The GCC Win32 compiler will claim to support -fstack-protector,
but if it actually gets triggered by a suitable code pattern,
linking will fail. Other non-Linux OS likely suffer the same
way with gcc.
* m4/virt-compile-warnings.m4: Only use stack protector when
the build target is Linux.
GCC is a little confused about the cast of beginthread/beginthreadex
from unsigned long -> void *. Go via an intermediate variable avoids
the bogus warning, and makes the code a little cleaner
* src/util/threads-win32.c: Avoid compiler warning in cast
The SCSI volumes get a better 'key' field based on the fully
qualified volume path. All SCSI volumes have a unique serial
available in hardware which can be obtained by sending a
suitable SCSI command. Call out to udev's 'scsi_id' command
to fetch this value
* src/storage/storage_backend_scsi.c: Improve volume key
field value stability and uniqueness
When initializing qemu guest capabilities, we should ignore qemu
binaries that we are not able to extract version/help info from since
they will be unusable for creating domains anyway. Ignoring them is also
much better than letting initialization of qemu driver fail.
Enable use of -Wold-style-definition compiler flag
A couple of functions were declared using the old style foo()
for no-parameters, instead of foo(void)
* src/xen/xen_hypervisor.c, tests/testutils.c: Replace () with (void)
in some function declarations
* m4/virt-compile-warnings.m4: Enable -Wold-style-definition
Remove custom code for checking compiler warnings, using
gl_WARN_ADD instead. Don't list all flags ourselves, use
gnulib's gl_MANYWARN_ALL_GCC to get all possible GCC flags,
then turn off the ones we don't want yet.
* acinclude.m4: Rewrite to use gl_WARN_ADD and gl_MANYWARN_ALL_GCC
* bootstrap.conf: Add warnings & manywarnings
* configure.ac: Switch to gl_WARN_ADD
* m4/compiler-flags.m4: Obsoleted by gl_WARN_ADD
Jesse Cook [Mon, 28 Mar 2011 01:30:14 +0000 (20:30 -0500)]
Allow relative path for qemu backing file
This patch enables the relative backing file path support provided by
qemu-img create.
If a relative path is specified for the backing file, it is converted
to an absolute path using the storage pool path. The absolute path is
used to verify that the backing file exists. If the backing file exists,
the relative path is allowed and will be provided to qemu-img create.
Even with -Wuninitialized (which is part of autobuild.sh
--enable-compile-warnings=error), gcc does NOT catch this
use of an uninitialized variable:
{
if (cond)
goto error;
int a = 1;
error:
printf("%d", a);
}
which prints 0 (supposing the stack started life wiped) if
cond was true. Clang will catch it, but we don't use clang
as often. Using gcc -Wjump-misses-init catches it, but also
gives false positives:
{
if (cond)
goto error;
int a = 1;
return a;
error:
return 0;
}
Here, a was never used in the scope of the error block, so
declaring it after goto is technically fine (and clang agrees).
However, given that our HACKING already documents a preference
to C89 decl-before-statement, the false positive warning is
enough of a prod to comply with HACKING.
[Personally, I'd _really_ rather use C99 decl-after-statement
to minimize scope, but until gcc can efficiently and reliably
catch scoping and uninitialized usage bugs, I'll settle with
the compromise of enforcing a coding standard that happens to
reject false positives if it can also detect real bugs.]
Wen Congyang [Wed, 30 Mar 2011 07:46:41 +0000 (15:46 +0800)]
fix memory leak in qemuProcessHandleGraphics()
If strdup("x509dname") or strdup("saslUsername") success, but
strdup(x509dname) or strdup(saslUsername) failed, subject->nidentity
is not the num elements of subject->identities, and we will leak some
memory.
Daniel Veillard [Fri, 1 Apr 2011 11:30:53 +0000 (19:30 +0800)]
Fix libxl driver startup
When you happen to have a libvirtd binary compiled with the
libxenlight driver (say you have installed xen-4.1 libraries)
but not running a xen enabled system, then libvirtd fails to start.
The cause is that libxlStartup() returns -1 when failing to initialize
the library, and this propagates to virStateInitialize() which consider
this a failure. We should only exit libxlStartup with an error code
if something like an allocation error occurs, not if the driver failed
to initialize.
* src/libxl/libxl_driver.c: fix libxlStartup() to not return -1
when failing to initialize the libxenlight library
Jiri Denemark [Thu, 31 Mar 2011 09:48:17 +0000 (11:48 +0200)]
virsh: Fix documentation for memtune command
Commit 78ba748ef14c520ff1c4af2b5b0a44586ac49c8c claims to fix
documentation for swap_hard_limit virsh memtune option but it only fixes
documentation in formatdomain.html and libvirt.h. This patch completes
the task by fixing "virsh help memtune" output and memtune section of
virsh man page.
Jiri Denemark [Wed, 30 Mar 2011 11:57:27 +0000 (13:57 +0200)]
qemu: Ignore libvirt debug messages in qemu log
qemu driver uses a 4K buffer for reading qemu log file. This is enough
when only qemu's output is present in the log file. However, when
debugging messages are turned on, intermediate libvirt process fills the
log with a bunch of debugging messages before it executes qemu binary.
In such a case the buffer may become too small. However, we are not
really interested in libvirt messages so they can be filtered out from
the buffer.
Osier Yang [Fri, 1 Apr 2011 03:41:33 +0000 (11:41 +0800)]
qemu: Fix improper logic of qemuCgroupSetup
It throws errors as long as the cgroup controller is not available,
regardless of whether we really want to use it to do setup or not,
which is not what we want, fixing it with throwing error when need
to use the controller.
And change "VIR_WARN" to "qemuReportError" for memory controller
incidentally.
Wen Congyang [Thu, 31 Mar 2011 03:28:21 +0000 (11:28 +0800)]
free tmp after unlinking it
We create a temporary file to save memory, and we will remove it after reading
memory to buffer. But we free the variable that contains the temporary filename
before we remove it. So we should free tmp after unlinking it.
printf on Win32 does not necessarily support %lld and we don't
have GNULIBs wrapper for printf(). Switch to use asprintf() for
which we do have a gnulib wrapper with %lld support
* examples/domain-events/events-c/event-test.c: Fix formatting
of %lld on Win32
* cfg.mk: Don't require use of virAsprintf since this is an
example app for out of tree users to follow
Eric Blake [Thu, 31 Mar 2011 02:26:27 +0000 (20:26 -0600)]
maint: avoid locale-sensitivity in string case comparisons
strcase{cmp/str} have the drawback of being sensitive to the global
locale; this is unacceptable in a library setting. Prefer a
hard-coded C locale alternative for all but virsh, which is user
facing and where the global locale isn't changing externally.
* .gnulib: Update to latest, for c-strcasestr change.
* bootstrap.conf (gnulib_modules): Drop strcasestr, add c-strcase
and c-strcasestr.
* cfg.mk (sc_avoid_strcase): New rule.
(exclude_file_name_regexp--sc_avoid_strcase): New exception.
* src/internal.h (STRCASEEQ, STRCASENEQ, STRCASEEQLEN)
(STRCASENEQLEN): Adjust offenders.
* src/qemu/qemu_monitor_text.c (qemuMonitorTextEjectMedia):
Likewise.
* tools/virsh.c (namesorter): Document exception.
Wen Congyang [Wed, 30 Mar 2011 01:48:29 +0000 (09:48 +0800)]
check whether qemuMonitorJSONHMP() failed
If qemu quited unexpectedly when we call qemuMonitorJSONHMP(),
libvirt will crash.
Steps to reproduce this bug:
1. use gdb to attach libvirtd, and set a breakpoint in the function
qemuMonitorSetCapabilities()
2. start a vm
3. let the libvirtd to run until qemuMonitorJSONSetCapabilities() returns.
4. kill the qemu process
5. continue running libvirtd
Wen Congyang [Wed, 30 Mar 2011 01:43:25 +0000 (09:43 +0800)]
do not send monitor command after monitor meet error
If the monitor met a error, and we will call qemuProcessHandleMonitorEOF().
But we may try to send monitor command after qemuProcessHandleMonitorEOF()
returned. Then libvirtd will be blocked in qemuMonitorSend().
Steps to reproduce this bug:
1. use gdb to attach libvirtd, and set a breakpoint in the function
qemuConnectMonitor()
2. start a vm
3. let the libvirtd to run until qemuMonitorOpen() returns.
4. kill the qemu process
5. continue running libvirtd
Naoya Horiguchi [Wed, 30 Mar 2011 01:19:47 +0000 (09:19 +0800)]
extend logging to record configuration-related changes
Currently libvirt's default logging is limited and it is difficult to
determine what was happening when a proglem occurred (especially on a
machines where one don't know the detail.) This patch helps to do that
by making additional logging available for the following events:
Osier Yang [Tue, 29 Mar 2011 13:43:41 +0000 (21:43 +0800)]
cputune: Support cputune for xend driver
Not sure if it's the correct way to add cputune xml for xend driver,
and besides, seems "xm driver" and "xen hypervisor" also support
vcpu affinity, do we need to add support for them too?
Osier Yang [Tue, 29 Mar 2011 13:41:25 +0000 (21:41 +0800)]
cputune: Support cputune for qemu driver
When domain startup, setting cpu affinity and cpu shares according
to the cputune xml specified in domain xml.
Modify "qemudDomainPinVcpu" to update domain config for vcpupin,
and modify "qemuSetSchedulerParameters" to update domain config
for cpu shares.
v1 - v2:
* Use "VIR_ALLOC_N" instead of "VIR_ALLOC_VAR"
* But keep raising error when it fails on adding vcpupin xml
entry, as I still don't have a better idea yet.
Eric Blake [Mon, 28 Mar 2011 21:50:22 +0000 (15:50 -0600)]
qemu: fix regression with fd labeling on migration
My earlier testing for commit 34fa0de0 was done while starting
just-built libvirt from an unconfined_t shell, where the fds happened
to work when transferring to qemu. But when installed and run under
virtd_t, failure to label the raw file (with no compression) or the
pipe (with compression) triggers SELinux failures when passing fds
over SCM_RIGHTS to svirt_t qemu.
* src/qemu/qemu_migration.c (qemuMigrationToFile): When passing
FDs, make sure they are labeled.
Eric Blake [Mon, 28 Mar 2011 21:14:15 +0000 (15:14 -0600)]
qemu: improve error message on failed fd transfer
First fallout of fd: migration - it looks like SELinux enforcing
_does_ require fd labeling (running uninstalled libvirtd from an
unconstrained shell had no problems, but once faked out by doing
chcon `stat -c %C /usr/sbin/libvirtd` daemon/libvirtd
run_init $PWD/daemon/libvirtd
to run it with the same context as an init script service, and with
SELinux enforcing, I got a rather confusing failure:
error: Failed to save domain fedora_12 to fed12.img
error: internal error unable to send TAP file handle: No file descriptor supplied via SCM_RIGHTS
This fixes the error message, then I need to figure out a subsequent
patch that does the fsetfilecon() necessary to keep things happy.
It also appears that libvirtd hangs on a failed fd transfer; I don't
know if that needs an independent fix.
* src/qemu/qemu_monitor_text.c (qemuMonitorTextSendFileHandle):
Improve message, since TAP is no longer only client.
Markus Groß [Tue, 29 Mar 2011 12:39:18 +0000 (20:39 +0800)]
Implements domainXMLTo/FromNative in libxl driver
* src/Makefile.am src/libvirt_private.syms configure.ac: share and
reuse the sexpr routines from sexpr.h of the old xen driver
* src/libxl/libxl_driver.c: implements libxlDomainXMLFromNative and
libxlDomainXMLToNative
Markus Groß [Tue, 29 Mar 2011 12:18:24 +0000 (20:18 +0800)]
Add event callbacks to libxl driver
* src/libxl/libxl_conf.h: add the necessary fields to the driver
private structure
* src/libxl/libxl_driver.c: add lifecycle event support and entry
points for event(de)register(any)
Fix infinite loop in daemon if client quits with multiple streams open
The daemon loops over the linked list of streams when a client
quits, closing any that the client hadn't already closed. Except
it didn't ever move to the next element in the list!
* daemon/stream.c: Fix loop over linked list of streams
Add public APIs for storage volume upload/download
New APIs are added allowing streaming of content to/from
storage volumes.
* include/libvirt/libvirt.h.in: Add virStorageVolUpload and
virStorageVolDownload APIs
* src/driver.h, src/libvirt.c, src/libvirt_public.syms: Stub
code for new APIs
* src/storage/storage_driver.c, src/esx/esx_storage_driver.c:
Add dummy entries in driver table for new APIs
Enhance the streams helper to support plain file I/O
The O_NONBLOCK flag doesn't work as desired on plain files
or block devices. Introduce an I/O helper program that does
the blocking I/O operations, communicating over a pipe that
can support O_NONBLOCK
* src/fdstream.c, src/fdstream.h: Add non-blocking I/O
on plain files/block devices
* src/Makefile.am, src/util/iohelper.c: I/O helper program
* src/qemu/qemu_driver.c, src/lxc/lxc_driver.c,
src/uml/uml_driver.c, src/xen/xen_driver.c: Update for
streams API change
Update event loop example programs to demonstrate best practice
The example C event loop code is a nasty hack and not compliant
with the require API semantics. Delete this, so that developers
don't mistakenly copy it. Instead call the new public event loop
APIs.
Update the python event loop example, so that it can optionally
use the public event APIs, as an alternative to the pure python
code. The pure python event code is a good working example, so
don't delete it.
Also make the python example use a read only connection to avoid
authentication prompts
* examples/domain-events/events-c/event-test.c: Replace event
loop code with use of public APIs
* examples/domain-events/events-python/event-test.py: Allow
optional use of new public event APIs
Eric Blake [Thu, 10 Mar 2011 00:35:13 +0000 (17:35 -0700)]
qemu: consolidate migration to file code
This points out that core dumps (still) don't work for root-squash
NFS, since the fd is not opened correctly. This patch should not
introduce any functionality change, it is just a refactoring to
avoid duplicated code.
* src/qemu/qemu_migration.h (qemuMigrationToFile): New prototype.
* src/qemu/qemu_migration.c (qemuMigrationToFile): New function.
* src/qemu/qemu_driver.c (qemudDomainSaveFlag, doCoreDump): Use
it.
Eric Blake [Thu, 3 Mar 2011 15:50:19 +0000 (08:50 -0700)]
util: use SCM_RIGHTS in virFileOperation when needed
Currently, the hook function in virFileOperation is extremely limited:
it must be async-signal-safe, and cannot modify any memory in the
parent process. It is much handier to return a valid fd and operate
on it in the parent than to deal with hook restrictions.
* src/util/util.h (VIR_FILE_OP_RETURN_FD): New flag.
* src/util/util.c (virFileOperationNoFork, virFileOperation):
Honor new flag.
Eric Blake [Wed, 2 Mar 2011 04:59:25 +0000 (21:59 -0700)]
qemu: allow simple domain save to use fd: protocol
This allows direct saves (no compression, no root-squash NFS) to use
the more efficient fd: migration, which in turn avoids a race where
qemu exec: migration can sometimes fail because qemu does a generic
waitpid() that conflicts with the pclose() used by exec:. Further
patches will solve compression and root-squash NFS.
* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Use new function
when there is no compression.
Eric Blake [Sat, 26 Mar 2011 11:27:57 +0000 (05:27 -0600)]
qemu: fix restoring a compressed save image
Latent bug introduced in commit 2d6a581960 (Aug 2009), but not exposed
until commit 1859939a (Jan 2011). Basically, when virExec creates a
pipe, it always marks libvirt's side as cloexec. If libvirt then
wants to hand that pipe to another child process, things work great if
the fd is dup2()'d onto stdin or stdout (as with stdin: or exec:
migration), but if the pipe is instead used as-is (such as with fd:
migration) then qemu sees EBADF because the fd was closed at exec().
This is a minimal fix for the problem at hand; it is slightly racy,
but no more racy than the rest of libvirt fd handling, including the
case of uncompressed save images. A more invasive fix, but ultimately
safer at avoiding leaking unintended fds, would be to _always and
atomically_ open all fds as cloexec in libvirt (thanks to primitives
like open(O_CLOEXEC), pipe2(), accept4(), ...), then teach virExec to
clear that bit for all fds explicitly marked to be handed to the child
only after forking.
projects / libvirt.git / log