Commit Graph

9104 Commits

Author SHA1 Message Date
Osier Yang
5edfcaae6f qemu: Support copy on read for disk
The new introduced optional attribute "copy_on_read</code> controls
whether to copy read backing file into the image file. The value can
be either "on" or "off". Copy-on-read avoids accessing the same backing
file sectors repeatedly and is useful when the backing file is over a
slow network. By default copy-on-read is off.
2012-01-13 10:08:15 +08:00
Martin Kletzander
b54de0830a Added check for maximum number of vcpus exceeding topology limit
Earlier, when the number of vcpus was greater than the topology allowed,
libvirt didn't raise an error and continued, resulting in running qemu
with parameters making no sense. Even though qemu did not report any
error itself, the number of vcpus was set to maximum allowed by the
topology.
2012-01-12 16:02:08 -07:00
Eric Blake
29db7a0072 build: update to latest gnulib
Pick up recent gnulib improvements.

* .gnulib: Update to latest.
* bootstrap: Resync.
* bootstrap.conf (gnulib_tool_option_extras): Adjust to bootstrap
changes.
* gnulib/lib/Makefile.am: Likewise.
2012-01-12 15:47:54 -07:00
Eric Blake
0327ff0798 uuid: fix off-by-one
Detected by Coverity.  Although unlikely, if we are ever started
with stdin closed, we could reach a situation where we open a
uuid file but then fail to close it, making that file the new
stdin for the rest of the process.

* src/util/uuid.c (getDMISystemUUID): Allow for stdin.
2012-01-12 15:18:23 -07:00
Eric Blake
d98a3d4a59 build: fix virsh reformat fallout
Commit 69f0b446 failed to update the expected test output.

* tests/virshtest.c (testCompareListDefault)
(testCompareListCustom): Adjust to recent code change.
2012-01-12 15:16:40 -07:00
Daniel P. Berrange
08272dc8b4 Rsync keymaps.csv file with GTK-VNC 2012-01-12 20:44:55 +00:00
Daniel P. Berrange
9130396214 Re-write LXC controller end-of-file I/O handling yet again
Currently the LXC controller attempts to deal with EOF on a
tty by spawning a thread to do an edge triggered epoll_wait().
This avoids the normal event loop spinning on POLLHUP. There
is a subtle mistake though - even after seeing POLLHUP on a
master PTY, it is still perfectly possible & valid to write
data to the PTY. There is a buffer that can be filled with
data, even when no client is present.

The second mistake is that the epoll_wait() thread was not
looking for the EPOLLOUT condition, so when a new client
connects to the LXC console, it had to explicitly send a
character before any queued output would appear.

Finally, there was in fact no need to spawn a new thread to
deal with epoll_wait(). The epoll file descriptor itself
can be poll()'d on normally.

This patch attempts to deal with all these problems.

 - The blocking epoll_wait() thread is replaced by a poll
   on the epoll file descriptor which then does a non-blocking
   epoll_wait() to handle events
 - Even if POLLHUP is seen, we continue trying to write
   any pending output until getting EAGAIN from write.
 - Once write returns EAGAIN, we modify the epoll event
   mask to also look for EPOLLOUT

* src/lxc/lxc_controller.c: Avoid stalled I/O upon
  connected to an LXC console
2012-01-12 20:42:52 +00:00
Daniel P. Berrange
69f0b446a8 Allow 10 chars for domain IDs & 30 chars for names in virsh list
Domain IDs are at least 16 bits for most hypervisors, theoretically
event 32-bits.  3 characters is clearly too small an alignment.
Increase alignment to 5 characters to allow 16-bit domain IDs to
display cleanly. Commonly seen with LXC where domain IDs are the
process IDs by default.  Also increase the 'name' field from 20
to 30 characters to cope with longer guest names which are quite
common
2012-01-12 17:13:46 +00:00
Michal Privoznik
833b901cb7 stream: Check for stream EOF
If client stream does not have any data to sink and neither received
EOF, a dummy packet is sent to the daemon signalising client is ready to
sink some data. However, after we added event loop to client a race may
occur:

Thread 1 calls virNetClientStreamRecvPacket and since no data are cached
nor stream has EOF, it decides to send dummy packet to server which will
sent some data in turn. However, during this decision and actual message
exchange with server -

Thread 2 receives last stream data from server. Therefore an EOF is set
on stream and if there is a call waiting (which is not yet) it is woken
up. However, Thread 1 haven't sent anything so far, so there is no call
to be woken up. So this thread sent dummy packet to daemon, which
ignores that as no stream is associated with such packet and therefore
no reply will ever come.

This race causes client to hang indefinitely.
2012-01-12 12:02:40 +01:00
Osier Yang
74e701f8e5 virsh: New command print summary of all virtual interfaces
Just like command "domblklist", the command extracts "type",
"source", "target", "model", and "MAC" of all virtual interfaces
from domain XML (live or persistent).
2012-01-12 17:42:02 +08:00
Deepak C Shetty
99fbb3866c Do not generate security_model when fs driver is anything but 'path'
QEMU does not support security_model for anything but 'path' fs driver type.
Currently in libvirt, when security_model ( accessmode attribute) is not
specified it auto-generates it irrespective of the fs driver type, which
can result in a qemu error for drivers other than path. This patch ensures
that the qemu cmdline is correctly generated by taking into account the
fs driver type.

Signed-off-by: Deepak C Shetty <deepakcs@linux.vnet.ibm.com>
2012-01-11 13:48:52 -07:00
Shradha Shah
52d064f42d Added new option to virsh net-dumpxml called --inactive
The above option helps to differentiate between implicit and explicit
interface pools.
2012-01-11 13:15:09 -07:00
Shradha Shah
42c81d18c2 Functionality to implicitly get interface pool from SR-IOV PF.
If a system has 64 or more VF's, it is quite tedious to mention each VF
in the interface pool.
The following modification will implicitly create an interface pool from
the SR-IOV PF.
2012-01-11 13:14:12 -07:00
Shradha Shah
b01b53de3f Adding the element pf to network xml.
This element will help the user to just specify the SR-IOV physical
function in order to access all the Virtual functions attached to it.
2012-01-11 13:10:21 -07:00
Shradha Shah
3a0c717b9e Added Function virNetDevGetVirtualFunctions
This functions enables us to get the Virtual Functions attached to
a Physical function given the name of a SR-IOV physical functio.

In order to accomplish the task, added a getter function pciGetDeviceAddrString
to get the BDF of the Virtual Function in a char array.
2012-01-11 13:01:16 -07:00
Shradha Shah
f19338c66c Added function pciSysfsFile to enable access to the PCI SYSFS files. 2012-01-11 13:01:16 -07:00
Daniel P. Berrange
ba61012cfc Disable netcf if building without libvirtd
Although the netcf interface driver can in theory be used by
the stateless drivers, in practice none of them want to use
it because they have different ways of dealing with interfaces.

Furthermore, if you have mingw32-netcf installed, then the
libvirt mingw32 build will fail with

  ../../src/interface/netcf_driver.c:644:5: error: unknown field 'close_used_without_including_unistd_h' specified in initializer

 * configure.ac: disable netcf if built without libvirtd
2012-01-11 15:01:54 +00:00
Eric Blake
90cd148027 build: fix build on mingw with netcf available
The autobuilder pointed out an odd failure on mingw:
../../src/interface/netcf_driver.c:644:5: error: unknown field 'close_used_without_including_unistd_h' specified in initializer
cc1: warnings being treated as errors

This is because the gnulib headers #define close to different strings,
according to which headers are included, in order to work around some
odd mingw problems with close(), and these defines happen to also
affect field members declared with a name of struct foo.close. As long
as all headers are included before both the definition and use of the
struct, the various #define doesn't matter, but the netcf file hit
an instance where things were included in a different order.  Fix this
for all clients that use a struct member named 'close'.

* src/driver.h: Include <unistd.h> before using 'close'.
2012-01-11 07:54:10 -07:00
Eric Blake
18262b5587 build: avoid spurious compiler warning
For some weird reason, i686-pc-mingw32-gcc version 4.6.1 at -O2 complained:
../../src/conf/nwfilter_params.c: In function 'virNWFilterVarCombIterCreate':
../../src/conf/nwfilter_params.c:346:23: error: 'minValue' may be used uninitialized in this function [-Werror=uninitialized]
../../src/conf/nwfilter_params.c:319:28: note: 'minValue' was declared here
../../src/conf/nwfilter_params.c:344:23: error: 'maxValue' may be used uninitialized in this function [-Werror=uninitialized]
../../src/conf/nwfilter_params.c:319:18: note: 'maxValue' was declared here
cc1: all warnings being treated as errors

even though all paths of the preceding switch statement either
assign the variables or return.

* src/conf/nwfilter_params.c (virNWFilterVarCombIterAddVariable):
Initialize variables.
2012-01-11 06:32:52 -07:00
Stefan Berger
a20cc3cc4f Add documentation new ways to access members of variables
This patch adds documentation about the new 'ways' that users can
access the contents of variables in filters:

- access via index: $TEST[2]
- access via iterators $TEST[@1]
2012-01-11 06:42:37 -05:00
Stefan Berger
0c42e1d9aa Add test cases for new ways to access variables in filters
This patch adds a couple of XML parser / schema validator test cases
for the new 'ways' to access variables via index or iterator.
2012-01-11 06:42:37 -05:00
Stefan Berger
64484d550d Address side effects of accessing vars via index
Address side effect of accessing a variable via an index: Filters
accessing a variable where an element is accessed that is beyond the
size of the list (for example $TEST[10] and only 2 elements are available)
cannot instantiate that filter. Test for this and report proper error
to user.
2012-01-11 06:42:37 -05:00
Stefan Berger
caa6223a9b Add access to elements of variables via index
This patch adds access to single elements of variables via index. Example:

  <rule action='accept' direction='in' priority='500'>
    <tcp srcipaddr='$ADDR[1]' srcportstart='$B[2]'/>
  </rule>
2012-01-11 06:42:37 -05:00
Stefan Berger
80e9a5cd4c Introduce possibility to have an iterator per variable
This patch introduces the capability to use a different iterator per
variable.

The currently supported notation of variables in a filtering rule like

  <rule action='accept' direction='out'>
     <tcp  srcipaddr='$A' srcportstart='$B'/>
  </rule>

processes the two lists 'A' and 'B' in parallel. This means that A and B
must have the same number of 'N' elements and that 'N' rules will be 
instantiated (assuming all tuples from A and B are unique).

In this patch we now introduce the assignment of variables to different
iterators. Therefore a rule like

  <rule action='accept' direction='out'>
     <tcp  srcipaddr='$A[@1]' srcportstart='$B[@2]'/>
  </rule>

will now create every combination of elements in A with elements in B since
A has been assigned to an iterator with Id '1' and B has been assigned to an
iterator with Id '2', thus processing their value independently.

The first rule has an equivalent notation of

  <rule action='accept' direction='out'>
     <tcp  srcipaddr='$A[@0]' srcportstart='$B[@0]'/>
  </rule>
2012-01-11 06:42:37 -05:00
Stefan Berger
134c56764f Optimize the elements the iterator visits.
In this patch we introduce testing whether the iterator points to a
unique set of entries that have not been seen before at one of the previous
iterations. The point is to eliminate duplicates and with that unnecessary
filtering rules by preventing identical filtering rules from being
instantiated.
Example with two lists:

list1 = [1,2,1]
list2 = [1,3,1]

The 1st iteration would take the 1st items of each list -> 1,1
The 2nd iteration would take the 2nd items of each list -> 2,3
The 3rd iteration would take the 3rd items of each list -> 1,1 but
skip them since this same pair has already been encountered in the 1st
iteration

Implementation-wise this is solved by taking the n-th element of list1 and
comparing it against elements 1..n-1. If no equivalent is found, then there
is no possibility of this being a duplicate. In case an equivalent element
is found at position i, then the n-th element in the 2nd list is compared
against the i-th element in the 2nd list and if that is not the same, then
this is a unique pair, otherwise it is not unique and we may need to do
the same comparison on the 3rd list.
2012-01-11 06:42:37 -05:00
Jiri Denemark
d82ef7c39d apparmor: Mark pid parameter as unused 2012-01-11 12:27:47 +01:00
Alex Jia
c41a21de3a virsh: improve doMigrate function docs
When running virsh migrate with --xml option and actual xml file doesn't
exist, virsh hasn't output any error information, although return value
is 1.

* tools/virsh.c: Raising a appropriate error information when operation fails.

* How to reproduce?
% virsh migrate <domain> --live qemu+ssh://<target host>/system --xml non-existent.xml
% echo $?

* Fixed result:
error: file 'non-existent.xml' doesn't exist

Signed-off-by: Alex Jia <ajia@redhat.com>
2012-01-11 11:50:33 +01:00
Daniel P. Berrange
99be754ada Change security driver APIs to use virDomainDefPtr instead of virDomainObjPtr
When sVirt is integrated with the LXC driver, it will be neccessary
to invoke the security driver APIs using only a virDomainDefPtr
since the lxc_container.c code has no virDomainObjPtr available.
Aside from two functions which want obj->pid, every bit of the
security driver code only touches obj->def. So we don't need to
pass a virDomainObjPtr into the security drivers, a virDomainDefPtr
is sufficient. Two functions also gain a 'pid_t pid' argument.

* src/qemu/qemu_driver.c, src/qemu/qemu_hotplug.c,
  src/qemu/qemu_migration.c, src/qemu/qemu_process.c,
  src/security/security_apparmor.c,
  src/security/security_dac.c,
  src/security/security_driver.h,
  src/security/security_manager.c,
  src/security/security_manager.h,
  src/security/security_nop.c,
  src/security/security_selinux.c,
  src/security/security_stack.c: Change all security APIs to use a
  virDomainDefPtr instead of virDomainObjPtr
2012-01-11 09:52:18 +00:00
Eric Blake
4e9953a426 snapshot: allow reuse of existing files in disk snapshot
When disk snapshots were first implemented, libvirt blindly refused
to allow an external snapshot destination that already exists, since
qemu will blindly overwrite the contents of that file during the
snapshot_blkdev monitor command, and we don't like a default of
data loss by default.  But VDSM has a scenario where NFS permissions
are intentionally set so that the destination file can only be
created by the management machine, and not the machine where the
guest is running, so that libvirt will necessarily see the destination
file already existing; adding a flag will allow VDSM to force the file
reuse without libvirt complaining of possible data loss.

https://bugzilla.redhat.com/show_bug.cgi?id=767104

* include/libvirt/libvirt.h.in (virDomainSnapshotCreateFlags): Add
VIR_DOMAIN_SNAPSHOT_CREATE_REUSE_EXT.
* src/libvirt.c (virDomainSnapshotCreateXML): Document it.  Add
note about partial failure.
* tools/virsh.c (cmdSnapshotCreate, cmdSnapshotCreateAs): Add new
flag.
* tools/virsh.pod (snapshot-create, snapshot-create-as): Document
it.
* src/qemu/qemu_driver.c (qemuDomainSnapshotDiskPrepare)
(qemuDomainSnapshotCreateXML): Implement the new flag.
2012-01-10 11:53:23 -07:00
Eric Blake
529e4a5006 docs: standardize description of flags
We had loads of different styles in describing the @flags parameter
for various APIs, as well as several APIs that didn't list which
enums provided the bit values valid for the flags.

The end result is one of two formats:
@flags: bitwise-OR of vir...Flags
@flags: extra flags; not used yet, so callers should always pass 0

* src/libvirt.c: Use common sentences for flags.  Also,
(virDomainGetBlockIoTune): Mention virTypedParameterFlags.
(virConnectOpenAuth): Mention virConnectFlags.
(virDomainMigrate, virDomainMigrate2, virDomainMigrateToURI)
(virDomainMigrateToURI2): Mention virDomainMigrateFlags.
(virDomainMemoryPeek): Mention virDomainMemoryFlags.
(virStoragePoolBuild): Mention virStoragePoolBuildFlags.
(virStoragePoolDelete): Mention virStoragePoolDeleteFlags.
(virStreamNew): Mention virStreamFlags.
(virDomainOpenGraphics): Mention virDomainOpenGraphicsFlags.
2012-01-10 11:49:54 -07:00
Laine Stump
32f63e912d qemu: check for kvm availability before starting kvm guests
This *kind of* addresses:

  https://bugzilla.redhat.com/show_bug.cgi?id=772395

(it doesn't eliminate the failure to start, but causes libvirt to give
a better idea about the cause of the failure).

If a guest uses a kvm emulator (e.g. /usr/bin/qemu-kvm) and the guest
is started when kvm isn't available (either because virtualization is
unavailable / has been disabled in the BIOS, or the kvm modules
haven't been loaded for some reason), a semi-cryptic error message is
logged:

  libvirtError: internal error Child process (LC_ALL=C
  PATH=/sbin:/usr/sbin:/bin:/usr/bin /usr/bin/qemu-kvm -device ? -device
  pci-assign,? -device virtio-blk-pci,? -device virtio-net-pci,?) status
  unexpected: exit status 1

This patch notices at process start that a guest needs kvm, and checks
for the presence of /dev/kvm (a reasonable indicator that kvm is
available) before trying to execute the qemu binary. If kvm isn't
available, a more useful (too verbose??) error is logged.
2012-01-10 13:42:59 -05:00
Alex Jia
d8d9b0e058 qemu: fix a typo on qemuDomainSetBlkioParameters
It should be a copy-paste error, the result is programming will result in an
infinite loop again due to without iterating 'j' variable.

* src/qemu/qemu_driver.c: fix a typo on qemuDomainSetBlkioParameters.

RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=770520

Signed-off-by: Alex Jia <ajia@redhat.com>
2012-01-10 11:41:27 +01:00
Michal Privoznik
cb0af106de Docs: Document Android application using libvirt
This is actually a patch for VM Manager for Android.

https://www.redhat.com/archives/libvirt-users/2011-November/msg00076.html
2012-01-10 09:47:47 +01:00
Jim Fehlig
9ae4ac7ac0 PolicyKit: Check auth before asking client to obtain it
I previously mentioned [1] a PolicyKit issue where libvirt would
proceed with authentication even though polkit-auth failed:

testusr xen134:~> virsh list --all
Attempting to obtain authorization for org.libvirt.unix.manage.
polkit-grant-helper: given auth type (8 -> yes) is bogus
Failed to obtain authorization for org.libvirt.unix.manage.
 Id Name                 State
----------------------------------
  0 Domain-0             running
  - sles11sp1-pv         shut off

AFAICT, libvirt attempts to obtain a privilege it already has,
causing polkit-auth to fail with above message.  Instead of calling
obtain and then checking auth, IMO the workflow should be for the
server to check auth first, and if that fails ask the client to
obtain it and check again.  This workflow also allows for checking
only successful exit of polkit-auth in virConnectAuthGainPolkit().

[1] https://www.redhat.com/archives/libvir-list/2011-December/msg00837.html
2012-01-09 11:23:13 -07:00
Laine Stump
177db08775 qemu: add new disk device='lun' for bus='virtio' & type='block'
In the past, generic SCSI commands issued from a guest to a virtio
disk were always passed through to the underlying disk by qemu, and
the kernel would also pass them on.

As a result of CVE-2011-4127 (see:
http://seclists.org/oss-sec/2011/q4/536), qemu now honors its
scsi=on|off device option for virtio-blk-pci (which enables/disables
passthrough of generic SCSI commands), and the kernel will only allow
the commands for physical devices (not for partitions or logical
volumes). The default behavior of qemu is still to allow sending
generic SCSI commands to physical disks that are presented to a guest
as virtio-blk-pci devices, but libvirt prefers to disable those
commands in the standard virtio block devices, enabling it only when
specifically requested (hopefully indicating that the requester
understands what they're asking for). For this purpose, a new libvirt
disk device type (device='lun') has been created.

device='lun' is identical to the default device='disk', except that:

1) It is only allowed if bus='virtio', type='block', and the qemu
   version is "new enough" to support it ("new enough" == qemu 0.11 or
   better), otherwise the domain will fail to start and a
   CONFIG_UNSUPPORTED error will be logged).

2) The option "scsi=on" will be added to the -device arg to allow
   SG_IO commands (if device !='lun', "scsi=off" will be added to the
   -device arg so that SG_IO commands are specifically forbidden).

Guests which continue to use disk device='disk' (the default) will no
longer be able to use SG_IO commands on the disk; those that have
their disk device changed to device='lun' will still be able to use SG_IO
commands.

*docs/formatdomain.html.in - document the new device attribute value.
*docs/schemas/domaincommon.rng - allow it in the RNG
*tests/* - update the args of several existing tests to add scsi=off, and
 add one new test that will test scsi=on.
*src/conf/domain_conf.c - update domain XML parser and formatter

*src/qemu/qemu_(command|driver|hotplug).c - treat
 VIR_DOMAIN_DISK_DEVICE_LUN *almost* identically to
 VIR_DOMAIN_DISK_DEVICE_DISK, except as indicated above.

Note that no support for this new device value was added to any
hypervisor drivers other than qemu, because it's unclear what it might
mean (if anything) to those drivers.
2012-01-09 10:55:53 -05:00
Laine Stump
e8daeeb136 qemu: add capabilities flags related to SG_IO
This patch adds two capabilities flags to deal with various aspects
of supporting SG_IO commands on virtio-blk-pci devices:

  QEMU_CAPS_VIRTIO_BLK_SCSI
    set if -device virtio-blk-pci accepts the scsi="on|off" option
    When present, this is on by default, but can be set to off to disable
    SG_IO functions.

  QEMU_CAPS_VIRTIO_BLK_SG_IO
    set if SG_IO commands are supported in the virtio-blk-pci driver
    (present since qemu 0.11 according to a qemu developer, if I
     understood correctly)
2012-01-09 10:55:44 -05:00
Laine Stump
1734cdb995 config: report error when script given for inappropriate interface type
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=638633

Although scripts are not used by interfaces of type other than
"ethernet" in qemu, due to the fact that the parser stores the script
name in a union that is only valid when type is ethernet or bridge,
there is no way for anyone except the parser itself to catch the
problem of specifying an interface script for an inappropriate
interface type (by the time the parsed data gets back to the code that
called the parser, all evidence that a script was specified is
forgotten).

Since the parser itself should be agnostic to which type of interface
allows scripts (an example of why: a script specified for an interface
of type bridge is valid for xen domains, but not for qemu domains),
the solution here is to move the script out of the union(s) in the
DomainNetDef, always populate it when specified (regardless of
interface type), and let the driver decide whether or not it is
appropriate.

Currently the qemu, xen, libxml, and uml drivers recognize the script
parameter and do something with it (the uml driver only to report that
it isn't supported). Those drivers have been updated to log a
CONFIG_UNSUPPORTED error when a script is specified for an interface
type that's inappropriate for that particular hypervisor.

(NB: There was earlier discussion of solving this problem by adding a
VALIDATE flag to all libvirt APIs that accept XML, which would cause
the XML to be validated against the RNG files. One statement during
that discussion was that the RNG shouldn't contain hypervisor-specific
things, though, and a proper solution to this problem would require
that (again, because a script for an interface of type "bridge" is
accepted by xen, but not by qemu).
2012-01-08 10:52:24 -05:00
Eric Blake
13a776ca0d qemu: one more client to live/config helper
Commit ae523427 missed one pair of functions that could use
the helper routine.

* src/qemu/qemu_driver.c (qemuSetSchedulerParametersFlags)
(qemuGetSchedulerParametersFlags): Simplify.
2012-01-07 05:08:01 -07:00
Daniel Veillard
2f667b5697 Release of libvirt-0.9.9
* configure.ac docs/news.html.in libvirt.spec.in: update for the release
* po/*.po*: updated localizations from transifex and regenerated
2012-01-07 12:18:06 +08:00
Eric Blake
cf6d36257b tests: work around pdwtags 1.9 failure
On rawhide, gcc is new enough to output new DWARF information that
pdwtags has not yet learned, but the resulting 'make check' output
was rather confusing:

$ make -C src check
...
  GEN    virkeepaliveprotocol-structs
die__process_function: DW_TAG_INVALID (0x4109) @ <0x58c> not handled!
WARNING: your pdwtags program is too old
WARNING: skipping the virkeepaliveprotocol-structs test
WARNING: install dwarves-1.3 or newer
...
$ pdwtags --version
v1.9

I've filed the pdwtags deficiency as
https://bugzilla.redhat.com/show_bug.cgi?id=772358

* src/Makefile.am (PDWTAGS): Don't leave -t file behind on version
mismatch.  Soften warning message, since 1.9 is newer than 1.3.
Don't leak stderr from broken version.
2012-01-07 12:02:54 +08:00
Eric Blake
03ea567327 build: fix mingw virCommand build
Commit db371a2 mistakenly added new functions inside a #ifndef WIN32
guard, even though they are needed on all platforms.

* src/util/command.c (virCommandFDSet): Move outside WIN32
conditional.
2012-01-06 17:34:05 -07:00
Eric Blake
74ff57506c tests: avoid test failure on rawhide gnutls
I hit a VERY weird testsuite failure on rawhide, which included
_binary_ output to stderr, followed by a hang waiting for me
to type something! (Here, using ^@ for NUL):

$ ./commandtest
TEST: commandtest
      WARNING: gnome-keyring:: couldn't send data: Bad file descriptor
.WARNING: gnome-keyring:: couldn't send data: Bad file descriptor
.WARNING: gnome-keyring:: couldn't send data: Bad file descriptor
WARNING: gnome-keyring:: couldn't send data: Bad file descriptor
.8^@^@^@8^@^@^@^A^@^@^@^Bay^A^@^@^@)PRIVATE-GNOME-KEYRING-PKCS11-PROTOCOL-V-1

I finally traced it to the fact that gnome-keyring, called via
gnutls_global_init which is turn called by virNetTLSInit, opens
an internal fd that it expects to communicate to via a
pthread_atfork handler (never mind that it violates POSIX by
using non-async-signal-safe functions in that handler:
https://bugzilla.redhat.com/show_bug.cgi?id=772320).

Our problem stems from the fact that we pulled the rug out from
under the library's expectations by closing an fd that it had
just opened.  While we aren't responsible for fixing the bugs
in that pthread_atfork handler, we can at least avoid the bugs
by not closing the fd in the first place.

* tests/commandtest.c (mymain): Avoid closing fds that were opened
by virInitialize.
2012-01-06 14:24:32 -07:00
Alex Jia
b41d440e61 qemu: Avoid memory leaks on qemuParseRBDString
Detected by valgrind. Leak introduced in commit 5745dc1.

* src/qemu/qemu_command.c: fix memory leak on failure and successful path.

* How to reproduce?
% valgrind -v --leak-check=full ./qemuargv2xmltest

* Actual result:

==2196== 80 bytes in 1 blocks are definitely lost in loss record 3 of 4
==2196==    at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==2196==    by 0x39CF07F6E1: strdup (in /lib64/libc-2.12.so)
==2196==    by 0x419823: qemuParseRBDString (qemu_command.c:1657)
==2196==    by 0x4221ED: qemuParseCommandLine (qemu_command.c:5934)
==2196==    by 0x422AFB: qemuParseCommandLineString (qemu_command.c:7561)
==2196==    by 0x416864: testCompareXMLToArgvHelper (qemuargv2xmltest.c:48)
==2196==    by 0x417DB1: virtTestRun (testutils.c:141)
==2196==    by 0x415CAF: mymain (qemuargv2xmltest.c:175)
==2196==    by 0x4174A7: virtTestMain (testutils.c:696)
==2196==    by 0x39CF01ECDC: (below main) (in /lib64/libc-2.12.so)
==2196==
==2196== LEAK SUMMARY:
==2196==    definitely lost: 80 bytes in 1 blocks

Signed-off-by: Alex Jia <ajia@redhat.com>
2012-01-06 14:51:26 +08:00
Eric Blake
307f363509 build: drop check for ANSI compiler
Using automake.git (will become 1.12 someday), I got this error:

configure.ac:90: error: automatic de-ANSI-fication support has been removed
/usr/local/share/aclocal-1.11a/protos.m4:13: AM_C_PROTOTYPES is expanded from...
configure.ac:90: the top level
autom4te: /usr/bin/m4 failed with exit status: 1

In short, pre-C89 compilers are no longer a viable portability
target.  Besides, our code base already requires C99, so worrying
about pre-C89 seems pointless.

* configure.ac (AM_C_PROTOTYPES): Drop, since newer automake no
longer provides it.
2012-01-05 14:21:11 -07:00
Hu Tao
6b780f744b qemu: fix a bug in numatune
When setting numa nodeset for a domain which has no nodeset set
before, libvirtd crashes by dereferencing the pointer to the old
nodemask which is null in that case.
2012-01-05 13:04:02 -07:00
Eric Blake
820a2159e9 qemu: fix use-after-free regression
Commit baade4d fixed a memory leak on failure, but in the process,
introduced a use-after-free on success, which can be triggered with:

1. set bandwidth with --live
2. query bandwidth
3. set bandwidth with --live

* src/qemu/qemu_driver.c (qemuDomainSetInterfaceParameters): Don't
free newBandwidth on success.
Reported by Hu Tao.
2012-01-05 10:21:34 -07:00
Eric Blake
302fe95ffa seclabel: fix regression in libvirtd restart
Commit b434329 has a logic bug: seclabel overrides don't set
def->type, but the default value is 0 (aka static).  Restarting
libvirtd would thus reject the XML for any domain with an
override of <seclabel relabel='no'/> (which happens quite
easily if a disk image lives on NFS), with a message:

2012-01-04 22:29:40.949+0000: 6769: error : virSecurityLabelDefParseXMLHelper:2593 : XML error: security label is missing

Fix the logic to never read from an override's def->type, and
to allow a missing <label> subelement when relabel is no.  There's
a lot of stupid double-negatives in the code (!norelabel) because
of the way that we want the zero-initialized defaults to behave.

* src/conf/domain_conf.c (virSecurityLabelDefParseXMLHelper): Use
type field from correct location.
2012-01-05 17:05:02 +08:00
Michal Privoznik
db371a217d command: Discard FD_SETSIZE limit for opened files
Currently, virCommand implementation uses FD_ macros from
sys/select.h. However, those cannot handle more opened files
than FD_SETSIZE. Therefore switch to generalized implementation
based on array of integers.
2012-01-05 09:50:07 +01:00
Jim Fehlig
49d8c8bc0c Support Xen domctl v8
xen-unstable c/s 23874:651aed73b39c added another member to
xen_domctl_getdomaininfo struct and bumped domctl version to 8.
Add a corresponding domctl v8 struct in xen hypervisor sub-driver
and detect domctl v8 during initialization.
2012-01-04 10:17:01 -07:00
Jim Fehlig
beeea90a37 Fix xenstore serial console path for HVM guests
The console path in xenstore is /local/domain/<id>/console/tty
for PV guests (PV console) and /local/domain/<id>/serial/0/tty
(serial console) for HVM guests.  Similar to Xen's in-tree console
client, read the correct path for PV vs HVM.
2012-01-04 10:15:13 -07:00