Commit Graph

5585 Commits

Author SHA1 Message Date
Eric Blake
76f40fa55f phyp: reject unknown flags
* src/phyp/phyp_driver.c (phypOpen, phypDomainReboot)
(phypVIOSDriverOpen): Reject unknown flags.
2011-07-13 14:44:09 -06:00
Eric Blake
8ef4fe1425 openvz: reject unknown flags
* src/openvz/openvz_driver.c (openvzDomainReboot, openvzOpen):
Reject unknown flags.
2011-07-13 14:44:08 -06:00
Eric Blake
5037cea55e lxc: reject unknown flags
* src/lxc/lxc_driver.c (lxcOpen, lxcDomainSetMemoryParameters)
(lxcDomainGetMemoryParameters): Reject unknown flags.
* src/lxc/lxc_container.c (lxcContainerStart): Rename flags to
cflags to reflect that it is not tied to libvirt.
2011-07-13 14:42:05 -06:00
Eric Blake
9110941cfd libxl: reject unknown flags
* src/libxl/libxl_driver.c (libxlOpen, libxlDomainReboot)
(libxlDomainXMLFromNative, libxlDomainXMLToNative)
(libxlDomainCreateWithFlags): Reject unknown flags.
2011-07-13 14:22:03 -06:00
Peter Krempa
36caaddde6 qemu: build failed due to unused variables
While compiling on F15 build crashed (probably because of new GCC).
2011-07-13 11:22:28 -06:00
Eric Blake
64bd1b9dd5 storage: reject unknown flags
* src/storage/storage_backend.c (virStorageBackendCreateBlockFrom)
(virStorageBackendCreateQemuImg)
(virStorageBackendCreateQcowCreate): Reject unknown flags.
* src/storage/storage_backend_disk.c (virStorageBackendDiskBuildPool)
(virStorageBackendDiskDeleteVol): Likewise.
* src/storage/storage_backend_fs.c
(virStorageBackendFileSystemNetFindPoolSources)
(virStorageBackendFileSystemBuild)
(virStorageBackendFileSystemDelete, createFileDir)
(virStorageBackendFileSystemVolBuildFrom)
(virStorageBackendFileSystemVolDelete): Likewise.
* src/storage/storage_backend_iscsi.c
(virStorageBackendISCSIFindPoolSources): Likewise.
* src/storage/storage_backend_logical.c
(virStorageBackendLogicalFindPoolSources)
(virStorageBackendLogicalBuildPool)
(virStorageBackendLogicalDeletePool)
(virStorageBackendLogicalDeleteVol): Likewise.
* src/storage/storage_driver.c (storageOpen, storagePoolCreate)
(storagePoolDefine, storagePoolRefresh, storagePoolGetXMLDesc)
(storageVolumeCreateXML, storageVolumeCreateXMLFrom)
(storageVolumeGetXMLDesc): Likewise.
2011-07-13 09:04:54 -06:00
Eric Blake
ba78d2cf89 node_device: reject unknown flags
* src/node_device/node_device_driver.c (nodeNumOfDevices)
(nodeListDevices, nodeDeviceGetXMLDesc, nodeDeviceCreateXML):
Reject unknown flags.
* src/node_device/node_device_hal.c (halNodeDrvOpen): Likewise.
* src/node_device/node_device_udev.c (udevNodeDrvOpen): Likewise.
2011-07-13 09:04:54 -06:00
Eric Blake
833fe8abec util: reject unknown flags, and prefer unsigned flags
Silently ignored flags get in the way of new features that
use those flags.  Also, an upcoming syntax check will favor
unsigned flags.

* src/nodeinfo.h (nodeGetCPUStats, nodeGetMemoryStats): Drop
unused attribute.
* src/interface/netcf_driver.c (interfaceOpenInterface)
(interfaceDefineXML, interfaceCreate, interfaceDestroy): Reject
unknown flags.
* src/network/bridge_driver.c (networkOpenNetwork)
(networkGetXMLDesc): Likewise.
* src/nwfilter/nwfilter_driver.c (nwfilterOpen): Likewise.
* src/secret/secret_driver.c (secretOpen, secretDefineXML)
(secretGetXMLDesc, secretSetValue): Likewise.
* src/util/logging.c (virLogDefineFilter, virLogDefineOutput)
(virLogMessage): Likewise; also use unsigned flags.
* src/util/logging.h (virLogDefineFilter, virLogDefineOutput)
(virLogMessage): Change signature.
* src/util/command.c (virExecWithHook): Likewise.
2011-07-13 09:04:54 -06:00
Eric Blake
01ed9b56d1 libvirt-qemu: use unsigned flags
Like commit 1740c381, but for libvirt-qemu.

* src/remote/qemu_protocol.x (qemu_monitor_command_args): Adjust
type to match API.
* src/qemu_protocol-structs: Update accordingly.
2011-07-13 08:48:09 -06:00
Eric Blake
06dbfa6d21 maint: print flags in hex during debug
Continuation of commit 313ac7fd, and enforce things with a syntax
check.

Technically, virNetServerClientCalculateHandleMode is not printing
a mode_t, but rather a collection of VIR_EVENT_HANDLE_* bits;
however, these bits are < 8, so there is no different in the
output, and that was the easiest way to silence the new syntax check.

* cfg.mk (sc_flags_debug): New syntax check.
(exclude_file_name_regexp--sc_flags_debug): Add exemptions.
* src/fdstream.c (virFDStreamOpenFileInternal): Print flags in
hex, mode_t in octal.
* src/libvirt-qemu.c (virDomainQemuMonitorCommand)
(virDomainQemuAttach): Likewise.
* src/locking/lock_driver_nop.c (virLockManagerNopInit): Likewise.
* src/locking/lock_driver_sanlock.c (virLockManagerSanlockInit):
Likewise.
* src/locking/lock_manager.c: Likewise.
* src/qemu/qemu_migration.c: Likewise.
* src/qemu/qemu_monitor.c: Likewise.
* src/rpc/virnetserverclient.c
(virNetServerClientCalculateHandleMode): Print mode with %o.
2011-07-13 07:47:45 -06:00
Eric Blake
51fc56553f util: honor anchored names when searching for executables
I got bit in a debugging session on an uninstalled libvirtd; the
code tried to call out to the installed $LIBEXECDIR/libvirt_iohelper
instead of my just-built version.  So I set a breakpoint and altered
the binary name to be "./src/libvirt_iohelper", and it still failed
because I don't have "." on my PATH.

According to POSIX, execvp only searches PATH if the name does
not contain a slash.  Since we are trying to mimic that behavior,
an anchored name should be relative to the current working dir.

This tightens existing behavior, but most callers already pass
an absolute name or a name with no slashes, so it probably won't
be noticeable.

* src/util/util.c (virFindFileInPath): Anchored relative names do
not invoke a PATH search.
2011-07-13 07:30:42 -06:00
Daniel P. Berrange
83d768fab8 Ensure signal handler propagates fatal signals to default handler
When replacing the default SEGV/ABORT/BUS signal handlers you
can't rely on the process being terminated after your custom
handler runs. It is neccessary to manually restore the default
handler and then re-raise the signal

* src/rpc/virnetserver.c: Restore default handler and raise
  signal
2011-07-13 11:47:12 +01:00
Daniel P. Berrange
1a81687ad2 Remove unused virNetServerProgramErrorHander typedef
* src/rpc/virnetserverprogram.h: Remove unused typedef for
  virNetServerProgramErrorHander function callback
* daemon/remote.h: Remove decl for non-existant variables
2011-07-13 11:47:01 +01:00
Jiri Denemark
a23476f0db qemu: Fix monitor unlocking in some error paths
When monitor is entered with qemuDomainObjEnterMonitorWithDriver, the
correct method for leaving and unlocking the monitor is
qemuDomainObjExitMonitorWithDriver.
2011-07-13 01:53:32 +02:00
Jiri Denemark
307656b48a qemu: Consolidate qemuMigrationPrepare{Direct,Tunnel}
Most of the code in these two functions is supposed to be identical but
currently it isn't (which is natural since the code is duplicated).
Let's move common parts of these functions into qemuMigrationPrepareAny.

This also fixes qemuMigrationPrepareTunnel which didn't store received
lockState in the domain object.
2011-07-13 01:53:32 +02:00
Jiri Denemark
5b2d0bbc4c qemu: Add support for job phase
Asynchronous jobs may take long time to finish and may consist of
several phases which we need to now about to help with recovery/rollback
after libvirtd restarts.
2011-07-13 01:53:32 +02:00
Jiri Denemark
e6704af1fc qemu: Recover from interrupted jobs
Detect and react on situations when libvirtd was restarted or killed
when a job was active.
2011-07-13 01:53:32 +02:00
Jiri Denemark
ff340a84b8 qemu: Save job type in domain status XML
If libvirtd is restarted when a job is running, the new libvirtd process
needs to know about that to be able to recover and rollback the
operation.
2011-07-13 01:53:32 +02:00
Jiri Denemark
361842881e qemu: Allow all query commands to be run during long jobs
Query commands are safe to be called during long running jobs (such as
migration). This patch makes them all work without the need to
special-case every single one of them.

The patch introduces new job.asyncCond condition and associated
job.asyncJob which are dedicated to asynchronous (from qemu monitor
point of view) jobs that can take arbitrarily long time to finish while
qemu monitor is still usable for other commands.

The existing job.active (and job.cond condition) is used all other
synchronous jobs (including the commands run during async job).

Locking schema is changed to use these two conditions. While asyncJob is
active, only allowed set of synchronous jobs is allowed (the set can be
different according to a particular asyncJob) so any method that
communicates to qemu monitor needs to check if it is allowed to be
executed during current asyncJob (if any). Once the check passes, the
method needs to normally acquire job.cond to ensure no other command is
running. Since domain object lock is released during that time, asyncJob
could have been started in the meantime so the method needs to recheck
the first condition. Then, normal jobs set job.active and asynchronous
jobs set job.asyncJob and optionally change the list of allowed job
groups.

Since asynchronous jobs only set job.asyncJob, other allowed commands
can still be run when domain object is unlocked (when communicating to
remote libvirtd or sleeping). To protect its own internal synchronous
commands, the asynchronous job needs to start a special nested job
before entering qemu monitor. The nested job doesn't check asyncJob, it
only acquires job.cond and sets job.active to block other jobs.
2011-07-13 01:53:21 +02:00
Jiri Denemark
24f717ac22 qemu: Consolidate {Enter,Exit}Monitor{,WithDriver}
EnterMonitor and ExitMonitor methods are very similar to their
*WithDriver variants; consolidate them into EnterMonitorInternal and
ExitMonitorInternal to avoid (mainly future) code duplication.
2011-07-12 21:17:28 +02:00
Jiri Denemark
cec1d280ad qemu: Consolidate BeginJob{,WithDriver} into a single method
This avoids code duplication and also avoids relying on good luck that
ignore_value(virDomainObjUnref(obj)) doesn't set errno.
2011-07-12 21:17:28 +02:00
Jiri Denemark
90a422f071 qemu: Separate job related data into a new object 2011-07-12 21:17:28 +02:00
Daniel P. Berrange
65d68f62f1 Add missing cleanup for transient guests in UML driver
The UML inotify handler would kill off guests when certain
conditions arise, but it forgot to remove transient guests
from the list of domains

* src/uml/uml_driver.c: Cleanup transient guests
2011-07-12 17:05:30 +01:00
Daniel P. Berrange
f0c7103db5 Add auditing to the UML driver
* src/uml/uml_driver.c: Add audit hooks
2011-07-12 17:05:30 +01:00
Daniel P. Berrange
7d612c3059 Add auditing to the LXC driver
* src/lxc/lxc_driver.c: Add auditing hooks
2011-07-12 17:05:30 +01:00
Daniel P. Berrange
839f47b57f Add virtualization type in audit messages
Since a host can run several different virtualization types at
the same time, audit messages should allow domains to be identified.
Add a 'virt={qemu,kvm,uml,lxc,...}' key to domain audit messages

* src/conf/domain_audit.c: Identify virt type of guest
2011-07-12 17:05:30 +01:00
Daniel P. Berrange
e6e90c8d70 Add auditing of filesystems
When passing through filesystems from the host to a guest, the
host filesystem passed must be audited

* src/conf/domain_audit.{c,h}: Add virDomainAuditFS
2011-07-12 17:05:30 +01:00
Daniel P. Berrange
b43070ebfc Move qemu_audit.h helpers into shared code
The LXC and UML drivers can both make use of auditing. Move
the qemu_audit.{c,h} files to src/conf/domain_audit.{c,h}

* src/conf/domain_audit.c: Rename from src/qemu/qemu_audit.c
* src/conf/domain_audit.h: Rename from src/qemu/qemu_audit.h
* src/Makefile.am: Remove qemu_audit.{c,h}, add domain_audit.{c,h}
* src/qemu/qemu_audit.h, src/qemu/qemu_cgroup.c,
  src/qemu/qemu_command.c, src/qemu/qemu_driver.c,
  src/qemu/qemu_hotplug.c, src/qemu/qemu_migration.c,
  src/qemu/qemu_process.c: Update for changed audit API names
2011-07-12 17:05:25 +01:00
Matthias Bolte
38ea116eba esx: Initialize all instances of esxVMX_Data to zero
To avoid using or freeing uninitialized memory or pointers.
2011-07-12 17:08:36 +02:00
Matthias Bolte
b253452942 rpc: Fix compile error due to potentially unused parameter
connectDBus is only used if HAVE_DBUS is set. Therefore mark
it as potentially unused.
2011-07-12 17:06:16 +02:00
Jim Fehlig
b8adfcc60c Fix build when using polkit0
V2: Remove policy kit references from virNetServer and use DBus APIs
    directly, if available.
2011-07-12 08:44:55 -06:00
Daniel P. Berrange
109efd7941 Implement code to attach to external QEMU instances.
Given a PID, the QEMU driver reads /proc/$PID/cmdline and
/proc/$PID/environ to get the configuration. This is fed
into the ARGV->XML convertor to build an XML configuration
for the process.

/proc/$PID/exe is resolved to identify the full command
binary path

After checking for name/uuid uniqueness, an attempt is
made to connect to the monitor socket. If successful
then 'info status' and 'info kvm' are issued to determine
whether the CPUs are running and if KVM is enabled.

* src/qemu/qemu_driver.c: Implement virDomainQemuAttach
* src/qemu/qemu_process.h, src/qemu/qemu_process.c: Add
  qemuProcessAttach to connect to the monitor of an
  existing QEMU process
2011-07-12 15:39:04 +01:00
Daniel P. Berrange
7760eaa050 Add monitor API for checking whether KVM is enabled
When attaching to an external QEMU process, it is neccessary
to check if the process is using KVM or not. This can be done
using a monitor command

* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
  src/qemu/qemu_monitor_json.c, src/qemu/qemu_monitor_json.h,
  src/qemu/qemu_monitor_text.c, src/qemu/qemu_monitor_text.h: Add
  API for checking if KVM is enabled
2011-07-12 15:39:04 +01:00
Daniel P. Berrange
80a4ee4695 Add a method for extracting QEMU argv from /proc
To enable attaching to externally launched QEMU, we need
to be able to reverse engineer a guest XML config based
on the argv for a PID in /proc

* src/qemu/qemu_command.c, src/qemu/qemu_command.h: Add
  qemuParseCommandLinePid which extracts QEMU config from
  argv in /proc, given a PID number
2011-07-12 15:39:04 +01:00
Daniel P. Berrange
ebbae359ff Change extract pidfile & monitor config from QEMU command line
When converting QEMU argv into a virDomainDefPtr, also extract
the pidfile, monitor character device config and the monitor
mode.

* src/qemu/qemu_command.c, src/qemu/qemu_command.h: Extract
  pidfile & monitor config from QEMU argv
* src/qemu/qemu_driver.c, tests/qemuargv2xmltest.c: Add extra
  params when calling qemuParseCommandLineString
2011-07-12 15:39:04 +01:00
Daniel P. Berrange
accfe952eb Keep pidfile path in qemuDomainObjPrivate struct
Avoid re-formatting the pidfile path everytime we need it. Create
it once when starting the guest, and preserve it until the guest
is shutdown.

* src/libvirt_private.syms, src/util/util.c,
  src/util/util.h: Add virFileReadPidPath
* src/qemu/qemu_domain.h: Add pidfile field
* src/qemu/qemu_process.c: Store pidfile path in qemuDomainObjPrivate
2011-07-12 15:39:03 +01:00
Daniel P. Berrange
4403646001 Define remote wire protocol & impls for virDomainQemuAttach
This tweaks the RPC generator to cope with some naming
conventions used for the QEMU specific APIs

* daemon/remote.c: Server side dispatcher
* src/remote/remote_driver.c: Client side dispatcher
* src/remote/qemu_protocol.x: Wire protocol definition
* src/rpc/gendispatch.pl: Use '$structprefix' in method
  names, fix QEMU flags and fix dispatcher method names
2011-07-12 15:39:03 +01:00
Daniel P. Berrange
639f841346 Define a QEMU specific API to attach to a running QEMU process
Introduce a new API in libvirt-qemu.so

 virDomainPtr virDomainQemuAttach(virConnectPtr domain,
                                  unsigned long long pid,
                                  unsigned int flags);

This allows libvirtd to attach to an existing, externally
launched QEMU process. This is useful for QEMU developers who
prefer to launch QEMU themselves for debugging/devel reasons,
but still want the benefit of libvirt based tools like
virt-top, virt-viewer, etc

* include/libvirt/libvirt-qemu.h: Define virDomainQemuAttach
* src/driver.h, src/libvirt-qemu.c, src/libvirt_qemu.syms:
  Driver glue for virDomainQemuAttach
2011-07-12 15:39:03 +01:00
Alex Jia
9c5b190017 qemu: update configuration file
* src/qemu/qemu.conf: Add blkio controller into qemu.conf.
2011-07-12 07:24:43 -06:00
Eric Blake
f532bfa297 qemu: avoid fd leak on core dump failure
* src/qemu/qemu_driver.c (doCoreDump): Guarantee fd is closed.
2011-07-12 07:24:43 -06:00
Eric Blake
2ceb35e1cd maint: rename virtaudit to match file contents
* src/util/virtaudit.[ch]: Rename...
* src/util/viraudit.[ch]: ...to match virAudit* API.
* src/Makefile.am (UTIL_SOURCES): Reflect rename.
* daemon/libvirtd.c: Likewise.
* po/POTFILES.in: Likewise.
* src/libvirt_private.syms: Likewise.
* src/qemu/qemu_audit.c: Likewise.
2011-07-12 07:24:43 -06:00
Oskari Saarenmaa
9a0e6a8fae remote/ssh: support for no_verify.
Set StrictHostKeyChecking=no to auto-accept new ssh host keys if the
no_verify extra parameter was specified.  This won't disable host key
checking for already known hosts.  Includes a test and documentation.
2011-07-12 15:09:05 +02:00
Michal Privoznik
d50bb45b1a domain_conf: Free temporary variable
* src/conf/domain_conf.c: caller must free returned value of
  virXPathString in useserial
2011-07-12 17:25:36 +08:00
Osier Yang
6ddb83efcc esx: Fix a potential crash
Initialize ptr data.datastorePathWithoutFileName as NULL, otherwise
it might cause crash when trying to free it in cleanup.
2011-07-12 17:23:35 +08:00
Eric Blake
62dee6fa48 build: also check qemu_protocol for on-the-wire stability
Since we are going to add some libvirt-qemu.so entry points in
0.9.4, we might as well start checking for RPC stability, just
as for libvirt.so.

* src/Makefile.am (PROTOCOL_STRUCTS): New variable.
(remote_protocol-structs): Rename...
(%_protocol-structs): ...and make more generic.
* src/qemu_protocol-structs: New file.
2011-07-11 17:48:32 -06:00
Eric Blake
df94811f71 build: avoid requiring -lm
log2() is heavy when ffs() can do the same thing.  But ffs()
requires gnulib support for mingw.

This patch solves this linker error on Fedora 14.

/usr/bin/ld: libvirt_lxc-domain_conf.o: undefined reference to symbol 'log2@@GLIBC_2.2.5'
/usr/bin/ld: note: 'log2@@GLIBC_2.2.5' is defined in DSO /lib64/libm.so.6 so try adding it to the linker command line
/lib64/libm.so.6: could not read symbols: Invalid operation
collect2: ld returned 1 exit status

* .gnulib: Update to latest, for ffs.
* bootstrap.conf (gnulib_modules): Import ffs.
* src/conf/domain_conf.c (virDomainDefParseXML): Use ffs instead
of log2.
Reported by Dave Allan.
2011-07-11 17:32:11 -06:00
Matthias Bolte
aa14709a47 Add domain type checking
The drivers were accepting domain configs without checking if those
were actually meant for them. For example the LXC driver happily
accepts configs with type QEMU.

Add a check for the expected domain types to the virDomainDefParse*
functions.
2011-07-11 19:38:51 +02:00
Alex Jia
7518ad753f remote: Fix memory leak
Detected in valgrind run:

==9184== 1 bytes in 1 blocks are definitely lost in loss record 1 of 19
==9184==    at 0x4A04A28: calloc (vg_replace_malloc.c:467)
==9184==    by 0x3073715F78: xdr_array (xdr_array.c:97)
==9184==    by 0x4CF97C9: xdr_remote_domain_get_security_label_ret (remote_protocol.c:1696)
==9184==    by 0x4D08741: virNetMessageDecodePayload (virnetmessage.c:286)
==9184==    by 0x4D00F78: virNetClientProgramCall (virnetclientprogram.c:318)
==9184==    by 0x4CE3887: call (remote_driver.c:3933)
==9184==    by 0x4CF71C6: remoteDomainGetSecurityLabel (remote_driver.c:1580)
==9184==    by 0x4CCA480: virDomainGetSecurityLabel (libvirt.c:7340)
==9184==    by 0x41993A: cmdDominfo (virsh.c:2414)
==9184==    by 0x411E92: vshCommandRun (virsh.c:12730)
==9184==    by 0x4211ED: main (virsh.c:14076)
==9184==
==9184== 2 bytes in 1 blocks are definitely lost in loss record 2 of 19
==9184==    at 0x4A04A28: calloc (vg_replace_malloc.c:467)
==9184==    by 0x3073715F78: xdr_array (xdr_array.c:97)
==9184==    by 0x4CF974F: xdr_remote_node_get_security_model_ret (remote_protocol.c:1713)
==9184==    by 0x4D08741: virNetMessageDecodePayload (virnetmessage.c:286)
==9184==    by 0x4D00F78: virNetClientProgramCall (virnetclientprogram.c:318)
==9184==    by 0x4CE3887: call (remote_driver.c:3933)
==9184==    by 0x4CF6F96: remoteNodeGetSecurityModel (remote_driver.c:1648)
==9184==    by 0x4CBF799: virNodeGetSecurityModel (libvirt.c:7382)
==9184==    by 0x4197D7: cmdDominfo (virsh.c:2394)
==9184==    by 0x411E92: vshCommandRun (virsh.c:12730)
==9184==    by 0x4211ED: main (virsh.c:14076)
==9184==
==9184== 8 bytes in 1 blocks are definitely lost in loss record 3 of 19
==9184==    at 0x4A04A28: calloc (vg_replace_malloc.c:467)
==9184==    by 0x3073715F78: xdr_array (xdr_array.c:97)
==9184==    by 0x4CF9729: xdr_remote_node_get_security_model_ret (remote_protocol.c:1710)
==9184==    by 0x4D08741: virNetMessageDecodePayload (virnetmessage.c:286)
==9184==    by 0x4D00F78: virNetClientProgramCall (virnetclientprogram.c:318)
==9184==    by 0x4CE3887: call (remote_driver.c:3933)
==9184==    by 0x4CF6F96: remoteNodeGetSecurityModel (remote_driver.c:1648)
==9184==    by 0x4CBF799: virNodeGetSecurityModel (libvirt.c:7382)
==9184==    by 0x4197D7: cmdDominfo (virsh.c:2394)
==9184==    by 0x411E92: vshCommandRun (virsh.c:12730)
==9184==    by 0x4211ED: main (virsh.c:14076)
==9184==
==9184== LEAK SUMMARY:
==9184==    definitely lost: 11 bytes in 3 blocks

* src/remote/remote_driver.c: Avoid leak on remoteDomainGetSecurityLabel
  and remoteNodeGetSecurityModel.
2011-07-11 09:50:07 -06:00
Jim Fehlig
eb3143154e Do not drop kernel cmdline for xen pv domains
Kernel cmdline args can be passed to xen pv domains even when a
bootloader is specified.  The current config-to-sxpr mapping
ignores cmdline when bootloader is present.

Since the xend sub-driver is used with many xen toolstack versions,
this patch takes conservative approach of adding an else block to
existing !def->os.bootloader, and only appends sxpr if def->os.cmdline
is non-NULL.

V2: Fix existing testcase broken by this patch and add new testcases
2011-07-11 09:11:15 -06:00
Wen Congyang
8a8b45b889 kill vm if saving config failed in v3 protocol
If virDomainSaveConfig() failed, we will return NULL to source,
and the vm is still available to restart during confirm() step in
v3 protocol. So we should kill it off in qemuMigrationFinish().

In v2 protocol, we should not set vm to NULL, because we hold
a reference of vm and should unrefernce it.
2011-07-11 20:53:35 +08:00
Wen Congyang
586765fb65 RPC: fix argument's name 2011-07-11 20:53:29 +08:00
Michal Privoznik
874e65aa15 bios: Add support for SGA
This patch creates new <bios> element which, at this time has only the
attribute useserial='yes|no'. This attribute allow users to use
Serial Graphics Adapter and see BIOS messages from the very first moment
domain boots up. Therefore, users can choose boot medium, set PXE, etc.
2011-07-11 11:47:14 +02:00
Matthias Bolte
1428029738 vbox: Fix logic in storage driver open function
If the main driver is the vbox driver, then the open function
has to return an error if the private data is invalid.
2011-07-09 15:52:14 +02:00
Matthias Bolte
6ca8d68d70 rpc: Fix whitespace problem in generated code
Add missing line break and fix indention level.

Reported by Cole Robinson.
2011-07-09 00:10:04 +02:00
Federico Simoncelli
de2aa6cfc7 sanlock: avoid lockspace setup when auto_disk_lease is off
When auto_disk_lease is off we should avoid the automatic lockspace
creation.

Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
2011-07-08 14:49:10 -06:00
Michael Santos
b0b85c454c qemu: clean up OOM checks 2011-07-08 09:39:23 -06:00
Daniel P. Berrange
3cfdc57b85 Fix sending of reply to final RPC message
The dispatch for the CLOSE RPC call was invoking the method
virNetServerClientClose(). This caused the client connection
to be immediately terminated. This meant the reply to the
final RPC message was never sent. Prior to the RPC rewrite
we merely flagged the connection for closing, and actually
closed it when the next RPC call dispatch had completed.

* daemon/remote.c: Flag connection for a delayed close
* daemon/stream.c: Update to use new API for closing
  failed connection
* src/rpc/virnetserverclient.c, src/rpc/virnetserverclient.h:
  Add support for a delayed connection close. Rename the
  virNetServerClientMarkClose method to virNetServerClientImmediateClose
  to clarify its semantics
2011-07-08 16:19:57 +01:00
Daniel P. Berrange
afe8839f01 Fix leak of remote driver if final 'CLOSE' RPC call fails
When closing a remote connection we issue a (fairly pointless)
'CLOSE' RPC call to the daemon. If this fails we skip all the
cleanup of private data, but the virConnectPtr object still
gets released as normal. This causes a memory leak. Since the
CLOSE RPC call is pretty pointless, just carry on freeing the
remote driver if it fails.

* src/remote/remote_driver.c: Ignore failure to issue CLOSE
  RPC call
2011-07-08 16:19:57 +01:00
Daniel P. Berrange
2c85644b0b Fix release of outgoing stream confirmation/abort message
When sending back the final OK or ERROR message on completion
of a stream, we were not decrementing the 'nrequests' tracker
on the client. With the default requests limit of '5', this
meant once a client had created 5 streams, they are unable to
process any further RPC calls.  There was also a bug when
handling an error from decoding a message length header, which
meant a client connection would not immediately be closed.

* src/rpc/virnetserverclient.c: Fix release of request after
  stream completion & mark client for close on error
2011-07-08 16:19:57 +01:00
Daniel P. Berrange
927dfcf693 Fix leak of 'msg' object in client stream code
In one exit path we forgot to free the virNetMessage object causing
a large memory leak for streams which send a lot of data. Some other
paths were calling VIR_FREE directly instead of virNetMessageFree
although this was (currently) harmless.

* src/rpc/virnetclientstream.c: Fix leak of msg object
* src/rpc/virnetclientprogram.c: Call virNetMessageFree instead
  of VIR_FREE
2011-07-08 16:19:57 +01:00
Daniel P. Berrange
c2ddd53614 Fix mistaken order of server cert/key parameters in constructor
The virNetTLSContextNew was being passed key/cert parameters in
the wrong order. This wasn't immediately visible because if
virNetTLSContextNewPath was used, a second bug reversed the order
of those parameters again.

Only if the paths were manually specified in /etc/libvirt/libvirtd.conf
did the bug appear

* src/rpc/virnettlscontext.c: Fix order of params passed to
  virNetTLSContextNew
2011-07-08 16:19:57 +01:00
Michal Privoznik
30c43afd73 graphics: add support for action_if_connected in qemu
This option accepts 3 values:
-keep, to keep current client connected (Spice+VNC)
-disconnect, to disconnect client (Spice)
-fail, to fail setting password if there is a client connected (Spice)
2011-07-08 17:00:43 +02:00
Jiri Denemark
2f4d2496a8 util: Don't try to fchown files opened as non-root
When virFileOpenAs is called with VIR_FILE_OPEN_AS_UID flag and uid/gid
different from root/root while libvirtd is running as root, we fork a
new child, change its effective UID/GID to uid/gid and run
virFileOpenAsNoFork. It doesn't make any sense to fchown() the opened
file in this case since we already know that uid/gid can access the file
when open succeeds and one of the following situations may happen:

- the file is already owned by uid/gid and we skip fchown even before
  this patch
- the file is owned by uid but not gid because it was created in a
  directory with SETGID set, in which case it is desirable not to change
  the group
- the file may be owned by a completely different user and/or group
  because it was created on a root-squashed or even all-squashed NFS
  filesystem, in which case fchown would most likely fail anyway
2011-07-08 16:43:55 +02:00
Michal Privoznik
724819a10a qemu: Don't chown files on NFS share if dynamic_ownership is off
When dynamic ownership is disabled we don't want to chown any files,
not just local.
2011-07-08 10:05:59 +02:00
John Williams
a1092070d4 microblaze: Add architecture support
Add libvirt support for MicroBlaze architecture as a QEMU target.  Based on mips/mipsel pattern.

Signed-off-by: John Williams <john.williams@petalogix.com>
2011-07-07 17:49:21 -06:00
Eric Blake
17da0669e0 util: drop unused safezero argument
No caller was using the flags argument, and this function is internal
only, so we might as well skip it.

* src/util/util.h (safezero): Update signature.
* src/util/util.c (safezero): Update function.
* src/locking/lock_driver_sanlock.c
(virLockManagerSanlockSetupLockspace)
(virLockManagerSanlockCreateLease): Update all callers.
* src/storage/storage_backend.c (createRawFile): Likewise.
2011-07-07 14:15:38 -06:00
Eric Blake
7931639b7a conf: prefer unsigned int for flags
* src/conf/domain_conf.c (virDomainGraphicsDefParseXML)
(virDomainDeviceInfoFormat, virDomainDeviceInfoParseXML)
(virDomainDiskDefParseXML, virDomainControllerDefParseXML)
(virDomainFSDefParseXML, virDomainNetDefParseXML)
(virDomainChrDefParseTargetXML, virDomainChrDefParseXML)
(virDomainSmartcardDefParseXML, virDomainInputDefParseXML)
(virDomainTimerDefParseXML, virDomainSoundDefParseXML)
(virDomainWatchdogDefParseXML, virDomainMemballoonDefParseXML)
(virDomainVideoDefParseXML)
(virDomainHostdevSubsysUsbDefParseXML)
(virDomainHostdevSubsysPciDefParseXML)
(virDomainHostdevDefParseXML, virSecurityLabelDefParseXML)
(virDomainVcpuPinDefParseXML, virDomainDefParseXML)
(virDomainDefParse, virDomainDiskDefFormat)
(virDomainControllerDefFormat, virDomainFSDefFormat)
(virDomainNetDefFormat, virDomainChrSourceDefFormat)
(virDomainChrDefFormat, virDomainSmartcardDefFormat)
(virDomainSoundDefFormat, virDomainMemballoonDefFormat)
(virDomainWatchdogDefFormat, virDomainVideoDefFormat)
(virDomainInputDefFormat, virDomainGraphicsDefFormat)
(virDomainHostdevDefFormat, virDomainObjFormat): Switch signature.
(virDomainObjTaint, virDomainSaveStatus): Use unsigned flags.
2011-07-07 14:15:38 -06:00
Eric Blake
1740c38116 drivers: prefer unsigned int for flags
Now that the public APIs always use unsigned flags, the internal
driver callbacks might as well do likewise.

* src/driver.h (vrDrvOpen, virDrvDomainCoreDump)
(virDrvDomainGetXMLDesc, virDrvNetworkGetXMLDesc)
(virDrvNWFilterGetXMLDesc): Update type.
* src/remote/remote_protocol.x (remote_open_args)
(remote_domain_core_dump_args, remote_domain_get_xml_desc_args)
(remote_network_get_xml_desc_args)
(remote_nwfilter_get_xml_desc_args): Likewise.
* src/test/test_driver.c: Update clients.
* src/remote/remote_driver.c: Likewise.
* src/xen/xen_hypervisor.c: Likewise.
* src/xen/xen_hypervisor.h: Likewise.
* src/xen/xen_driver.c: Likewise.
* src/xen/xend_internal.c: Likewise.
* src/xen/xend_internal.h: Likewise.
* src/xen/xm_internal.c: Likewise.
* src/xen/xm_internal.h: Likewise.
* src/xen/xs_internal.c: Likewise.
* src/xen/xs_internal.h: Likewise.
* src/xen/xen_inotify.c: Likewise.
* src/xen/xen_inotify.h: Likewise.
* src/phyp/phyp_driver.c: Likewise.
* src/openvz/openvz_driver.c: Likewise.
* src/vmware/vmware_driver.c: Likewise.
* src/vbox/vbox_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xenapi/xenapi_driver.c: Likewise.
* src/esx/esx_driver.c: Likewise.
* src/esx/esx_interface_driver.c: Likewise.
* src/esx/esx_network_driver.c: Likewise.
* src/esx/esx_storage_driver.c: Likewise.
* src/esx/esx_device_monitor.c: Likewise.
* src/esx/esx_secret_driver.c: Likewise.
* src/esx/esx_nwfilter_driver.c: Likewise.
* src/interface/netcf_driver.c: Likewise.
* src/nwfilter/nwfilter_driver.c: Likewise.
* src/libxl/libxl_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/lxc/lxc_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/secret/secret_driver.c: Likewise.
* src/storage/storage_driver.c: Likewise.
* src/node_device/node_device_hal.c: Likewise.
* src/node_device/node_device_udev.c: Likewise.
* src/remote_protocol-structs: Likewise.
2011-07-07 14:15:37 -06:00
Eric Blake
18d561c7a4 public API: prefer unsigned int for flags
Most APIs use 'unsigned int flags'; but a few stragglers were using
a signed value.  In particular, the vir*GetXMLDesc APIs were
split-brain, with inconsistent choice of types.  Although it is
an API break to use 'int' instead of 'unsigned int', it is ABI
compatible (pre-compiled apps will have no difference in behavior),
and generally apps can be recompiled without any issue (only rare
apps that compiled with extremely high warning levels, or which
pass libvirt API around as typed function pointers, would have to
make any code changes to deal with the change).

The migrate APIs use 'unsigned long flags', which can't be changed,
due to ABI constraints.

This patch intentionally touches only the public API, to prove the
claim that most existing code (including driver callbacks and virsh)
still compiles just fine in spite of the type change.

* include/libvirt/libvirt.h.in (virConnectOpenAuth)
(virDomainCoreDump, virDomainGetXMLDesc, virNetworkGetXMLDesc)
(virNWFilterGetXMLDesc): Use unsigned int for flags.
(virDomainHasCurrentSnapshot): Use consistent spelling.
* src/libvirt.c (virConnectOpenAuth, virDomainCoreDump)
(virDomainGetXMLDesc, virNetworkGetXMLDesc)
(virNWFilterGetXMLDesc, do_open): Update accordingly.
2011-07-07 14:15:32 -06:00
Eric Blake
313ac7fd39 maint: print flags in hex during debug
Debugging decimal flags is a pain.

* src/libvirt.c: Always print flags in hex.
2011-07-07 13:12:50 -06:00
Eric Blake
8437e738fa build: use gnulib pthread_sigmask
Gnulib finally learned how to do pthread_sigmask on mingw.

* .gnulib: Update to latest, for pthread_sigmask.
* bootstrap.conf (gnulib_modules): Add pthread_sigmask.
* configure.ac (AC_CHECK_FUNCS): Drop redundant check.
* src/rpc/virnetclient.c (virNetClientSetTLSSession)
(virNetClientIOEventLoop): Make code unconditional.
* src/util/command.c (virFork): Likewise.
* tools/virsh.c (doMigrate, cmdMigrate): Likewise.
2011-07-07 13:12:44 -06:00
Laine Stump
24442b60b9 util: close the ioctl socket at the end of if(Get|Set)MacAddress
Otherwise this will leak an fd each time one of these functions is
called.
2011-07-06 20:16:51 -04:00
Laine Stump
de796a328d util: rename err_exit to cleanup in interface.c
This brings it in line with the recommendations in HACKING.
2011-07-06 20:16:51 -04:00
Minoru Usui
107ee906ff sysinfo: delete unnecessary white space of sysinfo.
* Trim each element and delete null entry of sysinfo by
  virSkipSpacesBackwards().

Signed-off-by: Minoru Usui <usui@mxm.nes.nec.co.jp>
2011-07-06 15:19:28 -06:00
Eric Blake
01374ec8b1 util: add virTrimSpaces
The next patch wants to adjust an end pointer to trim trailing
spaces but without modifying the underlying string, but a more
generally useful ability to trim trailing spaces in place is
also worth providing.

* src/util/util.h (virTrimSpaces, virSkipSpacesBackwards): New
prototypes.
* src/util/util.c (virTrimSpaces, virSkipSpacesBackwards): New
functions.
* src/libvirt_private.syms (util.h): Export new functions.
Inspired by a patch by Minoru Usui.
2011-07-06 15:17:14 -06:00
Eric Blake
82162316b6 util: fix virSkipSpaces
Most clients of virSkipSpaces don't want to omit backslashes.
Also, open-coding the list of spaces is not as nice as using
c_isspace.

* src/util/util.c (virSkipSpaces): Use c_isspace.
(virSkipSpacesAndBackslash): New function.
* src/util/util.h (virSkipSpacesAndBackslash): New prototype.
* src/xen/xend_internal.c (sexpr_to_xend_topology): Update caller.
* src/libvirt_private.syms (util.h): Export new function.
2011-07-06 14:52:43 -06:00
Matthias Bolte
cd9a4232e5 Reduce code duplication in virFileMakePath(Helper)
Move stat and mkdir to virFileMakePathHelper.

Also use the stat result to detect whether the existing path
is a directory and set errno accordingly if it's not.
2011-07-06 16:03:12 +02:00
Matthias Bolte
2d2d6a01d7 apparmor: Finish incomplete renaming of relabel to norelabel
Commit 693eac388f was incomplete here.
2011-07-06 14:15:05 +02:00
Daniel P. Berrange
693eac388f Fix default value of security label 'relabel' attribute
When no <seclabel> is present in the XML, the virDomainSeclabelDef
struct is left as all zeros. Unfortunately, this means it gets setup
as type=dynamic, with relabel=no, which is an illegal combination.

Change the 'bool relabel' attribute in virDomainSeclabelDef to
the inverse 'bool norelabel' so that the default initialization
is sensible

* src/conf/domain_conf.c, src/conf/domain_conf.h,
  src/security/security_apparmor.c, src/security/security_selinux.c:
  Replace 'relabel' with 'norelabel'
2011-07-06 12:45:09 +01:00
Matthias Bolte
e123e1ee6b Fix return value semantic of virFileMakePath
Some callers expected virFileMakePath to set errno, some expected
it to return an errno value. Unify this to return 0 on success and
-1 on error. Set errno to report detailed error information.

Also optimize virFileMakePath if stat fails with an errno different
from ENOENT.
2011-07-06 09:27:06 +02:00
Matthias Bolte
c7694e3e50 nodedev: Let check_fc_host_linux report errors to the caller 2011-07-06 08:51:11 +02:00
Guannan Ren
416814e66a pci: initialize state values on reattach
add a new API pciDeviceReAttachInit() in pci.c to initialize state values for nodedev reattach

Initialize three state value of device driver to 1. This is just for a new call to
qemudNodeDeviceReAttach()
2011-07-05 11:42:38 -06:00
Laine Stump
834ce603f9 qemu: check flags in qemuDomainGetXMLDesc
Although most functions with flags check to verify no application is
passing in flag bits that are currently undefined, for some reason
this function wasn't.
2011-07-05 12:33:21 -04:00
Laine Stump
d3f7c7b151 conf: fix domain parse flags
* Change all flags args from int to unsigned int

* Allow passing flags in virDomainObjParseFile (and propogate those
  flags all the way down the call chain). Previously the flags were
  hardcoded (to VIR_DOMAIN_XML_INTERNAL_STATUS) several layers down
  the chain. Pass that value in at the one place that is currently
  calling virDomainObjParseFile.
2011-07-05 12:33:21 -04:00
Matthias Bolte
4a03db81cd qemu: Fix virFileMakePath error handling in snapshot creation
virFileMakePath returns an errno value on error, that will never
be negative. An virFileMakePath error would have been ignored here,
instead of being reported correctly.
2011-07-05 10:49:36 +02:00
Matthias Bolte
4a6d4d4285 conf: Fix declaration of virNetworkDNS(Hosts)Def struct
The struct A {} A; construct triggers a linker error on OSX about
duplicate symbols. This also differs from the common struct style.

Switch to common style to fix this.

Reported by Justin Clift.
2011-07-05 10:40:27 +02:00
Daniel P. Berrange
6321fd9798 Allow for resource relabelling with static labels
Add a new attribute to the <seclabel> XML to allow resource
relabelling to be enabled with static label usage.

  <seclabel model='selinux' type='static' relabel='yes'>
    <label>system_u:system_r:svirt_t:s0:c392,c662</label>
  </seclabel>

* docs/schemas/domain.rng: Add relabel attribute
* src/conf/domain_conf.c, src/conf/domain_conf.h: Parse
  the 'relabel' attribute
* src/qemu/qemu_process.c: Unconditionally clear out the
  'imagelabel' attribute
* src/security/security_apparmor.c: Skip based on 'relabel'
  attribute instead of label type
* src/security/security_selinux.c: Skip based on 'relabel'
  attribute instead of label type and fill in <imagelabel>
  attribute if relabel is enabled.
2011-07-04 11:18:57 +01:00
Daniel P. Berrange
4ebfc42716 Allow a base label to be specified in dynamic labelling mode
Normally the dynamic labelling mode will always use a base
label of 'svirt_t' for VMs. Introduce a <baselabel> field
in the <seclabel> XML to allow this base label to be changed

eg

   <seclabel type='dynamic' model='selinux'>
     <baselabel>system_u:object_r:virt_t:s0</baselabel>
   </seclabel>

* docs/schemas/domain.rng: Add <baselabel>
* src/conf/domain_conf.c, src/conf/domain_conf.h: Parsing
  of base label
* src/qemu/qemu_process.c: Don't reset 'model' attribute if
  a base label is specified
* src/security/security_apparmor.c: Refuse to support base label
* src/security/security_selinux.c: Use 'baselabel' when generating
  label, if available
2011-07-04 11:17:19 +01:00
Osier Yang
49826eda7a storage: Do not override the exact error of createRawFile
virStorageBackendCreateRaw: createRawFile already reported the
exact error.

Before the fix:

error: Failed to create vol vol-create.img
error: cannot create path '/var/lib/libvirt/images/vol-create.img': Unknown error 18446744073709551597

After the fix:

error: Failed to create vol vol-create.img
error: cannot fill file '/var/lib/libvirt/images/vol-create.img': No space left on device
2011-07-04 16:13:23 +08:00
Wen Congyang
1aa5f85bb8 initialize pointer to NULL
cmd is not initialized to NULL, but we try to freed it if we
meet some error.
2011-07-04 14:00:28 +08:00
Eric Blake
5dc404b71d storage: avoid crash on parse error
Coverity detected that we could crash on bogus input.  Meanwhile,
strtok_r is rather heavy compared to strchr.

* src/storage/storage_backend_iscsi.c (virStorageBackendIQNFound):
  Check for parse failure, and use lighter-weight functions.
2011-07-04 10:41:38 +08:00
Eric Blake
222f6233b4 vmware: avoid null deref on failed lookup
* src/vmware/vmware_driver.c (vmwareDomainReboot): Check error
  before dereferencing memory.
2011-07-04 10:32:22 +08:00
Eric Blake
74d224fac3 qemu: avoid null deref on low memory
Detected by Coverity.  qemuDomainEventQueue requires a non-NULL
pointer; most callers silently drop the event if we encountered
and OOM situation trying to create the event.

* src/qemu/qemu_migration.c (qemuMigrationFinish): Check for OOM.
2011-07-04 10:30:43 +08:00
Eric Blake
3f81f8e4c1 cgroup: silence coverity warning
Coverity noted that most clients reacted to failure to hash; but in
a best-effort kill loop, we can ignore failure.

* src/util/cgroup.c (virCgroupKillInternal): Ignore hash failure.
2011-07-04 10:28:27 +08:00
Eric Blake
dd0c42abd4 rpc: silence coverity warning
Coverity noted that 4 out of 5 calls to virNetClientStreamRaiseError
checked the return value.  This case expects a particular value, so
warn if our expectations went wrong due to some bug elsewhere.

* src/rpc/virnetclient.c (virNetClientCallDispatchStream): Warn on
  unexpected scenario.
2011-07-04 10:26:05 +08:00
Eric Blake
aaea56dc99 qemu: silence coverity warnings
Coverity warns if the majority of callers check a function for
errors, but a few don't; but in qemu_audit and qemu_domain, the
choice to not check for failures was safe.  In qemu_command, the
failure to generate a uuid can only occur on a bad pointer.

* src/qemu/qemu_audit.c (qemuAuditCgroup): Ignore failure to get
  cgroup controller.
* src/qemu/qemu_domain.c (qemuDomainObjEnterMonitor)
  (qemuDomainObjEnterMonitorWithDriver): Ignore failure to get
  timestamp.
* src/qemu/qemu_command.c (qemuParseCommandLine): Check for error.
2011-07-04 10:23:46 +08:00
Eric Blake
6e07f72ee5 rpc: avoid memory leak on error
Detected by Coverity.  The leak is on an error path, but I'm not
sure whether that path is likely to be triggered in practice.

* src/rpc/virnetserverservice.c (virNetServerServiceAccept): Plug leak.
2011-07-04 10:22:50 +08:00
Eric Blake
2aa83b43d3 rpc: fix logic bug
Spotted by Coverity.  If we don't update tmp each time through
the loop, then if the filter being removed was not the head of
the list, we accidentally lose all filters prior to the one we
wanted to remove.

* src/rpc/virnetserverclient.c (virNetServerClientRemoveFilter):
    Don't lose unrelated filters.
2011-07-04 09:45:21 +08:00
Eric Blake
95eaf7ba7f pci: avoid memory leak on error
Detected by Coverity.  Some, but not all, error paths were clean;
but they were repetitive so I refactored them.

* src/util/pci.c (pciGetDevice): Plug leak.
2011-07-01 16:46:20 -06:00
Eric Blake
9e8b7c1523 interface: avoid memory leak on parse error
Detected by Coverity.  Unlikely to hit unless the file contents
were corrupted.

* src/util/interface.c (ifaceRestoreMacAddress): Plug leak.
2011-07-01 16:46:20 -06:00
Eric Blake
8ce1afff88 util: choose whether to require micro in version strings
To avoid regressions, we let callers specify whether to require a
minor and micro version.  Callers that were parsing uname() output
benefit from defaulting to 0, whereas callers that were parsing
version strings from other sources should not change in behavior.

* src/util/util.c (virParseVersionString): Allow caller to choose
whether to fail if minor or micro is missing.
* src/util/util.h (virParseVersionString): Update signature.
* src/esx/esx_driver.c (esxGetVersion): Update callers.
* src/lxc/lxc_driver.c (lxcVersion): Likewise.
* src/openvz/openvz_conf.c (openvzExtractVersionInfo): Likewise.
* src/uml/uml_driver.c (umlGetVersion): Likewise.
* src/vbox/vbox_MSCOMGlue.c (vboxLookupVersionInRegistry):
Likewise.
* src/vbox/vbox_tmpl.c (vboxExtractVersion): Likewise.
* src/vmware/vmware_conf.c (vmwareExtractVersion): Likewise.
* src/xenapi/xenapi_driver.c (xenapiGetVersion): Likewise.
Reported by Matthias Bolte.
2011-07-01 11:22:11 -06:00
Eric Blake
6ae3052c06 build: consistently use CFLAGS
According to the automake manual, CPPFLAGS (aka INCLUDES, as spelled
in automake 1.9.6) should only include -I, -D, and -U directives; more
generic directives like -Wall belong in CFLAGS since they affect more
phases of the build process.  Therefore, we should be sticking CFLAGS
additions into a CFLAGS container, not a CPPFLAGS container.

* src/Makefile.am (libvirt_driver_vmware_la_CFLAGS): Use AM_CFLAGS.
(INCLUDES): Move CFLAGS items...
(AM_CFLAGS): ...to their proper location.
* python/Makefile.am (INCLUDES, AM_CFLAGS): Likewise.
* tests/Makefile.am (INCLUDES, AM_CFLAGS): Likewise.
(commandtest_CFLAGS, commandhelper_CFLAGS)
(virnetmessagetest_CFLAGS, virnetsockettest_CFLAGS): Use AM_CFLAGS.
2011-07-01 10:44:17 -06:00
Scott Moser
d42b749abf fix virParseVersionString with linux 3.0
linux 3.0 has no micro version number, and that is causing problems
for virParseVersionString.  The patch below should allow for:
  major
  major.minor
  major.minor.micro

If major or minor are not present they just default to zero.
We found this in Ubuntu (https://bugs.launchpad.net/bugs/802977)
2011-07-01 07:09:48 -06:00
Eric Blake
0ac385bd6c build: remove dead variables
Detected by Coverity.  No real harm in leaving these, but fixing
them cuts down on the noise for future analysis.

* src/rpc/virnetserver.c (virNetServerAddService): Delete unused
entry.
* src/util/sysinfo.c (virSysinfoRead): Delete dead assignment to
base.
2011-07-01 06:48:33 -06:00
Eric Blake
bf8fba1e75 build: simplify sanlock distribution
EXTRA_DIST files should unconditionally be part of the tarball,
rather than depending on the presence of sanlock-devel.

Meanwhile, parallel builds could fail if we don't use mkdir -p.

* src/Makefile.am (EXTRA_DIST): Always ship sanlock .aug and
template .conf files.
(%-sanlock.conf): Use MKDIR_P.
2011-06-30 17:26:15 -06:00
Eric Blake
0a8a79af53 rpc: avoid freeing uninitialized variable
Detected by Coverity.  Both are instances of bad things happening
if pipe2 fails; the virNetClientNew failure could free garbage,
and virNetSocketNewConnectCommand could close random fds.

Note: POSIX doesn't guarantee the contents of fd[0] and fd[1]
after pipe failure: http://austingroupbugs.net/view.php?id=467
We may need to introduce a virPipe2 wrapper that guarantees
that on pipe failure, the fds are explicitly set to -1, rather
than our current state of assuming the fds are unchanged from
their value prior to the failed pipe call.

* src/rpc/virnetclient.c (virNetClientNew): Initialize variable.
* src/rpc/virnetsocket.c (virNetSocketNewConnectCommand):
Likewise.
2011-06-30 11:36:52 -06:00
Daniel P. Berrange
1414cc5fdd Fix stream procedure number for virDomainMigratePrepareTunnel3
The virDomainMigratePrepareTunnel3 impl in the remote driver
was using the procedure number for the virDomainMigratePrepareTunnel
method. This doesn't work out so well, because it makes the server
ignore & drop all stream packets

* src/remote/remote_driver.c: Fix procedure for PrepareTunnel3
2011-06-30 18:04:02 +01:00
Daniel P. Berrange
cfd4370ad0 Send back an error if we get unexpected stream control message
We ignore any stream data packets which come in for streams which
are not registered, since these packets are async and do not have
a reply. If we get a stream control packet though we must send back
an actual error, otherwise a (broken) client may hang forever
making it hard to diagnose the client bug.

* src/rpc/virnetserverprogram.c: Send back error for unexpected
  stream control messages
2011-06-30 18:04:02 +01:00
Daniel P. Berrange
c69ba67032 Fix release of virNetMessagePtr instances in streams processing
If a message packet for a invalid stream is received it is just
free'd. This is not good because it doesn't let the client RPC
request counter decrement. If a stream is shutdown with pending
packets the message also isn't released properly because of an
incorrect header type

* daemon/stream.c: Fix message header type
* src/rpc/virnetserverprogram.c: Send dummy reply instead of
  free'ing ignored stream message
2011-06-30 18:04:02 +01:00
Daniel P. Berrange
f1c2c0e2dc Add missing include of signal.h in virnetsocket.c
virNetSocketFree uses kill(SIGTERM) so we must include
signal.h for the definitions

* src/rpc/virnetsocket.c: Include signal.h
2011-06-30 18:04:02 +01:00
Daniel P. Berrange
e44bec2e34 Fix potential crash when saving guests
The qemudDomainSaveFlag method will call EndJob on the 'vm'
object it is passed in. This can result in the 'vm' object
being free'd if the last reference is removed. Thus no caller
of 'qemudDomainSaveFlag' must *ever* reference 'vm' again
upon return.

Unfortunately qemudDomainSave and qemuDomainManagedSave
both call 'virDomainObjUnlock', which can result in a
crash. This is non-deterministic since it involves a race
with the monitor I/O thread.

Fix this by making qemudDomainSaveFlag responsible for
calling virDomainObjUnlock instead.

* src/qemu/qemu_driver.c: Fix potential use after free
  when saving guests
2011-06-30 18:04:02 +01:00
Daniel P. Berrange
f870c99b45 Fix uninitialized value in QEMU monitor FD sending code
The 'char control[CMSG_SPACE(sizeof(int))];' was not being
wiped, so could potentially contain uninitialized bytes.
While this was harmless in this case, it caused complaints
from valgrind

* src/qemu/qemu_monitor.c: memset 'control' variable
  in qemuMonitorIOWriteWithFD
2011-06-30 18:04:02 +01:00
Daniel P. Berrange
5ab8746f69 Fix leak of JSON object for events
The event handler functions do not free the virJSONValuePtr
object. Every event received from a VM thus caused a memory
leak

* src/qemu/qemu_monitor_json.c: Fix leak of event object
2011-06-30 18:04:01 +01:00
Daniel P. Berrange
09a882bd4d Remove bogus warning message in JSON code
* src/util/json.c: Remove warning message
2011-06-30 18:04:01 +01:00
Daniel P. Berrange
56a77b4920 Fix use of uninitialized memory when releasing PCI slots
The 'function' field in the PCI address was not correctly
initialized, so it was building the wrong address address
string and so not removing all functions from the in use
list.

* src/qemu/qemu_command.c: Fix initialization of PCI function
2011-06-30 18:04:01 +01:00
Daniel P. Berrange
9f40b80ba8 Fix leak of virStreamPtr object with callback added in fdstream impl
When adding a callback to an FD stream, we take an extra reference
on the virStreamPtr instance. We forgot to registered a free function
with the callback, so when the callback was removed, the extra
reference held on virStreamPtr was not released.

* src/fdstream.c: Use a free callback to release reference on
  virStreamPtr when removing callback
2011-06-30 18:04:01 +01:00
Daniel P. Berrange
92fa2e58fd Fix leak of mdnsGroupName in virNetServer object
* src/rpc/virnetserver.c: Free mdnsGroupName
2011-06-30 18:04:01 +01:00
Daniel P. Berrange
d840fe93b0 Ensure RPC message is cleared before being reused
To save on memory reallocation, virNetMessage instances that
have been transmitted, may be reused for a subsequent incoming
message. We forgot to clear out the old data of the message
fully, which caused later confusion upon read.

* src/rpc/virnetserverclient.c: memset entire message before
  reusing it
2011-06-30 18:04:01 +01:00
Daniel P. Berrange
27111b350f Fix hardcoded limit on client requests in RPC code
The virNetServerClient object had a hardcoded limit of 10 requests
per client. Extend constructor to allow it to be passed in as a
configurable variable. Wire this up to the 'max_client_requests'
config parameter in libvirtd

* daemon/libvirtd.c: Pass max_client_requests into services
* src/rpc/virnetserverservice.c, src/rpc/virnetserverservice.h: Pass
  nrequests_client_max to clients
* src/rpc/virnetserverclient.c, src/rpc/virnetserverclient.h: Allow
  configurable request limit
2011-06-30 18:04:01 +01:00
Wen Congyang
cd13dbb147 lock qemu_driver early in qemuGetSchedulerParametersFlags()
If we pass VIR_DOMAIN_AFFECT_LIVE | VIR_DOMAIN_AFFECT_CONFIG to
qemuGetSchedulerParametersFlags() or *nparams is less than 1,
we will unlock qemu_driver without locking it. It's very dangerous.

We should lock qemu_driver after calling virCheckFlags().
2011-06-30 13:27:00 +08:00
Wen Congyang
fb2a2e2611 save domain status after modifing vcpupin
We should save domain status after modifing vcpupin. If not,
we will get wrong vcpupin information after rebooting libvirtd.
2011-06-30 13:26:56 +08:00
Wen Congyang
53d03ba837 Fix memory leak in virDomainVcpuPinDel()
virDomainVcpuPinDefFree() does not free def->cputune.vcpupin if nvcpupin
is 0, and does not set def->cputune.vcpupin to NULL.

If we set nvcpupin to 0 but do not free vcpupin, vcpupin will not be freed
when vm->def is freed.

Use VIR_FREE() instead of virDomainVcpuPinDefFree() to free the memory
and set def->cputune.vcpupint to NULL.
2011-06-30 13:26:51 +08:00
Minoru Usui
72882bc9d9 sysinfo: fix illegal NULL return
If virSysinfoParse{BIOS,System,Processor,Memory}()
can't find newline('\n'), these return NULL.
This patch fixes this.

Signed-off-by: Minoru Usui <usui@mxm.nes.nec.co.jp>
2011-06-29 09:12:38 -06:00
Daniel P. Berrange
516235c037 Ensure that EOF is dispatched to the stream callback
When the remote client receives end of file on the stream
it never invokes the stream callback. Applications relying
on async event driven I/O will thus never see the EOF
condition on the stream

* src/rpc/virnetclient.c, src/rpc/virnetclientstream.c:
  Ensure EOF is dispatched
2011-06-29 11:08:59 +01:00
Daniel P. Berrange
8a4e28743e Fix locking wrt virNetClientStreamPtr object
The client stream object can be used independently of the
virNetClientPtr object, so must have full locking of its
own and not rely on any caller.

* src/remote/remote_driver.c: Remove locking around stream
  callback
* src/rpc/virnetclientstream.c: Add locking to all APIs
  and callbacks
2011-06-29 11:08:59 +01:00
Daniel P. Berrange
7a779ef6a2 Avoid referencing NULL pointer when copying stream error
* src/rpc/virnetclientstream.c: Avoid referencing NULL
2011-06-29 11:08:59 +01:00
Daniel P. Berrange
c9ede1cfba Avoid free'ing a filtered RPC message in the server
When a filter steals an RPC message, that message must
not be freed, except by the filter code itself

* src/rpc/virnetserverclient.c: Don't free stolen RPC
  messages
2011-06-29 11:08:59 +01:00
Daniel P. Berrange
b7337d03ec Improve two log messages in virNetMessage
Improve log messages issued when encountering a bogus
message length to include the actual length and the
limit violated

* src/rpc/virnetmessage.c: Improve log messages
2011-06-29 11:08:59 +01:00
Daniel P. Berrange
59b877b609 Ensure empty payload is written upon stream completion
On stream completion it is neccessary to send back a
message with an empty payload. The message header was
not being filled out correctly, since we were not writing
any payload. Add a method for encoding an empty payload
which updates the message headers correctly.

* src/rpc/virnetmessage.c, src/rpc/virnetmessage.h: Add
  a virNetMessageEncodePayloadEmpty method
* src/rpc/virnetserverprogram.c: Write empty payload on
  stream completion
2011-06-29 11:08:59 +01:00
Daniel P. Berrange
d550277ca7 Lower logging level when failing to register socket watch
The RPC client treats failure to register a socket watch
as non-fatal, since we do not mandate that a libvirt client
application provide an event loop implementation. It is
thus inappropriate to a log a message at VIR_LOG_WARN

* src/rpc/virnetsocket.c: Lower logging level
2011-06-29 11:08:59 +01:00
Daniel P. Berrange
16c6e2b41e Fix propagation of RPC errors from streams
If a streams error is raised, virNetClientIOEventLoop
returns 0, but an error is set. Check for this and
propagate it if present

* src/rpc/virnetclient.c: Propagate streams error
2011-06-29 11:08:59 +01:00
Daniel P. Berrange
d97093437f Fix crash when aborting a stream from a I/O callback
If a callback being invoked from a stream issues a virStreamAbort
operation, the stream data will be free'd but the callback will
then still try to use this. Delay free'ing of the stream data when
a callback is dispatching

* src/fdstream.c: Delay stream free when callback is active
2011-06-29 11:08:59 +01:00
Michal Privoznik
c72aecc5fc screenshot: Set access rights to temporary file
Although we create a temporary file, it is owned by root:root and have
rights 0600. In case qemu does not run under root, it is unable to write
to that file and thus we transfer 0B sized file.
2011-06-29 12:05:34 +02:00
Matthias Bolte
8cce5436dd dnsmasq: Fix errno handling and don't unlink non-existing files
addnhostsSave and hostsfileSave expect < 0 return value on error from
addnhostsWrite and hostsfileWrite but then pass err instead of -err
to virReportSystemError that expects an errno value.

Also addnhostsWrite returns -ENOMEM and errno, change this to -errno.

addnhostsWrite and hostsfileWrite tried to unlink the tempfile after
renaming it, making both fail on the final step. Remove the unnecessary
unlink calls.
2011-06-29 11:38:36 +02:00
Eric Blake
9fdeaeef89 maint: improve makefile whitespace
None of these instances cause any semantic differences, but
consistency is nice.

* src/Makefile.am: Replace leading spaces with tabs.
2011-06-28 22:06:48 -06:00
Osier Yang
c9f604fc4c conf: Fix memory leak in virNetworkDNSDefFormat 2011-06-29 10:45:01 +08:00
Matthias Bolte
eb9dee2b10 network: Don't ignore errors in dnsmasq config file creation 2011-06-29 02:04:55 +02:00
Matthias Bolte
9523b3c320 network: Fix dnsmasq hostsfile creation logic and related tests
networkSaveDnsmasqHostsfile was added in 8fa9c22142 (Apr 2010).
It has a force flag. If the dnsmasq hostsfile already exists force
needs to be true to overwrite it. networkBuildDnsmasqArgv sets force
to false, networkDefine sets it to true. This results in the
hostsfile being written only in networkDefine in the common case.
If no error occurred networkSaveDnsmasqHostsfile returns true and
networkBuildDnsmasqArgv adds the --dhcp-hostsfile to the dnsmasq
command line.

networkSaveDnsmasqHostsfile was changed in 89ae9849f7 (24 Jun 2011)
to return a new dnsmasqContext instead of reusing one. This change broke
the logic of the force flag as now networkSaveDnsmasqHostsfile returns
NULL on error, but the early return -- if force was not set and the
hostsfile exists -- returns 0. This turned the early return in an error
case and networkBuildDnsmasqArgv didn't add the --dhcp-hostsfile option
anymore if the hostsfile already exists. It did because networkDefine
created the hostsfile already.

Then 9d4e2845d4 fixed the return 0 case in networkSaveDnsmasqHostsfile
but didn't apply the force option correctly to the new addnhosts file.
Now force doesn't control an early return anymore, but influences the
handling of the hostsfile context creation and dnsmasqSave is always
called now. This commit also added test cases that reveal several
problems. First, the tests now calls functions that try to write the
dnsmasq config files to disk. If someone runs this tests as root this
might overwrite actively used dnsmasq config files, this is a no-go. Also
the tests depend on configure --localstatedir, this needs to be fixed as
well, because it makes the tests fail when localstatedir is different
from /var.

This patch does several things to fix this:

1) Move dnsmasqContext creation and saving out of networkBuildDnsmasqArgv
to the caller to separate the command line generation from the config
file writing. This makes the command line generation testable without the
risk of interfering with system files, because the tests just don't call
dnsmasqSave.

2) This refactoring of networkSaveDnsmasqHostsfile makes the force flag
useless as the saving happens somewhere else now. This fixes the wrong
usage of the force flag in combination with then newly added addnhosts
file by removing the force flag.

3) Adapt the wrong test cases to the correct behavior, by adding the
missing --dhcp-hostsfile option. Both affected tests contain DHCP host
elements but missed the necessary --dhcp-hostsfile option.

4) Rename networkSaveDnsmasqHostsfile to networkBuildDnsmasqHostsfile,
because it doesn't save the dnsmasqContext anymore.

5) Move all directory creations in dnsmasq context handling code from
the *New functions to dnsmasqSave to avoid directory creations in system
paths in the test cases.

6) Now that networkBuildDnsmasqArgv doesn't create the dnsmasqContext
anymore the test case can create one with the localstatedir that is
expected by the tests instead of the configure --localstatedir given one.
2011-06-29 01:59:34 +02:00
Eric Blake
c8eaba6491 sysinfo: fix parsing regression
Detected by gcc -O2, introduced in commit 532ce9c2.  If dmidecode
outputs a field unrecognized by the parsers, then the code would
dereference an uninitialized eol variable.

* src/util/sysinfo.c (virSysinfoParseBIOS)
(virSysinfoParseSystem, virSysinfoParseProcessor)
(virSysinfoParseMemory): Avoid uninitialized variable.
2011-06-28 13:49:51 -06:00
Eric Blake
cf2affffcc remote: fix uninitialized variable
Detected by gcc -O2:

remote/remote_driver.c: In function 'doRemoteOpen':
remote/remote_driver.c:2753:26: error: 'sasl' may be used uninitialized in this function [-Werror=uninitialized]

* src/remote/remote_driver.c (remoteAuthSASL): Initialize sasl.
2011-06-28 12:25:31 -06:00
Eric Blake
c65fcce8ed build: fix 'make check' when pdwtags is available
Problem introduced in commit 6818cf86.

* src/remote_protocol-structs: Delete unused struct.
2011-06-28 11:44:01 -06:00
Daniel P. Berrange
97e4f21782 Support automatic creation of leases for disks in sanlock
The current sanlock plugin requires a central management
application to manually add <lease> elements to each guest,
to protect resources that are assigned to it (eg writable
disks). This makes the sanlock plugin useless for usage
in more ad hoc deployment environments where there is no
central authority to associate disks with leases.

This patch adds a mode where the sanlock plugin will
automatically create leases for each assigned read-write
disk, using a md5 checksum of the fully qualified disk
path. This can work pretty well if guests are using
stable disk paths for block devices eg /dev/disk/by-path/XXXX
symlinks, or if all hosts have NFS volumes mounted in
a consistent pattern.

The plugin will create one lockspace for managing disks
with filename /var/lib/libvirt/sanlock/__LIBVIRT__DISKS__.
For each VM disks, there will be another file to hold
a lease /var/lib/libvirt/sanlock/5903e5d25e087e60a20fe4566fab41fd
Each VM disk lease is usually 1 MB in size. The script
virt-sanlock-cleanup should be run periodically to remove
unused lease files from the lockspace directory.

To make use of this capability the admin will need to do
several tasks:

 - Mount an NFS volume (or other shared filesystem)
   on /var/lib/libvirt/sanlock
 - Configure 'host_id' in /etc/libvirt/qemu-sanlock.conf
   with a unique value for each host with the same NFS
   mount
 - Toggle the 'auto_disk_leases' parameter in qemu-sanlock.conf

Technically the first step can be skipped, in which case
sanlock will only protect against 2 vms on the same host
using the same disk (or the same VM being started twice
due to error by libvirt).

* src/locking/libvirt_sanlock.aug,
  src/locking/sanlock.conf,
  src/locking/test_libvirt_sanlock.aug: Add config params
  for configuring auto lease setup
* libvirt.spec.in: Add virt-sanlock-cleanup program, man
  page
* tools/virt-sanlock-cleanup.in: Script to purge unused
  disk resource lease files
2011-06-28 18:18:06 +01:00
Daniel P. Berrange
58eb4f2cbb Support loading a configuration file for sanlock plugin
Introduce a configuration file with a single parameter
'require_lease_for_disks', which is used to decide whether
it is allowed to start a guest which has read/write disks,
but without any leases.

* libvirt.spec.in: Add sanlock config file and augeas
  lens
* src/Makefile.am: Install sanlock config file and
  augeas lens
* src/locking/libvirt_sanlock.aug: Augeas master lens
* src/locking/test_libvirt_sanlock.aug: Augeas test file
* src/locking/sanlock.conf: Example sanlock config
* src/locking/lock_driver_sanlock.c: Wire up loading
  of configuration file
2011-06-28 18:07:06 +01:00
Daniel P. Berrange
5df29ebc25 Allow per-driver config file for lock manager plugins
Allow a 'configFile' parameter to be passed into the lock
drivers to provide configuration. Wire up the QEMU driver
to pass in file names '/etc/libvirt/qemu-$NAME.conf
eg qemu-sanlock.conf

* src/locking/lock_driver.h, src/locking/lock_driver_nop.c,
  src/locking/lock_driver_sanlock.c, src/locking/lock_manager.c,
  src/locking/lock_manager.h: Add configFile parameter
* src/qemu/qemu_conf.c: Pass in configuration file path to
  lock driver plugins
2011-06-28 18:07:06 +01:00
Laine Stump
25171f607c network: add domain to unqualified names defined with <host>
If a domain name is defined for a network, add the --expand-hosts
option to the dnsmasq commandline. This results in the domain being
added to any hostname that is defined in a dns <host> element and
contains no '.' characters (i.e. it is an "unqualified"
hostname). Since PTR records are automatically created for any name
defined in <host>, the result of a PTR request will change from the
unqualified name to the qualified name.

This also has the same effect on any hostnames that dnsmasq reads
from the host's /etc/hosts file.

(In the case of guest hostnames that were learned by dnsmasq via DHCP
requests, they were already getting the domain name added on, even
without --expand-hosts).
2011-06-28 12:57:14 -04:00
Daniel P. Berrange
6818cf8690 Cleanup remote protocol definitions
The standard remote protocol for libvirtd no longer needs to
include definitions of the generic message header/error structs
or status codes. This is all defined in the generic RPC protocol

* src/remote/remote_protocol.x: Remove all RPC message definitions
* src/remote/remote_protocol.h, src/remote/remote_protocol.c:
  Re-generate
* daemon/remote_generate_stubs.pl: Delete obsolete script
2011-06-28 17:33:31 +01:00
Daniel P. Berrange
df0b57a95a Convert libvirtd over to the new RPC handling APIs
This guts the libvirtd daemon, removing all its networking and
RPC handling code. Instead it calls out to the new virServerPtr
APIs for all its RPC & networking work

As a fallout all libvirtd daemon error reporting now takes place
via the normal internal error reporting APIs. There is no need
to call separate error reporting APIs in RPC code, nor should
code use VIR_WARN/VIR_ERROR for reporting fatal problems anymore.

* daemon/qemu_dispatch_*.h, daemon/remote_dispatch_*.h: Remove
  old generated dispatcher code
* daemon/qemu_dispatch.h, daemon/remote_dispatch.h: New dispatch
  code
* daemon/dispatch.c, daemon/dispatch.h: Remove obsoleted code
* daemon/remote.c, daemon/remote.h: Rewrite for new dispatch
  APIs
* daemon/libvirtd.c, daemon/libvirtd.h: Remove all networking
  code
* daemon/stream.c, daemon/stream.h: Update for new APIs
* daemon/Makefile.am: Link to libvirt-net-rpc-server.la
2011-06-28 17:33:19 +01:00
Daniel P. Berrange
c1b2264477 Convert the remote driver to new RPC client APIs
This guts the current remote driver, removing all its networking
handling code. Instead it calls out to the new virClientPtr and
virClientProgramPtr APIs for all RPC & networking work.

* src/Makefile.am: Link remote driver with generic RPC code
* src/remote/remote_driver.c: Gut code, replacing with RPC
  API calls
* src/rpc/gendispatch.pl: Update for changes in the way
  streams are handled
2011-06-28 17:33:12 +01:00
Daniel P. Berrange
51ae69be69 Add XDR_CFLAGS to libvirt-net-rpc.la library
* src/Makefile.am: Add XDR_CFLAGS
2011-06-28 17:33:06 +01:00
Daniel P. Berrange
5247b0695a Ensure sanlock socket is labelled with the VM process label
The libvirt sanlock plugin is intentionally leaking a file
descriptor to QEMU. To enable QEMU to use this FD under
SELinux, it must be labelled correctly. We dont want to use
the svirt_image_t for this, since QEMU must not be allowed
to actually use the FD. So instead we label it with svirt_t
using virSecurityManagerSetProcessFDLabel

* src/locking/domain_lock.c, src/locking/domain_lock.h,
  src/locking/lock_driver.h, src/locking/lock_driver_nop.c,
  src/locking/lock_driver_sanlock.c, src/locking/lock_manager.c,
  src/locking/lock_manager.h: Optionally pass an FD back to
  the hypervisor for security driver labelling
* src/qemu/qemu_process.c: label the lock manager plugin
  FD with the process label
2011-06-28 16:41:46 +01:00
Daniel P. Berrange
8e3c6fbbe6 Add a virSecurityManagerSetProcessFDLabel
Add a new security driver method for labelling an FD with
the process label, rather than the image label

* src/libvirt_private.syms, src/security/security_apparmor.c,
  src/security/security_dac.c, src/security/security_driver.h,
  src/security/security_manager.c, src/security/security_manager.h,
  src/security/security_selinux.c, src/security/security_stack.c:
  Add virSecurityManagerSetProcessFDLabel & impl
2011-06-28 16:39:30 +01:00
Daniel P. Berrange
4438c63e71 Rename virSecurityManagerSetFDLabel method
The virSecurityManagerSetFDLabel method is used to label
file descriptors associated with disk images. There will
shortly be a need to label other file descriptors in a
different way. So the current name is ambiguous. Rename
the method to virSecurityManagerSetImageFDLabel to clarify
its purpose

* src/libvirt_private.syms,
  src/qemu/qemu_migration.c, src/qemu/qemu_process.c,
  src/security/security_apparmor.c, src/security/security_dac.c,
  src/security/security_driver.h, src/security/security_manager.c,
  src/security/security_manager.h, src/security/security_selinux.c,
  src/security/security_stack.c: s/FDLabel/ImageFDLabel/
2011-06-28 16:39:22 +01:00
Matthias Bolte
f0739fc579 Add node prefix to virNodeGet(CPU|Memory)Stats structs and defines 2011-06-28 17:18:33 +02:00
Jiri Denemark
ad7b327690 qemu: Fix update device for CURRENT + FORCE flags
When CURRENT and FORCE flags were used together, UpdateDeviceFlags did
nothing because it failed to transform CURRENT into either LIVE or
CONFIG.
2011-06-28 14:21:50 +02:00
Stefan Berger
ecfbf79541 nwfilter: Return error message about unresolvable variables
This is in response to bugzilla 664629

https://bugzilla.redhat.com/show_bug.cgi?id=664629

The patch below returns an appropriate error message if the chain of
nwfilters is found to contain unresolvable variables and therefore
cannot be instantiated.

Example: The following XMl added to a domain:

    <interface type='bridge'>
      <mac address='52:54:00:9f:80:45'/>
      <source bridge='virbr0'/>
      <model type='virtio'/>
      <filterref filter='test'/>
    </interface>

that references the following filter

<filter name='test' chain='root'>
  <filterref filter='clean-traffic'/>
  <filterref filter='allow-dhcp-server'/>
</filter>

now displays upon 'virsh start mydomain'

error: Failed to start domain mydomain
error: internal error Cannot instantiate filter due to unresolvable variable: DHCPSERVER

'DHPCSERVER' is contained in allow-dhcp-server.
2011-06-27 12:53:59 -04:00
Eric Blake
28e45afc3f build: rename Vcpupin to VcpuPin
We already have a public virDomainPinVcpu, which implies that
Pin and Vcpu are treated as separate words.  Unreleased commit
e261987c introduced virDomainGetVcpupinInfo as the first public
API that used Vcpupin, although we had prior internal uses of
that spelling.  For consistency, change the spelling to be two
words everywhere, regardless of whether pin comes first or last.

* daemon/remote.c: Treat vcpu and pin as separate words.
* include/libvirt/libvirt.h.in: Likewise.
* src/conf/domain_conf.c: Likewise.
* src/conf/domain_conf.h: Likewise.
* src/driver.h: Likewise.
* src/libvirt.c: Likewise.
* src/libvirt_private.syms: Likewise.
* src/libvirt_public.syms: Likewise.
* src/libxl/libxl_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/xen/xend_internal.c: Likewise.
* tools/virsh.c: Likewise.
* src/remote/remote_protocol.x: Likewise.
* src/remote_protocol-structs: Likewise.
Suggested by Matthias Bolte.
2011-06-27 09:55:11 -06:00
Minoru Usui
0a755f66d5 sysinfo: cleanup function/struct names.
Fix lack of 'virSysinfo' prefix of functions/structs in src/util/sysinfo.[ch]
2011-06-27 09:41:03 -06:00
Minoru Usui
a6c85d44e0 sysinfo: fix lack of error check in virSysinfoFormat().
Fix lack of error check in virSysinfoFormat().

Signed-off-by: Minoru Usui <usui@mxm.nes.nec.co.jp>
2011-06-27 09:40:38 -06:00
Matthias Bolte
072ea80ff2 tests: Partly fix networkxml2argvtest being configure result dependent
Convert networkDnsmasqLeaseFileName to a replaceable function pointer
that allow the testsuite to use a version of that function that is not
depending on configure --localstatedir.

This fixes 5 of 6 test failures, when configure --localstatedir isn't
set to /var.
2011-06-27 17:22:25 +02:00
Osier Yang
79306739db qemu: Remove bogus error codes for NUMA memory tuning
This is no code between virSaveLastError and virGetLastError will
set an error, remove the bogus codes.
2011-06-27 23:20:15 +08:00
Laine Stump
8e49ade18a network: fix indentation in networkBuildDnsmasqArgv
This block was inadvertently added with the wrong indentation.
2011-06-27 11:06:30 -04:00
Eric Blake
2bebf93846 build: avoid uninitialized variable
Caught by gcc -O2, during autobuild.sh.

* src/qemu/qemu_driver.c (qemudDomainGetVcpupinInfo): Initialize vm.
2011-06-24 20:55:32 -06:00
Eric Blake
481e4d795c build: fix VPATH builds
The build currently fails when trying to create virnetprotocol.c
into $(builddir)/rpc, which doesn't exist.  But since the file
is part of the tarball, it should be generated into $(srcdir).
Caught by autobuild.sh.

* src/Makefile.am (VIR_NET_RPC_GENERATED): Generate into srcdir.
2011-06-24 20:55:23 -06:00
Taku Izumi
291162abf4 vcpupin: implement the remote protocol to address the new API
This patch implements the remote protocol to address the new API
(virDomainGetVcpupinInfo).

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2011-06-24 17:00:22 -06:00
Taku Izumi
96414c4ed1 vcpupin: implement the code to support new API for the qemu driver
This patch implements the code to address the new API (virDomainGetVcpupinInfo)
in the qemu driver.

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2011-06-24 17:00:22 -06:00
Taku Izumi
e261987c5a vcpupin: introduce the new libvirt API (virDomainGetVcpupinInfo)
This patch introduces a new libvirt API (virDomainGetVcpupinInfo),
as a counterpart to virDomainPinVcpuFlags.

We can use virDomainGetVcpus API to retrieve CPU affinity information,
but can't use this API against inactive domains (at least in case of KVM),
as it lacks a flags parameter.
The usual thing is to add a new virDomainGetVcpusFlags, but that API name
is already occupied by the counterpart to virDomainGetMaxVcpus, which
has a completely different signature.

The virDomainGetVcpupinInfo is the new API to retrieve CPU affinity
information of active and inactive domains.  While the usual convention
is to list an array before its length, this API violates that rule
in order to be more like virDomainGetVcpus (where maxinfo was doing
double-duty as the length of two different arrays).

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2011-06-24 17:00:22 -06:00
Eric Blake
4a27eb1398 buf: protect against integer overflow
It's unlikely that we'll ever want to escape a string as long as
INT_MAX/6, but adding this check can't hurt.

* src/util/buf.c (virBufferEscapeSexpr, virBufferEscapeString):
Check for (unlikely) overflow.
2011-06-24 16:01:56 -06:00
Eric Blake
774b21c163 remote: protect against integer overflow
Integer overflow and remote code are never a nice mix.

This has existed since commit 56cd414.

* src/libvirt.c (virDomainGetVcpus): Reject overflow up front.
* src/remote/remote_driver.c (remoteDomainGetVcpus): Avoid overflow
on sending rpc.
* daemon/remote.c (remoteDispatchDomainGetVcpus): Avoid overflow on
receiving rpc.
2011-06-24 15:57:23 -06:00
Eric Blake
89d994ad6b build: update gnulib for intprops
Done as a separate commit to make backporting the next patch easier.
We are already using "intprops.h", but this makes it explicit.

* .gnulib: Update, for syntax-check fix.
* bootstrap.conf (gnulib_modules): Make intprops use explicit.
* src/locking/domain_lock.c (includes): Drop unused header.
* src/nwfilter/nwfilter_learnipaddr.c (includes): Use "", not <>,
for gnulib.
2011-06-24 15:52:52 -06:00
Matthias Bolte
d95f673ad2 Rename iface(G|S)etMacaddr to iface(G|S)etMacAddress for consistency 2011-06-24 23:06:56 +02:00
Matthias Bolte
a800d66b72 Fix typo in libvirt_private.syms
Triggered a linker error on MinGW.
2011-06-24 22:39:48 +02:00
Michal Novotny
9d4e2845d4 Network: Add support for DNS hosts definition to the network XML
This commit introduces names definition for the DNS hosts file using
the following syntax:

  <dns>
    <host ip="192.168.1.1">
      <name>alias1</name>
      <name>alias2</name>
    </host>
  </dns>

Some of the improvements and fixes were done by Laine Stump so
I'm putting him into the SOB clause again ;-)

Signed-off-by: Michal Novotny <minovotn@redhat.com>
Signed-off-by: Laine Stump <laine@laine.org>
2011-06-24 16:15:36 -04:00
Michal Novotny
91b7924eee Network: Add additional hosts internal infrastructure
Signed-off-by: Michal Novotny <minovotn@redhat.com>
2011-06-24 16:15:33 -04:00
Michal Novotny
89ae9849f7 Network: modify dnsmasq commandline build function to allow testing
The dnsmasq commandline was being built as a part of running
dnsmasq. This patch puts the commandline build into a separate
function (and exports it as a private API) making it possible to build
a dnsmasq commandline without executing it, so that we can write a
test program to verify that the proper commandlines are being created.

Signed-off-by: Michal Novotny <minovotn@redhat.com>
2011-06-24 16:15:17 -04:00
Michal Novotny
5dd986dbd7 Add TXT record support for virtual DNS service
This commit introduces the <dns> element and <txt> record for the
virtual DNS network. The DNS TXT record can be defined using following
syntax in the network XML file:

  <dns>
    <txt name="example" value="example value" />
  </dns>

Also, the Relax-NG scheme has been altered to allow the texts without
spaces only for the name element and some nitpicks about memory
free'ing have been fixed by Laine so therefore I'm adding Laine to the
SOB clause ;-)

Signed-off-by: Michal Novotny <minovotn@redhat.com>
Signed-off-by: Laine Stump <laine@laine.org>
2011-06-24 16:15:12 -04:00
Jamie Strandboge
0b501bd4e1 Move load of AppArmor profile to GenLabel()
Commit 12317957ec introduced an incompatible
architectural change for the AppArmor security driver. Specifically,
virSecurityManagerSetAllLabel() is now called much later in
src/qemu/qemu_process.c:qemuProcessStart(). Previously, SetAllLabel() was
called immediately after GenLabel() such that after the dynamic label (profile
name) was generated, SetAllLabel() would be called to create and load the
AppArmor profile into the kernel before qemuProcessHook() was executed. With
12317957ec, qemuProcessHook() is now called
before SetAllLabel(), such that aa_change_profile() ends up being called
before the AppArmor profile is loaded into the kernel (via ProcessLabel() in
qemuProcessHook()).

This patch addresses the change by making GenLabel() load the AppArmor
profile into the kernel after the label (profile name) is generated.
SetAllLabel() is then adjusted to only reload_profile() and append stdin_fn to
the profile when it is specified. This also makes the AppArmor driver work
like its SELinux counterpart with regard to SetAllLabel() and stdin_fn.
Bug-Ubuntu: https://launchpad.net/bugs/801569
2011-06-24 10:09:44 -06:00
Eric Blake
db323e3b97 docs: document correct flag name
When adding virDomainGetVcpusFlags in commit ea3f5c6, I did
enough rebasing that the doc comments in libvirt.c no longer
matched the final chosen enum names in libvirt.h.

And now we've gone ahead and deprecated the names
VIR_DOMAIN_VCPU_{LIVE,CONFIG}.

* src/libvirt.c (virDomainGetVcpusFlags): Fix comment.
2011-06-24 09:04:49 -06:00
Eric Blake
1aa859d633 Revert "Add new API virDomainBlockPull* to headers"
This reverts commit 7d56a16d03.

Conflicts:

	python/generator.py
	src/libvirt_public.syms
2011-06-24 08:41:25 -06:00
Eric Blake
6389bea91c Revert "virDomainBlockPull: Implement the main entry points"
This reverts commit 6419f596e1.
2011-06-24 08:41:25 -06:00
Eric Blake
9872323623 Revert "Add virDomainBlockPull support to the remote driver"
This reverts commit d1693bb160.

Conflicts:

	daemon/remote.c
	src/remote/remote_driver.c
	src/remote/remote_protocol.x
2011-06-24 08:41:25 -06:00
Eric Blake
3c2f0a17e2 Revert "Implement virDomainBlockPull for the qemu driver"
This reverts commit 784ee08d22.
2011-06-24 08:41:25 -06:00
Eric Blake
c4c59e7228 Revert "Asynchronous event for BlockPull completion"
This reverts commit 12cd77a0c5.

Conflicts:

	python/libvirt-override-virConnect.py
	python/libvirt-override.c
	src/remote/remote_protocol.x
2011-06-24 08:41:24 -06:00
Eric Blake
98d83094a0 build: fix NUMA build on RHEL 5
Use NUMA's older nodemask_t (fixed-size map) rather than the newer
'struct bitmask' (variable-size) in order to still compile on RHEL 5,
with its numactl-devel-0.9.8.

* src/qemu/qemu_process.c [HAVE_NUMA]: Prefer back-compat mode.
(qemuProcessInitNumaMemoryPolicy): Use older nodemask_t.
2011-06-24 08:24:10 -06:00
Minoru Usui
b46832971c Add Memory Device Information to virSysinfoRead() from dmidecode type 17
* src/util/sysinfo.[ch]: also parse and save all the SMBIOS informations
  about memory modules
2011-06-24 22:22:09 +08:00
Minoru Usui
49156a7a11 Add Processor Information to virSysinfoRead() from dmidecode type 4
* src/util/sysinfo.c: add parsing and formatting of processor
  information data
2011-06-24 22:22:09 +08:00
Minoru Usui
532ce9c22f Cleanup virSysinfoRead()
* src/util/sysinfo.c: Separate BIOSInfo and SystemInfo part from
                      virSysinfoRead()
2011-06-24 22:22:09 +08:00
Daniel P. Berrange
789ab2cc9f Make sure virnetprotocol.[ch] are in BUILT_SOURCES
To ensure virnetprotocol.[ch] are generated before any other
files, add them to BUILT_SOURCES and MAINTAINERCLEANFILES.
At the same time, move ESX_DRIVER_GENERATED out of DISTCLEAN
and into MAINTAINERCLEANFILES, since they are included in
EXTRA_DIST

* src/Makefile.am: Add virnetprotocol.[ch] to BUILT_SOURCES
2011-06-24 15:19:41 +01:00
Eric Blake
acb31cf59b maint: typo fixes
* src/xenxs/xen_sxpr.c (xenParseSxprPCI): Comment fix.
* tests/object-locking.ml (driverTables): Likewise.
* tests/testutils.c (virtTestDifferenceBin): Likewise.
2011-06-24 08:01:10 -06:00
Daniel P. Berrange
d6bf7703d0 Fix some bugs in RPC protocol make rules
The Makefile.am rules for generating RPC protocol had a couple
of bugs

 - A instance of remote/rpcgen_fix.pl  was not changed
   to rpc/genprotocol.pl
 - A dep from rpc/virnetmessage.h on the generated
   rpc/virnetprotocol.h was missing
 - The generated rpc/virnetprotocol.[ch] were not listed
   in MAINTAINERCLEANFILES

* Makefile.am: Fix RPC protocol generation
2011-06-24 14:37:25 +01:00
Daniel P. Berrange
c0cd292933 Add missing translation of error message from QEMU reboot patch
* src/qemu/qemu_process.c: Add missing _(...)
2011-06-24 12:25:00 +01:00
Daniel P. Berrange
7479831311 Fix job type set in qemuMigrationPrepareDirect/PrepareTunnel
The qemuMigrationPrepareDirect/PrepareTunnel methods accidentally
set the domain job to  QEMU_JOB_MIGRATION_OUT when it should have
been  QEMU_JOB_MIGRATION_IN. This didn't have any ill-effect, but
it is none-the-less wrong.

* src/qemu/qemu_migration.c: Fix job type
2011-06-24 12:15:10 +01:00
Daniel P. Berrange
bd180de57b Avoid high privileges taint warning for QEMU session driver
The code emitting taint warnings was mistakenly thinking
that guests run from the QEMU session driver were tainted
for having high privileges. This is of course nonsense
since the session driver is always unprivileged

* src/qemu/qemu_domain.c: Don't warn for high privileges in
  non-privileged QEMU
2011-06-24 12:15:10 +01:00
Daniel P. Berrange
3ba937da42 Allow automatic kill of guests when a connection is closed
If an application is using libvirt + KVM as a piece of its
internal infrastructure to perform a specific task, it can
be desirable to guarentee the VM dies when the virConnectPtr
disconnects from libvirtd. This ensures the app can't leak
any VMs it was using. Adding VIR_DOMAIN_START_AUTOKILL as
a flag when starting guests enables this to be done.

* include/libvirt/libvirt.h.in: All VIR_DOMAIN_START_AUTOKILL
* src/qemu/qemu_driver.c: Support automatic killing of guests
  upon connection close
* tools/virsh.c: Add --autokill flag to 'start' and 'create'
  commands
2011-06-24 12:15:10 +01:00
Daniel P. Berrange
2c2effa1d7 Automatically kill target QEMU if migration aborts abnormally
Migration is a multi-step process

  1. Begin(src)
  2. Prepare(dst)
  3. Perform(src)
  4. Finish(dst)
  5. Confirm(src)

At step 2, a QEMU process is lauched in the destination to
accept the incoming migration. Occasionally the process
that is controlling the migration workflow aborts, and fails
to call step 4, Finish. This leaves a QEMU process running
on the target (albeit with paused CPUs). Unfortunately because
step 2 actives a job on the QEMU process, it is unkillable by
normal means.

By registering the VM for autokill against the src virConnectPtr
in step 2, we can ensure that the guest is forcefully killed off
if the connection is closed without step 4 being invoked

* src/qemu/qemu_migration.c: Register autokill in PrepareDirect
  and PrepareTunnel. Unregister autokill on successful run
  of Finish
* src/qemu/qemu_process.c: Unregister autokill when stopping a
  process
2011-06-24 12:15:10 +01:00
Daniel P. Berrange
558b7fd03d Add infrastructure to automatically destroy guests when a connection closes
Sometimes it is useful to be able to automatically destroy a guest when
a connection is closed. For example, kill an incoming migration if
the client managing the migration dies. This introduces a map between
guest 'uuid' strings and virConnectPtr objects. When a connection is
closed, any associated guests are killed off.

* src/qemu/qemu_conf.h: Add autokill hash table to qemu driver
* src/qemu/qemu_process.c, src/qemu/qemu_process.h: Add APIs
  for performing autokill of guests associated with a connection
* src/qemu/qemu_driver.c: Initialize autodestroy map
2011-06-24 12:15:10 +01:00
Daniel P. Berrange
42f43592be Support reboots with the QEMU driver
For controlled shutdown we issue a 'system_powerdown' command
to the QEMU monitor. This triggers an ACPI event which (most)
guest OS wire up to a controlled shutdown. There is no equiv
ACPI event to trigger a controlled reboot. This patch attempts
to fake a reboot.

 - In qemuDomainObjPrivatePtr we have a bool fakeReboot
   flag.
 - The virDomainReboot method sets this flag and then
   triggers a normal 'system_powerdown'.
 - The QEMU process is started with '-no-shutdown'
   so that the guest CPUs pause when it powers off the
   guest
 - When we receive the 'POWEROFF' event from QEMU JSON
   monitor if fakeReboot is not set we invoke the
   qemuProcessKill command and shutdown continues
   normally
 - If fakeReboot was set, we spawn a background thread
   which issues 'system_reset' to perform a warm reboot
   of the guest hardware. Then it issues 'cont' to
   start the CPUs again

* src/qemu/qemu_command.c: Add -no-shutdown flag if
  we have JSON support
* src/qemu/qemu_domain.h: Add 'fakeReboot' flag to
  qemuDomainObjPrivate struct
* src/qemu/qemu_driver.c: Fake reboot using the
  system_powerdown command if JSON support is available
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
  src/qemu/qemu_monitor_json.c, src/qemu/qemu_monitor_json.h,
  src/qemu/qemu_monitor_text.c, src/qemu/qemu_monitor_text.h: Add
  binding for system_reset command
* src/qemu/qemu_process.c: Reset the guest & start CPUs if
  fakeReboot is set
2011-06-24 12:13:47 +01:00
Daniel P. Berrange
b17b4afafd Move the RPC generator scripts into src/rpc
Move the daemon/remote_generator.pl to src/rpc/gendispatch.pl
and move the src/remote/rpcgen_fix.pl to src/rpc/genprotocol.pl

* daemon/Makefile.am: Update for new name/location of generator
* src/Makefile.am: Update for new name/location of generator
2011-06-24 11:48:49 +01:00
Daniel P. Berrange
434de30da5 Introduce generic RPC client objects
To facilitate creation of new clients using XDR RPC services,
pull alot of the remote driver code into a set of reusable
objects.

 - virNetClient: Encapsulates a socket connection to a
   remote RPC server. Handles all the network I/O for
   reading/writing RPC messages. Delegates RPC encoding
   and decoding to the registered programs

 - virNetClientProgram: Handles processing and dispatch
   of RPC messages for a single RPC (program,version).
   A program can register to receive async events
   from a client

 - virNetClientStream: Handles generic I/O stream
   integration to RPC layer

Each new client program now merely needs to define the list of
RPC procedures & events it wants and their handlers. It does
not need to deal with any of the network I/O functionality at
all.
2011-06-24 11:48:45 +01:00
Daniel P. Berrange
e23ec81db6 Introduce generic RPC module for advertising via MDNS
Allow RPC servers to advertise themselves using MDNS,
via Avahi

* src/rpc/virnetserver.c, src/rpc/virnetserver.h: Allow
  registration of MDNS services via avahi
* src/rpc/virnetserverservice.c, src/rpc/virnetserverservice.h: Add
  API to fetch the listen port number
* src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Add API to
  fetch the local port number
* src/rpc/virnetservermdns.c, src/rpc/virnetservermdns.h: Represent
  an MDNS advertisement
2011-06-24 11:48:41 +01:00
Daniel P. Berrange
4e00b1da8a Introduce generic RPC server objects
To facilitate creation of new daemons providing XDR RPC services,
pull a lot of the libvirtd daemon code into a set of reusable
objects.

 * virNetServer: A server contains one or more services which
   accept incoming clients. It maintains the list of active
   clients. It has a list of RPC programs which can be used
   by clients. When clients produce a complete RPC message,
   the server passes this onto the corresponding program for
   handling, and queues any response back with the client.

 * virNetServerClient: Encapsulates a single client connection.
   All I/O for the client is handled, reading & writing RPC
   messages.

 * virNetServerProgram: Handles processing and dispatch of
   RPC method calls for a single RPC (program,version).
   Multiple programs can be registered with the server.

 * virNetServerService: Encapsulates socket(s) listening for
   new connections. Each service listens on a single host/port,
   but may have multiple sockets if on a dual IPv4/6 host.

Each new daemon now merely has to define the list of RPC procedures
& their handlers. It does not need to deal with any network related
functionality at all.
2011-06-24 11:48:37 +01:00
Daniel P. Berrange
f5fa167e8d Integrate TLS/SASL directly into the socket APIs
This extends the basic virNetSocket APIs to allow them to have
a handle to the TLS/SASL session objects, once established.
This ensures that any data reads/writes are automagically
passed through the TLS/SASL encryption layers if required.

* src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Wire up
  SASL/TLS encryption
2011-06-24 11:48:30 +01:00
Daniel P. Berrange
bb1c9296f5 Generic module for handling SASL authentication & encryption
This provides two modules for handling SASL

 * virNetSASLContext provides the process-wide state, currently
   just a whitelist of usernames on the server and a one time
   library init call

 * virNetTLSSession provides the per-connection state, ie the
   SASL session itself. This also include APIs for providing
   data encryption/decryption once the session is established

* src/Makefile.am: Add to libvirt-net-rpc.la
* src/rpc/virnetsaslcontext.c, src/rpc/virnetsaslcontext.h: Generic
  SASL handling code
2011-06-24 11:48:25 +01:00
Daniel P. Berrange
30fd0bbbfc Generic module for handling TLS encryption and x509 certs
This provides two modules for handling TLS

 * virNetTLSContext provides the process-wide state, in particular
   all the x509 credentials, DH params and x509 whitelists
 * virNetTLSSession provides the per-connection state, ie the
   TLS session itself.

The virNetTLSContext provides APIs for validating a TLS session's
x509 credentials. The virNetTLSSession includes APIs for performing
the initial TLS handshake and sending/recving encrypted data

* src/Makefile.am: Add to libvirt-net-rpc.la
* src/rpc/virnettlscontext.c, src/rpc/virnettlscontext.h: Generic
  TLS handling code
2011-06-24 11:48:22 +01:00
Daniel P. Berrange
58b5b14e5e Introduce a generic object for using network sockets
Introduces a simple wrapper around the raw POSIX sockets APIs
and name resolution APIs. Allows for easy creation of client
and server sockets with correct usage of name resolution APIs
for protocol agnostic socket setup.

It can listen for UNIX and TCP stream sockets.

It can connect to UNIX, TCP streams directly, or indirectly
to UNIX sockets via an SSH tunnel or external command

* src/Makefile.am: Add to libvirt-net-rpc.la
* src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Generic
  sockets APIs
* tests/Makefile.am: Add socket test
* tests/virnetsockettest.c: New test case
* tests/testutils.c: Avoid overriding LIBVIRT_DEBUG settings
* tests/ssh.c: Dumb helper program for SSH tunnelling tests
2011-06-24 11:48:18 +01:00
Daniel P. Berrange
ceacc1dd4f Provide a simple object for encoding/decoding RPC messages
This provides a new struct that contains a buffer for the RPC
message header+payload, as well as a decoded copy of the message
header. There is an API for applying a XDR encoding & decoding
of the message headers and payloads. There are also APIs for
maintaining a simple FIFO queue of message instances.

Expected usage scenarios are:

To send a message

   msg = virNetMessageNew()

   ...fill in msg->header fields..
   virNetMessageEncodeHeader(msg)
   ...loook at msg->header fields to determine payload filter
   virNetMessageEncodePayload(msg, xdrfilter, data)
   ...send msg->bufferLength worth of data from buffer

To receive a message

   msg = virNetMessageNew()
   ...read VIR_NET_MESSAGE_LEN_MAX of data into buffer
   virNetMessageDecodeLength(msg)
   ...read msg->bufferLength-msg->bufferOffset of data into buffer
   virNetMessageDecodeHeader(msg)
   ...look at msg->header fields to determine payload filter
   virNetMessageDecodePayload(msg, xdrfilter, data)
   ...run payload processor

* src/Makefile.am: Add to libvirt-net-rpc.la
* src/rpc/virnetmessage.c, src/rpc/virnetmessage.h: Internal
  message handling API.
* testutils.c, testutils.h: Helper for printing binary differences
* virnetmessagetest.c: Validate all XDR encoding/decoding
2011-06-24 11:48:14 +01:00
Daniel P. Berrange
980a132a24 Defines the basics of a generic RPC protocol in XDR
This patch defines the basics of a generic RPC protocol in XDR.
This is wire ABI compatible with the original remote_protocol.x.
It takes everything except for the RPC calls / events from that
protocol

 - The basic header virNetMessageHeader (aka remote_message_header)
 - The error object virNetMessageError  (aka remote_error)
 - Two dummy objects virNetMessageDomain & virNetMessageNetwork
   sadly needed to keep virNetMessageError ABI compatible with
   the old remote_error

The RPC protocol supports method calls, async events and
bidirectional data streams as before

* src/Makefile.am: Add rules for generating RPC code from
  protocol & define a new libvirt-net-rpc.la helper library
* src/rpc/virnetprotocol.x: New generic RPC protocol
2011-06-24 11:48:10 +01:00
Eric Blake
ab228c81f2 build: avoid compiler failure
GCC complained about a C99 for-loop declaration outside of C99 mode
when compiling on RHEL 5.

* src/qemu/qemu_driver.c (qemudDomainPinVcpuFlags): Avoid C99 for
loop, since gcc 4.1.2 hates it.
2011-06-23 21:57:58 -06:00
Stefan Berger
f7ed693666 build: fix compilation on systems missing libnl and new includes
This patch fixes the compilation of netlink.c and interface.c on those
systems missing either libnl or that have an older linux/if_link.h
include file not supporting macvtap or VF_PORTS.

WITH_MACVTAP is '1' if newer include files were detected, '0' otherwise.

IFLA_PORT_MAX is defined in linux/if_link.h if yet more functionality is
supported.
2011-06-23 11:54:11 -04:00
Matthias Bolte
82915370f7 docs: Make virConnectClose comply to apibuild.py expectations
apibuild.py expects a sentence that starts with "Returns"
describing the return value of a function.
2011-06-23 12:25:23 +02:00
Osier Yang
91141474f8 util: Fix memory leak in virJSONParserHandleStartMap 2011-06-23 18:16:31 +08:00
Osier Yang
d61820df98 qemu: Fix memory leak in qemuProcessWaitForMonitor
Move "VIR_FREE(buf) into label "closelog", so that "buf" could be
freed before returning.
2011-06-23 18:15:25 +08:00
Jiri Denemark
6a15cc6b90 qemu: Only check for NUMA availability if required
We only care about NUMA availability if NUMA configuration is requested
in domain XML.
2011-06-23 09:39:54 +02:00
Matthew Booth
10208cc503 storage: fix volDelete return when volume still being allocated
volDelete used to return VIR_ERR_INTERNAL_ERROR when attempting to
delete a volume which was still being allocated. It should return
VIR_ERR_OPERATION_INVALID.

* src/storage/storage_driver.c: Fix return of volDelete.
2011-06-23 11:28:29 +08:00
Eric Blake
60bfd5b565 util: avoid PATH_MAX-sized array
See previous patch for why this is good...

* src/util/pci.c (struct _pciDevice, pciGetDevice, pciFreeDevice):
Manage path dynamically.  Report snprintf overflow.
* src/util/hostusb.c (struct _usbDevice, usbGetDevice)
(usbFreeDevice): Likewise.
2011-06-22 17:13:58 -06:00
Eric Blake
565c975f9b xen: avoid PATH_MAX-sized array
See previous patch for why this is good...

* src/xen/xen_driver.h (xenXMConfCache): Manage filename
dynamically.
* src/xen/xm_internal.c (xenXMConfigCacheAddFile)
(xenXMConfigFree, xenXMDomainDefineXML): Likewise.
2011-06-22 17:13:58 -06:00
Eric Blake
ca8b4cec6d tests: avoid PATH_MAX-sized array
See previous patch for why this is good...

* src/test/test_driver.c (struct _testConn, testOpenFromFile)
(testClose): Manage path dynamically.
2011-06-22 17:13:58 -06:00
Eric Blake
aa286e537d virStorageVol: avoid PATH_MAX-sized array
POSIX allows implementations where PATH_MAX is undefined, leading
to compilation error.  Not to mention that even if it is defined,
it is often wasteful in relation to the amount of data being stored.

All clients of vol->key were audited, and found not to care about
whether key is static or dynamic, except for these offenders:

* src/datatypes.h (struct _virStorageVol): Manage key dynamically.
* src/datatypes.c (virReleaseStorageVol): Free key.
(virGetStorageVol): Copy key.
2011-06-22 17:13:58 -06:00
Eric Blake
26dc216ae8 maint: add omitted copyright header
Bug introduced in commit 6a597883.

* src/util/netlink.h: Add boilerplate.
2011-06-22 15:42:51 -06:00
Eric Blake
dbcd8c5967 docs: fix docs to match behavior of virConnectClose
* src/libvirt.c (virConnectClose): Mention reference count return.
Reported by Michal Novotny, analyzed by Matthias Bolte.
2011-06-22 13:25:56 -06:00
Stefan Berger
df3d8c362d cleanup: make several interface functions commonly available
In a second cleanup step this patch makes several interface functions from macvtap.c commonly available by moving them into interface.c and prefixing their names with 'iface'. Those functions taking Linux-specific structures as parameters are only visible on Linux.

ifaceRestoreMacAddress returns the return code from the ifaceSetMacAddr call and display an error message if setting the MAC address did not work. The caller is unchanged and still ignores the return code (which is ok).
2011-06-22 14:28:57 -04:00
Stefan Berger
6a5978833a cleanup: make nlComm commonly available
In a first cleanup step, make nlComm from macvtap.c commonly available
for other code to use. Since nlComm uses Linux-specific structures as
parameters it's prototype is only visible on Linux.
2011-06-22 14:17:36 -04:00
Daniel P. Berrange
abb82f53ed Fix use-after-free in handling domain taint flags
* src/conf/domain_conf.c: Fix use after free
2011-06-22 17:39:45 +01:00
Daniel P. Berrange
caf808c790 Remove macvtap dependency on domain configuration
Files under src/util must not depend on src/conf
Solve the macvtap problem by moving the definition
of macvtap modes from domain_conf.h into macvtap.h

* src/util/macvtap.c, src/util/macvtap.h: Add enum
  for macvtap modes
* src/conf/domain_conf.c, src/conf/domain_conf.h: Remove
  enum for macvtap modes
2011-06-22 17:39:06 +01:00
Osier Yang
73b9246df9 util: Correct the error prompt string
virCommandProcessIO: It's reading from stdout or stderr of child,
but not writing.
2011-06-22 19:33:24 +08:00
Osier Yang
20d5e9db82 qemu: Fix one memory leak
* src/qemu/qemu_domain.c: (qemuDomainAppendLog)

  Free "message" in "cleanup".
2011-06-22 19:32:04 +08:00
Michal Privoznik
017abcbb1a qemu: domain I/O asynchronous handling
For virtio disks and interfaces, qemu allows users to enable or disable
ioeventfd feature. This means, qemu can execute domain code, while
another thread waits for I/O event. Basically, in some cases it is win,
in some loss. This feature is available via 'ioeventfd' attribute in disk
and interface <driver> element. It accepts 'on' and 'off'. Leaving this
attribute out defaults to hypervisor decision.
2011-06-22 09:26:24 +02:00
Dirk Herrendoerfer
cbd8227ee0 set and restore MAC address of a NIC when using PASSTHROUGH mode
The following patch addresses the problem that when a PASSTHROUGH
mode DIRECT NIC connection is made the MAC address of the NIC is
not automatically set and reset to the configured VM MAC and
back again.

The attached patch fixes this problem by setting and resetting the MAC
while remembering the previous setting while the VM is running.
This also works if libvirtd is restarted while the VM is running.

the patch passes make syntax-check
2011-06-21 11:49:40 -04:00
Cole Robinson
27e47955a0 events: Correct virEventAddTimeout docs 2011-06-21 10:08:47 -04:00
Cole Robinson
6094ad7bd7 Promote virEvent*Handle/Timeout to public API
Since we virEventRegisterDefaultImpl is now a public API, callers need
a way to invoke the default registered Handle and Timeout functions. We
already have general functions for these internally, so promote
them to the public API.

v2:
    Actually add APIs to libvirt.h
2011-06-21 10:08:47 -04:00
Osier Yang
a22dbe0d66 conf: Make full use of goto label
* virDomainDefParse: There is a goto label "no_memory", which
reports OOM error, and then fallthrough label "error". This
patch changes things like following:

    virReportOOMError();
    goto error;

into:

    goto no_memory;
2011-06-21 16:20:15 +08:00
Osier Yang
9a2ac25a63 conf: Fix one memory leak
Free def->numatune.memory.nodemask in virDomainDefFree.
2011-06-21 16:03:59 +08:00
Matthias Bolte
272ead559c remote generator: Allow to annotate arrays with typecasts
Removes special case code from the generator and handle additional
methods.

The generated version of remoteDispatchDomainPinVcpu(Flags) has no
length check, but this check was useless anyway as it was applied to
data that was already deserialized from its XDR form.
2011-06-20 11:23:34 +02:00
Matthias Bolte
ac77cbaeae remote: Handle functions that return optional strings 2011-06-20 11:23:34 +02:00
Matthias Bolte
6be35f5fef remote: Generate virDomainGetBlockPullInfo
It was already generatable but skipped.
2011-06-20 11:23:34 +02:00
Taku Izumi
7ea9778c8a vcpupin: add vcpupin resetting feature to qemu driver
Pinning to all physical cpus means resetting, hence it is preferable to
delete vcpupin setting of XML.

This patch changes qemu driver to delete vcpupin setting by invoking
virDomainVcpupinDel API when pinning the specified virtual cpu to
all host physical cpus.

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2011-06-20 18:14:54 +08:00
Taku Izumi
3711c0b051 vcpupin: add virDomainVcpupinDel function
This patch add the private API (virDomainVcpupinDel).
This API can delete the vcpupin setting of a specified virtual cpu.

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2011-06-20 18:14:54 +08:00
Matthias Bolte
d967a8bfa4 Fix preprocessor indentation in nodeinfo.c 2011-06-20 10:39:09 +02:00
Osier Yang
a6f5c9b600 numatune: Support NUMA memory tuning in qemu driver
Implemented as setting NUMA policy between fork and exec as a hook,
using libnuma. Only support memory tuning on domain process currently.

For the nodemask out of range, will report soft warning instead of
hard error in libvirt layer. (Kernel will be silent as long as one
of set bit in the nodemask is valid on the host. E.g. For a host
has two NUMA nodes, kernel will be silent for nodemask "01010101").
So, soft warning is the only thing libvirt can do, as one might want
to specify the numa policy prior to a node that doesn't exist yet,
however, it may come as hotplug soon.
2011-06-20 15:16:16 +08:00
Osier Yang
d7edaf5d8c numatune: Support persistent XML for numatune
* src/conf/domain_conf.h: Introduce one new struct for representing
NUMA tuning related stuffs.

* src/conf/domain_conf.c: Parse and format numatune XML.
2011-06-20 15:15:44 +08:00
Hu Tao
8485e5a256 Update qemuDomainSetBlkioParameters to use flags 2011-06-20 15:52:11 +08:00
Hu Tao
100c39ca03 update qemuDomainGetBlkioParameters to use flags 2011-06-20 15:52:11 +08:00
Wen Congyang
34e3ec90f6 build: fix building error when building without libvirtd
When building libvirt without libvirtd, we will receive the following error
message:

make[3]: Entering directory `/home/wency/rpmbuild/BUILD/libvirt-0.9.2/tools'
  CC     virsh-virsh.o
  CC     virsh-console.o
  GEN    virt-xml-validate
  GEN    virt-pki-validate
  CCLD   virsh
./src/.libs/libvirt.so: undefined reference to `numa_available'
./src/.libs/libvirt.so: undefined reference to `numa_max_node'
collect2: ld returned 1 exit status

The reason is that: we check numactl only when building qemu driver, and qemu
driver will not be built when bulding without libvirtd. So with_numactl's
value is check and we will not link libnuma.so.

In the other function, we call numa_available() and numa_max_node() only
when HAVE_NUMACTL is 1. We should do the same check in the function nodeGetMemoryStats().
2011-06-20 15:52:11 +08:00
Jamie Strandboge
b9757fea30 apparmor: implement AppArmorSetFDLabel()
During a savevm operation, libvirt will now use fd migration if qemu
supports it. When the AppArmor driver is enabled, AppArmorSetFDLabel()
is used but since this function simply returns '0', the dynamic AppArmor
profile is not updated and AppArmor blocks access to the save file. This
patch implements AppArmorSetFDLabel() to get the pathname of the file by
resolving the fd symlink in /proc, and then gives that pathname to
reload_profile(), which fixes 'virsh save' when AppArmor is enabled.

Reference: https://launchpad.net/bugs/795800
2011-06-20 11:53:24 +08:00
Daniel P. Berrange
cc743e2314 Add missing checks for NULL in domain lock manager
The domain lock manager forgot to include a bunch of checks
for NULL which could occur on OOM

* src/locking/domain_lock.c: Add checks for NULL
2011-06-17 11:02:23 +01:00
Daniel P. Berrange
a81822063d Fix errno return in safezero()
Most of the safezero() implementations return -1 on error,
setting errno. The safezero() impl using posix_fallocate()
though returned a positive errno value on error (due to
the unusual API contract of posix_fallocate() compared to
most syscall APIs).

* src/util/util.c: Ensure safezero() returns -1 and sets
  errno on error.
* src/storage/storage_backend.c: Change safezero != 0 to
  < 0 for detecting errors
2011-06-17 11:02:18 +01:00
Daniel P. Berrange
c24c07f40b Add missing error reporting when loading mac filter config for QEMU
If the 'mac_filter' configuration parameter is enabled, and there
is a failure to enable filtering, no error is reported back to
the caller. Also fix some bogus whitespace indentation for
hugetlbfs_mount

* src/qemu/qemu_conf.c: Add missing error reporting
2011-06-17 11:02:13 +01:00
Jiri Denemark
559fcf8a24 qemu: Implement virDomainGetControlInfo 2011-06-16 18:47:12 +02:00
Jiri Denemark
6301ce5235 Wire protocol and remote driver for virDomainGetControlInfo 2011-06-16 18:47:12 +02:00
Jiri Denemark
67cc825dda Introduce virDomainGetControlInfo API
The API can be used to query current state of an interface to VMM used
to control a domain. In QEMU world this translates into monitor
connection.
2011-06-16 18:26:12 +02:00
Matthias Bolte
be757a3f7b Fix documentation of virStreamRecv
virStreamRecv is for reading.

Also add some missing punctuation to virStreamSend's documentation.
2011-06-16 11:31:07 +02:00
Eric Blake
1d57562942 sendkey: use consistent API convention
Even though rpc uses 'unsigned int' for the _len parameter that
passes the length of item<length>, the public libvirt APIs all
use 'int' and filter out lengths < 0, except for virDomainSendKey.

* include/libvirt/libvirt.h.in (virDomainSendKey): All other APIs
use int for array length.
* src/libvirt.c (virDomainSendKey): Adjust.
* src/driver.h (virDrvDomainSendKey): Likewise.
* daemon/remote_generator.pl: Likewise.
2011-06-15 11:25:53 -06:00
Eric Blake
b33cd5e349 build: export correct function names
Detected by autobuild.sh, when targetting mingw.
Introduced in commit 98bfdff.

* src/libvirt_private.syms: Fix typos.
2011-06-15 11:25:32 -06:00
Eric Blake
a1df7054ce build: avoid compiler warning on non-Linux
Detected by autobuild.sh when cross-building for mingw.
Introduced in commits ce76e85 and af35cec.

* src/nodeinfo.c (nodeGetCPUStats, nodeGetMemoryStats): Mark
parameters as potentially unused.
2011-06-15 11:25:02 -06:00
Matthias Bolte
64000eabed remote generator: Handle struct returning functions better
The position of the struct parameter in the function signature
differs. Instead of hardcoding the handling for this add an annotation
to the .x file to define the position.
2011-06-15 16:55:42 +02:00
Daniel Gollub
c4bd6d96f4 support for Xen HVM Viridian (Hyper-V) enlightenment interface
Introduce libvirt support for Xen HVM Viridian (Hyper-V) enlightenment
interface guest feature.

 src/conf/domain_conf.c     |    3 ++-
 src/conf/domain_conf.h     |    1 +
 src/xen/xen_hypervisor.c   |   11 +++++++++++
 src/xenapi/xenapi_driver.c |    2 ++
 src/xenapi/xenapi_utils.c  |    2 ++
 src/xenxs/xen_sxpr.c       |    4 ++++
 src/xenxs/xen_xm.c         |   12 +++++++++++-
 7 files changed, 33 insertions(+), 2 deletions(-)
2011-06-15 08:02:47 -06:00
Daniel P. Berrange
b86524e8d5 Add support for network filter code in LXC driver
The LXC driver networking uses veth device pairs. These can
be easily hooked into the network filtering code.

* src/lxc/lxc_driver.c: Add calls to setup/teardown nwfilter
2011-06-15 10:56:08 +01:00
Daniel P. Berrange
b4728dd43e Fix allocation of veth's to not skip an index
The algorithm for autoassigning vethXXX devices, was always
skipping over the starting dev index when finding a free
name for the guest device. This should only be done if the host
device was autoallocated.

* src/lxc/veth.c: Don't skip over veth indexes
2011-06-15 10:56:08 +01:00
Jiri Denemark
c3068d4d23 qemu: Translate boot config into bootindex if possible
Prefer bootindex=N option for -device over the old way -boot ORDER
possibly accompanied with boot=on option for -drive. This gives us full
control over which device will actually be used for booting guest OS.
Moreover, if qemu doesn't support boot=on, this is the only way to boot
of certain disks in some configurations (such as virtio disks when used
together IDE disks) without transforming domain XML to use per device
boot elements.
2011-06-15 11:29:09 +02:00
Adam Litke
12cd77a0c5 Asynchronous event for BlockPull completion
When an operation started by virDomainBlockPullAll completes (either with
success or with failure), raise an event to indicate the final status.  This
allows an API user to avoid polling on virDomainBlockPullInfo if they would
prefer to use the event mechanism.

* daemon/remote.c: Dispatch events to client
* include/libvirt/libvirt.h.in: Define event ID and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
  src/libvirt_private.syms: Extend API to handle the new event
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
  for block_stream completion and emit a libvirt block pull event
* src/remote/remote_driver.c: Receive and dispatch events to application
* src/remote/remote_protocol.x: Wire protocol definition for the event
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
  src/qemu/qemu_monitor_json.c: Watch for BLOCK_STREAM_COMPLETED event
  from QEMU monitor

Signed-off-by: Adam Litke <agl@us.ibm.com>
2011-06-14 22:48:42 -06:00
Adam Litke
784ee08d22 Implement virDomainBlockPull for the qemu driver
The virDomainBlockPull* family of commands are enabled by the
'block_stream' and 'info block_stream' qemu monitor commands.

* src/qemu/qemu_driver.c src/qemu/qemu_monitor_text.[ch]: implement disk
  streaming by using the stream and info stream text monitor commands
* src/qemu/qemu_monitor_json.[ch]: implement commands using the qmp monitor

Signed-off-by: Adam Litke <agl@us.ibm.com>
Acked-by: Daniel P. Berrange <berrange@redhat.com>
2011-06-14 22:02:06 -06:00
Adam Litke
d1693bb160 Add virDomainBlockPull support to the remote driver
The generator can handle DomainBlockPullAll and DomainBlockPullAbort.
DomainBlockPull and DomainBlockPullInfo must be written by hand.

* src/remote/remote_protocol.x: provide defines for the new entry points
* src/remote/remote_driver.c daemon/remote.c: implement the client and
  server side
* src/remote_protocol-structs: structure definitions for protocol verification

Signed-off-by: Adam Litke <agl@us.ibm.com>
2011-06-14 21:54:30 -06:00
Adam Litke
6419f596e1 virDomainBlockPull: Implement the main entry points
* src/libvirt.c: implement the main entry points

Signed-off-by: Adam Litke <agl@us.ibm.com>
Acked-by: Daniel P. Berrange <berrange@redhat.com>
2011-06-14 21:35:37 -06:00
Adam Litke
7d56a16d03 Add new API virDomainBlockPull* to headers
Set up the types for the block pull functions and insert them into the
virDriver structure definition.  Symbols are exported in this patch to prevent
documentation compile failures.

* include/libvirt/libvirt.h.in: new API
* src/driver.h: add the new entry to the driver structure
* python/generator.py: fix compiler errors, the actual python bindings are
  implemented later
* src/libvirt_public.syms: export symbols

Signed-off-by: Adam Litke <agl@us.ibm.com>
2011-06-14 21:20:11 -06:00
Marc-André Lureau
98bfdff12c spice: add <clipboard copypaste='yes|no'> option
From a security pov copy and paste between the guest and the client is not
always desirable. So we need to be able to enable/disable this. The best place
to do this from an administration pov is on the hypervisor, so the qemu cmdline
is getting a spice disable-copy-paste option, see bug 693645. Example qemu
invocation:
qemu -spice port=5932,disable-ticketing,disable-copy-paste

https://bugzilla.redhat.com/show_bug.cgi?id=693661
2011-06-14 17:03:26 -06:00
Minoru Usui
af35cece3b virNodeGetMemoryStats: Implement linux support
Signed-off-by: Minoru Usui <usui@mxm.nes.nec.co.jp>
2011-06-14 16:54:01 -06:00
Minoru Usui
e047b404b4 virNodeGetMemoryStats: Implement remote protocol
Signed-off-by: Minoru Usui <usui@mxm.nes.nec.co.jp>
2011-06-14 16:27:07 -06:00
Minoru Usui
0c5ce68525 virNodeGetMemoryStats: Implement public API
Signed-off-by: Minoru Usui <usui@mxm.nes.nec.co.jp>
2011-06-14 16:17:17 -06:00
Minoru Usui
eff7613967 virNodeGetMemoryStats: Define internal driver API
Signed-off-by: Minoru Usui <usui@mxm.nes.nec.co.jp>
2011-06-14 16:11:30 -06:00
Minoru Usui
625aa63eea virNodeGetMemoryStats: Expose new API
Signed-off-by: Minoru Usui <usui@mxm.nes.nec.co.jp>
2011-06-14 16:07:47 -06:00
Minoru Usui
ce76e85350 virNodeGetCPUStats: Implement linux support
Signed-off-by: Minoru Usui <usui@mxm.nes.nec.co.jp>
2011-06-14 15:57:26 -06:00
Minoru Usui
daea15aa40 virNodeGetCPUStats: Implement remote protocol
Signed-off-by: Minoru Usui <usui@mxm.nes.nec.co.jp>
2011-06-14 15:17:45 -06:00
Minoru Usui
211c9f7b66 virNodeGetCPUTime: Implement public API
Signed-off-by: Minoru Usui <usui@mxm.nes.nec.co.jp>
2011-06-14 15:07:24 -06:00
Minoru Usui
85a44c6e36 virNodeGetCPUStats: Define internal driver API
Signed-off-by: Minoru Usui <usui@mxm.nes.nec.co.jp>
2011-06-14 15:07:21 -06:00
Minoru Usui
1f873744c8 virNodeGetCPUStats: Expose new API
Signed-off-by: Minoru Usui <usui@mxm.nes.nec.co.jp>
2011-06-14 14:48:45 -06:00
Michael Chapman
30697181dc Fix autostart flag when loading running domains
Drivers load running persistent and transient domain configs before
inactive persistent domain configs, however only the latter would set a
domain's autostart flag. This mismatch between the loaded and on-disk
state could later cause problems with "virsh autostart":

  # virsh autostart example
  error: Failed to mark domain example as autostarted
  error: Failed to create symlink '/etc/libvirt/qemu/autostart/example.xml to '/etc/libvirt/qemu/example.xml': File exists

This patch ensures the autostart flag is set correctly even when the
domain is already defined.

Fixes:

  https://bugzilla.redhat.com/show_bug.cgi?id=632100
  https://bugzilla.redhat.com/show_bug.cgi?id=675319

Signed-off-by: Michael Chapman <mike@very.puzzling.org>
2011-06-14 14:21:23 -06:00
Lai Jiangshan
4cff75a41b send-key: Implementing the remote protocol
Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
2011-06-14 13:27:52 -06:00
Lai Jiangshan
e138d31083 send-key: Implementing the public API
Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
2011-06-14 13:18:53 -06:00
Lai Jiangshan
eea8cc4996 send-key: Defining the internal API
Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
2011-06-14 13:01:28 -06:00
Lai Jiangshan
973564094f send-key: Defining the public API
Add public virDomainSendKey() and enum libvirt_keycode_set
for the @codeset.

Python version of virDomainSendKey() has not been implemented yet,
it will be done soon.

Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
2011-06-14 13:00:21 -06:00
Eric Blake
66dc2ae61b storage: avoid an intermediate malloc
Suggested here:
https://www.redhat.com/archives/libvir-list/2011-May/msg00594.html

* src/storage/storage_backend.c (virStorageBackendCreateQemuImg):
Generate size inline.
2011-06-14 09:17:57 -06:00
Eric Blake
f3d6754415 command: avoid double close
Previously, the parent process opened 'null' to /dev/null, then
the child process closes 'null' as well as 'childout'.  But if
childout was set to be null, then this is a double close.  At
least the double close was confined to the child process after a
fork, and therefore there is no risk of another thread opening
an fd of the same value to be bitten by the double close, but it
is always better to avoid double-close to begin with.

Additionally, if all three fds were specified, then opening
'null' was wasted.

This patch fixes things to lazily open null on the first use,
then guarantees it gets closed exactly once.

* src/util/command.c (getDevNull): New helper function.
(virExecWithHook): Use it to avoid spurious opens and double close.
2011-06-14 09:17:57 -06:00
Eric Blake
c668c89778 command: reduce duplicated debug messages
This also reduces malloc pressure for invoking a child when
VIR_DEBUG is enabled.

* src/util/command.c (virExecWithHook): Drop debug, since the only
caller (virCommandRunAsync) also prints debug info.
2011-06-14 09:17:57 -06:00
Cole Robinson
c0980a3a6e qemu: Fix parsing 'info chardev'
If qemu supports -chardev, our char frontend aliases are ex. 'charserial0'
not just 'serial0'. Typically we don't use this code path because the
pty's are scraped from stdout.
2011-06-14 10:41:19 -04:00
Cole Robinson
d0b1a9a087 qemu: Scrape stdout for virtio console pty
Currently we forget to do this and have to fallback to info chardev (which
also fails, see following patch)
2011-06-14 10:41:19 -04:00
Guido Günther
15743e94d5 nodeinfo: remove superflous braces
that break compilation on non intel architectures:

mips:
https://buildd.debian.org/status/fetch.php?pkg=libvirt&arch=mips&ver=0.9.2-1&stamp=1307570195
powerpc:
https://buildd.debian.org/status/fetch.php?pkg=libvirt&arch=powerpc&ver=0.9.2-1&stamp=1307550913
s390:
https://buildd.debian.org/status/fetch.php?pkg=libvirt&arch=s390&ver=0.9.2-1&stamp=1307641748
sparc:
https://buildd.debian.org/status/fetch.php?pkg=libvirt&arch=sparc&ver=0.9.2-1&stamp=1307552926
2011-06-14 09:48:09 +02:00
Osier Yang
e22a6e9dd1 util: Cleanup indention problem in virterror.c
Push under trivial rule.
2011-06-14 15:03:12 +08:00
Osier Yang
41514f7b3e qemu: Parse current balloon value returned by query_balloon
Qemu once supported following memory stats which will returned by
"query_balloon":

    stat_put(dict, "actual", actual);
    stat_put(dict, "mem_swapped_in", dev->stats[VIRTIO_BALLOON_S_SWAP_IN]);
    stat_put(dict, "mem_swapped_out", dev->stats[VIRTIO_BALLOON_S_SWAP_OUT]);
    stat_put(dict, "major_page_faults", dev->stats[VIRTIO_BALLOON_S_MAJFLT]);
    stat_put(dict, "minor_page_faults", dev->stats[VIRTIO_BALLOON_S_MINFLT]);
    stat_put(dict, "free_mem", dev->stats[VIRTIO_BALLOON_S_MEMFREE]);
    stat_put(dict, "total_mem", dev->stats[VIRTIO_BALLOON_S_MEMTOT]);

But it later disabled all the stats except "actual" by commit
07b0403dfc2b2ac179ae5b48105096cc2d03375a.

libvirt doesn't parse "actual", so user will always see a empty result
with "virsh dommemstat $domain". Even qemu haven't disabled the stats,
we should support parsing "actual".
2011-06-14 11:21:35 +08:00
Taku Izumi
d5f3320de7 vcpupin: Fix cpu affinity setting bug of qemu driver
There is the case where cpu affinites for vcpu of qemu doesn't work
correctly. For example, if only one vcpupin setting entry is provided
and its setting is not for vcpu0, it doesn't work.

   # virsh dumpxml VM
   ...
   <vcpu>4</vcpu>
   <cputune>
     <vcpupin vcpu='3' cpuset='9-11'/>
   </cputune>
   ...

   # virsh start VM
   Domain VM started

   # virsh vcpuinfo VM
   VCPU:           0
   CPU:            31
   State:          running
   CPU time:       2.5s
   CPU Affinity:   yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy

   VCPU:           1
   CPU:            12
   State:          running
   CPU time:       0.9s
   CPU Affinity:   yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy

   VCPU:           2
   CPU:            30
   State:          running
   CPU time:       1.5s
   CPU Affinity:   yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy

   VCPU:           3
   CPU:            13
   State:          running
   CPU time:       1.7s
   CPU Affinity:   yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy

This patch fixes this problem.

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2011-06-14 11:17:54 +08:00
Matthias Bolte
bfbeafbd5d Fix dlopen dependency
Since the addition of the lock manager framework in 6a943419c5
dlopen is always required, but the checks in configure wasn't changed
to reflect that. This didn't show up directly because the VirtualBox
driver linking dlopen in covered it. But disabling the VirtualBox
driver makes the build fail due to missing dlopen.

Change the dlopen check in configure to pick up dlopen when available.

Reported by Ruben Kerkhof.
2011-06-13 14:19:56 -06:00
Hu Tao
fbd7820b2c Deprecate several CURRENT/LIVE/CONFIG enums
This patch deprecates following enums:

VIR_DOMAIN_MEM_CURRENT
VIR_DOMAIN_MEM_LIVE
VIR_DOMAIN_MEM_CONFIG

VIR_DOMAIN_VCPU_LIVE
VIR_DOMAIN_VCPU_CONFIG

VIR_DOMAIN_DEVICE_MODIFY_CURRENT
VIR_DOMAIN_DEVICE_MODIFY_LIVE
VIR_DOMAIN_DEVICE_MODIFY_CONFIG

And modify internal codes to use virDomainModificationImpact.
2011-06-13 14:17:16 -06:00
Stefan Berger
f5358fdc72 qemu: Faster response time to qemu startup errors
The below patch decreases the response time of libvirt to errors reported by Qemu upon startup by checking whether the qemu process is still alive while polling for the local socket to show up.

This patch also introduces a special handling of signal for the Win32 part of virKillProcess.
2011-06-13 15:59:58 -04:00
Taku Izumi
b01e993656 vcpupin: implement the remote protocol to address the new API
This patch implements the remote protocol for the new API
(virDomainPinVcpuFlags).
2011-06-13 23:45:29 +08:00
Taku Izumi
6690150ddd vcpupin: implement the code to address the new API in the qemu driver
This patch implements the new API (virDomainPinVcpuFlags) in the qemu
driver.
2011-06-13 23:42:09 +08:00
Taku Izumi
070829cc16 vcpupin: introduce a new libvirt API (virDomainPinVcpuFlags)
This patch introduces a new libvirt API virDomainPinVcpuFlags,
a direct extension from the existing virDomainPinVcpu
2011-06-13 23:35:54 +08:00
Jiri Denemark
a231016b69 Use virTimeMs when appropriate 2011-06-13 11:24:58 +02:00
Jiri Denemark
ef6e99dc24 Introduce virTimeMs for getting current time in ms 2011-06-13 11:20:16 +02:00
Jiri Denemark
af2abe3f19 test: Remove unused timeval 2011-06-13 11:13:30 +02:00
Wen Congyang
9f8baf646e support multifunction PCI device
If qemu supports multi function PCI device, the format of the PCI address passed
to qemu is "bus=pci.0,multifunction=on,addr=slot.function".

If qemu does not support multi function PCI device, the format of the PCI address
passed to qemu is "bus=pci.0,addr=slot".
2011-06-13 09:27:22 +08:00
Wen Congyang
6fe678cdaf the hotplugged PCI device should use the whole slot
Hot pluging/unpluging multi PCI device is not supported now. So the function
of hotplugged PCI device must be 0. When we hot unplug it, we should set release
all functions in the slot.
2011-06-13 09:27:22 +08:00
Wen Congyang
f12f34fe2f assign the whole slot to the PCI device that has no address
If user does not specify the PCI address, we should auto assign an unused slot.
2011-06-13 09:27:22 +08:00
Wen Congyang
38912f3107 Reimplement qemuDomainPCIAddressReserveSlot(): reserve all functions in the slot
We will support multi function PCI device. So we should reserve all functions in
the slot if we want to reserve a slot.
2011-06-13 09:27:22 +08:00
Wen Congyang
d8f24f75a8 the key of hash table should include the function value
We save all used PCI address in the hash table. The key is generated by domain,
bus and slot now. We will support multi function PCI device, so the key should
be generated by domain, bus, slot and function.
2011-06-13 09:27:21 +08:00
Wen Congyang
cb6ea85b78 prevent hot unplugging multi function PCI device
We do not support to hot unplug multi function PCI device now. If the device is
one function of multi function PCI device, we shoul not allow to hot unplugg
it.
2011-06-13 09:27:21 +08:00
Wen Congyang
d58c382e93 check whether qemu supports multi function PCI device
qemu supports multi function PCI device at least version 0.13.0.
2011-06-13 09:27:21 +08:00
Matthew Booth
006be75ee2 xenapi: Improve error message on session failure
XenAPI session login can fail for a number of reasons, but currently no
specific
reason is displayed to the user, e.g.:

virsh -c XenAPI://citrix-xen.example.com/
Enter username for citrix-xen.example.com: root
Enter root's password for citrix-xen.example.com:
error: authentication failed: (null)
error: failed to connect to the hypervisor

This patch displays the session error description on failure.
2011-06-10 17:18:01 +08:00
Osier Yang
08a6826a14 qemu: Fix one type in the error prompt string
s/hostdevwork/hostdev/
2011-06-10 11:30:59 +08:00
Eric Blake
7444f86024 virt-aa-helper: add missing include
Regression introduced in commit 02e8691.

* src/security/virt-aa-helper.c (includes): Reflect move of virRun.
2011-06-08 07:19:21 -06:00
Eric Blake
d7814b21a2 build: break some long lines
As long as I was already touching the function...

* src/qemu/qemu_hotplug.c (qemuDomainChangeGraphics): Line wrap.
2011-06-08 05:30:56 -06:00
Eric Blake
ddc5b158d7 qemu: add missing break statement
Detected by Coverity.  Bug introduced in commit 9d73efd (v0.8.8).

* src/qemu/qemu_hotplug.c (qemuDomainChangeGraphics): Don't report
error on success.
2011-06-08 05:30:56 -06:00
Eric Blake
1eca8c3e8c build: silence coverity false positives
Coverity complained about these intentional fallthrough cases, but
not about other cases that were explicitly marked with nice comments.

For some reason, Coverity doesn't seem smart enough to parse the
up-front English comment in virsh about intentional fallthrough :)

* tools/virsh.c (cmdVolSize): Mark fallthrough in a more typical
fashion.
* src/conf/nwfilter_conf.c (virNWFilterRuleDefDetailsFormat)
(virNWFilterRuleDetailsParse): Mark explicit fallthrough.
2011-06-08 05:30:56 -06:00
Eric Blake
657ae229c8 esx: avoid dead code
Detected by Coverity.  The beginning of the function already filtered
out NULL objectContentList as invalid.  Further investigation shows:

esxVI_RetrieveProperties is generated and returns a list of objects
that match the given propertyFilterSpec.
esxVI_LookupObjectContentByType then tests whether the result
corresponds to the expected occurrence and reports an error otherwise.
This simplifies the callers of  esxVI_LookupObjectContentByType, but
due to the missing dereference the check was never performed because
the code thought that at least one item was obtained. NULL represents
an empty list. This is a potential segfault fix because callers of
esxVI_LookupObjectContentByType that specified "required" occurrence
assume *objectContentList to be non-NULL when
esxVI_LookupObjectContentByType succeeds.

* src/esx/esx_vi.c (esxVI_LookupObjectContentByType): Check
correct pointer.
2011-06-08 05:28:25 -06:00
Eric Blake
ba4983da47 secret: drop dead code
Detected by Coverity.  The only ways to get to the cleanup label
were by an early abort (list still unassigned) or after successfully
transferring list to dest, so there is no list to clean up.

* src/secret/secret_driver.c (loadSecrets): Kill dead code.
2011-06-08 05:28:20 -06:00
Eric Blake
4eb17d642e qemu: reorder checks for safety
Detected by Coverity.  All existing callers happen to be in
range, so this isn't too serious.

* src/qemu/qemu_cgroup.c (qemuCgroupControllerActive): Check
bounds before dereference.
2011-06-08 05:28:20 -06:00
Eric Blake
208a675688 uuid: annotate non-null requirements
Coverity already saw through a NULL dereference without these
annotations, and gcc is still too puny to do good NULL analysis.
But clang still benefits (and is easier to run than coverity),
not to mention that adding this bit of documentation to the code
may help future developers remember the constraints.

* src/util/uuid.h (virGetHostUUID, virUUIDFormat): Document
restrictions, for improved static analysis.
2011-06-08 05:28:20 -06:00
Eric Blake
2ed0c94dbc debug: avoid null dereference on uuid lookup api
Detected by Coverity.  Commit a98d8f0d tried to make uuid debugging
more robust, but missed some APIs.  And on the APIs that it visited,
the mere act of preparing the debug message ends up dereferencing
uuid prior to the null check.  Which means the APIs which are supposed
to gracefully reject NULL arguments now end up with SIGSEGV.

* src/libvirt.c (VIR_UUID_DEBUG): New macro.
(virDomainLookupByUUID, virDomainLookupByUUIDString)
(virNetworkLookupByUUID, virNetworkLookupByUUIDString)
(virStoragePoolLookupByUUID, virStoragePoolLookupByUUIDString)
(virSecretLookupByUUID, virSecretLookupByUUIDString)
(virNWFilterLookupByUUID, virNWFilterLookupByUUIDString): Avoid
null dereference.
2011-06-08 05:28:20 -06:00
Eric Blake
f876c30cfe build: silence coverity false positive
Similar in nature to commit fd21ecfd, which shut up valgrind.

sigaction is apparently a nasty interface for analyzer tools,
at least for how many false positives it generates.

* src/util/command.c (virExecWithHook): Initialize entire var, since
coverity gripes about the (unused and non-standard) sa_restorer.
2011-06-08 05:23:00 -06:00
Eric Blake
54456cc0fd storage: avoid mishandling backing store > 2GB
Detected by Coverity.  The code was doing math on shifted unsigned
char (which promotes to int), then promoting that to unsigned long
during assignment to size.  On 64-bit platforms, this risks sign
extending values of size > 2GiB.  Bug present since commit
489fd3 (v0.6.0).

I'm not sure if a specially-crafted bogus qcow2 image could
exploit this, although it's probably not possible, since we
were already checking for the computed results being within
range of our fixed-size buffer.

* src/util/storage_file.c (qcowXGetBackingStore): Avoid sign
extension.
2011-06-08 05:18:46 -06:00
Cole Robinson
f9e8d6a065 lxc: Ensure container <init> actually exists
Since we can't really get useful error reporting from virCommandExec since
it needs to be the last thing we do.
2011-06-07 14:38:54 -04:00
Cole Robinson
4fb706a5a7 lxc: Verify root fs exists before mounting
Otherwise the following virFileMakePath will create the directory for
us and fail further ahead, which probably isn't intended.
2011-06-07 14:38:54 -04:00
Cole Robinson
a7e2dd1c32 lxc: controller: Improve container error reporting
Add a handshake with the cloned container process to try and detect
if it fails to start.
2011-06-07 14:38:54 -04:00
Cole Robinson
965a957ccc lxc: Improve guest startup error reporting
Add a simple handshake with the lxc_controller process so we can detect
process startup failures. We do this by adding a new --handshake cli arg
to lxc_controller for passing a file descriptor. If the process fails to
launch, we scrape all output from the logfile and report it to the user.
2011-06-07 14:38:39 -04:00
Cole Robinson
af1e180f48 lxc: Refactor controller command building
Arranges things similar to the qemu driver. Will allow us to more easily
report command error output.
2011-06-07 14:36:38 -04:00
Cole Robinson
6973594ca8 lxc: Don't report error in Wait/SendContinue
We will reuse these shortly, and each use should have a different error
message.
2011-06-07 14:32:03 -04:00
Cole Robinson
eee1763c8c lxc: Drop container stdio as late as possible
Makes it more likely we get useful error output in the logs
2011-06-07 14:32:03 -04:00
Cole Robinson
02e86910e2 Move virRun, virExec*, virFork to util/command
Seems reasonable to have all command wrappers in the same place

v2:
    Dont move SetInherit

v3:
    Comment spelling fix
    Adjust WARN0 comment
    Remove spurious #include movement
    Don't include sys/types.h
    Combine virExec enums

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2011-06-07 14:06:11 -04:00
Cole Robinson
3c269b51a6 util: Implement virRun as a wrapper around virCommand
v2:
    Simplify command building
    Handle command building failure

v3:
    Remove unneeded NULL check

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2011-06-07 11:24:52 -04:00
Cole Robinson
d886ed9597 util: Remove unused virExec wrapper
v3:
    Remove obsolete comment

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2011-06-07 11:12:58 -04:00
Cole Robinson
1ba75cf9aa qemu: Convert virExec usage to virCommand
v2:
    Have virCommand cleanup intermediate process for us

v3:
    Preserve original FD closing behavior

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2011-06-07 11:11:02 -04:00
Matthias Bolte
0068b58c71 esx: Remove duplicated invalid-argument checks
Those checks are already performed at the public API level.
2011-06-07 15:21:47 +02:00
Osier Yang
ebf6b11ac1 Use VIR_USE_CPU instead of new wheel 2011-06-07 16:51:51 +08:00
Matthias Bolte
b10bca09f9 Avoid virGetVersion failure on specific driver support configurations
virGetVersion itself doesn't take a virConnectPtr, but in order to obtain
the hypervisor version against which libvirt was compiled it is used in
combination with virConnectGetType like this:

hvType = virConnectGetType(conn)
virGetVersion(&libVer, hvType, &typeVer)

When virConnectGetType is called on a remote connection then the remote
driver returns the type of the underlying driver on the server side, for
example QEMU. Then virGetVersion compares hvType to a set of strings that
depend on configure options and returns LIBVIR_VERSION_NUMBER in most
cases. Now this fails in case libvirt on the client side is just compiled
with the remote driver enabled only and the server side has the actual
driver such as the QEMU driver. It just happens to work when the actual
driver is enabled on client and server side. But that's not always true.
I noticed this on FreeBSD:

freebsd# virsh -c qemu+tcp://192.168.178.22/system version
Compiled against library: libvir 0.9.2
error: failed to get the library version
error: this function is not supported by the connection driver: virGetVersion

This is not FreeBSD specific, happens on Windows as well due to the
similar driver support configuration. The problem is that virConnectGetType
returns QEMU, but virGetVersion on the client side only accepts Remote
as hvType due to all other drivers being disabled on the client side.

Daniel P. Berrange suggested to get rid of all the conditional code in
virGetVersion, ignoring the hvType and always setting typeVer to
LIBVIR_VERSION_NUMBER. virConnectGetVersion is supposed to be used to
obtain the hypervisor version.
2011-06-07 09:41:35 +02:00
Matthias Bolte
4bf1f33b7e docs: Make hvsupport.pl pick up the host device drivers
Annotate the ESX device driver dummy.

Refactor the udev and hal device driver strcuts to match the
common annotation pattern.
2011-06-06 10:45:59 +02:00
Matthias Bolte
33cb519417 esx: Fix driver method version annotations
Change the driver comments for proper extraction and values by
the scripts used for documentation
2011-06-06 11:08:06 +08:00
Daniel P. Berrange
3e87a3901a Fix QEMU p2p v2 migration when run from a v3 client
When peer-2-peer migration was invoked by a client supporting
v3, but where the target server only supported v2, we'd not
correctly shutdown the guest.

* src/qemu/qemu_migration.c: Ensure guest is shutdown in
  v2 peer 2 peer migration
2011-06-06 11:05:34 +08:00
Matthias Bolte
cc79a4c52e vbox: Fix typo in error message 2011-06-04 22:41:49 +02:00
Daniel P. Berrange
a50f5f6faa Don't raise an error if the migration cookie is NULL
The v2 migration protocol doesn't use cookies, so we should not
be raising an error if the cookie parameters are NULL.

* src/qemu/qemu_migration.c: Don't raise error if cookie is NULL
2011-06-04 07:26:32 -04:00
Daniel P. Berrange
a018c0b910 Fix check of virKillProcess return status
The error code for virKillProcess is returned in the errno variable
not the return value. THis mistake caused the logs to be filled with
errors when shutting down QEMU processes

* src/qemu/qemu_process.c: Fix process kill check.
2011-06-04 07:26:07 -04:00
Matthias Bolte
eb2664cbe6 vbox: Fix version extraction on Windows for newer VirtualBox versions
VirtualBox 4.0.8 changed the registry key layout. Before the version
number was in a Version key. Now the Version key contains %VER% and
the actual version number is in VersionExt now.

Move value lookup code into its own function: vboxLookupRegistryValue.
2011-06-04 10:50:36 +02:00
Eric Blake
33d90bafe7 API: consolidate common unreleased enums
This commit is safe precisely because there has been no release
for any of the enum values being deleted (they were added post-0.9.1).

After the 0.9.2 release, we can then take advantage of
virDomainModificationImpact in more places.

* include/libvirt/libvirt.h.in (virDomainModificationImpact): New
enum.
(virDomainSchedParameterFlags, virMemoryParamFlags): Delete, since
these were never released, and the new enum works fine here.
* src/libvirt.c	(virDomainGetMemoryParameters)
(virDomainSetMemoryParameters)
(virDomainGetSchedulerParametersFlags)
(virDomainSetSchedulerParametersFlags): Update documentation.
* src/qemu/qemu_driver.c (qemuDomainSetMemoryParameters)
(qemuDomainGetMemoryParameters, qemuSetSchedulerParametersFlags)
(qemuSetSchedulerParameters, qemuGetSchedulerParametersFlags)
(qemuGetSchedulerParameters): Adjust clients.
* tools/virsh.c (cmdSchedinfo, cmdMemtune): Likewise.
Based on ideas by Daniel Veillard and Hu Tao.
2011-06-04 09:58:53 +02:00
Jiri Denemark
aeed51f775 qemu: Avoid use after free in qemuCaps parsing 2011-06-03 19:58:43 +02:00
Laine Stump
62ed801c13 security driver: ignore EINVAL when chowning an image file
This fixes:

  https://bugzilla.redhat.com/show_bug.cgi?id=702044
  https://bugzilla.redhat.com/show_bug.cgi?id=709454

Both of these complain of a failure to use an image file that resides
on a read-only NFS volume. The function in the DAC security driver
that chowns image files to the qemu user:group before using them
already has special cases to ignore failure of chown on read-only file
systems, and in a few other cases, but it hadn't been checking for
EINVAL, which is what is returned if the qemu user doesn't even exist
on the NFS server.

Since the explanation of EINVAL in the chown man page almost exactly
matches the log message already present for the case of EOPNOTSUPP,
I've just added EINVAL to that same conditional.
2011-06-03 12:27:05 -04:00
Matthias Bolte
6b5c589d84 Make dlopen usage in lock manager conditional
This fixes a build failure on MinGW, due to MinGW not supporting dlopen.
2011-06-03 16:46:09 +02:00
Eric Blake
32ce66f5ea build: silence coverity false positive
Coverity couldn't see that priv is NULL on failure.  But on failure,
we might as well guarantee that callers don't try to free uninitialized
memory.

* src/remote/remote_driver.c (remoteGenericOpen): Even on failure,
pass priv back to caller.
2011-06-03 08:23:32 -06:00
Eric Blake
89e651fa76 build: silence coverity false positive
Coverity complained that infd could be -1 at the point where it is
passed to write, when in reality, this code can only be reached if
infd is non-negative.

* src/util/command.c (virCommandProcessIO): Help out coverity.
2011-06-03 08:23:29 -06:00
Eric Blake
d391661ae4 migrate: detect xml incompatibility
Detected by Coverity.  Bug introduced in 08106e2044 (unreleased).

* src/conf/domain_conf.c (virDomainChannelDefCheckABIStability):
Use correct sizeof operand.
2011-06-03 08:23:28 -06:00
Eric Blake
278a050a52 event: avoid memory leak on cleanup
Detected by Coverity.  Introduced in commit aaf2b70, and turned into
a regression in the next few commits through 4e6e6672 (unreleased).

* src/conf/domain_event.c (virDomainEventStateFree): Free object,
per documentation.
2011-06-03 08:11:43 -06:00
Eric Blake
2834d57175 qemu: avoid memory leak on vcpupin
Detected by Coverity.  This leaked a cpumap on every iteration
of the loop.  Leak introduced in commit 1cc4d02 (v0.9.0).

* src/qemu/qemu_process.c (qemuProcessSetVcpuAffinites): Plug
leak, and hoist allocation outside loop.
2011-06-03 08:11:43 -06:00
Eric Blake
0a41733c13 lock: avoid leak on failure
Detected by Coverity.  Only possible on OOM situations.

* src/locking/lock_manager.c (virLockManagerPluginNew): Plug leak.
2011-06-03 08:11:43 -06:00
Eric Blake
f515bab78d storage: avoid memory leak on stat failure
Spotted by coverity.  Triggers on failed stat, although I'm not sure
how easy that condition is, so I'm not sure if this is a runtime
memory hog.  Regression introduced in commit 8077d64 (unreleased).

* src/util/storage_file.c (virStorageFileGetMetadataFromFD):
Reduce need for malloc, avoiding a leak.
2011-06-03 08:11:42 -06:00
Eric Blake
9892f7bca0 storage: avoid memory leak
Coverity detected that options was being set by strdup but never
freed.  But why even bother with an options variable?  The options
parameter never changes!  Leak present since commit 44948f5b (0.7.0).

This function could probably be rewritten to take better advantage
of virCommand, but that is more invasive.

* src/storage/storage_backend_fs.c
(virStorageBackendFileSystemMount): Avoid wasted strdup, and
guarantee proper cleanup on all paths.
2011-06-03 08:11:42 -06:00