[libvirt] [PATCH] Fix Memory Leak in virQEMUCapsInitGuestFromBinary()
by Nehal J Wani
While running qemucaps2xmltest, it was found that valgrind pointed out
the following memory leaks:
==29896== 0 bytes in 1 blocks are definitely lost in loss record 1 of 65
==29896== at 0x4A0577B: calloc (vg_replace_malloc.c:593)
==29896== by 0x4C6B45E: virAllocN (viralloc.c:191)
==29896== by 0x4232A9: virQEMUCapsGetMachineTypesCaps (qemu_capabilities.c:1999)
==29896== by 0x4234E7: virQEMUCapsInitGuestFromBinary (qemu_capabilities.c:789)
==29896== by 0x41F10B: testQemuCapsXML (qemucaps2xmltest.c:118)
==29896== by 0x41FFD1: virtTestRun (testutils.c:201)
==29896== by 0x41EE7A: mymain (qemucaps2xmltest.c:203)
==29896== by 0x42074D: virtTestMain (testutils.c:789)
==29896== by 0x3E6CE1ED1C: (below main) (libc-start.c:226)
==29896==
==29896== 0 bytes in 1 blocks are definitely lost in loss record 2 of 65
==29896== at 0x4A0577B: calloc (vg_replace_malloc.c:593)
==29896== by 0x4C6B45E: virAllocN (viralloc.c:191)
==29896== by 0x4232A9: virQEMUCapsGetMachineTypesCaps (qemu_capabilities.c:1999)
==29896== by 0x4234E7: virQEMUCapsInitGuestFromBinary (qemu_capabilities.c:789)
==29896== by 0x41F10B: testQemuCapsXML (qemucaps2xmltest.c:118)
==29896== by 0x41FFD1: virtTestRun (testutils.c:201)
==29896== by 0x41EEA3: mymain (qemucaps2xmltest.c:204)
==29896== by 0x42074D: virtTestMain (testutils.c:789)
==29896== by 0x3E6CE1ED1C: (below main) (libc-start.c:226)
---
src/qemu/qemu_capabilities.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 7673592..a28816d 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -800,6 +800,7 @@ virQEMUCapsInitGuestFromBinary(virCapsPtr caps,
machines)) == NULL)
goto cleanup;
+ virCapabilitiesFreeMachines(machines, nmachines);
machines = NULL;
nmachines = 0;
@@ -852,6 +853,7 @@ virQEMUCapsInitGuestFromBinary(virCapsPtr caps,
goto cleanup;
}
+ virCapabilitiesFreeMachines(machines, nmachines);
machines = NULL;
nmachines = 0;
--
1.7.1
10 years, 9 months
[libvirt] [PATCH] security_dac: Honor norelabel attribute
by Michal Privoznik
The inspiration for this patch comes from a question on the list
asking if there's a way to not label some disks. Well, in DAC driver
there's not. Even if user have requested norelabel:
<disk type='file' device='disk'>
<driver name='qemu' type='raw'/>
<source file='/some/dummy/path/test.bin'>
<seclabel model='dac' relabel='no'/>
</source>
<target dev='vdb' bus='virtio'/>
<readonly/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
</disk>
the DAC driver ignores this completely. When adjusting the code, I
realized it's a ragbag with plenty of things that we try to avoid.
>From the variety just a few things: callback data were passed as:
void params[2];
params[0] = mgr;
params[1] = def;
Or my favorite - checking for passed pointer being non NULL on each
level of the stack, in each callee. As a pattern of readable code the
selinux driver was used.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/security/security_dac.c | 244 ++++++++++++++++++++++++--------------------
1 file changed, 131 insertions(+), 113 deletions(-)
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 9f45063..3b8fe04 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -53,6 +53,15 @@ struct _virSecurityDACData {
char *baselabel;
};
+typedef struct _virSecurityDACCallbackData virSecurityDACCallbackData;
+typedef virSecurityDACCallbackData *virSecurityDACCallbackDataPtr;
+
+struct _virSecurityDACCallbackData {
+ virSecurityManagerPtr manager;
+ virSecurityLabelDefPtr secdef;
+};
+
+
/* returns -1 on error, 0 on success */
int
virSecurityDACSetUserAndGroup(virSecurityManagerPtr mgr,
@@ -81,65 +90,42 @@ virSecurityDACSetDynamicOwnership(virSecurityManagerPtr mgr,
/* returns 1 if label isn't found, 0 on success, -1 on error */
static int
-virSecurityDACParseIds(virDomainDefPtr def, uid_t *uidPtr, gid_t *gidPtr)
+virSecurityDACParseIds(virSecurityLabelDefPtr seclabel,
+ uid_t *uidPtr, gid_t *gidPtr)
{
- uid_t uid;
- gid_t gid;
- virSecurityLabelDefPtr seclabel;
-
- if (def == NULL)
- return 1;
-
- seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
- if (seclabel == NULL || seclabel->label == NULL) {
- VIR_DEBUG("DAC seclabel for domain '%s' wasn't found", def->name);
+ if (!seclabel || !seclabel->label)
return 1;
- }
- if (virParseOwnershipIds(seclabel->label, &uid, &gid) < 0)
+ if (virParseOwnershipIds(seclabel->label, uidPtr, gidPtr) < 0)
return -1;
- if (uidPtr)
- *uidPtr = uid;
- if (gidPtr)
- *gidPtr = gid;
-
return 0;
}
static int
-virSecurityDACGetIds(virDomainDefPtr def, virSecurityDACDataPtr priv,
+virSecurityDACGetIds(virSecurityLabelDefPtr seclabel,
+ virSecurityDACDataPtr priv,
uid_t *uidPtr, gid_t *gidPtr,
gid_t **groups, int *ngroups)
{
int ret;
- if (!def && !priv) {
- virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
- _("Failed to determine default DAC seclabel "
- "for an unknown object"));
- return -1;
- }
-
if (groups)
*groups = priv ? priv->groups : NULL;
if (ngroups)
*ngroups = priv ? priv->ngroups : 0;
- if ((ret = virSecurityDACParseIds(def, uidPtr, gidPtr)) <= 0)
+ if ((ret = virSecurityDACParseIds(seclabel, uidPtr, gidPtr)) <= 0)
return ret;
if (!priv) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("DAC seclabel couldn't be determined "
- "for domain '%s'"), def->name);
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("DAC seclabel couldn't be determined"));
return -1;
}
- if (uidPtr)
- *uidPtr = priv->user;
- if (gidPtr)
- *gidPtr = priv->group;
+ *uidPtr = priv->user;
+ *gidPtr = priv->group;
return 0;
}
@@ -147,60 +133,36 @@ virSecurityDACGetIds(virDomainDefPtr def, virSecurityDACDataPtr priv,
/* returns 1 if label isn't found, 0 on success, -1 on error */
static int
-virSecurityDACParseImageIds(virDomainDefPtr def,
+virSecurityDACParseImageIds(virSecurityLabelDefPtr seclabel,
uid_t *uidPtr, gid_t *gidPtr)
{
- uid_t uid;
- gid_t gid;
- virSecurityLabelDefPtr seclabel;
-
- if (def == NULL)
- return 1;
-
- seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
- if (seclabel == NULL || seclabel->imagelabel == NULL) {
- VIR_DEBUG("DAC imagelabel for domain '%s' wasn't found", def->name);
+ if (!seclabel || !seclabel->imagelabel)
return 1;
- }
- if (virParseOwnershipIds(seclabel->imagelabel, &uid, &gid) < 0)
+ if (virParseOwnershipIds(seclabel->imagelabel, uidPtr, gidPtr) < 0)
return -1;
- if (uidPtr)
- *uidPtr = uid;
- if (gidPtr)
- *gidPtr = gid;
-
return 0;
}
static int
-virSecurityDACGetImageIds(virDomainDefPtr def, virSecurityDACDataPtr priv,
+virSecurityDACGetImageIds(virSecurityLabelDefPtr seclabel,
+ virSecurityDACDataPtr priv,
uid_t *uidPtr, gid_t *gidPtr)
{
int ret;
- if (!def && !priv) {
- virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
- _("Failed to determine default DAC imagelabel "
- "for an unknown object"));
- return -1;
- }
-
- if ((ret = virSecurityDACParseImageIds(def, uidPtr, gidPtr)) <= 0)
+ if ((ret = virSecurityDACParseImageIds(seclabel, uidPtr, gidPtr)) <= 0)
return ret;
if (!priv) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("DAC imagelabel couldn't be determined "
- "for domain '%s'"), def->name);
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("DAC imagelabel couldn't be determined"));
return -1;
}
- if (uidPtr)
- *uidPtr = priv->user;
- if (gidPtr)
- *gidPtr = priv->group;
+ *uidPtr = priv->user;
+ *gidPtr = priv->group;
return 0;
}
@@ -324,20 +286,32 @@ err:
static int
-virSecurityDACSetSecurityFileLabel(virDomainDiskDefPtr disk ATTRIBUTE_UNUSED,
+virSecurityDACSetSecurityFileLabel(virDomainDiskDefPtr disk,
const char *path,
size_t depth ATTRIBUTE_UNUSED,
void *opaque)
{
- void **params = opaque;
- virSecurityManagerPtr mgr = params[0];
- virDomainDefPtr def = params[1];
+ virSecurityDACCallbackDataPtr cbdata = opaque;
+ virSecurityManagerPtr mgr = cbdata->manager;
+ virSecurityLabelDefPtr secdef = cbdata->secdef;
virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+ virSecurityDeviceLabelDefPtr disk_seclabel;
uid_t user;
gid_t group;
- if (virSecurityDACGetImageIds(def, priv, &user, &group))
- return -1;
+ disk_seclabel = virDomainDiskDefGetSecurityLabelDef(disk,
+ SECURITY_DAC_NAME);
+
+ if (disk_seclabel && disk_seclabel->norelabel)
+ return 0;
+
+ if (disk_seclabel && disk_seclabel->label) {
+ if (virParseOwnershipIds(disk_seclabel->label, &user, &group) < 0)
+ return -1;
+ } else {
+ if (virSecurityDACGetImageIds(secdef, priv, &user, &group))
+ return -1;
+ }
return virSecurityDACSetOwnership(path, user, group);
}
@@ -349,8 +323,9 @@ virSecurityDACSetSecurityImageLabel(virSecurityManagerPtr mgr,
virDomainDiskDefPtr disk)
{
- void *params[2];
+ virSecurityDACCallbackData cbdata;
virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+ virSecurityLabelDefPtr secdef;
if (!priv->dynamicOwnership)
return 0;
@@ -358,12 +333,16 @@ virSecurityDACSetSecurityImageLabel(virSecurityManagerPtr mgr,
if (disk->type == VIR_DOMAIN_DISK_TYPE_NETWORK)
return 0;
- params[0] = mgr;
- params[1] = def;
+ secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
+ if (secdef && secdef->norelabel)
+ return 0;
+
+ cbdata.manager = mgr;
+ cbdata.secdef = secdef;
return virDomainDiskDefForeachPath(disk,
false,
virSecurityDACSetSecurityFileLabel,
- params);
+ &cbdata);
}
@@ -428,14 +407,14 @@ static int
virSecurityDACSetSecurityHostdevLabelHelper(const char *file,
void *opaque)
{
- void **params = opaque;
- virSecurityManagerPtr mgr = params[0];
- virDomainDefPtr def = params[1];
+ virSecurityDACCallbackDataPtr cbdata = opaque;
+ virSecurityManagerPtr mgr = cbdata->manager;
+ virSecurityLabelDefPtr secdef = cbdata->secdef;
virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
uid_t user;
gid_t group;
- if (virSecurityDACGetIds(def, priv, &user, &group, NULL, NULL))
+ if (virSecurityDACGetIds(secdef, priv, &user, &group, NULL, NULL))
return -1;
return virSecurityDACSetOwnership(file, user, group);
@@ -475,8 +454,8 @@ virSecurityDACSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
virDomainHostdevDefPtr dev,
const char *vroot)
{
- void *params[] = {mgr, def};
virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+ virSecurityDACCallbackData cbdata;
int ret = -1;
if (!priv->dynamicOwnership)
@@ -485,7 +464,13 @@ virSecurityDACSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
if (dev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
return 0;
- switch (dev->source.subsys.type) {
+ cbdata.manager = mgr;
+ cbdata.secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
+
+ if (cbdata.secdef && cbdata.secdef->norelabel)
+ return 0;
+
+ switch ((enum virDomainHostdevSubsysType) dev->source.subsys.type) {
case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB: {
virUSBDevicePtr usb;
@@ -498,8 +483,9 @@ virSecurityDACSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
if (!usb)
goto done;
- ret = virUSBDeviceFileIterate(usb, virSecurityDACSetSecurityUSBLabel,
- params);
+ ret = virUSBDeviceFileIterate(usb,
+ virSecurityDACSetSecurityUSBLabel,
+ &cbdata);
virUSBDeviceFree(usb);
break;
}
@@ -522,11 +508,12 @@ virSecurityDACSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
virPCIDeviceFree(pci);
goto done;
}
- ret = virSecurityDACSetSecurityPCILabel(pci, vfioGroupDev, params);
+ ret = virSecurityDACSetSecurityPCILabel(pci, vfioGroupDev, &cbdata);
VIR_FREE(vfioGroupDev);
} else {
- ret = virPCIDeviceFileIterate(pci, virSecurityDACSetSecurityPCILabel,
- params);
+ ret = virPCIDeviceFileIterate(pci,
+ virSecurityDACSetSecurityPCILabel,
+ &cbdata);
}
virPCIDeviceFree(pci);
@@ -546,15 +533,15 @@ virSecurityDACSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
if (!scsi)
goto done;
- ret = virSCSIDeviceFileIterate(scsi, virSecurityDACSetSecuritySCSILabel,
- params);
+ ret = virSCSIDeviceFileIterate(scsi,
+ virSecurityDACSetSecuritySCSILabel,
+ &cbdata);
virSCSIDeviceFree(scsi);
break;
}
- default:
- ret = 0;
+ case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_LAST:
break;
}
@@ -606,7 +593,7 @@ virSecurityDACRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr,
if (dev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
return 0;
- switch (dev->source.subsys.type) {
+ switch ((enum virDomainHostdevSubsysType) dev->source.subsys.type) {
case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB: {
virUSBDevicePtr usb;
@@ -684,34 +671,52 @@ done:
static int
virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
- virDomainChrSourceDefPtr dev)
+ virDomainChrDefPtr dev,
+ virDomainChrSourceDefPtr dev_source)
{
virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+ virSecurityLabelDefPtr seclabel;
+ virSecurityDeviceLabelDefPtr chr_seclabel = NULL;
char *in = NULL, *out = NULL;
int ret = -1;
uid_t user;
gid_t group;
- if (virSecurityDACGetIds(def, priv, &user, &group, NULL, NULL))
- return -1;
+ seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
- switch (dev->type) {
+ if (dev)
+ chr_seclabel = virDomainChrDefGetSecurityLabelDef(dev,
+ SECURITY_DAC_NAME);
+
+ if (seclabel->norelabel || (chr_seclabel && chr_seclabel->norelabel))
+ return 0;
+
+ if (chr_seclabel && chr_seclabel->label) {
+ if (virParseOwnershipIds(chr_seclabel->label, &user, &group) < 0)
+ return -1;
+ } else {
+ if (virSecurityDACGetIds(seclabel, priv, &user, &group, NULL, NULL))
+ return -1;
+ }
+
+ switch ((enum virDomainChrType) dev_source->type) {
case VIR_DOMAIN_CHR_TYPE_DEV:
case VIR_DOMAIN_CHR_TYPE_FILE:
- ret = virSecurityDACSetOwnership(dev->data.file.path, user, group);
+ ret = virSecurityDACSetOwnership(dev_source->data.file.path,
+ user, group);
break;
case VIR_DOMAIN_CHR_TYPE_PIPE:
- if ((virAsprintf(&in, "%s.in", dev->data.file.path) < 0) ||
- (virAsprintf(&out, "%s.out", dev->data.file.path) < 0))
+ if ((virAsprintf(&in, "%s.in", dev_source->data.file.path) < 0) ||
+ (virAsprintf(&out, "%s.out", dev_source->data.file.path) < 0))
goto done;
if (virFileExists(in) && virFileExists(out)) {
if ((virSecurityDACSetOwnership(in, user, group) < 0) ||
(virSecurityDACSetOwnership(out, user, group) < 0)) {
goto done;
}
- } else if (virSecurityDACSetOwnership(dev->data.file.path,
+ } else if (virSecurityDACSetOwnership(dev_source->data.file.path,
user, group) < 0) {
goto done;
}
@@ -736,7 +741,7 @@ virSecurityDACRestoreChardevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
char *in = NULL, *out = NULL;
int ret = -1;
- switch (dev->type) {
+ switch ((enum virDomainChrType) dev->type) {
case VIR_DOMAIN_CHR_TYPE_DEV:
case VIR_DOMAIN_CHR_TYPE_FILE:
ret = virSecurityDACRestoreSecurityFileLabel(dev->data.file.path);
@@ -789,7 +794,7 @@ virSecurityDACSetSecurityTPMFileLabel(virSecurityManagerPtr mgr,
switch (tpm->type) {
case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
- ret = virSecurityDACSetChardevLabel(mgr, def,
+ ret = virSecurityDACSetChardevLabel(mgr, def, NULL,
&tpm->data.passthrough.source);
break;
case VIR_DOMAIN_TPM_TYPE_LAST:
@@ -885,7 +890,7 @@ virSecurityDACSetChardevCallback(virDomainDefPtr def ATTRIBUTE_UNUSED,
{
virSecurityManagerPtr mgr = opaque;
- return virSecurityDACSetChardevLabel(mgr, def, &dev->source);
+ return virSecurityDACSetChardevLabel(mgr, def, dev, &dev->source);
}
@@ -895,13 +900,17 @@ virSecurityDACSetSecurityAllLabel(virSecurityManagerPtr mgr,
const char *stdin_path ATTRIBUTE_UNUSED)
{
virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+ virSecurityLabelDefPtr secdef;
size_t i;
uid_t user;
gid_t group;
- if (!priv->dynamicOwnership)
+ secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
+
+ if (!priv->dynamicOwnership || (secdef && secdef->norelabel))
return 0;
+
for (i = 0; i < def->ndisks; i++) {
/* XXX fixme - we need to recursively label the entire tree :-( */
if (def->disks[i]->type == VIR_DOMAIN_DISK_TYPE_DIR)
@@ -932,7 +941,7 @@ virSecurityDACSetSecurityAllLabel(virSecurityManagerPtr mgr,
return -1;
}
- if (virSecurityDACGetImageIds(def, priv, &user, &group))
+ if (virSecurityDACGetImageIds(secdef, priv, &user, &group))
return -1;
if (def->os.kernel &&
@@ -956,11 +965,14 @@ virSecurityDACSetSavedStateLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
const char *savefile)
{
+ virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+ virSecurityLabelDefPtr secdef;
uid_t user;
gid_t group;
- virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
- if (virSecurityDACGetImageIds(def, priv, &user, &group))
+ secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
+
+ if (virSecurityDACGetImageIds(secdef, priv, &user, &group))
return -1;
return virSecurityDACSetOwnership(savefile, user, group);
@@ -985,13 +997,16 @@ static int
virSecurityDACSetProcessLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def ATTRIBUTE_UNUSED)
{
+ virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+ virSecurityLabelDefPtr secdef;
uid_t user;
gid_t group;
gid_t *groups;
int ngroups;
- virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
- if (virSecurityDACGetIds(def, priv, &user, &group, &groups, &ngroups))
+ secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
+
+ if (virSecurityDACGetIds(secdef, priv, &user, &group, &groups, &ngroups))
return -1;
VIR_DEBUG("Dropping privileges of DEF to %u:%u, %d supplemental groups",
@@ -1009,11 +1024,14 @@ virSecurityDACSetChildProcessLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def ATTRIBUTE_UNUSED,
virCommandPtr cmd)
{
+ virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+ virSecurityLabelDefPtr secdef;
uid_t user;
gid_t group;
- virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
- if (virSecurityDACGetIds(def, priv, &user, &group, NULL, NULL))
+ secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
+
+ if (virSecurityDACGetIds(secdef, priv, &user, &group, NULL, NULL))
return -1;
VIR_DEBUG("Setting child to drop privileges of DEF to %u:%u",
--
1.9.0
10 years, 9 months
[libvirt] [PATCH v2] dnsmasq: allowing RFC 2782 compliant SRV records
by Steven Malin
This patch allows RFC 2782 compliant SRV records in the network
config and corrects the documentation.
---
docs/formatnetwork.html.in | 6 +++---
src/conf/network_conf.c | 6 ++++--
2 files changed, 7 insertions(+), 5 deletions(-)
diff --git a/docs/formatnetwork.html.in b/docs/formatnetwork.html.in
index fc56b42..9d3e525 100644
--- a/docs/formatnetwork.html.in
+++ b/docs/formatnetwork.html.in
@@ -721,7 +721,7 @@
<txt name="example" value="example value" />
<forwarder addr="8.8.8.8"/>
<forwarder addr="8.8.4.4"/>
- <srv service='name' protocol='tcp' domain='test-domain-name' target='.' port='1024' priority='10' weight='10'/>
+ <srv service='_name' protocol='_tcp' domain='test-domain-name' target='.' port='1024' priority='10' weight='10'/>
<host ip='192.168.122.2'>
<hostname>myhost</hostname>
<hostname>myhostalias</hostname>
@@ -805,8 +805,8 @@
<dd>The <code>dns</code> element can have also 0 or more <code>srv</code>
record elements. Each <code>srv</code> record element defines a DNS SRV record
and has 2 mandatory and 5 optional attributes. The mandatory attributes
- are service name and protocol (tcp, udp) and the optional attributes are
- target, port, priority, weight and domain as defined in DNS server SRV
+ are service name (_name) and protocol (_tcp, _udp) and the optional attributes
+ are target, port, priority, weight and domain as defined in DNS server SRV
RFC (RFC 2782).
<span class="since">Since 0.9.9</span>
</dd>
diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c
index bac0465..c7d55c8 100644
--- a/src/conf/network_conf.c
+++ b/src/conf/network_conf.c
@@ -961,9 +961,11 @@ virNetworkDNSSrvDefParseXML(const char *networkName,
goto error;
}
- /* Check whether protocol value is the supported one */
+ /* Check whether protocol value is supported (allows RFC 2782 compliance) */
if (def->protocol && STRNEQ(def->protocol, "tcp") &&
- (STRNEQ(def->protocol, "udp"))) {
+ STRNEQ(def->protocol, "udp") &&
+ STRNEQ(def->protocol, "_tcp") &&
+ STRNEQ(def->protocol, "_udp")) {
virReportError(VIR_ERR_XML_DETAIL,
_("Invalid protocol attribute value '%s' "
"in DNS SRV record of network %s"),
--
1.7.1
10 years, 9 months
[libvirt] [PATCH 0/5] virCommandRunRegex cleanups
by Ján Tomko
Simplify the code. This should have no functional change
(except for the impossible leak fix in 3/5). Most of this
functionality is tested in viriscsitest.
Ján Tomko (5):
Remove useless 'maxReg' variable
Simplify the loop in virCommandRunRegex
Free groups in case of a partial match
Use VIR_STRNDUP instead of modifying the matched string
Shift the for loop over matched vars by one
src/util/vircommand.c | 46 +++++++++++++++++++---------------------------
1 file changed, 19 insertions(+), 27 deletions(-)
--
1.8.3.2
10 years, 9 months
[libvirt] [RFC] VM which uses macvtap will not respond ping request when being migrated
by Wangrui (K)
A vm which uses macvtap will not respond ping request, when the vm is being migrated.
I found that on the destination side the macvtap will send a IPv6 packet at the begin of migration to update the route table in switch, however VM is still on the src.
In this case , what can I do to avoid VM's network disconnection
Regards,
Wangrui
10 years, 9 months
[libvirt] [PATCH 0/3] v2: qemu: export disk snapshot capability
by Francesco Romani
This patch series extend the QEMU capabilities XML to report
if the underlying QEMU binary supports, or not, the live
disk snapshotting.
Without this patch series, the only way to know if QEMU
has this support is to actually request a disk snapshot and
to see what happens.
The change is split in three patches:
* patch #1
actually adds the new element in the QEMU capabilities XML.
formatcaps.html.in wasn't very detailed about the actual XML format,
so I've not updated it.
Anyone feel free to point out what should be added, and I'll comply.
The new element has the form
<disksnapshot default='value' toggle='off'>
because I'd like to convey two informations:
- disk snapshot is supposed to be here, and it is (default='on')
- disk snapshot is supposed to be here, and is NOT (default='off')
Put in a different way, I tried to help the client as much as
possible.
This patch was alread reviewed in the first version of this changeset
and it is unchanged.
* patch #2
Extracts the actual QMEU guest capability inizialitation from the binary probe/capabilities
code, in order to isolate the actual initialization from the probing part.
I added a new function for the real initialization and left the interface unchanged.
Existing code will still call the old code which do the probing and after that calls
the new initialization function.
The main purpose of this patch is to
* allow to write an unit test for this change
* make the unit test more robust (with respect the first version of this change)
and make it independent from the filesystem layout/qemu availability
* patch #3
add a new unit test, aiming to test not only this new feature
but also the whole output XML capabilities.
Francesco Romani (3):
qemu: export disk snapshot support in capabilities
qemu: extract guest capabilities initialization
qemu: add unit tests for the capabilities xml
docs/schemas/capability.rng | 6 +
src/qemu/qemu_capabilities.c | 50 +++--
src/qemu/qemu_capabilities.h | 7 +
tests/Makefile.am | 10 +-
tests/qemucaps2xmldata/all_1.6.0-1.caps | 142 ++++++++++++++
tests/qemucaps2xmldata/all_1.6.0-1.xml | 31 ++++
tests/qemucaps2xmldata/nodisksnapshot_1.6.0-1.caps | 141 ++++++++++++++
tests/qemucaps2xmldata/nodisksnapshot_1.6.0-1.xml | 31 ++++
tests/qemucaps2xmltest.c | 206 +++++++++++++++++++++
9 files changed, 609 insertions(+), 15 deletions(-)
create mode 100644 tests/qemucaps2xmldata/all_1.6.0-1.caps
create mode 100644 tests/qemucaps2xmldata/all_1.6.0-1.xml
create mode 100644 tests/qemucaps2xmldata/nodisksnapshot_1.6.0-1.caps
create mode 100644 tests/qemucaps2xmldata/nodisksnapshot_1.6.0-1.xml
create mode 100644 tests/qemucaps2xmltest.c
--
1.8.5.3
10 years, 9 months
[libvirt] [PATCH v2 0/2] bhyve: add xml2args unittest
by Roman Bogorodskiy
Changes from v1:
- Chase MAC address support by adding virMacAddrGenerate() mock, so
we can get a constant MAC address
- Add a test for the case when MAC address is specified in the
domain xml
Roman Bogorodskiy (2):
Move virBhyveTapGetRealDeviceName to virnetdevtap
bhyve: add xml2args unittest
src/bhyve/bhyve_command.c | 70 +---------
src/libvirt_private.syms | 1 +
src/util/virnetdevtap.c | 78 +++++++++++
src/util/virnetdevtap.h | 3 +
tests/Makefile.am | 25 ++++
.../bhyvexml2argvdata/bhyvexml2argv-acpiapic.args | 3 +
tests/bhyvexml2argvdata/bhyvexml2argv-acpiapic.xml | 24 ++++
tests/bhyvexml2argvdata/bhyvexml2argv-base.args | 3 +
tests/bhyvexml2argvdata/bhyvexml2argv-base.xml | 20 +++
.../bhyvexml2argv-disk-virtio.args | 3 +
.../bhyvexml2argv-disk-virtio.xml | 20 +++
tests/bhyvexml2argvdata/bhyvexml2argv-macaddr.args | 3 +
tests/bhyvexml2argvdata/bhyvexml2argv-macaddr.xml | 21 +++
tests/bhyvexml2argvmock.c | 49 +++++++
tests/bhyvexml2argvtest.c | 155 +++++++++++++++++++++
15 files changed, 409 insertions(+), 69 deletions(-)
create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-acpiapic.args
create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-acpiapic.xml
create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-base.args
create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-base.xml
create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-disk-virtio.args
create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-disk-virtio.xml
create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-macaddr.args
create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-macaddr.xml
create mode 100644 tests/bhyvexml2argvmock.c
create mode 100644 tests/bhyvexml2argvtest.c
--
1.8.4.2
10 years, 9 months
[libvirt] [PATCH] qemuDomainAttachDeviceFlags: Parse device xml as inactive
by Michal Privoznik
In all other drivers we are doing so. Moreover, we don't want to parse
runtime information in attach (even if the attach is meant as live)
because we are generating the runtime info ourselves. We can't trust
users they supply sane values anyway.
==1140== 9 bytes in 1 blocks are definitely lost in loss record 72 of 1,151
==1140== at 0x4A06C2B: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==1140== by 0x623C758: xmlStrndup (in /usr/lib64/libxml2.so.2.9.1)
==1140== by 0x50FD763: virXMLPropString (virxml.c:483)
==1140== by 0x510F8B7: virDomainDeviceInfoParseXML (domain_conf.c:3685)
==1140== by 0x511ACFD: virDomainChrDefParseXML (domain_conf.c:7535)
==1140== by 0x5121D13: virDomainDeviceDefParse (domain_conf.c:9918)
==1140== by 0x13AE6313: qemuDomainAttachDeviceFlags (qemu_driver.c:6926)
==1140== by 0x13AE65FA: qemuDomainAttachDevice (qemu_driver.c:7005)
==1140== by 0x51C77DA: virDomainAttachDevice (libvirt.c:10231)
==1140== by 0x127FDD: remoteDispatchDomainAttachDevice (remote_dispatch.h:2404)
==1140== by 0x127EC5: remoteDispatchDomainAttachDeviceHelper (remote_dispatch.h:2382)
==1140== by 0x5241F81: virNetServerProgramDispatchCall (virnetserverprogram.c:437)
When doing live attach, we are passing the inactive definition anyway
since we are passing the result of virDomainDeviceDefCopy() which does
inactive copy by default.
Moreover, we are doing the same mistake in qemuhotplugtest.
Just a side note - it makes perfect sense to parse the runtime info
like alias in qemuDomainDetachDevice and qemuDomainUpdateDeviceFlags()
as in some cases the only difference to distinguish two devices can be
just their alias.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/qemu/qemu_driver.c | 6 +-----
tests/qemuhotplugtest.c | 7 ++++++-
2 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 2707bec..8678d24 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -6871,7 +6871,7 @@ static int qemuDomainAttachDeviceFlags(virDomainPtr dom, const char *xml,
virDomainDefPtr vmdef = NULL;
virDomainDeviceDefPtr dev = NULL, dev_copy = NULL;
int ret = -1;
- unsigned int affect, parse_flags = 0;
+ unsigned int affect, parse_flags = VIR_DOMAIN_XML_INACTIVE;
virQEMUCapsPtr qemuCaps = NULL;
qemuDomainObjPrivatePtr priv;
virQEMUDriverConfigPtr cfg = NULL;
@@ -6919,10 +6919,6 @@ static int qemuDomainAttachDeviceFlags(virDomainPtr dom, const char *xml,
goto endjob;
}
- if ((flags & VIR_DOMAIN_AFFECT_CONFIG) &&
- !(flags & VIR_DOMAIN_AFFECT_LIVE))
- parse_flags |= VIR_DOMAIN_XML_INACTIVE;
-
dev = dev_copy = virDomainDeviceDefParse(xml, vm->def,
caps, driver->xmlopt,
parse_flags);
diff --git a/tests/qemuhotplugtest.c b/tests/qemuhotplugtest.c
index 4ef81e0..a7a4065 100644
--- a/tests/qemuhotplugtest.c
+++ b/tests/qemuhotplugtest.c
@@ -209,6 +209,7 @@ testQemuHotplug(const void *data)
const char *const *tmp;
bool fail = test->fail;
bool keep = test->keep;
+ unsigned int device_parse_flags = 0;
virDomainObjPtr vm = NULL;
virDomainDeviceDefPtr dev = NULL;
virCapsPtr caps = NULL;
@@ -244,8 +245,12 @@ testQemuHotplug(const void *data)
goto cleanup;
}
+ if (test->action == ATTACH)
+ device_parse_flags = VIR_DOMAIN_XML_INACTIVE;
+
if (!(dev = virDomainDeviceDefParse(device_xml, vm->def,
- caps, driver.xmlopt, 0)))
+ caps, driver.xmlopt,
+ device_parse_flags)))
goto cleanup;
/* Now is the best time to feed the spoofed monitor with predefined
--
1.9.0
10 years, 9 months
[libvirt] [PATCH v5 0/2] fix query-command-line-options
by Amos Kong
This patchset fixed some issues of query-command-line-options:
* some new options that haven't argument can't be queried. (eg: -enable-fips)
* some legacy options that have argument can't be queried. (eg: -vnc display)
More discussion:
http://marc.info/?l=qemu-devel&m=139081830416684&w=2
V2: remove duplicate option tables, update schema (eric)
V3: fix typo in commitlog and export qemu_options talbe (eric)
V4: avoid the duplicate static table (eric)
V5: rename new field, other fix (markus)
Thanks for your review!
Amos Kong (2):
qmp: rename query_option_descs() to get_param_infolist()
query-command-line-options: query all the options in qemu-options.hx
qapi-schema.json | 9 +++++++--
qemu-options.h | 12 ++++++++++++
util/qemu-config.c | 49 +++++++++++++++++++++++++++++++++++++++----------
vl.c | 19 ++-----------------
4 files changed, 60 insertions(+), 29 deletions(-)
--
1.8.5.3
10 years, 9 months
[libvirt] [libvirt-java] [PATCH 0/2] Ensure JNA callbacks cannot be GCed
by Chris Ellis
Hi.
This is a small patch set to fix a few issues I've discovered while testing Claudio's patch set.
The first patch is trivial, it adds the ConnectionCloseListener interface and corresponding
enum, which were missing.
The second patch ensures that the JNA callbacks cannot be garbage collected whilst still
registered with the libvirt C library. Durring testing, I was finding that events would
stop working. Wireshark showed the remote daemon sending the event and some time spent
tracing through the libvirt calls led me to discover that the JNA callback objects were
being GCed. The JNA documentation states that a reference to the Callback object must be
held whilst it is in use by the C layer. This patch updates the map of event listeners
to also hold a reference to the callback object.
Regards,
Chris
Chris Ellis (2):
Add close listener types
Ensure JNA callbacks cannot get GCed
src/main/java/org/libvirt/Connect.java | 37 ++++++++++++++--------
.../org/libvirt/event/ConnectionCloseListener.java | 9 ++++++
.../org/libvirt/event/ConnectionCloseReason.java | 8 +++++
3 files changed, 41 insertions(+), 13 deletions(-)
create mode 100644 src/main/java/org/libvirt/event/ConnectionCloseListener.java
create mode 100644 src/main/java/org/libvirt/event/ConnectionCloseReason.java
--
1.8.4.5
10 years, 9 months