[libvirt] [PATCH] Don't error when attaching security label of model "none"
by Daniel P. Berrange
If you invoke virDomainLxcEnterSecurityLabel() on security
model of "none" it will report an error. Logically a "none"
security model should be treated as a no-op, so we should
just return success immediately, instead of an error.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
src/libvirt-lxc.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/libvirt-lxc.c b/src/libvirt-lxc.c
index 16e08e9..c487ece 100644
--- a/src/libvirt-lxc.c
+++ b/src/libvirt-lxc.c
@@ -257,6 +257,8 @@ virDomainLxcEnterSecurityLabel(virSecurityModelPtr model,
_("Support for AppArmor is not enabled"));
goto error;
#endif
+ } else if (STREQ(model->model, "none")) {
+ /* nothing todo */
} else {
virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED,
_("Security model %s cannot be entered"),
--
2.7.4
8 years, 5 months
[libvirt] [PATCH] Make really sure we don't access non-existing vCPUs
by Martin Kletzander
MinGW complained that we might be dereferencing a NULL pointer. While
that's most probably not going to be true (now), the logic certainly
allows for that and we might actually do this a lot in the future with
sparse vcpu mapping.
../../src/conf/domain_conf.c: In function 'virDomainDefGetVcpuPinInfoHelper':
../../src/conf/domain_conf.c:1545:17: error: potential null pointer
dereference [-Werror=null-dereference]
if (vcpu->cpumask)
~~~~^~~~~~~~~
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
I could've pushed this as a build breaker, but I'm not really sure
everyone will like this to be handled this way. I also did another
fix for this where we don't do int->size_t->int casting all the time,
but it's probably not worth the hassle. Also I don't know whether
Peter has more stuff for this in his pockets now, so I figured I
rather submit this for review.
src/conf/domain_conf.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 16e0736e09db..308073897880 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -1542,6 +1542,9 @@ virDomainDefGetVcpuPinInfoHelper(virDomainDefPtr def,
virDomainVcpuDefPtr vcpu = virDomainDefGetVcpu(def, i);
virBitmapPtr bitmap = NULL;
+ if (!vcpu)
+ continue;
+
if (vcpu->cpumask)
bitmap = vcpu->cpumask;
else if (def->placement_mode == VIR_DOMAIN_CPU_PLACEMENT_MODE_AUTO &&
--
2.9.0
8 years, 5 months
[libvirt] [PATCHv2 0/2] disable default gateway in IPv6 RA for isolated networks
by Maxim Perevedentsev
In case of DHCPv6 in isolated network, we start dnsmasq
which sends Router Advertisements (RA). If RA containts no gateway
then the link-local address of the source of RA is considered
a gateway (and guest installs a corresponding default route).
If a guest has two network interfaces (public and isolated network)
and the user installs a default route through "public" interface,
the guest will have something like
default via fe80::ffff:1:1 dev eth2 metric 1024
default via fe80::5054:ff:fe0a:d808 dev eth3 proto ra metric 1024 expires 1789sec
RA route metric may vary, and it is preferred.
The validity of default route is controlled by
"default [route] lifetime" field in RA. If it is 0, then
the default gateway announced is considered invalid,
and no default route is installed into guest.
dnsmasq 2.67+ supports "ra-param=<interface>,<RA interval>,<default lifetime>"
option. We can pass "ra-param=*,0,0" (here, RA_interval=0 means default)
to disable default gateway in RA.
This patchset adds detection for "ra-param" in dnsmasq and
sets "ra-param=*,0,0" for isolated network if dnsmasq supports it.
Maxim Perevedentsev (2):
Fix message about dnsmasq BINDTODEVICE capability.
dnsmasq: disable IPv6 default gateway in RA for isolated networks
src/network/bridge_driver.c | 7 +++++++
src/util/virdnsmasq.c | 8 ++++++--
src/util/virdnsmasq.h | 1 +
3 files changed, 14 insertions(+), 2 deletions(-)
--
1.8.3.1
8 years, 5 months
[libvirt] [PATCH V2] systemd: fix ready notification on abstract socket
by Jim Fehlig
At least with systemd v210, NOTIFY_SOCKET is abstact, e.g.
@/org/freedesktop/systemd1/notify. sendmsg() fails on such a socket
with "Connection refused". The unix(7) man page contains the following
details wrt abstract socket addresses
abstract: an abstract socket address is distinguished (from a
pathname socket) by the fact that sun_path[0] is a null byte
('\0'). The socket's address in this namespace is given by the
additional bytes in sun_path that are covered by the specified
length of the address structure. (Null bytes in the name have
no special significance.)
So we need to be more precise about the address length, setting it to
the sizeof sa_family_t + length of address copied to sun_path instead
of setting it to the sizeof the entire sockaddr_un struct.
Resolves: https://bugzilla.opensuse.org/show_bug.cgi?id=987668
Signed-off-by: Jim Fehlig <jfehlig(a)suse.com>
---
V2:
Use offsetof() to calculate size of sa_family_t field of the
sockaddr_un structure instead of sizeof().
src/util/virsystemd.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/util/virsystemd.c b/src/util/virsystemd.c
index 871db7e..969cd68 100644
--- a/src/util/virsystemd.c
+++ b/src/util/virsystemd.c
@@ -495,7 +495,6 @@ virSystemdNotifyStartup(void)
};
struct msghdr mh = {
.msg_name = &un,
- .msg_namelen = sizeof(un),
.msg_iov = &iov,
.msg_iovlen = 1,
};
@@ -515,6 +514,8 @@ virSystemdNotifyStartup(void)
if (un.sun_path[0] == '@')
un.sun_path[0] = '\0';
+ mh.msg_namelen = offsetof(struct sockaddr_un, sun_path) + strlen(path);
+
fd = socket(AF_UNIX, SOCK_DGRAM, 0);
if (fd < 0) {
VIR_WARN("Unable to create socket FD");
--
2.8.4
8 years, 5 months
[libvirt] [PATCH] systemd: fix ready notification on abstract socket
by Jim Fehlig
At least with systemd v210, NOTIFY_SOCKET is abstact, e.g.
@/org/freedesktop/systemd1/notify. sendmsg() fails on such a socket
with "Connection refused". The unix(7) man page contains the following
details wrt abstract socket addresses
abstract: an abstract socket address is distinguished (from a
pathname socket) by the fact that sun_path[0] is a null byte
('\0'). The socket's address in this namespace is given by the
additional bytes in sun_path that are covered by the specified
length of the address structure. (Null bytes in the name have
no special significance.)
So we need to be more precise about the address length, setting it to
the sizeof sa_family_t + length of address copied to sun_path instead
of setting it to the sizeof the entire sockaddr_un struct.
Resolves: https://bugzilla.opensuse.org/show_bug.cgi?id=987668
Signed-off-by: Jim Fehlig <jfehlig(a)suse.com>
---
src/util/virsystemd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/util/virsystemd.c b/src/util/virsystemd.c
index 871db7e..1b5e9fe 100644
--- a/src/util/virsystemd.c
+++ b/src/util/virsystemd.c
@@ -495,7 +495,6 @@ virSystemdNotifyStartup(void)
};
struct msghdr mh = {
.msg_name = &un,
- .msg_namelen = sizeof(un),
.msg_iov = &iov,
.msg_iovlen = 1,
};
@@ -521,6 +520,7 @@ virSystemdNotifyStartup(void)
return;
}
+ mh.msg_namelen = sizeof(sa_family_t) + strlen(path);
if (sendmsg(fd, &mh, MSG_NOSIGNAL) < 0)
VIR_WARN("Failed to notify systemd");
--
2.1.4
8 years, 5 months
[libvirt] [PATCH] esx: Fetch snapshot info directly for filtering
by Tomáš Golembiovský
When fetching domains with virConnectListAllDomains() and when filtering
by snapshot existence is requested the ESX driver first lists all the
domains and then check one-by-one for snapshot existence. This process
takes unnecessarily long time.
To significantly improve the time necessary to finish the query we can
request the snapshot related info directly when querying the list of
domains from VMware.
Signed-off-by: Tomáš Golembiovský <tgolembi(a)redhat.com>
---
src/esx/esx_driver.c | 22 +++++++++++++++++++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c
index eae015a..3d90b69 100644
--- a/src/esx/esx_driver.c
+++ b/src/esx/esx_driver.c
@@ -4924,6 +4924,7 @@ esxConnectListAllDomains(virConnectPtr conn,
int count = 0;
bool autostart;
int state;
+ esxVI_DynamicProperty *dynamicProperty = NULL;
virCheckFlags(VIR_CONNECT_LIST_DOMAINS_FILTERS_ALL, -1);
@@ -4985,6 +4986,13 @@ esxConnectListAllDomains(virConnectPtr conn,
}
}
+ if (MATCH(VIR_CONNECT_LIST_DOMAINS_FILTERS_SNAPSHOT)) {
+ if (esxVI_String_AppendValueToList(&propertyNameList,
+ "snapshot.rootSnapshotList") < 0) {
+ goto cleanup;
+ }
+ }
+
if (esxVI_LookupVirtualMachineList(priv->primary, propertyNameList,
&virtualMachineList) < 0)
goto cleanup;
@@ -5023,11 +5031,19 @@ esxConnectListAllDomains(virConnectPtr conn,
/* filter by snapshot existence */
if (MATCH(VIR_CONNECT_LIST_DOMAINS_FILTERS_SNAPSHOT)) {
+
esxVI_VirtualMachineSnapshotTree_Free(&rootSnapshotTreeList);
- if (esxVI_LookupRootSnapshotTreeList(priv->primary, uuid,
- &rootSnapshotTreeList) < 0) {
- goto cleanup;
+ for (dynamicProperty = virtualMachine->propSet; dynamicProperty;
+ dynamicProperty = dynamicProperty->_next) {
+ if (STREQ(dynamicProperty->name, "snapshot.rootSnapshotList")) {
+ if (esxVI_VirtualMachineSnapshotTree_CastListFromAnyType
+ (dynamicProperty->val, &rootSnapshotTreeList) < 0) {
+ goto cleanup;
+ }
+
+ break;
+ }
}
if (!((MATCH(VIR_CONNECT_LIST_DOMAINS_HAS_SNAPSHOT) &&
--
2.9.0
8 years, 5 months
[libvirt] [PATCH 0/2] mingw build fixes
by Eric Blake
If I don't get a review in a couple of days, I can probably
justify them under the build-breaker rule; on the other hand,
since mingw doesn't get as much testing, I'm not in a rush
to push right away.
Eric Blake (2):
build: virrandommock.c not needed on mingw
build: drop hack for old mingw ssize_t
gnulib/local/m4/ssize_t.m4.diff | 34 ----------------------------------
tests/virrandommock.c | 19 ++++++++++++-------
2 files changed, 12 insertions(+), 41 deletions(-)
delete mode 100644 gnulib/local/m4/ssize_t.m4.diff
--
2.5.5
8 years, 5 months
[libvirt] [PATCH] examples: If parameters count is zero we have nothing to do
by Marc Hartmayer
The virDomainGetCPUStats() API contract permits nparams ==
0. print_cpu_usage() assumes nparams > 0 because the domtop example
application isn't very useful if there are no statistics. Explicitly
error out to avoid potentially using the local variable pos
uninitialized.
Reviewed-by: Boris Fiuczynski <fiuczy(a)linux.vnet.ibm.com>
Reviewed-by: Sascha Silbe <silbe(a)linux.vnet.ibm.com>
Reviewed-by: Bjoern Walk <bwalk(a)linux.vnet.ibm.com>
Signed-off-by: Marc Hartmayer <mhartmay(a)linux.vnet.ibm.com>
---
examples/domtop/domtop.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/examples/domtop/domtop.c b/examples/domtop/domtop.c
index 2283994..f8e250b 100644
--- a/examples/domtop/domtop.c
+++ b/examples/domtop/domtop.c
@@ -203,6 +203,11 @@ print_cpu_usage(const char *dom_name,
size_t nparams = now_nparams;
bool delim = false;
+ if (nparams == 0) {
+ ERROR("parameter count is zero");
+ return;
+ }
+
if (then_nparams != now_nparams) {
/* this should not happen (TM) */
ERROR("parameters counts don't match");
--
2.5.5
8 years, 5 months
[libvirt] [PATCH v2] qemu: add a max_core setting to qemu.conf for core dump size
by Daniel P. Berrange
Currently the QEMU processes inherit their core dump rlimit
from libvirtd, which is really suboptimal. This change allows
their limit to be directly controller from qemu.conf instead.
---
Changed in v2:
- Allow use of string "unlimited"
src/libvirt_private.syms | 2 ++
src/qemu/libvirtd_qemu.aug | 1 +
src/qemu/qemu.conf | 16 +++++++++++++++-
src/qemu/qemu_conf.c | 17 +++++++++++++++++
src/qemu/qemu_conf.h | 1 +
src/qemu/qemu_process.c | 1 +
src/qemu/test_libvirtd_qemu.aug.in | 1 +
src/util/vircommand.c | 14 ++++++++++++++
src/util/vircommand.h | 1 +
src/util/virprocess.c | 36 ++++++++++++++++++++++++++++++++++++
src/util/virprocess.h | 1 +
11 files changed, 90 insertions(+), 1 deletion(-)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 597ce5f..773d935 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1371,6 +1371,7 @@ virCommandSetErrorFD;
virCommandSetGID;
virCommandSetInputBuffer;
virCommandSetInputFD;
+virCommandSetMaxCoreSize;
virCommandSetMaxFiles;
virCommandSetMaxMemLock;
virCommandSetMaxProcesses;
@@ -2180,6 +2181,7 @@ virProcessRunInMountNamespace;
virProcessSchedPolicyTypeFromString;
virProcessSchedPolicyTypeToString;
virProcessSetAffinity;
+virProcessSetMaxCoreSize;
virProcessSetMaxFiles;
virProcessSetMaxMemLock;
virProcessSetMaxProcesses;
diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug
index 8bc23ba..a8edc2b 100644
--- a/src/qemu/libvirtd_qemu.aug
+++ b/src/qemu/libvirtd_qemu.aug
@@ -72,6 +72,7 @@ module Libvirtd_qemu =
| bool_entry "set_process_name"
| int_entry "max_processes"
| int_entry "max_files"
+ | int_entry "max_core"
| str_entry "stdio_handler"
let device_entry = bool_entry "mac_filter"
diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
index 7964273..fac33ec 100644
--- a/src/qemu/qemu.conf
+++ b/src/qemu/qemu.conf
@@ -401,7 +401,21 @@
#max_processes = 0
#max_files = 0
-
+# If max_core is set to a positive integer, then QEMU will be
+# permitted to create core dumps when it crashes, provided its
+# RAM size is smaller than the limit set. Be warned that the
+# core dump will include a full copy of the guest RAM, so if
+# the largest guest is 32 GB in size, the max_core limit will
+# have to be at least 33/34 GB to allow enough overhead.
+#
+# As a special case it can be set to the string "unlimited" to
+# to allow arbitrarily sized core dumps.
+#
+# By default the core dump size is set to 0 disabling all dumps
+#
+# Size is in bytes or string "unlimited"
+#max_core = 0
+#max_core = "unlimited"
# mac_filter enables MAC addressed based filtering on bridge ports.
# This currently requires ebtables to be installed.
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index fa9d65e..45d039c 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -393,6 +393,7 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg,
char **controllers = NULL;
char **hugetlbfs = NULL;
char **nvram = NULL;
+ char *corestr = NULL;
/* Just check the file is readable before opening it, otherwise
* libvirt emits an error.
@@ -633,6 +634,21 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg,
if (virConfGetValueUInt(conf, "max_files", &cfg->maxFiles) < 0)
goto cleanup;
+ if (virConfGetValueType(conf, "max_core") == VIR_CONF_STRING) {
+ if (virConfGetValueString(conf, "max_core", &corestr) < 0)
+ goto cleanup;
+ if (STREQ(corestr, "unlimited")) {
+ cfg->maxCore = ULLONG_MAX;
+ } else {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("Unknown core size '%s'"),
+ corestr);
+ goto cleanup;
+ }
+ } else if (virConfGetValueULLong(conf, "max_core", &cfg->maxCore) < 0) {
+ goto cleanup;
+ }
+
if (virConfGetValueString(conf, "lock_manager", &cfg->lockManagerName) < 0)
goto cleanup;
if (virConfGetValueString(conf, "stdio_handler", &stdioHandler) < 0)
@@ -715,6 +731,7 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg,
virStringFreeList(controllers);
virStringFreeList(hugetlbfs);
virStringFreeList(nvram);
+ VIR_FREE(corestr);
VIR_FREE(user);
VIR_FREE(group);
virConfFree(conf);
diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h
index 510cd9a..b730202 100644
--- a/src/qemu/qemu_conf.h
+++ b/src/qemu/qemu_conf.h
@@ -148,6 +148,7 @@ struct _virQEMUDriverConfig {
unsigned int maxProcesses;
unsigned int maxFiles;
+ unsigned long long maxCore;
unsigned int maxQueuedJobs;
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 4adb14e..a7cbd59 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -5069,6 +5069,7 @@ qemuProcessLaunch(virConnectPtr conn,
virCommandSetPreExecHook(cmd, qemuProcessHook, &hookData);
virCommandSetMaxProcesses(cmd, cfg->maxProcesses);
virCommandSetMaxFiles(cmd, cfg->maxFiles);
+ virCommandSetMaxCoreSize(cmd, cfg->maxCore);
virCommandSetUmask(cmd, 0x002);
VIR_DEBUG("Setting up security labelling");
diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qemu.aug.in
index c4d4f19..c3d6da5 100644
--- a/src/qemu/test_libvirtd_qemu.aug.in
+++ b/src/qemu/test_libvirtd_qemu.aug.in
@@ -62,6 +62,7 @@ module Test_libvirtd_qemu =
{ "set_process_name" = "1" }
{ "max_processes" = "0" }
{ "max_files" = "0" }
+{ "max_core" = "0" }
{ "mac_filter" = "1" }
{ "relaxed_acs_check" = "1" }
{ "allow_disk_format_probing" = "1" }
diff --git a/src/util/vircommand.c b/src/util/vircommand.c
index f5bd7af..6baa37a 100644
--- a/src/util/vircommand.c
+++ b/src/util/vircommand.c
@@ -124,6 +124,8 @@ struct _virCommand {
unsigned long long maxMemLock;
unsigned int maxProcesses;
unsigned int maxFiles;
+ bool setMaxCore;
+ unsigned long long maxCore;
uid_t uid;
gid_t gid;
@@ -687,6 +689,9 @@ virExec(virCommandPtr cmd)
goto fork_error;
if (virProcessSetMaxFiles(0, cmd->maxFiles) < 0)
goto fork_error;
+ if (cmd->setMaxCore &&
+ virProcessSetMaxCoreSize(0, cmd->maxCore) < 0)
+ goto fork_error;
if (cmd->hook) {
VIR_DEBUG("Run hook %p %p", cmd->hook, cmd->opaque);
@@ -1105,6 +1110,15 @@ virCommandSetMaxFiles(virCommandPtr cmd, unsigned int files)
cmd->maxFiles = files;
}
+void virCommandSetMaxCoreSize(virCommandPtr cmd, unsigned long long bytes)
+{
+ if (!cmd || cmd->has_error)
+ return;
+
+ cmd->maxCore = bytes;
+ cmd->setMaxCore = true;
+}
+
void virCommandSetUmask(virCommandPtr cmd, int mask)
{
if (!cmd || cmd->has_error)
diff --git a/src/util/vircommand.h b/src/util/vircommand.h
index 44818ef..99dcdeb 100644
--- a/src/util/vircommand.h
+++ b/src/util/vircommand.h
@@ -75,6 +75,7 @@ void virCommandSetUID(virCommandPtr cmd, uid_t uid);
void virCommandSetMaxMemLock(virCommandPtr cmd, unsigned long long bytes);
void virCommandSetMaxProcesses(virCommandPtr cmd, unsigned int procs);
void virCommandSetMaxFiles(virCommandPtr cmd, unsigned int files);
+void virCommandSetMaxCoreSize(virCommandPtr cmd, unsigned long long bytes);
void virCommandSetUmask(virCommandPtr cmd, int umask);
void virCommandClearCaps(virCommandPtr cmd);
diff --git a/src/util/virprocess.c b/src/util/virprocess.c
index 09dd3c9..2b71445 100644
--- a/src/util/virprocess.c
+++ b/src/util/virprocess.c
@@ -914,6 +914,42 @@ virProcessSetMaxFiles(pid_t pid ATTRIBUTE_UNUSED, unsigned int files)
}
#endif /* ! (HAVE_SETRLIMIT && defined(RLIMIT_NOFILE)) */
+#if HAVE_SETRLIMIT && defined(RLIMIT_CORE)
+int
+virProcessSetMaxCoreSize(pid_t pid, unsigned long long bytes)
+{
+ struct rlimit rlim;
+
+ rlim.rlim_cur = rlim.rlim_max = bytes;
+ if (pid == 0) {
+ if (setrlimit(RLIMIT_CORE, &rlim) < 0) {
+ virReportSystemError(errno,
+ _("cannot limit core file size to %llu"),
+ bytes);
+ return -1;
+ }
+ } else {
+ if (virProcessPrLimit(pid, RLIMIT_CORE, &rlim, NULL) < 0) {
+ virReportSystemError(errno,
+ _("cannot limit core file size "
+ "of process %lld to %llu"),
+ (long long int)pid, bytes);
+ return -1;
+ }
+ }
+ return 0;
+}
+#else /* ! (HAVE_SETRLIMIT && defined(RLIMIT_CORE)) */
+int
+virProcessSetMaxCoreSize(pid_t pid ATTRIBUTE_UNUSED,
+ unsigned long long bytes ATTRIBUTE_UNUSED)
+{
+ virReportSystemError(ENOSYS, "%s", _("Not supported on this platform"));
+ return -1;
+}
+#endif /* ! (HAVE_SETRLIMIT && defined(RLIMIT_CORE)) */
+
+
#ifdef __linux__
/*
* Port of code from polkitunixprocess.c under terms
diff --git a/src/util/virprocess.h b/src/util/virprocess.h
index a7a1fe9..04e9802 100644
--- a/src/util/virprocess.h
+++ b/src/util/virprocess.h
@@ -75,6 +75,7 @@ int virProcessSetNamespaces(size_t nfdlist,
int virProcessSetMaxMemLock(pid_t pid, unsigned long long bytes);
int virProcessSetMaxProcesses(pid_t pid, unsigned int procs);
int virProcessSetMaxFiles(pid_t pid, unsigned int files);
+int virProcessSetMaxCoreSize(pid_t pid, unsigned long long bytes);
int virProcessGetMaxMemLock(pid_t pid, unsigned long long *bytes);
--
2.7.4
8 years, 5 months