Chris Lalancette [Wed, 19 May 2010 13:02:30 +0000 (09:02 -0400)]
Fix up the python bindings for snapshotting.
This involved a few fixes. To start with,
an virDomainSnapshot object is really tied to a
domain, not a connection, so we have to generate
a slightly different object so that we can get
at self._dom for the object.
Next, we had to "dummy" up an override piece of
XML with a bogus argument that the function doesn't
actually take. That's so that the generator places
virDomainRevertToSnapshot underneath the correct
class (namely, the virDomain class).
Finally, we had to hand-implement the
virDomainRevertToSnapshot implementation, ignoring the
bogus pointer we are being passed.
With all of this in place, I was able to successfully
take a snapshot and revert to it using only the
Python bindings.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
Jim Meyering [Thu, 20 May 2010 13:43:47 +0000 (15:43 +0200)]
qemu_conf.c: also recognize new first line of qemu -help output
* src/qemu/qemu_conf.c (QEMU_VERSION_STR_1, QEMU_VERSION_STR_2):
Define these instead of...
(QEMU_VERSION_STR): ... this. Remove definition.
(qemudParseHelpStr): Check first for the new, shorter prefix,
"QEMU emulator version", and then for the old one,
"QEMU PC emulator version" when trying to parse the version number.
Based on a patch by Chris Wright.
Jim Meyering [Thu, 20 May 2010 12:30:36 +0000 (14:30 +0200)]
lxc_controller.c: don't ignore failed "accept"
* src/lxc/lxc_controller.c (ignorable_epoll_accept_errno): New function.
(lxcControllerMain): Handle a failed accept carefully:
most errno values indicate legitimate failure and must be fatal.
However, ignore a special case: that in which an incoming client quits
between the poll() indicating its presence, and our accept() which
is trying to process it.
Alex Williamson [Thu, 20 May 2010 14:03:17 +0000 (10:03 -0400)]
Rename qemuBuildCommandLine tapfds -> vmfds.
There doesn't seem to be anything specific to tap devices for this
array of file descriptors which need to stay open of the guest to use.
Rename then for others to make use of.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com> Signed-off-by: Chris Lalancette <clalance@redhat.com>
Jim Meyering [Wed, 19 May 2010 13:36:27 +0000 (15:36 +0200)]
tests: the remote_protocol check also accommodates older pdwtags
This test was failing on systems using pdwtags from dwarves-1.3.
Reported by Matthias Bolte.
Two-pronged fix:
- use --verbose to work also with dwarves-1.3; adapt regular
expressions to handle now-varying separators
- require a minimum number of post-split clauses, in order to
skip upon any future format change.
Currently there are 318; if there are 300 or fewer,
give a warning similar to when pdwtags is missing.
* src/Makefile.am (remote_protocol-structs): Use pdwtags' --verbose
option to make 1.3 emit member sizes and offsets.
Consistently output WARNING messages to stderr.
Jim Meyering [Tue, 18 May 2010 05:53:31 +0000 (07:53 +0200)]
initialize "meta" in virStorageFileGetMetadata, not in each caller
Do not require each caller of virStorageFileGetMetadata and
virStorageFileGetMetadataFromFD to first clear the storage of the
"meta" buffer. Instead, initialize that storage in
virStorageFileGetMetadataFromFD.
* src/util/storage_file.c (virStorageFileGetMetadataFromFD): Clear
"meta" here, not before each of the following callers.
* src/qemu/qemu_driver.c (qemuSetupDiskCgroup): Don't clear "meta" here.
(qemuTeardownDiskCgroup): Likewise.
* src/qemu/qemu_security_dac.c (qemuSecurityDACSetSecurityImageLabel):
Likewise.
* src/security/security_selinux.c (SELinuxSetSecurityImageLabel):
Likewise.
* src/security/virt-aa-helper.c (get_files): Likewise.
* cfg.mk (sc_prohibit_gettext_markup): New rule, to enforce
this policy. Contrary to most diagnostic-emitting functions,
where we require _(...) markup, here, we require that _() *not*
be used for certain functions (or function-like macros).
Jim Meyering [Wed, 19 May 2010 10:00:18 +0000 (12:00 +0200)]
maint: don't mark VIR_WARN or VIR_WARN0 diagnostics for translation
Approximately 60 messages were marked. Since these diagnostics are
intended solely for developers and maintainers, encouraging translation
is deemed to be counterproductive:
http://thread.gmane.org/gmane.comp.emulators.libvirt/25050/focus=25052
Run this command:
git grep -l VIR_WARN|xargs perl -pi -e \
's/(VIR_WARN0?)\s*\(_\((".*?")\)/$1($2/'
Jim Meyering [Tue, 18 May 2010 14:02:12 +0000 (16:02 +0200)]
do not ignore qemuMonitorAddDrive failure; make uses identical
There were three very similar uses of qemuMonitorAddDrive.
This change makes the three 17-line sequences identical.
* src/qemu/qemu_driver.c (qemudDomainAttachPciDiskDevice): Detect
failure. Add VIR_WARN and braces.
(qemudDomainAttachSCSIDisk): Add VIR_WARN and braces.
(qemudDomainAttachUsbMassstorageDevice): Likewise.
Jim Meyering [Tue, 18 May 2010 09:58:32 +0000 (11:58 +0200)]
linuxNodeInfoCPUPopulate: avoid used-uninitialized via a test
* tests/nodeinfotest.c (linuxTestCompareFiles): Don't use
nodeinfo->member uninitialized. linuxNodeInfoCPUPopulate requires
that some of its nodeinfo members (including threads) be initialized
upon input. The nodeinfotest.c program lacked the initialization,
while the only other use (nodeGetInfo) did perform it.
It's not trivial to move the initialization into the function,
since nodeGetInfo sets at least one member after clearing the
buffer but before calling linuxNodeInfoCPUPopulate.
Protect against NULL pointer flaws in monitor usage
History has shown that there are frequent bugs in the QEMU driver
code leading to the monitor being invoked with a NULL pointer.
Although the QEMU driver code should always report an error in
this case before invoking the monitor, as a safety net put in a
generic check in the monitor code entry points.
* src/qemu/qemu_monitor.c: Safety net to check for NULL monitor
object
Fix multiple potential NULL pointer references in monitor usage
Any method which intends to invoke a monitor command must have
a check for virDomainObjIsActive() before using the monitor to
ensure that priv->mon != NULL.
There is one subtle edge case in this though. If a method invokes
multiple monitor commands, and calls qemuDomainObjExitMonitor()
in between two of these commands then there is no guarentee that
priv->mon != NULL anymore. This is because the QEMU process may
exit or die at any time, and because qemuDomainObjEnterMonitor()
releases the lock on virDomainObj, it is possible for the background
thread to close the monitor handle and thus qemuDomainObjExitMonitor
will release the last reference allowing priv->mon to become NULL.
This affects several methods, most notably migration but also some
hotplug methods. This patch takes a variety of approaches to solve
the problem, depending on the particular usage scenario. Generally
though it suffices to add an extra virDomainObjIsActive() check
if qemuDomainObjExitMonitor() was called during the method.
* src/qemu/qemu_driver.c: Fix multiple potential NULL pointer flaws
in usage of the monitor
Jim Meyering [Mon, 17 May 2010 17:38:35 +0000 (19:38 +0200)]
maint: add virCgroupFree to the list of free-like functions
This makes the useless-if-before-free test in maint.mk spot
uses of virCgroupFree just like it does for free and the other
listed functions.
* cfg.mk (useless_free_options): Add virCgroupFree.
Prompted by suggestion from Eric Blake.
Jim Meyering [Mon, 17 May 2010 17:28:44 +0000 (19:28 +0200)]
qemudDomainSetVcpus: avoid NULL-deref on failed uuid look-up
* src/qemu/qemu_driver.c (qemudDomainSetVcpus): Upon look-up failure,
i.e., vm==NULL, goto cleanup, rather than to "endjob", superficially
since the latter would dereference vm, but more fundamentally because
we certainly don't want to call qemuDomainObjEndJob before we've
even attempted qemuDomainObjBeginJob.
Pointing out these two error messages as unclear: "write save" sounds
like a typo without context, and lack of a colon made the second message
difficult to parse.
Eric Blake [Fri, 14 May 2010 20:50:27 +0000 (14:50 -0600)]
virFileResolveLink: fix return value
virFileResolveLink was returning a positive value on error,
thus confusing callers that assumed failure was < 0. The
confusion is further evidenced by callers that would have
ended up calling virReportSystemError with a negative value
instead of a valid errno.
Fixes Red Hat BZ #591363.
* src/util/util.c (virFileResolveLink): Live up to documentation.
* src/qemu/qemu_security_dac.c
(qemuSecurityDACRestoreSecurityFileLabel): Adjust callers.
* src/security/security_selinux.c
(SELinuxRestoreSecurityFileLabel): Likewise.
* src/storage/storage_backend_disk.c
(virStorageBackendDiskDeleteVol): Likewise.
Cole Robinson [Mon, 17 May 2010 16:32:45 +0000 (12:32 -0400)]
tests: Skip daemon-conf test if dir exceeds UNIX_PATH_MAX
The max path length for unix sockets is pretty small (108, see man 7 unix).
If 'make check' is run from a directory that exceeds this, one of the tests
will fail, and in such a way that requires manually editting the test to
determine why.
There are certainly other ways to handle this, but I've chosen just to skip
the offending test if we will exceed the length limitation.
v2: Drop bashism, use test infrastructure to warn and skip
Eric Blake [Sat, 15 May 2010 00:19:58 +0000 (18:19 -0600)]
build: fix cygwin build, correctly this time
Fix the cygwin regression introduced in commit 48445ccff, but
without repeating the fresh build regression of commit 2d550542e.
* src/Makefile.am (libvirt_test_la_LIBADD): Split out subset of
locally-built libraries...
(libvirt_test_la_BUILT_LIBADD): ...into new variable.
(libvirt_test_la_DEPENDENCIES): Depend only on the subset that
automake would have given us for free if we didn't have to add our
own extra file.
Eric Blake [Fri, 14 May 2010 22:45:52 +0000 (16:45 -0600)]
build: fix up some compiler flags
Matthias noted that the line:
virt_aa_helper_LDFLAGS = $(WARN_CFLAGS)
looks inconsistent, so I did an audit.
Currently, the set of compiler warning flags passed to gcc as $CC are
equally permitted as the set of linker flags passed to gcc as $LD, so
there was no problem with that usage. But if we ever get in a
situation where $CC and $LD treat particular flags differently, using
the right variable form will make it easier.
In the process, I spotted a couple of typos that were omitting useful
flags, as well as specifying a -l under the wrong variable.
* acinclude.m4 (LIBVIRT_COMPILE_WARNINGS): Define WARN_LDFLAGS as
an alias for WARN_CFLAGS.
* tools/Makefile.am (virsh_LDFLAGS): Use more canonical spelling.
* proxy/Makefile.am (libvirt_proxy_LDFLAGS): Likewise. Move
library...
(libvirt_proxy_LDADD): ...here.
* src/Makefile.am (virt_aa_helper_LDFLAGS): Use more canonical
spelling of WARN_LDFLAGS.
(libvirt_parthelper_LDFLAGS, libvirt_lxc_LDFLAGS): Likewise. Use
correct spelling of COVERAGE_LDFLAGS.
Reported by Matthias Bolte.
Jim Meyering [Mon, 17 May 2010 14:17:08 +0000 (16:17 +0200)]
build: avoid compile failure on linux kernels older than 2.6.19
* configure.ac: Check for <linux/magic.h>.
* src/util/storage_file.c: Include <linux/magic.h> only if present.
Linux kernels prior to 2.6.19 lacked it.
[__linux__] (NFS_SUPER_MAGIC): Define if not already defined.
Cole Robinson [Mon, 17 May 2010 14:15:53 +0000 (10:15 -0400)]
qemu: Report cmdline output if VM dies early
qemuReadLogOutput early VM death detection is racy and won't always work.
Startup then errors when connecting to the VM monitor. This won't report
the emulator cmdline output which is typically the most useful diagnostic.
Check if the VM has died at the very end of the monitor connection step,
and if so, report the cmdline output.
See also: https://bugzilla.redhat.com/show_bug.cgi?id=581381
Jim Meyering [Fri, 14 May 2010 10:38:43 +0000 (12:38 +0200)]
qemudDomainSetVcpus: avoid NULL-deref
* src/qemu/qemu_driver.c (qemudDomainSetVcpus): Avoid NULL-deref
upon unknown UUID. Call qemuDomainObjBeginJob(vm) only after
ensuring that vm != NULL, not before. This potential NULL-deref
was introduced by commit 2c555d87b0041e0d1ec4742386d2161d1b2f0600.
The patch worked for incremental builds, but broke fresh
builds, because it interfered with automake's automatic
dependency generation. Until I figure out how to make
automake do what we want, I'd rather leave cygwin broken
but fresh Linux builds working.
Ryota Ozaki [Fri, 14 May 2010 10:08:59 +0000 (19:08 +0900)]
Fix a misuse of virAsprintf in qemudDomainMemoryPeek
The code specifies driver->cacheDir as the format string,
but it usually doesn't contain '%s', so the subsequent
argument, "/qemu.mem.XXXXXX", is always ignored.
Setting dynamic_ownership=0 in /etc/libvirt/qemu.conf prevents
libvirt's DAC security driver from setting uid/gid on disk
files when starting/stopping QEMU, allowing the admin to manage
this manually. As a side effect it also stopped setting of
uid/gid when saving guests to a file, which completely breaks
save when QEMU is running non-root. Thus saved state labelling
code must ignore the dynamic_ownership parameter
* src/qemu/qemu_security_dac.c: Ignore dynamic_ownership=0 when
doing save/restore image labelling
Don't reset user/group/security label on shared filesystems during migrate
When QEMU runs with its disk on NFS, and as a non-root user, the
disk is chownd to that non-root user. When migration completes
the last step is shutting down the QEMU on the source host. THis
normally resets user/group/security label. This is bad when the
VM was just migrated because the file is still in use on the dest
host. It is thus neccessary to skip the reset step for any files
found to be on a shared filesystem
* src/libvirt_private.syms: Export virStorageFileIsSharedFS
* src/util/storage_file.c, src/util/storage_file.h: Add a new
method virStorageFileIsSharedFS() to determine if a file is
on a shared filesystem (NFS, GFS, OCFS2, etc)
* src/qemu/qemu_driver.c: Tell security driver not to reset
disk labels on migration completion
* src/qemu/qemu_security_dac.c, src/qemu/qemu_security_stacked.c,
src/security/security_selinux.c, src/security/security_driver.h,
src/security/security_apparmor.c: Add ability to skip disk
restore step for files on shared filesystems.
The cgroups ACL code was only allowing the primary disk image.
It is possible to chain images together, so we need to search
for backing stores and add them to the ACL too. Since the ACL
only handles block devices, we ignore the EINVAL we get from
plain files. In addition it was missing code to teardown the
cgroup when hot-unplugging a disk
* src/qemu/qemu_driver.c: Allow backing stores in cgroup ACLs
and add missing teardown code in unplug path
Add support for NIC hotplug using netdev_add in QEMU
QEMU is gaining a new monitor command netdev_add for hotplugging
NICs using the netdev backend code. We already support this on
the command this, though it is disabled. This adds support for
hotplug too, also to remain disabled until 0.13 QEMU is released
* src/qemu/qemu_driver.c: Support netdev hotplug for NICs
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c, src/qemu/qemu_monitor_json.h,
src/qemu/qemu_monitor_text.c, src/qemu/qemu_monitor_text.h: Add
support for netdev_add and netdev_remove commands
Jiri Denemark [Wed, 12 May 2010 09:50:52 +0000 (11:50 +0200)]
Fix monitor ref counting when adding event handle
When closing a monitor using qemuMonitorClose(), we are aware of
the possibility the monitor is still being used somewhere:
/* NB: ordinarily one might immediately set mon->watch to -1
* and mon->fd to -1, but there may be a callback active
* that is still relying on these fields being valid. So
* we merely close them, but not clear their values and
* use this explicit 'closed' flag to track this state */
but since we call virEventAddHandle() on that monitor without increasing
its ref counter, the monitor is still freed which makes possible users
of it quite unhappy. The unhappiness can lead to a hang if qemuMonitorIO
tries to lock mutex which no longer exists.
Jiri Denemark [Mon, 10 May 2010 13:13:17 +0000 (15:13 +0200)]
Remove watches before calling REMOTE_PROC_CLOSE
First calling REMOTE_PROC_CLOSE and then removing watches might lead to
a hang as HANGUP event can be triggered before the watches are actually
removed but after virConnectPtr is already freed. As a result of that
remoteDomainEventFired() would try to lock uninitialized mutex, which
would hang for ever.
Jim Meyering [Tue, 11 May 2010 15:43:16 +0000 (17:43 +0200)]
tests: correct PATH in new test, for when running manually
* tests/virsh-schedinfo: This test sets PATH internally, just in
case you're running it manually. Normally, the PATH setting from
tests/Makefile.am's TESTS_ENVIRONMENT is sufficient. Prepend the
correct directory, and take advantage of the PATH setting in one
more case.
Jim Meyering [Tue, 11 May 2010 13:38:21 +0000 (15:38 +0200)]
virsh: schedinfo --set invalid=value would simply ignore the option
For example, virsh -c test:///default schedinfo 1 --set P=k would
mistakenly exit successfully, giving no indication that it had failed
to set the scheduling parameter "P".
* tools/virsh.c (cmdSchedinfo): Diagnose an invalid --set j=k option,
rather than silently ignoring it.
* tests/virsh-schedinfo: New test for the above.
* tests/Makefile.am (test_scripts): Add it.
Reported by Jintao Yang in http://bugzilla.redhat.com/586632
Eric Blake [Mon, 10 May 2010 20:17:10 +0000 (14:17 -0600)]
maint: avoid spurious output if program not present
Some shells warn about missing programs before redirection;
the idiomatic way to silence them is to run the program check
inside a subshell, with the redirections outside the subshell.
But a subshell is only needed in places where it is reasonable
to expect the use of such a noisy shell in the first place.
* src/Makefile.am (remote_protocol-structs): Use subshell, for
FreeBSD 8.0 /bin/sh.
* cfg.mk (sc_preprocessor_indentation): Avoid subshell, since the
only users running cfg.mk can be assumed to have decent tools.
Jim Meyering [Fri, 7 May 2010 14:01:26 +0000 (16:01 +0200)]
help avoid accidental remote_protocol.x changes
Now, if you update remote_protocol.x without also updating
remote_protocol-structs to match, then "make check" will fail.
* src/Makefile.am (remote_protocol-structs): Extract list of
structs and member names from remote_protocol.o.
(check-local): Depend on it.
* src/remote_protocol-structs: New file.
Eric Blake [Tue, 4 May 2010 17:12:01 +0000 (11:12 -0600)]
mingw32-libvirt.spec: bring up to date
Right now, mingw32-portablexdr is not available in Fedora, but is
present in fedora-mingw.git. With that package, plus
redhat-rpm-config and this patch, it is once again possible to build
mingw32-libvirt from a Fedora 12 host.
That commit was not necessary. The problem is fixed by commit 0e9b3a269be9ce821615aba4aece87c4451d43ac, but I didn't rebuild
it properly after pulling in the commit and didn't notice it.
projects / libvirt.git / log