Paolo Bonzini [Tue, 10 May 2011 11:24:14 +0000 (13:24 +0200)]
xen: parse and generate hpet item in sxpr
Recent versions of Xen disable the virtual HPET by default. This is
usually more precise because tick policies are not implemented for
the HPET in Xen. However, there may be several reasons to control
the HPET manually: 1) to test the emulation; 2) because distros may
provide the knob while leaving the default to "enabled" for compatibility
reasons.
This patch provides support for the hpet item in both sexpr and xm
formats, and translates it to a <timer> element.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Doug Goldstein [Fri, 6 May 2011 15:01:04 +0000 (10:01 -0500)]
docs: updates to CA cert and client cert/key info
Update the documentation to mention that the CA certificate and the
client cert/key pair can come from the user's location or the global
location independent of each other.
Cole Robinson [Fri, 6 May 2011 14:37:36 +0000 (10:37 -0400)]
command: Add virCommandExec helper
Actually execs the argv/env we've generated, replacing the current process.
Kind of has a limited usage, but allows us to use virCommand in LXC
driver to launch the 'init' process
Eric Blake [Wed, 4 May 2011 14:18:06 +0000 (08:18 -0600)]
build: translate generated strings
Make sure that xgettext scans generated files for translatable
strings, rather than just files stored in libvirt.git.
* .gnulib: Update, for bootstrap and syntax-check fixes.
* bootstrap: Resynchronize with gnulib.
* cfg.mk (generated_files): Define.
* po/POTFILES.in: Add more files with _().
The libvirtd daemon uses fnmatch. Although we don't yet build
it on Win32, we should use gnulib's fnmatch module to ensure
portability to all platforms.
Stop storing the generated files for the remote protocol client
and server in source control. The generated files will still be
included in the result of 'make dist' to avoid end-users needing
to generate the files
Signed-off-by: Eric Blake <eblake@redhat.com>
Unfortunately, this means that the strings marked for translation
in generated files are not picked up by gnulib's syntax-check,
I'm working on fixing that in gnulib.
Always generate the rpc files, and require rpcgen during bootstrap.
* daemon/Makefile.am: Removed generated files with
maintainer-clean target
* src/Makefile.am: Removed generated files with
maintainer-clean target. Always run 'rpcgen' if
generated files are missing
Eric Blake [Fri, 6 May 2011 19:54:32 +0000 (13:54 -0600)]
build: rename generated files to .h, for automake's sake
In preparation for removing generated files, it is necessary
to tell automake that the generated files must be distributed
but not directly compiled (since they are included into the
body of a larger .c file that is compiled). Hence, even though
these files are code and not headers in the strict sense of
the word, it is easier to rename them to .h for automake's sake.
Markus Groß [Wed, 4 May 2011 10:17:06 +0000 (12:17 +0200)]
Balloon dom0 in libxl driver
Creating a domU on a freshly booted dom0 does not work,
because the libxl driver does not allocate memory for the domU.
After creating a domain with xl libvirt is able to create domains too.
This patch reserves enough memory for the domU first.
Eric Blake [Fri, 6 May 2011 16:17:16 +0000 (10:17 -0600)]
build: drop files generated by config.status from tarball
The rule of thumb is that any file generated by config.status
is a) reproducible by any user, b) dependent on configure options.
Therefore, it is inappropriate to include such generated files
in the tarball (for proof, Makefile is generated from Makefile.in;
the former is not in the tarball while the latter is).
* Makefile.am (EXTRA_DIST): Remove files covered by AC_OUTPUT.
Michal Privoznik [Fri, 29 Apr 2011 09:28:28 +0000 (11:28 +0200)]
Add warning message to XML definition files stored on disk
Users often edit XML file stored in configuration directory
thinking of modifying a domain/network/pool/etc. Thus it is wise
to let them know they are using the wrong way and give them hint.
When setting up a FIFO for QEMU, it allows either a pair
of fifos used unidirectionally, or a single fifo used
bidirectionally. Look for the bidirectional fifo first
when labelling since that is more useful
Make taint warnings also go into the domain logfile
As well as taint warnings going to the main libvirt log,
add taint warnings to the per-domain logfile
Domain id=3 is tainted: high-privileges
Domain id=3 is tainted: disk-probing
Domain id=3 is tainted: shell-scripts
Domain id=3 is tainted: custom-monitor
* src/qemu/qemu_domain.c, src/qemu/qemu_domain.h: Enhance
qemuDomainTaint to also log to the domain logfile
* src/qemu/qemu_driver.c: Pass -1 for logFD to taint methods to
auto-append to logfile
* src/qemu/qemu_process.c: Pass open logFD at startup for taint
methods
- If running QEMU as root user/group or without capabilities
being cleared
- If passing custom QEMU command line args
- If issuing custom QEMU monitor commands
- If using a network interface config with an associated
shell script
- If using a disk config relying on format probing
The warnings, per-VM appear in the main libvirtd logs
* src/qemu/qemu_domain.c, src/qemu/qemu_domain.h: Helper APIs
for logging taint warnings
* src/qemu/qemu_driver.c: Log tainting with custom QEMU monitor
commands and disk/net hotplug with unsupported configs
* src/qemu/qemu_process.c: Log tainting at startup based on
unsupported configs
Some configuration setups for guests are allowed, but strongly
discouraged and unsupportable in production systems. Introduce
a concept of 'tainting' to virDomainObjPtr to allow such setups
to be identified. Drivers can then log warnings at suitable
times
* src/conf/domain_conf.c, src/conf/domain_conf.h: Declare taint
flags and add parsing/formatting of domain status XML
Eric Blake [Sat, 30 Apr 2011 16:34:49 +0000 (10:34 -0600)]
maint: rename virBufferVSprintf to virBufferAsprintf
We already have virAsprintf, so picking a similar name helps for
seeing a similar purpose. Furthermore, the prefix V before printf
generally implies 'va_list', even though this variant was '...', and
the old name got in the way of adding a new va_list version.
The qemuMigrationToFile method was accidentally annotated for
the 'compressor' parameter to be non-null, instead of the
'path' parameter. Thus GCC with -O2, unhelpfully deleted the
entire 'if (compressor == NULL)' block of code during
optimization. Thus NULL was passed to virCommandNew() with
predictably bad results.
* src/qemu/qemu_migration.h: Fix non-null annotation to be
against path instead of compressor
Persist qemu capabilities in the domain status file
To cope with the QEMU binary being changed while a VM is running,
it is neccessary to persist the original qemu capabilities at the
time the VM is booted.
* src/qemu/qemu_capabilities.c, src/qemu/qemu_capabilities.h: Add
an enum for a string rep of every capability
* src/qemu/qemu_domain.c, src/qemu/qemu_domain.h: Support for
storing capabilities in the domain status XML
* src/qemu/qemu_process.c: Populate & free QEMU capabilities at
domain startup
Daniel Veillard [Thu, 5 May 2011 03:25:13 +0000 (11:25 +0800)]
Release of libvirt-0.9.1
* configure.ac libvirt.spec.in docs/news.html.in: update and document
the release
* po/*.po*: update localizations for german, polish, spanish, ukrainian
and vietnamese coming from transifex, regenerate
Eric Blake [Wed, 4 May 2011 23:18:42 +0000 (17:18 -0600)]
maint: detect clang 2.9
In Fedora 15, with clang 2.8, 'scan-build env' shows:
CCC_ANALYZER_ANALYSIS=-analyzer-check-objc-mem -analyzer-check-security-syntactic -analyzer-check-dead-stores -analyzer-check-objc-unused-ivars -analyzer-check-objc-methodsigs
But in rawhide, with clang 2.9, the same variable is set but
empty, implying the default set of analysis. We still want
sa_assert defined in that case, to stop clang from hitting
false positives.
* configure.ac (STATIC_ANALYSIS): Detect clang even when the set
of analyses is the default.
Eric Blake [Tue, 3 May 2011 17:24:23 +0000 (11:24 -0600)]
remote: avoid null dereference on error
Clang found three instances of uninitialized use of nparams in
the cleanup path. Unfortunately, one is a false positive: clang
couldn't see that ret->params.params_val is guaranteed to be
NULL unless allocated within a function, and that nparams is
guaranteed to be assigned prior to the allocation; hoisting the
assignment to nparams to be earlier in the function shuts up
that false positive. But two of the reports also happened to
highlight a real bug - the error path can dereference NULL.
Matthias Bolte [Wed, 4 May 2011 07:07:41 +0000 (09:07 +0200)]
esx: Remove dead store in esxUtil_ParseDatastorePath
The ++ on preliminaryFileName was a left over from a previous version
of this function that explicitly returned the filename and did a strdup
on preliminaryFileName afterwards.
As the filename isn't returned explicitly anymore remove the preliminary
variable for it and reuse the tmp variable instead.
Eric Blake [Tue, 3 May 2011 20:19:06 +0000 (14:19 -0600)]
qemu: update qemuCgroupControllerActive signature
Clang warned about a dead assignment. In the process, I noticed
that we are only using the function for a bool value. I audited
all other callers in qemu_{migration,cgroup,driver,hotplug), and
all were making the call in a bool context.
Also, do bounds checking on the argument.
* src/qemu/qemu_cgroup.c (qemuSetupCgroup): Delete dead
assignment.
(qemuCgroupControllerActive): Change return type to bool.
* src/qemu/qemu_cgroup.h (qemuCgroupControllerActive): Likewise.
Eric Blake [Tue, 3 May 2011 20:30:34 +0000 (14:30 -0600)]
lxc: report correct error
Clang noticed a dead assignment, which turned out to be the use
of the wrong variable. rc starts life as -1, and is only ever
assigned to 0 just before a successful cleanup.
Eric Blake [Wed, 4 May 2011 15:21:05 +0000 (09:21 -0600)]
libxl: avoid compiler warning
Detected by gcc:
libxl/libxl_driver.c: In function 'libxlDomainDestroy':
libxl/libxl_drier.c:1351:30: error: variable 'priv' set but not used [-Werror=unused-but-set-variable]
Eric Blake [Tue, 3 May 2011 21:46:06 +0000 (15:46 -0600)]
cgroup: avoid leaking a file
Clang detected a dead store to rc. It turns out that in fixing this,
I also found a FILE* leak.
This is a subtle change in behavior, although unlikely to hit. The
pidfile is a kernel file, so we've probably got more serious problems
under foot if we fail to parse one. However, the previous behavior
was that even if one pid file failed to parse, we tried others,
whereas now we give up on the first failure. Either way, though,
the function returns -1, so the caller will know that something is
going wrong, and that not all pids were necessarily reaped. Besides,
there were other instances already in the code where failure in the
inner loop aborted the outer loop.
* src/util/cgroup.c (virCgroupKillInternal): Abort rather than
resuming loop on fscanf failure, and cleanup file on error.
Eric Blake [Tue, 3 May 2011 19:17:04 +0000 (13:17 -0600)]
qemu: silence clang false positives
Clang 2.8 wasn't quite able to follow that persistentDef was
assigned earlier if (flags & VIR_DOMAIN_MEM_CONFIG) is true.
Silence this false positive, to make clang analysis easier to use.
* src/qemu/qemu_driver.c (qemudDomainSetMemoryFlags): Add an
annotation to silence clang's claim of a NULL dereference.
Eric Blake [Tue, 3 May 2011 16:41:57 +0000 (10:41 -0600)]
virsh: avoid null pointer dereference
Clang detected that vol-download will call unlink(NULL) if there
is a parse error during option parsing. Also, mingw doesn't like
unlinking an open file.
* tools/virsh.c (cmdVolDownload): Only unlink file if created.
Eric Blake [Tue, 3 May 2011 15:29:26 +0000 (09:29 -0600)]
pci: fix null pointer dereference
Clang detected a null-pointer dereference regression, introduced
in commit 4e8969eb. Without this patch, a device with
unbind_from_stub set to false would eventually try to call
virFileExists on uncomputed drvdir.
* src/util/pci.c (pciUnbindDeviceFromStub): Ensure drvdir is set
before use.
Eric Blake [Tue, 3 May 2011 15:36:12 +0000 (09:36 -0600)]
qemu: avoid null pointer dereference
This code has had problems historically. As originally
written, in commit 6bcf2501 (Jun 08), it could call unlink
on a random string, nuking an unrelated file.
Then commit 182a80b9 (Sep 09), the code was rewritten to
allocate tmp, with both a use-after-free bug and a chance to
call unlink(NULL).
Commit e206946 (Mar 11) fixed the use-after-free, but not the
NULL dereference. Thanks to clang for catching this!
* src/qemu/qemu_driver.c (qemudDomainMemoryPeek): Don't call
unlink on NULL.
> So, AFAICT, this patch means we will never reconnect to any LXC
> VMs now.
>
> The correct solution, is to refactor LXC driver startup to work
> the same way as the QEMU driver startup.
>
> - Load all the live state XML files (to pick up running VMs)
> - Reconnect to all VMs
> - Load all the persistent config XML files (to pick up any additional
> inactive guets)
But that solution is invasive enough to be post-0.9.1.
Eric Blake [Mon, 2 May 2011 23:35:18 +0000 (17:35 -0600)]
tests: avoid compiler warning
../../tests/xmconfigtest.c: In function 'testCompareParseXML':
../../tests/xmconfigtest.c:49:19: error: 'conn' may be used uninitialized in this function [-Wuninitialized]
This commit fixes
qemu/qemu_driver.c: In function 'qemuDomainModifyDeviceFlags':
qemu/qemu_driver.c:4041:8: warning: 'ret' may be used uninitialized in this
function [-Wuninitialized]
qemu/qemu_driver.c:4013:9: note: 'ret' was declared here
The variable is set to -1 so that the error paths are taken when the code
to set it didn't get a chance to run. Without initializing it, we could
return some an undefined value from this function.
While I was at it, I made a trivial whitespace change in the same function
to improve readability.
projects / libvirt.git / log