Re: [libvirt] libvirt-python: memory leak after GetXMLDesc?
Hi Jun'ichi, Which are libvirt version and OS you're using? I also found a leak of XMLDesc() via valgrind, I think the generator should fix this, but you may wait for developers reply, thanks for reporting this. valgrind ==14265== 2,407 bytes in 1 blocks are definitely lost in loss record 1,457 of 1,550 ==14265==at 0x4C2845D: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==14265==by 0x5C46624: xdr_string (in /usr/lib64/libc-2.17.so) ==14265==by 0xCFD9FCD: xdr_remote_nonnull_string (remote_protocol.c:31) ==14265==by 0xCFDC2C8: xdr_remote_domain_get_xml_desc_ret (remote_protocol.c:1617) ==14265==by 0xCFF0811: virNetMessageDecodePayload (virnetmessage.c:407) ==14265==by 0xCFE68FB: virNetClientProgramCall (virnetclientprogram.c:379) ==14265==by 0xCFBE8B1: callFull.isra.2 (remote_driver.c:6578) ==14265==by 0xCFC7F04: remoteDomainGetXMLDesc (remote_driver.c:6600) ==14265==by 0xCF8167C: virDomainGetXMLDesc (libvirt.c:4380) ==14265==by 0xCC2C4DF: libvirt_virDomainGetXMLDesc (libvirt.c:1141) ==14265==by 0x4F12B93: PyEval_EvalFrameEx (in /usr/lib64/libpython2.7.so.1.0) ==14265==by 0x4F141AC: PyEval_EvalCodeEx (in /usr/lib64/libpython2.7.so.1.0) /valgrind -- Regards, Alex - Original Message - From: Junichi Nomura j-nom...@ce.jp.nec.com To: libvir-list@redhat.com Sent: Friday, September 12, 2014 2:56:10 PM Subject: [libvirt] libvirt-python: memory leak after GetXMLDesc? Hello, I've observed memory leak in long-running python program and suspects a bug in libvirt-python. libvirt-python contains auto-generated code like this: libvirt_virDomainGetXMLDesc(...) { ... LIBVIRT_BEGIN_ALLOW_THREADS; c_retval = virDomainGetXMLDesc(domain, flags); LIBVIRT_END_ALLOW_THREADS; py_retval = libvirt_charPtrWrap((char *) c_retval); return py_retval; } virDomainGetXMLDesc() expects the caller to free c_retval. Though it used to be freed in libvirt_charPtrWrap(), commit bb3301ba (Don't free passed in args in libvirt_charPtrWrap / libvirt_charPtrSizeWrap) has moved the responsibility to the outside. So, it seems either GetXMLDesc should not depend on auto-generation or the generator should be fixed. Any comments? -- Jun'ichi Nomura, NEC Corporation -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] daemon: Enhance documentation for changinging NOFILE limit
BTW, I filed a similar bug 1059518 for LXC guide. -- Regards, Alex - Original Message - From: Eric Blake ebl...@redhat.com To: libvir-list@redhat.com Sent: Tuesday, February 11, 2014 12:51:23 AM Subject: Re: [libvirt] [PATCH] daemon: Enhance documentation for changinging NOFILE limit On 02/10/2014 07:26 AM, Jiri Denemark wrote: Signed-off-by: Jiri Denemark jdene...@redhat.com --- daemon/libvirtd.sysconf | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/daemon/libvirtd.sysconf b/daemon/libvirtd.sysconf index 3af1f03..06f6a2c 100644 --- a/daemon/libvirtd.sysconf +++ b/daemon/libvirtd.sysconf @@ -20,5 +20,7 @@ # #SDL_AUDIODRIVER=pulse -# Override the maximum number of opened files +# Override the maximum number of opened files. +# This only works with traditional init scripts. In systemd world, limits s/In/In the/ +# can only be changed by setting LimitNOFILE in libvirtd.service unit file. #LIBVIRTD_NOFILES_LIMIT=2048 Doesn't systemd provide a way to provide tuning to a service unit file by modifying /usr/lib/systemd/system/* while still inheriting defaults from the installed /etc/systemd/system/*? That is, should our comment be a hint to the user to modify the files under their direct control instead of telling them to modify the files installed by rpm? -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] po/zh_CN.po : Fix 2 Chinese typo
Hi taget, In fact, there are many Chinese translation questions in po/zh_CN.po, the following is a example, if you can help fix them together, it will be great! msgid UNIX domain sockets are not supported on this platform msgstr 这个平台不支持 UNIX 域插槽 s/插槽/套接字/,the 'domain' is translated as '域', it should be correct. msgid bad domain msgstr 坏域 But, in here, the 'domain' means a virtual machine, so s/域/虚拟机/ msgid A close callback is already registered msgstr 已注册 close 回叫 s/回叫/回调/ msgid Block I/O tuning is not available on this host msgstr 这台主机中无法使用阻断 I/O调节 s/阻断/块/ Memory balloon device type '%s' is not supported by this version of qemu msgstr qemu 的这个版本不支持内存布尔设备类型 '%s' s/布尔/气球/ -- Thanks in advance, Alex - Original Message - From: ta...@linux.vnet.ibm.com To: libvir-list@redhat.com Sent: Wednesday, December 4, 2013 1:41:19 PM Subject: [libvirt] [PATCH] po/zh_CN.po : Fix 2 Chinese typo From: Eli Qiao ta...@linux.vnet.ibm.com Signed-off-by: Eli Qiao ta...@linux.vnet.ibm.com --- po/zh_CN.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/po/zh_CN.po b/po/zh_CN.po index f7c0cb3..e52bda1 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po @@ -17598,7 +17598,7 @@ msgstr 读取 %s 日志输出时超出范围:%s #: src/qemu/qemu_process.c:1542 #, c-format msgid Process exited while reading %s log output: %s -msgstr 读取 %s 日志输出时进程推出:%s +msgstr 读取 %s 日志输出时进程退出:%s #: src/qemu/qemu_process.c:1557 #, c-format @@ -17613,7 +17613,7 @@ msgstr 没有为设备 %s 分配 pty #: src/qemu/qemu_process.c:1845 #, c-format msgid process exited while connecting to monitor: %s -msgstr 连接到监控程序时进程推出:%s +msgstr 连接到监控程序时进程退出:%s #: src/qemu/qemu_process.c:1938 msgid Failed to convert nodeset to cpuset -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Fix virsh net-info output for consistency
ACK. -- Regards, Alex - Original Message - From: h...@redhat.com To: libvir-list@redhat.com Sent: Tuesday, November 19, 2013 2:20:57 PM Subject: [libvirt] [PATCH] Fix virsh net-info output for consistency From: Hao Liu h...@redhat.com All *-info virsh commands output a list of comma seperated key-val pairs. But virsh net-info command misses this comma for key Name and UUID. Signed-off-by: Hao Liu h...@redhat.com --- tools/virsh-network.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/virsh-network.c b/tools/virsh-network.c index 8ddd5ca..44a676b 100644 --- a/tools/virsh-network.c +++ b/tools/virsh-network.c @@ -367,10 +367,10 @@ cmdNetworkInfo(vshControl *ctl, const vshCmd *cmd) if (!(network = vshCommandOptNetwork(ctl, cmd, NULL))) return false; -vshPrint(ctl, %-15s %s\n, _(Name), virNetworkGetName(network)); +vshPrint(ctl, %-15s %s\n, _(Name:), virNetworkGetName(network)); if (virNetworkGetUUIDString(network, uuid) == 0) -vshPrint(ctl, %-15s %s\n, _(UUID), uuid); +vshPrint(ctl, %-15s %s\n, _(UUID:), uuid); active = virNetworkIsActive(network); if (active = 0) -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-test-API][PATCH] npiv: Add basic NPIV test case
On 10/22/2013 12:28 PM, jmiao wrote: The original NPIV test function create_virtual_hba doesn't check the validation of fabric_wwn, this patch modify create_virtual_hba to check fabric_wwn whether is invalid (0x). Is it always right for different vendor's HBAs? IMHO, you may check 'port_state' of the fc_host, as usual, it may be 'Online'/'Linkup' or 'Offline'/'Linkdown', if the state is former, and then you can create a vHBA, otherwise, you will hit error like error: Write of ':' to '/sys/class/fc_host/host$NUM/vport_create' during vport create/delete failed: Operation not supported. e.g. # cat /tmp/check_vhba.sh for i in $(virsh nodedev-list --cap scsi_host); do if virsh nodedev-dumpxml $i | grep vport_ops /dev/null; then echo $i; fi done # sh /tmp/check_vhba.sh scsi_host4 scsi_host5 # ls /sys/class/fc_host/ host4 host5 # cat /sys/class/fc_host/host4/port_state Linkdown # cat /sys/class/fc_host/host5/port_state Online # cat /tmp/vhba.scsi_host4.xml device parentscsi_host4/parent capability type='scsi_host' capability type='fc_host' /capability /capability /device # virsh nodedev-create /tmp/vhba.scsi_host4.xml error: Failed to create node device from /tmp/vhba.scsi_host4.xml error: Write of '5001a4aeea4b54c9:5001a4a9c0f07593' to '/sys/class/fc_host/host4/vport_create' during vport create/delete failed: Operation not supported # cat /tmp/vhba.scsi_host5.xml device parentscsi_host5/parent capability type='scsi_host' capability type='fc_host' /capability /capability /device # virsh nodedev-create /tmp/vhba.scsi_host5.xml Node device scsi_host6 created from /tmp/vhba.scsi_host5.xml Alex One the other hand, add a function destroy_virtual_hba to clean the vHBA which is created by create_virtual_hba. Add a global variable wwnn to global.cfg for create_virtual_hba. And add the test case conf file basic_npiv.conf. Signed-off-by: jmiaojm...@redhat.com --- cases/basic_npiv.conf | 3 +++ global.cfg| 10 - repos/npiv/create_virtual_hba.py | 24 +++- repos/npiv/destroy_virtual_hba.py | 46 +++ 4 files changed, 72 insertions(+), 11 deletions(-) create mode 100644 cases/basic_npiv.conf create mode 100644 repos/npiv/destroy_virtual_hba.py diff --git a/cases/basic_npiv.conf b/cases/basic_npiv.conf new file mode 100644 index 000..b9cbd04 --- /dev/null +++ b/cases/basic_npiv.conf @@ -0,0 +1,3 @@ +npiv:create_virtual_hba + +npiv:destroy_virtual_hba diff --git a/global.cfg b/global.cfg index db8f71e..a35b985 100644 --- a/global.cfg +++ b/global.cfg @@ -210,7 +210,15 @@ testnic = eth1 # a PCI device to use for attach/detach/reset tests # for example testpci = 00:19.0 -testpci = +testpci = 00:19.0 + + +# +# NPIV wwpn +# + +# a word wide port name to use for create_virtual_hba tests +wwnn = # diff --git a/repos/npiv/create_virtual_hba.py b/repos/npiv/create_virtual_hba.py index 0a02a9b..b637127 100644 --- a/repos/npiv/create_virtual_hba.py +++ b/repos/npiv/create_virtual_hba.py @@ -21,7 +21,7 @@ def check_nodedev_create(wwpn, device_name): vport name in all FC list, to see if it exists. -pname_list = commands.getoutput(ls -1 -d /sys/class/*_host/host*/* \ +pname_list = commands.getoutput(ls -1 -d /sys/class/*_host/host*/* | grep port_name) for pname in pname_list.split(\n): portid = open(pname).read()[2:].strip('\n') @@ -38,11 +38,11 @@ def check_nodedev_parent(nodedev_obj, device_parent, device_name): current_parent = nodedev_obj.parent() if device_parent == current_parent: -logger.info(The parent of node device '%s' is %s \ +logger.info(The parent of node device '%s' is %s % (device_name, current_parent)) return True else: -logger.info(Refer to bug 593995. The parent of node device \ +logger.info(Refer to bug 593995. The parent of node device '%s' is '%s' % (device_name, current_parent)) return False @@ -63,35 +63,39 @@ def create_virtual_hba(params): fc_xml = nodedev.XMLDesc(0) fc_cap = re.search('vport_ops', fc_xml) if fc_cap: +doc = xml.dom.minidom.parseString(fc_xml) +logger.info(NPIV support on '%s' % fc_name) +fabric_wwn = doc.getElementsByTagName('fabric_wwn')[0].childNodes[0].nodeValue.encode('ascii', 'ignore') +if fabric_wwn == '': +logger.info(fabric_wwn of '%s' is % fc_name) +continue device_parent = fc_name xmlstr = xmlstr.replace('PARENT', device_parent) -doc
Re: [libvirt] rpmbuild libvirt 1.1.2 problem
Hi Martin, BTW, I met the same question, and I ran 'make check' under root. -- Regards, Alex - Original Message - From: Martin Kletzander mklet...@redhat.com To: Nehal J Wani nehaljw.k...@gmail.com Cc: libvir-list libvir-list@redhat.com, jsjshaowen...@21cn.com Sent: Thursday, September 12, 2013 4:29:32 PM Subject: Re: [libvirt] rpmbuild libvirt 1.1.2 problem On 09/11/2013 07:18 PM, Nehal J Wani wrote: On Wed, Sep 11, 2013 at 10:17 AM, jsjshaowen...@21cn.com wrote: hi: i build rpm in centos 6.2, libvirt version 1.1.2,i found an error FAIL: virsh-uriprecedence Details in the attachment,thanks !Wait for a response Reproducible on Cent OS 6.4 x86_64 See attached log for details. I've identified the problem; we aren't correctly reading file paths when running as root. Are you running make check under root? Martin -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] tools: add missing 'interface' type and update man page
Signed-off-by: Alex Jia a...@redhat.com --- tools/virt-xml-validate.in | 19 +++ 1 files changed, 19 insertions(+), 0 deletions(-) diff --git a/tools/virt-xml-validate.in b/tools/virt-xml-validate.in index 6bfa68f..8be9595 100644 --- a/tools/virt-xml-validate.in +++ b/tools/virt-xml-validate.in @@ -83,6 +83,9 @@ if [ -z $TYPE ]; then *secret*) TYPE=secret ;; + *interface*) +TYPE=interface +;; *) echo $0: cannot determine schema type for $XMLFILE 2 exit 3 @@ -124,6 +127,10 @@ Valid schema names currently include =over 4 +=item Cdomainsnapshot + +The schema for the XML format used by domain snapshot configuration + =item Cdomain The schema for the XML format used by guest domains configuration @@ -148,6 +155,18 @@ The schema for the XML format used by node device descriptions The schema for the XML format used to declare driver capabilities +=item Cnwfilter + +The schema for the XML format used by network traffic filters + +=item Csecret + +The schema for the XML format used by secrets descriptions + +=item Cinterface + +The schema for the XML format used by virtual interface + =back =head1 OPTIONS -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Docs: fix a typo in virt-login-shell.pod
Thanks and pushed now. -- Regards, Alex - Original Message - From: Peter Krempa pkre...@redhat.com To: Alex Jia a...@redhat.com Cc: libvir-list@redhat.com Sent: Tuesday, September 3, 2013 3:35:43 PM Subject: Re: [libvirt] [PATCH] Docs: fix a typo in virt-login-shell.pod On 09/03/13 05:52, Alex Jia wrote: Signed-off-by: Alex Jia a...@redhat.com --- tools/virt-login-shell.pod |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/tools/virt-login-shell.pod b/tools/virt-login-shell.pod index e27d500..bcd7855 100644 --- a/tools/virt-login-shell.pod +++ b/tools/virt-login-shell.pod @@ -11,7 +11,7 @@ Bvirt-login-shell The Bvirt-login-shell program is a setuid shell that is used to join an LXC container that matches the user's name. If the container is not running, virt-login-shell will attempt to start the container. -virt-sandbox-shell is not allowed to be run by root. Normal users will get +virt-login-shell is not allowed to be run by root. Normal users will get added to a container that matches their username, if it exists, and they are configured in /etc/libvirt/virt-login-shell.conf. ACK. Peter -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] Docs: fix a typo in virt-login-shell.pod
Signed-off-by: Alex Jia a...@redhat.com --- tools/virt-login-shell.pod |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/tools/virt-login-shell.pod b/tools/virt-login-shell.pod index e27d500..bcd7855 100644 --- a/tools/virt-login-shell.pod +++ b/tools/virt-login-shell.pod @@ -11,7 +11,7 @@ Bvirt-login-shell The Bvirt-login-shell program is a setuid shell that is used to join an LXC container that matches the user's name. If the container is not running, virt-login-shell will attempt to start the container. -virt-sandbox-shell is not allowed to be run by root. Normal users will get +virt-login-shell is not allowed to be run by root. Normal users will get added to a container that matches their username, if it exists, and they are configured in /etc/libvirt/virt-login-shell.conf. -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] qemu: Add missing VIR_DOMAIN_BLOCK_COMMIT_DELETE flags
The flag VIR_DOMAIN_BLOCK_COMMIT_DELETE is missed by qemuDomainBlockCommit(), and then will hit error unsupported flags (0x2) in function qemuDomainBlockCommit if users run 'virsh blockcommit' with '--delete' option. RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1001475 Signed-off-by: Alex Jia a...@redhat.com --- src/qemu/qemu_driver.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index ed29373..8863124 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -1,7 +1,8 @@ qemuDomainBlockCommit(virDomainPtr dom, const char *path, const char *base, const char *base_canon = NULL; bool clean_access = false; -virCheckFlags(VIR_DOMAIN_BLOCK_COMMIT_SHALLOW, -1); +virCheckFlags(VIR_DOMAIN_BLOCK_COMMIT_SHALLOW | + VIR_DOMAIN_BLOCK_COMMIT_DELETE, -1); if (!(vm = qemuDomObjFromDomain(dom))) goto cleanup; -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] qemu: Add missing VIR_DOMAIN_BLOCK_COMMIT_DELETE flags
On 08/27/2013 04:47 PM, Peter Krempa wrote: On 08/27/13 09:53, Alex Jia wrote: The flag VIR_DOMAIN_BLOCK_COMMIT_DELETE is missed by qemuDomainBlockCommit(), and then will hit error unsupported flags (0x2) in function qemuDomainBlockCommit if users run 'virsh blockcommit' with '--delete' option. RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1001475 Signed-off-by: Alex Jiaa...@redhat.com --- src/qemu/qemu_driver.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index ed29373..8863124 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -1,7 +1,8 @@ qemuDomainBlockCommit(virDomainPtr dom, const char *path, const char *base, const char *base_canon = NULL; bool clean_access = false; -virCheckFlags(VIR_DOMAIN_BLOCK_COMMIT_SHALLOW, -1); +virCheckFlags(VIR_DOMAIN_BLOCK_COMMIT_SHALLOW | + VIR_DOMAIN_BLOCK_COMMIT_DELETE, -1); if (!(vm = qemuDomObjFromDomain(dom))) goto cleanup; The code doesn't seem to support the BLOCK_COMMIT_DELETE flag. It was Yes, the codes haven't any implementation for BLOCK_COMMIT_DELETE flag now, maybe, only need to raise a friendly error message in here instead of unsupported flags (0x2) . probably just added as a future expansion. Eric, could you clarify this please? NACK to this patch: qemuDomainBlockCommit doesn't mention VIR_DOMAIN_BLOCK_COMMIT_DELETE anywhere, nor it uses the flags argument to pass down. Peter -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] qemu: Add missing VIR_DOMAIN_BLOCK_COMMIT_DELETE flags
On 08/27/2013 07:59 PM, Eric Blake wrote: On 08/27/2013 03:37 AM, Michal Privoznik wrote: Yes, the codes haven't any implementation for BLOCK_COMMIT_DELETE flag now, maybe, only need to raise a friendly error message in here instead of unsupported flags (0x2) . I agree that this error message is not user-friendly. Bare virsh users know nothing about our flags and their numerical expression. However, I don't think there is a way how to produce Unsupported flag VIR_DOMAIN_BLOCK_COMMIT_DELETE instead of Unsupported flag 0x2 since all we see in the qemuDomainBlockCommit() function is just number. I mean, mapping of flag onto numeric value is not one-to-one function (aka injective function). That is, a value 0x2 can express VIR_DOMAIN_BLOCK_COMMIT_DELETE, VIR_DOMAIN_START_AUTODESTROY, VIR_DUMP_DESTROY, etc. (git grep 1 1, include/). If we want to make it work, we have to introduce an injective function, e.g. virUnsupportedFlags(), which would accept a list (not an ORed value) of all flags that are not supported. Too much effort for not much outcome. Agreed - it may not be the nicest of messages, but it is a CORRECT message, and one that will eventually go away when we actually implement things, so it isn't worth the churn of making a temporarily nicer message just to rip it back out later when things are properly implemented. Agree, it isn't worth changing a temporarily nicer message now. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] virsh: fix return value error of cpu-stats
On 08/26/2013 05:11 PM, Pavel Hrdina wrote: On 26.8.2013 07:11, Alex Jia wrote: On 08/23/2013 06:22 PM, Guannan Ren wrote: virsh cpu-stats guest --start 0 --count 3 It outputs right but the return value is 1 rather than 0 echo $? 1 It's ok with libvirt-0.10.2-23.el6.x86_64 on RHEL6.y, but failed with libvirt-1.1.1-2.el7.x86_64 on RHEL7.y, it's a little wired, the commit 73b89ed8 is introduced since 2012-07-25, and Michal only switches it to c99 initialization of vshCmdDef after that, except this, nobody changes the cmdCPUStats(), maybe, we have different patches about cmdCPUStats() between RHEL6.y and RHEL7.y? This bug has been introduced by commit a54f25a9. Yes, thanks, I gave a error keyword 'cmdCPUStats' on the following cmdline. # git blame tools/virsh-domain.c | grep cmdCPUStats Found by running libvirt-autotest ./run -t libvirt --tests virsh_cpu_stats --- tools/virsh-domain.c | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index b29f934..bcf495c 100644 --- a/tools/virsh-domain.c +++ b/tools/virsh-domain.c @@ -6350,7 +6350,9 @@ cmdCPUStats(vshControl *ctl, const vshCmd *cmd) if (!nparams) { vshPrint(ctl, %s, _(No per-CPU stats available)); -goto do_show_total; +if (show_total) +goto do_show_total; +goto cleanup; } if (VIR_ALLOC_N(params, nparams * MIN(show_count, 128)) 0) @@ -6389,10 +6391,12 @@ cmdCPUStats(vshControl *ctl, const vshCmd *cmd) } VIR_FREE(params); -do_show_total: -if (!show_total) +if (!show_total) { +ret = true; goto cleanup; +} +do_show_total: /* get supported num of parameter for total statistics */ if ((nparams = virDomainGetCPUStats(dom, NULL, 0, -1, 1, flags)) 0) goto failed_stats; -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] util: Fix crash of libvirtd when running numatune with invalid nodeset
On 08/16/2013 07:42 PM, Eric Blake wrote: On 08/16/2013 01:47 AM, Alex Jia wrote: This issue is introduced by commit 0fc8909, the virBitmapIsSet() needs caller to ensure 'b bitmap-max_bit', but it's lost in the virBitmapParse() caller, this will cause crash of libvirtd, with the patch, libvirtd no crash and can get a expected error Failed to parse nodeset. --- The caller virBitmapGetBit() can make sure 'b bitmap-max_bit', so don't need to worry about higher caller for the virBitmapGetBit(), but the virBitmapParse() is called by many XML parser function, not sure which one can crash libvirtd with read-only client then probably require a CVE, I haven't a good way to check them now and only manually check them one by one. If you are worried that a bug might be a CVE, it is best to practice responsible disclosure, and NOT post the patch upstream, but instead post to libvirt-secur...@redhat.com. That way, the problem can be Got it, if I think a bug might be a CVE then will post the patch to libvirt-secur...@redhat.com next time, thanks. discussed without public disclosure, rather than calling attention to the fact and making it easier to design a 0-day exploit. But now that this is already publicly disclosed, we have to hurry up both the fix, and our analysis of whether it is exploitable. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] util: Fix crash of libvirtd when running numatune with invalid nodeset
This issue is introduced by commit 0fc8909, the virBitmapIsSet() needs caller to ensure 'b bitmap-max_bit', but it's lost in the virBitmapParse() caller, this will cause crash of libvirtd, with the patch, libvirtd no crash and can get a expected error Failed to parse nodeset. How to reproduce? # virsh numatune foo --nodeset 10 Actual result: error: Unable to change numa parameters error: End of file while reading data: Input/output error error: One or more references were leaked after disconnect from the hypervisor error: Failed to reconnect to the hypervisor GDB backtrace: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7f80ee533700 (LWP 4156)] 0x7f80fb1b8906 in virBitmapIsSet (str=value optimized out, terminator=0 '\000', bitmap=0x7f80ee532978, bitmapSize=value optimized out) at util/virbitmap.c:158 158 return !!(bitmap-map[VIR_BITMAP_UNIT_OFFSET(b)] VIR_BITMAP_BIT(b)); (gdb) bt #0 0x7f80fb1b8906 in virBitmapIsSet (str=value optimized out, terminator=0 '\000', bitmap=0x7f80ee532978, bitmapSize=value optimized out) at util/virbitmap.c:158 #1 virBitmapParse (str=value optimized out, terminator=0 '\000', bitmap=0x7f80ee532978, bitmapSize=value optimized out) at util/virbitmap.c:351 #2 0x7f80e5e7ef6b in qemuDomainSetNumaParameters (dom=value optimized out, params=value optimized out, nparams=1, flags=2) at qemu/qemu_driver.c:8357 #3 0x7f80fb2ad7c6 in virDomainSetNumaParameters (domain=0x7f80d4000930, params=0x7f80d4000b00, nparams=1, flags=0) at libvirt.c:4163 #4 0x7f80fbcd17ec in remoteDispatchDomainSetNumaParameters (server=value optimized out, client=value optimized out, msg=value optimized out, rerr=0x7f80ee532ba0, args=value optimized out, ret=value optimized out) at remote_dispatch.h:7771 #5 remoteDispatchDomainSetNumaParametersHelper (server=value optimized out, client=value optimized out, msg=value optimized out, rerr=0x7f80ee532ba0, args=value optimized out, ret=value optimized out) at remote_dispatch.h:7741 #6 0x7f80fb2f6518 in virNetServerProgramDispatchCall (prog=0x7f80fd33a990, server=0x7f80fd32f3e0, client=0x7f80fd33fe30, msg=0x7f80fd33e550) at rpc/virnetserverprogram.c:435 #7 virNetServerProgramDispatch (prog=0x7f80fd33a990, server=0x7f80fd32f3e0, client=0x7f80fd33fe30, msg=0x7f80fd33e550) at rpc/virnetserverprogram.c:305 #8 0x7f80fb2f9dd6 in virNetServerProcessMsg (srv=value optimized out, client=0x7f80fd33fe30, prog=value optimized out, msg=0x7f80fd33e550) at rpc/virnetserver.c:165 #9 0x7f80fb2fa9f3 in virNetServerHandleJob (jobOpaque=value optimized out, opaque=value optimized out) at rpc/virnetserver.c:186 #10 0x7f80fb20210e in virThreadPoolWorker (opaque=value optimized out) at util/virthreadpool.c:144 #11 0x7f80fb2016f6 in virThreadHelper (data=value optimized out) at util/virthreadpthread.c:161 #12 0x7f80f8d857f1 in start_thread (arg=0x7f80ee533700) at pthread_create.c:301 #13 0x7f80f86bb70d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115 RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=997367 Signed-off-by: Alex Jia a...@redhat.com --- The caller virBitmapGetBit() can make sure 'b bitmap-max_bit', so don't need to worry about higher caller for the virBitmapGetBit(), but the virBitmapParse() is called by many XML parser function, not sure which one can crash libvirtd with read-only client then probably require a CVE, I haven't a good way to check them now and only manually check them one by one. src/util/virbitmap.c |3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/src/util/virbitmap.c b/src/util/virbitmap.c index 7e1cd02..edbfb30 100644 --- a/src/util/virbitmap.c +++ b/src/util/virbitmap.c @@ -337,6 +337,9 @@ virBitmapParse(const char *str, if (start 0) goto parse_error; +if ((*bitmap)-max_bit = start) +goto parse_error; + cur = tmp; virSkipSpaces(cur); -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] virsh-domain: Fix memleak in cmdCPUBaseline
ACK. -- Regards, Alex - Original Message - From: Peter Krempa pkre...@redhat.com To: libvir-list@redhat.com Cc: Peter Krempa pkre...@redhat.com Sent: Friday, August 16, 2013 4:38:59 PM Subject: [libvirt] [PATCH] virsh-domain: Fix memleak in cmdCPUBaseline https://bugzilla.redhat.com/show_bug.cgi?id=997765 ==1349431== 8 bytes in 1 blocks are definitely lost in loss record 11 of 760 ==1349431==at 0x4C2A554: calloc (vg_replace_malloc.c:593) ==1349431==by 0x4E9AA3E: virAllocN (in /usr/lib64/libvirt.so.0.1001.1) ==1349431==by 0x4EF28C4: virXPathNodeSet (in /usr/lib64/libvirt.so.0.1001.1) ==1349431==by 0x130B83: cmdCPUBaseline (in /usr/bin/virsh) ==1349431==by 0x12C608: vshCommandRun (in /usr/bin/virsh) ==1349431==by 0x12889A: main (in /usr/bin/virsh) --- Pushed as trivial. tools/virsh-domain.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index ab3804a..18fcb3e 100644 --- a/tools/virsh-domain.c +++ b/tools/virsh-domain.c @@ -6238,6 +6238,7 @@ cleanup: } VIR_FREE(list); VIR_FREE(buffer); +VIR_FREE(node_list); return ret; -- 1.8.3.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [test-API][PATCH] Add display of cases result to log.xml
Hi hongming, BTW, could we ignore module or function name in Test Procedure section, because the module and entry function are the same name, it's a deliberately design, but the Test Procedure looks like a duplicate naming for others. slice network:define:define network:network_list:network_list network:start:start network:network_list:network_list network:autostart:autostart network:update:update /slice -- Regards, Alex - Original Message - From: hongming honzh...@redhat.com To: g...@redhat.com Cc: libvir-list@redhat.com Sent: Thursday, August 15, 2013 1:47:05 PM Subject: Re: [libvirt] [test-API][PATCH] Add display of cases result to log.xml Hi Guannan You can see the new test report from the following url. http://fileshare.englab.nay.redhat.com/pub/section3/libvirtauto/libvirt-test-API/log.xml Thanks Hongming On 08/15/2013 11:32 AM, Hongming Zhang wrote: The original log.xml only display the testrun result, the patch add display of case result to log.xml. modified: src/generator.py -Perserver case result list and pass it to log_generator class. modified: src/log.xsl -Read from xml and display case result modified: src/log_generator.py -Create case result xml and add it to log.xml --- src/generator.py |5 +++-- src/log.xsl | 23 --- src/log_generator.py | 16 ++-- 3 files changed, 37 insertions(+), 7 deletions(-) diff --git a/src/generator.py b/src/generator.py index 0cdc9de..208fa7b 100644 --- a/src/generator.py +++ b/src/generator.py @@ -87,7 +87,6 @@ class FuncGen(object): env_logger = envlog.env_log() casenumber = len(self.case_name_list) start_time = time.strftime(%Y-%m-%d %H:%M:%S) - env_logger.info(Checking Testing Environment... ) envck = env_inspect.EnvInspect(self.env, env_logger) @@ -103,6 +102,7 @@ class FuncGen(object): # retflag: [pass, fail, skip] retflag = [0, 0, 0] +case_retlist = [] for i in range(casenumber): clean_flag = False @@ -165,7 +165,7 @@ class FuncGen(object): retflag[2] += 1 self.fmt.print_end(mod_case, ret, env_logger) - +case_retlist.append(ret) # close hypervisor connection envck.close_hypervisor_connection() end_time = time.strftime(%Y-%m-%d %H:%M:%S) @@ -179,6 +179,7 @@ class FuncGen(object): self.log_xml_parser.add_test_summary(self.testrunid, self.testid, result, + case_retlist, start_time, end_time, self.logfile) diff --git a/src/log.xsl b/src/log.xsl index 577a0a5..0ca6afe 100644 --- a/src/log.xsl +++ b/src/log.xsl @@ -119,9 +119,10 @@ tr th width=5%No./th th width=5%Result/th - th width=12%Start/th - th width=12%End/th - th width=66%Test Procedure/th + th width=10%Start/th + th width=10%End/th + th width=65%Test Procedure/th + th width=5%Case Result/th /tr /thead tbody @@ -164,6 +165,22 @@ /xsl:for-each /table /td +td + table class=pro cellspacing=1 cellspan=0 + xsl:for-each select=caseresult/case +tr + td +xsl:if test=self::node()[text()='FAIL'] + tr class=failxsl:value-of select=current()//tr +/xsl:if +xsl:if test=self::node()[text()='PASS'] + tr class=passxsl:value-of select=current()//tr +/xsl:if + /td +/tr + /xsl:for-each + /table +/td /tr /xsl:for-each /tbody diff --git a/src/log_generator.py b/src/log_generator.py index be483d6..de18654 100644 --- a/src/log_generator.py +++ b/src/log_generator.py @@ -93,7 +93,7 @@ class LogGenerator(object): self. __write_to_file(xmldoc, self.logxml) -def add_test_summary(self, testrunid, testid, result, +def add_test_summary(self, testrunid, testid, result, case_retlist, start_time, end_time, path): add a test summary xml block into log xml file xmldoc = minidom.parse(self.logxml) @@ -101,6 +101,8 @@ class LogGenerator(object):
Re: [libvirt] [test-API][PATCH] Add display of cases result to log.xml
Gren, I think it should be enough if we can know which test cases is run, and should hide some details such as checkpoint and clean function. -- Regards, Alex - Original Message - From: Guannan Ren g...@redhat.com To: Alex Jia a...@redhat.com Cc: hongming honzh...@redhat.com, libvir-list@redhat.com Sent: Thursday, August 15, 2013 2:18:26 PM Subject: Re: [libvirt] [test-API][PATCH] Add display of cases result to log.xml On 08/15/2013 02:00 PM, Alex Jia wrote: Hi hongming, BTW, could we ignore module or function name in Test Procedure section, because the module and entry function are the same name, it's a deliberately design, but the Test Procedure looks like a duplicate naming for others. I agree with you. There are three pre-defined functions for each $testcase.py $testcase_check (optional) which is used to check if the testcase is runnable. $testcase which is the testing body for actual test work. $testcase_clean (optional) is used to clean testing environment after test. we can only list the names of $testcase_check and $testcase_clean in the third column and ignore the $testcase, do you think it is good idea? slice network:define:define network:network_list:network_list network:start:start network:network_list:network_list network:autostart:autostart network:update:update /slice -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] LXC: Helper function for checking ownership of dir when userns enabled
On 08/09/2013 01:53 PM, Chen Hanxiao wrote: From: Chen Hanxiaochenhanx...@cn.fujitsu.com If we enable userns, the ownership of dir we provided for containers should match the uid/gid in idmap. Currently, the debug log is very implicit or misleading sometimes. This patch will help clarify this for us when using debug log or virsh. Signed-off-by: Chen Hanxiaochenhanx...@cn.fujitsu.com --- src/lxc/lxc_container.c | 45 + 1 files changed, 45 insertions(+), 0 deletions(-) diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index b910b10..ce17466 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1815,6 +1815,48 @@ lxcNeedNetworkNamespace(virDomainDefPtr def) return false; } +/* + * Helper function for helping check + * whether we have enough privilege + * to operate the source dir when userns enabled + * @vmDef: pointer to vm definition structure + * Returns 0 on success or -1 in case of error + */ +static int +lxcContainerUsernsSrcOwnershipCheck(virDomainDefPtr vmDef) +{ +struct stat buf; +int i; +uid_t uid; +gid_t gid; + +for(i=0; i vmDef-nfss; i++) { +VIR_DEBUG(dst is %s, src is %s, +vmDef-fss[i]-dst, +vmDef-fss[i]-src); indention issue. + +uid = vmDef-idmap.uidmap[0].target; +gid = vmDef-idmap.gidmap[0].target; + +if (lstat(vmDef-fss[i]-src,buf) 0) { +virReportSystemError(errno, _(Cannot access '%s'), + vmDef-fss[i]-src); same as above. +return -1; +} else if(uid != buf.st_uid || gid != buf.st_gid) { +VIR_DEBUG(In userns uid is %d, gid is %d\n, +uid, gid); same as above. +errno = EINVAL; + +virReportSystemError(errno, +[userns] Src dir \%s\ does not belong to uid/gid:%d/%d, +vmDef-fss[i]-src, uid, gid); same as above. +return -1; +} +} + +return 0; +} + /** * lxcContainerStart: * @def: pointer to virtual machine structure @@ -1866,6 +1908,9 @@ int lxcContainerStart(virDomainDefPtr def, if (userns_supported()) { VIR_DEBUG(Enable user namespace); cflags |= CLONE_NEWUSER; +if(lxcContainerUsernsSrcOwnershipCheck(def) 0) { +return -1; +} } else { virReportSystemError(VIR_ERR_CONFIG_UNSUPPORTED, %s, _(Kernel doesn't support user namespace)); libvirt/.git/rebase-apply/patch:15: trailing whitespace. * whether we have enough privilege libvirt/.git/rebase-apply/patch:16: trailing whitespace. * to operate the source dir when userns enabled libvirt/.git/rebase-apply/patch:45: trailing whitespace. virReportSystemError(errno, libvirt/.git/rebase-apply/patch:51: trailing whitespace. warning: 4 lines add whitespace errors. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] LXC: Helper function for checking ownership of dir when userns enabled
On 08/09/2013 01:53 PM, Chen Hanxiao wrote: From: Chen Hanxiaochenhanx...@cn.fujitsu.com If we enable userns, the ownership of dir we provided for containers should match the uid/gid in idmap. Currently, the debug log is very implicit or misleading sometimes. This patch will help clarify this for us when using debug log or virsh. Signed-off-by: Chen Hanxiaochenhanx...@cn.fujitsu.com --- src/lxc/lxc_container.c | 45 + 1 files changed, 45 insertions(+), 0 deletions(-) diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index b910b10..ce17466 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1815,6 +1815,48 @@ lxcNeedNetworkNamespace(virDomainDefPtr def) return false; } +/* + * Helper function for helping check + * whether we have enough privilege + * to operate the source dir when userns enabled + * @vmDef: pointer to vm definition structure + * Returns 0 on success or -1 in case of error + */ +static int +lxcContainerUsernsSrcOwnershipCheck(virDomainDefPtr vmDef) +{ +struct stat buf; +int i; +uid_t uid; +gid_t gid; + +for(i=0; i vmDef-nfss; i++) { +VIR_DEBUG(dst is %s, src is %s, +vmDef-fss[i]-dst, +vmDef-fss[i]-src); + +uid = vmDef-idmap.uidmap[0].target; +gid = vmDef-idmap.gidmap[0].target; + +if (lstat(vmDef-fss[i]-src,buf) 0) { +virReportSystemError(errno, _(Cannot access '%s'), + vmDef-fss[i]-src); +return -1; +} else if(uid != buf.st_uid || gid != buf.st_gid) { +VIR_DEBUG(In userns uid is %d, gid is %d\n, +uid, gid); +errno = EINVAL; + +virReportSystemError(errno, +[userns] Src dir \%s\ does not belong to uid/gid:%d/%d, +vmDef-fss[i]-src, uid, gid); +return -1; +} +} + +return 0; +} + /** * lxcContainerStart: * @def: pointer to virtual machine structure @@ -1866,6 +1908,9 @@ int lxcContainerStart(virDomainDefPtr def, if (userns_supported()) { VIR_DEBUG(Enable user namespace); cflags |= CLONE_NEWUSER; +if(lxcContainerUsernsSrcOwnershipCheck(def) 0) { +return -1; +} } else { virReportSystemError(VIR_ERR_CONFIG_UNSUPPORTED, %s, _(Kernel doesn't support user namespace)); In addition, please run 'make syntax-check' firstly before committing patches. src/lxc/lxc_container.c:1835: for(i=0; i vmDef-nfss; i++) { src/lxc/lxc_container.c:1847: } else if(uid != buf.st_uid || gid != buf.st_gid) { src/lxc/lxc_container.c:1913: if(lxcContainerUsernsSrcOwnershipCheck(def) 0) { maint.mk: incorrect whitespace, see HACKING for rules make: *** [bracket-spacing-check] Error 1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH 0/2] Fix some issues in virt-sandbox-service
Alex Jia (2): Fix logical judgement in get_name Raise clear error message if no legacy configuration bin/virt-sandbox-service | 11 +-- 1 file changed, 9 insertions(+), 2 deletions(-) -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH 1/2] Fix logical judgement in get_name
Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox-service | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service index 03873c9..26b4a40 100755 --- a/bin/virt-sandbox-service +++ b/bin/virt-sandbox-service @@ -453,8 +453,12 @@ WantedBy=multi-user.target def get_name(self): if self.config: -return self.config.get_name() -raise ValueError([_(Name not configured)]) +name = self.config.get_name() +if not name: +raise ValueError([_(Name not configured)]) +return name +sys.stderr.write(The configuration %s does not exist\n % self.config) +sys.exit(1) def set_copy(self, copy): self.copy = copy -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH 2/2] Raise clear error message if no legacy configuration
Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox-service | 3 +++ 1 file changed, 3 insertions(+) diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service index 26b4a40..cb40f6a 100755 --- a/bin/virt-sandbox-service +++ b/bin/virt-sandbox-service @@ -965,6 +965,9 @@ def upgrade_config(args): configfile = get_legacy_config_path(args.name) if os.path.exists(configfile): upgrade_config_legacy(configfile) +else: +sys.stderr.write(No legacy '%s' configuration\n % args.name) +sys.exit(1) def upgrade_filesystem(args): -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH 2/2] Raise clear error message if no legacy configuration
On 08/09/2013 06:30 PM, Daniel P. Berrange wrote: On Fri, Aug 09, 2013 at 06:26:47PM +0800, Alex Jia wrote: Signed-off-by: Alex Jiaa...@redhat.com --- bin/virt-sandbox-service | 3 +++ 1 file changed, 3 insertions(+) diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service index 26b4a40..cb40f6a 100755 --- a/bin/virt-sandbox-service +++ b/bin/virt-sandbox-service @@ -965,6 +965,9 @@ def upgrade_config(args): configfile = get_legacy_config_path(args.name) if os.path.exists(configfile): upgrade_config_legacy(configfile) +else: +sys.stderr.write(No legacy '%s' configuration\n % args.name) +sys.exit(1) This isn't desired. This command is intended to be a no-op if nothing needs changing. It is not just about upgrading from this legacy config file layout. In the future I expet us to add more code here as we make further changes. So it is right to silently exit with success here, not report an error. Ok, got it and thanks for your review. Daniel -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH 1/2] Fix logical judgement in get_name
On 08/09/2013 06:29 PM, Daniel P. Berrange wrote: On Fri, Aug 09, 2013 at 06:26:46PM +0800, Alex Jia wrote: Please explain the scenario where you hit the flaw in the commit message. I can see what you've changed, but I don't see why you have changed it. The commit message must describe the 'why'. ok, I will explain it in v2. Signed-off-by: Alex Jiaa...@redhat.com --- bin/virt-sandbox-service | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service index 03873c9..26b4a40 100755 --- a/bin/virt-sandbox-service +++ b/bin/virt-sandbox-service @@ -453,8 +453,12 @@ WantedBy=multi-user.target def get_name(self): if self.config: -return self.config.get_name() -raise ValueError([_(Name not configured)]) +name = self.config.get_name() +if not name: +raise ValueError([_(Name not configured)]) +return name +sys.stderr.write(The configuration %s does not exist\n % self.config) +sys.exit(1) def set_copy(self, copy): self.copy = copy Daniel -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH v2] Fix logical judgement in get_name
As usual, this issue can't be hit, but from codes point of view, if deliberately remove 'name' in the configuration, and then the 'Name not congfigured' error message can't be raised unless the configuration file doesn't exist, in fact, the get_name() will directly return None without expected error. Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox-service | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service index 03873c9..26b4a40 100755 --- a/bin/virt-sandbox-service +++ b/bin/virt-sandbox-service @@ -453,8 +453,12 @@ WantedBy=multi-user.target def get_name(self): if self.config: -return self.config.get_name() -raise ValueError([_(Name not configured)]) +name = self.config.get_name() +if not name: +raise ValueError([_(Name not configured)]) +return name +sys.stderr.write(The configuration %s does not exist\n % self.config) +sys.exit(1) def set_copy(self, copy): self.copy = copy -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] virDomainCreateWithFlags error
On 08/08/2013 01:54 PM, Wangpan wrote: Hi all, I'm using 'libvirt 1.1.1-1 amd64' undef debian wheezy, I found that the return code is 139 when I run command: $ sudo virsh start df1c4670-18eb-4520-b5d8-aa8a492eb876 --paused; echo $? Thanks for reporting this issue, it's a libvirt's bug and we can reproduce your question on libvirt-1.1.1-2.el7.x86_64. 139 but the return code is OK(0) when run command: $ sudo virsh start df1c4670-18eb-4520-b5d8-aa8a492eb876; echo $? I found there is an error in libvirtd.log: 2013-08-08 05:40:23.983+: 16626: error : virNetSocketReadWire:1377 : End of file while reading data: Input/output error I found this issue by using openstack nova folsom, if I create an VM by nova, it will use dom.createWithFlags(0) to create the VM, but then the nova-compute process exited when this function is called, then I changed the createWithFlags(0) to create(), everything become OK. I also tried the function under python, and the python process exited, too. but the dom.create() method is OK, so I think this is a problem about libvirt. I want to know is this a reported bug? libvirt and kvm hypervisor version: Compiled against library: libvirt 1.1.1 Using library: libvirt 1.1.1 Using API: QEMU 1.1.1 Running hypervisor: QEMU 1.1.2 Thanks 2012-08-16 Wangpan -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] remote: Fix a segfault in remoteDomainCreateWithFlags
Valgrind defects memory error: ==16759== 1 errors in context 1 of 8: ==16759== Invalid free() / delete / delete[] / realloc() ==16759==at 0x4A074C4: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16759==by 0x83CD329: xdr_string (in /usr/lib64/libc-2.17.so) ==16759==by 0x4D93E4D: xdr_remote_nonnull_string (remote_protocol.c:31) ==16759==by 0x4D94350: xdr_remote_nonnull_domain (remote_protocol.c:58) ==16759==by 0x4D976C8: xdr_remote_domain_create_with_flags_ret (remote_protocol.c:1762) ==16759==by 0x83CC734: xdr_free (in /usr/lib64/libc-2.17.so) ==16759==by 0x4D7F1E0: remoteDomainCreateWithFlags (remote_driver.c:2441) ==16759==by 0x4D4BF17: virDomainCreateWithFlags (libvirt.c:9499) ==16759==by 0x13127A: cmdStart (virsh-domain.c:3376) ==16759==by 0x12BF83: vshCommandRun (virsh.c:1751) ==16759==by 0x126FFB: main (virsh.c:3205) ==16759== Address 0xe1394a0 is not stack'd, malloc'd or (recently) free'd ==16759== 1 errors in context 2 of 8: ==16759== Conditional jump or move depends on uninitialised value(s) ==16759==at 0x4A07477: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16759==by 0x83CD329: xdr_string (in /usr/lib64/libc-2.17.so) ==16759==by 0x4D93E4D: xdr_remote_nonnull_string (remote_protocol.c:31) ==16759==by 0x4D94350: xdr_remote_nonnull_domain (remote_protocol.c:58) ==16759==by 0x4D976C8: xdr_remote_domain_create_with_flags_ret (remote_protocol.c:1762) ==16759==by 0x83CC734: xdr_free (in /usr/lib64/libc-2.17.so) ==16759==by 0x4D7F1E0: remoteDomainCreateWithFlags (remote_driver.c:2441) ==16759==by 0x4D4BF17: virDomainCreateWithFlags (libvirt.c:9499) ==16759==by 0x13127A: cmdStart (virsh-domain.c:3376) ==16759==by 0x12BF83: vshCommandRun (virsh.c:1751) ==16759==by 0x126FFB: main (virsh.c:3205) ==16759== Uninitialised value was created by a stack allocation ==16759==at 0x4D7F120: remoteDomainCreateWithFlags (remote_driver.c:2423) How to reproduce? # virsh start domain --paused RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=994855 Signed-off-by: Alex Jia a...@redhat.com --- src/remote/remote_driver.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index f828eef..71d0034 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -2431,6 +2431,7 @@ remoteDomainCreateWithFlags(virDomainPtr dom, unsigned int flags) make_nonnull_domain(args.dom, dom); args.flags = flags; +memset(ret, 0, sizeof(ret)); if (call(dom-conn, priv, 0, REMOTE_PROC_DOMAIN_CREATE_WITH_FLAGS, (xdrproc_t)xdr_remote_domain_create_with_flags_args, (char *)args, (xdrproc_t)xdr_remote_domain_create_with_flags_ret, (char *)ret) == -1) { -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] virDomainCreateWithFlags error
Hi Wangpan, Here is a bug https://bugzilla.redhat.com/show_bug.cgi?id=994855, if you're familiar with bugzilla then you may file a bug by yourself next time, for details, please see the following link, thanks. http://libvirt.org/bugs.html -- Regards, Alex - Original Message - From: Alex Jia a...@redhat.com To: Wangpan hzwang...@corp.netease.com Cc: libvir-list libvir-list@redhat.com Sent: Thursday, August 8, 2013 2:30:09 PM Subject: Re: [libvirt] virDomainCreateWithFlags error On 08/08/2013 01:54 PM, Wangpan wrote: Hi all, I'm using 'libvirt 1.1.1-1 amd64' undef debian wheezy, I found that the return code is 139 when I run command: $ sudo virsh start df1c4670-18eb-4520-b5d8-aa8a492eb876 --paused; echo $? Thanks for reporting this issue, it's a libvirt's bug and we can reproduce your question on libvirt-1.1.1-2.el7.x86_64. 139 but the return code is OK(0) when run command: $ sudo virsh start df1c4670-18eb-4520-b5d8-aa8a492eb876; echo $? I found there is an error in libvirtd.log: 2013-08-08 05:40:23.983+: 16626: error : virNetSocketReadWire:1377 : End of file while reading data: Input/output error I found this issue by using openstack nova folsom, if I create an VM by nova, it will use dom.createWithFlags(0) to create the VM, but then the nova-compute process exited when this function is called, then I changed the createWithFlags(0) to create(), everything become OK. I also tried the function under python, and the python process exited, too. but the dom.create() method is OK, so I think this is a problem about libvirt. I want to know is this a reported bug? libvirt and kvm hypervisor version: Compiled against library: libvirt 1.1.1 Using library: libvirt 1.1.1 Using API: QEMU 1.1.1 Running hypervisor: QEMU 1.1.2 Thanks 2012-08-16 Wangpan -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [sandbox][PATCH v3] Fix delete of running container
On 08/08/2013 03:42 PM, Wayne Sun wrote: Delete running container is not supprted and will report an error. Related to bug: https://bugzilla.redhat.com/show_bug.cgi?id=994495 v1: Fix stop function and delete running container. v2: Delete running container is not allowed, spawn virsh to get domain status. v3: Using exist libvirt connection to get dom status. Signed-off-by: Wayne Sung...@redhat.com --- bin/virt-sandbox-service | 10 +- 1 files changed, 5 insertions(+), 5 deletions(-) diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service index 550d46c..03873c9 100755 --- a/bin/virt-sandbox-service +++ b/bin/virt-sandbox-service @@ -254,11 +254,11 @@ class Container: def delete(self): self.connect() -# Stop service if it is running -try: -self.stop() -except: -pass +self.conn.fetch_domains(None) +dom = self.conn.find_domain_by_name(self.name) +info = dom.get_info() +if info.state == LibvirtGObject.DomainState.RUNNING: +raise ValueError([_(Cannot delete running container)]) # Not sure we should remove content if os.path.exists(self.dest): Works for me. # virsh -c lxc:// list IdName State 7090 testbox running # virt-sandbox-service delete testbox /usr/bin/virt-sandbox-service: Cannot delete running container # echo $? 1 # virsh -c lxc:// list IdName State 7090 testbox running # virsh -c lxc:// destroy testbox Domain testbox destroyed # virsh -c lxc:// list --all IdName State - testbox shut off # virt-sandbox-service delete testbox # echo $? 0 # virsh -c lxc:// list --all Nothing. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [sandbox][PATCH v3] Fix delete of running container
On 08/08/2013 06:42 PM, Daniel P. Berrange wrote: On Thu, Aug 08, 2013 at 03:42:28PM +0800, Wayne Sun wrote: Delete running container is not supprted and will report an error. Related to bug: https://bugzilla.redhat.com/show_bug.cgi?id=994495 v1: Fix stop function and delete running container. v2: Delete running container is not allowed, spawn virsh to get domain status. v3: Using exist libvirt connection to get dom status. Signed-off-by: Wayne Sung...@redhat.com --- bin/virt-sandbox-service | 10 +- 1 files changed, 5 insertions(+), 5 deletions(-) diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service index 550d46c..03873c9 100755 --- a/bin/virt-sandbox-service +++ b/bin/virt-sandbox-service @@ -254,11 +254,11 @@ class Container: def delete(self): self.connect() -# Stop service if it is running -try: -self.stop() -except: -pass +self.conn.fetch_domains(None) +dom = self.conn.find_domain_by_name(self.name) +info = dom.get_info() +if info.state == LibvirtGObject.DomainState.RUNNING: +raise ValueError([_(Cannot delete running container)]) # Not sure we should remove content if os.path.exists(self.dest): ACK, looks good now. Daniel Daniel, I push this one now. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] remote: Fix a segfault in remoteDomainCreateWithFlags
Hi Martin, I think if the call() can't do this then it's impossible to de-duplicate in all similar functions. -- Regards, Alex - Original Message - From: Martin Kletzander mklet...@redhat.com To: Alex Jia a...@redhat.com Cc: libvir-list@redhat.com Sent: Thursday, August 8, 2013 8:09:57 PM Subject: Re: [libvirt] [PATCH] remote: Fix a segfault in remoteDomainCreateWithFlags On 08/08/2013 10:48 AM, Alex Jia wrote: Valgrind defects memory error: ==16759== 1 errors in context 1 of 8: ==16759== Invalid free() / delete / delete[] / realloc() ==16759==at 0x4A074C4: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16759==by 0x83CD329: xdr_string (in /usr/lib64/libc-2.17.so) ==16759==by 0x4D93E4D: xdr_remote_nonnull_string (remote_protocol.c:31) ==16759==by 0x4D94350: xdr_remote_nonnull_domain (remote_protocol.c:58) ==16759==by 0x4D976C8: xdr_remote_domain_create_with_flags_ret (remote_protocol.c:1762) ==16759==by 0x83CC734: xdr_free (in /usr/lib64/libc-2.17.so) ==16759==by 0x4D7F1E0: remoteDomainCreateWithFlags (remote_driver.c:2441) ==16759==by 0x4D4BF17: virDomainCreateWithFlags (libvirt.c:9499) ==16759==by 0x13127A: cmdStart (virsh-domain.c:3376) ==16759==by 0x12BF83: vshCommandRun (virsh.c:1751) ==16759==by 0x126FFB: main (virsh.c:3205) ==16759== Address 0xe1394a0 is not stack'd, malloc'd or (recently) free'd ==16759== 1 errors in context 2 of 8: ==16759== Conditional jump or move depends on uninitialised value(s) ==16759==at 0x4A07477: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16759==by 0x83CD329: xdr_string (in /usr/lib64/libc-2.17.so) ==16759==by 0x4D93E4D: xdr_remote_nonnull_string (remote_protocol.c:31) ==16759==by 0x4D94350: xdr_remote_nonnull_domain (remote_protocol.c:58) ==16759==by 0x4D976C8: xdr_remote_domain_create_with_flags_ret (remote_protocol.c:1762) ==16759==by 0x83CC734: xdr_free (in /usr/lib64/libc-2.17.so) ==16759==by 0x4D7F1E0: remoteDomainCreateWithFlags (remote_driver.c:2441) ==16759==by 0x4D4BF17: virDomainCreateWithFlags (libvirt.c:9499) ==16759==by 0x13127A: cmdStart (virsh-domain.c:3376) ==16759==by 0x12BF83: vshCommandRun (virsh.c:1751) ==16759==by 0x126FFB: main (virsh.c:3205) ==16759== Uninitialised value was created by a stack allocation ==16759==at 0x4D7F120: remoteDomainCreateWithFlags (remote_driver.c:2423) How to reproduce? # virsh start domain --paused RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=994855 Signed-off-by: Alex Jia a...@redhat.com --- src/remote/remote_driver.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index f828eef..71d0034 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -2431,6 +2431,7 @@ remoteDomainCreateWithFlags(virDomainPtr dom, unsigned int flags) make_nonnull_domain(args.dom, dom); args.flags = flags; +memset(ret, 0, sizeof(ret)); if (call(dom-conn, priv, 0, REMOTE_PROC_DOMAIN_CREATE_WITH_FLAGS, (xdrproc_t)xdr_remote_domain_create_with_flags_args, (char *)args, (xdrproc_t)xdr_remote_domain_create_with_flags_ret, (char *)ret) == -1) { ACK. I wonder whether we could de-duplicate this since all similar functions call this, but call() doesn't know the structure size :( Martin -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] remote: Fix a segfault in remoteDomainCreateWithFlags
Martin, I pushed this now. -- Regards, Alex - Original Message - From: Martin Kletzander mklet...@redhat.com To: Alex Jia a...@redhat.com Cc: libvir-list@redhat.com Sent: Thursday, August 8, 2013 8:09:57 PM Subject: Re: [libvirt] [PATCH] remote: Fix a segfault in remoteDomainCreateWithFlags On 08/08/2013 10:48 AM, Alex Jia wrote: Valgrind defects memory error: ==16759== 1 errors in context 1 of 8: ==16759== Invalid free() / delete / delete[] / realloc() ==16759==at 0x4A074C4: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16759==by 0x83CD329: xdr_string (in /usr/lib64/libc-2.17.so) ==16759==by 0x4D93E4D: xdr_remote_nonnull_string (remote_protocol.c:31) ==16759==by 0x4D94350: xdr_remote_nonnull_domain (remote_protocol.c:58) ==16759==by 0x4D976C8: xdr_remote_domain_create_with_flags_ret (remote_protocol.c:1762) ==16759==by 0x83CC734: xdr_free (in /usr/lib64/libc-2.17.so) ==16759==by 0x4D7F1E0: remoteDomainCreateWithFlags (remote_driver.c:2441) ==16759==by 0x4D4BF17: virDomainCreateWithFlags (libvirt.c:9499) ==16759==by 0x13127A: cmdStart (virsh-domain.c:3376) ==16759==by 0x12BF83: vshCommandRun (virsh.c:1751) ==16759==by 0x126FFB: main (virsh.c:3205) ==16759== Address 0xe1394a0 is not stack'd, malloc'd or (recently) free'd ==16759== 1 errors in context 2 of 8: ==16759== Conditional jump or move depends on uninitialised value(s) ==16759==at 0x4A07477: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16759==by 0x83CD329: xdr_string (in /usr/lib64/libc-2.17.so) ==16759==by 0x4D93E4D: xdr_remote_nonnull_string (remote_protocol.c:31) ==16759==by 0x4D94350: xdr_remote_nonnull_domain (remote_protocol.c:58) ==16759==by 0x4D976C8: xdr_remote_domain_create_with_flags_ret (remote_protocol.c:1762) ==16759==by 0x83CC734: xdr_free (in /usr/lib64/libc-2.17.so) ==16759==by 0x4D7F1E0: remoteDomainCreateWithFlags (remote_driver.c:2441) ==16759==by 0x4D4BF17: virDomainCreateWithFlags (libvirt.c:9499) ==16759==by 0x13127A: cmdStart (virsh-domain.c:3376) ==16759==by 0x12BF83: vshCommandRun (virsh.c:1751) ==16759==by 0x126FFB: main (virsh.c:3205) ==16759== Uninitialised value was created by a stack allocation ==16759==at 0x4D7F120: remoteDomainCreateWithFlags (remote_driver.c:2423) How to reproduce? # virsh start domain --paused RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=994855 Signed-off-by: Alex Jia a...@redhat.com --- src/remote/remote_driver.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index f828eef..71d0034 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -2431,6 +2431,7 @@ remoteDomainCreateWithFlags(virDomainPtr dom, unsigned int flags) make_nonnull_domain(args.dom, dom); args.flags = flags; +memset(ret, 0, sizeof(ret)); if (call(dom-conn, priv, 0, REMOTE_PROC_DOMAIN_CREATE_WITH_FLAGS, (xdrproc_t)xdr_remote_domain_create_with_flags_args, (char *)args, (xdrproc_t)xdr_remote_domain_create_with_flags_ret, (char *)ret) == -1) { ACK. I wonder whether we could de-duplicate this since all similar functions call this, but call() doesn't know the structure size :( Martin -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Update man page about virt-sandbox-service
On 08/08/2013 10:42 AM, Zhe Peng wrote: Add upgrade and remove start,stop,list --- bin/virt-sandbox-service.pod |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox-service.pod b/bin/virt-sandbox-service.pod index 32caad9..e8ab55e 100644 --- a/bin/virt-sandbox-service.pod +++ b/bin/virt-sandbox-service.pod @@ -4,7 +4,7 @@ virt-sandbox-service - Secure container tool =head1 SYNOPSIS - {create,clone,connect,delete,execute,list,reload,start,stop} + {create,clone,connect,delete,execute,reload,upgrade} commands: @@ -20,6 +20,8 @@ virt-sandbox-service - Secure container tool reload Reload a running sandbox container +upgrade Upgrade an existing Secure container s/Secure/sandbox/, to keep consistent with above contents. + =head1 DESCRIPTION virt-sandbox-service is used to provision secure sandboxed system services. @@ -52,7 +54,7 @@ supported currently). =head1 SEE ALSO -Clibvirt(8), Cselinux(8), Csystemd(8), Cvirt-sandbox(1), Cvirt-sandbox-service-create(1), Cvirt-sandbox-service-clone(1), Cvirt-sandbox-service-connect(1), Cvirt-sandbox-service-delete(1), Cvirt-sandbox-service-execute(1), Cvirt-sandbox-service-reload(1) +Clibvirt(8), Cselinux(8), Csystemd(8), Cvirt-sandbox(1), Cvirt-sandbox-service-create(1), Cvirt-sandbox-service-clone(1), Cvirt-sandbox-service-connect(1), Cvirt-sandbox-service-delete(1), Cvirt-sandbox-service-execute(1), Cvirt-sandbox-service-reload(1), Cvirt-sandbox-service-upgrade(1) =head1 FILES -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH v2] Update man page about virt-sandbox-service
On 08/08/2013 11:31 AM, Zhe Peng wrote: Add upgrade and remove start,stop,list ACK and pushed with comment update Remove obsolete 'list', 'start', 'stop' commands and add new 'upgrade' command. --- bin/virt-sandbox-service.pod |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox-service.pod b/bin/virt-sandbox-service.pod index 32caad9..7752145 100644 --- a/bin/virt-sandbox-service.pod +++ b/bin/virt-sandbox-service.pod @@ -4,7 +4,7 @@ virt-sandbox-service - Secure container tool =head1 SYNOPSIS - {create,clone,connect,delete,execute,list,reload,start,stop} + {create,clone,connect,delete,execute,reload,upgrade} commands: @@ -20,6 +20,8 @@ virt-sandbox-service - Secure container tool reload Reload a running sandbox container +upgrade Upgrade an existing sandbox container + =head1 DESCRIPTION virt-sandbox-service is used to provision secure sandboxed system services. @@ -52,7 +54,7 @@ supported currently). =head1 SEE ALSO -Clibvirt(8), Cselinux(8), Csystemd(8), Cvirt-sandbox(1), Cvirt-sandbox-service-create(1), Cvirt-sandbox-service-clone(1), Cvirt-sandbox-service-connect(1), Cvirt-sandbox-service-delete(1), Cvirt-sandbox-service-execute(1), Cvirt-sandbox-service-reload(1) +Clibvirt(8), Cselinux(8), Csystemd(8), Cvirt-sandbox(1), Cvirt-sandbox-service-create(1), Cvirt-sandbox-service-clone(1), Cvirt-sandbox-service-connect(1), Cvirt-sandbox-service-delete(1), Cvirt-sandbox-service-execute(1), Cvirt-sandbox-service-reload(1), Cvirt-sandbox-service-upgrade(1) =head1 FILES -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] conf:Fix a copy paste error
Signed-off-by: Alex Jia a...@redhat.com --- src/conf/domain_conf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 10cb7f6..0e74039 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -5153,7 +5153,7 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt, xmlStrEqual(cur-name, BAD_CAST product)) { product = (char *)xmlNodeGetContent(cur); -if (strlen(vendor) PRODUCT_LEN) { +if (strlen(product) PRODUCT_LEN) { virReportError(VIR_ERR_XML_ERROR, %s, _(disk product is more than 16 characters)); goto error; -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [sandbox][PATCH] Docs: remove duplicate -u item in create man page
ACK. -- Regards, Alex - Original Message - From: Wayne Sun g...@redhat.com To: libvir-list@redhat.com Sent: Thursday, July 18, 2013 3:24:30 PM Subject: [libvirt] [sandbox][PATCH] Docs: remove duplicate -u item in create man page This related to bug: https://bugzilla.redhat.com/show_bug.cgi?id=916651#c11 Signed-off-by: Wayne Sun g...@redhat.com --- bin/virt-sandbox-service-create.pod |4 1 files changed, 0 insertions(+), 4 deletions(-) diff --git a/bin/virt-sandbox-service-create.pod b/bin/virt-sandbox-service-create.pod index ad081ea..4dbfcb3 100644 --- a/bin/virt-sandbox-service-create.pod +++ b/bin/virt-sandbox-service-create.pod @@ -187,10 +187,6 @@ static,label=system_u:system_r:svirt_t:s0:c412,c355 Create file system image file of this size to store container content. -=item B-u UNITFILE, B--unitfile UNITFILE - -systemd Unit file to run within the container - =item B-P PACKAGE, B--package PACKAGE Package(s) to be used within the container. -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Docs: update EXAMPLES section of virt-sandbox man page
Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox.c |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 883e6c0..b51465d 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -438,7 +438,9 @@ Run an interactive shell under LXC, replace $HOME with the contents of $HOME/scratch # mkdir $HOME/scratch - # virt-sandbox -c lxc:/// --host-bind $HOME=$HOME/scratch /bin/sh + # echo hello $HOME/scratch/foo + # echo sandbox $HOME/scratch/bar + # virt-sandbox -c lxc:/// -m host-bind:$HOME=$HOME/scratch -i $HOME/scratch/foo -i $HOME/scratch/bar /bin/sh Convert an OGG file to WAV inside QEMU -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [sandbox][PATCH] Docs: remove duplicate -u item in create man page
Pushed this under the trivial rule. -- Regards, Alex - Original Message - From: Alex Jia a...@redhat.com To: Wayne Sun g...@redhat.com Cc: libvir-list@redhat.com Sent: Thursday, July 18, 2013 3:49:58 PM Subject: Re: [libvirt] [sandbox][PATCH] Docs: remove duplicate -u item in createman page ACK. -- Regards, Alex - Original Message - From: Wayne Sun g...@redhat.com To: libvir-list@redhat.com Sent: Thursday, July 18, 2013 3:24:30 PM Subject: [libvirt] [sandbox][PATCH] Docs: remove duplicate -u item in create man page This related to bug: https://bugzilla.redhat.com/show_bug.cgi?id=916651#c11 Signed-off-by: Wayne Sun g...@redhat.com --- bin/virt-sandbox-service-create.pod |4 1 files changed, 0 insertions(+), 4 deletions(-) diff --git a/bin/virt-sandbox-service-create.pod b/bin/virt-sandbox-service-create.pod index ad081ea..4dbfcb3 100644 --- a/bin/virt-sandbox-service-create.pod +++ b/bin/virt-sandbox-service-create.pod @@ -187,10 +187,6 @@ static,label=system_u:system_r:svirt_t:s0:c412,c355 Create file system image file of this size to store container content. -=item B-u UNITFILE, B--unitfile UNITFILE - -systemd Unit file to run within the container - =item B-P PACKAGE, B--package PACKAGE Package(s) to be used within the container. -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Docs: update EXAMPLES section of virt-sandbox man page
Thanks and pushed now. -- Regards, Alex - Original Message - From: Daniel P. Berrange berra...@redhat.com To: Alex Jia a...@redhat.com Cc: libvir-list@redhat.com Sent: Thursday, July 18, 2013 5:24:14 PM Subject: Re: [libvirt] [libvirt-sandbox][PATCH] Docs: update EXAMPLES section of virt-sandbox man page On Thu, Jul 18, 2013 at 04:22:36PM +0800, Alex Jia wrote: Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox.c |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 883e6c0..b51465d 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -438,7 +438,9 @@ Run an interactive shell under LXC, replace $HOME with the contents of $HOME/scratch # mkdir $HOME/scratch - # virt-sandbox -c lxc:/// --host-bind $HOME=$HOME/scratch /bin/sh + # echo hello $HOME/scratch/foo + # echo sandbox $HOME/scratch/bar + # virt-sandbox -c lxc:/// -m host-bind:$HOME=$HOME/scratch -i $HOME/scratch/foo -i $HOME/scratch/bar /bin/sh Convert an OGG file to WAV inside QEMU ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] qemu: Prevent crash of libvirtd without guest agent configuration
If users haven't configured guest agent then qemuAgentCommand() will dereference a NULL 'mon' pointer, which causes crash of libvirtd. GDB backtrace: (gdb) bt #0 virNetServerFatalSignal (sig=11, siginfo=value optimized out, context=value optimized out) at rpc/virnetserver.c:326 #1 signal handler called #2 qemuAgentCommand (mon=0x0, cmd=0x7f39300017b0, reply=0x7f394b090910, seconds=-2) at qemu/qemu_agent.c:975 #3 0x7f39429507f6 in qemuAgentGetVCPUs (mon=0x0, info=0x7f394b0909b8) at qemu/qemu_agent.c:1475 #4 0x7f39429d9857 in qemuDomainGetVcpusFlags (dom=value optimized out, flags=9) at qemu/qemu_driver.c:4849 #5 0x7f3957dffd8d in virDomainGetVcpusFlags (domain=0x7f3939c0, flags=8) at libvirt.c:9843 How to reproduce? # To start a guest without guest agent configuration # then run the following cmdline # virsh vcpucount foobar --guest error: End of file while reading data: Input/output error error: One or more references were leaked after disconnect from the hypervisor error: Failed to reconnect to the hypervisor RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=984821 Signed-off-by: Alex Jia a...@redhat.com --- src/qemu/qemu_driver.c | 12 1 files changed, 12 insertions(+), 0 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 495867a..1448aa7 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -4122,6 +4122,12 @@ qemuDomainSetVcpusFlags(virDomainPtr dom, unsigned int nvcpus, goto endjob; } +if (!priv-agent) { +virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED, %s, + _(QEMU guest agent is not configured)); +goto cleanup; +} + qemuDomainObjEnterAgent(vm); ncpuinfo = qemuAgentGetVCPUs(priv-agent, cpuinfo); qemuDomainObjExitAgent(vm); @@ -4839,6 +4845,12 @@ qemuDomainGetVcpusFlags(virDomainPtr dom, unsigned int flags) if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_QUERY) 0) goto cleanup; +if (!priv-agent) { +virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED, %s, + _(QEMU guest agent is not configured)); +goto cleanup; +} + if (!virDomainObjIsActive(vm)) { virReportError(VIR_ERR_OPERATION_INVALID, %s, _(domain is not running)); -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] qemu: Prevent crash of libvirtd without guest agent configuration
On 07/16/2013 04:35 PM, Peter Krempa wrote: On 07/16/13 08:31, Alex Jia wrote: If users haven't configured guest agent then qemuAgentCommand() will dereference a NULL 'mon' pointer, which causes crash of libvirtd. uhh, right :/ I broke that :/ GDB backtrace: (gdb) bt #0 virNetServerFatalSignal (sig=11, siginfo=value optimized out, context=value optimized out) at rpc/virnetserver.c:326 #1 signal handler called #2 qemuAgentCommand (mon=0x0, cmd=0x7f39300017b0, reply=0x7f394b090910, seconds=-2) at qemu/qemu_agent.c:975 #3 0x7f39429507f6 in qemuAgentGetVCPUs (mon=0x0, info=0x7f394b0909b8) at qemu/qemu_agent.c:1475 #4 0x7f39429d9857 in qemuDomainGetVcpusFlags (dom=value optimized out, flags=9) at qemu/qemu_driver.c:4849 #5 0x7f3957dffd8d in virDomainGetVcpusFlags (domain=0x7f3939c0, flags=8) at libvirt.c:9843 How to reproduce? # To start a guest without guest agent configuration # then run the following cmdline # virsh vcpucount foobar --guest error: End of file while reading data: Input/output error error: One or more references were leaked after disconnect from the hypervisor error: Failed to reconnect to the hypervisor RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=984821 Signed-off-by: Alex Jia a...@redhat.com --- src/qemu/qemu_driver.c | 12 1 files changed, 12 insertions(+), 0 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 495867a..1448aa7 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -4122,6 +4122,12 @@ qemuDomainSetVcpusFlags(virDomainPtr dom, unsigned int nvcpus, goto endjob; } +if (!priv-agent) { +virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED, %s, + _(QEMU guest agent is not configured)); +goto cleanup; +} + We probably also want: if (priv-agentError) { virReportError(VIR_ERR_AGENT_UNRESPONSIVE, %s, _(QEMU guest agent is not available due to an error)); goto cleanup; } Yes, I will add it into v2, thanks for your review. if (!priv-agent) { virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED, %s, _(QEMU guest agent is not configured)); goto cleanup; } qemuDomainObjEnterAgent(vm); ncpuinfo = qemuAgentGetVCPUs(priv-agent, cpuinfo); qemuDomainObjExitAgent(vm); Peter -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v2] qemu: Prevent crash of libvirtd without guest agent configuration
If users haven't configured guest agent then qemuAgentCommand() will dereference a NULL 'mon' pointer, which causes crash of libvirtd. With the patch, when the qemu-ga service isn't running in the guest, a expected error error: Guest agent is not responding: Guest agent not available for now will be raised, and the error error: argument unsupported: QEMU guest agent is not configured is raised when the guest hasn't configured guest agent. GDB backtrace: (gdb) bt #0 virNetServerFatalSignal (sig=11, siginfo=value optimized out, context=value optimized out) at rpc/virnetserver.c:326 #1 signal handler called #2 qemuAgentCommand (mon=0x0, cmd=0x7f39300017b0, reply=0x7f394b090910, seconds=-2) at qemu/qemu_agent.c:975 #3 0x7f39429507f6 in qemuAgentGetVCPUs (mon=0x0, info=0x7f394b0909b8) at qemu/qemu_agent.c:1475 #4 0x7f39429d9857 in qemuDomainGetVcpusFlags (dom=value optimized out, flags=9) at qemu/qemu_driver.c:4849 #5 0x7f3957dffd8d in virDomainGetVcpusFlags (domain=0x7f3939c0, flags=8) at libvirt.c:9843 How to reproduce? # To start a guest without guest agent configuration # then run the following cmdline # virsh vcpucount foobar --guest error: End of file while reading data: Input/output error error: One or more references were leaked after disconnect from the hypervisor error: Failed to reconnect to the hypervisor RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=984821 Signed-off-by: Alex Jia a...@redhat.com --- src/qemu/qemu_driver.c | 26 ++ 1 files changed, 26 insertions(+), 0 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 495867a..699388c 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -4122,6 +4122,19 @@ qemuDomainSetVcpusFlags(virDomainPtr dom, unsigned int nvcpus, goto endjob; } +if (priv-agentError) { +virReportError(VIR_ERR_AGENT_UNRESPONSIVE, %s, + _(QEMU guest agent is not + available due to an error)); +goto cleanup; +} + +if (!priv-agent) { +virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED, %s, + _(QEMU guest agent is not configured)); +goto cleanup; +} + qemuDomainObjEnterAgent(vm); ncpuinfo = qemuAgentGetVCPUs(priv-agent, cpuinfo); qemuDomainObjExitAgent(vm); @@ -4839,6 +4852,19 @@ qemuDomainGetVcpusFlags(virDomainPtr dom, unsigned int flags) if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_QUERY) 0) goto cleanup; +if (priv-agentError) { +virReportError(VIR_ERR_AGENT_UNRESPONSIVE, %s, + _(QEMU guest agent is not + available due to an error)); +goto cleanup; +} + +if (!priv-agent) { +virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED, %s, + _(QEMU guest agent is not configured)); +goto cleanup; +} + if (!virDomainObjIsActive(vm)) { virReportError(VIR_ERR_OPERATION_INVALID, %s, _(domain is not running)); -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] attach-device error: XML error: unknown device type
On 07/04/2013 02:34 AM, Chris Evich wrote: On 07/03/2013 09:46 AM, Daniel P. Berrange wrote: On Wed, Jul 03, 2013 at 09:44:46AM -0400, Chris Evich wrote: Hi, On Fedora 18 (libvirt 0.10.2.6-1) I'm trying to add a new serial device to a KVM VM with: virsh attach-device foobar /tmp/serial.xml and I keep getting: error: Failed to attach device from /tmp/serial.xml error: XML error: unknown device type with serial.xml: serial type='file' source path='/tmp/serialfile'/ target port='1'/ /serial Though I tried it w/o thetarget tag, with and without the --config flag, and with and without the guest running. Assuming it's similar, I tried and was successful in adding this device via virt-manager, though it complains if the VM is running (which is fine). What am I doing wrong with the virsh attach-device command or XML? There is no support for hotplug of any character device (that covers serial, parallel, console, channnel elements in the XML) Daniel Oops, sorry, should have been more clear than and with and without the guest running. * I see the 'unknown device type' error when guest is running and I run virsh attach-device foobar /tmp/serial.xml --config. * I also get 'unknown device type' error when guest is NOT running, and I run virsh attach both with or without '--config' flag. * I see the 'unknown device type' error inside the details window when the guest is running and I use virt-manager. * I do NOT get any error, and the device is attached, when I use virt-manager, and the guest is NOT running (or by clicking yes after getting error in above bullet). The main difference in using virt-manager, is that I'm selecting the file type and entering in the values manually instead of in an XML file. A loosely-related problem is with serial-hot plug (which is expected to not work). The error message reported under details is the same/similar 'device type error'. Whereas I was expecting something more specific like a Can't hotplug this error (see screenshot). This error is raised by the virDomainDeviceDefParse(), which should be a common device XML parser function not only focus on XML parser for hotplugging some device, so I think Can't hotplug this isn't appropriate in here at least. In addition, maybe, libvirt should add relevant character device parser function into the virDomainDeviceDefParse() such as virDomainSerialDefParseXML(), virDomainConsoleDefParseXML(), etc. Either way, the main thing I'm concerned about is the cold-plug + device-type error. Here's what I'm doing: [root@cevich ~]# virsh list --all IdName State 6 foobar running [root@cevich ~]# virsh attach-device foobar /tmp/serial.xml error: Failed to attach device from /tmp/serial.xml error: XML error: unknown device type [root@cevich ~]# virsh shutdown foobar Domain foobar is being shutdown [root@cevich ~]# virsh list --all IdName State - foobar shut off [root@cevich ~]# virsh attach-device foobar /tmp/serial.xml --config error: Failed to attach device from /tmp/serial.xml error: XML error: unknown device type [root@cevich ~]# virsh start foobar see screenshot Then... [root@cevich ~]# virsh shutdown foobar Domain foobar is being shutdown [root@cevich ~]# virsh list --all IdName State - foobar shut off [root@cevich ~]# virsh dumpxml foobar | grep -A2 serial type='file' serial type='file' source path='/tmp/serialfile'/ target port='1'/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [sandbox][PATCH] Fix nits in virt-sandbox-service when raise ValueError
On 05/28/2013 02:01 PM, Wayne Sun wrote: Put error msg in list when raise ValueError. This fix is for bug: [virt-sandbox-service] execute command with unsupported URI error msg is not right https://bugzilla.redhat.com/show_bug.cgi?id=967705 Signed-off-by: Wayne Sung...@redhat.com --- bin/virt-sandbox-service |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service index 4496b29..1db3c09 100755 --- a/bin/virt-sandbox-service +++ b/bin/virt-sandbox-service @@ -878,7 +878,7 @@ def sandbox_list(args): def sandbox_reload(args): config = read_config(args.name) if isinstance(config, gi.repository.LibvirtSandbox.ConfigServiceGeneric): -raise ValueError(_(Generic Containers do not support reload)) +raise ValueError([_(Generic Containers do not support reload)]) container = SystemdContainer(uri = args.uri, config = config) container.reload(args.unitfiles) @@ -931,7 +931,7 @@ def fullpath(cmd): def execute(args): if args.uri != lxc:///: -raise ValueError(_(Can only execute commands inside of linux containers.)) +raise ValueError([_(Can only execute commands inside of linux containers.)]) myexec = [ virsh, -c, args.uri, lxc-enter-namespace ] #myexec = [ virt-sandbox-service-util, execute ] ACK. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Add missing get_unit_path function into class Container
RHBZ:https://bugzilla.redhat.com/show_bug.cgi?id=966307 Signed-off-by: Alex Jia a...@redhat.com --- With the patch, we can successfully clone an existing Secure container, but I met a Warning, I think it may be a LibvirtGObject question, # virt-sandbox-service clone http1 clonebox Created sandbox container dir /var/lib/libvirt/filesystems/clonebox Created unit file /etc/libvirt-sandbox/services/clonebox.sandbox /usr/lib64/python2.7/site-packages/gi/types.py:47: Warning: g_key_file_set_string: assertion `string != NULL' failed return info.invoke(*args, **kwargs) Created sandbox config /etc/libvirt-sandbox/services/clonebox.sandbox bin/virt-sandbox-service |6 ++ 1 files changed, 6 insertions(+), 0 deletions(-) diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service index 4496b29..2595ea2 100755 --- a/bin/virt-sandbox-service +++ b/bin/virt-sandbox-service @@ -60,6 +60,7 @@ class Container: DEFAULT_PATH = /var/lib/libvirt/filesystems DEFAULT_IMAGE = /var/lib/libvirt/images/%s.raw SELINUX_FILE_TYPE = svirt_lxc_file_t +DEFAULT_UNIT = /etc/systemd/system/%s_sandbox.service def __init__(self, name=None, uri = lxc:///, path = DEFAULT_PATH, config=None, create=False): self.uri = uri @@ -132,6 +133,11 @@ class Container: name = self.get_name() return self.DEFAULT_IMAGE % name +def get_unit_path(self, name = None): +if not name: +name = self.get_name() +return self.DEFAULT_UNIT % name + def set_image(self, size): self.use_image = True self.size = size * MB -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-perl][PATCH] Fix typo in domain help page
ACK. -- Regards, Alex - Original Message - From: Zhe Peng zp...@redhat.com To: libvir-list@redhat.com Sent: Tuesday, May 21, 2013 10:46:03 AM Subject: [libvirt] [libvirt-perl][PATCH] Fix typo in domain help page The help page of $dom-set_metadata have a typo,this patch fix it. --- lib/Sys/Virt/Domain.pm |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/lib/Sys/Virt/Domain.pm b/lib/Sys/Virt/Domain.pm index a502029..053f127 100644 --- a/lib/Sys/Virt/Domain.pm +++ b/lib/Sys/Virt/Domain.pm @@ -112,7 +112,7 @@ C$flags parameter defaults to zero. Sets the metadata element of type C$type to hold the value C$val. If C$type is CSys::Virt::Domain::METADATA_ELEMENT then the C$key and C$uri elements specify an XML namespace -to use, otherwise they should both be Cnudef. The optional +to use, otherwise they should both be Cundef. The optional C$flags parameter defaults to zero. =item $dom-is_active() -- 1.7.7.6 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] util: Prevent libvirtd crash from virPCIDeviceAddressIsEqual()
On 04/29/2013 02:48 AM, Laine Stump wrote: On 04/28/2013 06:12 AM, Alex Jia wrote: GDB backtrace: Breakpoint 1, virPCIGetVirtualFunctionIndex (pf_sysfs_device_link=0x7fc04400f470 /sys/bus/pci/devices/:03:00.1, vf_sysfs_device_link=optimized out, vf_index=vf_index@entry=0x7fc06897b8f4) at util/virpci.c:2107 2107if (virPCIDeviceAddressIsEqual(vf_bdf, virt_fns[i])) { (gdb) p *vf_bdf $1 = {domain = 0, bus = 3, slot = 16, function = 1} (gdb) l 2102 virtual_functions), pf_sysfs_device_link); 2103goto out; 2104} 2105 2106for (i = 0; i num_virt_fns; i++) { 2107if (virPCIDeviceAddressIsEqual(vf_bdf, virt_fns[i])) { 2108*vf_index = i; 2109ret = 0; 2110break; 2111} (gdb) p num_virt_fns $46 = 2 (gdb) p virt_fns[0] $48 = (virPCIDeviceAddressPtr) 0x0 (gdb) s virPCIDeviceAddressIsEqual (bdf2=0x0, bdf1=0x7fc04400f330) at util/virpci.c:1844 1844(bdf1-slot == bdf2-slot) (gdb) s Program received signal SIGSEGV, Segmentation fault. RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=957416 Signed-off-by: Alex Jiaa...@redhat.com --- src/util/virpci.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/src/util/virpci.c b/src/util/virpci.c index 97bba74..dda044c 100644 --- a/src/util/virpci.c +++ b/src/util/virpci.c @@ -1897,7 +1897,8 @@ static bool virPCIDeviceAddressIsEqual(virPCIDeviceAddressPtr bdf1, virPCIDeviceAddressPtr bdf2) { -return ((bdf1-domain == bdf2-domain) +return (bdf1 bdf2 +(bdf1-domain == bdf2-domain) (bdf1-bus == bdf2-bus) (bdf1-slot == bdf2-slot) (bdf1-function == bdf2-function)); NACK. This patch only fixes the symptom (not the root cause), and only in the case of starting a domain with aninterface type='hostdev'. It doesn't fix the second crash described in the BZ when running virsh nodedev-dumpxml - the code path of that doesn't ever get to Yes, I just noticed this, it should be different code path. virPCIDeviceAddressIsEqual() (but *does* call the function that actually has the bug). Yes, another bug. The root cause of these crashes was a typo introduced just before the release of 1.0.4. I found that problem and pushed the correct patch on April 9: http://libvirt.org/git/?p=libvirt.git;a=commit;h=9579b6bc209b46a0f079b21455b598c817925b48 It should be okay if the patch is backported into rhel. (Beyond that, I don't like the idea of ignoring a NULL pointer - virPCIDeviceAddressIsEqual should always be passed non-NULL pointers, and its only current caller does guarantee that (except for when it has a bug). If we want virPCIDeviceAddressIsEqual to do something with NULL pointers, it should be logging an error and failing, but that would complicate the interface to the function beyond just returning a true/false (it would have to be tri-state, and the caller would need to Yes, the function interface will be more complex and return value should be tri-state not simple true/false. check all three possibilities). I think in this case it's better for the caller to make sure the pointers it sends are valid.) Yes, a simple way is the caller makes sure pointers is Non-NULL, maybe, we need also to add comment The caller should make sure the pointers it sends are valid into the virPCIDeviceAddressIsEqual(). However, in order to avoid the caller missing argument judgement, I think we should also fix virPCIDeviceAddressIsEqual(). Thanks for your comments, Alex -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] util: Prevent libvirtd crash from virPCIDeviceAddressIsEqual()
On 05/02/2013 11:30 PM, Laine Stump wrote: On 05/02/2013 02:06 AM, Alex Jia wrote: On 04/29/2013 02:48 AM, Laine Stump wrote: On 04/28/2013 06:12 AM, Alex Jia wrote: GDB backtrace: Breakpoint 1, virPCIGetVirtualFunctionIndex (pf_sysfs_device_link=0x7fc04400f470 /sys/bus/pci/devices/:03:00.1, vf_sysfs_device_link=optimized out, vf_index=vf_index@entry=0x7fc06897b8f4) at util/virpci.c:2107 2107if (virPCIDeviceAddressIsEqual(vf_bdf, virt_fns[i])) { (gdb) p *vf_bdf $1 = {domain = 0, bus = 3, slot = 16, function = 1} (gdb) l 2102 virtual_functions), pf_sysfs_device_link); 2103goto out; 2104} 2105 2106for (i = 0; i num_virt_fns; i++) { 2107if (virPCIDeviceAddressIsEqual(vf_bdf, virt_fns[i])) { 2108*vf_index = i; 2109ret = 0; 2110break; 2111} (gdb) p num_virt_fns $46 = 2 (gdb) p virt_fns[0] $48 = (virPCIDeviceAddressPtr) 0x0 (gdb) s virPCIDeviceAddressIsEqual (bdf2=0x0, bdf1=0x7fc04400f330) at util/virpci.c:1844 1844(bdf1-slot == bdf2-slot) (gdb) s Program received signal SIGSEGV, Segmentation fault. RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=957416 Signed-off-by: Alex Jiaa...@redhat.com --- src/util/virpci.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/src/util/virpci.c b/src/util/virpci.c index 97bba74..dda044c 100644 --- a/src/util/virpci.c +++ b/src/util/virpci.c @@ -1897,7 +1897,8 @@ static bool virPCIDeviceAddressIsEqual(virPCIDeviceAddressPtr bdf1, virPCIDeviceAddressPtr bdf2) { -return ((bdf1-domain == bdf2-domain) +return (bdf1 bdf2 +(bdf1-domain == bdf2-domain) (bdf1-bus == bdf2-bus) (bdf1-slot == bdf2-slot) (bdf1-function == bdf2-function)); NACK. This patch only fixes the symptom (not the root cause), and only in the case of starting a domain with aninterface type='hostdev'. It doesn't fix the second crash described in the BZ when running virsh nodedev-dumpxml - the code path of that doesn't ever get to Yes, I just noticed this, it should be different code path. virPCIDeviceAddressIsEqual() (but *does* call the function that actually has the bug). Yes, another bug. IMO, the only bug here. The root cause of these crashes was a typo introduced just before the release of 1.0.4. I found that problem and pushed the correct patch on April 9: http://libvirt.org/git/?p=libvirt.git;a=commit;h=9579b6bc209b46a0f079b21455b598c817925b48 It should be okay if the patch is backported into rhel. No backport is needed. This bug was only in one release of libvirt, and that release is not (and almost surely will not be) in any public RHEL or Fedora release. (Beyond that, I don't like the idea of ignoring a NULL pointer - virPCIDeviceAddressIsEqual should always be passed non-NULL pointers, and its only current caller does guarantee that (except for when it has a bug). If we want virPCIDeviceAddressIsEqual to do something with NULL pointers, it should be logging an error and failing, but that would complicate the interface to the function beyond just returning a true/false (it would have to be tri-state, and the caller would need to Yes, the function interface will be more complex and return value should be tri-state not simple true/false. Which will make the code in the caller unnecessarily more complex, since we've already checked for a valid pointer and handled it earlier in that same function (or to be more exact, a function called by that one - virPCIGetVirtualFunctions(), which does guarantee that only non-NULL pointers are placed into the array (when written correctly, as it is now after the bugfix patch above). check all three possibilities). I think in this case it's better for the caller to make sure the pointers it sends are valid.) Yes, a simple way is the caller makes sure pointers is Non-NULL, maybe, we need also to add comment The caller should make sure the pointers it sends are valid into the virPCIDeviceAddressIsEqual(). That's kind of a given for *any* function :-) However, in order to avoid the caller missing argument judgement, I think we should also fix(). There are many private functions in libvirt that assume the caller has sent in sane arguments. If every function checked every argument for non-NULL, the code would be full of that. I think that's only necessary for API-level functions, but this function is only a static, used just within the same file (and only once). I think that the proper course of action here is to leave it as it is; note that if it had been fixed at the time the bug was introduced to virPCIGetVirtualFunctions(), it would have been *much* more difficult to detect, identify, and fix that bug. Laine, got it and thanks for your nice comments :) Alex -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com
[libvirt] [PATCH] util: Prevent libvirtd crash from virPCIDeviceAddressIsEqual()
GDB backtrace: Breakpoint 1, virPCIGetVirtualFunctionIndex (pf_sysfs_device_link=0x7fc04400f470 /sys/bus/pci/devices/:03:00.1, vf_sysfs_device_link=optimized out, vf_index=vf_index@entry=0x7fc06897b8f4) at util/virpci.c:2107 2107if (virPCIDeviceAddressIsEqual(vf_bdf, virt_fns[i])) { (gdb) p *vf_bdf $1 = {domain = 0, bus = 3, slot = 16, function = 1} (gdb) l 2102 virtual_functions), pf_sysfs_device_link); 2103goto out; 2104} 2105 2106for (i = 0; i num_virt_fns; i++) { 2107if (virPCIDeviceAddressIsEqual(vf_bdf, virt_fns[i])) { 2108*vf_index = i; 2109ret = 0; 2110break; 2111} (gdb) p num_virt_fns $46 = 2 (gdb) p virt_fns[0] $48 = (virPCIDeviceAddressPtr) 0x0 (gdb) s virPCIDeviceAddressIsEqual (bdf2=0x0, bdf1=0x7fc04400f330) at util/virpci.c:1844 1844(bdf1-slot == bdf2-slot) (gdb) s Program received signal SIGSEGV, Segmentation fault. RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=957416 Signed-off-by: Alex Jia a...@redhat.com --- src/util/virpci.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/src/util/virpci.c b/src/util/virpci.c index 97bba74..dda044c 100644 --- a/src/util/virpci.c +++ b/src/util/virpci.c @@ -1897,7 +1897,8 @@ static bool virPCIDeviceAddressIsEqual(virPCIDeviceAddressPtr bdf1, virPCIDeviceAddressPtr bdf2) { -return ((bdf1-domain == bdf2-domain) +return (bdf1 bdf2 +(bdf1-domain == bdf2-domain) (bdf1-bus == bdf2-bus) (bdf1-slot == bdf2-slot) (bdf1-function == bdf2-function)); -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] sanlock: add missing test command in virt-sanlock-cleanup.in
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=949483 Signed-off-by: Alex Jia a...@redhat.com --- In fact, the virt-sanlock-cleanup works well on RHEL6.4, but doesn't work on RHEL7.0, and got a error line 14: x: command not found, It may be different bash version issue. tools/virt-sanlock-cleanup.in |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/tools/virt-sanlock-cleanup.in b/tools/virt-sanlock-cleanup.in index a9b7c2e..5389fc7 100644 --- a/tools/virt-sanlock-cleanup.in +++ b/tools/virt-sanlock-cleanup.in @@ -11,7 +11,7 @@ fi LOCKSPACE=__LIBVIRT__DISKS__ LOCKDIR=`augtool print '/files@sysconfdir@/libvirt/qemu-sanlock.conf/disk_lease_dir'` -if test $? != 0 || x$LOCKDIR = x ; then +if test $? != 0 || test x$LOCKDIR = x ; then LOCKDIR=@localstatedir@/lib/libvirt/sanlock fi -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] sanlock: add missing test command in virt-sanlock-cleanup.in
On 04/09/2013 04:16 AM, Eric Blake wrote: On 04/08/2013 03:46 AM, Alex Jia wrote: RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=949483 Signed-off-by: Alex Jiaa...@redhat.com --- In fact, the virt-sanlock-cleanup works well on RHEL6.4, but doesn't work on RHEL7.0, and got a error line 14: x: command not found, It may be different bash version issue. It has nothing to do with bash versions; rather, it is a result of $LOCKDIR being non-empty on the machine where it worked (and/or augtool exiting with nonzero status), vs. being empty on the machine where it failed (with augtool existing with zero status). Which makes it more a question of what changed in augtool, or in the files that augtool was inspecting, between the two machines. I just double checked this, it should be a augeas's bug, whether or not the disk_lease_dir is configured in /etc/libvirt/qemu-sanlock.conf, the augtool always exit with zero status on augeas-1.0.0-1.fc18.x86_64 or augeas-1.0.0-1.el7.x86_64: # grep disk_lease_dir = /etc/libvirt/qemu-sanlock.conf #disk_lease_dir = /var/lib/libvirt/sanlock # sh -x test.sh ++ augtool print /files/etc/libvirt/qemu-sanlock.conf/disk_lease_dir + LOCKDIR= + test 0 '!=' 0 + x = x test.sh: line 2: x: command not found tools/virt-sanlock-cleanup.in |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/tools/virt-sanlock-cleanup.in b/tools/virt-sanlock-cleanup.in index a9b7c2e..5389fc7 100644 --- a/tools/virt-sanlock-cleanup.in +++ b/tools/virt-sanlock-cleanup.in @@ -11,7 +11,7 @@ fi LOCKSPACE=__LIBVIRT__DISKS__ LOCKDIR=`augtool print '/files@sysconfdir@/libvirt/qemu-sanlock.conf/disk_lease_dir'` -if test $? != 0 || x$LOCKDIR = x ; then +if test $? != 0 || test x$LOCKDIR = x ; then At any rate, this fix is correct. ACK. Thanks and pushed now. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Sync lxc-enter-namespace options with libvirt
The option 'nolabel' has been changed by current libvirt upstream, it should be 'noseclabel' now, so need to sync the option change with libvirt. # ./tools/virsh -c lxc:/// lxc-enter-namespace --help | grep label lxc-enter-namespace domain [--noseclabel] {[--cmd] string}... --noseclabel Do not change process security label Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox-service|6 +++--- bin/virt-sandbox-service-bash-completion.sh |2 +- bin/virt-sandbox-service-execute.pod|2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service index c05e13f..478769d 100755 --- a/bin/virt-sandbox-service +++ b/bin/virt-sandbox-service @@ -838,8 +838,8 @@ def fullpath(cmd): def execute(args): myexec = [ virsh, -c, lxc:///, lxc-enter-namespace ] #myexec = [ virt-sandbox-service-util, execute ] -if args.nolabel: -myexec.append(--nolabel) +if args.noseclabel: +myexec.append(--noseclabel) myexec.extend([ args.name, --, fullpath(args.command[0])] + args.command[1:]) os.execv(/usr/bin/virsh, myexec) #myexec.extend( -e, cmd, args.name ] @@ -966,7 +966,7 @@ def gen_connect_args(subparser): def gen_execute_args(subparser): parser = subparser.add_parser(execute, help=(Execute a command within a sandbox container)) -parser.add_argument(-N, --nolabel, dest=nolabel, +parser.add_argument(-N, --noseclabel, dest=noseclabel, default=False, action=store_true, help=_(do not modify the label of the executable process. By default all commands execute with the label of the sandbox)) requires_name(parser) diff --git a/bin/virt-sandbox-service-bash-completion.sh b/bin/virt-sandbox-service-bash-completion.sh index a886cf4..c855fd2 100755 --- a/bin/virt-sandbox-service-bash-completion.sh +++ b/bin/virt-sandbox-service-bash-completion.sh @@ -57,7 +57,7 @@ _virt_sandbox_service () { [ALL]='-h --help' [CREATE]='-u --unitfile -p --path -t --type -l --level -d --dynamic -n --clone -i --image -s --size' [LIST]='-r --running' -[EXECUTE]='-N --nolabel' +[EXECUTE]='-N --noseclabel' ) for ((i=0; $i = $COMP_CWORD; i++)); do diff --git a/bin/virt-sandbox-service-execute.pod b/bin/virt-sandbox-service-execute.pod index 46a3b2b..f79ce73 100644 --- a/bin/virt-sandbox-service-execute.pod +++ b/bin/virt-sandbox-service-execute.pod @@ -31,7 +31,7 @@ Display help message The connection URI for the hypervisor (only LXC or QEMU are supported currently). -=item B-N, B--nolabel +=item B-N, B--noseclabel Execute command within the container. -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Sync lxc-enter-namespace options with libvirt
On 03/28/2013 05:31 PM, Daniel P. Berrange wrote: On Thu, Mar 28, 2013 at 04:48:31PM +0800, Alex Jia wrote: The option 'nolabel' has been changed by current libvirt upstream, it should be 'noseclabel' now, so need to sync the option change with libvirt. # ./tools/virsh -c lxc:/// lxc-enter-namespace --help | grep label lxc-enter-namespacedomain [--noseclabel] {[--cmd]string}... --noseclabel Do not change process security label Signed-off-by: Alex Jiaa...@redhat.com --- bin/virt-sandbox-service|6 +++--- bin/virt-sandbox-service-bash-completion.sh |2 +- bin/virt-sandbox-service-execute.pod|2 +- 3 files changed, 5 insertions(+), 5 deletions(-) ACK Daniel Thanks and pushed now. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Docs: update network options configuration
On 03/27/2013 06:06 PM, Daniel P. Berrange wrote: On Mon, Mar 25, 2013 at 06:41:37PM +0800, Alex Jia wrote: Signed-off-by: Alex Jiaa...@redhat.com --- bin/virt-sandbox-service-create.pod |7 ++- bin/virt-sandbox.c |7 ++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox-service-create.pod b/bin/virt-sandbox-service-create.pod index 84cbf0a..1f82e1d 100644 --- a/bin/virt-sandbox-service-create.pod +++ b/bin/virt-sandbox-service-create.pod @@ -56,7 +56,12 @@ key=val pairs, separated by commas. The following options are valid =item dhcp Configure the network interface using dhcp. This key takes no value. -No other keys may be specified. +No other keys may be specified. eg + + -N dhcp,source=default + --network dhcp,source=lan + +where 'source' is the name of any libvirt virtual network. =item source=NETWORK diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 0396d9e..88c4333 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -335,7 +335,12 @@ key=val pairs, separated by commas. The following options are valid =item dhcp Configure the network interface using dhcp. This key takes no value. -No other keys may be specified. +No other keys may be specified. eg + + -N dhcp,source=default + --network dhcp,source=lan + +where 'source' is the name of any libvirt virtual network. =item source=NETWORK ACK Daniel Thanks and pushed now. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH v2] Avoid segfault in gvir_sandbox_config_add_host_include_file
On 03/27/2013 06:05 PM, Daniel P. Berrange wrote: On Mon, Mar 25, 2013 at 01:20:19PM +0800, Alex Jia wrote: RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=924574 Valgrind defects memory error: ==19297== Invalid free() / delete / delete[] / realloc() ==19297==at 0x4A077A6: free (vg_replace_malloc.c:446) ==19297==by 0x350F24D79E: g_free (in /usr/lib64/libglib-2.0.so.0.3400.2) ==19297==by 0x4C2C03F: gvir_sandbox_config_add_host_include_file (libvirt-sandbox-config.c:1319) ==19297==by 0x401FB7: main (virt-sandbox.c:171) ==19297== Address 0x4f2094c is 12 bytes inside a block of size 18 alloc'd ==19297==at 0x4A0883C: malloc (vg_replace_malloc.c:270) ==19297==by 0x350F24D68E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3400.2) ==19297==by 0x350F263F0B: g_strdup (in /usr/lib64/libglib-2.0.so.0.3400.2) ==19297==by 0x4C2BF95: gvir_sandbox_config_add_host_include_file (libvirt-sandbox-config.c:1292) ==19297==by 0x401FB7: main (virt-sandbox.c:171) Signed-off-by: Alex Jiaa...@redhat.com --- libvirt-sandbox/libvirt-sandbox-config.c |7 +-- 1 files changed, 5 insertions(+), 2 deletions(-) ACK Daniel Thanks and pushed now. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Docs: update network options configuration
Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox-service-create.pod |7 ++- bin/virt-sandbox.c |7 ++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox-service-create.pod b/bin/virt-sandbox-service-create.pod index 84cbf0a..1f82e1d 100644 --- a/bin/virt-sandbox-service-create.pod +++ b/bin/virt-sandbox-service-create.pod @@ -56,7 +56,12 @@ key=val pairs, separated by commas. The following options are valid =item dhcp Configure the network interface using dhcp. This key takes no value. -No other keys may be specified. +No other keys may be specified. eg + + -N dhcp,source=default + --network dhcp,source=lan + +where 'source' is the name of any libvirt virtual network. =item source=NETWORK diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 0396d9e..88c4333 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -335,7 +335,12 @@ key=val pairs, separated by commas. The following options are valid =item dhcp Configure the network interface using dhcp. This key takes no value. -No other keys may be specified. +No other keys may be specified. eg + + -N dhcp,source=default + --network dhcp,source=lan + +where 'source' is the name of any libvirt virtual network. =item source=NETWORK -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Avoid segfault in gvir_sandbox_config_add_host_include_file
On 03/22/2013 06:45 PM, Daniel P. Berrange wrote: On Fri, Mar 22, 2013 at 05:38:23PM +0800, Alex Jia wrote: RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=924574 Valgrind defects memory error: ==19297== Invalid free() / delete / delete[] / realloc() ==19297==at 0x4A077A6: free (vg_replace_malloc.c:446) ==19297==by 0x350F24D79E: g_free (in /usr/lib64/libglib-2.0.so.0.3400.2) ==19297==by 0x4C2C03F: gvir_sandbox_config_add_host_include_file (libvirt-sandbox-config.c:1319) ==19297==by 0x401FB7: main (virt-sandbox.c:171) ==19297== Address 0x4f2094c is 12 bytes inside a block of size 18 alloc'd ==19297==at 0x4A0883C: malloc (vg_replace_malloc.c:270) ==19297==by 0x350F24D68E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3400.2) ==19297==by 0x350F263F0B: g_strdup (in /usr/lib64/libglib-2.0.so.0.3400.2) ==19297==by 0x4C2BF95: gvir_sandbox_config_add_host_include_file (libvirt-sandbox-config.c:1292) ==19297==by 0x401FB7: main (virt-sandbox.c:171) Signed-off-by: Alex Jiaa...@redhat.com --- libvirt-sandbox/libvirt-sandbox-config.c |5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-) diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 665a9fb..135eef1 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -1285,6 +1285,7 @@ gboolean gvir_sandbox_config_add_host_include_file(GVirSandboxConfig *config, error))) { const gchar *host; gchar *guest; +const gchar *relguest; GVirSandboxConfigMount *mnt = NULL; GList *mnts = NULL; gchar *tmp; @@ -1302,7 +1303,7 @@ gboolean gvir_sandbox_config_add_host_include_file(GVirSandboxConfig *config, mnt = GVIR_SANDBOX_CONFIG_MOUNT(mnts-data); const gchar *target = gvir_sandbox_config_mount_get_target(mnt); if (g_str_has_prefix(guest, target)) { -guest = guest + strlen(target); +relguest = guest + strlen(target); break; } I think you need to have } else { relguest = guest; } Yes, I will fix it on v2 patch, thanks for your review. Daniel -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH v2] Avoid segfault in gvir_sandbox_config_add_host_include_file
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=924574 Valgrind defects memory error: ==19297== Invalid free() / delete / delete[] / realloc() ==19297==at 0x4A077A6: free (vg_replace_malloc.c:446) ==19297==by 0x350F24D79E: g_free (in /usr/lib64/libglib-2.0.so.0.3400.2) ==19297==by 0x4C2C03F: gvir_sandbox_config_add_host_include_file (libvirt-sandbox-config.c:1319) ==19297==by 0x401FB7: main (virt-sandbox.c:171) ==19297== Address 0x4f2094c is 12 bytes inside a block of size 18 alloc'd ==19297==at 0x4A0883C: malloc (vg_replace_malloc.c:270) ==19297==by 0x350F24D68E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3400.2) ==19297==by 0x350F263F0B: g_strdup (in /usr/lib64/libglib-2.0.so.0.3400.2) ==19297==by 0x4C2BF95: gvir_sandbox_config_add_host_include_file (libvirt-sandbox-config.c:1292) ==19297==by 0x401FB7: main (virt-sandbox.c:171) Signed-off-by: Alex Jia a...@redhat.com --- libvirt-sandbox/libvirt-sandbox-config.c |7 +-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index fc852f5..a98f40b 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -1337,6 +1337,7 @@ gboolean gvir_sandbox_config_add_host_include_file(GVirSandboxConfig *config, error))) { const gchar *host; gchar *guest; +const gchar *relguest; GVirSandboxConfigMount *mnt = NULL; GList *mnts = NULL; gchar *tmp; @@ -1354,8 +1355,10 @@ gboolean gvir_sandbox_config_add_host_include_file(GVirSandboxConfig *config, mnt = GVIR_SANDBOX_CONFIG_MOUNT(mnts-data); const gchar *target = gvir_sandbox_config_mount_get_target(mnt); if (g_str_has_prefix(guest, target)) { -guest = guest + strlen(target); +relguest = guest + strlen(target); break; +} else { +relguest = guest; } mnt = NULL; mnts = mnts-next; @@ -1367,7 +1370,7 @@ gboolean gvir_sandbox_config_add_host_include_file(GVirSandboxConfig *config, return FALSE; } -gvir_sandbox_config_mount_add_include(GVIR_SANDBOX_CONFIG_MOUNT(mnt), host, guest); +gvir_sandbox_config_mount_add_include(GVIR_SANDBOX_CONFIG_MOUNT(mnt), host, relguest); g_free(guest); g_free(line); } -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Avoid segfault in gvir_sandbox_config_add_host_include_file
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=924574 Valgrind defects memory error: ==19297== Invalid free() / delete / delete[] / realloc() ==19297==at 0x4A077A6: free (vg_replace_malloc.c:446) ==19297==by 0x350F24D79E: g_free (in /usr/lib64/libglib-2.0.so.0.3400.2) ==19297==by 0x4C2C03F: gvir_sandbox_config_add_host_include_file (libvirt-sandbox-config.c:1319) ==19297==by 0x401FB7: main (virt-sandbox.c:171) ==19297== Address 0x4f2094c is 12 bytes inside a block of size 18 alloc'd ==19297==at 0x4A0883C: malloc (vg_replace_malloc.c:270) ==19297==by 0x350F24D68E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3400.2) ==19297==by 0x350F263F0B: g_strdup (in /usr/lib64/libglib-2.0.so.0.3400.2) ==19297==by 0x4C2BF95: gvir_sandbox_config_add_host_include_file (libvirt-sandbox-config.c:1292) ==19297==by 0x401FB7: main (virt-sandbox.c:171) Signed-off-by: Alex Jia a...@redhat.com --- libvirt-sandbox/libvirt-sandbox-config.c |5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-) diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 665a9fb..135eef1 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -1285,6 +1285,7 @@ gboolean gvir_sandbox_config_add_host_include_file(GVirSandboxConfig *config, error))) { const gchar *host; gchar *guest; +const gchar *relguest; GVirSandboxConfigMount *mnt = NULL; GList *mnts = NULL; gchar *tmp; @@ -1302,7 +1303,7 @@ gboolean gvir_sandbox_config_add_host_include_file(GVirSandboxConfig *config, mnt = GVIR_SANDBOX_CONFIG_MOUNT(mnts-data); const gchar *target = gvir_sandbox_config_mount_get_target(mnt); if (g_str_has_prefix(guest, target)) { -guest = guest + strlen(target); +relguest = guest + strlen(target); break; } mnt = NULL; @@ -1315,7 +1316,7 @@ gboolean gvir_sandbox_config_add_host_include_file(GVirSandboxConfig *config, return FALSE; } -gvir_sandbox_config_mount_add_include(GVIR_SANDBOX_CONFIG_MOUNT(mnt), host, guest); +gvir_sandbox_config_mount_add_include(GVIR_SANDBOX_CONFIG_MOUNT(mnt), host, relguest); g_free(guest); g_free(line); } -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Add missing break statements
Signed-off-by: Alex Jia a...@redhat.com --- libvirt-sandbox/libvirt-sandbox-init-qemu.c |4 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/libvirt-sandbox/libvirt-sandbox-init-qemu.c b/libvirt-sandbox/libvirt-sandbox-init-qemu.c index 38ed284..dfa1374 100644 --- a/libvirt-sandbox/libvirt-sandbox-init-qemu.c +++ b/libvirt-sandbox/libvirt-sandbox-init-qemu.c @@ -496,12 +496,16 @@ insmod(const char *filename) switch (errno) { case ENOEXEC: msg = Invalid module format; +break; case ENOENT: msg = Unknown symbol in module; +break; case ESRCH: msg = Module has wrong symbol version; +break; case EINVAL: msg = Invalid parameters; +break; default: msg = strerror(errno); } -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Docs: fix a typo in help documents
Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index bd7ac49..654a205 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -87,10 +87,10 @@ int main(int argc, char **argv) { { name, 'n', 0, G_OPTION_ARG_STRING, name, N_(name of the sandbox), NAME }, { mount, 'm', 0, G_OPTION_ARG_STRING_ARRAY, mounts, - N_(mount a filesystem int he guest), TYPE:TARGET=SOURCE }, + N_(mount a filesystem in the guest), TYPE:TARGET=SOURCE }, { include, 'i', 0, G_OPTION_ARG_STRING_ARRAY, includes, N_(file to copy into custom dir), GUEST-PATH=HOST-PATH, }, -{ includefile, 'I', 0, G_OPTION_ARG_STRING, includefile, +{ interfile, 'I', 0, G_OPTION_ARG_STRING, includefile, N_(file contain list of files to include), FILE }, { network, 'N', 0, G_OPTION_ARG_STRING_ARRAY, networks, N_(setup network interface properties), PATH, }, -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Docs: fix a typo in help documents
On 03/18/2013 05:45 PM, Osier Yang wrote: On 2013年03月18日 17:39, Alex Jia wrote: Signed-off-by: Alex Jiaa...@redhat.com --- bin/virt-sandbox.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index bd7ac49..654a205 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -87,10 +87,10 @@ int main(int argc, char **argv) { { name, 'n', 0, G_OPTION_ARG_STRING,name, N_(name of the sandbox), NAME }, { mount, 'm', 0, G_OPTION_ARG_STRING_ARRAY,mounts, - N_(mount a filesystem int he guest), TYPE:TARGET=SOURCE }, + N_(mount a filesystem in the guest), TYPE:TARGET=SOURCE }, { include, 'i', 0, G_OPTION_ARG_STRING_ARRAY,includes, N_(file to copy into custom dir), GUEST-PATH=HOST-PATH, }, -{ includefile, 'I', 0, G_OPTION_ARG_STRING,includefile, +{ interfile, 'I', 0, G_OPTION_ARG_STRING,includefile, It's a wrong operation, in fact, I haven't changed it, I will fix this. thanks. N_(file contain list of files to include), FILE }, Didn't check the source, but if it's the right fix, you should also change the variable name (includefile) to be consistent. And also the help message. { network, 'N', 0, G_OPTION_ARG_STRING_ARRAY,networks, N_(setup network interface properties), PATH, }, -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Add missing break statements
On 03/18/2013 05:51 PM, Osier Yang wrote: On 2013年03月18日 15:10, Alex Jia wrote: Signed-off-by: Alex Jiaa...@redhat.com --- libvirt-sandbox/libvirt-sandbox-init-qemu.c |4 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/libvirt-sandbox/libvirt-sandbox-init-qemu.c b/libvirt-sandbox/libvirt-sandbox-init-qemu.c index 38ed284..dfa1374 100644 --- a/libvirt-sandbox/libvirt-sandbox-init-qemu.c +++ b/libvirt-sandbox/libvirt-sandbox-init-qemu.c @@ -496,12 +496,16 @@ insmod(const char *filename) switch (errno) { case ENOEXEC: msg = Invalid module format; +break; case ENOENT: msg = Unknown symbol in module; +break; case ESRCH: msg = Module has wrong symbol version; +break; case EINVAL: msg = Invalid parameters; +break; default: msg = strerror(errno); } ACK Thanks and push now. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCHv2] Docs: fix a typo in help documents
On 03/18/2013 06:02 PM, Osier Yang wrote: On 2013年03月18日 18:00, Alex Jia wrote: Signed-off-by: Alex Jiaa...@redhat.com --- bin/virt-sandbox.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index bd7ac49..257d6c2 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -87,7 +87,7 @@ int main(int argc, char **argv) { { name, 'n', 0, G_OPTION_ARG_STRING,name, N_(name of the sandbox), NAME }, { mount, 'm', 0, G_OPTION_ARG_STRING_ARRAY,mounts, - N_(mount a filesystem int he guest), TYPE:TARGET=SOURCE }, + N_(mount a filesystem in the guest), TYPE:TARGET=SOURCE }, { include, 'i', 0, G_OPTION_ARG_STRING_ARRAY,includes, N_(file to copy into custom dir), GUEST-PATH=HOST-PATH, }, { includefile, 'I', 0, G_OPTION_ARG_STRING,includefile, ACK. Thanks and push now. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH v2] Docs: Fix security options wrongs in man page
On 03/15/2013 07:29 PM, Daniel P. Berrange wrote: On Fri, Mar 15, 2013 at 06:57:15PM +0800, Alex Jia wrote: Signed-off-by: Alex Jiaa...@redhat.com --- bin/virt-sandbox.c | 17 + 1 files changed, 13 insertions(+), 4 deletions(-) ACK Daniel Thanks and push now. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Docs: fix typos in IPv6 address
Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox.c |2 +- libvirt-sandbox/libvirt-sandbox-config.c |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 9becd07..69d1e62 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -352,7 +352,7 @@ specifies the broadcast address. Some examples address=192.168.122.1/24 address=192.168.122.1/24%192.168.122.255 - address=2001:212::204.2/64 + address=2001:212::204:2/64 =item route=IP-NETWORK/PREFIX%GATEWAY diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 3dc453a..90217f1 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -825,7 +825,7 @@ GList *gvir_sandbox_config_get_networks(GVirSandboxConfig *config) * * dhcp * address=192.168.122.1/24%192.168.122.255; - * address=192.168.122.1/24%192.168.122.255;address=2001:212::204.2/64 + * address=192.168.122.1/24%192.168.122.255;address=2001:212::204:2/64 * route=192.168.122.255/24%192.168.1.1 */ gboolean gvir_sandbox_config_add_network_strv(GVirSandboxConfig *config, -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Docs: fix typos in IPv6 address
On 03/15/2013 04:02 PM, Osier Yang wrote: On 2013年03月15日 15:23, Alex Jia wrote: Signed-off-by: Alex Jiaa...@redhat.com --- bin/virt-sandbox.c |2 +- libvirt-sandbox/libvirt-sandbox-config.c |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 9becd07..69d1e62 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -352,7 +352,7 @@ specifies the broadcast address. Some examples address=192.168.122.1/24 address=192.168.122.1/24%192.168.122.255 - address=2001:212::204.2/64 + address=2001:212::204:2/64 =item route=IP-NETWORK/PREFIX%GATEWAY diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 3dc453a..90217f1 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -825,7 +825,7 @@ GList *gvir_sandbox_config_get_networks(GVirSandboxConfig *config) * * dhcp * address=192.168.122.1/24%192.168.122.255; - * address=192.168.122.1/24%192.168.122.255;address=2001:212::204.2/64 + * address=192.168.122.1/24%192.168.122.255;address=2001:212::204:2/64 * route=192.168.122.255/24%192.168.1.1 */ gboolean gvir_sandbox_config_add_network_strv(GVirSandboxConfig *config, ACK, Please push. Thanks and push now. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Avoid infinite loop in gvir_sandbox_config_set_security_opts()
Signed-off-by: Alex Jia a...@redhat.com --- libvirt-sandbox/libvirt-sandbox-config.c |3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 90217f1..f96d417 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -1356,10 +1356,13 @@ gboolean gvir_sandbox_config_set_security_opts(GVirSandboxConfig *config, if (strncmp(name, label=, 5) == 0) { gvir_sandbox_config_set_security_label(config, value); +break; } else if (g_str_equal(name, dynamic)) { gvir_sandbox_config_set_security_dynamic(config, TRUE); +break; } else if (g_str_equal(name, static)) { gvir_sandbox_config_set_security_dynamic(config, FALSE); +break; } else { g_set_error(error, GVIR_SANDBOX_CONFIG_ERROR, 0, Unknown security option '%s', name); -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Avoid infinite loop in gvir_sandbox_config_set_security_opts()
On 03/15/2013 05:44 PM, Daniel P. Berrange wrote: On Fri, Mar 15, 2013 at 05:32:24PM +0800, Alex Jia wrote: Signed-off-by: Alex Jiaa...@redhat.com --- libvirt-sandbox/libvirt-sandbox-config.c |3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 90217f1..f96d417 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -1356,10 +1356,13 @@ gboolean gvir_sandbox_config_set_security_opts(GVirSandboxConfig *config, if (strncmp(name, label=, 5) == 0) { gvir_sandbox_config_set_security_label(config, value); +break; } else if (g_str_equal(name, dynamic)) { gvir_sandbox_config_set_security_dynamic(config, TRUE); +break; } else if (g_str_equal(name, static)) { gvir_sandbox_config_set_security_dynamic(config, FALSE); +break; } else { g_set_error(error, GVIR_SANDBOX_CONFIG_ERROR, 0, Unknown security option '%s', name); Actually the real flaw is that we're missing 'i++' as the last line of the loop body. Daniel Ah, yes, I will commit a v2 patch. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH v2] Avoid infinite loop in gvir_sandbox_config_set_security_opts()
On 03/15/2013 05:52 PM, Daniel P. Berrange wrote: On Fri, Mar 15, 2013 at 05:50:32PM +0800, Alex Jia wrote: Signed-off-by: Alex Jiaa...@redhat.com --- libvirt-sandbox/libvirt-sandbox-config.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 90217f1..08d21b9 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -1365,6 +1365,7 @@ gboolean gvir_sandbox_config_set_security_opts(GVirSandboxConfig *config, Unknown security option '%s', name); return FALSE; } +i++; } return TRUE; ACK Daniel Thanks and push now. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH v2] Avoid infinite loop in gvir_sandbox_config_set_security_opts()
Signed-off-by: Alex Jia a...@redhat.com --- libvirt-sandbox/libvirt-sandbox-config.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 90217f1..08d21b9 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -1365,6 +1365,7 @@ gboolean gvir_sandbox_config_set_security_opts(GVirSandboxConfig *config, Unknown security option '%s', name); return FALSE; } +i++; } return TRUE; } -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Docs: Fix security options wrongs in man page
Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox.c | 14 ++ 1 files changed, 10 insertions(+), 4 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 69d1e62..66676c3 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -372,13 +372,19 @@ separated by commas. The following options are valid for SELinux =over 4 -=item type=TYPE +=item dynamic -The SELinux security type, defaults to sandbox_t +The SELinux security dynamic for the sandbox, defaults to svirt_sandbox_t -=item level=LEVEL +=item dynamic,label=USER:ROLE:TYPE:LEVEL -The SELinux MCS level, defaults to a randomly allocated level +To use dynamic and override the base label, defaults to +system_u:system_r:svirt_t:s0 + +=item static,label=USER:ROLE:TYPE:LEVEL + +To set a completely static label. For example, +static,label=system_u:system_r:svirt_t:s0:c412,c355 =back -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Docs: Fix security options wrongs in man page
On 03/15/2013 06:42 PM, Daniel P. Berrange wrote: Dynamically allocate an SELinux label, using the base context USER:ROLE:TYPE:LEVEL, instead of the default base context. Thanks for your nice comment, the v2 patch is coming. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH v2] Docs: Fix security options wrongs in man page
Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox.c | 17 + 1 files changed, 13 insertions(+), 4 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 69d1e62..bd7ac49 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -372,13 +372,22 @@ separated by commas. The following options are valid for SELinux =over 4 -=item type=TYPE +=item dynamic -The SELinux security type, defaults to sandbox_t +Dynamically allocate an SELinux label, using the default base context. +The default base context is system_u:system_r:svirt_lxc_net_t:s0 for LXC, +system_u:system_r:svirt_t:s0 for KVM, system_u:system_r:svirt_tcg_t:s0 +for QEMU. -=item level=LEVEL +=item dynamic,label=USER:ROLE:TYPE:LEVEL -The SELinux MCS level, defaults to a randomly allocated level +Dynamically allocate an SELinux label, using the base context +USER:ROLE:TYPE:LEVEL, instead of the default base context. + +=item static,label=USER:ROLE:TYPE:LEVEL + +To set a completely static label. For example, +static,label=system_u:system_r:svirt_t:s0:c412,c355 =back -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Fix copypaste error in autogen.sh
Signed-off-by: Alex Jia a...@redhat.com --- autogen.sh |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/autogen.sh b/autogen.sh index 86cd496..4b760fa 100755 --- a/autogen.sh +++ b/autogen.sh @@ -12,7 +12,7 @@ DIE=0 (autoconf --version) /dev/null /dev/null 21 || { echo -echo You must have autoconf installed to compile virt-viewer. +echo You must have autoconf installed to compile libvirt-sandbox. echo Download the appropriate package for your distribution, echo or see http://www.gnu.org/software/autoconf; DIE=1 @@ -21,7 +21,7 @@ DIE=0 (automake --version) /dev/null /dev/null 21 || { echo DIE=1 -echo You must have automake installed to compile virt-viewer. +echo You must have automake installed to compile libvirt-sandbox. echo Download the appropriate package for your distribution, echo or see http://www.gnu.org/software/automake; } -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Avoid segfault if broadcast address is NULL
It seems the broadcast address parameter is not optional now, if users haven't specified the broadcast address to the network interface then a segfault will be raised. This patch is just a temporary solution to avoid segfault, and with the patch, users will get a expected error Unable to parse networks: Unable to parse broadcast address (null), of course, a better patch should automatically generate a broadcast address according to actual ip address. But AFAIK, the IPv6 hasn't defined broadcast address, so it needs to do address protocol judgement firstly, I will try to implement it later. * How to reproduce? # virt-sandbox -c lxc:/// --network address=192.168.122.1 /bin/sh or # virt-sandbox -c lxc:/// --network address=192.168.122.1/24 /bin/sh Signed-off-by: Alex Jia a...@redhat.com --- libvirt-sandbox/libvirt-sandbox-config.c |8 1 files changed, 8 insertions(+), 0 deletions(-) diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 3dc453a..f392f4b 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -873,6 +873,14 @@ gboolean gvir_sandbox_config_add_network_strv(GVirSandboxConfig *config, goto cleanup; } +if (!bcast) { +g_set_error(error, GVIR_SANDBOX_CONFIG_ERROR, 0, +Unable to parse broadcast address %s, bcast); +g_free(primary); +goto cleanup; + +} + if (!(bcastaddr = g_inet_address_new_from_string(bcast))) { g_set_error(error, GVIR_SANDBOX_CONFIG_ERROR, 0, Unable to parse address %s, bcast); -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Avoid segfault if broadcast address is NULL
On 03/14/2013 07:16 PM, Daniel P. Berrange wrote: On Thu, Mar 14, 2013 at 07:00:43PM +0800, Alex Jia wrote: It seems the broadcast address parameter is not optional now, if users haven't specified the broadcast address to the network interface then a segfault will be raised. This patch is just a temporary solution to avoid segfault, and with the patch, users will get a expected error Unable to parse networks: Unable to parse broadcast address (null), of course, a better patch should automatically generate a broadcast address according to actual ip address. But AFAIK, the IPv6 hasn't defined broadcast address, so it needs to do address protocol judgement firstly, I will try to implement it later. I think that if you don't explicitly set a broadcast address, then the kernel will set one on the device based on its address/netmask. So I think you can just allow a NULL bcast value everywhere in virt-sandbox code. Daniel Daniel, got it and thanks for your nice comments, but I think a segmentation fault (core dumped) isn't very friendly for users after all, or should we apply a patch to allow NULL in g_inet_address_new_from_string()? Regards, Alex -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] docs: correct libvirt sandbox command naming
Signed-off-by: Alex Jia a...@redhat.com --- docs/testing.txt | 12 ++-- 1 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/testing.txt b/docs/testing.txt index 54106bb..13724b3 100644 --- a/docs/testing.txt +++ b/docs/testing.txt @@ -11,27 +11,27 @@ For all tests, repeat with both KVM and LXC, eg a. No I/O, with TTY - libvirt-sandbox /bin/false + virt-sandbox /bin/false b. Output only, with TTY - libvirt-sandbox /bin/date + virt-sandbox /bin/date c. Input/output, with TTY - libvirt-sandbox /bin/sh + virt-sandbox /bin/sh d. No I/O, without TTY - libvirt-sandbox /bin/false /dev/null /dev/null + virt-sandbox /bin/false /dev/null /dev/null e. Output only, without TTY - libvirt-sandbox /bin/date date.txt + virt-sandbox /bin/date date.txt f. Input/output, without TTY - libvirt-sandbox /bin/cat src.txt dst.txt + virt-sandbox /bin/cat src.txt dst.txt 2. Filesystem config -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] docs: fix some typos in architecture.txt
Signed-off-by: Alex Jia a...@redhat.com --- docs/architecture.txt | 16 1 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/architecture.txt b/docs/architecture.txt index 16bffad..c227cbd 100644 --- a/docs/architecture.txt +++ b/docs/architecture.txt @@ -17,7 +17,7 @@ Thus the foundation of the sandbox is the host filesystem passthrough capabiliti of the virtualization technology. There needs to be the ability to pass the entire root filesystem of the host through to the virtual domain in readonly mode. There are then zero or more additional host locations passed through in read-write mode, -to be mounted at the specific locations in the virtual donain to which the application +to be mounted at the specific locations in the virtual domain to which the application will require write access. The host and guest paths for the additional locations need not, and typically will not, be the same. @@ -136,7 +136,7 @@ second problem is that the primary console is typically operating in a non-raw mode initially, which means that any data sent from the host to the guest is automatically echoed back out. This is not desirable, since the application to be run needs to be in charge of -this. Thus it is often neccessary to put the guest console into raw +this. Thus it is often necessary to put the guest console into raw mode. Unfortunately with a virtual machine based sandbox, there is no way to tell the kernel to put its console in raw mode from the moment it boots. Thus it is critical to prevent the host from sending @@ -157,11 +157,11 @@ sequences to be sent. Any literal '\' in the stream is itself escaped as '\\'. Initially the host process starts off in receive mode only. ie it will -not attmpt to send any data to the virtual guest. +not attempt to send any data to the virtual guest. If the sandbox successfully starts the application, the magic byte sequence xoqpuɐs will be transmitted from the guest to the host. -This byte sequence is guarenteed to be the first data sent from the +This byte sequence is guaranteed to be the first data sent from the guest to the host in normal circumstances. Thus if the host process receives any other byte sequences it knows that sandbox startup has failed. In this case, further data received from the guest should @@ -181,14 +181,14 @@ Kernels and initrds For application sandboxes based on virtual machines, a kernel and initrd is required to boot the guest. The goal once again is to run -the same kernel in the guest, as curently runs on the host OS. The +the same kernel in the guest, as currently runs on the host OS. The initrd though, will typically need to be different, since at the time of writing all distro initrd's lack the ability to boot from a 9p based host filesystem. In addition startup performance of the virtual machine startup is absolutely critical. The hardware configured for the virtual machine -is well known ahead of time, thus a highly targetted initrd can be +is well known ahead of time, thus a highly targeted initrd can be built and all hardware probing can be avoided. In fact all that is required is an initrd containing a 9p module and the virtio-net modules (and their dependencies). @@ -227,14 +227,14 @@ inefficiency in libvirt probing QEMU command line arguments. The kernel command line is tuned in an attempt to minimize the time it spends initializing hardware - - loglevel=0 - to supress all extraneous kernel output on the primary + - loglevel=0 - to suppress all extraneous kernel output on the primary console which would get mixed up with application data - quiet - as above - edd=off- stop probing for EDD support which does not exist for QEMU - noreplace-smp - don't attempt to switch SMP alternatives, which wastes many cycles - pci=noearly - minimize time spent initializing the PCI bus - - cgroup_disable=memory - don't waste time on unsed subsystem + - cgroup_disable=memory - don't waste time on unused subsystem Still todo -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] docs: fix some typos in TODO
Signed-off-by: Alex Jia a...@redhat.com --- TODO |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/TODO b/TODO index 1ac37a0..fc63361 100644 --- a/TODO +++ b/TODO @@ -12,10 +12,10 @@ If we run a syslog within the container will it get messages from the outside? EXECUTE: virt-sandbox-service execute --command BLAH does not work. We need to have the ability to execute any random command within the container, and get stdin, stdout, stderror outside the container. (Partially Completed) -Still needs kernel to implement missing container namespace files under /proc/PID/ns, Also need a mechansm to get the PID of systemd from libvirt. +Still needs kernel to implement missing container namespace files under /proc/PID/ns, Also need a mechanism to get the PID of systemd from libvirt. HOSTNAME: - Currently if I execute hostname within the conatiner it sees the name of the host not the name based on the container name or the IP Address associated with dhclient. (Completed) + Currently if I execute hostname within the container it sees the name of the host not the name based on the container name or the IP Address associated with dhclient. (Completed) virt-sandbox-service connect NAME hangs when you attempt to end the connection. ^d should bring you back to the host terminal. -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Release of libvirt-1.0.0
On 11/02/2012 07:13 PM, Daniel Veillard wrote: On Fri, Nov 02, 2012 at 06:30:50PM +0800, Alex Jia wrote: On 11/02/2012 01:13 PM, Daniel Veillard wrote: [...] improvements, but for a change I would like to point out the silent work of our translators communities, work being done in the framework of Transifex: https://www.transifex.com/projects/p/libvirt/ we have around 10 languages with near complete translation, historically we had 2 complete localization : japanese and ukrainian at 100% and Congratulations!! about Chinese? :) Simplified Chinese is at 37%, Osier created the team, I'm not sure there is other contributors though: https://www.transifex.com/projects/p/libvirt/language/zh_CN/ Osier, Great! Daniel, thanks :) Daniel -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Release of libvirt-1.0.0
On 11/02/2012 01:13 PM, Daniel Veillard wrote: Well we just crossed that important milestone in the life of any project, so congratulation everybody the 1.0.0 release is out !!! For a bit of history, this is actually the 7th birthday of the project accounted from the first commit, on Nov 2 2005, public from day one ! CVS converted commit labelled Initial revision 2005-11-02 20:50:21 At the time I had one hypervisor (Xen) to play with, and except the general idea and some of the earlier entry point there is nothing left from that first commit, and that is just fine :-) ! Anyway back to useful informations, the release is as usual at: ftp://libvirt.org/libvirt/ as a tarball and signed rpms. For just over a month of development we are at nearly 350 commits so the pace is apparently not slowing down! There is a number of important improvements, but for a change I would like to point out the silent work of our translators communities, work being done in the framework of Transifex: https://www.transifex.com/projects/p/libvirt/ we have around 10 languages with near complete translation, historically we had 2 complete localization : japanese and ukrainian at 100% and Congratulations!! about Chinese? :) Alex updating within hours of a new pot source file being pushed, in the last month 5 new indian languages have completed, and various others have made significant improvements. So to those group of people helping mostly silently in the background I want to say Thank You, your work makes a difference !!! Features: - virNodeGetCPUMap: Define public API. (Viktor Mihajlovski) - Add systemd journal support (Daniel P. Berrange) - Add a qemu capabilities cache manager (Daniel P. Berrange) - USB migration support (Jiri Denemark) - various improvement and fixes when using QMP QEmu interface - Support for Xen 4.2 (Jim Fehlig) - Lot of localization enhancements (Transifex teams) Documentation: - net-update docs: s/domain/network/ (Michal Privoznik) - docs: libvirtd no longer uses abstract namespace (Eric Blake) - documentation: HTML tag fix (Philipp Hahn) - virsh: Fix POD syntax (Jiri Denemark) - docs: Fix installation of internals/*.html (Cole Robinson) - docs: virsh: clarify behavior of send-key (Cole Robinson) - maint: fix license on polkit script (Eric Blake) - doc: Sort out the relationship betweenvcpu,vcpupin, andemulatorpin (Osier Yang) - Tweak comments in the policykit rules file (Cole Robinson) - Various typos and misspellings (Ján Tomko) - qemu: Fix misleading comment for qemuDomainObjBeginJobWithDriver() (Peter Krempa) - Correct name of domain/pm/suspend-to-mem in docs (Zeeshan Ali (Khattak)) - doc: update description about user/group in qemu.conf (Marcelo Cerri) - docs: Drop useless/p in drvphyp.html.in (Michal Privoznik) - docs: fix links in migration.html TOC (Eric Blake) - doc: Add Maven repository to Java bindings documentation (Wido den Hollander) - docs: rudimentary phyp documentation (Eric Blake) - doc: update description about security labels on formatdomain.html (Marcelo Cerri) - Add note about numeric domain names to manpage (Dave Allan) - Fix typo in header file comment (Daniel P. Berrange) - Update how to compile with -Werror (Doug Goldstein) - node_memory: Improve the docs (Osier Yang) Portability: - Don't assume pid_t is the same size as an int (Daniel P. Berrange) - build: Fix RPM build for non-x86 platforms (Viktor Mihajlovski) - build: fix linking with systemtap probes (Eric Blake) - parallels: fix build for some older compilers (Laine Stump) - Fix build with apparmor (Jiri Denemark) - build: use correct printf types for uid/gid (Eric Blake) - spec: Fix multilib issue with systemtap tapsets (Cole Robinson) - spec: Require newer sanlock on recent distros 2 (Jiri Denemark) - spec: Add runtime requirement for libssh2 (Peter Krempa) - spec: Require newer sanlock on recent distros (Jiri Denemark) - locking: Fix build with sanlock 2.4 (Jiri Denemark) - Fix virProcessKillPainfully on Win32 (Daniel P. Berrange) - Properly parse (unsigned) long long (Guido Günther) - win32: Pretend that close-on-exec works (Matthias Bolte) - build: fix VPATH builds (Eric Blake) - build: avoid journald on rhel 5 (Eric Blake) - build: fix bitmap conversion when !CPU_ALLOC (Eric Blake) - Fix compilation of legacy xen driver with Xen 4.2 (Jim Fehlig) - build: fix detection of netcf linked with libnl1 (Christophe Fergeau) Bug Fixes: - qemu: QMP capabilities support starts with 1.2 (Doug Goldstein) - Linux Containers are not allowed to create device nodes. (Dan Walsh) - qemu: Fix name comparison in qemuMonitorJSONBlockIoThrottleInfo() (Stefan Hajnoczi) - qemu: Keep QEMU host drive prefix in BlkIoTune (Stefan Hajnoczi) - iohelper: fdatasync() at the end (Michal Privoznik) - conf: Fix private symbols exported by files in conf (Peter Krempa) - Fix arch detection for qemu-system-i386 with QMP (Daniel P. Berrange) - build: prefer mkostemp for multi-thread safety (Eric Blake) - qemu: Fix
[libvirt] [PATCH] conf: avoid libvirt crash with empty address guestfwd channel
The 'def-target.addr' hasn't been initialized in virDomainChrDefNew() and its value is always '0x', in addition, the following test scenario hasn't also include 'port' element in channel XML block, so the branch 'if (addrStr == NULL)' is hit in virDomainChrDefParseTargetXML(), the programming jumps to 'error' label to release relevant resources, and the statement 'if (VIR_ALLOC(def-target.addr) 0)' hasn't been executed then the virDomainChrDefFree() will free 'def-target.addr'(0x) via VIR_FREE(), which results in libvirt crash, to use valgrind can also find a 'Invalid free() / delete / delete[]' error. This patch just adjusts codes order to initialize 'def-target.addr' firstly. With this patch, libvirt hasn't crash and can get a expected error message XML error: guestfwd channel does not define a target address. How to reproduce? 1. define a guest with the following channel XML configuration $ cat foo.xml snip channel type='pty' target type='guestfwd'/ /channel /snip $ virsh define foo.xml 2. actual result error: Failed to define domain from /tmp/foo.xml error: End of file while reading data: Input/output error error: Failed to reconnect to the hypervisor GDB debugger information: snip Breakpoint 1, virDomainChrDefFree (def=0x7f8ab000ec70) at conf/domain_conf.c:1264 ...ignore 1264{ (gdb) p def-target $2 = {port = -1, addr = 0x, name = 0x Address 0x out of bounds} /snip RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=856489 Signed-off-by: Alex Jia a...@redhat.com --- src/conf/domain_conf.c | 10 +- 1 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 2f8e5d2..02048c7 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -5231,6 +5231,11 @@ virDomainChrDefParseTargetXML(virCapsPtr caps, addrStr = virXMLPropString(cur, address); portStr = virXMLPropString(cur, port); +if (VIR_ALLOC(def-target.addr) 0) { +virReportOOMError(); +goto error; +} + if (addrStr == NULL) { virReportError(VIR_ERR_XML_ERROR, %s, _(guestfwd channel does not @@ -5238,11 +5243,6 @@ virDomainChrDefParseTargetXML(virCapsPtr caps, goto error; } -if (VIR_ALLOC(def-target.addr) 0) { -virReportOOMError(); -goto error; -} - if (virSocketAddrParse(def-target.addr, addrStr, AF_UNSPEC) 0) goto error; -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] conf: avoid libvirt crash with empty address guestfwd channel
- Original Message - From: Alex Jia a...@redhat.com To: libvir-list@redhat.com Cc: Alex Jia a...@redhat.com Sent: Friday, September 14, 2012 12:23:56 AM Subject: [libvirt][PATCH] conf: avoid libvirt crash with empty address guestfwd channel The 'def-target.addr' hasn't been initialized in virDomainChrDefNew() and its value is always '0x', in addition, the following test scenario hasn't also include 'port' element in channel XML block, so the branch s/port/address/. 'if (addrStr == NULL)' is hit in virDomainChrDefParseTargetXML(), the programming jumps to 'error' label to release relevant resources, and the statement 'if (VIR_ALLOC(def-target.addr) 0)' hasn't been executed then the virDomainChrDefFree() will free 'def-target.addr'(0x) via VIR_FREE(), which results in libvirt crash, to use valgrind can also find a 'Invalid free() / delete / delete[]' error. This patch just adjusts codes order to initialize 'def-target.addr' firstly. With this patch, libvirt hasn't crash and can get a expected error message XML error: guestfwd channel does not define a target address. How to reproduce? 1. define a guest with the following channel XML configuration $ cat foo.xml snip channel type='pty' target type='guestfwd'/ /channel /snip $ virsh define foo.xml 2. actual result error: Failed to define domain from /tmp/foo.xml error: End of file while reading data: Input/output error error: Failed to reconnect to the hypervisor GDB debugger information: snip Breakpoint 1, virDomainChrDefFree (def=0x7f8ab000ec70) at conf/domain_conf.c:1264 ...ignore 1264{ (gdb) p def-target $2 = {port = -1, addr = 0x, name = 0x Address 0x out of bounds} /snip RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=856489 Signed-off-by: Alex Jia a...@redhat.com --- src/conf/domain_conf.c | 10 +- 1 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 2f8e5d2..02048c7 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -5231,6 +5231,11 @@ virDomainChrDefParseTargetXML(virCapsPtr caps, addrStr = virXMLPropString(cur, address); portStr = virXMLPropString(cur, port); +if (VIR_ALLOC(def-target.addr) 0) { +virReportOOMError(); +goto error; +} + if (addrStr == NULL) { virReportError(VIR_ERR_XML_ERROR, %s, _(guestfwd channel does not @@ -5238,11 +5243,6 @@ virDomainChrDefParseTargetXML(virCapsPtr caps, goto error; } -if (VIR_ALLOC(def-target.addr) 0) { -virReportOOMError(); -goto error; -} - if (virSocketAddrParse(def-target.addr, addrStr, AF_UNSPEC) 0) goto error; -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] conf: avoid libvirt crash with empty address guestfwd channel
Thanks and push now. -- Regards, Alex - Original Message - From: Eric Blake ebl...@redhat.com To: Alex Jia a...@redhat.com Cc: libvir-list@redhat.com Sent: Friday, September 14, 2012 12:38:39 AM Subject: Re: [libvirt] [PATCH] conf: avoid libvirt crash with empty address guestfwd channel On 09/13/2012 10:23 AM, Alex Jia wrote: The 'def-target.addr' hasn't been initialized in virDomainChrDefNew() and its value is always '0x', in addition, the following test scenario hasn't also include 'port' element in channel XML block, so the branch 'if (addrStr == NULL)' is hit in virDomainChrDefParseTargetXML(), the programming jumps to 'error' label to release relevant resources, and the statement 'if (VIR_ALLOC(def-target.addr) 0)' hasn't been executed then the virDomainChrDefFree() will free 'def-target.addr'(0x) via VIR_FREE(), which results in libvirt crash, to use valgrind can also find a 'Invalid free() / delete / delete[]' error. This patch just adjusts codes order to initialize 'def-target.addr' firstly. With this patch, libvirt hasn't crash and can get a expected error message XML error: guestfwd channel does not define a target address. ACK. -- Eric Blake ebl...@redhat.com+1-919-301-3266 Libvirt virtualization library http://libvirt.org -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] Can't successfully start libvirtd service
Hi all, I compiled and installed libvirt from upstream, but I can't successfully start libvirtd service recently, for details, please see the following steps: # ./bootstrap ./configure --prefix=/usr make make install Notes, everything is okay. # service libvirtd restart Stopping libvirtd daemon: [FAILED] Starting libvirtd daemon: libvirtd: /usr/lib64/libvirt.so.0: version `LIBVIRT_0.10.2' not found (required by libvirtd) [FAILED] # ll /usr/lib64/libvirt.so.0 lrwxrwxrwx. 1 root root 17 Sep 3 19:26 /usr/lib64/libvirt.so.0 - libvirt.so.0.10.1 # ll src/.libs/libvirt.so.0 lrwxrwxrwx. 1 root root 17 Sep 12 17:58 src/.libs/libvirt.so.0 - libvirt.so.0.10.1 Notes, I can't find a libvirt.so.0.10.2 under the /usr/lib64/ or src/.libs/. Is 'LIBVIRT_0.10.2' a error version? thanks. -- Regards, Alex -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Can't successfully start libvirtd service
Pkrempa help me find a root reason, I have two instances of the library on my host now: # nm -A -D /usr/lib64/libvirt.so.0.10.1 | grep LIBVIRT_0.10. /usr/lib64/libvirt.so.0.10.1: A LIBVIRT_0.10.0 # nm -A -D /usr/lib/libvirt.so.0.10.1 | grep LIBVIRT_0.10. /usr/lib/libvirt.so.0.10.1: A LIBVIRT_0.10.0 /usr/lib/libvirt.so.0.10.1: A LIBVIRT_0.10.2 It's not enough to run ./configure with --prefix=/usr, also should append --libdir=/usr/lib64 or use ./autogen --system, a weird question is ./configure --prefix=/usr worked well for me ago. Pkrempa, thanks a lot! -- Regards, Alex - Original Message - From: Alex Jia a...@redhat.com To: libvir libvir-list@redhat.com Sent: Wednesday, September 12, 2012 6:11:12 PM Subject: [libvirt] Can't successfully start libvirtd service Hi all, I compiled and installed libvirt from upstream, but I can't successfully start libvirtd service recently, for details, please see the following steps: # ./bootstrap ./configure --prefix=/usr make make install Notes, everything is okay. # service libvirtd restart Stopping libvirtd daemon: [FAILED] Starting libvirtd daemon: libvirtd: /usr/lib64/libvirt.so.0: version `LIBVIRT_0.10.2' not found (required by libvirtd) [FAILED] # ll /usr/lib64/libvirt.so.0 lrwxrwxrwx. 1 root root 17 Sep 3 19:26 /usr/lib64/libvirt.so.0 - libvirt.so.0.10.1 # ll src/.libs/libvirt.so.0 lrwxrwxrwx. 1 root root 17 Sep 12 17:58 src/.libs/libvirt.so.0 - libvirt.so.0.10.1 Notes, I can't find a libvirt.so.0.10.2 under the /usr/lib64/ or src/.libs/. Is 'LIBVIRT_0.10.2' a error version? thanks. -- Regards, Alex -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-perl PATCH v2] Virt.xs: fix flag issue on set_scheduler_parameters
- Original Message - From: Daniel P. Berrange berra...@redhat.com To: Eric Blake ebl...@redhat.com Cc: Alex Jia a...@redhat.com, libvir-list@redhat.com Sent: Saturday, September 1, 2012 9:14:50 AM Subject: Re: [libvirt] [libvirt-perl PATCH v2] Virt.xs: fix flag issue on set_scheduler_parameters On Fri, Aug 31, 2012 at 11:49:52AM -0700, Eric Blake wrote: On 08/29/2012 03:03 AM, Alex Jia wrote: From: Alex Jia Alex Jia a...@redhat.com The default flags are inconsistent on both qemuSetSchedulerParameters() and qemuGetSchedulerParameters() in libvirt, the qemuGetSchedulerParameters() always passes 'VIR_DOMAIN_AFFECT_CURRENT' flag to the qemuGetSchedulerParametersFlags(), it should be a expected behavior, but the qemuSetSchedulerParameters() always passes 'VIR_DOMAIN_AFFECT_LIVE' flag to the qemuSetSchedulerParametersFlags(), if users use default flag=0 or explicitly give a 'VIR_DOMAIN_AFFECT_CURRENT' flag to the set_scheduler_parameters() in perl-Sys-Virt, because the flag value is 0, the result is the virDomainSetSchedulerParameters() is called incorrectly. In fact, it's enough to call the qemuSetSchedulerParametersFlags() regardless of what flag is like 'virsh schedinfo' command. But doing this makes it harder to talk to older libvirtd that lacked the new function. I'm not sure whether we want to blindly force the need for the newer function to exist, or whether we should be reproducing the same logic for deciding when to try the older API based on the flags presented by the user. Yeah, the intent of this conditional code in the Perl bindings is to be as conservative as possible. So use the old APIs in all scenarios where they provide the required functionality. Yeah, we should consider to talk to older libvirtd, but I'm not sure which solution is better one: the one is to change 'flag' or relevant codes in libvirt-perl; the other is to unify flag value such as also passing flag 'VIR_DOMAIN_AFFECT_CURRENT' to qemuSetSchedulerParametersFlags() in libvirt? Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Fix a crash when using Open vSwitch virtual ports
On 08/30/2012 01:49 PM, Daniel Veillard wrote: Daniel, BTW, To test this patch again, it works for me :) On Wed, Aug 29, 2012 at 02:44:36PM -0400, Kyle Mestery wrote: Fixup buffer usage when handling VLANs. Also fix the logic used to determine if the virNetDevVlanPtr is valid or not. Fixes crashes in the latest code when using Open vSwitch virtualports. Signed-off-by: Kyle Mesterykmest...@cisco.com --- src/util/virnetdevopenvswitch.c | 26 +- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/src/util/virnetdevopenvswitch.c b/src/util/virnetdevopenvswitch.c index b903ae4..cdbc5ef 100644 --- a/src/util/virnetdevopenvswitch.c +++ b/src/util/virnetdevopenvswitch.c @@ -59,7 +59,7 @@ int virNetDevOpenvswitchAddPort(const char *brname, const char *ifname, char *ifaceid_ex_id = NULL; char *profile_ex_id = NULL; char *vmid_ex_id = NULL; -virBufferPtr buf; +virBuffer buf = VIR_BUFFER_INITIALIZER; virMacAddrFormat(macaddr, macaddrstr); virUUIDFormat(ovsport-interfaceID, ifuuidstr); @@ -79,13 +79,12 @@ int virNetDevOpenvswitchAddPort(const char *brname, const char *ifname, ovsport-profileID) 0) goto out_of_memory; } -if (virtVlan) { -if (VIR_ALLOC(buf) 0) -goto out_of_memory; + +if (virtVlan virtVlan-nTags 0) { /* Trunk port first */ -if (virtVlan-trunk) { -virBufferAddLit(buf, trunk=); +if (virtVlan-trunk == true) { +virBufferAddLit(buf, trunk=); /* * Trunk ports have at least one VLAN. Do the first one @@ -93,21 +92,21 @@ int virNetDevOpenvswitchAddPort(const char *brname, const char *ifname, * start of the for loop if there are more than one VLANs * on this trunk port. */ -virBufferAsprintf(buf, %d, virtVlan-tag[i]); +virBufferAsprintf(buf, %d, virtVlan-tag[i]); for (i = 1; i virtVlan-nTags; i++) { -virBufferAddLit(buf, ,); -virBufferAsprintf(buf, %d, virtVlan-tag[i]); +virBufferAddLit(buf, ,); +virBufferAsprintf(buf, %d, virtVlan-tag[i]); } } else if (virtVlan-nTags) { -virBufferAsprintf(buf, tag=%d, virtVlan-tag[0]); +virBufferAsprintf(buf, tag=%d, virtVlan-tag[0]); } } cmd = virCommandNew(OVSVSCTL); if (ovsport-profileID[0] == '\0') { virCommandAddArgList(cmd, --, --may-exist, add-port, -brname, ifname, virBufferContentAndReset(buf), +brname, ifname, virBufferCurrentContent(buf), --, set, Interface, ifname, attachedmac_ex_id, --, set, Interface, ifname, ifaceid_ex_id, --, set, Interface, ifname, vmid_ex_id, @@ -116,7 +115,7 @@ int virNetDevOpenvswitchAddPort(const char *brname, const char *ifname, NULL); } else { virCommandAddArgList(cmd, --, --may-exist, add-port, -brname, ifname, virBufferContentAndReset(buf), +brname, ifname, virBufferCurrentContent(buf), --, set, Interface, ifname, attachedmac_ex_id, --, set, Interface, ifname, ifaceid_ex_id, --, set, Interface, ifname, vmid_ex_id, @@ -135,7 +134,8 @@ int virNetDevOpenvswitchAddPort(const char *brname, const char *ifname, ret = 0; cleanup: -VIR_FREE(buf); +if (virBufferUse(buf) 0) +virBufferFreeAndReset(buf); that looks fine up to here, where we could leak in theory, virBufferUse() return the amount of bytes used in the buffer, not if the buffer was allocated. Sounds to me we can use virBufferFreeAndReset() directly without the test VIR_FREE(attachedmac_ex_id); VIR_FREE(ifaceid_ex_id); VIR_FREE(vmid_ex_id); I pushed with that small change, thanks ! Daniel -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [perl-Sys-Virt][PATCH] Virt.xs: fix flag issue on set_scheduler_parameters
On 08/29/2012 02:12 PM, Guannan Ren wrote: On 08/28/2012 11:38 AM, Alex Jia wrote: From: Alex Jia Alex Jia a...@redhat.com The default flags are inconsistent on both qemuSetSchedulerParameters() and qemuGetSchedulerParameters() in libvirt, the qemuGetSchedulerParameters() always passes 'VIR_DOMAIN_AFFECT_CURRENT' flag to the qemuGetSchedulerParametersFlags(), it should be a expected behavior, but the qemuSetSchedulerParameters() always passes 'VIR_DOMAIN_AFFECT_LIVE' flag to the qemuSetSchedulerParametersFlags(), if users use default flag=0 or explicitly give a 'VIR_DOMAIN_AFFECT_CURRENT' flag to the set_scheduler_parameters() in perl-Sys-Virt, because the flag value is 0, the result is the virDomainSetSchedulerParameters() is called incorrectly. Yes, it is a bug. How to reproduce? # cat test.pl #!/usr/bin/env perl use warnings; use strict; use Sys::Virt; my $uri = qemu:///system; my $domname = foo; # change your guest name my $con = Sys::Virt-new(address = $uri, readonly = 0); my $dom = $con-get_domain_by_name($domname); my %sched_param = (Sys::Virt::Domain::SCHEDULER_CPU_SHARES=1); $dom-set_scheduler_parameters(\%sched_param, Sys::Virt::Domain::AFFECT_CURRENT); # perl test.pl libvirt error code: 55, message: Requested operation is not valid: domain is not running Signed-off-by: Alex Jia Alex Jia a...@redhat.com --- Virt.xs |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/Virt.xs b/Virt.xs index 2b8d74c..0ebf95d 100644 --- a/Virt.xs +++ b/Virt.xs @@ -2833,7 +2833,7 @@ set_scheduler_parameters(dom, newparams, flags=0) How about setting flags = -1 as default value. set_scheduler_parameters(dom, newparams, flags=-1) int flags; I don't want to change many codes, so just change condition judgement in here, in fact, it's enough to call virDomainSetSchedulerParametersFlags() regardless of what flag is like 'virsh schedinfo', hence, I trend to remove virDomainSetSchedulerParameters() relevant branch. Thanks, Alex } } vir_typed_param_from_hv(newparams, params, nparams); - if (flags) { + if (flags != 1) { if (flags 0) { virDomainSetSchedulerParameters() } else { virDomainSetSchedulerParametersFlags(); } if (virDomainSetSchedulerParametersFlags(dom, params, nparams, flags) 0) _croak_error(); } else { Your code can work but a little weird in semantics. Guannan -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-perl PATCH v2] Virt.xs: fix flag issue on set_scheduler_parameters
From: Alex Jia Alex Jia a...@redhat.com The default flags are inconsistent on both qemuSetSchedulerParameters() and qemuGetSchedulerParameters() in libvirt, the qemuGetSchedulerParameters() always passes 'VIR_DOMAIN_AFFECT_CURRENT' flag to the qemuGetSchedulerParametersFlags(), it should be a expected behavior, but the qemuSetSchedulerParameters() always passes 'VIR_DOMAIN_AFFECT_LIVE' flag to the qemuSetSchedulerParametersFlags(), if users use default flag=0 or explicitly give a 'VIR_DOMAIN_AFFECT_CURRENT' flag to the set_scheduler_parameters() in perl-Sys-Virt, because the flag value is 0, the result is the virDomainSetSchedulerParameters() is called incorrectly. In fact, it's enough to call the qemuSetSchedulerParametersFlags() regardless of what flag is like 'virsh schedinfo' command. How to reproduce? # cat test.pl #!/usr/bin/env perl use warnings; use strict; use Sys::Virt; my $uri = qemu:///system; my $domname = foo; # change your guest name my $con = Sys::Virt-new(address = $uri, readonly = 0); my $dom = $con-get_domain_by_name($domname); my %sched_param = (Sys::Virt::Domain::SCHEDULER_CPU_SHARES=1); $dom-set_scheduler_parameters(\%sched_param, Sys::Virt::Domain::AFFECT_CURRENT); # perl test.pl libvirt error code: 55, message: Requested operation is not valid: domain is not running Signed-off-by: Alex Jia Alex Jia a...@redhat.com --- Virt.xs | 10 +++--- 1 files changed, 3 insertions(+), 7 deletions(-) diff --git a/Virt.xs b/Virt.xs index 2b8d74c..fa58cc6 100644 --- a/Virt.xs +++ b/Virt.xs @@ -2833,13 +2833,9 @@ set_scheduler_parameters(dom, newparams, flags=0) } } vir_typed_param_from_hv(newparams, params, nparams); - if (flags) { - if (virDomainSetSchedulerParametersFlags(dom, params, nparams, flags) 0) - _croak_error(); - } else { - if (virDomainSetSchedulerParameters(dom, params, nparams) 0) - _croak_error(); - } + + if (virDomainSetSchedulerParametersFlags(dom, params, nparams, flags) 0) + _croak_error(); Safefree(params); -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] security: remove dead code from virSecurityDACGenLabel
* src/security/security_dac.c: remove useless dead code. Signed-off-by: Alex Jia a...@redhat.com --- src/security/security_dac.c |1 - 1 files changed, 0 insertions(+), 1 deletions(-) diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 5de7391..211fb37 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -891,7 +891,6 @@ virSecurityDACGenLabel(virSecurityManagerPtr mgr, case VIR_DOMAIN_SECLABEL_NONE: /* no op */ return 0; -break; default: virReportError(VIR_ERR_INTERNAL_ERROR, _(unexpected security label type '%s'), -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] security: remove dead code from virSecurityDACGenLabel
On 08/29/2012 06:23 PM, Peter Krempa wrote: Gah, I fixed the patch that made dead code from the break; statement on a different machine. ACK. Got it :) push now. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] util: Prevent libvirtd crash
On 08/29/2012 06:45 PM, Laine Stump wrote: On 08/28/2012 07:28 AM, Alex Jia wrote: * src/util/virnetdevopenvswitch.c (virNetDevOpenvswitchAddPort): avoid libvirtd crash due to derefing a NULL virtVlan-tag. RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=852383 Signed-off-by: Alex Jiaa...@redhat.com --- src/util/virnetdevopenvswitch.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/src/util/virnetdevopenvswitch.c b/src/util/virnetdevopenvswitch.c index 601d79e..7d38ff8 100644 --- a/src/util/virnetdevopenvswitch.c +++ b/src/util/virnetdevopenvswitch.c @@ -100,7 +100,8 @@ int virNetDevOpenvswitchAddPort(const char *brname, const char *ifname, virBufferAsprintf(buf, %d, virtVlan-tag[i]); } } else { -virBufferAsprintf(buf, tag=%d, virtVlan-tag[0]); +if (virtVlan-nTags) +virBufferAsprintf(buf, tag=%d, virtVlan-tag[0]); While this does eliminate the crash, it shouldn't have been necessary, and doesn't fix the root cause, which was a couple levels up in the callstack. The real problem is thatnet-vlan was being sent, rather than virDomainNetGetActualVlan(net) (which returns NULL if the vlan info found has no tags). I've sent a separate patch to fix that (I should have caught it during review :-( ): https://www.redhat.com/archives/libvir-list/2012-August/msg01835.html Yes, my patch hasn't resolved a root of issue, fortunately, you find and fix it :) -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] network: get vlan info for Open vSwitch interfaces from proper source
On 08/29/2012 06:43 PM, Laine Stump wrote: This bug was revealed by the crash described in https://bugzilla.redhat.com/show_bug.cgi?id=852383 The vlan info pointer sent to virNetDevOpenvswitchAddPort should never be non-NULL unless there is at least one tag. The factthat such a vlan info pointer was receveid pointed out that a caller was passing the wrong pointer. Instead of sendingnet-vlan, the result of virDomainNetGetActualVlan(net) should be sent - that function will look for vlan info in net-data.network.actual-vlan, and in cany case return NULL instead of a pointer if the vlan info it finds has no tags. Aside from causing the crash, sending a hardcodednet-vlan has the effect of ignoring vlan info from anetwork orportgroup config. --- Since I'm not online in a regular fashion for the next few days (too bad I wasn't online in the 12 hours or so *before* the 0.10.0 release instead of after :-/), I would appreciate if whoever ACKs this could push it. Thanks! Laine, unfortunately, the libvirtd still is crash without my patch after applying your patch :( src/qemu/qemu_command.c | 2 +- src/uml/uml_conf.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 8c32a4d..25f2451 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -258,7 +258,7 @@ qemuNetworkIfaceConnect(virDomainDefPtr def, err = virNetDevTapCreateInBridgePort(brname,net-ifname,net-mac, def-uuid,tapfd, virDomainNetGetActualVirtPortProfile(net), -net-vlan, + virDomainNetGetActualVlan(net), tap_create_flags); virDomainAuditNetDevice(def, net, /dev/net/tun, tapfd= 0); if (err 0) { diff --git a/src/uml/uml_conf.c b/src/uml/uml_conf.c index 5461b42..410f3e2 100644 --- a/src/uml/uml_conf.c +++ b/src/uml/uml_conf.c @@ -141,7 +141,7 @@ umlConnectTapDevice(virConnectPtr conn, if (virNetDevTapCreateInBridgePort(bridge,net-ifname,net-mac, vm-uuid, NULL, virDomainNetGetActualVirtPortProfile(net), -net-vlan, + virDomainNetGetActualVlan(net), VIR_NETDEV_TAP_CREATE_IFUP) 0) { if (template_ifname) VIR_FREE(net-ifname); -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Fix a crash when using Open vSwitch virtual ports
On 08/30/2012 02:44 AM, Kyle Mestery wrote: Fixup buffer usage when handling VLANs. Also fix the logic used to determine if the virNetDevVlanPtr is valid or not. Fixes crashes in the latest code when using Open vSwitch virtualports. Hi Kyle, I just waive my patch then apply Laine and your patch, it works well for me now, so give a ACK. Regards, Alex Signed-off-by: Kyle Mesterykmest...@cisco.com --- src/util/virnetdevopenvswitch.c | 26 +- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/src/util/virnetdevopenvswitch.c b/src/util/virnetdevopenvswitch.c index b903ae4..cdbc5ef 100644 --- a/src/util/virnetdevopenvswitch.c +++ b/src/util/virnetdevopenvswitch.c @@ -59,7 +59,7 @@ int virNetDevOpenvswitchAddPort(const char *brname, const char *ifname, char *ifaceid_ex_id = NULL; char *profile_ex_id = NULL; char *vmid_ex_id = NULL; -virBufferPtr buf; +virBuffer buf = VIR_BUFFER_INITIALIZER; virMacAddrFormat(macaddr, macaddrstr); virUUIDFormat(ovsport-interfaceID, ifuuidstr); @@ -79,13 +79,12 @@ int virNetDevOpenvswitchAddPort(const char *brname, const char *ifname, ovsport-profileID) 0) goto out_of_memory; } -if (virtVlan) { -if (VIR_ALLOC(buf) 0) -goto out_of_memory; + +if (virtVlan virtVlan-nTags 0) { /* Trunk port first */ -if (virtVlan-trunk) { -virBufferAddLit(buf, trunk=); +if (virtVlan-trunk == true) { +virBufferAddLit(buf, trunk=); /* * Trunk ports have at least one VLAN. Do the first one @@ -93,21 +92,21 @@ int virNetDevOpenvswitchAddPort(const char *brname, const char *ifname, * start of the for loop if there are more than one VLANs * on this trunk port. */ -virBufferAsprintf(buf, %d, virtVlan-tag[i]); +virBufferAsprintf(buf, %d, virtVlan-tag[i]); for (i = 1; i virtVlan-nTags; i++) { -virBufferAddLit(buf, ,); -virBufferAsprintf(buf, %d, virtVlan-tag[i]); +virBufferAddLit(buf, ,); +virBufferAsprintf(buf, %d, virtVlan-tag[i]); } } else if (virtVlan-nTags) { -virBufferAsprintf(buf, tag=%d, virtVlan-tag[0]); +virBufferAsprintf(buf, tag=%d, virtVlan-tag[0]); } } cmd = virCommandNew(OVSVSCTL); if (ovsport-profileID[0] == '\0') { virCommandAddArgList(cmd, --, --may-exist, add-port, -brname, ifname, virBufferContentAndReset(buf), +brname, ifname, virBufferCurrentContent(buf), --, set, Interface, ifname, attachedmac_ex_id, --, set, Interface, ifname, ifaceid_ex_id, --, set, Interface, ifname, vmid_ex_id, @@ -116,7 +115,7 @@ int virNetDevOpenvswitchAddPort(const char *brname, const char *ifname, NULL); } else { virCommandAddArgList(cmd, --, --may-exist, add-port, -brname, ifname, virBufferContentAndReset(buf), +brname, ifname, virBufferCurrentContent(buf), --, set, Interface, ifname, attachedmac_ex_id, --, set, Interface, ifname, ifaceid_ex_id, --, set, Interface, ifname, vmid_ex_id, @@ -135,7 +134,8 @@ int virNetDevOpenvswitchAddPort(const char *brname, const char *ifname, ret = 0; cleanup: -VIR_FREE(buf); +if (virBufferUse(buf) 0) +virBufferFreeAndReset(buf); VIR_FREE(attachedmac_ex_id); VIR_FREE(ifaceid_ex_id); VIR_FREE(vmid_ex_id); -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] util: Prevent libvirtd crash
* src/util/virnetdevopenvswitch.c (virNetDevOpenvswitchAddPort): avoid libvirtd crash due to derefing a NULL virtVlan-tag. RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=852383 Signed-off-by: Alex Jia a...@redhat.com --- src/util/virnetdevopenvswitch.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/src/util/virnetdevopenvswitch.c b/src/util/virnetdevopenvswitch.c index 601d79e..7d38ff8 100644 --- a/src/util/virnetdevopenvswitch.c +++ b/src/util/virnetdevopenvswitch.c @@ -100,7 +100,8 @@ int virNetDevOpenvswitchAddPort(const char *brname, const char *ifname, virBufferAsprintf(buf, %d, virtVlan-tag[i]); } } else { -virBufferAsprintf(buf, tag=%d, virtVlan-tag[0]); +if (virtVlan-nTags) +virBufferAsprintf(buf, tag=%d, virtVlan-tag[0]); } } -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] util: Prevent libvirtd crash
Thanks for review, I will update it based on your advise, in addition, the commit message is very common, so also change it to util: Prevent libvirtd crash from virNetDevOpenvswitchAddPort(), push now. -- Regards, Alex - Original Message - From: Eric Blake ebl...@redhat.com To: Alex Jia a...@redhat.com Cc: libvir-list@redhat.com Sent: Tuesday, August 28, 2012 11:25:02 PM Subject: Re: [libvirt] [PATCH] util: Prevent libvirtd crash On 08/28/2012 04:28 AM, Alex Jia wrote: * src/util/virnetdevopenvswitch.c (virNetDevOpenvswitchAddPort): avoid libvirtd crash due to derefing a NULL virtVlan-tag. RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=852383 Signed-off-by: Alex Jia a...@redhat.com --- src/util/virnetdevopenvswitch.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/src/util/virnetdevopenvswitch.c b/src/util/virnetdevopenvswitch.c index 601d79e..7d38ff8 100644 --- a/src/util/virnetdevopenvswitch.c +++ b/src/util/virnetdevopenvswitch.c @@ -100,7 +100,8 @@ int virNetDevOpenvswitchAddPort(const char *brname, const char *ifname, virBufferAsprintf(buf, %d, virtVlan-tag[i]); } } else { -virBufferAsprintf(buf, tag=%d, virtVlan-tag[0]); +if (virtVlan-nTags) You could avoid a level of indentation by using 'else if (virtVlan-nTags)' ACK. -- Eric Blake ebl...@redhat.com+1-919-301-3266 Libvirt virtualization library http://libvirt.org -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-perl PATCH] Fix several APIs
ACK. -- Regards, Alex - Original Message - From: Osier Yang jy...@redhat.com To: libvir-list@redhat.com Sent: Tuesday, August 28, 2012 11:52:24 PM Subject: [libvirt] [libvirt-perl PATCH] Fix several APIs These APIs accept one more argument (flags), which was ignored in the XS implementations. --- Virt.xs | 46 ++ 1 files changed, 26 insertions(+), 20 deletions(-) diff --git a/Virt.xs b/Virt.xs index 2b8d74c..100ca43 100644 --- a/Virt.xs +++ b/Virt.xs @@ -2844,19 +2844,20 @@ set_scheduler_parameters(dom, newparams, flags=0) HV * -get_memory_parameters(dom) +get_memory_parameters(dom, flags=0) virDomainPtr dom; + unsigned int flags; PREINIT: virMemoryParameter *params; int nparams; CODE: nparams = 0; - if (virDomainGetMemoryParameters(dom, NULL, nparams, 0) 0) + if (virDomainGetMemoryParameters(dom, NULL, nparams, flags) 0) _croak_error(); Newx(params, nparams, virMemoryParameter); - if (virDomainGetMemoryParameters(dom, params, nparams, 0) 0) { + if (virDomainGetMemoryParameters(dom, params, nparams, flags) 0) { Safefree(params); _croak_error(); } @@ -2868,45 +2869,47 @@ get_memory_parameters(dom) void -set_memory_parameters(dom, newparams) +set_memory_parameters(dom, newparams, flags=0) virDomainPtr dom; HV *newparams; + unsigned int flags; PREINIT: virTypedParameter *params; int nparams; PPCODE: nparams = 0; - if (virDomainGetMemoryParameters(dom, NULL, nparams, 0) 0) + if (virDomainGetMemoryParameters(dom, NULL, nparams, flags) 0) _croak_error(); Newx(params, nparams, virMemoryParameter); - if (virDomainGetMemoryParameters(dom, params, nparams, 0) 0) { + if (virDomainGetMemoryParameters(dom, params, nparams, flags) 0) { Safefree(params); _croak_error(); } vir_typed_param_from_hv(newparams, params, nparams); - if (virDomainSetMemoryParameters(dom, params, nparams, 0) 0) + if (virDomainSetMemoryParameters(dom, params, nparams, flags) 0) _croak_error(); Safefree(params); HV * -get_numa_parameters(dom) +get_numa_parameters(dom, flags) virDomainPtr dom; + unsigned int flags; PREINIT: virTypedParameter *params; int nparams; CODE: nparams = 0; - if (virDomainGetNumaParameters(dom, NULL, nparams, 0) 0) + if (virDomainGetNumaParameters(dom, NULL, nparams, flags) 0) _croak_error(); Newx(params, nparams, virTypedParameter); - if (virDomainGetNumaParameters(dom, params, nparams, 0) 0) { + if (virDomainGetNumaParameters(dom, params, nparams, flags) 0) { Safefree(params); _croak_error(); } @@ -2918,45 +2921,47 @@ get_numa_parameters(dom) void -set_numa_parameters(dom, newparams) +set_numa_parameters(dom, newparams, flags=0) virDomainPtr dom; HV *newparams; + unsigned int flags; PREINIT: virTypedParameter *params; int nparams; PPCODE: nparams = 0; - if (virDomainGetNumaParameters(dom, NULL, nparams, 0) 0) + if (virDomainGetNumaParameters(dom, NULL, nparams, flags) 0) _croak_error(); Newx(params, nparams, virTypedParameter); - if (virDomainGetNumaParameters(dom, params, nparams, 0) 0) { + if (virDomainGetNumaParameters(dom, params, nparams, flags) 0) { Safefree(params); _croak_error(); } vir_typed_param_from_hv(newparams, params, nparams); - if (virDomainSetNumaParameters(dom, params, nparams, 0) 0) + if (virDomainSetNumaParameters(dom, params, nparams, flags) 0) _croak_error(); Safefree(params); HV * -get_blkio_parameters(dom) +get_blkio_parameters(dom, flags=0) virDomainPtr dom; + unsigned int flags; PREINIT: virTypedParameter *params; int nparams; CODE: nparams = 0; - if (virDomainGetBlkioParameters(dom, NULL, nparams, 0) 0) + if (virDomainGetBlkioParameters(dom, NULL, nparams, flags) 0) _croak_error(); Newx(params, nparams, virBlkioParameter); - if (virDomainGetBlkioParameters(dom, params, nparams, 0) 0) { + if (virDomainGetBlkioParameters(dom, params, nparams, flags) 0) { Safefree(params); _croak_error(); } @@ -2968,21 +2973,22 @@ get_blkio_parameters(dom) void -set_blkio_parameters(dom, newparams) +set_blkio_parameters(dom, newparams, flags=0) virDomainPtr dom; HV *newparams; + unsigned int flags; PREINIT: virTypedParameter *params; int nparams; int needString; PPCODE: nparams = 0; - if (virDomainGetBlkioParameters(dom, NULL, nparams, 0) 0) + if (virDomainGetBlkioParameters(dom, NULL,