[libvirt] Feature Request: sniff a virtual interface of a guest
by Hendrik Schwartke
Hi,
there is currently no support for sniffing the network traffic of a virtual
nic, from local or remote. In some cases the debugging or monitoring of a guest
is therefore not as easy as it could be.
Although it's easy to start a network sniffer on the physical host, it requires
direct access to a shell and some knowledge of the current configuration of
the virtual networks.
I think it would be a great benefit for libvirt if network sniffing would be
possible out of the box.
One idea would be to start a local tshark sniffing on the card and connect this
to a local socket. This could then be forwarded by ssh to a wireshark process
running on a desktop.
I created a feature request for that: https://bugzilla.redhat.com/show_bug.cgi?id=784893
Any thoughts or hints to implement that?
Hendrik Schwartke
12 years, 10 months
[libvirt] [PATCH] simplify block of codes
by ajia@redhat.com
From: Alex Jia <ajia(a)redhat.com>
Using new function 'virTypedParameterArrayClear' to simplify block of codes.
* daemon/remote.c, src/remote/remote_driver.c: simplify codes.
Signed-off-by: Alex Jia <ajia(a)redhat.com>
---
daemon/remote.c | 10 ++--------
src/remote/remote_driver.c | 16 ++++------------
2 files changed, 6 insertions(+), 20 deletions(-)
diff --git a/daemon/remote.c b/daemon/remote.c
index cb8423a..7e90bd7 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -847,14 +847,8 @@ remoteDeserializeTypedParameters(remote_typed_param *args_params_val,
rv = 0;
cleanup:
- if (rv < 0) {
- int j;
- for (j = 0; j < i; ++j) {
- if (params[j].type == VIR_TYPED_PARAM_STRING)
- VIR_FREE(params[j].value.s);
- }
- VIR_FREE(params);
- }
+ if (rv < 0)
+ virTypedParameterArrayClear(params, *nparams);
return params;
}
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index 61b96e9..15a20ff 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -46,6 +46,7 @@
#include "virfile.h"
#include "command.h"
#include "intprops.h"
+#include "virtypedparam.h"
#define VIR_FROM_THIS VIR_FROM_REMOTE
@@ -1417,12 +1418,8 @@ remoteDeserializeTypedParameters(remote_typed_param *ret_params_val,
rv = 0;
cleanup:
- if (rv < 0) {
- int j;
- for (j = 0; j < i; j++)
- if (params[j].type == VIR_TYPED_PARAM_STRING)
- VIR_FREE(params[j].value.s);
- }
+ if (rv < 0)
+ virTypedParameterArrayClear(params, *nparams);
return rv;
}
@@ -2386,12 +2383,7 @@ static int remoteDomainGetCPUStats(virDomainPtr domain,
cleanup:
if (rv < 0) {
int max = nparams * ncpus;
- int i;
-
- for (i = 0; i < max; i++) {
- if (params[i].type == VIR_TYPED_PARAM_STRING)
- VIR_FREE(params[i].value.s);
- }
+ virTypedParameterArrayClear(params, max);
}
xdr_free ((xdrproc_t) xdr_remote_domain_get_cpu_stats_ret,
(char *) &ret);
--
1.7.1
12 years, 10 months
[libvirt] [PATCHv2] network: Avoid memory leaks on networkBuildDnsmasqArgv
by ajia@redhat.com
From: Alex Jia <ajia(a)redhat.com>
Detected by valgrind. Leaks introduced in commit 973af236.
* src/network/bridge_driver.c: fix memory leaks on failure and successful path.
* How to reproduce?
% make -C tests check TESTS=networkxml2argvtest
% cd tests && valgrind -v --leak-check=full ./networkxml2argvtest
* Actual result:
==2226== 3 bytes in 1 blocks are definitely lost in loss record 1 of 24
==2226== at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==2226== by 0x39CF0FEDE7: __vasprintf_chk (in /lib64/libc-2.12.so)
==2226== by 0x41DFF7: virVasprintf (stdio2.h:199)
==2226== by 0x41E0B7: virAsprintf (util.c:1695)
==2226== by 0x41A2D9: networkBuildDhcpDaemonCommandLine (bridge_driver.c:545)
==2226== by 0x4145C8: testCompareXMLToArgvHelper (networkxml2argvtest.c:47)
==2226== by 0x4156A1: virtTestRun (testutils.c:141)
==2226== by 0x414332: mymain (networkxml2argvtest.c:123)
==2226== by 0x414D97: virtTestMain (testutils.c:696)
==2226== by 0x39CF01ECDC: (below main) (in /lib64/libc-2.12.so)
==2226==
==2226== 3 bytes in 1 blocks are definitely lost in loss record 2 of 24
==2226== at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==2226== by 0x39CF0FEDE7: __vasprintf_chk (in /lib64/libc-2.12.so)
==2226== by 0x41DFF7: virVasprintf (stdio2.h:199)
==2226== by 0x41E0B7: virAsprintf (util.c:1695)
==2226== by 0x41A307: networkBuildDhcpDaemonCommandLine (bridge_driver.c:551)
==2226== by 0x4145C8: testCompareXMLToArgvHelper (networkxml2argvtest.c:47)
==2226== by 0x4156A1: virtTestRun (testutils.c:141)
==2226== by 0x414332: mymain (networkxml2argvtest.c:123)
==2226== by 0x414D97: virtTestMain (testutils.c:696)
==2226== by 0x39CF01ECDC: (below main) (in /lib64/libc-2.12.so)
==2226==
==2226== 5 bytes in 1 blocks are definitely lost in loss record 4 of 24
==2226== at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==2226== by 0x39CF0FEDE7: __vasprintf_chk (in /lib64/libc-2.12.so)
==2226== by 0x41DFF7: virVasprintf (stdio2.h:199)
==2226== by 0x41E0B7: virAsprintf (util.c:1695)
==2226== by 0x41A2AB: networkBuildDhcpDaemonCommandLine (bridge_driver.c:539)
==2226== by 0x4145C8: testCompareXMLToArgvHelper (networkxml2argvtest.c:47)
==2226== by 0x4156A1: virtTestRun (testutils.c:141)
==2226== by 0x414332: mymain (networkxml2argvtest.c:123)
==2226== by 0x414D97: virtTestMain (testutils.c:696)
==2226== by 0x39CF01ECDC: (below main) (in /lib64/libc-2.12.so)
==2226==
==2226== LEAK SUMMARY:
==2226== definitely lost: 11 bytes in 3 blocks
Signed-off-by: Alex Jia <ajia(a)redhat.com>
---
src/network/bridge_driver.c | 9 ++++++---
1 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index 5d0d528..5bd5a50 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -459,6 +459,9 @@ networkBuildDnsmasqArgv(virNetworkObjPtr network,
int r, ret = -1;
int nbleases = 0;
int ii;
+ char *recordPort = NULL;
+ char *recordPriority = NULL;
+ char *recordWeight = NULL;
virNetworkIpDefPtr tmpipdef;
/*
@@ -530,9 +533,6 @@ networkBuildDnsmasqArgv(virNetworkObjPtr network,
for (i = 0; i < dns->nsrvrecords; i++) {
char *record = NULL;
- char *recordPort = NULL;
- char *recordPriority = NULL;
- char *recordWeight = NULL;
if (dns->srvrecords[i].service && dns->srvrecords[i].protocol) {
if (dns->srvrecords[i].port) {
@@ -671,6 +671,9 @@ networkBuildDnsmasqArgv(virNetworkObjPtr network,
ret = 0;
cleanup:
+ VIR_FREE(recordPort);
+ VIR_FREE(recordWeight);
+ VIR_FREE(recordPriority);
return ret;
}
--
1.7.1
12 years, 11 months
[libvirt] Schedule for libvirt-0.9.10 release
by Daniel Veillard
First I don't see any good reason to try to bump the major release
number :-) so next release is expected to be 0.9.10, hope there isn't
disapointment ;-) [1]
Second I would really like to keep the monthly shedule, and have the
release done by February 6 or earlier, so this would mean entering the
0.9.10 freeze on Monday 30, i.e. in a bit less than two weeks.
I hope this is okay,
Daniel
[1] actually the addition of fine grained access control would be
a good reason for such a version bump
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel(a)veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
12 years, 11 months
[libvirt] [PATCH 0/4] API for modification of domain metadata
by Peter Krempa
This patchset is based on my previous work to add a domain title.
I chose a more general aproach to allow working with the <metadata>
element as suggested by Eric and Daniel, although I did not implement
the <metadata> operations code.
I only provided a patch for the qemu driver for review, but I'll follow
up with a patch for LXC as well as I'll have a final version of this.
Peter Krempa (4):
xml: Add element <title> to allow short description of domains
API: Add api to set and get domain metadata
virsh: Add support for modifying domain description and titles
qemu: Add support for virDomainGetMetadata and virDomainSetMetadata
docs/formatdomain.html.in | 6 +
docs/schemas/domaincommon.rng | 13 +-
include/libvirt/libvirt.h.in | 31 +++
include/libvirt/virterror.h | 1 +
src/conf/domain_conf.c | 19 ++
src/conf/domain_conf.h | 1 +
src/driver.h | 15 +
src/libvirt.c | 125 +++++++++
src/libvirt_public.syms | 2 +
src/qemu/qemu_driver.c | 195 ++++++++++++++
src/remote/remote_driver.c | 2 +
src/remote/remote_protocol.x | 25 ++-
src/util/virterror.c | 6 +
.../qemu-simple-description-title.xml | 27 ++
tests/qemuxml2argvdata/qemuxml2argv-minimal.xml | 5 +
tools/virsh.c | 274 ++++++++++++++++++--
tools/virsh.pod | 34 +++-
17 files changed, 758 insertions(+), 23 deletions(-)
create mode 100644 tests/domainschemadata/qemu-simple-description-title.xml
--
1.7.3.4
12 years, 11 months
[libvirt] [PATCH] tests: fix reversed comparisons
by Eric Blake
Otherwise, a failed test gives misleading output.
* tests/commandtest.c (test13, test14, test16): Pass arguments in
correct order.
---
Pushing under the trivial rule.
tests/commandtest.c | 10 +++++-----
1 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/tests/commandtest.c b/tests/commandtest.c
index b4b6044..9b9130c 100644
--- a/tests/commandtest.c
+++ b/tests/commandtest.c
@@ -1,7 +1,7 @@
/*
* commandtest.c: Test the libCommand API
*
- * Copyright (C) 2010-2011 Red Hat, Inc.
+ * Copyright (C) 2010-2012 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -481,7 +481,7 @@ static int test13(const void *unused ATTRIBUTE_UNUSED)
cmd = NULL;
if (!STREQ(outactual, outexpect)) {
- virtTestDifference(stderr, outactual, outexpect);
+ virtTestDifference(stderr, outexpect, outactual);
goto cleanup;
}
@@ -526,11 +526,11 @@ static int test14(const void *unused ATTRIBUTE_UNUSED)
cmd = NULL;
if (!STREQ(outactual, outexpect)) {
- virtTestDifference(stderr, outactual, outexpect);
+ virtTestDifference(stderr, outexpect, outactual);
goto cleanup;
}
if (!STREQ(erractual, errexpect)) {
- virtTestDifference(stderr, erractual, errexpect);
+ virtTestDifference(stderr, errexpect, erractual);
goto cleanup;
}
@@ -604,7 +604,7 @@ static int test16(const void *unused ATTRIBUTE_UNUSED)
}
if (!STREQ(outactual, outexpect)) {
- virtTestDifference(stderr, outactual, outexpect);
+ virtTestDifference(stderr, outexpect, outactual);
goto cleanup;
}
--
1.7.7.6
12 years, 11 months
[libvirt] [PATCH v2] Return more error output if policykit auth fails.
by Cole Robinson
Several not uncommon issues can be diagnosed through pkcheck output, like
lack of/malfunctioning desktop agent, or lack of/malfunctioning polkit
dbus agent.
Signed-off-by: Cole Robinson <crobinso(a)redhat.com>
---
v2:
Don't print (null) for empty output
daemon/remote.c | 12 ++++++++++--
1 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/daemon/remote.c b/daemon/remote.c
index 4725896..d2150bf 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -2472,7 +2472,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
int status = -1;
char *ident = NULL;
bool authdismissed = 0;
- char *pkout = NULL;
+ char *pkout = NULL, *pkerr = NULL;
struct daemonClientPrivate *priv =
virNetServerClientGetPrivateData(client);
virCommandPtr cmd = NULL;
@@ -2484,6 +2484,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
cmd = virCommandNewArgList(PKCHECK_PATH, "--action-id", action, NULL);
virCommandSetOutputBuffer(cmd, &pkout);
+ virCommandSetErrorBuffer(cmd, &pkerr);
VIR_DEBUG("Start PolicyKit auth %d", virNetServerClientGetFD(client));
if (virNetServerClientGetAuth(client) != VIR_NET_SERVER_SERVICE_AUTH_POLKIT) {
@@ -2537,15 +2538,22 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
error:
virCommandFree(cmd);
VIR_FREE(ident);
- VIR_FREE(pkout);
virResetLastError();
+
if (authdismissed) {
virNetError(VIR_ERR_AUTH_CANCELLED, "%s",
_("authentication cancelled by user"));
+ } else if (pkout || pkerr) {
+ virNetError(VIR_ERR_AUTH_FAILED, "%s %s",
+ pkerr ? pkerr : "",
+ pkout ? pkout : "");
} else {
virNetError(VIR_ERR_AUTH_FAILED, "%s",
_("authentication failed"));
}
+
+ VIR_FREE(pkout);
+ VIR_FREE(pkerr);
virNetMessageSaveError(rerr);
virMutexUnlock(&priv->lock);
return -1;
--
1.7.7.5
12 years, 11 months
[libvirt] [PATCH v2] Add new error code VIR_ERROR_AUTH_CANCELLED
by Cole Robinson
And hook it up for policykit auth. This allows virt-manager to detect
that the user clicked the policykit 'cancel' button and not throw
an 'authentication failed' error message at the user.
v2:
Don't leak pkout
Signed-off-by: Cole Robinson <crobinso(a)redhat.com>
---
daemon/remote.c | 14 ++++++++++++--
include/libvirt/virterror.h | 1 +
src/util/virterror.c | 6 ++++++
3 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/daemon/remote.c b/daemon/remote.c
index 1ada146..cedc26a 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -2471,6 +2471,8 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
const char *action;
int status = -1;
char *ident = NULL;
+ int authdismissed = 0;
+ char *pkout = NULL;
struct daemonClientPrivate *priv =
virNetServerClientGetPrivateData(client);
virCommandPtr cmd = NULL;
@@ -2481,6 +2483,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
"org.libvirt.unix.manage";
cmd = virCommandNewArgList(PKCHECK_PATH, "--action-id", action, NULL);
+ virCommandSetOutputBuffer(cmd, &pkout);
VIR_DEBUG("Start PolicyKit auth %d", virNetServerClientGetFD(client));
if (virNetServerClientGetAuth(client) != VIR_NET_SERVER_SERVICE_AUTH_POLKIT) {
@@ -2509,6 +2512,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
if (virCommandRun(cmd, &status) < 0)
goto authfail;
+ authdismissed = (pkout && strstr(pkout, "dismissed=true"));
if (status != 0) {
char *tmp = virCommandTranslateStatus(status);
VIR_ERROR(_("Policy kit denied action %s from pid %lld, uid %d: %s"),
@@ -2533,9 +2537,15 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
error:
virCommandFree(cmd);
VIR_FREE(ident);
+ VIR_FREE(pkout);
virResetLastError();
- virNetError(VIR_ERR_AUTH_FAILED, "%s",
- _("authentication failed"));
+ if (authdismissed) {
+ virNetError(VIR_ERR_AUTH_CANCELLED, "%s",
+ _("authentication cancelled by user"));
+ } else {
+ virNetError(VIR_ERR_AUTH_FAILED, "%s",
+ _("authentication failed"));
+ }
virNetMessageSaveError(rerr);
virMutexUnlock(&priv->lock);
return -1;
diff --git a/include/libvirt/virterror.h b/include/libvirt/virterror.h
index e896d67..9844cbe 100644
--- a/include/libvirt/virterror.h
+++ b/include/libvirt/virterror.h
@@ -243,6 +243,7 @@ typedef enum {
risky domain snapshot revert */
VIR_ERR_OPERATION_ABORTED = 78, /* operation on a domain was
canceled/aborted by user */
+ VIR_ERR_AUTH_CANCELLED = 79, /* authentication cancelled */
} virErrorNumber;
/**
diff --git a/src/util/virterror.c b/src/util/virterror.c
index 85eec8d..31ddd9d 100644
--- a/src/util/virterror.c
+++ b/src/util/virterror.c
@@ -1022,6 +1022,12 @@ virErrorMsg(virErrorNumber error, const char *info)
else
errmsg = _("authentication failed: %s");
break;
+ case VIR_ERR_AUTH_CANCELLED:
+ if (info == NULL)
+ errmsg = _("authentication cancelled");
+ else
+ errmsg = _("authentication cancelled: %s");
+ break;
case VIR_ERR_NO_STORAGE_POOL:
if (info == NULL)
errmsg = _("Storage pool not found");
--
1.7.7.5
12 years, 11 months
[libvirt] [PATCH 1/2] qemu: caps: Fix segfault on daemon startup
by Cole Robinson
On my f16 box at least, this tries to free p unconditionally which isn't
always okay, 'p' is freeable only under a limited scope.
---
src/qemu/qemu_capabilities.c | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 6dee9d8..5487ecd 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -1336,10 +1336,9 @@ fail:
qemuReportError(VIR_ERR_INTERNAL_ERROR,
_("cannot parse %s version number in '%s'"),
qemu, p ? p : help);
-
-cleanup:
VIR_FREE(p);
+cleanup:
return -1;
}
--
1.7.7.5
12 years, 11 months