol.pl) the interpreter path was
missing altogether.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2017-09-19 16:04:53 +02:00
Guido Günther
cdecfbed02 virnetserver: fix mesage vs message typo 2017-09-11 18:17:22 +02:00
Michal Privoznik
054c6d2721 virnetdaemon: Don't deadlock when talking to D-Bus
https://bugzilla.redhat.com/show_bug.cgi?id=1487322

In ace45e67ab I tried to fix a problem that we get the reply to
a D-Bus call while we were sleeping. In that case the callback
was never set. So I changed the code that the callback is called
directly in this case. However, I hadn't realized that since the
callback is called out of order it locks the virNetDaemon.
Exactly the very same virNetDaemon object that we are dealing
with right now and that we have locked already (in
virNetDaemonAddShutdownInhibition())

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-09-01 13:21:33 +02:00
Daniel P. Berrange
e4cb850081 rpc: avoid ssh interpreting malicious hostname as arguments
Inspired by the recent GIT / Mercurial security flaws
(http://blog.recurity-labs.com/2017-08-10/scm-vulns),
consider someone/something manages to feed libvirt a bogus
URI such as:

  virsh -c qemu+ssh://-oProxyCommand=gnome-calculator/system

In this case, the hosname "-oProxyCommand=gnome-calculator"
will get interpreted as an argument to ssh, not a hostname.
Fortunately, due to the set of args we have following the
hostname, SSH will then interpret our bit of shell script
that runs 'nc' on the remote host as a cipher name, which is
clearly invalid. This makes ssh exit during argv parsing and
so it never tries to run gnome-calculator.

We are lucky this time, but lets be more paranoid, by using
'--' to explicitly tell SSH when it has finished seeing
command line options. This forces it to interpret
"-oProxyCommand=gnome-calculator" as a hostname, and thus
see a fail from hostname lookup.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-08-29 18:02:03 +01:00
Michal Privoznik
ace45e67ab virNetDaemonCallInhibit: Call virNetDaemonGotInhibitReply properly
So there are couple of issues here. Firstly, we never unref the
@pendingReply and thus it leaks.

==13279== 144 (72 direct, 72 indirect) bytes in 1 blocks are definitely lost in loss record 1,095 of 1,259
==13279==    at 0x4C2E080: calloc (vg_replace_malloc.c:711)
==13279==    by 0x781FA97: _dbus_pending_call_new_unlocked (in /usr/lib64/libdbus-1.so.3.14.11)
==13279==    by 0x7812A4C: dbus_connection_send_with_reply (in /usr/lib64/libdbus-1.so.3.14.11)
==13279==    by 0x56BEDF3: virNetDaemonCallInhibit (virnetdaemon.c:514)
==13279==    by 0x56BEF18: virNetDaemonAddShutdownInhibition (virnetdaemon.c:536)
==13279==    by 0x12473B: daemonInhibitCallback (libvirtd.c:742)
==13279==    by 0x1249BD: daemonRunStateInit (libvirtd.c:823)
==13279==    by 0x554FBCF: virThreadHelper (virthread.c:206)
==13279==    by 0x8F913D3: start_thread (in /lib64/libpthread-2.23.so)
==13279==    by 0x928DE3C: clone (in /lib64/libc-2.23.so)

Secondly, while we send the message, we are suspended ('cos we're
talking to a UNIX socket).  However, until we are resumed back
again the reply might have came therefore subsequent
dbus_pending_call_set_notify() has no effect and in fact the
virNetDaemonGotInhibitReply() callback is never called. Thirdly,
the dbus_connection_send_with_reply() has really stupid policy
for return values. To cite the man page:

  Returns
      FALSE if no memory, TRUE otherwise.

Yes, that's right. If anything goes wrong and it's not case of
OOM then TRUE is returned, i.e. you're trying to pass FDs and
it's not supported, or you're not connected, or anything else.
Therefore, checking for return value of
dbus_connection_send_with_reply() is not enoguh. We also have to
check if @pendingReply is not NULL before proceeding any further.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-08-01 11:37:51 +02:00
Daniel P. Berrange
407a281a8e Revert "Prevent more compiler optimization of mockable functions"
This reverts commit e4b980c853.

When a binary links against a .a archive (as opposed to a shared library),
any symbols which are marked as 'weak' get silently dropped. As a result
when the binary later runs, those 'weak' functions have an address of
0x0 and thus crash when run.

This happened with virtlogd and virtlockd because they don't link to
libvirt.so, but instead just libvirt_util.a and libvirt_rpc.a. The
virRandomBits symbols was weak and so left out of the virtlogd &
virtlockd binaries, despite being required by virHashTable functions.

Various other binaries like libvirt_lxc, libvirt_iohelper, etc also
link directly to .a files instead of libvirt.so, so are potentially
at risk of dropping symbols leading to a later runtime crash.

This is normal linker behaviour because a weak symbol is not treated
as undefined, so nothing forces it to be pulled in from the .a You
have to force the linker to pull in weak symbols using -u$SYMNAME
which is not a practical approach.

This risk is silent bad linkage that affects runtime behaviour is
not acceptable for a fix that was merely trying to fix the test
suite. So stop using __weak__ again.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-07-13 13:07:06 +01:00
Daniel P. Berrange
c8fb3c3159 rpc: improve error message for bounds check
If we exceed a fixed limit in RPC code we get a horrible message
like this, if the parameter type is a 'string', because we forgot
to initialize the error message type field:

  $ virsh snapshot-list ostack1
  error: too many remote undefineds: 1329 > 1024

It would also be useful to know which RPC call and field was
exceeded. So this patch makes us report:

  $ virsh snapshot-list ostack1
  error: too many remote undefineds: 1329 > 1024,
  in parameter 'names' for 'virDomainSnapshotListNames'

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-07-11 15:16:41 +01:00
Daniel P. Berrange
e4b980c853 Prevent more compiler optimization of mockable functions
Currently all mockable functions are annotated with the 'noinline'
attribute. This is insufficient to guarantee that a function can
be reliably mocked with an LD_PRELOAD. The C language spec allows
the compiler to assume there is only a single implementation of
each function. It can thus do things like propagating constant
return values into the caller at compile time, or creating
multiple specialized copies of the function body each optimized
for a different caller. To prevent these optimizations we must
also set the 'noclone' and 'weak' attributes.

This fixes the test suite when libvirt.so is built with CLang
with optimization enabled.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-07-11 13:57:12 +01:00
Daniel P. Berrange
f0a55af368 Improve logging of shutdown inhibitor
The log category for virnetdaemon.c was mistakenly set
to rpc.netserver. Some useful info about the inhibitor
file descriptor was also never logged.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-07-05 13:12:22 +01:00
Daniel P. Berrange
3e03d1bd7e Fix conditional check for DBus
The DBus conditional was renamed way back:

  commit da77f04ed5
  Author: Daniel P. Berrange <berrange@redhat.com>
  Date:   Thu Sep 20 15:05:39 2012 +0100

    Convert HAVE_DBUS to WITH_DBUS

but the shutdown inhibit code was not updated. Thus libvirt
was never inhibiting shutdown by a logged in user when VMs
are running.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-07-05 13:12:21 +01:00
Marc Hartmayer
adf846d3c9 Use ATTRIBUTE_FALLTHROUGH
Use ATTRIBUTE_FALLTHROUGH, introduced by commit
5d84f5961b, instead of comments to
indicate that the fall through is an intentional behavior.

Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>
2017-06-12 19:11:30 -04:00
Marc Hartmayer
e9538813ec rpc: first allocate the memory and then set the count
Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>
2017-06-12 19:11:30 -04:00
Michal Privoznik
1a4b21f1c6 virNetClientStreamQueuePacket: Set st->incomingEOF on the end of stream
While reworking client side of streams, I had to postpone payload
decoding so that stream holes and stream data can be
distinguished in virNetClientStreamRecvPacket. That's merely what
18944b7aea does. However, I accidentally removed one important
bit: when server sends us an empty STREAM packet (with no
payload) - meaning end of stream - st->incomingEOF flag needs to
be set. It used to be before I touched the code. After I removed
it, virNetClientStreamRecvPacket will try to fetch more data from
the stream, but it will never come.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
2017-06-07 18:00:25 +02:00
Richard W.M. Jones
b088f85d42 rpc: Double buffer size instead of quadrupling buffer size.
When increasing the buffer size up to VIR_NET_MESSAGE_MAX, we
currently quadruple it each time.  This unfortunately means that we
cannot allow certain buffer sizes -- for example the current
VIR_NET_MESSAGE_MAX == 33554432 can never be "hit" since ‘newlen’
jumps from 16MB to 64MB.

Instead of quadrupling, double it each time.

Thanks: Daniel Berrange.
Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
2017-05-26 13:53:31 +01:00
Peter Krempa
97863780e8 rpc: Bump maximum message size to 32M
While most of the APIs are okay with 16M messages, the bulk stats API
can run into the limit in big configurations. Before we devise a new
plan for this, bump this limit slightly to accomodate some more configs.
2017-05-24 14:02:29 +02:00
Michal Privoznik
0da4a635bc virStream: Forbid negative seeks
Currently, we don't assign any meaning to that. Our current view
on virStream is that it's merely a pipe. And pipes don't support
seeking.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-05-18 15:05:18 +02:00
Michal Privoznik
8f08f28f74 gendispatch: Introduce @sparseflag for our calls
Now, not all APIs are going to support sparse streams. To some it
makes no sense at all, e.g. virDomainOpenConsole() or
virDomainOpenChannel(). To others, we will need a special flag to
indicate that client wants to enable sparse streams. Instead of
having to write RPC dispatchers by hand we can just annotate in
our .x files that a certain flag to certain RPC call enables this
feature. For instance:

     /**
      * @generate: both
      * @readstream: 1
      * @sparseflag: VIR_SPARSE_STREAM
      * @acl: storage_vol:data_read
      */
     REMOTE_PROC_DOMAIN_SOME_API = XXX,

Therefore, whenever client calls virDomainSomeAPI(..,
VIR_SPARSE_STREAM); daemon will mark that down and send stream
skips when possible.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-05-18 07:42:13 +02:00
Michal Privoznik
31024b3d05 remote_driver: Implement VIR_STREAM_RECV_STOP_AT_HOLE
This is fairly trivial now that we have everything in place.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-05-18 07:42:13 +02:00
Michal Privoznik
022705b81f virNetClientStream: Wire up VIR_NET_STREAM_HOLE
Whenever server sends a client stream packet (either regular with
actual data or stream skip one) it is queued on @st->rx. So the
list is a mixture of both types of stream packets. So now that we
have all the helpers needed we can wire their processing up. But
since virNetClientStreamRecvPacket doesn't support
VIR_STREAM_RECV_STOP_AT_HOLE flag yet, let's turn all received
skips into zeroes repeating requested times.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-05-18 07:42:13 +02:00
Michal Privoznik
57760ec1e2 Introduce virNetClientStreamRecvHole
This function will fetch previously processed stream holes and
return their sum.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-05-18 07:42:13 +02:00
Michal Privoznik
486656f168 virNetClientStreamRecvPacket: Introduce @flags argument
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-05-18 07:42:13 +02:00
Michal Privoznik
c6e0fcce4c virnetclientstream: Introduce virNetClientStreamHandleHole
This is a function that handles an incoming STREAM_HOLE packet.
Even though it is not wired up yet, it will be soon. At the
beginning do couple of checks whether server plays nicely and
sent us a STREAM_HOLE packed only after we've enabled sparse
streams. Then decodes the message payload to see how big the hole
is and stores it in passed @length argument.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-05-18 07:42:13 +02:00
Michal Privoznik
87f2a5c65d virnetclientstream: Introduce virNetClientStreamSendHole
While the previous commit implemented a helper for sending a
STREAM_HOLE packet for daemon, this is a client's counterpart.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-05-18 07:42:13 +02:00
Michal Privoznik
fa19af0a13 daemon: Introduce virNetServerProgramSendStreamHole
This is just a helper function that takes in a length value,
encodes it into XDR and sends to client.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-05-18 07:42:13 +02:00
Michal Privoznik
79d16419c4 Introduce VIR_NET_STREAM_HOLE message type
This is a special type of stream packet, that is bidirectional
and contains information regarding how many bytes each side will
be skipping in the stream.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-05-18 07:42:13 +02:00
Michal Privoznik
7ddf7cbffd RPC: Introduce virNetStreamHole
This is going to be RPC representation for virStreamSendHole.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-05-18 07:42:13 +02:00
Michal Privoznik
5f4f9d87a9 Add new flag to daemonCreateClientStream and virNetClientStreamNew
Add a new argument to daemonCreateClientStream in order to allow for
future expansion to mark that a specific stream can be used to skip
data, such as the case with sparsely populated files. The new flag will
be the eventual decision point between client/server to decide whether
both ends can support and want to use sparse streams.

A new bool 'allowSkip' is added to both _virNetClientStream and
daemonClientStream in order to perform the tracking.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-05-18 07:42:13 +02:00
Michal Privoznik
8b6ffe4077 virNetClientStreamNew: Track origin stream
Add a virStreamPtr pointer to the _virNetClientStream
in order to reverse track the parent stream.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-05-18 07:42:13 +02:00
Jiri Denemark
42faf316ec client: Report proper close reason
When we get a POLLHUP or VIR_EVENT_HANDLE_HANGUP event for a client, we
still want to read from the socket to process any accumulated data. But
doing so inevitably results in an error and a call to
virNetClientMarkClose before we get to processing the hangup event (and
another call to virNetClientMarkClose). However the close reason passed
to the second virNetClientMarkClose call is ignored because another one
was already set. We need to pass the correct close reason when marking
the socket to be closed for the first time.

https://bugzilla.redhat.com/show_bug.cgi?id=1373859

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2017-05-02 18:53:24 +02:00
Michal Privoznik
1a4a4ffa3e lib: Fix c99 style comments
We prefer c89 style of comments.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-04-27 14:13:19 +02:00
Yi Wang
ab5bb6f346 rpc: fix keep alive timer segfault
ka maybe have been freeed in virObjectUnref, application using
virKeepAliveTimer will segfault when unlock ka. We should keep
ka's refs positive before using it.

#0  0x00007fd8f79970e8 in virClassIsDerivedFrom (klass=0xdeadbeef, parent=0x7fd8e8001b80) at util/virobject.c:169
#1  0x00007fd8f799742e in virObjectIsClass (anyobj=anyobj entry=0x7fd8e800b9c0, klass=<optimized out>) at util/virobject.c:365
#2  0x00007fd8f79974e4 in virObjectUnlock (anyobj=0x7fd8e800b9c0) at util/virobject.c:338
#3  0x00007fd8f7ac477e in virKeepAliveTimer (timer=<optimized out>, opaque=0x7fd8e800b9c0) at rpc/virkeepalive.c:177
#4  0x00007fd8f7e5c9cf in libvirt_virEventInvokeTimeoutCallback () from /usr/lib64/python2.7/site-packages/libvirtmod.so
#5  0x00007fd8ff64db94 in PyEval_EvalFrameEx () from /lib64/libpython2.7.so.1.0
#6  0x00007fd8ff64f1ad in PyEval_EvalCodeEx () from /lib64/libpython2.7.so.1.0
#7  0x00007fd8ff64d85f in PyEval_EvalFrameEx () from /lib64/libpython2.7.so.1.0
#8  0x00007fd8ff64d950 in PyEval_EvalFrameEx () from /lib64/libpython2.7.so.1.0
#9  0x00007fd8ff64d950 in PyEval_EvalFrameEx () from /lib64/libpython2.7.so.1.0
#10 0x00007fd8ff64f1ad in PyEval_EvalCodeEx () from /lib64/libpython2.7.so.1.0
#11 0x00007fd8ff5dc098 in function_call () from /lib64/libpython2.7.so.1.0
#12 0x00007fd8ff5b7073 in PyObject_Call () from /lib64/libpython2.7.so.1.0
#13 0x00007fd8ff5c6085 in instancemethod_call () from /lib64/libpython2.7.so.1.0
#14 0x00007fd8ff5b7073 in PyObject_Call () from /lib64/libpython2.7.so.1.0
#15 0x00007fd8ff648ff7 in PyEval_CallObjectWithKeywords () from /lib64/libpython2.7.so.1.0
#16 0x00007fd8ff67d7e2 in t_bootstrap () from /lib64/libpython2.7.so.1.0
#17 0x00007fd8ff358df3 in start_thread () from /lib64/libpthread.so.0
#18 0x00007fd8fe97d3ed in clone () from /lib64/libc.so.6

Signed-off-by: Yi Wang <wang.yi59@zte.com.cn>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-04-24 12:19:13 +02:00
Daniel P. Berrange
234ac4e18d Fix error reporting when poll returns POLLHUP/POLLERR
In the RPC client event loop code, if poll() returns only a POLLHUP
or POLLERR status, then we end up reporting a bogus error message:

  error: failed to connect to the hypervisor
  error: An error occurred, but the cause is unknown

We do actually report an error, but we virNetClientMarkClose method
has already captured the error status before we report it, so the
real error gets thrown away. The key fix is to report the error
before calling virNetClientMarkClose(). In changing this, we also
split out reporting of POLLHUP vs POLLERR to make any future bugs
easier to diagnose.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-04-20 10:15:46 +01:00
Daniel P. Berrange
f7d7825d06 Ignore SASL deprecation warnings on OS-X
Apple have annotated all SASL functions as deprecated for
unknown reasons. Since they still work, lets just ignore
the warnings. If Apple finally delete the SASL functions
our configure check should already catch that

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-04-19 10:51:51 +01:00
Daniel P. Berrange
728cacc8ab annotate all mocked functions with noinline
CLang's optimizer is more aggressive at inlining functions than
gcc and so will often inline functions that our tests want to
mock-override. This causes the test to fail in bizarre ways.

We don't want to disable inlining completely, but we must at
least prevent inlining of mocked functions. Fortunately there
is a 'noinline' attribute that lets us control this per function.

A syntax check rule is added that parses tests/*mock.c to extract
the list of functions that are mocked (restricted to names starting
with 'vir' prefix). It then checks that src/*.h header file to
ensure it has a 'ATTRIBUTE_NOINLINE' annotation. This should prevent
use from bit-rotting in future.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-04-19 10:51:51 +01:00
Pavel Hrdina
ab0a461b8c rpc: fix resource leak
Commit 252610f7dd switched to use hash to store servers.
Function virHashGetItems returns allocated array which needs
to be freed also for successful path, not only if there is
an error.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2017-04-11 13:23:00 +02:00
Marc Hartmayer
fd6e3f48ed refactoring: Use the return value of virObjectRef directly
Use the return value of virObjectRef directly. This way, it's easier
for another reader to identify the reason why the additional reference
is required.

Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>
2017-04-10 14:49:20 +02:00
Peter Krempa
21a2d1b69c rpc: serverclient: Add option to suppress errors on EOF
The protocol may not use an explicit API to close the connection and
just close the socket instead. Add option to suppress errors in such
case.
2017-03-17 17:20:22 +01:00
Peter Krempa
494c302c7f rpc: socket: Add possibility to suppress errors on read hangup
In some cases a read error due to connection hangup is expected. This
patch adds a flag that removes the logging of a virError in such case.
2017-03-17 17:19:00 +01:00
Daniel P. Berrange
83c1ab5838 Report what TLS priority string we use for a session
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-03-16 11:03:33 +00:00
Daniel P. Berrange
7310739d1f Short circuit SASL auth when no mechanisms are available
If the SASL config does not have any mechanisms we currently
just report an empty list to the client which will then
fail to identify a usable mechanism. This is a server config
error, so we should fail immediately on the server side.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-03-16 11:01:39 +00:00
Marc Hartmayer
d6bc7622f0 rpc: Fix potentially segfaults
We have to allocate first and if, and only if, it was successful we
can set the count. A segfault has occurred in
virNetServerServiceNewPostExecRestart() when VIR_ALLOC_N(svc->socks,
n) has failed, but svc->nsocsk = n was already set. Thus
virObejectUnref(svc) was called and therefore it was possible that
virNetServerServiceDispose was called => segmentation fault.  For
safeness NULL pointer check were added in
virNetServerServiceDispose().

Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>
2017-02-12 15:02:42 -05:00
Pino Toscano
1a5de3fe2e remote: do not check for an existing config dir
When composing the path to the default known_hosts file (for the libssh
and libssh2 drivers), do not check whether the configuration directory
(determined by virGetUserConfigDirectory()) exists: both the drivers can
handle non-existing files, and are able to create them (and their
directories) in that case.

This adds a small behaviour change: before, the key for an unknown host,
and manually accepted, was saved only if the configuration directory
existed -- a bit incoherent behaviour though.
2017-01-11 13:38:04 +01:00
Pino Toscano
45c4a70c70 remote: fix logic for known_hosts and keyfile checks
If any of them is specified for the libssh and libssh2 drivers, there is
no need to depend on checks based on other paths: in particular, a
specified path for known_hosts was ignored if the local config directory
could not be determined, and the path for keyfile was ignored if the
home could not be determined.

Instead, lazily determine and use these two paths only in case they are
needed.
2017-01-11 13:37:45 +01:00
Pino Toscano
408a1ce5f8 rpc: libssh: allow a NULL known_hosts file
Make sure that virNetLibsshSessionSetHostKeyVerification accepts a NULL
value for the path to the known_hosts file:
- call ssh_options_set(SSH_OPTIONS_KNOWNHOSTS) anyway, using /dev/null,
  otherwise libssh will use its default path
- do not call ssh_write_knownhost when no known hosts file was set

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1406457
2017-01-11 13:37:24 +01:00
Roman Bogorodskiy
e4cb660160 genprotocol.pl: add darwin to fixup list 2016-11-24 17:17:43 +03:00
Pino Toscano
22eaee8e01 remote: expose a new libssh transport
Implement in virtNetClient and VirNetSocket the needed functions to
expose a new libssh transport, providing all the options that the
libssh2 transport supports.
2016-11-15 15:50:51 +01:00
Pino Toscano
6917467c2b libssh_transport: add new libssh-based transport
Implement a new libssh transport, which uses libssh to communicate with
remote hosts, and add all the build system stuff (search of libssh,
private symbols, etc) to built it.

This new transport supports all the common ssh authentication methods,
making use of libvirt's auth callbacks for interaction with the user.
2016-11-15 15:50:51 +01:00
Pino Toscano
24ee5dc907 virnetsocket: improve search for default SSH key
Add a couple of helper functions to check whether one of the default
names of SSH keys (as documented in ssh-keygen(1)) exists, and use them
to specify a key for the libssh2 transport if none was passed.
2016-11-15 15:50:51 +01:00
Pino Toscano
0e9fec979d virNetSocket: allow to not close FD
Add an internal variable to mark the FD as "not owned" by the
virNetSocket, in case the internal implementation takes the actual
ownership of the descriptor; this avoids a warning when closing the
socket, as the FD would be invalid.
2016-11-15 15:50:51 +01:00
Erik Skultety
238b20b47f rpc: virnetserver: Remove dead code checking the client limits
Prior to commit 2737aaaf, we allowed every client to connect successfully,
however, if accepting a client would eventually lead to an overcommit of the
limits, we would disconnect it immediately with "Too many active clients,
dropping connection from...". Recent changes refactored the code in a way, that
it is not possible for the client-related callback to be dispatched and the
client to be accepted if the limits wouldn't permit to do so, therefore a check
if a connection should be dropped due to limits violation has become a dead
code that could be removed.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-08-02 14:51:13 +02:00
Erik Skultety
e9ce8a7d24 admin: rpc: virnetserver: Fix updating of the client limits
Commit 2737aaaf changed our policy for accepting new clients in a way, that
instead of accepting new clients only to disconnect them immediately, since
that would overcommit the limit, we temporarily disable polling for the
dedicated file descriptor, so any new connection will queue on the socket.
Commit 8b1f0469 then added the possibility to change the limits during runtime
but it didn't re-enable polling for the previously disabled file descriptor,
thus any new connection would still continue to queue on the socket. This patch
forces an update of the services each time the limits were changed in some way.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1357776

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-08-02 14:51:13 +02:00
Erik Skultety
5b9f735f16 rpc: virnetserver: Add code to CheckLimits to handle suspending of services
So far, virNetServerCheckLimits was only used to possibly re-enable accepting
new clients that might have previously been disabled due to client limits
violation (max_clients, max_anonymous_clients). This patch refactors
virNetServerAddClient, which is currently the only place where the services get
disabled, in order to use the virNetServerCheckLimits helper instead of
checking the limits by itself.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-08-02 14:51:13 +02:00
Erik Skultety
17bc333411 rpc: virnetserver: Move virNetServerCheckLimits which is static up in the file
Since virNetServerAddClient checks for the limits in order to temporarily
suspend the services, thus not accepting any more clients, there is no reason
why virNetServerCheckLimits, which is only responsible for re-enabling
previously disabled services according to the limits, could not do both. To be
able to do that however, it needs to be moved up in the file since it's static
(and because it's just a helper and there's only one caller it should remain
 static).

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-08-02 14:51:13 +02:00
Erik Skultety
2e5417bc46 rpc: virnetserver: Rename ClientSetProcessingControls to ClientSetLimits
The original naming was just a leftover that should have been fixed in commit
8b1f0469.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-08-02 14:51:13 +02:00
Ján Tomko
a3f565b339 Fix possible invalid read in adminClientGetInfo
virNetServerClientGetInfo returns the client's remote address
as a string, which is a part of the client object.

Use VIR_STRDUP to make a copy which can be freely accessed
even after the virNetServerClient object is unlocked.

To reproduce, put a sleep between virObjectUnlock in
virNetServerClientGetInfo and virTypedParamsAddString in
adminClientGetInfo, then close the queried connection during
that sleep.
2016-06-29 16:13:12 +02:00
Ján Tomko
541bd183f7 Rename virNetClient*AddrString
Add SASL at the end to make the format obvious.
2016-06-23 22:31:20 +02:00
Ján Tomko
eaf7ff3873 Rename virNetServerClient*AddrString
Add SASL at the end to make the format obvious.
2016-06-23 22:23:21 +02:00
Ján Tomko
ea537e7b36 Add SASL to virNetSocket{Local,Remote}AddrString
Rename them to virNetSocket{Local,Remote}AddrStringSASL
to make their format more obvious.
2016-06-23 22:23:21 +02:00
Ján Tomko
dbce70b243 virNetSocket: rename AddrStr to AddrStrSASL
Make it more obvious that these are in the SASL format.
2016-06-23 22:23:21 +02:00
Ján Tomko
23b6559d65 Introduce virNetServerClientRemoteAddrStringURI
Use it in virNetServerClientGetInfo to switch back to using
the URI-format (separated by ':') instead of the SASL format
(separated by ';').

Also use it in the error message reported by virNetServerAddClient.
2016-06-23 22:23:02 +02:00
Ján Tomko
2da6a13e5f Introduce virNetSocketRemoteAddrStringURI
It will return the socket address and port in a URI-like
format: [::1]:1234
Add a test case to virnetsockettest.
2016-06-23 22:21:36 +02:00
Ján Tomko
0f7eeb20ad Revert "virnetsocket: Provide socket address format in a more standard form"
This partially reverts commit 9b45c9f049.

It changed the default format of socket address from the one SASL
requires, but did not adjust all the callers.

It also removed the test coverage for it.

Revert most of the changes except the virSocketAddrFormatFull support
for URI-formatted strings.

This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1345743 while
reverting the format used by virt-admin's client-info command from
the URI one to the SASL one.

https://bugzilla.redhat.com/show_bug.cgi?id=1345743
2016-06-23 22:15:06 +02:00
Peter Krempa
830f9b624d rpcgen: Add support for generating funcs returning alloc'd typed params
Since it's rather tedious to write the dispatchers for functions that
return an array of typed parameters (which are rather common) let's add
some rpcgen code to generate them.
2016-06-22 08:15:45 +02:00
Daniel P. Berrange
214489f550 rpc: allow priority string to be passed to TLS context
Extend the virNetTLSContextNew* constructors to allow
the TLS priority string to be passed in, overriding the
compile time default.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-06-08 13:48:45 +01:00
Daniel P. Berrange
cbb2e91ecc configure: allow setting default TLS priority string
Currently libvirt calls gnutls_set_default_priority()
which on old systems resolves to "NORMAL" while new
systems it resolves to "@SYSTEM". Either way, this
is a global default that is identical across all apps.

We want to allow distros to flexibility to define a
custom default string for libvirt priority, so add
a --tls-priority=STRING  flag to configure to enable
this to be set.

It is expected that distros would use this when creating
RPM/Deb/etc packages, according to their preferred crypto
handling policies.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-06-08 13:48:45 +01:00
Daniel P. Berrange
20c5ded9d0 rpc: set gnutls log function at global init time
Currently we set the gnutls log function when creating a
TLS context, however, the setting is in fact global, not
per context. So we should be setting it when we first call
gnutls_global_init() instead.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-06-08 13:48:45 +01:00
Daniel P. Berrange
d8a8af3492 tls: remove support for gnutls 1.x.x, require 2.2.0
We need to use the gnutls_priority_set_direct method which
was not introduced until 2.1.7, so bump version to 2.2.0
which is the first stable release with it included. This
release dates from Dec 2007 so it is reasonable to ditch
support for the 1.x.x series for gnutls releases entirely.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-06-08 13:48:45 +01:00
Jovanka Gulicoska
b29e08dbe3 More usage of virGetLastErrorMessage
Convert to virGetLastErrorMessage() in the rest of the code
2016-05-19 15:17:03 -04:00
Erik Skultety
8b1f04693d admin: Introduce virAdmServerSetClientLimits
Opposite operation to virAdmServerGetClientLimits. Understandably though,
setting values for current number of clients connected or still waiting
for authentication does not make sense, since changes to these values are event
dependent, i.e. a client connects - counter is increased. Thus only the limits
to maximum clients connected and waiting for authentication can be set. Should
a request for other controls to be set arrive (provided such a setting will
be first introduced to the config), the set of configuration controls can be
later expanded (thanks to typed params). This patch also introduces a
constraint that the maximum number of clients waiting for authentication has to
be less than the overall maximum number of clients connected and any attempt to
violate this constraint will be denied.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-05-19 12:31:53 +02:00
Erik Skultety
abf29786f2 virnetserver: Introduce server's client-related limits getters
Add some trivial getters for client related attributes to virnetserver before
any admin method can be introduced.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-05-19 11:11:13 +02:00
Cole Robinson
b6238738ea rpc: use virNetMessageClearPayload in client
This removes the opencoded payload freeing in the client, to use
the shared virNetMessageClearPayload call. Two changes:

- ClearPayload sets nfds=0, which fixes a potential crash if
  an error path called virNetMessageFree/Clear on the message
  after fds was free'd
- We drop the inner loop VIR_FORCE_CLOSE... this may mean fds are
  kept open a little bit longer if the call is blocking but in
  practice I don't think it will have any effect
2016-05-05 14:28:19 -04:00
Cole Robinson
64bd680d42 rpc: Clear more in virNetMessageClearPayload
Set all counters to 0. This doesn't impact current users, but
future users will want this
2016-05-05 14:28:19 -04:00
Cole Robinson
220c4e85b3 rpc: Add virNetMessageClearPayload
Handles freeing the buffer and fds, but not the message details.
Use it to drop some duplicate code.
2016-05-05 14:28:19 -04:00
Michal Privoznik
b17e610e1f virNetServerClientNewPostExecRestart: Avoid align problems
I've noticed this while trying to compile libvirt on my arm box.

  CC       rpc/libvirt_net_rpc_server_la-virnetserverclient.lo
rpc/virnetserverclient.c: In function 'virNetServerClientNewPostExecRestart':
rpc/virnetserverclient.c:516:45: error: cast increases required alignment of target type [-Werror=cast-align]
                                             (long long *) &timestamp) < 0) {
                                             ^
cc1: all warnings being treated as errors

Problem is, @timestap is defined as time_t which is 32 bits long,
and we are typecasting it to long long which is 64bits long.
Solution is to make @timestamp type of long long. At the same
time, we can make @conn_time in _virNetServerClient struct long
long too. There is no need for it to be type of time_t.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-05 13:48:56 +02:00
Michal Privoznik
2a3a2c2f5b virNetServerClientNewPostExecRestart: Drop useless typecasts
In this function, @id is defined as unsigned long long. When
passing this variable to virJSONValueObjectGetNumberUlong(),
well address of this variable, it's typecasted to ull*. There
is no need for that. It's a same story with @nrequests_max.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-05 13:48:53 +02:00
Erik Skultety
8420a53edf virnetserverclient: Add an internal method to retrieve client's identity
This method just aggregates various client object attributes, like socket
address, connection type (RO/RW), and some TCP/TLS/UNIX identity in an atomic
manner.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-05-03 15:52:50 +02:00
Erik Skultety
bde2cb6136 virneserverclient: Introduce virNetServerClientHasSASLSession
We do have a similar method, serving the same purpose, for TLS, but we lack
one for SASL. So introduce one, in order for other modules to be able to find
out, if a SASL session is active, or better said, that a SASL session exists
at all.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-05-03 15:52:50 +02:00
Erik Skultety
9b45c9f049 virnetsocket: Provide socket address format in a more standard form
Our socket address format is in a rather non-standard format and that is
because sasl library requires the IP address and service to be delimited by a
semicolon. The string form is a completely internal matter, however once the
admin interfaces to retrieve client identity information are merged, we should
return the socket address string in a common format, e.g. format defined by
URI rfc-3986, i.e. the IP address and service are delimited by a colon and
in case of an IPv6 address, square brackets are added:

Examples:
    127.0.0.1:1234
    [::1]:1234

This patch changes our default format to the one described above, while adding
separate methods to request the non-standard SASL format using semicolon as a
delimiter.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-05-03 15:52:50 +02:00
Erik Skultety
52a2eef948 admin: Introduce virAdmServerLookupClient
Just like with server-related APIs, before any of client-based APIs can be
called, a reference to a client-side client object needs to be obtained. For
this purpose, a lookup method should exist. Apart from the client retrieval
logic, a new error code for non-existent client had to be added as well.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-05-03 15:52:50 +02:00
Erik Skultety
42b06aa65d rpc: virnetserverclient: Implement client connection transport retrieval
Although we document 6 types of transport that we support, internally we can
only differentiate between TCP, TLS, and UNIX transports only, since both SSH
and libssh2 transports, due to using netcat, behave in the exactly the same
way as a UNIX socket.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-05-03 10:04:49 +02:00
Erik Skultety
04bab54d05 rpc: virnetserver: Support retrieval of a list of clients
For now, the list copy is done simply by locking the whole server, walking the
original and increasing the refcount on each object. We may want to change
the list to a lockable object (like list of domains) later in the future if
we discover some performance issues related to locking the whole server in
order to walk the whole list of clients, possibly issuing some 'ForEach'
callback.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-05-02 22:26:23 +02:00
Erik Skultety
4bd430748c rpc: gendispatch: Tune it to support client structure
Now that libvirt-admin supports another client-side object and provided that
we want to generate as many both client-side and server-side RPC dispatchers,
support for this needs to be added to gendispatch.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-05-02 22:26:23 +02:00
Erik Skultety
a32135b3b1 rpc: virnetserverclient: Introduce new attribute conn_time to client
Besides ID, libvirt should provide several parameters to help the user
distinguish two clients from each other. One of them is the connection
timestamp. This patch also adds a testcase for proper JSON formatting of the
new attribute too (proper formatting of older clients that did not support
this attribute yet is included in the existing tests) - in order to
testGenerateJSON to work, a mock of time_t time(time_t *timer) needed to be
created.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-05-02 22:25:52 +02:00
Erik Skultety
5841d64d25 rpc: virnetserverclient: Identify clients by an integer ID
Admin API needs a way of addressing specific clients. Unlike servers, which we
are happy to address by names both because its name reflects its purpose (to
some extent) and we only have two of them (so far), naming clients doesn't make
any sense, since a) each client is an anonymous, i.e. not recognized after a
disconnect followed by a reconnect, b) we can't predict what kind of requests
it's going to send to daemon, and c) the are loads of them comming and going,
so the only viable option is to use an ID which is of a reasonably wide data
type.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-05-02 22:25:51 +02:00
Cole Robinson
8958dde506 rpc: protocol: Clarify VIR_NET_ERROR usage with streams
The described protocol semantics really only apply to server initiated
stream messages. Document the semantics for client messages.
2016-05-02 10:13:04 -04:00
Michal Privoznik
18944b7aea virnetclientstream: Process stream messages later
There are two functions on the client that handle incoming stream
data.  The first one virNetClientStreamQueuePacket() is a low
level function that just processes the incoming stream data from
the socket and stores it into an internal structure. This happens
in the client event loop therefore the shorter the callbacks are,
the better. The second function virNetClientStreamRecvPacket()
then handles copying data from internal structure into a client
provided buffer.
Change introduced in this commit makes just that: new queue for
incoming stream packets is introduced. Then instead of copying
data into intermediate internal buffer and then copying them into
user buffer, incoming stream messages are queue into the queue
and data is copied just once - in the upper layer function
virNetClientStreamRecvPacket(). In the end, there's just one
copying of data and therefore shorter event loop callback. This
should boost the performance which has proven to be the case in
my testing.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-02 07:56:38 +02:00
Michal Privoznik
435ee578a0 Revert "rpc: Fix slow volume download (virsh vol-download)"
This reverts commit d9c9e138f2.

Unfortunately, things are going to be handled differently so this
commit must go.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-02 07:56:38 +02:00
Ben Gray
5ba48584fb rpc: Don't leak fd via CreateXMLWithFiles
FD passing APIs like CreateXMLWithFiles or OpenGraphicsFD will leak
file descriptors. The user passes in an fd, which is dup()'d in
virNetClientProgramCall. The new fd is what is transfered to the
server virNetClientIOWriteMessage.

Once all the fds have been written though, the parent msg->fds list
is immediately free'd, so the individual fds are never closed.

This closes each FD as its send to the server, so all fds have been
closed by the time msg->fds is free'd.

https://bugzilla.redhat.com/show_bug.cgi?id=1159766
2016-04-29 06:30:06 -04:00
Michal Privoznik
30898d80d7 virNet{Client,Server}*Stream: Update comment
After 434de30da5 the status values are prefixed VIR_NET_
rather than REMOTE_.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-04-21 16:29:41 +02:00
Michal Privoznik
8def0a22a3 daemonClientStream: Use unsigned int to store stream @serial
The stream serial number is the serial number of the RPC call
that initiated a data transfer. And as such can never be
negative. Moreover, when looking up internal state for a stream,
the serial numbers are compared. But hey, the serial number in
message header is unsigned too!

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-04-21 16:29:41 +02:00
Erik Skultety
93ab4da5f4 admin: Introduce virAdmServerSetThreadPoolParameters
Since threadpool increments the current number of threads according to current
load, i.e. how many jobs are waiting in the queue. The count however, is
constrained by max and min limits of workers. The logic of this new API works
like this:
    1) setting the minimum
        a) When the limit is increased, depending on the current number of
           threads, new threads are possibly spawned if the current number of
           threads is less than the new minimum limit
        b) Decreasing the minimum limit has no possible effect on the current
           number of threads
    2) setting the maximum
        a) Icreasing the maximum limit has no immediate effect on the current
           number of threads, it only allows the threadpool to spawn more
           threads when new jobs, that would otherwise end up queued, arrive.
        b) Decreasing the maximum limit may affect the current number of
           threads, if the current number of threads is less than the new
           maximum limit. Since there may be some ongoing time-consuming jobs
           that would effectively block this API from killing any threads.
           Therefore, this API is asynchronous with best-effort execution,
           i.e. the necessary number of workers will be terminated once they
           finish their previous job, unless other workers had already
           terminated, decreasing the limit to the requested value.
    3) setting priority workers
        - both increase and decrease in count of these workers have an
          immediate impact on the current number of workers, new ones will be
          spawned or some of them get terminated respectively.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-04-18 17:07:46 +02:00
Erik Skultety
caa16d3168 admin: Introduce virAdmServerGethreadPoolParameters
New API to retrieve current server workerpool specs. Since it uses typed
parameters, more specs to retrieve can be further included in the pool of
supported ones.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-04-18 17:07:36 +02:00
Cole Robinson
9b69f02243 rpc: daemon: Fix virtlog/virtlock daemon reload
Trying to reload/SIGUSR1 virtlogd or virtlockd fails with:

error : virNetDaemonRun:747 : internal error: Not all servers restored, cannot run server

Commit 252610f7 changed the daemon state json to allow tracking
multiple servers. However it missed clearing dmn->srvObject after
the json is empty, like the previous code paths handled.  Later on in
virNewDaemonRun, dmn->srvObject is expected to be empty otherwise we
throw the above error.

https://bugzilla.redhat.com/show_bug.cgi?id=1311013
2016-04-13 11:07:21 -04:00
Pavel Hrdina
d713a6b120 build: add GCC 6.0 -Wlogical-op workaround
fdstream.c: In function 'virFDStreamWrite':
fdstream.c:390:29: error: logical 'or' of equal expressions [-Werror=logical-op]
        if (errno == EAGAIN || errno == EWOULDBLOCK) {
                            ^~

Fedora rawhide now uses gcc 6.0 and there is a bug with -Wlogical-op
producing false warnings.

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69602

Use GCC pragma push/pop and ignore -Wlogical-op for GCC that supports
push/pop pragma and also has this bug.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-04-11 12:09:14 +02:00
Fabiano Fidêncio
ab74e8763d build: workaround broken SASL header (again)
Compilation for xdg-app failed due to a buggy SASL headers present on
the used runtime (org.gnome.Sdk 3.18).

In file included from rpc/virnetsaslcontext.h:24:0,
                 from rpc/virnetsaslcontext.c:25:
/usr/include/sasl/sasl.h:230:38: error: unknown type name 'size_t'
 typedef void *sasl_realloc_t(void *, size_t);
                                      ^
/usr/include/sasl/sasl.h:235:5: error: unknown type name 'sasl_realloc_t'
     sasl_realloc_t *,

Use the same workaround as commit 1be3dfd did.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2016-03-31 17:36:49 +02:00
Michal Privoznik
9b48ef9c51 gendispatch: Avoid comparing signed and unsigned vars
The adminDispatchConnectListServers() function is generated by
our great perl script. However, it has a tiny flaw: if
adminConnectListServers() it calls fails, the control jumps onto
cleanup label where we try to free any list of servers built so
far. However, in the loop @i is unsigned (size_t) while @nresults
is signed (int). Currently, it does no harm because of the check
for @result being non-NULL. But if that ever changes in the
future, this bug will be hard to chase.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-24 10:49:39 +01:00
Cole Robinson
ca0c06f400 rpc: wait longer for session daemon to start up
https://bugzilla.redhat.com/show_bug.cgi?id=1271183

We only wait 0.5 seconds for the session daemon to start up and present
its socket, which isn't sufficient for many users. Bump up the sleep
interval and retry amount so we wait for a total of 5.0 seconds.
2016-03-16 19:21:44 -04:00
Martin Kletzander
eeb1e6fe9f gendispatch: Use proper error for limit checking
All other places use VIR_ERR_RPC except this one, let's be consistent,
shall we?

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-03-11 12:58:41 +01:00
Martin Kletzander
5b7d09804c gendispatch: Support modern listing of more types
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-03-11 12:58:41 +01:00
Martin Kletzander
576c54f9b1 gendispatch: Remember the name of snapshot variable name
Until now, the script assumed that snapshot name is 'snap', but that's
going to change.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-03-11 12:58:41 +01:00
Martin Kletzander
1cefc14f69 gendispatch: Accept server as an argument
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-03-11 12:58:41 +01:00
Martin Kletzander
6de2ef5d35 gendispatch: Be able to generate multi-return values
Let's call it modern_ret_as_list as opposed to single_ret_as_list.  The
latter was able to return list of things.  However the new, more modern,
version came and it is used since listAllDomains till nowadays in
ListServers.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-03-11 12:58:41 +01:00
Martin Kletzander
30c4931d28 gendispatch: Cluster, don't capture if not needed
We were using parentheses for grouping admin|remote even though we didn't
need to capture what's in it.  That caused some changes to be greater
than needed and, to be honest, some confusion as well.  Let's use it as
it should be used.  It'll also make future changes more consistent.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-03-11 12:58:41 +01:00
Martin Kletzander
d4218ca64f Change virNetDaemonGetServerNames to virNetDaemonGetServers
For now it does not matter which ones we return as the code is similarly
complex, however it will fit in with other constructs in the future,
mainly when we will be able to generate dispatch helpers.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-03-11 12:58:41 +01:00
Martin Kletzander
6541a2b4ac daemon: Properly check for clients
virHashForEach() returns 0 if everything went nice, so our session
daemon was timing out even when there was a client connected.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1315606

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-03-11 12:58:41 +01:00
Martin Kletzander
cd0a980ee1 daemon: Set error for unknown server name
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-03-11 12:58:41 +01:00
Martin Kletzander
fd4f278e1a daemon: Get server name from the server itself
Since servers know their name, there is no need to supply such
information twice.  Also defeats inconsistencies.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-03-11 12:58:41 +01:00
Martin Kletzander
dad3b07814 server: Store server name in server object
At first I did not want to do this, but after trying to implement some
newer feaures in the admin API I realized we need that to make our lives
easier.  On the other hand they are not saved redundantly and the
virNetServer objects are still kept in a hash table.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-03-11 12:58:41 +01:00
Erik Skultety
1a07c2efb3 admin: Introduce adminDaemonConnectListServers API
This API is merely a convenience API, i.e. when managing clients connected to
daemon's servers, we should know (convenience) which server the specific client
is connected to. This implies a client-side representation of a server along
with a basic API to let the administrating client know what servers are actually
available on the daemon.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-02-17 12:46:34 +01:00
Erik Skultety
252610f7dd virnetdaemon: Store servers in a hash table
Since the daemon can manage and add (at fresh start) multiple servers,
we also should be able to add them from a JSON state file in case of a
daemon restart, so post exec restart support for multiple servers is also
provided. Patch also updates virnetdaemontest accordingly.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-02-17 12:46:34 +01:00
Michal Privoznik
862298a2e7 dbus: Don't unref NULL messages
Apparently we are not the only ones with dumb free functions
because dbus_message_unref() does not accept NULL either. But if
I were to vote, this one is even more evil. Instead of returning
an error just like we do it immediately dereference any pointer
passed and thus crash you app. Well done DBus!

  Program received signal SIGSEGV, Segmentation fault.
  [Switching to Thread 0x7f878ebda700 (LWP 31264)]
  0x00007f87be4016e5 in ?? () from /usr/lib64/libdbus-1.so.3
  (gdb) bt
  #0  0x00007f87be4016e5 in ?? () from /usr/lib64/libdbus-1.so.3
  #1  0x00007f87be3f004e in dbus_message_unref () from /usr/lib64/libdbus-1.so.3
  #2  0x00007f87bf6ecf95 in virSystemdGetMachineNameByPID (pid=9849) at util/virsystemd.c:228
  #3  0x00007f879761bd4d in qemuConnectCgroup (driver=0x7f87600a32a0, vm=0x7f87600c7550) at qemu/qemu_cgroup.c:909
  #4  0x00007f87976386b7 in qemuProcessReconnect (opaque=0x7f87600db840) at qemu/qemu_process.c:3386
  #5  0x00007f87bf6edfff in virThreadHelper (data=0x7f87600d5580) at util/virthread.c:206
  #6  0x00007f87bb602334 in start_thread (arg=0x7f878ebda700) at pthread_create.c:333
  #7  0x00007f87bb3481bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
  (gdb) frame 2
  #2  0x00007f87bf6ecf95 in virSystemdGetMachineNameByPID (pid=9849) at util/virsystemd.c:228
  228         dbus_message_unref(reply);
  (gdb) p reply
  $1 = (DBusMessage *) 0x0

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-02-11 11:35:02 +01:00
Joao Martins
d9c57ca9f9 remote: enforce VIR_TYPED_PARAM_STRING_OKAY flag on client side serialization
Commit 8cd1d54 consolidates both daemon and remote driver typed param
serialization functions. The consolidation now enforces client to use
VIR_TYPED_PARAM_STRING_OKAY flag to properly serialize string parameters, which
server has used for quite some time now. And this caused an issue, since the
commit had not adjusted client remote calls appropriately, thus causing a
failure in blkiotune, numatune and migration APIs (as per Xen CI tests). This
patch adjusts both remote_driver.c and gendispatch.pl to properly address this
issue.

http://lists.xenproject.org/archives/html/xen-devel/2016-02/msg01012.html

Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-02-08 14:59:54 +01:00
Erik Skultety
8cd1d546e6 util: Export remoteSerializeTypedParameters internally via util
Same as for deserializer, this method might get handy for admin one day.
The major reason for this patch is to stay consistent with idea, i.e.
when deserializer can be shared, why not serializer as well. The only
problem to be solved was that the daemon side serializer uses a code
snippet which handles sparse arrays returned by some APIs as well as
removes any string parameters that can't be returned to older clients.
This patch makes of the new virTypedParameterRemote datatype introduced
by one of the pvious patches.
2016-02-03 15:46:45 +01:00
Erik Skultety
9afc115f73 util: Export remoteFreeTypedParameters internally via util
Since the method is static to remote_driver, it can't even be used by our
daemon. Other than that, it would be useful to be able to use it with admin as
well. This patch uses the new virTypedParameterRemote datatype introduced in
one of previous patches.
2016-02-03 15:46:45 +01:00
Erik Skultety
0472cef685 util: Export remoteDeserializeTypedParameters internally via util
Currently, the deserializer is hardcoded into remote_driver which makes
it impossible for admin to use it. One way to achieve a shared implementation
(besides moving the code to another module) would be pass @ret_params_val as a
void pointer as opposed to the remote_typed_param pointer and add a new extra
argument specifying which of those two protocols is being used and typecast
the pointer at the function entry. An example from remote_protocol:

struct remote_typed_param_value {
        int type;
        union {
                int i;
                u_int ui;
                int64_t l;
                uint64_t ul;
                double d;
                int b;
                remote_nonnull_string s;
        } remote_typed_param_value_u;
};
typedef struct remote_typed_param_value remote_typed_param_value;

struct remote_typed_param {
        remote_nonnull_string field;
        remote_typed_param_value value;
};

That would leave us with a bunch of if-then-elses that needed to be used across
the method. This patch takes the other approach using the new datatype
introduced in one of earlier commits.
2016-02-03 15:46:45 +01:00
Michal Privoznik
3f3f7a824c gendispatch: Don't output spaces on empty line
In our generator for some code we put empty lines in the output
to separate blocks of code. However, in some cases we put couple
of spaces on the empty line too. It's not bug, it just isn't
nice.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-01-28 17:10:54 +01:00
Cole Robinson
a1edb05c60 build: predictably generate systemtap tapsets (bz 1173641)
The generated output is dependent on perl hashtable ordering, which
gives different results for i686 and x86_64. Fix this by sorting
the hash keys before iterating over them

https://bugzilla.redhat.com/show_bug.cgi?id=1173641
2016-01-20 10:26:02 -05:00
Cole Robinson
2eb7a97575 rpc: socket: Don't repeatedly attempt to launch daemon
On every socket connect(2) attempt we were re-launching session
libvirtd, up to 100 times in 5 seconds.

This understandably caused some weird load races and intermittent
qemu:///session startup failures

https://bugzilla.redhat.com/show_bug.cgi?id=1271183
2016-01-12 10:45:45 -05:00
Cole Robinson
8da02d5280 rpc: socket: Explicitly error if we exceed retry count
When we autolaunch libvirtd for session URIs, we spin in a retry
loop waiting for the daemon to start and the connect(2) to succeed.

However if we exceed the retry count, we don't explicitly raise an
error, which can yield a slew of different error messages elsewhere
in the code.

Explicitly raise the last connect(2) failure if we run out of retries.
2016-01-12 10:45:45 -05:00
Cole Robinson
f102c7146e rpc: socket: Minor cleanups
- Add some debugging
- Make the loop dependent only on retries
- Make it explicit that connect(2) success exits the loop
- Invert the error checking logic
2016-01-12 10:45:45 -05:00
Ben Gray
133c511b52 rpc: Don't rewrite msg->fds on every read dispatch
When we are receiving data in smaller chunks it might happen that
virNetServerClientDispatchRead() will be called multiple times.  And as
that happens, if it is a message that also transfer headers, we decode
the number of them every single time and, unfortunately, also allocate
the memory for them.  That causes a leak, in the best scenario.

Best viewed with '-w'.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-01-12 08:56:50 +01:00
Jasper Lievisse Adriaanse
2b6f6ad64b Unify int types handling in protocol files
Some of the protocol files already include handing of the missing int
types such as xdr_uint64_t, some don't. To fix it everywhere, move out
of the appropriate defines to the utils/virxdrdefs.h file and include
it where needed.

Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
2016-01-11 19:56:06 +03:00
Jasper Lievisse Adriaanse
91b423beb7 Use struct sockpeercred when available
OpenBSD uses 'struct sockpeercred' instead of 'struct ucred'. Add a
configure check that detects its presence and use if in the code that
could be compiled on OpenBSD.

Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
2016-01-11 19:56:06 +03:00
Erik Skultety
3245e1783c Revert "admin: Rename virAdmConnect to virAdmDaemon"
Commmit df8192aa introduced admin related rename and some minor
(caused by automated approach, aka sed) and some more severe isues along with
it. First reason to revert is the inconsistency with libvirt library.
Although we deal with the daemon directly rather than with a specific
hypervisor, we still do have a connection. That being said, contributors might
get under the impression that AdmDaemonNew would spawn/start a new daemon
(since it's admin API, why not...), or AdmDaemonClose would do the exact
opposite or they might expect DaemonIsAlive report overall status of the daemon
which definitely isn't the case.
The second reason to revert this patch is renaming virt-admin client. The
client tool does not necessarily have to reflect the names of the API's it's
using in his internals. An example would be 's/vshAdmConnect/vshAdmDaemon'
where noone can be certain of what the latter function really does. The former
is quite expressive about some connection magic it performs, but the latter does
not say anything, especially when vshAdmReconnect and vshAdmDisconnect were
left untouched.
2015-12-21 10:07:59 +01:00
Martin Kletzander
df8192aaf4 admin: Rename virAdmConnect to virAdmDaemon
virAdmConnect was named after virConnect, but after some discussions,
most of the APIs called will be working with remote daemon and starting
them virAdmDaemon will make more sense.  Only possibly controversal name
is CloseCallback (de)registration, and connecting to the daemon (which
will still be Open/Close), but even this makes sense if one thinks about
the daemon being opened and closed, e.g. as file, etc.

This way all the APIs working with the daemon will start with
virAdmDaemon prefix, they will accept virAdmDaemonPtr as first parameter
and that will better suit with other namings as well (virDomain*,
virAdmServer*, etc.).

Because in virt-admin, the connection name does not refer to a struct
that would have a connect in its name, also adjust 'connname' in
clients.  And because it is not used anywhere in the vsh code, move it
from there into each client.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-12-01 11:44:48 +01:00
Erik Skultety
a474371fc6 admin: Introduce virAdmConnectGetLibVersion
Introduce a new API to get libvirt version. It is worth noting, that
libvirt-admin and libvirt share the same version number. Unfortunately,
our existing API isn't generic enough to be used with virAdmConnectPtr
as well. Also this patch wires up this API to the virt-admin client
as a generic cmdVersion command.
2015-11-30 09:44:28 +01:00
Jiri Denemark
e4ee043636 Remove new lines from log messages
VIR_DEBUG and VIR_WARN will automatically add a new line to the message,
having "\n" at the end or at the beginning of the message results in
empty lines.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2015-11-04 13:09:35 +01:00
Michal Privoznik
4f77c48cba virJSONValueArraySize: return ssize_t
The internal representation of a JSON array counts the items in
size_t. However, for some reason, when asking for the count it's
reported as int. Firstly, we need the function to return a signed
type as it's returning -1 on an error. But, not every system has
integer the same size as size_t. Therefore, lets return ssize_t.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-10-09 15:25:08 +02:00
Peter Krempa
9869f24d08 rpc: libssh2: Fix regression in ssh host key verification
Commit 792f81a40e caused a regression in the libssh2 host key
verification code by changing the variable type of 'i' to unsigned.
Since one of the loops used -1 as a special value if the asking
callback was found the conversion made a subsequent test always fail.

The bug was stealth enough to pass review, compilers and coverity.

Refactor the condition to avoid problems.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1047861
2015-10-05 07:38:18 +02:00
Peter Krempa
387c316e11 rpc: libssh2: Add more debugging info 2015-10-05 07:38:18 +02:00
Jiri Denemark
adf3be57df client rpc: Process pending data on error
Even though we hit an error in client's IO loop, we still want to
process any pending data. So instead of reporting the error right away,
we can finish the current iteration and report the error once we're done
with it. Note that the error is stored in client->error by
virNetClientMarkClose so we don't need to worry about it being reset or
rewritten by any API we call in the meantime.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2015-09-23 13:09:50 +02:00
Jiri Denemark
c91776d5ff client rpc: Report proper error for keepalive disconnections
Whenever a connection was closed due to keepalive timeout, we would log
a warning but the interrupted API would return rather useless generic
error:

    internal error: received hangup / error event on socket

Let's report a proper keepalive timeout error and make sure it is
propagated to all pending APIs. The error should be better now:

    internal error: connection closed due to keepalive timeout

Based on an old patch from Martin Kletzander.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2015-09-23 13:09:49 +02:00
Martin Kletzander
d772a70faa Use VIR_DIV_UP macro where possible
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-09-23 11:45:59 +02:00
Guido Günther
fbb27088ee virNetSocketCheckProtocols: handle EAI_NONAME as IPv6 unavailable
When running the test suite using "unshare -n" we might have IPv6 but no
configured addresses. Due to AI_ADDRCONFIG getaddrinfo then fails with
EAI_NONAME which we should then treat as IPv6 unavailable.
2015-08-11 22:08:50 +02:00
Martin Kletzander
a8743c3938 rpc: Remove keepalive_required option
Since its introduction in 2011 (particularly in commit f4324e3292),
the option doesn't work.  It just effectively disables all incoming
connections.  That's because the client private data that contain the
'keepalive_supported' boolean, are initialized to zeroes so the bool is
false and the only other place where the bool is used is when checking
whether the client supports keepalive.  Thus, according to the server,
no client supports keepalive.

Removing this instead of fixing it is better because a) apparently
nobody ever tried it since 2011 (4 years without one month) and b) we
cannot know whether the client supports keepalive until we get a ping or
pong keepalive packet.  And that won't happen until after we dispatched
the ConnectOpen call.

Another two reasons would be c) the keepalive_required was tracked on
the server level, but keepalive_supported was in private data of the
client as well as the check that was made in the remote layer, thus
making all other instances of virNetServer miss this feature unless they
all implemented it for themselves and d) we can always add it back in
case there is a request and a use-case for it.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-08-10 13:15:56 +02:00
Ossi Herrala
d9c9e138f2 rpc: Fix slow volume download (virsh vol-download)
Use I/O vector (iovec) instead of one huge memory buffer as suggested
in https://bugzilla.redhat.com/show_bug.cgi?id=1026137#c7. This avoids
doing memmove() to big buffers and performance doesn't degrade if
source (virNetClientStreamQueuePacket()) is faster than sink
(virNetClientStreamRecvPacket()).

Resolves: http://bugzilla.redhat.com/1026137

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-08-03 13:08:00 +02:00
Daniel P. Berrange
406ee8c226 rpc: ensure daemon is spawn even if dead socket exists
The auto-spawn code would originally attempt to spawn the
daemon for both ENOENT and ECONNREFUSED errors from connect().
The various refactorings eventually lost this so we only
spawn the daemon on ENOENT. The result is if the daemon exits
uncleanly, so that the socket is left in the filesystem, we
will never be able to auto-spawn the daemon again.
2015-07-17 12:46:43 +01:00
Martin Kletzander
b7ea58c262 rpc: Rework timerActive logic in daemon
Daemon used false logic for determining whether there were any clients.
When the timer was inactive, it was activated if at least one of the
servers did not have clients.  So the bool was being flipped there and
back all the time in case there was one client, for example.

Initially introduced by fa14207368.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1240283

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-07-10 11:13:29 +02:00
Martin Kletzander
699faeacb1 rpc: Add virNetDaemonHasClients
So callers don't have to iterate over each server.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-07-10 10:50:22 +02:00
Pavel Fedin
b792834a41 Add support for portable-rpcgen from portablexdr library
This allows to build libvirt under MinGW

Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
2015-07-08 14:34:38 +02:00
Michal Privoznik
355d8f470f virNetServerServiceClose: Don't leak sockets
Well, if a server is being destructed, all underlying services and
their sockets should disappear with it. But due to bug in our
implementation this is not the case. Yes, we are closing the sockets,
but that's not enough. We must also:

1) Unregister them from the event loop
2) Unref the service for each socket

The last step is needed, because each socket callback holds a
reference to the service object. Since in the first step we are
unregistering the callbacks, they no longer need the reference.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-06-19 11:19:50 +02:00
Michal Privoznik
9ee5a79830 virNetSocket: Fix @watch corner case
Although highly unlikely, nobody says that virEventAddHandle()
can't return 0 as a handle to socket callback. It can't happen
with our default implementation since all watches will have value
1 or greater, but users can register their own callback functions
(which can re-use unused watch IDs for instance). If this is the
case, weird things may happen.

Also, there's a little bug I'm fixing too, upon
virNetSocketRemoveIOCallback(), the variable holding callback ID
was not reset. Therefore calling AddIOCallback() once again would
fail. Not that we are doing it right now, but we might.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-06-19 11:19:49 +02:00
Michal Privoznik
899e49a2e6 virNetSocketRemoveIOCallback: Be explicit about unref
When going through the code I've notice that
virNetSocketAddIOCallback() increases the reference counter of
@socket. However, its counter part RemoveIOCallback does not. It took
me a while to realize this disproportion. The AddIOCallback registers
our own callback which eventually calls the desired callback and then
unref the @sock. Yeah, a bit complicated but it works. So, lets note
this hard learned fact in a comment in RemoveIOCallback().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-06-19 11:19:24 +02:00
Peter Krempa
4002395dd7 rpc: Actually increase reference count on @srv in virNetDaemonAddServer
VIR_APPEND_ELEMENT would clear @srv to NULL after it successfully
inserted it thus the reference count could not be increased afterwards.

Switch to VIR_APPEND_ELEMENT_COPY. This fixes crash after terminating
the daemon.
2015-06-18 13:32:37 +02:00
Martin Kletzander
58031cb4b5 netserver: Remove duplicate forward declaration
Commit fa14207368 added forward
declaration of virNetServerPtr into virnetserver.h even though we are
keeping these in virnetserverprogram.h due to older compilers having
problems with duplicate ones.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 14:58:00 +02:00
Martin Kletzander
40082a7000 Revert "rpc: Add virNetServerGetNClients"
This reverts commit 6bda9f8aa2.

I mistakenly pushed it along with the Admin API series.
2015-06-16 14:09:09 +02:00
Martin Kletzander
6bda9f8aa2 rpc: Add virNetServerGetNClients
This function accesses the number of connected clients while properly
locking the server it returns the data about.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 13:46:21 +02:00
Martin Kletzander
87c2687943 Teach gendispatch how to handle admin dispatching files
Since this is just a new option for gendispatch, it looks more like a
cleanup.  The only differences handled by it are connect pointers,
private pointers and API naming customs.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 13:46:20 +02:00
Martin Kletzander
fa14207368 Move daemon-related parts of virNetServer to virNetDaemon
This allows to have more servers in one daemon which helps isolating
some resources.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-16 13:46:19 +02:00
Martin Kletzander
fcc2aab688 rpc: Fix possible crash when MDNSAddEntry fails
If virNetServerMDNSAddEntry() fails when adding a service to a server,
it doesn't decrease the number of services.  Hence access to their
members segfaults (e.g. when free()-ing the sruct).

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-15 17:12:59 +02:00
Daniel P. Berrange
43c0a84cda rpc: add API for checking IPv4/6 availability
The socket test suite has a function for checking if IPv4
or IPv6 are available, and returning a free socket. The
first bit of that will be needed in another test, so pull
that logic out into a separate helper method.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-06-11 12:11:18 +01:00
Daniel P. Berrange
d587704cc7 rpc: allow selection of TCP address family
By default, getaddrinfo() will return addresses for both
IPv4 and IPv6 if both protocols are enabled, and so the
RPC code will listen/connect to both protocols too. There
may be cases where it is desirable to restrict this to
just one of the two protocols, so add an 'int family'
parameter to all the TCP related APIs.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-06-11 12:11:18 +01:00
Daniel P. Berrange
ccb05762ad rpc: Fix reference counting around virNetSocketAddIOCallback
Ref service passed as a parameter to the callback.  And don't unref the
socket that is part of the service being passed at another point in code.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-05 13:48:05 +02:00
Daniel P. Berrange
2128d2e920 rpc: Don't use unrelated value as privateData of client
Append privateData of the client only if there are any, otherwise the
previous value (socket data) will get there again.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-05 13:48:05 +02:00
Daniel P. Berrange
404094187a rpc: Make virNetServerAddClient function dynamic
As opposed to 'static'; by exporting it (privately).

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-05 13:48:05 +02:00
Martin Kletzander
9cb18291af mdns: Set error when failing due to missing avahi
When building without avahi support, we used VIR_DEBUG() to note that to
the user.  However, functions that fail because of that (return NULL/-1)
did not set the error message.  This was the only file that forgot to do
such thing.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-06-05 13:41:35 +02:00
Martin Kletzander
2cda7e1b89 gendispatch: Don't generate long lines
We don't allow it in normal code, why would it need to be in the
generated one.  IT also splits the line in perl code so it's readable.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-05-14 15:03:33 +02:00
Martin Kletzander
d42858f086 virnetserver: Remove unnecessary double space
Since we don't have syntax-check for this, it has to be checked
manually.  Let's hope this is the only place it happened.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-05-14 15:03:33 +02:00
Martin Kletzander
161b52662f rpc: Don't mix max_clients and max_workers in PostExecRestart
This only affected the servers that re-exec themselves, which is only
virtlockd and it didn't do any mess, so this is mostly a clenaup.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-05-14 15:03:33 +02:00
Jiri Denemark
da4d7c3069 Fix memory leak in virNetSocketNewConnectUNIX
==26726==    by 0x673CD67: __vasprintf_chk (vasprintf_chk.c:80)
==26726==    by 0x5673605: UnknownInlinedFun (stdio2.h:210)
==26726==    by 0x5673605: virVasprintfInternal (virstring.c:476)
==26726==    by 0x56736EE: virAsprintfInternal (virstring.c:497)
==26726==    by 0x5680C37: virGetUserRuntimeDirectory (virutil.c:866)
==26726==    by 0x5783A89: virNetSocketNewConnectUNIX (virnetsocket.c:572)
==26726==    by 0x57751AF: virNetClientNewUNIX (virnetclient.c:344)
==26726==    by 0x57689B3: doRemoteOpen (remote_driver.c:895)
==26726==    by 0x5769F8E: remoteConnectOpen (remote_driver.c:1195)
==26726==    by 0x57092DF: do_open (libvirt.c:1189)
==26726==    by 0x570A7BF: virConnectOpenAuth (libvirt.c:1341)

https://bugzilla.redhat.com/show_bug.cgi?id=1215042
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2015-04-24 14:30:52 +02:00
Michal Privoznik
1fdac3d99a virNetSocketNewConnectUNIX: Don't unlink(NULL)
There is a possibility that we jump onto error label with @lockpath
still initialized to NULL. Here, the @lockpath should be unlink()-ed,
but passing there a NULL is not a good idea. Don't do that. In fact,
we should call unlink() only if we created the lock file successfully.

Reported-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-04-17 10:02:28 +02:00
Michal Privoznik
be78814ae0 virNetSocketNewConnectUNIX: Use flocks when spawning a daemon
https://bugzilla.redhat.com/show_bug.cgi?id=1200149

Even though we have a mutex mechanism so that two clients don't spawn
two daemons, it's not strong enough. It can happen that while one
client is spawning the daemon, the other one fails to connect.
Basically two possible errors can happen:

  error: Failed to connect socket to '/home/mprivozn/.cache/libvirt/libvirt-sock': Connection refused

or:

  error: Failed to connect socket to '/home/mprivozn/.cache/libvirt/libvirt-sock': No such file or directory

The problem in both cases is, the daemon is only starting up, while we
are trying to connect (and fail). We should postpone the connecting
phase until the daemon is started (by the other thread that is
spawning it). In order to do that, create a file lock 'libvirt-lock'
in the directory where session daemon would create its socket. So even
when called from multiple processes, spawning a daemon will serialize
on the file lock. So only the first to come will spawn the daemon.

Tested-by: Richard W. M. Jones <rjones@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-04-15 13:39:13 +02:00
Ján Tomko
a96b68e7a4 Rename DomainGetIOThreadsInfo to DomainGetIOThreadInfo
While it returns info about multiple threads, the version
without the plural is easier to read.
2015-03-26 16:11:10 +01:00
Peter Krempa
a98129c0ee rpc: Don't unref identity object while callbacks still can be executed
While this thread is cleaning up the client and connection objects:
 #2  virFileReadAll (path=0x7f28780012b0 "/proc/1319/stat", maxlen=maxlen@entry=1024, buf=buf@entry=0x7f289c60fc40) at util/virfile.c:1287
 #3  0x00007f28adbb1539 in virProcessGetStartTime (pid=<optimized out>, timestamp=timestamp@entry=0x7f289c60fc98) at util/virprocess.c:838
 #4  0x00007f28adb91981 in virIdentityGetSystem () at util/viridentity.c:151
 #5  0x00007f28ae73f17c in remoteClientFreeFunc (data=<optimized out>) at remote.c:1131
 #6  0x00007f28adcb7f33 in virNetServerClientDispose (obj=0x7f28aecad180) at rpc/virnetserverclient.c:858
 #7  0x00007f28adba8eeb in virObjectUnref (anyobj=<optimized out>) at util/virobject.c:265
 #8  0x00007f28ae74ad05 in virNetServerHandleJob (jobOpaque=<optimized out>, opaque=0x7f28aec93ff0) at rpc/virnetserver.c:205
 #9  0x00007f28adbbef4e in virThreadPoolWorker (opaque=opaque@entry=0x7f28aec88030) at util/virthreadpool.c:145

In stack frame #6 the client->identity object got unref'd, but the code
that removes the event callbacks in frame #5 did not run yet as we are
trying to obtain the system identity (frames #4, #3, #2).

In other thead:
 #0  virObjectUnref (anyobj=anyobj@entry=0x7f288c162c60) at util/virobject.c:264
        klass = 0xdeadbeef
        obj = 0x7f288c162c60
 #1  0x00007f28ae71c709 in remoteRelayDomainEventCheckACL (client=<optimized out>, conn=<optimized out>, dom=dom@entry=0x7f28aecaafc0) at remote.c:164
 #2  0x00007f28ae71fc83 in remoteRelayDomainEventTrayChange (conn=<optimized out>, dom=0x7f28aecaafc0, ... ) at remote.c:717
 #3  0x00007f28adc04e53 in virDomainEventDispatchDefaultFunc (conn=0x7f287c0009a0, event=0x7f28aecab1a0, ...) at conf/domain_event.c:1455
 #4  0x00007f28adc03831 in virObjectEventStateDispatchCallbacks (callbacks=<optimized out>, ....) at conf/object_event.c:724
 #5  virObjectEventStateQueueDispatch (callbacks=0x7f288c083730, queue=0x7fff51f90030, state=0x7f288c18da20) at conf/object_event.c:738
 #6  virObjectEventStateFlush (state=0x7f288c18da20) at conf/object_event.c:816
 #7  virObjectEventTimer (timer=<optimized out>, opaque=0x7f288c18da20) at conf/object_event.c:562
 #8  0x00007f28adb859cd in virEventPollDispatchTimeouts () at util/vireventpoll.c:459

Frame #0 is unrefing an invalid identity object while frame #2 hints
that the client is still dispatching the event.

For untrimmed backtrace see the bugzilla attachment.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1203030
2015-03-25 13:37:42 +01:00
Jiri Denemark
667cce7b60 Set thread job for every RPC call
Since all APIs are also RPC calls, we automatically get all APIs covered
with thread jobs.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2015-03-25 10:00:54 +01:00
Peter Krempa
6c7bdcb1cd rpc: serverclient: Clear pointer with NULL instead of 0 2015-03-25 08:11:12 +01:00
John Ferlan
d8977b8ea3 remote: Implement the plumbing for virDomainPinIOThread
Implement the remote plumbing.
2015-03-11 12:23:33 -04:00