John Ferlan [Thu, 10 Jan 2013 17:46:52 +0000 (12:46 -0500)]
xen: Resolve resource leak with 'cpuset'
Make cpuset local to the while loop and free it once done with it each
time through the loop. Add a sa_assert() to virBitmapParse() to keep Coverity
from believing there could be a negative return and possible resource leak.
John Ferlan [Thu, 10 Jan 2013 19:44:26 +0000 (14:44 -0500)]
storage: Need to also VIR_FREE(reg)
Commit-id 'afc4631b' added the regfree(reg) to free resources alloc'd
during regcomp; however, reg still needed to be VIR_FREE()'d. The call
to regfree() also didn't account for possible NULL value. Reformatted
the call to be closer to usage.
Fix typo LIBCURL_{CFLAGS,LIBS} to CURL_{CFLAGS,LIBS}
Some places missed the conversion from LIBCURL_{CFLAGS,LIBS} to
CURL_{CFLAGS,LIBS}, and a part of curl check was left in
configure.ac instead of m4/virt-curl.m4 by mistake
Eric Blake [Mon, 14 Jan 2013 16:54:25 +0000 (09:54 -0700)]
build: work around broken kernel header
I got this scary warning during ./configure on rawhide:
checking linux/if_bridge.h usability... no
checking linux/if_bridge.h presence... yes
configure: WARNING: linux/if_bridge.h: present but cannot be compiled
configure: WARNING: linux/if_bridge.h: check for missing prerequisite headers?
configure: WARNING: linux/if_bridge.h: see the Autoconf documentation
configure: WARNING: linux/if_bridge.h: section "Present But Cannot Be Compiled"
configure: WARNING: linux/if_bridge.h: proceeding with the compiler's result
configure: WARNING: ## ------------------------------------- ##
configure: WARNING: ## Report this to libvir-list@redhat.com ##
configure: WARNING: ## ------------------------------------- ##
checking for linux/if_bridge.h... no
* configure.ac (AC_CHECK_HEADERS): Provide struct in6_addr, since
linux/if_bridge.h uses it without declaring it.
This patch introduces support for LXC specific public APIs. In
common with what was done for QEMU, this creates a libvirt_lxc.so
library and libvirt/libvirt-lxc.h header file.
The actual APIs are
int virDomainLxcOpenNamespace(virDomainPtr domain,
int **fdlist,
unsigned int flags);
int virDomainLxcEnterNamespace(virDomainPtr domain,
unsigned int nfdlist,
int *fdlist,
unsigned int *noldfdlist,
int **oldfdlist,
unsigned int flags);
which provide a way to use the setns() system call to move the
calling process into the container's namespace. It is not
practical to write in a generically applicable manner. The
nearest that we could get to such an API would be an API which
allows to pass a command + argv to be executed inside a
container. Even if we had such a generic API, this LXC specific
API is still useful, because it allows the caller to maintain
the current process context, in particular any I/O streams they
have open.
NB the virDomainLxcEnterNamespace() API is special in that it
runs client side, so does not involve the internal driver API.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
There are many aspects of the guest XML which result in the
SELinux driver applying file labelling. With the increasing
configuration options it is desirable to test this behaviour.
It is not possible to assume that the test suite has the
ability to set SELinux labels. Most filesystems though will
support extended attributes. Thus for the purpose of testing,
it is possible to extend the existing LD_PRELOAD hack to
override setfilecon() and getfilecon() to simply use the
'user.libvirt.selinux' attribute for the sake of testing.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This converts the libssh2 configure check to use LIBVIRT_CHECK_PKG.
Previously it would check version 1.0 and 1.3, but this simplifies
things to just require version 1.3
Claudio Bley [Fri, 11 Jan 2013 10:39:19 +0000 (11:39 +0100)]
docs: restrict the set of characters for info keys
When parsing the top level comment of a file, apibuild.py used
to split on any ':' character of a line regarding the first part
as a key for a setting, e.g. "Summary". The second part would then
be assigned as the value for that key.
This means you could not use a ':' character inside those comments
without ill effects.
Now, a key must consist solely of alphanumeric characters, '_' or '.'.
Eric Blake [Fri, 11 Jan 2013 00:39:04 +0000 (17:39 -0700)]
docs: mention git rename detection
I've noticed a number of people sending patches with file
renames not compressed, so we might as well document how to
set this up. (Git won't do it by default, for back-compat
reasons)
Add some autoconf helper macros for checking for libraries
Most checks for libraries take the same format
* --with-libFOO=yes|no|check|/some/path argument
* check for a function NNN in libFOO.so
* check for a header file DDD/HHH.h
* Define a WITH_FOO config.h symbol
* Define a WITH_FOO make conditional
* Substitute FOO_CFLAGS and FOO_LIBS make variables
* Print CFLAGS & LIBS summary at the end
Doing all this correctly is rather difficult, typically
done by copy+paste of a previous usage. Further small
improvements people make are not applied to all previous
usages.
Improve this by creating some helper macros to apply
good practice. First, to perform the actual checks:
This checks for 'getfilecon' in -lselinux, and the
existence of 'selinux/selinux.h' header file. If successful
it sets SELINUX_CFLAGS and SELINUX_LIBS. The WITH_SELINUX
config.h macro and WITH_SELINUX make conditional are also
defined.
In some cases we need to check two variants of the same
library
This checks for sasl_client_init in libsasl2, and if that
is not found, checks sasl_client_init in libsasl. If the
first check succeeds WITH_SASL is set, while if the second
check succeeds *both* WITH_SASL and WITH_SASL1 are set.
If the library supports pkg-config, then another variant
is available
Yufang Zhang [Thu, 10 Jan 2013 12:44:01 +0000 (20:44 +0800)]
build: require avahi instead of avahi-libs on rhel5.
On rhel5, libs of avahi are packaged into avahi instead of avahi-libs.
Actually, there is no avahi-libs package shipped with rhel5. This patch
fixes this by requiring avahi on rhel5.
John Ferlan [Thu, 10 Jan 2013 19:21:02 +0000 (14:21 -0500)]
phyp: Resolve some file descriptor leaks
The phypUUIDTable_Push and phypUUIDTable_Pull leaked their file descriptors
on normal return. Each function had an unnecessary use of creating a buffer
to print conn->uri->user and needed a bit better flow control. I also noted
that the Read function had a cut-n-paste error from the write function on a
couple of VIR_WARN's.
The openSSHSession leaked the sock on the failure path. Additionally that
turns into the internal_socket in the phypOpen code. That was neither saved
nor closed on any path. So I used the connnection_data->sock field to save
the socket for eventual close. Of interest here is that phypExec used the
connection_data->sock field even though it had never been initialized.
Eric Blake [Wed, 9 Jan 2013 22:07:30 +0000 (15:07 -0700)]
maint: don't distribute generated .def files
I ran 'make dist' in the directory left over from ./autobuild.sh
(which was configured for a mingw cross build); the resulting
tarball had more files than 'make dist' on a normal Linux build.
I traced it to the fact that we were distributing a generated
file, but only when configure said the end user had to generate
the file in the first place. In the process, I noticed that
we had some difference in symbol file names; I added a comment
explaining why the difference exists (after first trying to
normalize the names and hitting VPATH build failures).
* configure.ac (LIBVIRT_QEMU_SYMBOL_FILE): Add some comments.
* src/Makefile.am (EXTRA_DIST): No need to ship a generated file;
particularly since which file is built depends on configure results.
Eric Blake [Wed, 9 Jan 2013 18:39:45 +0000 (11:39 -0700)]
spec: remove redundant %if
The daemon-driver-{qemu,lxc} packages are only built if
%{with_driver_modules} is specified, so they do not need to
further test this condition. Likewise, the daemon package
is only built if %{with_libvirtd} is specified, so it does
not need to further test this condition.
Chunyan Liu [Thu, 10 Jan 2013 07:51:43 +0000 (15:51 +0800)]
pass stub driver name instead of pciFindStubDriver
Pass stub driver name directly to pciDettachDevice and pciReAttachDevice to fit
for different libvirt drivers. For example, qemu driver prefers pci-stub, but
Xen prefers pciback.
Guannan Ren [Sat, 5 Jan 2013 05:25:36 +0000 (13:25 +0800)]
qemu: add usb-serial support
Add an optional 'type' attribute to <target> element of serial port
device. There are two choices for its value, 'isa-serial' and
'usb-serial'. For backward compatibility, when attribute 'type' is
missing the 'isa-serial' will be chosen as before.
Michal Privoznik [Thu, 10 Jan 2013 12:49:09 +0000 (13:49 +0100)]
libvirt.h.in: Fix indentation
With the most recent patch from Claudio, I realized how many
indentation flaws we have in the libvirt.h.in file. Even though
they are harmless, it's still worth fixing them.
With current code, if user calls virDomainPMSuspendForDuration()
followed by virDomainDestroy(), the former API checks for qemu agent
presence, which will evaluate as true (if agent is configured). While
talking to qemu agent, the qemu driver is unlocked, so the latter API
starts executing. However, if machine dies meanwhile, libvirtd gets
EOF on the agent socket and qemuProcessHandleAgentEOF() is called. The
handler clears reference to qemu agent while the destroy API already
holding a reference to it. This leads to NULL dereferencing later in
the code. Therefore, the agent pointer should be set to NULL only if
we are the exclusive owner of it.
Yufang Zhang [Wed, 9 Jan 2013 12:18:35 +0000 (20:18 +0800)]
build: move file deleting action from %files list to %install
When building libvirt rpms on rhel5, I got the following error:
File must begin with "/": rm
File must begin with "/": -f
File must begin with "/": $RPM_BUILD_ROOT/etc/sysctl.d/libvirtd
Installed (but unpackaged) file(s) found:
/etc/sysctl.d/libvirtd
It is triggerd by the %files list of libvirt daemon:
Eric Blake [Wed, 9 Jan 2013 21:36:25 +0000 (14:36 -0700)]
maint: distribute libvirtd.service.in
I did a build --without-libvirtd, then ran 'make dist'. The
resulting tarball was broken, with a complaint that make did not
know how to create libvirtd.service.in. I traced it to a use
of EXTRA_DIST inside a conditional.
* daemon/Makefile.am (EXTRA_DIST): Hoist libvirtd.service.in
outside of WITH_LIBVIRTD conditional.
When qemu/KVM VMs are paused manually through a monitor not-owned by libvirt,
libvirt will think of them as "paused" event after they are resumed and
effectively running. With this patch the discrepancy goes away.
This is meant to address bug 892791.
Signed-off-by: Andres Lagar-Cavilla <andres@lagarcavilla.org>
John Ferlan [Tue, 8 Jan 2013 21:21:51 +0000 (16:21 -0500)]
tests: Remove remnants of removing the fake emulator output
Coverity determined that 'emulator' could no longer be set and determined the
code was dead. Looking through the history, I discovered commit-id ed769e18
removed code originally added by commit-id 9237e955 and further modified by
commit-id 6a7e7c4f.
In a non-systemd environment the post and preun scripts of libvirt-client
fail, since the required files are in libvirt-daemon. Moved them to client.
Doing that I noticed %{_unitdir}/libvirt-guests.service was contained in
both libvirt-client and libvirt-daemon, which I don't think was intended.
Removed the extra copy from daemon.
Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
Eric Blake [Mon, 7 Jan 2013 22:50:41 +0000 (15:50 -0700)]
maint: avoid potential promotion issues with [ug]id_t
POSIX does not guarantee whether uid_t and gid_t are signed or
unsigned, nor does it guarantee whether they are smaller, same
size, or larger than int (or even the same size as one another).
Therefore, it is possible to have platforms where '(uid_t)-1==-1'
is false or where 'uid = gid = -1' sets uid to the wrong value,
thanks to integer promotion rules. The only portable way to use
the placeholder value of these two types is to always use a cast.
Thankfully, the issue is mostly theoretical - sanlock only
compiles on Linux for now, and on Linux, these types do not
suffer from strange promotion problems.
* src/locking/lock_driver_sanlock.c
(virLockManagerSanlockSetupLockspace, virLockManagerSanlockInit)
(virLockManagerSanlockCreateLease): Cast -1 to proper type before
comparing with uid_t or gid_t.
Currently, if there's no hard memory limit defined for a domain,
libvirt tries to calculate one, based on domain definition and magic
equation and set it upon the domain startup. The rationale behind was,
if there's a memory leak or exploit in qemu, we should prevent the
host system trashing. However, the equation was too tightening, as it
didn't reflect what the kernel counts into the memory used by a
process. Since many hosts do have a swap, nobody hasn't noticed
anything, because if hard memory limit is reached, process can
continue allocating memory on a swap. However, if there is no swap on
the host, the process gets killed by OOM killer. In our case, the qemu
process it is.
To prevent this, we need to relax the hard RSS limit. Moreover, we
should reflect more precisely the kernel way of accounting the memory
for process. That is, even the kernel caches are counted within the
memory used by a process (within cgroups at least). Hence the magic
equation has to be changed:
limit = 1.5 * (domain memory + total video memory) + (32MB for cache
per each disk) + 200MB
projects / libvirt.git / log