[libvirt] [PATCH] Fix virCapabilitiesDefaultGuestMachine documentation.
by Chris Lalancette
Signed-off-by: Chris Lalancette <clalance(a)redhat.com>
---
src/capabilities.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/capabilities.c b/src/capabilities.c
index d186961..c6766b6 100644
--- a/src/capabilities.c
+++ b/src/capabilities.c
@@ -567,7 +567,7 @@ virCapabilitiesDefaultGuestMachine(virCapsPtr caps,
}
/**
- * virCapabilitiesDefaultGuestMachine:
+ * virCapabilitiesDefaultGuestEmulator:
* @caps: capabilities to query
* @ostype: OS type to search for ('xen', 'hvm')
* @arch: architecture to search for
--
1.6.0.6
15 years, 3 months
[libvirt] [PATCH] Fix up a silly typo in apibuild.py.
by Chris Lalancette
Signed-off-by: Chris Lalancette <clalance(a)redhat.com>
---
docs/apibuild.py | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/docs/apibuild.py b/docs/apibuild.py
index 6fec049..84bc1ac 100755
--- a/docs/apibuild.py
+++ b/docs/apibuild.py
@@ -39,7 +39,7 @@ ignored_functions = {
"virDomainMigratePrepare": "private function for migration",
"virDomainMigratePrepare2": "private function for migration",
"virDrvSupportsFeature": "private function for remote access",
- "DllMain": "specific function fo Win32",
+ "DllMain": "specific function for Win32",
}
def escape(raw):
--
1.6.0.6
15 years, 3 months
[libvirt] PATCH: Fix crash attempting to shutdown inactive QEMU vm
by Daniel P. Berrange
If the virDomainShutdown() op was run on an active QEMu vm,
it would crash, since the def->monitor_chr was NULL.
Daniel
commit 49ec121fd806aaa07bbcba9668a8f9dd43dda9c4
Author: Daniel P. Berrange <berrange(a)redhat.com>
Date: Fri Jul 31 15:50:46 2009 +0100
Fix crash when attempting to shutdown inactive QEMU vm
* src/qemu_driver.c: Add check that QEMU is active before attemting
to shutdown. Fix error code for check in destroy method
diff --git a/src/qemu_driver.c b/src/qemu_driver.c
index 26897d3..cebbafb 100644
--- a/src/qemu_driver.c
+++ b/src/qemu_driver.c
@@ -2940,6 +2940,12 @@ static int qemudDomainShutdown(virDomainPtr dom) {
goto cleanup;
}
+ if (!virDomainIsActive(vm)) {
+ qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_INVALID,
+ "%s", _("domain is not running"));
+ goto cleanup;
+ }
+
if (qemudMonitorCommand(vm, "system_powerdown", &info) < 0) {
qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
"%s", _("shutdown operation failed"));
@@ -2971,7 +2977,7 @@ static int qemudDomainDestroy(virDomainPtr dom) {
goto cleanup;
}
if (!virDomainIsActive(vm)) {
- qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
+ qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
goto cleanup;
}
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
15 years, 3 months
[libvirt] [PATCH] Split virDomainMigrate into functions.
by Chris Lalancette
Re-factor virDomainMigrate to split out the version 1 and version 2
protocols into their own functions. In reality, the two versions share
very little in common, so forcing them together in the same function was
just confusing. This will also make adding tunnelled migration easier.
Signed-off-by: Chris Lalancette <clalance(a)redhat.com>
---
src/libvirt.c | 258 ++++++++++++++++++++++++++++++++++-----------------------
1 files changed, 155 insertions(+), 103 deletions(-)
diff --git a/src/libvirt.c b/src/libvirt.c
index 9fd864d..dede2b9 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -2874,6 +2874,146 @@ error:
}
+static virDomainPtr
+migrate_version_1 (virDomainPtr domain,
+ virConnectPtr dconn,
+ unsigned long flags,
+ const char *dname,
+ const char *uri,
+ unsigned long bandwidth)
+{
+ virDomainPtr ddomain = NULL;
+ char *uri_out = NULL;
+ char *cookie = NULL;
+ int cookielen = 0;
+
+ /* Prepare the migration.
+ *
+ * The destination host may return a cookie, or leave cookie as
+ * NULL.
+ *
+ * The destination host MUST set uri_out if uri_in is NULL.
+ *
+ * If uri_in is non-NULL, then the destination host may modify
+ * the URI by setting uri_out. If it does not wish to modify
+ * the URI, it should leave uri_out as NULL.
+ */
+ if (dconn->driver->domainMigratePrepare
+ (dconn, &cookie, &cookielen, uri, &uri_out, flags, dname,
+ bandwidth) == -1)
+ goto done;
+
+ if (uri == NULL && uri_out == NULL) {
+ virLibConnError (domain->conn, VIR_ERR_INTERNAL_ERROR,
+ _("domainMigratePrepare did not set uri"));
+ goto done;
+ }
+ if (uri_out)
+ uri = uri_out; /* Did domainMigratePrepare change URI? */
+ assert (uri != NULL);
+
+ /* Perform the migration. The driver isn't supposed to return
+ * until the migration is complete.
+ */
+ if (domain->conn->driver->domainMigratePerform
+ (domain, cookie, cookielen, uri, flags, dname, bandwidth) == -1)
+ goto done;
+
+ /* Get the destination domain and return it or error.
+ * 'domain' no longer actually exists at this point
+ * (or so we hope), but we still use the object in memory
+ * in order to get the name.
+ */
+ dname = dname ? dname : domain->name;
+ if (dconn->driver->domainMigrateFinish)
+ ddomain = dconn->driver->domainMigrateFinish
+ (dconn, dname, cookie, cookielen, uri, flags);
+ else
+ ddomain = virDomainLookupByName (dconn, dname);
+
+ done:
+ VIR_FREE (uri_out);
+ VIR_FREE (cookie);
+ return ddomain;
+}
+
+static virDomainPtr
+migrate_version_2 (virDomainPtr domain,
+ virConnectPtr dconn,
+ unsigned long flags,
+ const char *dname,
+ const char *uri,
+ unsigned long bandwidth)
+{
+ virDomainPtr ddomain = NULL;
+ char *uri_out = NULL;
+ char *cookie = NULL;
+ char *dom_xml = NULL;
+ int cookielen = 0, ret;
+
+ /* Prepare the migration.
+ *
+ * The destination host may return a cookie, or leave cookie as
+ * NULL.
+ *
+ * The destination host MUST set uri_out if uri_in is NULL.
+ *
+ * If uri_in is non-NULL, then the destination host may modify
+ * the URI by setting uri_out. If it does not wish to modify
+ * the URI, it should leave uri_out as NULL.
+ */
+
+ /* In version 2 of the protocol, the prepare step is slightly
+ * different. We fetch the domain XML of the source domain
+ * and pass it to Prepare2.
+ */
+ if (!domain->conn->driver->domainDumpXML) {
+ virLibConnError (domain->conn, VIR_ERR_INTERNAL_ERROR, __FUNCTION__);
+ return NULL;
+ }
+ dom_xml = domain->conn->driver->domainDumpXML (domain,
+ VIR_DOMAIN_XML_SECURE);
+ if (!dom_xml)
+ return NULL;
+
+ ret = dconn->driver->domainMigratePrepare2
+ (dconn, &cookie, &cookielen, uri, &uri_out, flags, dname,
+ bandwidth, dom_xml);
+ VIR_FREE (dom_xml);
+ if (ret == -1)
+ goto done;
+
+ if (uri == NULL && uri_out == NULL) {
+ virLibConnError (domain->conn, VIR_ERR_INTERNAL_ERROR,
+ _("domainMigratePrepare2 did not set uri"));
+ goto done;
+ }
+ if (uri_out)
+ uri = uri_out; /* Did domainMigratePrepare2 change URI? */
+ assert (uri != NULL);
+
+ /* Perform the migration. The driver isn't supposed to return
+ * until the migration is complete.
+ */
+ ret = domain->conn->driver->domainMigratePerform
+ (domain, cookie, cookielen, uri, flags, dname, bandwidth);
+ if (ret == -1)
+ goto done;
+
+ /* In version 2 of the migration protocol, we pass the
+ * status code from the sender to the destination host,
+ * so it can do any cleanup if the migration failed.
+ */
+ dname = dname ? dname : domain->name;
+ ddomain = dconn->driver->domainMigrateFinish2
+ (dconn, dname, cookie, cookielen, uri, flags, ret);
+
+ done:
+ VIR_FREE (uri_out);
+ VIR_FREE (cookie);
+ return ddomain;
+}
+
/**
* virDomainMigrate:
* @domain: a domain object
@@ -2930,140 +3070,52 @@ virDomainMigrate (virDomainPtr domain,
const char *uri,
unsigned long bandwidth)
{
- virConnectPtr conn;
virDomainPtr ddomain = NULL;
- char *uri_out = NULL;
- char *cookie = NULL;
- char *dom_xml = NULL;
- int cookielen = 0, ret, version = 0;
DEBUG("domain=%p, dconn=%p, flags=%lu, dname=%s, uri=%s, bandwidth=%lu",
domain, dconn, flags, NULLSTR(dname), NULLSTR(uri), bandwidth);
virResetLastError();
+ /* First checkout the source */
if (!VIR_IS_CONNECTED_DOMAIN (domain)) {
virLibDomainError(NULL, VIR_ERR_INVALID_DOMAIN, __FUNCTION__);
return NULL;
}
- conn = domain->conn; /* Source connection. */
- if (!VIR_IS_CONNECT (dconn)) {
- virLibConnError (conn, VIR_ERR_INVALID_CONN, __FUNCTION__);
+ if (domain->conn->flags & VIR_CONNECT_RO) {
+ virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
goto error;
}
- if (domain->conn->flags & VIR_CONNECT_RO) {
- virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ /* Now checkout the destination */
+ if (!VIR_IS_CONNECT (dconn)) {
+ virLibConnError (domain->conn, VIR_ERR_INVALID_CONN, __FUNCTION__);
goto error;
}
if (dconn->flags & VIR_CONNECT_RO) {
- /* NB, delibrately report error against source object, not dest here */
- virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ /* NB, deliberately report error against source object, not dest */
+ virLibDomainError (domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
goto error;
}
/* Check that migration is supported by both drivers. */
- if (VIR_DRV_SUPPORTS_FEATURE (conn->driver, conn,
+ if (VIR_DRV_SUPPORTS_FEATURE (domain->conn->driver, domain->conn,
VIR_DRV_FEATURE_MIGRATION_V1) &&
VIR_DRV_SUPPORTS_FEATURE (dconn->driver, dconn,
VIR_DRV_FEATURE_MIGRATION_V1))
- version = 1;
- else if (VIR_DRV_SUPPORTS_FEATURE (conn->driver, conn,
+ ddomain = migrate_version_1 (domain, dconn, flags, dname, uri, bandwidth);
+ else if (VIR_DRV_SUPPORTS_FEATURE (domain->conn->driver, domain->conn,
VIR_DRV_FEATURE_MIGRATION_V2) &&
VIR_DRV_SUPPORTS_FEATURE (dconn->driver, dconn,
VIR_DRV_FEATURE_MIGRATION_V2))
- version = 2;
+ ddomain = migrate_version_2 (domain, dconn, flags, dname, uri, bandwidth);
else {
- virLibConnError (conn, VIR_ERR_NO_SUPPORT, __FUNCTION__);
+ virLibConnError (domain->conn, VIR_ERR_NO_SUPPORT, __FUNCTION__);
goto error;
}
- /* Prepare the migration.
- *
- * The destination host may return a cookie, or leave cookie as
- * NULL.
- *
- * The destination host MUST set uri_out if uri_in is NULL.
- *
- * If uri_in is non-NULL, then the destination host may modify
- * the URI by setting uri_out. If it does not wish to modify
- * the URI, it should leave uri_out as NULL.
- */
- if (version == 1) {
- ret = dconn->driver->domainMigratePrepare
- (dconn, &cookie, &cookielen, uri, &uri_out, flags, dname,
- bandwidth);
- if (ret == -1) goto done;
- if (uri == NULL && uri_out == NULL) {
- virLibConnError (conn, VIR_ERR_INTERNAL_ERROR,
- _("domainMigratePrepare did not set uri"));
- goto done;
- }
- if (uri_out) uri = uri_out; /* Did domainMigratePrepare change URI? */
-
- assert (uri != NULL);
- }
- else /* if (version == 2) */ {
- /* In version 2 of the protocol, the prepare step is slightly
- * different. We fetch the domain XML of the source domain
- * and pass it to Prepare2.
- */
- if (!conn->driver->domainDumpXML) {
- virLibConnError (conn, VIR_ERR_INTERNAL_ERROR, __FUNCTION__);
- goto error;
- }
- dom_xml = conn->driver->domainDumpXML (domain,
- VIR_DOMAIN_XML_SECURE);
-
- if (!dom_xml)
- goto error;
+ if (ddomain == NULL)
+ goto error;
- ret = dconn->driver->domainMigratePrepare2
- (dconn, &cookie, &cookielen, uri, &uri_out, flags, dname,
- bandwidth, dom_xml);
- VIR_FREE (dom_xml);
- if (ret == -1) goto done;
- if (uri == NULL && uri_out == NULL) {
- virLibConnError (conn, VIR_ERR_INTERNAL_ERROR,
- _("domainMigratePrepare2 did not set uri"));
- goto done;
- }
- if (uri_out) uri = uri_out; /* Did domainMigratePrepare2 change URI? */
-
- assert (uri != NULL);
- }
-
- /* Perform the migration. The driver isn't supposed to return
- * until the migration is complete.
- */
- ret = conn->driver->domainMigratePerform
- (domain, cookie, cookielen, uri, flags, dname, bandwidth);
-
- if (version == 1) {
- if (ret == -1) goto done;
- /* Get the destination domain and return it or error.
- * 'domain' no longer actually exists at this point
- * (or so we hope), but we still use the object in memory
- * in order to get the name.
- */
- dname = dname ? dname : domain->name;
- if (dconn->driver->domainMigrateFinish)
- ddomain = dconn->driver->domainMigrateFinish
- (dconn, dname, cookie, cookielen, uri, flags);
- else
- ddomain = virDomainLookupByName (dconn, dname);
- } else /* if (version == 2) */ {
- /* In version 2 of the migration protocol, we pass the
- * status code from the sender to the destination host,
- * so it can do any cleanup if the migration failed.
- */
- dname = dname ? dname : domain->name;
- ddomain = dconn->driver->domainMigrateFinish2
- (dconn, dname, cookie, cookielen, uri, flags, ret);
- }
-
- done:
- VIR_FREE (uri_out);
- VIR_FREE (cookie);
return ddomain;
error:
--
1.6.0.6
15 years, 3 months
[libvirt] [PATCH] Fix PCIe FLR detection
by Mark McLoughlin
PCIe DevCap register is actually 32 bits, not 16 bits. Since FLR is
bit 28, we clearly are failing to detect FLR support.
Known to fix device reset with some SR-IOV devices.
* src/pci.c: fix pciDetectFunctionLevelReset()
---
src/pci.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/pci.c b/src/pci.c
index 4030a14..2dc2e1c 100644
--- a/src/pci.c
+++ b/src/pci.c
@@ -321,7 +321,7 @@ pciFindCapabilityOffset(pciDevice *dev, unsigned capability)
static unsigned
pciDetectFunctionLevelReset(pciDevice *dev)
{
- uint16_t caps;
+ uint32_t caps;
uint8_t pos;
/* The PCIe Function Level Reset capability allows
@@ -331,7 +331,7 @@ pciDetectFunctionLevelReset(pciDevice *dev)
* on SR-IOV NICs at the moment.
*/
if (dev->pcie_cap_pos) {
- caps = pciRead16(dev, dev->pcie_cap_pos + PCI_EXP_DEVCAP);
+ caps = pciRead32(dev, dev->pcie_cap_pos + PCI_EXP_DEVCAP);
if (caps & PCI_EXP_DEVCAP_FLR) {
VIR_DEBUG("%s %s: detected PCIe FLR capability", dev->id, dev->name);
return 1;
--
1.6.2.5
15 years, 3 months
[libvirt] PATCH: Re-enable ESX driver on Mingw32
by Daniel P. Berrange
After finding an RPM of mingw32-curl for Fedora 11, I was able to
successfully build the ESX driver on Ming32 with only a couple of
tweaks.
Daniel
commit 8b135962ef026ef3ef1b5c5163b1213eeba9ec36
Author: Daniel P. Berrange <berrange(a)redhat.com>
Date: Thu Jul 30 16:40:29 2009 +0100
Enable ESX driver build on Mingw32
* autobuild.sh, mingw32-libvirt.spec.in: Enable esx on mingw32
* src/esx/esx_driver.c: Define AI_ADDRCONFIG if not set
* src/esx/esx_util.c, src/esx/esx_vi_types.c: Always use
%lld & friends, since gnulib guarentees we have these
and not the target's own variants
diff --git a/autobuild.sh b/autobuild.sh
index 239372c..d3934ea 100755
--- a/autobuild.sh
+++ b/autobuild.sh
@@ -78,7 +78,6 @@ if [ -x /usr/bin/i686-pc-mingw32-gcc ]; then
--without-openvz \
--without-one \
--without-phyp \
- --without-esx \
--without-netcf \
--without-libvirtd
diff --git a/mingw32-libvirt.spec.in b/mingw32-libvirt.spec.in
index 8fd08a6..40a8124 100644
--- a/mingw32-libvirt.spec.in
+++ b/mingw32-libvirt.spec.in
@@ -54,7 +54,6 @@ MinGW Windows libvirt virtualization library.
--without-openvz \
--without-one \
--without-phyp \
- --without-esx \
--without-netcf \
--without-libvirtd
make
diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c
index e3d60a5..08d82f9 100644
--- a/src/esx/esx_driver.c
+++ b/src/esx/esx_driver.c
@@ -1769,7 +1769,7 @@ esxDomainGetInfo(virDomainPtr domain, virDomainInfoPtr info)
for (value = perfMetricIntSeries->value;
value != NULL;
value = value->_next) {
- VIR_DEBUG("value %"PRIi64, value->value);
+ VIR_DEBUG("value %lld", (long long int)value->value);
}
}
}
@@ -2399,8 +2399,8 @@ esxDomainGetSchedulerParameters(virDomainPtr domain,
default:
ESX_ERROR(domain->conn, VIR_ERR_INTERNAL_ERROR,
- "Shares level has unknown value %"PRIi32,
- sharesInfo->level);
+ "Shares level has unknown value %d",
+ (int)sharesInfo->level);
goto failure;
}
diff --git a/src/esx/esx_util.c b/src/esx/esx_util.c
index 5c87ea3..a113fde 100644
--- a/src/esx/esx_util.c
+++ b/src/esx/esx_util.c
@@ -41,6 +41,10 @@
virReportErrorHelper (conn, VIR_FROM_ESX, code, __FILE__, __FUNCTION__, \
__LINE__, fmt)
+/* AI_ADDRCONFIG is missing on some systems. */
+#ifndef AI_ADDRCONFIG
+# define AI_ADDRCONFIG 0
+#endif
char *
@@ -435,12 +439,12 @@ esxUtil_GetConfigLong(virConnectPtr conn, virConfPtr conf, const char *name,
int
esxUtil_GetConfigBoolean(virConnectPtr conn, virConfPtr conf,
- const char *name, int *boolean, int default_,
+ const char *name, int *boolval, int default_,
int optional)
{
virConfValuePtr value;
- *boolean = default_;
+ *boolval = default_;
value = virConfGetValue(conf, name);
if (value == NULL) {
@@ -465,9 +469,9 @@ esxUtil_GetConfigBoolean(virConnectPtr conn, virConfPtr conf,
}
if (STRCASEEQ(value->str, "true")) {
- *boolean = 1;
+ *boolval = 1;
} else if (STRCASEEQ(value->str, "false")) {
- *boolean = 0;
+ *boolval = 0;
} else {
ESX_ERROR(conn, VIR_ERR_INTERNAL_ERROR,
"Config entry '%s' must represent a boolean value "
diff --git a/src/esx/esx_vi_types.c b/src/esx/esx_vi_types.c
index 684b8c7..ab17460 100644
--- a/src/esx/esx_vi_types.c
+++ b/src/esx/esx_vi_types.c
@@ -962,7 +962,7 @@ esxVI_Int_DeepCopy(virConnectPtr conn, esxVI_Int **dest, esxVI_Int *src)
/* esxVI_Int_Serialize */
ESX_VI__TEMPLATE__SERIALIZE_EXTRA(Int, "xsd:int",
{
- virBufferVSprintf(output, "%"PRIi32, item->value);
+ virBufferVSprintf(output, "%d", (int)item->value);
});
/* esxVI_Int_SerializeList */
@@ -992,7 +992,7 @@ ESX_VI__TEMPLATE__LIST__APPEND(Long);
/* esxVI_Long_Serialize */
ESX_VI__TEMPLATE__SERIALIZE_EXTRA(Long, "xsd:long",
{
- virBufferVSprintf(output, "%"PRIi64, item->value);
+ virBufferVSprintf(output, "%lld", (long long int)item->value);
});
/* esxVI_Long_SerializeList */
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
15 years, 3 months
[libvirt] PATCH: Fix permissions problem starting QEMU
by Daniel P. Berrange
There is a minor bug when running QEMU non-root, and having
capng enabled. libvirt is unable to write the PID file in
/var/run/libvirt/qemu, since its now owned by 'qemu', but
libvirtd has dropped all capabilties at this point. The fix
is to delay dropping capabilities until after the PID file
has been created. We should also be sure to kill the child
if writing the PID file fails
Daniel
commit ce246587178bc6539a3ea6181cdf06ea45878fd3
Author: Daniel P. Berrange <berrange(a)redhat.com>
Date: Thu Jul 30 14:58:16 2009 +0100
Fix problem writing QEMU pidfile
* src/util.c: Don't drop capabilities until after the PID file has
been written. Kill off child if writing the PID file fails
* src/qemu_driver.c: Remove bogus trailing '/' in state dir
diff --git a/src/qemu_driver.c b/src/qemu_driver.c
index 9fb8506..26897d3 100644
--- a/src/qemu_driver.c
+++ b/src/qemu_driver.c
@@ -468,7 +468,7 @@ qemudStartup(int privileged) {
goto out_of_memory;
if (virAsprintf(&qemu_driver->stateDir,
- "%s/run/libvirt/qemu/", LOCAL_STATE_DIR) == -1)
+ "%s/run/libvirt/qemu", LOCAL_STATE_DIR) == -1)
goto out_of_memory;
} else {
uid_t uid = geteuid();
diff --git a/src/util.c b/src/util.c
index ee64b28..39aae24 100644
--- a/src/util.c
+++ b/src/util.c
@@ -513,12 +513,6 @@ __virExec(virConnectPtr conn,
if ((hook)(data) != 0)
_exit(1);
- /* The hook above may need todo something privileged, so
- * we delay clearing capabilities until now */
- if ((flags & VIR_EXEC_CLEAR_CAPS) &&
- virClearCapabilities() < 0)
- _exit(1);
-
/* Daemonize as late as possible, so the parent process can detect
* the above errors with wait* */
if (flags & VIR_EXEC_DAEMON) {
@@ -543,6 +537,9 @@ __virExec(virConnectPtr conn,
if (pid > 0) {
if (pidfile && virFileWritePidPath(pidfile,pid)) {
+ kill(pid, SIGTERM);
+ usleep(500*1000);
+ kill(pid, SIGTERM);
virReportSystemError(conn, errno,
"%s", _("could not write pidfile"));
_exit(1);
@@ -551,6 +548,12 @@ __virExec(virConnectPtr conn,
}
}
+ /* The steps above may need todo something privileged, so
+ * we delay clearing capabilities until the last minute */
+ if ((flags & VIR_EXEC_CLEAR_CAPS) &&
+ virClearCapabilities() < 0)
+ _exit(1);
+
if (envp)
execve(argv[0], (char **) argv, (char**)envp);
else
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
15 years, 3 months
[libvirt] PATCH: Disable IPv6 on virtual network bridges
by Daniel P. Berrange
This is to address:
https://bugzilla.redhat.com/show_bug.cgi?id=501934
which allows the guest to DOS the host IPv6 connectivity
Daniel
commit 763cf06ff76b4ded03a9b577cd8c541729190edc
Author: Daniel P. Berrange <berrange(a)redhat.com>
Date: Thu Jul 30 16:34:56 2009 +0100
Disable IPv6 on virtual networks
If the bridge device is configured to have IPv6 address and
accept router advertisments, then a malicious guest can send
out bogus advertisments and hijack/DOS host IPv6 connectivity
* src/network_driver.c: Set accept_ra=0, disable_ipv6=1, autoconf=0
for IPv6 sysctl on virual network bridge devices
diff --git a/src/network_driver.c b/src/network_driver.c
index 1683631..eaea454 100644
--- a/src/network_driver.c
+++ b/src/network_driver.c
@@ -788,6 +788,55 @@ networkEnableIpForwarding(void)
return virFileWriteStr("/proc/sys/net/ipv4/ip_forward", "1\n");
}
+#define SYSCTL_PATH "/proc/sys"
+
+static int networkDisableIPV6(virConnectPtr conn,
+ virNetworkObjPtr network)
+{
+ char *field = NULL;
+ int ret = -1;
+
+ if (virAsprintf(&field, SYSCTL_PATH "/net/ipv6/conf/%s/disable_ipv6", network->def->bridge) < 0) {
+ virReportOOMError(conn);
+ goto cleanup;
+ }
+
+ if (virFileWriteStr(field, "1") < 0) {
+ virReportSystemError(conn, errno,
+ _("cannot enable %s"), field);
+ goto cleanup;
+ }
+ VIR_FREE(field);
+
+ if (virAsprintf(&field, SYSCTL_PATH "/net/ipv6/conf/%s/accept_ra", network->def->bridge) < 0) {
+ virReportOOMError(conn);
+ goto cleanup;
+ }
+
+ if (virFileWriteStr(field, "0") < 0) {
+ virReportSystemError(conn, errno,
+ _("cannot disable %s"), field);
+ goto cleanup;
+ }
+ VIR_FREE(field);
+
+ if (virAsprintf(&field, SYSCTL_PATH "/net/ipv6/conf/%s/autoconf", network->def->bridge) < 0) {
+ virReportOOMError(conn);
+ goto cleanup;
+ }
+
+ if (virFileWriteStr(field, "1") < 0) {
+ virReportSystemError(conn, errno,
+ _("cannot enable %s"), field);
+ goto cleanup;
+ }
+
+ ret = 0;
+cleanup:
+ VIR_FREE(field);
+ return ret;
+}
+
static int networkStartNetworkDaemon(virConnectPtr conn,
struct network_driver *driver,
virNetworkObjPtr network) {
@@ -806,6 +855,9 @@ static int networkStartNetworkDaemon(virConnectPtr conn,
return -1;
}
+ if (networkDisableIPV6(conn, network) < 0)
+ goto err_delbr;
+
if (brSetForwardDelay(driver->brctl, network->def->bridge, network->def->delay) < 0)
goto err_delbr;
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
15 years, 3 months
[libvirt] [PATCH] BZ481602: Attempted to reproduce the bug led to issues around type mapping. They are resolved, and the code from the bug runs aginst hte test driver. Once published I will have the submitter reproduce it.
by Bryan Kearney
---
src/main/java/org/libvirt/Domain.java | 4 +---
src/main/java/org/libvirt/SchedLongParameter.java | 2 +-
src/main/java/org/libvirt/SchedParameter.java | 2 ++
src/main/java/org/libvirt/SchedUintParameter.java | 2 +-
src/main/java/org/libvirt/jna/Libvirt.java | 2 +-
src/test/java/test.java | 8 ++++++++
6 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/src/main/java/org/libvirt/Domain.java b/src/main/java/org/libvirt/Domain.java
index a9a6b25..a7b49ee 100644
--- a/src/main/java/org/libvirt/Domain.java
+++ b/src/main/java/org/libvirt/Domain.java
@@ -607,13 +607,11 @@ public class Domain {
* @throws LibvirtException
*/
public void setSchedulerParameters(SchedParameter[] params) throws LibvirtException {
- IntByReference nParams = new IntByReference();
- nParams.setValue(params.length);
virSchedParameter[] input = new virSchedParameter[params.length];
for (int x = 0; x < params.length; x++) {
input[x] = SchedParameter.toNative(params[x]);
}
- libvirt.virDomainSetSchedulerParameters(VDP, input, nParams);
+ libvirt.virDomainSetSchedulerParameters(VDP, input, params.length);
processError();
}
diff --git a/src/main/java/org/libvirt/SchedLongParameter.java b/src/main/java/org/libvirt/SchedLongParameter.java
index 50628b0..7999777 100644
--- a/src/main/java/org/libvirt/SchedLongParameter.java
+++ b/src/main/java/org/libvirt/SchedLongParameter.java
@@ -21,7 +21,7 @@ public final class SchedLongParameter extends SchedParameter {
}
public int getType() {
- return 2;
+ return 3;
}
public String getTypeAsString() {
diff --git a/src/main/java/org/libvirt/SchedParameter.java b/src/main/java/org/libvirt/SchedParameter.java
index 92b3547..370b0da 100644
--- a/src/main/java/org/libvirt/SchedParameter.java
+++ b/src/main/java/org/libvirt/SchedParameter.java
@@ -4,6 +4,7 @@ import java.util.Arrays;
import org.libvirt.jna.Libvirt;
import org.libvirt.jna.virSchedParameter;
+import org.libvirt.jna.virSchedParameterValue;
import com.sun.jna.Native;
@@ -43,6 +44,7 @@ public abstract class SchedParameter {
public static virSchedParameter toNative(SchedParameter param) {
virSchedParameter returnValue = new virSchedParameter();
+ returnValue.value = new virSchedParameterValue() ;
returnValue.field = Arrays.copyOf(param.field.getBytes(), Libvirt.VIR_DOMAIN_SCHED_FIELD_LENGTH);
returnValue.type = param.getType();
switch (param.getType()) {
diff --git a/src/main/java/org/libvirt/SchedUintParameter.java b/src/main/java/org/libvirt/SchedUintParameter.java
index 1b96758..9305579 100644
--- a/src/main/java/org/libvirt/SchedUintParameter.java
+++ b/src/main/java/org/libvirt/SchedUintParameter.java
@@ -22,7 +22,7 @@ public final class SchedUintParameter extends SchedParameter {
}
public int getType() {
- return 3;
+ return 2;
}
public String getTypeAsString() {
diff --git a/src/main/java/org/libvirt/jna/Libvirt.java b/src/main/java/org/libvirt/jna/Libvirt.java
index 62f7ba3..0b30656 100644
--- a/src/main/java/org/libvirt/jna/Libvirt.java
+++ b/src/main/java/org/libvirt/jna/Libvirt.java
@@ -107,7 +107,7 @@ public interface Libvirt extends Library {
public int virDomainSetAutostart(DomainPointer virDomainPtr, int autoStart);
public int virDomainSetMaxMemory(DomainPointer virDomainPtr, NativeLong maxMemory);
public int virDomainSetMemory(DomainPointer virDomainPtr, NativeLong maxMemory);
- public int virDomainSetSchedulerParameters(DomainPointer virDomainPtr, virSchedParameter[] params, IntByReference nparams);
+ public int virDomainSetSchedulerParameters(DomainPointer virDomainPtr, virSchedParameter[] params, int nparams);
public int virDomainSetVcpus(DomainPointer virDomainPtr, int nvcpus);
public int virDomainShutdown(DomainPointer virDomainPtr);
public int virDomainSuspend(DomainPointer virDomainPtr);
diff --git a/src/test/java/test.java b/src/test/java/test.java
index 9427cc5..be12d5e 100644
--- a/src/test/java/test.java
+++ b/src/test/java/test.java
@@ -245,6 +245,14 @@ public class test {
for(SchedParameter c: testDomain.getSchedulerParameters()){
System.out.println(c.getTypeAsString() +":"+ c.field +":"+ c.getValueAsString());
}
+
+ // test setting a scheduled parameter
+ SchedUintParameter[] pars = new SchedUintParameter[1];
+ pars[0] = new SchedUintParameter();
+ pars[0].field = "weight";
+ pars[0].value = 100;
+ testDomain.setSchedulerParameters(pars);
+
System.out.println("virDomainGetUUID:" + testDomain.getUUID());
for(int c: testDomain.getUUID())
System.out.print(String.format("%02x", c));
--
1.6.0.6
15 years, 3 months
