Commit Graph

4945 Commits

Author SHA1 Message Date
Jim Meyering
dcf30d9c25 initialize "meta" in virStorageFileGetMetadata, not in each caller
Do not require each caller of virStorageFileGetMetadata and
virStorageFileGetMetadataFromFD to first clear the storage of the
"meta" buffer.  Instead, initialize that storage in
virStorageFileGetMetadataFromFD.
* src/util/storage_file.c (virStorageFileGetMetadataFromFD): Clear
"meta" here, not before each of the following callers.
* src/qemu/qemu_driver.c (qemuSetupDiskCgroup): Don't clear "meta" here.
(qemuTeardownDiskCgroup): Likewise.
* src/qemu/qemu_security_dac.c (qemuSecurityDACSetSecurityImageLabel):
Likewise.
* src/security/security_selinux.c (SELinuxSetSecurityImageLabel):
Likewise.
* src/security/virt-aa-helper.c (get_files): Likewise.
2010-05-19 17:07:08 +02:00
Jim Meyering
e638a2461d (qemu*DiskCgroup): avoid dead code
* src/qemu/qemu_driver.c (qemuTeardownDiskCgroup): Remove
bogus empty-body while-loop.
(qemuSetupDiskCgroup): Likewise.
2010-05-19 17:07:08 +02:00
Jim Meyering
acd981e37f maint: more VIR_WARN corrections: now manually
* po/POTFILES.in: Remove src/util/logging.c and src/util/uuid.c.
* src/phyp/phyp_driver.c (phypUUIDTable_ReadFile): Correct more
VIR_WARN uses, now manually.
(phypUUIDTable_Init, phypUUIDTable_Pull): Likewise.
2010-05-19 13:03:35 +02:00
Jim Meyering
3f76a993c2 maint: use VIR_WARN0("...") rather than VIR_WARN("%s", "...")
Run this command:
  git grep -l 'VIR_WARN("%s", "'|xargs perl -pi -e \
    's/VIR_WARN\("%s", "/VIR_WARN0("/'
* src/phyp/phyp_driver.c (phypDomainGetInfo): Perform the above.
(phypDomainCreateAndStart, phypUUIDTable_ReadFile): Likewise.
2010-05-19 12:59:15 +02:00
Jim Meyering
052893cf66 maint: enforce no-markup policy wrt VIR_WARN-like macros
* cfg.mk (sc_prohibit_gettext_markup): New rule, to enforce
this policy.  Contrary to most diagnostic-emitting functions,
where we require _(...) markup, here, we require that _() *not*
be used for certain functions (or function-like macros).
2010-05-19 12:52:47 +02:00
Jim Meyering
feb93e9830 maint: remove _(...) from VIR_WARN arg manually
* src/util/uuid.c (virUUIDGenerate): Remove _(...) manually.
2010-05-19 12:52:47 +02:00
Jim Meyering
c5a2fe243b maint: don't mark VIR_WARN or VIR_WARN0 diagnostics for translation
Approximately 60 messages were marked.  Since these diagnostics are
intended solely for developers and maintainers, encouraging translation
is deemed to be counterproductive:
http://thread.gmane.org/gmane.comp.emulators.libvirt/25050/focus=25052

Run this command:
  git grep -l VIR_WARN|xargs perl -pi -e \
    's/(VIR_WARN0?)\s*\(_\((".*?")\)/$1($2/'
2010-05-19 12:00:18 +02:00
Jim Meyering
d54bad5d0e note a typo: VIR_MIGRATE_TUNNELLED should be VIR_MIGRATE_TUNNELED,
so that searches for properly spelled "TUNNELED" turn up
the surprising spelling of this public symbol.
* include/libvirt/libvirt.h.in: Add a comment.
2010-05-19 08:08:52 +02:00
Jiri Denemark
b02db3518e Add support for SSE4.1 and SSE4.2 CPU features 2010-05-18 20:53:31 +02:00
Jiri Denemark
272d5a9653 Fix potential NULL dereference in remoteDomainMigratePrepare2 2010-05-18 20:53:31 +02:00
Jim Meyering
49ed0a2e1b do not ignore qemuMonitorAddDrive failure; make uses identical
There were three very similar uses of qemuMonitorAddDrive.
This change makes the three 17-line sequences identical.
* src/qemu/qemu_driver.c (qemudDomainAttachPciDiskDevice): Detect
failure.  Add VIR_WARN and braces.
(qemudDomainAttachSCSIDisk): Add VIR_WARN and braces.
(qemudDomainAttachUsbMassstorageDevice): Likewise.
2010-05-18 19:23:33 +02:00
Jim Meyering
d564fcb3e1 ebtablesAddRemoveRule, iptablesAddRemoveRule: don't skip va_end
* src/util/ebtables.c (ebtablesAddRemoveRule): Don't skip
va_end(args) on an error path.
* src/util/iptables.c (iptablesAddRemoveRule): Identical change.
2010-05-18 19:23:33 +02:00
Jim Meyering
11eeabd71b qemudDomainRestore: handle a case of virDomainSaveStatus failure
* src/qemu/qemu_driver.c (qemudDomainRestore): Don't ignore
virDomainSaveStatus failure.
2010-05-18 19:23:33 +02:00
Jim Meyering
a23675d36d python: don't ignore virInitialize failure in module initialization
* python/libvirt-override.c (initlibvirtmod): Upon virInitialize
failure, skip the Py_InitModule call.
2010-05-18 19:23:33 +02:00
Jim Meyering
6ab131bae2 tests: do not ignore virInitialize failure
* tests/nodeinfotest.c (mymain): Do not ignore virInitialize failure.
Most other callers of virInitialize test for failure.
2010-05-18 19:23:32 +02:00
Jim Meyering
cff218f353 qemuMonitorTextMigrate: avoid leak on OOM-error path
* src/qemu/qemu_monitor_text.c (qemuMonitorTextMigrate): Also
free "safedest" buffer when failing.
2010-05-18 19:23:32 +02:00
Jim Meyering
bc5443f4c6 virNWFilterDefParseXML: avoid leak on error paths
* src/conf/nwfilter_conf.c (virNWFilterDefParseXML): Also free "ret"
via cleanup.
2010-05-18 19:23:32 +02:00
Jim Meyering
43beb82eca linuxNodeInfoCPUPopulate: avoid used-uninitialized via a test
* tests/nodeinfotest.c (linuxTestCompareFiles): Don't use
nodeinfo->member uninitialized.  linuxNodeInfoCPUPopulate requires
that some of its nodeinfo members (including threads) be initialized
upon input.  The nodeinfotest.c program lacked the initialization,
while the only other use (nodeGetInfo) did perform it.
It's not trivial to move the initialization into the function,
since nodeGetInfo sets at least one member after clearing the
buffer but before calling linuxNodeInfoCPUPopulate.
2010-05-18 19:23:32 +02:00
Jim Meyering
4d2adaa1d5 virDomainNetDefParseXML: avoid leak upon multiple "filterref"
* src/conf/domain_conf.c (virDomainNetDefParseXML): Don't leak
memory when parsing two or more "filterref" elements.
2010-05-18 19:23:27 +02:00
Jim Meyering
0058184c4e ebiptablesWriteToTempFile: don't close a negative file descriptor
* src/nwfilter/nwfilter_ebiptables_driver.c (ebiptablesWriteToTempFile):
Skip the close if "fd" is negative.
2010-05-18 16:55:26 +02:00
Daniel P. Berrange
31e29fe524 Protect against NULL pointer flaws in monitor usage
History has shown that there are frequent bugs in the QEMU driver
code leading to the monitor being invoked with a NULL pointer.
Although the QEMU driver code should always report an error in
this case before invoking the monitor, as a safety net put in a
generic check in the monitor code entry points.

* src/qemu/qemu_monitor.c: Safety net to check for NULL monitor
  object
2010-05-18 06:03:06 -04:00
Daniel P. Berrange
c4b2a93907 Fix multiple potential NULL pointer references in monitor usage
Any method which intends to invoke a monitor command must have
a check for virDomainObjIsActive() before using the monitor to
ensure that priv->mon != NULL.

There is one subtle edge case in this though. If a method invokes
multiple monitor commands, and calls qemuDomainObjExitMonitor()
in between two of these commands then there is no guarentee that
priv->mon != NULL anymore. This is because the QEMU process may
exit or die at any time, and because qemuDomainObjEnterMonitor()
releases the lock on virDomainObj, it is possible for the background
thread to close the monitor handle and thus qemuDomainObjExitMonitor
will release the last reference allowing priv->mon to become NULL.

This affects several methods, most notably migration but also some
hotplug methods. This patch takes a variety of approaches to solve
the problem, depending on the particular usage scenario. Generally
though it suffices to add an extra virDomainObjIsActive() check
if qemuDomainObjExitMonitor() was called during the method.

* src/qemu/qemu_driver.c: Fix multiple potential NULL pointer flaws
  in usage of the monitor
2010-05-18 06:03:06 -04:00
Jim Meyering
a986892e61 maint: add more free-like functions to the list and deal with fallout
* cfg.mk (useless_free_options): Add many vir*Free* function names,
and then remove the useless if-before-free tests exposed by running
make syntax-check.
* src/conf/interface_conf.c (virInterfaceDefFree): Remove useless "if".
(virInterfaceAssignDef): Likewise.
* src/conf/network_conf.c (virNetworkAssignDef): Likewise.
* src/conf/storage_conf.c (virStoragePoolObjAssignDef): Likewise.
* src/node_device/node_device_hal.c (dev_create): Likewise.
* src/security/virt-aa-helper.c (vahDeinit): Likewise.
* src/test/test_driver.c (testNodeDeviceCreateXML): Likewise.
* src/util/conf.c (virConfSetValue): Likewise.
2010-05-18 07:53:42 +02:00
Jim Meyering
933522a341 maint: add virCgroupFree to the list of free-like functions
This makes the useless-if-before-free test in maint.mk spot
uses of virCgroupFree just like it does for free and the other
listed functions.
* cfg.mk (useless_free_options): Add virCgroupFree.
Prompted by suggestion from Eric Blake.
2010-05-18 07:53:42 +02:00
Jim Meyering
20701b17e2 qemudDomainSetVcpus: avoid NULL-deref on failed uuid look-up
* src/qemu/qemu_driver.c (qemudDomainSetVcpus): Upon look-up failure,
i.e., vm==NULL, goto cleanup, rather than to "endjob", superficially
since the latter would dereference vm, but more fundamentally because
we certainly don't want to call qemuDomainObjEndJob before we've
even attempted qemuDomainObjBeginJob.
2010-05-18 07:53:42 +02:00
Jim Meyering
93fedcf20f lxcFreezeContainer: avoid test-after-deref of never-NULL pointer
* src/lxc/lxc_driver.c (lxcFreezeContainer): Remove test-after-deref.
Correct indentation in expression.
2010-05-18 07:53:42 +02:00
Matthias Bolte
61fb697977 Add CIFS to the list of network file systems
ESX supports NFS and CIFS. The ESX storage driver will reflect this.
2010-05-18 01:34:34 +02:00
Matthias Bolte
32d9e0707c Add VIR_STORAGE_POOL_INACCESSIBLE to denote inaccessible storage pools
This status will be used by the ESX storage driver.

For example a running NFS pool is inaccessible when the NFS server is
currently unreachable.
2010-05-18 01:34:34 +02:00
Eric Blake
f30ccb2458 qemu_conf: fix flag value
(gdb) p/x QEMUD_CMD_FLAG_VNET_HOST
$7 = 0xffffffff80000000

Oops - that meant we were incorrectly setting QEMU_CMD_FLAG_RTC_TD_HACK
for qemu-kvm-0.12.3 (and probably botching a few other settings as well).

Fixes Red Hat BZ#592070

* src/qemu/qemu_conf.h (QEMUD_CMD_FLAG_VNET_HOST): Avoid sign
extension.
* tests/qemuhelpdata/qemu-kvm-0.12.3: New file.
* tests/qemuhelptest.c (mymain): Add another case.
2010-05-17 16:28:02 -06:00
Cole Robinson
07c621d09c qemu: Clarify a couple error messages
A fedora translator filed:

https://bugzilla.redhat.com/show_bug.cgi?id=580816

Pointing out these two error messages as unclear: "write save" sounds
like a typo without context, and lack of a colon made the second message
difficult to parse.
2010-05-17 17:22:08 -04:00
Eric Blake
d533a98ed6 virFileResolveLink: fix return value
virFileResolveLink was returning a positive value on error,
thus confusing callers that assumed failure was < 0.  The
confusion is further evidenced by callers that would have
ended up calling virReportSystemError with a negative value
instead of a valid errno.

Fixes Red Hat BZ #591363.

* src/util/util.c (virFileResolveLink): Live up to documentation.
* src/qemu/qemu_security_dac.c
(qemuSecurityDACRestoreSecurityFileLabel): Adjust callers.
* src/security/security_selinux.c
(SELinuxRestoreSecurityFileLabel): Likewise.
* src/storage/storage_backend_disk.c
(virStorageBackendDiskDeleteVol): Likewise.
2010-05-17 14:48:27 -06:00
Cole Robinson
df5944ff02 tests: Skip daemon-conf test if dir exceeds UNIX_PATH_MAX
The max path length for unix sockets is pretty small (108, see man 7 unix).
If 'make check' is run from a directory that exceeds this, one of the tests
will fail, and in such a way that requires manually editting the test to
determine why.

There are certainly other ways to handle this, but I've chosen just to skip
the offending test if we will exceed the length limitation.

v2: Drop bashism, use test infrastructure to warn and skip
2010-05-17 15:01:59 -04:00
Cole Robinson
5679c844de pci: Give an explicit error if device not found
v2: Use intended F_OK. Drop devdir param, just check dev->path for device
existence.

v3: Use virReportSystemError, include dev->path in error message.
2010-05-17 15:01:59 -04:00
Eric Blake
b0aaed65ea build: fix cygwin build, correctly this time
Fix the cygwin regression introduced in commit 48445ccff, but
without repeating the fresh build regression of commit
2d550542e.

* src/Makefile.am (libvirt_test_la_LIBADD): Split out subset of
locally-built libraries...
(libvirt_test_la_BUILT_LIBADD): ...into new variable.
(libvirt_test_la_DEPENDENCIES): Depend only on the subset that
automake would have given us for free if we didn't have to add our
own extra file.
2010-05-17 12:15:44 -06:00
Jim Meyering
8e8bda2614 umlAutostartDomain: avoid NULL-deref upon virGetLastError failure
* src/uml/uml_driver.c (umlAutostartDomain): Handle a NULL return
from virGetLastError.
2010-05-17 18:49:36 +02:00
Eric Blake
6e5b5bbc0a build: fix up some compiler flags
Matthias noted that the line:
virt_aa_helper_LDFLAGS = $(WARN_CFLAGS)
looks inconsistent, so I did an audit.

Currently, the set of compiler warning flags passed to gcc as $CC are
equally permitted as the set of linker flags passed to gcc as $LD, so
there was no problem with that usage.  But if we ever get in a
situation where $CC and $LD treat particular flags differently, using
the right variable form will make it easier.

In the process, I spotted a couple of typos that were omitting useful
flags, as well as specifying a -l under the wrong variable.

* acinclude.m4 (LIBVIRT_COMPILE_WARNINGS): Define WARN_LDFLAGS as
an alias for WARN_CFLAGS.
* tools/Makefile.am (virsh_LDFLAGS): Use more canonical spelling.
* proxy/Makefile.am (libvirt_proxy_LDFLAGS): Likewise. Move
library...
(libvirt_proxy_LDADD): ...here.
* src/Makefile.am (virt_aa_helper_LDFLAGS): Use more canonical
spelling of WARN_LDFLAGS.
(libvirt_parthelper_LDFLAGS, libvirt_lxc_LDFLAGS): Likewise.  Use
correct spelling of COVERAGE_LDFLAGS.
Reported by Matthias Bolte.
2010-05-17 09:12:42 -06:00
Jim Meyering
0641f0f72c build: avoid compile failure on linux kernels older than 2.6.19
* configure.ac: Check for <linux/magic.h>.
* src/util/storage_file.c: Include <linux/magic.h> only if present.
Linux kernels prior to 2.6.19 lacked it.
[__linux__] (NFS_SUPER_MAGIC): Define if not already defined.
2010-05-17 16:50:36 +02:00
Jim Meyering
258d59cff9 x86ModelHasFeature: avoid NULL-dereference for unmatched CPU "feature"
* src/cpu/cpu_x86.c (x86ModelHasFeature): Do not dereference the pointer
returned by x86cpuidFind without first ensuring it is non-NULL.
2010-05-17 16:50:36 +02:00
Cole Robinson
83be64034a qemu: Report cmdline output if VM dies early
qemuReadLogOutput early VM death detection is racy and won't always work.
Startup then errors when connecting to the VM monitor. This won't report
the emulator cmdline output which is typically the most useful diagnostic.

Check if the VM has died at the very end of the monitor connection step,
and if so, report the cmdline output.

See also: https://bugzilla.redhat.com/show_bug.cgi?id=581381
2010-05-17 10:15:53 -04:00
Cole Robinson
d536f6b177 qemu: Fix previous commit, use comparision in if() 2010-05-17 09:39:11 -04:00
Jim Meyering
560758c900 qemu_driver: avoid NULL dereference
* src/qemu/qemu_driver.c (qemudDomainStart): After setting vm to NULL,
goto cleanup, rather than dereferencing the NULL pointer.
2010-05-17 13:47:45 +02:00
Daniel P. Berrange
2d665c9e2d Remove debugging fprintf() calls
* src/qemu/qemu_driver.c: Remove debugging fprintf() calls
  accidentally left in code
2010-05-17 10:44:49 +01:00
Jim Meyering
b48fb801dd qemudDomainSetVcpus: avoid NULL-deref
* src/qemu/qemu_driver.c (qemudDomainSetVcpus): Avoid NULL-deref
upon unknown UUID.  Call qemuDomainObjBeginJob(vm) only after
ensuring that vm != NULL, not before.  This potential NULL-deref
was introduced by commit 2c555d87b0.
2010-05-15 09:02:54 +02:00
Eric Blake
39b3845fd7 Revert "build: fix cygwin build"
This reverts commit 2d550542ee.

The patch worked for incremental builds, but broke fresh
builds, because it interfered with automake's automatic
dependency generation.  Until I figure out how to make
automake do what we want, I'd rather leave cygwin broken
but fresh Linux builds working.
2010-05-14 17:46:47 -06:00
Eric Blake
2d550542ee build: fix cygwin build
make[3]: *** No rule to make target `-lxml2', needed by `libvirt.la'.  Stop.

Due to treating the wrong string as a dependency.

* src/Makefile.am (libvirt_la_DEPENDENCIES): Depend only on
locally-built file, not on strings that might resolve as '-lxml2'.
2010-05-14 16:03:57 -06:00
Stefan Berger
ba99a1b637 nwfilter: Add missing driver lock in qemu driver
This adds a missing driver lock in the qemu driver to protect
the list of domains.
2010-05-14 14:22:39 -04:00
Ryota Ozaki
d6644013d2 Fix a misuse of virAsprintf in qemudDomainMemoryPeek
The code specifies driver->cacheDir as the format string,
but it usually doesn't contain '%s', so the subsequent
argument, "/qemu.mem.XXXXXX", is always ignored.

The patch fixes the misuse.
2010-05-14 10:45:58 -06:00
Daniel P. Berrange
de4d70873a Make domain save work when dynamic_ownership=0
Setting dynamic_ownership=0 in /etc/libvirt/qemu.conf prevents
libvirt's DAC security driver from setting uid/gid on disk
files when starting/stopping QEMU, allowing the admin to manage
this manually. As a side effect it also stopped setting of
uid/gid when saving guests to a file, which completely breaks
save when QEMU is running non-root. Thus saved state labelling
code must ignore the dynamic_ownership parameter

* src/qemu/qemu_security_dac.c: Ignore dynamic_ownership=0 when
  doing save/restore image labelling
2010-05-14 09:21:33 -04:00
Daniel P. Berrange
02ddaddfa8 Don't reset user/group/security label on shared filesystems during migrate
When QEMU runs with its disk on NFS, and as a non-root user, the
disk is chownd to that non-root user. When migration completes
the last step is shutting down the QEMU on the source host. THis
normally resets user/group/security label. This is bad when the
VM was just migrated because the file is still in use on the dest
host. It is thus neccessary to skip the reset step for any files
found to be on a shared filesystem

* src/libvirt_private.syms: Export virStorageFileIsSharedFS
* src/util/storage_file.c, src/util/storage_file.h: Add a new
  method virStorageFileIsSharedFS() to determine if a file is
  on a shared filesystem (NFS, GFS, OCFS2, etc)
* src/qemu/qemu_driver.c: Tell security driver not to reset
  disk labels on migration completion
* src/qemu/qemu_security_dac.c, src/qemu/qemu_security_stacked.c,
  src/security/security_selinux.c, src/security/security_driver.h,
  src/security/security_apparmor.c: Add ability to skip disk
  restore step for files on shared filesystems.
2010-05-14 09:21:24 -04:00
Daniel P. Berrange
117d04fb1d Fix handling of disk backing stores with cgroups
The cgroups ACL code was only allowing the primary disk image.
It is possible to chain images together, so we need to search
for backing stores and add them to the ACL too. Since the ACL
only handles block devices, we ignore the EINVAL we get from
plain files. In addition it was missing code to teardown the
cgroup when hot-unplugging a disk

* src/qemu/qemu_driver.c: Allow backing stores in cgroup ACLs
  and add missing teardown code in unplug path
2010-05-14 09:20:13 -04:00