[libvirt] [PATCH] xen: Resolve Coverity FORWARD_NULL issue
by John Ferlan
Commit '18b14012' refactored the Xen code resulting in a Coverity
warning about possible NULL reference if the path where the XM driver
takes puts the def on it's list. Moved/duplicated the virGetDomain()
call to pacify the possible NULL deref.
NOTE: I did ping Dan B, but he is away, so rather than wait or take
the chance this ends up in the upcoming release, I made the change.
---
src/xen/xen_driver.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/xen/xen_driver.c b/src/xen/xen_driver.c
index cc6e486..9eab3fc 100644
--- a/src/xen/xen_driver.c
+++ b/src/xen/xen_driver.c
@@ -1658,13 +1658,14 @@ xenUnifiedDomainDefineXML(virConnectPtr conn, const char *xml)
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4) {
if (xenXMDomainDefineXML(conn, def) < 0)
goto cleanup;
+ ret = virGetDomain(conn, def->name, def->uuid);
def = NULL; /* XM driver owns it now */
} else {
if (xenDaemonDomainDefineXML(conn, def) < 0)
goto cleanup;
+ ret = virGetDomain(conn, def->name, def->uuid);
}
- ret = virGetDomain(conn, def->name, def->uuid);
if (ret)
ret->id = -1;
--
1.8.1.4
12 years, 1 month
[libvirt] [PATCH] docs: domain: /dev/urandom isn't a valid rng patch
by Cole Robinson
Only /dev/random and /dev/hwrng are accepted, list them explicitly.
---
docs/formatdomain.html.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 3a200aa..755d084 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -4666,7 +4666,7 @@ qemu-kvm -net nic,model=? /dev/null
<dd>
<p>
This backend type expects a non-blocking character device as input.
- Examples of such devices are /dev/random and /dev/urandom. The file
+ The only accepted paths are /dev/random and /dev/hwrng. The file
name is specified as contents of the <code>backend</code> element.
When no file name is specified the hypervisor default is used.
</p>
--
1.8.2.1
12 years, 1 month
[libvirt] [PATCH] conf: add missing OOM errors
by Ján Tomko
---
Pushed under the trivial rule.
src/conf/virchrdev.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/conf/virchrdev.c b/src/conf/virchrdev.c
index 17b1f05..36fbb97 100644
--- a/src/conf/virchrdev.c
+++ b/src/conf/virchrdev.c
@@ -89,8 +89,10 @@ static char *virChrdevLockFilePath(const char *dev)
++p;
}
- if (virAsprintf(&path, "%s/LCK..%s", VIR_CHRDEV_LOCK_FILE_PATH, filename) < 0)
+ if (virAsprintf(&path, "%s/LCK..%s", VIR_CHRDEV_LOCK_FILE_PATH, filename) < 0) {
+ virReportOOMError();
goto cleanup;
+ }
sanitizedPath = virFileSanitizePath(path);
@@ -136,8 +138,10 @@ static int virChrdevLockFileCreate(const char *dev)
/* ensure correct format according to filesystem hierarchy standard */
/* http://www.pathname.com/fhs/pub/fhs-2.3.html#VARLOCKLOCKFILES */
- if (virAsprintf(&pidStr, "%10lld\n", (long long) getpid()) < 0)
+ if (virAsprintf(&pidStr, "%10lld\n", (long long) getpid()) < 0) {
+ virReportOOMError();
goto cleanup;
+ }
/* create the lock file */
if ((lockfd = open(path, O_WRONLY | O_CREAT | O_EXCL, 00644)) < 0) {
--
1.8.1.5
12 years, 1 month
[libvirt] [PATCH] qemu: fix NBD migration to hosts with IPv6 enabled
by Ján Tomko
Since f03dcc5 we use [::] as the listening address both on qemu
command line in -incoming and in nbd-server-start QMP command.
However the latter requires just :: without the braces.
---
src/qemu/qemu_migration.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 4767908..73ced73 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -1112,6 +1112,12 @@ qemuMigrationStartNBDServer(virQEMUDriverPtr driver,
unsigned short port = 0;
char *diskAlias = NULL;
size_t i;
+ const char *host;
+
+ if (STREQ(listenAddr, "[::]"))
+ host = "::";
+ else
+ host = listenAddr;
for (i = 0; i < vm->def->ndisks; i++) {
virDomainDiskDefPtr disk = vm->def->disks[i];
@@ -1133,7 +1139,7 @@ qemuMigrationStartNBDServer(virQEMUDriverPtr driver,
if (!port &&
((virPortAllocatorAcquire(driver->remotePorts, &port) < 0) ||
- (qemuMonitorNBDServerStart(priv->mon, listenAddr, port) < 0))) {
+ (qemuMonitorNBDServerStart(priv->mon, host, port) < 0))) {
qemuDomainObjExitMonitor(driver, vm);
goto cleanup;
}
--
1.8.1.5
12 years, 1 month
[libvirt] [PATCH] conf: fix use after free in virChrdevOpen
by Ján Tomko
Don't free the stream on error if we've successfully added it
to the hash table, since it will be freed by virChrdevHashEntryFree
callback.
Preserve the error message before calling virStreamFree, since it
resets the error.
Reported by Sergey Fionov on libvir-list.
---
src/conf/virchrdev.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/src/conf/virchrdev.c b/src/conf/virchrdev.c
index 025d4a8..879c27c 100644
--- a/src/conf/virchrdev.c
+++ b/src/conf/virchrdev.c
@@ -343,6 +343,8 @@ int virChrdevOpen(virChrdevsPtr devs,
virStreamPtr savedStream;
const char *path;
int ret;
+ bool added = false;
+ virErrorPtr savedError;
switch (source->type) {
case VIR_DOMAIN_CHR_TYPE_PTY:
@@ -399,6 +401,7 @@ int virChrdevOpen(virChrdevsPtr devs,
if (virHashAddEntry(devs->hash, path, st) < 0)
goto error;
+ added = true;
cbdata->devs = devs;
if (!(cbdata->path = strdup(path))) {
@@ -433,8 +436,16 @@ int virChrdevOpen(virChrdevsPtr devs,
return 0;
error:
- virStreamFree(st);
- virHashRemoveEntry(devs->hash, path);
+ savedError = virSaveLastError();
+
+ if (added)
+ virHashRemoveEntry(devs->hash, path);
+ else
+ virStreamFree(st);
+
+ virSetError(savedError);
+ virFreeError(savedError);
+
if (cbdata)
VIR_FREE(cbdata->path);
VIR_FREE(cbdata);
--
1.8.1.5
12 years, 1 month
[libvirt] Possible bug in OpenVZ guest interface name assignment
by ALVARO POLO VALDENEBRO
Hi,
I think I've found a possible bug in the way OpenVZ is assigning the guest interface names when network is bridged. It's manifested at least in 1.0.5 version and master branch.
As we can see in openvzDomainSetNetwork() function (openvz/openvz_driver.c:822), the field data.ethernet.dev of virDomainNetDefPtr type is used as guest interface name. If not found, then it generates a new one as ethX, calculating the next X value appropriate for the target domain.
That's fine for network types other than VIR_DOMAIN_NET_TYPE_BRIDGE. But with bridged networks, there is no chance to populate data.ethernet.dev from the XML descriptor. We could guest that in such circumstance the code will detect that no name is given to data.ethernet.dev, so it will generate a new one. But that's incorrect. The virDomainNetDef.data field is a union, so data.ethernet.dev and data.bridge.brname are located in the same memory offset. That makes the openvzDomainSetNetwork() function to assign the bridge name as guest interface name every time it's invoked for bridged networks.
Ideally, for bridged networking openvzDomainSetNetwork() should assign a random ethX device name instead of using the bridge name.
Could somebody confirm all this? If so, I could open a new ticket in bugzilla and submit a patch.
Best,
Alvaro Polo Valdenebro
Product Development & Innovation / Telefónica Digital
C/ Don Ramón de la Cruz 82-84
Madrid 28006
(+34) 609 087 054
apv(a)tid.es
________________________________
Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra política de envío y recepción de correo electrónico en el enlace situado más abajo.
This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at:
http://www.tid.es/ES/PAGINAS/disclaimer.aspx
12 years, 1 month
Re: [libvirt] [virt-tools-list] Q on virsh attach-disk , why no network disk ?
by Cole Robinson
On 05/22/2013 08:55 AM, Deepak C Shetty wrote:
> Hi All,
> I was looking at virsh attach-disk and i see the below
> [snip]
>
> DESCRIPTION
> Attach new disk device.
>
> OPTIONS
> [--domain] <string> domain name, id or uuid
> [--source] <string> source of disk device
> [--target] <string> target of disk device
> ...
> ...
>
> *--sourcetype <string> type of source (block|file)*
> [/snip]
>
> I was wondering why the sourcetype only support block|file only ? What if i
> wanted to add a network (disk type=network) based drive ? Is this a constraint
> of virsh or QEMU itself doesn't allow hotplu of network block device disk ?
>
virsh questions go to libvirt-list, CC'd.
It's just a missing feature, not a deliberate omission. Patches welcome.
- Cole
12 years, 1 month
[libvirt] [PATCH 1/3] umlConnectTapDevice: initialize tapfd variable
by Michal Privoznik
There is possibility to jump to 'cleanup' label without tapfd variable
being initialized. In the label, VIR_FORCE_CLOSE(tapfd) is called which
can have fatal consequences.
---
src/uml/uml_conf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/uml/uml_conf.c b/src/uml/uml_conf.c
index a4088f2..38dcfbb 100644
--- a/src/uml/uml_conf.c
+++ b/src/uml/uml_conf.c
@@ -109,7 +109,7 @@ umlConnectTapDevice(virConnectPtr conn,
const char *bridge)
{
bool template_ifname = false;
- int tapfd;
+ int tapfd = -1;
if (!net->ifname ||
STRPREFIX(net->ifname, VIR_NET_GENERATED_PREFIX) ||
--
1.8.2.1
12 years, 1 month
[libvirt] [PATCH v2 00/11] Refactor Xen driver to support ACL work
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
The Xen driver currently is a really horrible mess, in particular
with the way iterates over sub-drivers calling each one in turn,
until one magically works. For each operation there is always a
clear rule for which sub-driver must be used. Thus instead of
blindly iterating over all drivers, we can directly invoke the
correct sub-driver. This highlights that quite alot of code is
in fact completely unreachable / used & can be deleted.
The second big issue is that the Xen sub-drivers will randomly
use either the 'id', 'name' or 'uuid' from the virDomainPtr object.
If the user provides a malicious virDomainPtr instance, it is
possible to have a 'id' referring to domain A, a 'name' referring
to domain B and a 'uuid' referring to domain C. This makes doing
reliable access control checks difficult. To ensure we have a
consistent triple, use the 'uuid' from virDomainPtr to lookup the
guest with the hypervisor and return a virDomainDefPtr where only
the name/id/uuid are filled out. Use this in the all the subdrivers
isolating them from the public virDomainPtr object. The top level
Xen driver will then be able to do access control checks on the
virDomainDefPtr instances.
In v2:
- Merged all patches removing the sub-driver iteration
concept
- Rebased to latest git
Daniel P. Berrange (11):
Convert Xen domain lookup driver methods to use virDomainDefPtr
Convert Xen domain lifecycle driver methods to use virDomainDefPtr
Convert Xen domain property driver methods to use virDomainDefPtr
Convert Xen domain managed save driver methods to use virDomainDefPtr
Convert Xen domain start/migration APIs to use virDomainDefPtr
Convert Xen domain VCPU driver methods to use virDomainDefPtr
Convert Xen domain device hotplug driver methods to use
virDomainDefPtr
Convert Xen domain autostart driver methods to use virDomainDefPtr
Convert Xen domain scheduler driver methods to use virDomainDefPtr
Convert Xen domain stats/peek driver methods to use virDomainDefPtr
Convert Xen domain core dump driver methods to use virDomainDefPtr
src/conf/domain_conf.c | 24 ++
src/conf/domain_conf.h | 4 +
src/libvirt_private.syms | 1 +
src/xen/block_stats.c | 6 +-
src/xen/block_stats.h | 2 +-
src/xen/xen_driver.c | 781 ++++++++++++++++++++++++++++++++++++-----------
src/xen/xen_hypervisor.c | 131 ++++----
src/xen/xen_hypervisor.h | 60 ++--
src/xen/xen_inotify.c | 14 +-
src/xen/xend_internal.c | 469 ++++++++++++++--------------
src/xen/xend_internal.h | 127 +++++---
src/xen/xm_internal.c | 224 +++++++-------
src/xen/xm_internal.h | 71 +++--
13 files changed, 1230 insertions(+), 684 deletions(-)
--
1.8.1.4
12 years, 1 month
[libvirt] [PATCHv4 0/4] Multiple TX queue support
by Michal Privoznik
Fixed version with Laine's comments worked in [1]. Moreover, most of the
patches joined together.
Patches 2, 3 and 5 has been ACKed already. BTW, patch 4 is really a different
to patch 3. The only thing they share is a commit message body.
Kernel and subsequently QEMU learned multiple transmit queues a while ago. The
feature has a nice advantage, it allows a single guest to transmit multiple
flows of network data using multiple CPUs simultaneously which increase traffic
bandwidth. A lot.
The documentation how to use this is available at [2] or [3].
1: https://www.redhat.com/archives/libvir-list/2013-May/msg01196.html
2: https://git.kernel.org/cgit/linux/kernel/git/davem/net-next.git/tree/Docu...
3: http://git.qemu.org/?p=qemu.git;a=blob;f=qemu-options.hx;hb=HEAD#l1363
Michal Privoznik (4):
Introduce /domain/devices/interface/driver/@queues attribute
qemu: Move interface cmd line construction into a separate function
qemu: Adapt qemuBuildInterfaceCommandLine to to multiqueue net
qemu: Enable multiqueue network
docs/formatdomain.html.in | 12 +-
docs/schemas/domaincommon.rng | 5 +
src/conf/domain_conf.c | 15 +
src/conf/domain_conf.h | 1 +
src/network/bridge_driver.c | 2 +-
src/qemu/qemu_command.c | 462 +++++++++++++--------
src/qemu/qemu_command.h | 13 +-
src/qemu/qemu_hotplug.c | 113 +++--
src/qemu/qemu_monitor.c | 78 ++--
src/qemu/qemu_monitor.h | 8 +-
src/uml/uml_conf.c | 5 +-
src/util/virnetdevtap.c | 113 ++---
src/util/virnetdevtap.h | 2 +
.../qemuxml2argvdata/qemuxml2argv-vhost_queues.xml | 51 +++
tests/qemuxml2xmltest.c | 1 +
15 files changed, 593 insertions(+), 288 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-vhost_queues.xml
--
1.8.2.1
12 years, 1 month
