Commit Graph

8177 Commits

Author SHA1 Message Date
Eric Blake
98369d314b virsh: add snapshot-parent
Down the road, I want to add virDomainSnapshotGetParent, and use
the new API rather than xml scraping; but this virsh command can
be implemented even without the new API.

* tools/virsh.c (cmdSnapshotParent): New command.
* tools/virsh.pod (snapshot-parent): Document it.
2011-08-11 13:18:24 -06:00
Eric Blake
398ce48d5c qemu: silence clang false positive
Our logic throws off analyzer tools:

ptr var = NULL;
if (flags == 0) flags = live ? _LIVE : _CONFIG;
if (flags & _LIVE) do stuff
if (flags & _CONFIG) var = non-null;
if (flags & _LIVE) do more stuff
else if (flags & _CONFIG) use var

the tools keep thinking that var can still be NULL in the last
if clause, adding the hint shuts them up.

* src/qemu/qemu_driver.c (qemuDomainSetBlkioParameters): Add a
static analysis hint.
2011-08-11 13:04:25 -06:00
Laine Stump
4a6ffae3b6 network: eliminate potential memory leak on parse failure
While the first encountered dns host record is being parsed, it's
possible for virNetworkDef::hosts to point to memory that has been
allocated, but virNetworkDef::nhosts to still be 0. If there is a
failure during that time, virNetworkDef::hosts will be leaked.

Although this isn't currently the case for virNetworkDef::txtrecords,
it could become that way through future re-factoring, and it hurts
nothing to restructure the freeing of txtrecord data to match that of
hosts data.
2011-08-11 14:39:22 -04:00
Stefan Berger
762101c7af nwfilter: tolerate disappearing interfaces while instantiating filter
When instantiating a filter, a VM may disappear and remove its tap interfaces. Tolerate this case and don't report an error.
2011-08-11 06:56:50 -04:00
Cole Robinson
d30d572650 qemu: Fix -chardev udp if parameters are omitted
The following XML:

    <serial type='udp'>
      <source mode='connect' service='9999'/>
    </serial>

is accepted by domain_conf.c but maps to the qemu command line:

-chardev udp,host=127.0.0.1,port=2222,localaddr=(null),localport=(null)

qemu can cope with everything omitting except the connection port, which
seems to also be the intent of domain_conf validation, so let's not
generate bogus command lines for that case.
The defaults are empty strings for addresses and 0 for the localport

Additionally, tweak the qemu cli parsing to handle omitted host
parameters
for -serial udp
2011-08-11 15:19:51 +08:00
Laine Stump
e6d5d6105c docs: use IPv6 addresses in range reserved for documentation
Someone in an IRC channel or an email pointed out a few days ago that
the examples of IPv6 addresses in the libvirt documentation were not
in the officially reserved "documentation" range. This addresses their
concern.
2011-08-11 00:21:33 -04:00
Eric Blake
23b4a3f95b virsh: add virsh snapshot-current --name
Sometimes, full XML is too much; since most snapshot commands
operate on a snapshot name, there should be an easy way to get
at the current snapshot's name.  For example:

virsh snapshot-revert dom `virsh snapshot-current dom --name`

* tools/virsh.c (cmdSnapshotCurrent): Add an option.
* tools/virsh.pod (snapshot-current): Document it.
2011-08-10 21:59:56 -06:00
Eric Blake
6927887829 virsh: fix snapshot-create-as to handle arbitrary names
Found this working on the next patch to use xpath to parse
arbitrary names back out.

* tools/virsh.c (cmdSnapshotCreateAs): Escape user input.
2011-08-10 21:54:20 -06:00
Eric Blake
0de75e855b managedsave: prohibit use on transient domains
Transient domains reject attempts to set autostart, and using
virDomainCreate to restart a domain only works on persistent
domains.  Therefore, managed save makes no sense on transient
domains, and should be rejected up front rather than creating
an otherwise unrecoverable managed save file.

Besides, transient domains imply that a lot more management is
being done by the upper layer; this includes the assumption
that the upper layer is okay managing the saved state file
created by virDomainSave, and does not need to use managed save.

* src/libvirt.c: Document that transient domains are incompatible
with managed save.
* src/qemu/qemu_driver.c (qemuDomainManagedSave): Enforce it.
* src/libxl/libxl_driver.c (libxlDomainManagedSave): Likewise.
2011-08-10 21:50:02 -06:00
Laine Stump
073ef15c87 docs: describe new virtual switch configuration in network XML docs
This should have been done with the rest of the patch for virtual
switch / network device abstraction. If documents the new elements
(and new usage of existing elements) in the <network> XML to support
libvirt networks that use existing host bridges and macvtap direct
connections, as well as the new <portgroup> element.
2011-08-10 12:12:17 -04:00
Juerg Haefliger
ed009313b1 Bugfix: Check stdoutWatch before removing the handler. 2011-08-10 09:23:44 -06:00
Eric Blake
cdbb27e3bb qemu: minor formatting cleanup
I noticed some inconsistent use of 'else'.

* src/qemu/qemu_driver.c (qemuCPUCompare)
(qemuDomainSnapshotCreateXML, qemuDomainRevertToSnapshot)
(qemuDomainSnapshotDiscard): Match coding conventions.
2011-08-10 09:21:56 -06:00
Philipp Hahn
839a5295ef Fix memory leak while scanning snapshots
If a snapshot with the name already exists, virDomainSnapshotAssignDef()
just returns NULL, in which case the snapshot definition is leaked.
Currently this leak is not a big problem, since qemuDomainSnapshotLoad()
is only called once during initial startup of libvirtd.

Signed-off-by: Philipp Hahn <hahn@univention.de>
2011-08-09 10:13:33 -06:00
Eric Blake
e6cdb431bd build: fix regression in large file support
* .gnulib: Update to latest, for largefile fix.
2011-08-08 09:59:52 -06:00
Daniel P. Berrange
5f5c6fde00 Allow use of file images for LXC container filesystems
A previous commit gave the LXC driver the ability to mount
block devices for the container filesystem. Through use of
the loopback device functionality, we can build on this to
support use of plain file images for LXC filesytems.

By setting the LO_FLAGS_AUTOCLEAR flag we can ensure that
the loop device automatically disappears when the container
dies / shuts down

* src/lxc/lxc_container.c: Raise error if we see a file
  based filesystem, since it should have been turned into
  a loopback device already
* src/lxc/lxc_controller.c: Rewrite any filesystems of
  type=file, into type=block, by binding the file image
  to a free loop device
2011-08-08 11:38:09 +01:00
Daniel P. Berrange
8c7477c481 Fix typo in LXC cgroups setup error message
* src/lxc/lxc_controller.c: s/PYT/PTY/
2011-08-08 11:38:09 +01:00
Daniel P. Berrange
77791dc0e1 Allow use of block devices for guest filesystem
Currently the LXC driver can only populate filesystems from
host filesystems, using bind mounts. This patch allows host
block devices to be mounted. It autodetects the filesystem
format at mount time, and adds the block device to the cgroups
ACL. Example usage is

    <filesystem type='block' accessmode='passthrough'>
      <source dev='/dev/sda1'/>
      <target dir='/home'/>
    </filesystem>

* src/lxc/lxc_container.c: Mount block device filesystems
* src/lxc/lxc_controller.c: Add block device filesystems
  to cgroups ACL
2011-08-08 11:38:05 +01:00
Daniel P. Berrange
b6bd2d3466 Don't mount /dev for application containers
An application container shouldn't get a private /dev. Fix
the regression from 6d37888e6a

* src/lxc/lxc_container.c: Don't mount /dev for app containers
2011-08-08 11:24:35 +01:00
Jiri Denemark
63e4af45f2 qemu: Avoid overwriting errors from virGetHostname 2011-08-05 18:36:14 +02:00
Eric Blake
5ef1b6c54a qemu: avoid crash on process attach
Detected by ccc-analyzer, reported by Alex Jia.

qemuProcessStart always calls qemuProcessWaitForMonitor with a
non-negative position, but qemuProcessAttach always calls with -1.
In the latter case, there is no log file we can scrape, so we
also should not be trying to scrape the logs if the qemu process
died at the very end.

* src/qemu/qemu_process.c (qemuProcessWaitForMonitor): Don't try
to read from log in qemuProcessAttach case.
2011-08-04 14:18:14 -06:00
Laine Stump
3aa84653d1 network: eliminate lag in updating dnsmasq hosts files
This addresses https://bugzilla.redhat.com/show_bug.cgi?id=713728

When "defining" a new network (or one that exists but isn't currently
active) the new definition is stored in network->def, but for a
network that already exists and is active, the new definition is
stored in network->newDef, and then moved over to network->def as soon
as the network is destroyed.

However, the code that writes the dhcp and dns hosts files used by
dnsmasq was always using network->def for its information, even when
the new data was actually in network->newDef, so the hosts files
always lagged one edit behind the definition.

This patch changes the code to keep the pointer to the new definition
after it's been assigned into the network, and use it directly
(regardless of whether it's stored in network->newDef or network->def)
to construct the hosts files.
2011-08-04 13:25:51 -04:00
Alex Jia
2c4d7b5fa4 qemu: avoid dead store in qemuMonitorTextBlockJob
Value stored to 'ret' is never read, so remove this dead assignment.

* src/qemu/qemu_monitor_text.c: kill dead assignment.

Signed-off-by: Alex Jia <ajia@redhat.com>
2011-08-04 08:09:31 -06:00
Alex Jia
2280447962 qemu: avoid dead store in qemuProcessStart
Value stored to 'ret' is never read, in fact, 'cleanup' section will
directly return -1 when function is fail, so remove this dead assignment.

* src/qemu/qemu_process.c: kill dead assignment.

Signed-off-by: Alex Jia <ajia@redhat.com>
2011-08-04 08:02:31 -06:00
Guannan Ren
8329c56e3a rpc:fix sasl session relocking intead of unlocking it
When trying to use any SASL authentication for TCP sockets by
setting auth_tls = "sasl" in libvirtd.conf on server side, the
client will hang because of the sasl session relocking other than
dropping the lock when exiting virNetSASLSessionExtKeySize()
* src/rpc/virnetsaslcontext.c: virNetSASLSessionExtKeySize drop the
  lock on exit
2011-08-04 21:27:52 +08:00
Osier Yang
ae0dcbc413 daemon: Unlink unix socket paths on shutdown
This patch introduces a internal RPC API "virNetServerClose", which
is standalone with "virNetServerFree".  it closes all the socket fds,
and unlinks the unix socket paths, regardless of whether the socket
is still referenced or not.

This is to address regression bug:
https://bugzilla.redhat.com/show_bug.cgi?id=725702
2011-08-04 16:54:58 +08:00
Eric Blake
02eab9cefd build: update to latest gnulib
I noticed that with 0.9.4, gnulib ended up replacing pthread_sigmask
on glibc, even though glibc's works perfectly fine.  It turns out
to have been an upstream gnulib bug.

* .gnulib: Update to latest, for pthread_sigmask fix.
2011-08-03 13:35:17 -06:00
Matthias Bolte
099d30a825 Fix detection of GnuTLS 1.x.y
Detection based on gnutls_session doesn't work because GnuTLS 2.x.y
comes with a compat.h that defines gnutls_session to gnutls_session_t.

Instead detect this based on LIBGNUTLS_VERSION_MAJOR. Move this from
configure/config.h to gnutls_1_0_compat.h and make sure that all users
include gnutls_1_0_compat.h properly.

Also fix header guard in gnutls_1_0_compat.h.
2011-08-03 19:22:29 +02:00
Daniel Veillard
14c2ca3db9 Release of libvirt-0.9.4
* configure.ac docs/news.html.in libvirt.spec.in: updates for new
  release
* po/*.po*: pulled translations from the transifex teams and regenerated
  localizations
2011-08-03 11:02:42 +08:00
Eric Blake
f768b4c3e9 qemu: silence coverity false positives
Coverity gets confused by our logic.  Add some hints to silence
false positives.

* src/qemu/qemu_driver.c (qemudDomainGetVcpuPinInfo): Add hint.
(qemuDomainGetMemoryParameters): Likewise.
2011-08-02 16:45:23 -06:00
Eric Blake
c86827a243 util: plug memory leak
Leak detected by Coverity; only possible on unlikely ptsname_r
failure.  Additionally, the man page for ptsname_r states that
failure is merely non-zero, not necessarily -1.

* src/util/util.c (virFileOpenTtyAt): Avoid leak on ptsname_r
failure.
2011-08-02 16:39:02 -06:00
Eric Blake
d69b79ab72 interface: drop dead code
Coverity detected that ifaceGetNthParent had already dereferenced
'nth' prior to the conditional; all callers already complied with
passing a non-NULL pointer so make this part of the contract.

* src/util/interface.h (ifaceGetNthParent): Add annotations.
* src/util/interface.c (ifaceGetNthParent): Drop useless null check.
2011-08-02 16:39:01 -06:00
Eric Blake
0634b62336 rpc: silence coverity false positives
In virNetServerNew, Coverity didn't realize that srv->mdsnGroupName
can only be non-NULL if mdsnGroupName was non-NULL.

In virNetServerRun, Coverity didn't realize that the array is non-NULL
if the array count is non-zero.

* src/rpc/virnetserver.c (virNetServerNew): Use alternate pointer.
(virNetServerRun): Give coverity a hint.
2011-08-02 16:39:01 -06:00
Eric Blake
8d0be8fd57 rpc: avoid null deref
Detected by Coverity.

* src/rpc/virnetserverclient.c (virNetServerClientDispatchRead):
Avoid null deref on OOM.
2011-08-02 16:39:01 -06:00
Eric Blake
44ebb18ec2 build: silence coverity false positives
Coverity complained that 395 out of 409 virAsprintf calls are
checked, and therefore assumed that the remaining cases are bugs
waiting to happen.  But in each of these cases, a failed virAsprintf
will properly set the target string to NULL, and pass on that
failure to the caller, without wasting efforts to check the call.
Adding the ignore_value silences Coverity.

* src/conf/domain_audit.c (virDomainAuditGetRdev): Ignore
virAsprintf return value, when it behaves like we need.
* src/network/bridge_driver.c (networkDnsmasqLeaseFileNameDefault)
(networkRadvdConfigFileName, networkBridgeDummyNicName)
(networkRadvdPidfileBasename): Likewise.
* src/util/storage_file.c (absolutePathFromBaseFile): Likewise.
* src/openvz/openvz_driver.c (openvzGenerateContainerVethName):
Likewise.
* src/util/command.c (virCommandTranslateStatus): Likewise.
2011-08-02 16:39:01 -06:00
Eric Blake
2ea9409a88 qemu: avoid memory leaks
Quite a few leaks detected by coverity.  For chr, the leaks were
close enough to the allocations to plug in place; for disk, the
leaks were separated from the allocation by enough other lines with
intermediate failure cases that I refactored the cleanup instead.

* src/qemu/qemu_command.c (qemuParseCommandLine): Plug leaks.
2011-08-02 16:33:46 -06:00
Eric Blake
0c1813f4c9 qemu: plug child process leak on domain core dump
Detected by Coverity.  Leak introduced by typo in commit 58e668d2.

* src/qemu/qemu_driver.c (doCoreDump): Use correct function.
2011-08-02 15:10:50 -06:00
Eric Blake
9a87657a31 qemu: remove dead code
Warning detected by Coverity.  No need for the NULL check, and
removing it silences the warning without any semantic change.

* src/qemu/qemu_migration.c (qemuMigrationFinish): All entries to
endjob had non-NULL vm.
2011-08-02 15:10:50 -06:00
Eric Blake
57ec8cedfc conf: avoid memory leak on disk operations
Detected by Coverity.  Leak on meta introduced in commit 85aa40e.

* src/conf/domain_conf.c (virDomainDiskDefForeachPath): Plug leak.
2011-08-02 15:05:39 -06:00
Eric Blake
ed246fbb79 rpc: avoid crash on error
Detected by Coverity.  Freeing the wrong variable results in both
a memory leak and the likelihood of the caller dereferencing through
a freed pointer.

* src/rpc/virnettlscontext.c (virNetTLSSessionNew): Free correct
variable.
2011-08-02 15:04:36 -06:00
Eric Blake
9160573d32 qemu: avoid null deref on block pull error
Coverity detected that 5 of 6 callers of virJSONValueArrayGet checked
for a NULL return; and that by not checking we risk a null deref
during an error.  The error is unlikely since the prior call to
virJSONValueArraySize would probably have already caught any botched
JSON array parse, but better safe than sorry.

* src/qemu/qemu_monitor_json.c (qemuMonitorJSONGetBlockJobInfo):
Check for NULL.
(qemuMonitorJSONExtractPtyPaths): Fix typo.
2011-08-02 15:04:36 -06:00
Eric Blake
94b5dae479 rpc: correctly process sasl whitelist globs
Detected by Coverity.  We want to compare the result of fnmatch 'rv',
not our pre-set return value 'ret'.

* src/rpc/virnetsaslcontext.c (virNetSASLContextCheckIdentity):
Check correct variable.
2011-08-02 15:01:33 -06:00
Eric Blake
e4047f0a10 build: allow caching the input to STATIC_ANALYSIS
Right now, every re-run of configure re-evaluates whether a
static analysis tool is in use.  But if you run configure under
coverity, make a tweak, and then do an incremental rebuild with
gcc but not coverity to test the tweak, then rerun a build under
coverity, then configure does not get rerun, and static analysis
ends up with lots of false positives.

This patch caches the static analysis result, and also makes it
easier to force static analysis even if the existing checks are
insufficient to detect newer versions of the static analyzer tools.

* configure.ac (lv_cv_static_analysis): New cache variable.
2011-08-02 15:01:32 -06:00
Eric Blake
00ef048f62 fdstream: drop delete argument
Revert 6a1f5f568f.  Now that libvirt_iohelper takes fds by
inheritance rather than by open() (commit 1eb66479), there is
no longer a race where the parent can unlink() a file prior to
the iohelper open()ing the same file.  From there, it makes
more sense to have the callers both create and unlink, rather
than the caller create and the stream unlink, since the latter
was only needed when iohelper had to do the unlink.

* src/fdstream.h (virFDStreamOpenFile, virFDStreamCreateFile):
Callers are responsible for deletion.
* src/fdstream.c (virFDStreamOpenFileInternal): Don't leak created
file on failure.
(virFDStreamOpenFile, virFDStreamCreateFile): Drop parameter.
* src/lxc/lxc_driver.c (lxcDomainOpenConsole): Update callers.
* src/qemu/qemu_driver.c (qemuDomainScreenshot)
(qemuDomainOpenConsole): Likewise.
* src/storage/storage_driver.c (storageVolumeDownload)
(storageVolumeUpload): Likewise.
* src/uml/uml_driver.c (umlDomainOpenConsole): Likewise.
* src/vbox/vbox_tmpl.c (vboxDomainScreenshot): Likewise.
* src/xen/xen_driver.c (xenUnifiedDomainOpenConsole): Likewise.
2011-08-02 14:53:43 -06:00
Eric Blake
440d6b6a0b screenshot: don't unlink bogus file
The previous qemu patch could end up calling unlink(tmp) before
tmp was the name of a valid file (unlinking a fileXXXXXX template
instead), or calling unlink(tmp) twice on success (once here,
and once at the end of the stream).  Meanwhile, vbox also suffered
from the same leaked tmp file bug.

* src/qemu/qemu_driver.c (qemuDomainScreenshot): Don't unlink on
success, or on invalid name.
* src/vbox/vbox_tmpl.c (vboxDomainScreenshot): Don't leak temp file.
2011-08-02 13:10:35 -06:00
Eric Blake
6915439794 python: avoid unlikely sign extension bug
Detected by Coverity; same analysis as for commit f73198df.

* python/libvirt-override.c (libvirt_virDomainGetVcpuPinInfo): Use
correct type.
2011-08-02 11:57:07 -06:00
Eric Blake
3157d78f52 rpc: avoid uninitialized memory use
Spotted by Coverity.  Gnutls documents that buffer must be NULL
if gnutls_x509_crt_get_key_purpose_oid is to be used to determine
the correct size needed for allocating a buffer.

* src/rpc/virnettlscontext.c
(virNetTLSContextCheckCertKeyPurpose): Initialize buffer.
2011-08-02 11:57:06 -06:00
Eric Blake
50ae1de27c rpc: avoid double close on error
Spotted by coverity.  If pipe2 fails, then we attempt to close
uninitialized fds, which may result in a double-close.

* src/rpc/virnetserver.c (virNetServerSignalSetup): Initialize fds.
2011-08-02 11:43:36 -06:00
Michal Privoznik
d68b97c8a6 qemu: Unlink temporary file on failure
Although virFDStreamOpenFile will unlink it once opened, when we hit
error path, we must unlink it by hand.
2011-08-02 10:21:08 -06:00
Eric Blake
de5494d8a4 doc: fix confusing statement about required privileges
src/libvirt.c: "may requires" is confusing; the s was extra.
2011-08-02 10:14:09 -06:00
Eric Blake
4e006b844f rpc: avoid libvirtd crash on unexpected client close
Steps to reproduce this problem (vm1 is not running):
for i in `seq 50`; do virsh managedsave vm1& done; killall virsh

Pre-patch, virNetServerClientClose could end up setting client->sock
to NULL prior to other cleanup functions trying to use client->sock.
This fixes things by checking for NULL in more places, and by deferring
the cleanup until after all queued messages have been served.

* src/rpc/virnetserverclient.c (virNetServerClientRegisterEvent)
(virNetServerClientGetFD, virNetServerClientIsSecure)
(virNetServerClientLocalAddrString)
(virNetServerClientRemoteAddrString): Check for closed socket.
(virNetServerClientClose): Rearrange close sequence.
Analysis from Wen Congyang.
2011-08-02 07:46:37 -06:00