On 03/01/2012 04:02 AM, Roopa Prabhu wrote:
From: Roopa Prabhuropra...@cisco.com
This patch includes the following changes
- removes some netlink functions which are now available in virnetdev.c
- Adds a vf argument to all port profile functions
For 802.1Qbh devices, the port profile calls can
On 03/01/2012 10:32 AM, Roopa Prabhu wrote:
On 3/1/12 4:39 AM, Stefan Bergerstef...@linux.vnet.ibm.com wrote:
On 03/01/2012 04:02 AM, Roopa Prabhu wrote:
From: Roopa Prabhuropra...@cisco.com
This patch includes the following changes
- removes some netlink functions which are now available
On 03/01/2012 11:32 AM, Roopa Prabhu wrote:
On 3/1/12 7:52 AM, Stefan Bergerstef...@linux.vnet.ibm.com wrote:
On 03/01/2012 10:32 AM, Roopa Prabhu wrote:
On 3/1/12 4:39 AM, Stefan Bergerstef...@linux.vnet.ibm.com wrote:
On 03/01/2012 04:02 AM, Roopa Prabhu wrote:
From: Roopa
On 03/02/2012 10:52 AM, Laine Stump wrote:
On 03/02/2012 09:12 AM, Gerhard Stenzel wrote:
On Thu, 2012-03-01 at 13:02 -0500, Laine Stump wrote:
In the case of hostdev though, there is not necessarily any netdev
driver at all in the host (and thus no linkdev to attach a macvtap
to), certainly
On 03/02/2012 11:37 AM, Gerhard Stenzel wrote:
Letting the guest do the association is an option, which should work
already (even if noone probably tested it yet), but the question is
really how much control should the host have vs the guest. There are
definitely scenarios thinkable where the
On 03/02/2012 12:05 PM, Gerhard Stenzel wrote:
On Fri, 2012-03-02 at 10:52 -0500, Laine Stump wrote:
1) Currently it requires a PCI address (although I plan to add the
ability to accept a netdev name and automatically convert it to a PCI
address):
source
address type='pci' domain='0'
Sending this as an RFC for now...
This patch adds support for the recent ipset iptables extension
to libvirt's nwfilter subsystem. Ipset allows to maintain 'sets'
of IP addresses, ports and other packet parameters and allows for
faster lookup and ('chunked') rule evaluation to achieve higher
David Stevens/Beaverton/IBM@IBMUS wrote on 03/22/2012 01:27:10 PM:
This patch adds DHCP snooping support to libvirt. The learning method
for
IP addresses is specified by setting the ip_learning variable to one
of
any [default] (existing IP learning code), none (static only
addresses)
or
David Stevens/Beaverton/IBM wrote on 03/22/2012 04:22:55 PM:
From: David Stevens/Beaverton/IBM
To: Stefan Berger/Watson/IBM
Cc: Daniel P. Berrange berra...@redhat.com, libvir-list@redhat.com
Date: 03/22/2012 04:23 PM
Subject: Re: [libvirt PATCHv6 1/1] add DHCP snooping
Stefan Berger
David Stevens/Beaverton/IBM wrote on 03/22/2012 07:26:06 PM:
From: David Stevens/Beaverton/IBM
To: Eric Blake ebl...@redhat.com
Cc: libvir-list@redhat.com, Stefan Berger/Watson/IBM@IBMUS
Date: 03/22/2012 07:26 PM
Subject: Re: [libvirt] [libvirt PATCHv6 1/1] add DHCP snooping
Eric Blake
Eric Blake ebl...@redhat.com wrote on 03/22/2012 06:54:31 PM:
On 03/22/2012 04:49 PM, David Stevens wrote:
Stefan Berger/Watson/IBM wrote on 03/22/2012 03:04:53 PM:
I have some concerns about the cancelation of the thread. It can
hold the snoop lock and get cancelled while holding
David Stevens/Beaverton/IBM wrote on 03/22/2012 08:10:44 PM:
From: David Stevens/Beaverton/IBM
To: Stefan Berger/Watson/IBM
Cc: Eric Blake ebl...@redhat.com, libvir-list@redhat.com
Date: 03/22/2012 08:10 PM
Subject: Re: [libvirt] [libvirt PATCHv6 1/1] add DHCP snooping
Stefan Berger
David Stevens/Beaverton/IBM@IBMUS wrote on 03/26/2012 04:25:48 PM:
This patch adds DHCP snooping support to libvirt. The learning method
for
IP addresses is specified by setting the ip_learning variable to one
of
any [default] (existing IP learning code), none (static only
addresses)
or
This patch adds support for the recent ipset iptables extension
to libvirt's nwfilter subsystem. Ipset allows to maintain 'sets'
of IP addresses, ports and other packet parameters and allows for
faster lookup (in the order of O(1) vs. O(n)) and rule evaluation
to achieve higher throughput than
Below code failed to compile on a 32 bit machine with error
typewrappers.c: In function 'libvirt_intUnwrap':
typewrappers.c:135:5: error: logical 'and' of mutually exclusive tests
is always false [-Werror=logical-op]
cc1: all warnings being treated as errors
The patch fixes this error.
On 03/30/2012 03:07 PM, David L Stevens wrote:
This patch adds DHCP snooping support to libvirt. The learning method for
IP addresses is specified by setting the ip_learning variable to one of
any [default] (existing IP learning code), none (static only addresses)
or dhcp (DHCP snooping).
I'd
addresses
+ *
+ * Copyright (C) 2010, 2012 IBM Corp.
+ *
+ * Author:
+ * Stefan Berger stef...@linux.vnet.ibm.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation
With support for multiple IP addresses per interface in place, this patch
now adds support for multiple IP addresses per interface to the DHCP
snooping code.
---
This patch applies to David Stevens's DHCP snooping patch v8 plus the
patch I applied on top of v8.
Testing:
Since the
On 03/30/2012 03:07 PM, David L Stevens wrote:
This patch adds DHCP snooping support to libvirt. The learning method for
IP addresses is specified by setting the ip_learning variable to one of
any [default] (existing IP learning code), none (static only addresses)
or dhcp (DHCP snooping).
This
On 04/09/2012 12:23 PM, Eric Blake wrote:
On 04/06/2012 01:13 PM, Stefan Berger wrote:
Below code failed to compile on a 32 bit machine with error
typewrappers.c: In function 'libvirt_intUnwrap':
typewrappers.c:135:5: error: logical 'and' of mutually exclusive tests
is always false [-Werror
This series of patches adds DHCP snooping support to libvirt's
nwfilter subsystem.
DHCP snooping detects DHCP leases obtained by a VM and automatically
adjusts the network traffic filters to reflect the IP addresses
with which a VM may send its traffic, thus for example preventing
IP address
===
--- /dev/null
+++ libvirt-acl/src/util/viratomic.h
@@ -0,0 +1,91 @@
+/*
+ * viratomic.h: atomic integer operations
+ *
+ * Copyright (C) 2012 IBM Corporation
+ *
+ * Authors:
+ * Stefan Berger stef...@linux.vnet.ibm.com
Implement function to remove all entries of a hash table.
---
src/libvirt_private.syms |1 +
src/util/virhash.c | 25 +
src/util/virhash.h |5 +
3 files changed, 31 insertions(+)
Index: libvirt-acl/src/libvirt_private.syms
With support for multiple IP addresses per interface in place, this patch
now adds support for multiple IP addresses per interface for the DHCP
snooping code.
Testing:
Since the infrastructure I tested this with does not provide multiple IP
addresses per MAC address (anymore), I either had to
addresses
+ *
+ * Copyright (C) 2010, 2012 IBM Corp.
+ *
+ * Author:
+ * Stefan Berger stef...@linux.vnet.ibm.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation
Fix the support for trusted DHCP server in the ebtables code's
hard-coded function applying DHCP only filtering rules:
Rather than using a char * use the more flexible
virNWFilterVarValuePtr that contains the trusted DHCP server(s)
IP address. Process all entries.
Since all callers so far
On 04/13/2012 01:54 PM, dennis jenkins wrote:
On Fri, Apr 13, 2012 at 10:09 AM, Stefan Berger
stef...@linux.vnet.ibm.com mailto:stef...@linux.vnet.ibm.com wrote:
This series of patches adds DHCP snooping support to libvirt's
nwfilter subsystem.
DHCP snooping detects DHCP leases
With support for multiple IP addresses per interface in place, this patch
now adds support for multiple IP addresses per interface for the DHCP
snooping code.
Testing:
Since the infrastructure I tested this with does not provide multiple IP
addresses per MAC address (anymore), I either had to
: IP address map for mapping interfaces to their
+ * detected/expected IP addresses
+ *
+ * Copyright (C) 2010, 2012 IBM Corp.
+ *
+ * Author:
+ * Stefan Berger stef...@linux.vnet.ibm.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify
Display detected IP addresses in the domain XML using the
IP_LEASE variable name. This variable name now becomes
a reserved variable name that can be read only but not set
by the user.
The format of the value is: ip addresss,lease timeout in seconds
An example of a displayed XML may then be:
===
--- /dev/null
+++ libvirt-acl/src/util/viratomic.h
@@ -0,0 +1,91 @@
+/*
+ * viratomic.h: atomic integer operations
+ *
+ * Copyright (C) 2012 IBM Corporation
+ *
+ * Authors:
+ * Stefan Berger stef...@linux.vnet.ibm.com
Fix the support for trusted DHCP server in the ebtables code's
hard-coded function applying DHCP only filtering rules:
Rather than using a char * use the more flexible
virNWFilterVarValuePtr that contains the trusted DHCP server(s)
IP address. Process all entries.
Since all callers so far
Implement function to remove all entries of a hash table.
---
src/libvirt_private.syms |1 +
src/util/virhash.c | 25 +
src/util/virhash.h |5 +
3 files changed, 31 insertions(+)
Index: libvirt-acl/src/libvirt_private.syms
This series of patches adds DHCP snooping support to libvirt's
nwfilter subsystem.
DHCP snooping detects DHCP leases obtained by a VM and automatically
adjusts the network traffic filters to reflect the IP addresses
with which a VM may send its traffic, thus for example preventing
IP address
On 04/16/2012 03:12 PM, dennis jenkins wrote:
On Mon, Apr 16, 2012 at 10:08 AM, Stefan Berger
stef...@linux.vnet.ibm.com mailto:stef...@linux.vnet.ibm.com wrote:
This series of patches adds DHCP snooping support to libvirt's
nwfilter subsystem.
Stefan, David,
Thank you very much
On 04/16/2012 11:08 AM, Stefan Berger wrote:
This patch adds DHCP snooping support to libvirt. The learning method for
IP addresses is specified by setting the ip_learning variable to one of
any [default] (existing IP learning code), none (static only addresses)
or dhcp (DHCP snooping
With support for multiple IP addresses per interface in place, this patch
now adds support for multiple IP addresses per interface for the DHCP
snooping code.
Testing:
Since the infrastructure I tested this with does not provide multiple IP
addresses per MAC address (anymore), I either had to
Implement function to remove all entries of a hash table.
---
src/libvirt_private.syms |1 +
src/util/virhash.c | 25 +
src/util/virhash.h |5 +
3 files changed, 31 insertions(+)
Index: libvirt-acl/src/libvirt_private.syms
: IP address map for mapping interfaces to their
+ * detected/expected IP addresses
+ *
+ * Copyright (C) 2010, 2012 IBM Corp.
+ *
+ * Author:
+ * Stefan Berger stef...@linux.vnet.ibm.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify
This series of patches adds DHCP snooping support to libvirt's
nwfilter subsystem.
DHCP snooping detects DHCP leases obtained by a VM and automatically
adjusts the network traffic filters to reflect the IP addresses
with which a VM may send its traffic, thus for example preventing
IP address
===
--- /dev/null
+++ libvirt-acl/src/util/viratomic.h
@@ -0,0 +1,91 @@
+/*
+ * viratomic.h: atomic integer operations
+ *
+ * Copyright (C) 2012 IBM Corporation
+ *
+ * Authors:
+ * Stefan Berger stef...@linux.vnet.ibm.com
Display detected IP addresses in the domain XML using the
IP_LEASE variable name. This variable name now becomes
a reserved variable name that can be read only but not set
by the user.
The format of the value is: ip addresss,lease timeout in seconds
An example of a displayed XML may then be:
The below patch fixes the following memory leak.
==20624== 24 bytes in 2 blocks are definitely lost in loss record 532 of
1,867
==20624==at 0x4A05E46: malloc (vg_replace_malloc.c:195)
==20624==by 0x38EC27FC01: strdup (strdup.c:43)
==20624==by 0x4EB6BA3: virDomainChrSourceDefCopy
On 04/17/2012 03:03 PM, Eric Blake wrote:
On 04/17/2012 12:55 PM, Stefan Berger wrote:
}
+dest-type = src-type;
+
ACK. No good writing into a union if you forget to also update the
discriminator to say which branch of the union is active. The missing
assignment definitely
On 04/17/2012 03:55 PM, dennis jenkins wrote:
Stefan,
There is a potential bug [1] in the Gentoo package that tracks the
libvirt git repository. I will wait a few days for the Gentoo folks
to sort it out. If not, I will remove the Gentoo libvirt package and
install the latest from git
On 04/18/2012 02:07 PM, Dmitry Guryanov wrote:
PVS driver is 'stateless', like vmware or openvz drivers.
It collects information about domains during startup using
command-line utility prlctl. VMs in PVS identified by UUIDs
or unique names, which can be used as respective fields in
virDomainDef
On 04/18/2012 02:07 PM, Dmitry Guryanov wrote:
Signed-off-by: Dmitry Guryanovdgurya...@parallels.com
---
[...]
*/
@@ -397,6 +459,9 @@ pvsLoadDomain(pvsConnPtr privconn, virJSONValuePtr jobj)
if (pvsAddDomainHardware(dom, jobj2))
goto cleanup_unlock;
+if
On 04/18/2012 02:07 PM, Dmitry Guryanov wrote:
PVS has one serious discrepancy with libvirt: libvirt stores
domain configuration files always in one place, and storage files
in other places (with API of storage pools and storage volumes).
PVS store all domain data in a single directory, for
On 04/18/2012 02:07 PM, Dmitry Guryanov wrote:
To create a new VM in PVS we should issue prlctl create command,
and give path to the directory, where VM should be created. VM's
storage will be in that directory later. So in this first version
find out location of first VM's hard disk and create
On 04/18/2012 04:54 PM, dennis jenkins wrote:
On Tue, Apr 17, 2012 at 6:57 PM, Stefan Berger
stef...@linux.vnet.ibm.com mailto:stef...@linux.vnet.ibm.com wrote:
Let me know when you tested it. I have pretty high confidence in
the correctness of the code now :-)
Regards
On 04/18/2012 08:14 PM, Eric Blake wrote:
We were forgetting to check errno for overflow.
* tools/virsh.c (get_integer_keycode, vshCommandOptInt)
(vshCommandOptUInt, vshCommandOptUL, vshCommandOptLongLong)
(vshCommandOptULongLong): Rewrite to be safer.
---
tools/virsh.c | 66
On 04/18/2012 08:14 PM, Eric Blake wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=617711 reported that
even with my recent patched to allowmemory unit='G'1/memory,
people can still get away with tryingmemory1G/memory and
silently getmemory unit='KiB'1/memory instead. While
On 04/18/2012 08:14 PM, Eric Blake wrote:
Ensure we don't introduce any more lousy integer parsing in new
code, while avoiding a scrub-down of existing legacy code.
Note that we also need to enable sc_prohibit_atoi_atof (see cfg..mk
local-checks-to-sckip) before we are bulletproof, but that
On 04/19/2012 05:27 AM, Daniel Veillard wrote:
On Tue, Apr 17, 2012 at 10:44:04AM -0400, Stefan Berger wrote:
Fix the support for trusted DHCP server in the ebtables code's
hard-coded function applying DHCP only filtering rules:
Rather than using a char * use the more flexible
On 04/19/2012 05:54 AM, Daniel Veillard wrote:
On Tue, Apr 17, 2012 at 10:44:05AM -0400, Stefan Berger wrote:
Index: libvirt-acl/src/conf/nwfilter_params.h
===
--- libvirt-acl.orig/src/conf/nwfilter_params.h
+++ libvirt-acl/src
On 04/19/2012 05:58 AM, Daniel Veillard wrote:
On Tue, Apr 17, 2012 at 10:44:06AM -0400, Stefan Berger wrote:
[...]
Index: libvirt-acl/src/libvirt_private.syms
===
--- libvirt-acl.orig/src/libvirt_private.syms
+++ libvirt-acl/src
This series of patches adds DHCP snooping support to libvirt's
nwfilter subsystem.
DHCP snooping detects DHCP leases obtained by a VM and automatically
adjusts the network traffic filters to reflect the IP addresses
with which a VM may send its traffic, thus for example preventing
IP address
Add 2 new functions to the virSocketAddr 'class':
- virSocketAddrEqual: tests whether two IP addresses and their ports are equal
- virSocketaddSetIPv4Addr: set a virSocketAddr given a 32 bit int
---
src/libvirt_private.syms |2 ++
src/util/virsocketaddr.c | 45
With support for multiple IP addresses per interface in place, this patch
now adds support for multiple IP addresses per interface for the DHCP
snooping code.
Testing:
Since the infrastructure I tested this with does not provide multiple IP
addresses per MAC address (anymore), I either had to
Display detected IP addresses in the domain XML using the
IP_LEASE variable name. This variable name now becomes
a reserved variable name that can be read only but not set
by the user.
The format of the value is: ip addresss,lease timeout in seconds
An example of a displayed XML may then be:
: IP address map for mapping interfaces to their
+ * detected/expected IP addresses
+ *
+ * Copyright (C) 2010, 2012 IBM Corp.
+ *
+ * Author:
+ * Stefan Berger stef...@linux.vnet.ibm.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify
On 04/19/2012 12:05 PM, Dmitry Guryanov wrote:
Parallels Virtuozzo Server is a cloud-ready virtualization
solution that allows users to simultaneously run multiple virtual
machines and containers on the same physical server.
I should have told you yesterday but forgot ... please run a 'make
On 04/19/2012 02:08 PM, Eric Blake wrote:
On 04/17/2012 08:44 AM, Stefan Berger wrote:
For threading support, add atomic add and sub operations working on
integers. Base this on locking support provided by virMutex.
virMutex is very heavyweight. I'd love it if we could use gcc
primitives
This patch improves on the previously added virAtomicInt operations
by testing for the compiler and if GCC = 4.1 (not found in docs prior to
that) is used on Linux and has the appropriate processor (that I have
access to) then use the implementation based on the gcc-builtins.
I also did not look
This patch improves the previously added virAtomicInt implementation
by using gcc-builtins if possible. The needed builtins are available
since GCC = 4.1. At least the 4.0 docs don't mention them.
---
src/util/viratomic.h | 95
++-
1 file
Recent iptables fixes a lot of issues with missing spaces and
other information that was previously not reported properly. To make
the test program and test cases work on old and newer installations
of iptables tools, some adjustments need to be made.
Fix a 'file not found error' when running
Add test cases for the ipset extension.
Since ipset may not be available on all system, the first line of the XML
file containing the test filter has been extended with a specially formatted
XML comment containing a command line test for whether the test case can be
run at all. The format of that
This patch adds support for the recent ipset iptables extension
to libvirt's nwfilter subsystem. Ipset allows to maintain 'sets'
of IP addresses, ports and other packet parameters and allows for
faster lookup (in the order of O(1) vs. O(n)) and rule evaluation
to achieve higher throughput than
On 04/23/2012 05:11 PM, Thomas Woerner wrote:
Add support for firewalld
* bridge_driver, nwfilter_driver: new dbus filters to get FirewallD1.Reloaded
signal and DBus.NameOwnerChanged on org.fedoraproject.FirewallD1
* iptables, ebtables, nwfilter_ebiptables_driver: use firewall-cmd direct
On 04/20/2012 11:56 AM, Laine Stump wrote:
On 04/20/2012 06:44 AM, Stefan Berger wrote:
This patch improves the previously added virAtomicInt implementation
by using gcc-builtins if possible. The needed builtins are available
since GCC= 4.1. At least the 4.0 docs don't mention them.
---
src
On 04/23/2012 05:11 PM, Thomas Woerner wrote:
Add support for firewalld
* bridge_driver, nwfilter_driver: new dbus filters to get FirewallD1.Reloaded
signal and DBus.NameOwnerChanged on org.fedoraproject.FirewallD1
* iptables, ebtables, nwfilter_ebiptables_driver: use firewall-cmd direct
On 04/24/2012 11:27 AM, Daniel P. Berrange wrote:
On Tue, Apr 24, 2012 at 10:20:32AM -0400, Stefan Berger wrote:
On 04/23/2012 05:11 PM, Thomas Woerner wrote:
Add support for firewalld
* bridge_driver, nwfilter_driver: new dbus filters to get FirewallD1.Reloaded
signal
On 04/24/2012 12:11 PM, Daniel P. Berrange wrote:
On Tue, Apr 24, 2012 at 12:01:38PM -0400, Stefan Berger wrote:
Yeah the DBus connection handshake being repeated soo many times, causing
many many context switches for each single rule to be added.
I wonder if firewall-cmd could be extended
On 04/24/2012 12:05 PM, Michal Privoznik wrote:
On 24.04.2012 17:52, Michal Privoznik wrote:
Currently, we are calling memcpy(virtPortProfile, ...) unconditionally.
Which means if virtPortProfile is NULL we SIGSEGV. Therefore, add check
to call memcpy() conditionally.
(gdb) bt
#0
Use embedded buffers for the MAC addresses and the VM's UUID.
---
src/util/virnetdevmacvlan.c | 14 --
1 file changed, 4 insertions(+), 10 deletions(-)
Index: libvirt-acl/src/util/virnetdevmacvlan.c
===
---
On 04/25/2012 07:50 AM, Michal Privoznik wrote:
On 25.04.2012 13:48, Stefan Berger wrote:
Use embedded buffers for the MAC addresses and the VM's UUID.
---
src/util/virnetdevmacvlan.c | 14 --
1 file changed, 4 insertions(+), 10 deletions(-)
ACK
Pushed.
--
libvir-list
On 04/24/2012 12:05 PM, Michal Privoznik wrote:
On 24.04.2012 17:52, Michal Privoznik wrote:
Self NACK; It turned out to be race because it's still reproducible in
some cases: if(virPortProfile) evaluates to true; however gdb still
catches SIGSEGV in memcpy(). Meanwhile, something free()
With support for multiple IP addresses per interface in place, this patch
now adds support for multiple IP addresses per interface for the DHCP
snooping code.
Testing:
Since the infrastructure I tested this with does not provide multiple IP
addresses per MAC address (anymore), I either had to
Display detected IP addresses in the domain XML using the
IP_LEASE variable name. This variable name now becomes
a reserved variable name that can be read only but not set
by the user.
The format of the value is: ip addresss,lease timeout in seconds
An example of a displayed XML may then be:
This series of patches adds DHCP snooping support to libvirt's
nwfilter subsystem.
DHCP snooping detects DHCP leases obtained by a VM and automatically
adjusts the network traffic filters to reflect the IP addresses
with which a VM may send its traffic, thus for example preventing
IP address
to their
+ * detected/expected IP addresses
+ *
+ * Copyright (C) 2010, 2012 IBM Corp.
+ *
+ * Author:
+ * Stefan Berger stef...@linux.vnet.ibm.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published
Add 2 new functions to the virSocketAddr 'class':
- virSocketAddrEqual: tests whether two IP addresses and their ports are equal
- virSocketaddSetIPv4Addr: set a virSocketAddr given a 32 bit int
---
Changes since v12:
- fixed number of bytes compared when checking addresses for equality
---
On 04/25/2012 09:42 AM, Daniel P. Berrange wrote:
On Wed, Apr 25, 2012 at 08:59:46AM -0400, Stefan Berger wrote:
Add 2 new functions to the virSocketAddr 'class':
- virSocketAddrEqual: tests whether two IP addresses and their ports are equal
- virSocketaddSetIPv4Addr: set a virSocketAddr given
This patch addresses the following coverity findings:
/libvirt/src/conf/nwfilter_params.c:157:
deref_parm: Directly dereferencing parameter val.
/libvirt/src/conf/nwfilter_params.c:473:
negative_returns: Using variable iterIndex as an index to array
res-iter.
This patch addresses the following coverity findings:
/libvirt/src/conf/nwfilter_params.c:390:
var_assigned: Assigning: varValue = null return value from
virHashLookup.
/libvirt/src/conf/nwfilter_params.c:392:
dereference: Dereferencing a pointer that might be null varValue when
calling
Anyone have an ACK or comments?
Stefan
On 04/23/2012 08:21 AM, Stefan Berger wrote:
Recent iptables fixes a lot of issues with missing spaces and
other information that was previously not reported properly. To make
the test program and test cases work on old and newer installations
On 04/26/2012 03:50 PM, Eric Blake wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=816662 pointed out
that attempting 'virsh blockpull' on an offline domain gave a
misleading error message about qemu lacking support for the
operation, even when qemu was specifically updated to support it.
On 04/26/2012 04:15 PM, Eric Blake wrote:
Similar to the recent race fix for 'block-stream', it is possible
to set the speed of a block copy job up front thanks to an optional
'speed' parameter to 'drive-mirror'.
* src/qemu/qemu_monitor_json.c (qemuMonitorJSONDriveMirror): Set
speed at job
Below patch fixes the following coverity findings
Error: OVERRUN_STATIC:
/libvirt/src/qemu/qemu_command.c:152:
overrun-buffer-val: Overrunning static array net-mac of size 6 bytes
by passing it as an argument to a function which indexes it at byte
position 15.
On 04/26/2012 04:35 PM, Eric Blake wrote:
And again, this should be:
VIR_ERROR(_(Lookup of value at index %u resulted in a NULL pointer),
cie-curValue);
ACK with those fixes; I'm okay if you push without posting a v2.
Pushed this series.
--
libvir-list mailing list
On 04/26/2012 05:13 PM, Eric Blake wrote:
On 04/23/2012 06:20 AM, Stefan Berger wrote:
+ if [ -n ${cmd} ]; then
+eval ${cmd} 21 1/dev/null
This says output any errors from command to our stdout, and to ignore
normal output of $cmd. Is that what you meant, or did you want to
ignore both
Add test cases for ipset support.
Since ipset may not be available on all system, the first line of the XML
file containing the test filter has been extended with a specially formatted
XML comment containing a command line test for whether the test case can be
run at all. The format of that line
If someone has the time ... I am seeing a memory leak in this code path.
The leak seems to be triggerable by shutting down a VM:
==4717== 40 bytes in 1 blocks are definitely lost in loss record 547 of
1,014
==4717==at 0x4A05E46: malloc (vg_replace_malloc.c:195)
==4717==by
On 04/25/2012 08:59 AM, Stefan Berger wrote:
+
+/*
+ * Create a new Snoop request. Initialize it with the given
+ * interface key. The caller must release the request with a call
+ * to virNWFilerSnoopReqPut(req).
+ */
+static virNWFilterSnoopReqPtr
+virNWFilterSnoopReqNew(const char *ifkey
Fix lxc related coverity findings...
Error: UNINIT:
/libvirt/src/lxc/lxc_driver.c:1412:
var_decl: Declaring variable fd without initializer.
/libvirt/src/lxc/lxc_driver.c:1460:
uninit_use_in_call: Using uninitialized value fd when calling
virFileClose.
/libvirt/src/util/virfile.c:50:
More bug extermination in the category of:
Error: CHECKED_RETURN:
/libvirt/src/conf/network_conf.c:595:
check_return: Calling function virAsprintf without checking return
value (as is done elsewhere 515 out of 543 times).
/libvirt/src/qemu/qemu_process.c:2780:
unchecked_value: No check of
On 04/27/2012 03:17 PM, Eric Blake wrote:
On 04/27/2012 12:34 PM, Stefan Berger wrote:
More bug extermination in the category of:
Error: CHECKED_RETURN:
Maybe worth logging a warning if we see the failure, but since this is
test code, I'm also okay if we just ignore it (as long as the test
On 04/27/2012 11:34 PM, Daniel Veillard wrote:
I'm not really able to make a good review of remaining patches sent
on the list and not pushed today, but I would like to check the pvs
driver set patches before entering the freeze, so I'm postponing it
until after the week-end, possibly on
On 04/28/2012 07:01 AM, Alex Jia wrote:
In fact, the 'tapfd' is always NULL, the function 'virNetDevTapCreate()' hasn't
assign 'fd' to 'tapfd', when the function 'virNetDevSetMAC()' is failed then
goto 'error' lable, finally, the VIR_FORCE_CLOSE() will deref a NULL 'tapfd'.
---
Addressing the following reports:
Error: RESOURCE_LEAK:
/libvirt/src/nodeinfo.c:631:
alloc_fn: Calling allocation function fopen.
/libvirt/src/nodeinfo.c:631:
var_assign: Assigning: cpuinfo = storage returned from
fopen(/proc/cpuinfo, r).
/libvirt/src/nodeinfo.c:640:
leaked_storage: Variable
1 - 100 of 2089 matches
Mail list logo
