Commit Graph

437 Commits

Author SHA1 Message Date
John Ferlan 121c09a90b Replace virNetworkFree with virObjectUnref
Since virNetworkFree will call virObjectUnref anyway, let's just use that
directly so as to avoid the possibility that we inadvertently clear out
a pending error message when using the public API.
2014-12-02 11:03:40 -05:00
John Ferlan 8fb3aee2f8 Replace virDomainFree with virObjectUnref
Since virDomainFree will call virObjectUnref anyway, let's just use that
directly so as to avoid the possibility that we inadvertently clear out
a pending error message when using the public API.
2014-12-02 11:03:40 -05:00
Jiri Denemark 9340528a7f Fix usage of virReportSystemError
virReportSystemError is reserved for reporting system errors, calling it
with VIR_ERR_* error codes produces error messages that do not make any
sense, such as

    internal error: guest failed to start: Kernel doesn't support user
    namespace: Link has been severed

We should prohibit wrong usage with a syntax-check rule.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-11-28 09:42:13 +01:00
Jiri Denemark 1fd8360751 spec: Automatically apply all patches with git
With this change, any patch declared in libvirt.spec with Patch[0-9]* is
automatically applied in %prep. Unlike with the standard %patch[0-9]*,
patches are applied with "git am" to avoid some unexpected results.
However, as a result of this, all patches must be in the right format
for "git am" to be able to apply them; they should ideally be generated
from git using "git format-patch".

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-11-24 10:02:15 +01:00
Eric Blake eb9093763f maint: forbid 'int foo = true'
I noticed this while working on qemuDomainGetBlockInfo.  Assigning
a bool value to an int variable compiles fine, but raises red flags
on the maintenance front as it becomes too easy to assign -1 or 2
or any other non-bool value to the same variable.

* cfg.mk (sc_prohibit_int_assign_bool): New rule.
* src/conf/snapshot_conf.c (virDomainSnapshotRedefinePrep): Fix
offenders.
* src/qemu/qemu_driver.c (qemuDomainGetBlockInfo)
(qemuDomainSnapshotCreateXML): Likewise.
* src/test/test_driver.c (testDomainSnapshotAlignDisks):
Likewise.
* src/util/vircgroup.c (virCgroupSupportsCpuBW): Likewise.
* src/util/virpci.c (virPCIDeviceBindToStub): Likewise.
* src/util/virutil.c (virIsCapableVport): Likewise.
* tools/virsh-domain-monitor.c (cmdDomMemStat): Likewise.
* tools/virsh-domain.c (cmdBlockResize, cmdScreenshot)
(cmdInjectNMI, cmdSendKey, cmdSendProcessSignal)
(cmdDetachInterface): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-11-19 08:20:39 -07:00
Martin Kletzander 343e53abdc bracket-spacing-check: Print out more specific error message
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-11-14 17:13:36 +01:00
Eric Blake 85f2d0dd55 maint: add syntax check to prohibit static zero init
Now that all offenders have been cleaned, turn on a syntax-check
rule to prevent future offenders.

* cfg.mk (sc_prohibit_static_zero_init): New rule.
* src/qemu/qemu_driver.c (qemuDomainBlockJobImpl): Avoid false
positive.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-10-29 09:55:09 -06:00
Daniel P. Berrange a0b6c98d59 Fix preprocessor indentation in libvirt.h.in
The cfg.mk rule for checking preprocessor indentation was
mistakenly missing the libvirt.h.in file due to bad file
extension matching rule. Fix that and the resolve the
incorrect indentation that is identified.
2014-10-24 17:23:52 +01:00
Daniel P. Berrange 653a5e4939 Move virDomain related APIs out of libvirt.h.in
Create a new libvirt-domain.h file to hold the public
API definitions for the virDomain type. This header
file is not self-contained, so applications will not directly
include it. They will continue to #include <libvirt/libvirt.h>
2014-10-24 17:23:32 +01:00
Daniel P. Berrange 0c94d78bb5 Move virStream related APIs out of libvirt.c
Introduce a src/libvirt-stream.c file to hold all the
methods related to the virStream type.
2014-10-24 16:42:49 +01:00
Peter Krempa 92427948b3 maint: Prohibit "devname" by a syntax check rules
and tweak the code to avoid using it.
2014-10-01 16:39:01 +02:00
Daniel P. Berrange 308c0c5a95 Convert polkit code to use DBus API instead of CLI helper
Spawning the pkcheck program every time a permission check is
required is hugely expensive on CPU. The pkcheck program is just
a dumb wrapper for the DBus API, so rewrite the code to use the
DBus API directly. This also simplifies error handling a bit.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-09-24 15:29:22 +01:00
Eric Blake bc7e63d39c maint: tighten curly brace syntax checking
Now that hanging brace offenders have been fixed, we can automate
the check, and document our style.  Done as a separate commit from
code changes, to make it easier to just backport code changes, if
that is ever needed.

* cfg.mk (sc_curly_braces_style): Catch hanging braces.
* docs/hacking.html.in: Document it.
* HACKING: Regenerate.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-04 15:38:00 -06:00
Eric Blake 143cfa8ee8 maint: enforce previous if-else {} cleanups
Done as a separate commit in case earlier cleanups are backported
independently.

* cfg.mk (sc_require_space_before_label): New rule.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-04 14:36:04 -06:00
Martin Kletzander 1734f9e6c0 cfg.mk: allow integers to be assigned a value computed with i|j|k
Even line like this:

int asdf = i - somevar;

was matched by the regex, so this patch adds '=' to the list of
characters that break the regexp.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-08-22 09:12:14 +02:00
Martin Kletzander 93cf8f9861 cleanup spaces between parentheses and braces
And add a syntax-check for '){$'.  It's not perfect, but better than
nothing.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-08-20 14:50:21 +02:00
Jim Fehlig 870c90c70f xen: rename xenxs to xenconfig
src/xenxs contains parsing/formating functions for the various xen
config formats, and is better named src/xenconfig.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-08-18 20:36:24 -06:00
Eric Blake e1f7914d3e maint: simplify some syntax check exemptions
Commit 5028160 accidentally weakened the strtol prohibitions to
skip ALL files under src/util instead of the former situation of
just protecting util/virsexpr.c; even though NONE of the files
in that directory need any protection.

Shorten some long lines while at it.

* cfg.mk (exclude_file_name_regexp--sc_prohibit_strtol): No need
to exclude all of util.
(exclude_file_name_regexp--sc_prohibit_sprintf): Reduce long line.
(exclude_file_name_regexp--sc_prohibit_raw_allocation): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-07-23 14:00:15 -06:00
Michal Privoznik 28d54aab05 examples: Introduce domtop
There's this question on the list that is asked over and over again.
How do I get {cpu, memory, ...} usage in percentage? Or its modified
version: How do I plot nice graphs like virt-manager does?

It would be nice if we have an example to inspire people. And that's
what domtop should do. Yes, it could be written in different ways, but
I've chosen this one as I think it show explicitly what users need to
implement in order to imitate virt-manager's graphing.

Note: The usage is displayed from host perspective. That is, how much
host CPUs the domain is using. But it should be fairly simple to
switch do just guest CPU usage if needed.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-07-18 16:39:54 +02:00
Michal Privoznik 5028160523 Kill last strto{l,ll,d} scouts
There's no need to use it since we have this shiny functions
that even checks for conversion and overflow errors.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-07-18 16:31:47 +02:00
Michal Privoznik f4dc812c9e virNodeParseSocket: Take ARM into account
The virNodeParseSocket() function tries to get socked ID from
'topology/physical_package_id' file. However, on some architectures
the file contains the -1 constant which makes in turn libvirt think
the info extraction was unsuccessful. If that's the case, we need to
overwrite the obtained integer with zero like we are doing for other
architectures.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-20 15:59:08 +02:00
Eric Blake de43582bf5 maint: exempt graphic binaries from syntax check
Roman Bogorodskiy reported a syntax-check failure when using
FreeBSD; complaining that:

prohibit_empty_first_line
tools/libvirt_win_icon_16x16.ico:1:
tools/libvirt_win_icon_32x32.ico:1:
tools/libvirt_win_icon_48x48.ico:1:
tools/libvirt_win_icon_64x64.ico:1:
maint.mk: Prohibited empty first line

In reality, the first 'line' of that file is NOT empty; but since
it is a binary file, awk is not required to handle it gracefully.
The simplest solution is to exempt all image files from syntax
checks in the first place - after all, we only store them in git
because they are inconvenient to regenerate, but they are not our
preferred format for making modifications, and syntax check should
only cover files that we are likely to modify.

* cfg.mk (VC_LIST_ALWAYS_EXCLUDE_REGEX): Exempt images.
(exclude_file_name_regexp--sc_prohibit_empty_lines_at_EOF): Simplify.
(exclude_file_name_regexp--sc_trailing_blank): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-11 08:41:37 -06:00
Martin Kletzander bb5cb873cc maint: prohibit empty first lines
Based on discussion with Eric:

https://www.redhat.com/archives/libvir-list/2014-March/msg01001.html

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-06-06 11:19:50 +02:00
Eric Blake 3cbd3b8e3a maint: detect VPATH builds when checking for gnulib update
I accidentally typed 'make' in the srcdir of a VPATH build, and
was surprised to see this:

$ make
/bin/sh: s/^[ +-]//;s/ .*//: No such file or directory
INFO: gnulib update required; running ./autogen.sh first
make: -n: Command not found
./autogen.sh
I am going to run ./configure with no arguments - if you wish
to pass any to it, please specify them on the ./autogen.sh command line.
running bootstrap...
./bootstrap: Bootstrapping from checked-out libvirt sources...
./bootstrap: getting gnulib files...

Oops - we're trying to execute some fairly bogus command names,
and then trying to configure in-tree (which breaks all existing
VPATH builds, since automake refuses to do a VPATH build if it
detects an in-tree configure).  The third line (executing "-n")
is fixed by updating to the latest gnulib; the rest of the problem
is fixed by copying the same filtering in our cfg.mk as what
gnulib just added, so that we avoid any $(shell) invocations which
in turn depend on variables that are only populated by a working
Makefile.  With that in place, we are back to the much nicer:

$ make
There seems to be no Makefile in this directory.
You must run ./configure before running 'make'.
make: *** [abort-due-to-no-makefile] Error 1

Additionally, although harder to see - there was a trailing space in
the message warning us that autogen would run an in-tree configure.

* .gnulib: Update to latest, in part for maint.mk improvements.
* cfg.mk (_update_required): Don't check for update in
unconfigured directory.
* autogen.sh (no_git): Drop trailing space.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-04 16:06:55 -06:00
Eric Blake d804a58a15 maint: optimize locale.h syntax check
Reusing the maint.mk code allows for a more efficient syntax check
(fewer grep processes), and a more compact representation of what
we are really checking for in commit 1919e35.

* cfg.mk (sc_require_locale_h): Use maint.mk loop instead of
rolling our own.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-04 11:09:12 -06:00
Michal Privoznik 1919e35547 cfg.mk: Introduce rule for setlocale()
In the past we had some issues where setlocale() was called without
corresponding include of locale.h. While on some systems this may
work, on others the compilation failed. We should have a syntax-check
rule for that to prevent this from happening again.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-04 11:56:14 +02:00
Peter Krempa 713cc3b0a7 storage: Move virStorageFileGetMetadata to the storage driver
My future work will modify the metadata crawler function to use the
storage driver file APIs to access the files instead of accessing them
directly so that we will be able to request the metadata for remote
files too. To avoid linking the storage driver to every helper file
using the utils code, the backing chain traversal function needs to be
moved to the storage driver source.

Additionally the virt-aa-helper and virstoragetest programs need to be
linked with the storage driver as a result of this change.
2014-06-03 09:27:23 +02:00
Roman Bogorodskiy ef142d1b9d maint: use $(SED) instead of sed for syntax-check
Some syntax-check rules use GNU sed specific regexps, so make
sure we're using $(SED) instead of sed, which might not be a
GNU sed.
2014-05-12 19:32:08 +01:00
Eric Blake eae00fb59a enforce sane readdir usage
Now that all clients have been adjusted, ensure that no future
misuse of readdir is introduced into the code base.

* cfg.mk (sc_prohibit_readdir): New rule.
* src/util/virfile.c (virDirRead): Exempt the wrapper.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-04-28 17:52:46 -06:00
Daniel P. Berrange 25d5d7057d Add syntax check to validate capitalization of abbreviations
Use a syntax-check rule to force PCI, USB and SCSI instead
of Pci, Usb and Scsi.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-08 11:15:55 +01:00
Eric Blake cbfd9a6170 maint: ensure src/ directory includes are clean
In 'make syntax-check', we have a rule that prevents layering
violations between the various files in src.  However, we
forgot to treat conf/ and the more recently-added access/ as
lower-level directories, and were not detecting cases where
they might have used a driver file.  Also, it's not nice that
qemu can use storage/ but none of the other drivers could do so.

* cfg.mk (sc_prohibit_cross_inclusion): Tighten rules for conf/
and access/, let all other drivers use storage/.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-04-01 10:38:12 -06:00
Matthias Bolte 8f21ae7046 Prohibit Windows special chars in filenames
Using any of these chars [:*?"<>|] in a filename is forbidden on
Windows and breaks git operations on Windows as git is not able
to create those files/directories on clone or pull.

Because some of them can be used in UNIX filenames they tend to
creep into filenames; especially : in PCI/SCSI device names that
are used as filenames in test cases.
2014-03-29 21:14:17 +01:00
Ján Tomko 9af14dadf6 Add a rule for indenting labels
Indent top-level labels by one space.

Add the rule to HACKING and enforce it by syntax-check.
2014-03-25 14:58:41 +01:00
Martin Kletzander 9b7ac663ee Require K&R styled curly braces around function bodies
Although not explicitly requested, we are using K&R (or Kernel)
indentation for curly braces around functions in HACKING file and most
of the code.  Using grep -P, this patch add the syntax-check rule for
it (while skipping all the false positives with foreach constructs).

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-03-20 17:27:17 +01:00
Daniel P. Berrange 2835c1e730 Add virLogSource variables to all source files
Any source file which calls the logging APIs now needs
to have a VIR_LOG_INIT("source.name") declaration at
the start of the file. This provides a static variable
of the virLogSource type.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-03-18 14:29:22 +00:00
Martin Kletzander 11c5c9a930 cfg.mk: Fix whitespaces
Just to align the backslashes with most of the file.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-03-18 13:43:54 +01:00
Ján Tomko 80ac017632 Remove double space in file name comment check
Reported by Martin Kletzander
2014-03-18 13:15:31 +01:00
Martin Kletzander b0cf7d6461 virsh: Prohibit virConnectOpen* functions in virsh
Addition of vshConnect() makes virConnectOpen() functions obsolete in
virsh.  Thus all virsh-*.[ch] files should be left only with
vshConnect() in the case of need.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-03-18 08:27:30 +01:00
Laine Stump c8d6cd853f build: detect/prohibit hardcoded XML indent in syntax-check
This rule wouldn't be able to find any case of a hardcoded indent that
was in the middle of a string, but then virBuffer doesn't add
indentation in the middle of a string either.
2014-03-14 00:02:43 -06:00
Ján Tomko 9b9d7704b5 Change file names in comments to match the files they are in
Some of these are leftovers from renaming the files, others
are just typos.

Also introduce an ugly awk script to enforce this.
2014-03-10 14:26:04 +01:00
Ján Tomko 855e9faa19 Add tests for virUSBDeviceFind functions
Mock the /sys/bus/usb directory and test the finding
(and not finding) of some USB devices.
2014-03-03 14:35:22 +01:00
Daniel P. Berrange 590029f672 Introduce new OOM testing support
The previous OOM testing support would re-run the entire "main"
method each iteration, failing a different malloc each time.
When a test suite has 'n' allocations, the number of repeats
requires is  (n * (n + 1) ) / 2.  This gets very large, very
quickly.

This new OOM testing support instead integrates at the
virtTestRun level, so each individual test case gets repeated,
instead of the entire test suite. This means the values of
'n' are orders of magnitude smaller.

The simple usage is

   $ VIR_TEST_OOM=1 ./qemuxml2argvtest
   ...
   29) QEMU XML-2-ARGV clock-utc                                         ... OK
       Test OOM for nalloc=36 .................................... OK
   30) QEMU XML-2-ARGV clock-localtime                                   ... OK
       Test OOM for nalloc=36 .................................... OK
   31) QEMU XML-2-ARGV clock-france                                      ... OK
       Test OOM for nalloc=38 ...................................... OK
   ...

the second lines reports how many mallocs have to be failed, and thus
how many repeats of the test will be run.

If it crashes, then running under valgrind will often show the problem

  $ VIR_TEST_OOM=1 ../run valgrind ./qemuxml2argvtest

When debugging problems it is also helpful to select an individual
test case

  $ VIR_TEST_RANGE=30 VIR_TEST_OOM=1 ../run valgrind ./qemuxml2argvtest

When things get really tricky, it is possible to request that just
specific allocs are failed. eg to fail allocs 5 -> 12, use

  $ VIR_TEST_RANGE=30 VIR_TEST_OOM=1:5-12 ../run valgrind ./qemuxml2argvtest

In the worse case, you might want to know the stack trace of the
alloc which was failed then VIR_TEST_OOM_TRACE can be set. If it
is set to 1 then it will only print if it thinks a mistake happened.
This is often not reliable, so setting it to 2 will make it print
the stack trace for every alloc that is failed.

  $ VIR_TEST_OOM_TRACE=2 VIR_TEST_RANGE=30 VIR_TEST_OOM=1:5-5 ../run valgrind ./qemuxml2argvtest
  30) QEMU XML-2-ARGV clock-localtime                                   ... OK
      Test OOM for nalloc=36 !virAllocN
  /home/berrange/src/virt/libvirt/src/util/viralloc.c:180
  virHashCreateFull
  /home/berrange/src/virt/libvirt/src/util/virhash.c:144
  virDomainDefParseXML
  /home/berrange/src/virt/libvirt/src/conf/domain_conf.c:11745
  virDomainDefParseNode
  /home/berrange/src/virt/libvirt/src/conf/domain_conf.c:12646
  virDomainDefParse
  /home/berrange/src/virt/libvirt/src/conf/domain_conf.c:12590
  testCompareXMLToArgvFiles
  /home/berrange/src/virt/libvirt/tests/qemuxml2argvtest.c:106
  virtTestRun
  /home/berrange/src/virt/libvirt/tests/testutils.c:250
  mymain
  /home/berrange/src/virt/libvirt/tests/qemuxml2argvtest.c:418 (discriminator 2)
  virtTestMain
  /home/berrange/src/virt/libvirt/tests/testutils.c:750
  ??
  ??:0
  _start
  ??:?
   FAILED

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-02-20 15:36:10 +00:00
Peter Krempa 8f4091d677 qemu: Switch snapshot deletion to the new API functions
Use the new storage driver APIs to delete snapshot backing files in case
of failure instead of directly relying on "unlink". This will help us in
the future when we will be adding network based storage without local
representation in the host.
2014-02-14 11:07:29 +01:00
Yuto KAWAMURA(kawamuray) 4f32c5f793 Introduce Libvirt Wireshark dissector
Introduce Wireshark dissector plugin which adds support to Wireshark
for dissecting libvirt RPC protocol.
Added following files to build Wireshark dissector from libvirt source
tree.
* tools/wireshark/*: Source tree of Wireshark dissector plugin.

Added followings to configure.ac or Makefile.am.
configure.ac
* --with-wireshark-dissector: Enable support for building Wireshark
  dissector.
* --with-ws-plugindir: Specify wireshark plugin directory that dissector
  will installed.
* Added tools/wireshark/{Makefile,src/Makefile} to  AC_CONFIG_FILES.
Makefile.am
* Added tools/wireshark/ to SUBDIR.
2014-01-20 17:09:41 +01:00
Eric Blake 42358e3a0a maint: replace remaining virLib*Error with better names
Finish the cleanup of libvirt.c; all uses of virLib*Error have
now been converted to more canonical conventions.

* src/libvirt.c: Use virReportError in remaining errors.
(virLibConnError, virLibDomainError): Delete unused macros.
* cfg.mk (msg_gen_function): Drop unused names.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-16 12:30:59 -07:00
Michal Privoznik e26cae6b85 examples: Resurrect domsuspend example
This partially reverts 5eb4b04211 and 62774afb6b.

Rewrite the domsuspend example from scratch. This time do it right.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2013-12-24 17:17:35 +01:00
Daniel P. Berrange 950c2a550f Move examples/domain-events/event-c to examples/object-events
The domain events demo program isn't really tied to domain
events anymore, so rename it to object events.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-12-13 16:07:54 +00:00
Cédric Bosdonnat de463feb97 virObject-ified virDomainEvent
Added a parent class virObjectEvent for future event types
2013-12-10 12:05:06 +00:00
Cédric Bosdonnat 146434efad Renamed virDomainEventState to virObjectEventState
Leave virDomainEventRegister and its Deregister brother as these are
legacy functions only for domain lifecycle events.
2013-12-10 11:35:34 +00:00
Peter Krempa df36af589f maint: Kill usage of atoi()
Kill the use of atoi() and introduce syntax check to forbid it and it's
friends (atol, atoll, atof, atoq).

Also fix a typo in variable name holding the cylinders count of a disk
pool (apparently unused).

examples/domsuspend/suspend.c will need a larger scale refactor as the
whole example file is broken thus it will be exempted from the syntax
check for now.
2013-12-04 18:56:06 +01:00
Daniel P. Berrange a7a1244a73 Remove python binding
The python binding now lives in

  http://libvirt.org/git/?p=libvirt-python.git

that repo also provides an RPM which is upgrade compatible
with the old libvirt-python sub-RPM.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-11-25 16:08:00 +00:00
Michal Privoznik 21685c955e virpcitest: Introduce testVirPCIDeviceReset
This addition, however, requires some refactoring to be done.  First of
all, to match the best practice we should detach the device prior
resetting it. That's why testVirPCIDeviceDetach is detaching all devices
within 0000:00:01.0 and 0000:00:03.0 range. Then, the brand new test
will reset the 0000:00:02.0 device, so the last testVirPCIDeviceReattach
can reattach all the devices back.

In order to perform a PCI device reset, the dummy config file is not
sufficient anymore and must be replaced with real PCI config (binary
mess). Such config files are to be stored under tests/virpcitestdata/
and ought to have '.config' suffix.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2013-11-06 09:34:17 +01:00
Michal Privoznik 25527ae25c virpcitest: Test virPCIDeviceDetach
This commit introduces yet another test under virpcitest:
virPCIDeviceDetach. However, in order to be able to do this, the
virpcimock needs to be extended to model the kernel behavior on PCI
device binding and unbinding (create 'driver' symlinks under the device
tree, check for device ID in driver's ID table, etc.)

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2013-11-04 17:28:48 +01:00
Michal Privoznik d770618842 tests: Introduce virpcitest
Among with this test introduce virpcimock as we need to mock some
syscalls, e.g. redirect open() of a file under /sys/bus/pci to a
stub sysfs tree.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2013-11-04 14:56:56 +01:00
Eric Blake fb8613525d maint: avoid further typedef accidents
To make it easier to forbid future attempts at a confusing typedef
name ending in Ptr that isn't actually a pointer, insist that we
follow our preferred style of 'typedef foo *fooPtr'.

* cfg.mk (sc_forbid_const_pointer_typedef): Enforce consistent
style, to prevent issue fixed in previous storage patch.
* src/conf/capabilities.h (virCapsPtr): Fix offender.
* src/security/security_stack.c (virSecurityStackItemPtr):
Likewise.
* tests/qemucapabilitiestest.c (testQemuDataPtr): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-30 17:02:12 -06:00
Martin Kletzander ecddd7a3c0 build: Fix prohibit_int_ijk (and iijjkk) on RHEL 5
On RHEL 5, make syntax-check was failing because even strings like
'int isTempChain' matched the 'int i' rule.  To be honest, I haven't
found the root cause, but the change added makes it work as expected
and keeps the proper behavior on newer systems as well.
2013-10-22 23:01:18 +01:00
Daniel P. Berrange 71b21f12be Block all use of getenv with syntax-check
The use of getenv is typically insecure, and we want people
to use our wrappers, to force them to think about setuid
needs.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-10-21 14:03:52 +01:00
Eric Blake e79810162a build: syntax check to avoid 'const fooPtr'
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can).  But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).

Now that the code base has been cleaned, enforce it with a syntax
checker.

* cfg.mk (sc_forbid_const_pointer_typedef): New rule.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-14 14:37:26 -06:00
Daniel P. Berrange 6fdafe278d Add test case for virNetServerClient object identity code
Start a test case for the virNetServerClient object, which
initially checks the creation of a virIdentityPtr object.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-09-24 09:37:26 +01:00
Eric Blake e561951d84 tests: check remaining .x files
We have been adding new .x files without keeping the list of
*-structs files up-to-date.  This adds the support for the
recent additions.

In the process of testing this, I also noticed that Fedora 19's
use of dwarves-1.10 (providing pdwtags version 1.9) was producing
a single line on stderr but still giving enough useful info on
stdout that we could check structs; the real goal of checking
stderr separately from stdout was to avoid the bug in dwarves-1.9
where stdout was empty (see bug http://bugzilla.redhat.com/772358).

* src/Makefile.am (struct_prefix, PROTOCOL_STRUCTS): Add missing
struct tests.
(PDWTAGS): Work with Fedora 19 pdwtags.
(lxc_monitor_protocol-struct, lock_protocol-struct): New rules.
* src/lxc_monitor_protocol-structs: New file.
* src/lock_protocol-structs): Likewise.
* cfg.mk (generated_files): Enlarge list.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-09-09 12:04:03 -06:00
Eric Blake ec81852f46 build: enforce makefile conditional style
Automake has builtin support to prevent botched conditional nesting,
but only if you use:
if FOO
else !FOO
endif !FOO

An example error message when using the wrong name:

daemon/Makefile.am:378: error: else reminder (LIBVIRT_INIT_SCRIPT_SYSTEMD_TRUE) incompatible with current conditional: LIBVIRT_INIT_SCRIPT_SYSTEMD_FALSE
daemon/Makefile.am:381: error: endif reminder (LIBVIRT_INIT_SCRIPT_SYSTEMD_TRUE) incompatible with current conditional: LIBVIRT_INIT_SCRIPT_SYSTEMD_FALSE

As our makefiles tend to have quite a bit of nested conditionals,
it's better to take advantage of the benefits of the build system
double-checking that our conditionals are well-nested, but that
requires a syntax check to enforce our usage style.

Alas, unlike C preprocessor and spec files, we can't use indentation
to make it easier to see how deeply nesting goes.

* cfg.mk (sc_makefile_conditionals): New rule.
* daemon/Makefile.am: Enforce the style.
* gnulib/tests/Makefile.am: Likewise.
* python/Makefile.am: Likewise.
* src/Makefile.am: Likewise.
* tests/Makefile.am: Likewise.
* tools/Makefile.am: Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-09-04 09:40:20 -06:00
Peter Krempa 40f1d18fea tools: rename console.[ch] to virsh-console.[ch] and fix coding style 2013-09-03 14:06:11 +02:00
Daniel P. Berrange a4d1cfdc59 Prohibit unbounded arrays in XDR protocols
The use of <> is a security issue for RPC parameters, since a
malicious client can set a huge array length causing arbitrary
memory allocation in the daemon.

It is also a robustness issue for RPC return values, because if
the stream is corrupted, it can cause the client to also allocate
arbitrary memory.

Use a syntax-check rule to prohibit any use of <>

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-29 15:36:13 +01:00
Daniel P. Berrange 236da82dae Split TLS test into two separate tests
The virnettlscontexttest.c tests both virNetTLSContext
and virNetTLSSession functionality. Split into two
separate tests, to make the code size more manageable

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-08 10:00:42 +01:00
Eric Blake ed7e7c7d10 maint: avoid C99 loop declaration
Commit 3d0e3c1 reintroduced a problem previously squelched in
commit 7e5aa78.  Add a syntax check this time around.

util/virutil.c: In function 'virGetGroupList':
util/virutil.c:1015: error: 'for' loop initial declaration used outside C99 mode

* cfg.mk (sc_prohibit_loop_var_decl): New rule.
* src/util/virutil.c (virGetGroupList): Fix offender.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-08-07 16:50:42 -06:00
Eric Blake d21d40bf0c maint: split long lines in Makefiles
Makefiles are another easy file to enforce line limits.

Mostly straightforward; interesting tricks worth noting:
src/Makefile.am: $(confdir) was already defined, use it in more places
tests/Makefile.am: path_add and VG required some interesting compression

* cfg.mk (sc_prohibit_long_lines): Add another test.
* Makefile.am: Fix offenders.
* daemon/Makefile.am: Likewise.
* docs/Makefile.am: Likewise.
* python/Makefile.am: Likewise.
* src/Makefile.am: Likewise.
* tests/Makefile.am: Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-07-19 05:25:35 -06:00
Eric Blake 684c90bfbc tests: split long lines
Long lines are harder to read and harder to diff; in fact, if lines get
too long (> 1000 bytes), it starts causing issues where git send-email
refuses to send patches for the file.  I've cleaned up the tests
directory in the past (see commits bd6c46f, 3b750d1), but new long
lines have been introduced in the meantime.

Why 90 instead of 80? Because there were too many tests on the fringe
edge, and I didn't want to edit that many files.

Add a syntax check to prevent future long lines.

* cfg.mk (sc_prohibit_long_lines): New rule.
* tests/qemuxml2argvdata/qemuxml2argv-*.args: Split lines of any
file with content longer than 90 columns.
* tests/storagevolxml2argvdata/*.argv: Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-07-18 10:08:04 -06:00
Daniel P. Berrange 9ec23a6663 Prevent use of 'int' data type & 'ii', 'jj', 'kk' var names for loops
Add two syntax-check rules

 - sc_prohibit_int_ijk - block use of 'int' as a data type
   for any variables named 'i', 'j', 'k'
 - sc_prohibit_int_iijjkk - block use of 'ii', 'jj', 'kk'
   for any variable names
2013-07-10 17:55:17 +01:00
Michal Privoznik dc6f2dadac Introduce OOM reporting to virAsprintf
Actually, I'm turning this function into a macro as filename,
function name and line number needs to be passed. The new
function virAsprintfInternal is introduced with the extended set
of arguments.
2013-07-10 11:07:31 +02:00
Eric Blake 1e503ee534 build: honor autogen.sh --no-git
Based on a report by Chandrashekar Shastri, at
https://bugzilla.redhat.com/show_bug.cgi?id=979360

On systems where git cannot access the outside world, a developer
can instead arrange to get a copy of gnulib at the right commit
via side channels (such as NFS share drives), set GNULIB_SRCDIR,
then use ./autogen.sh --no-git.  In this setup, we will now
avoid direct use of git.  Of course, this means no automatic
gnulib updates when libvirt.git updates its submodule, but it
is expected that any developer in such a situation is already
prepared to deal with the fallout.

* .gnulib: Update to latest, for bootstrap.
* bootstrap: Synchronize from gnulib.
* autogen.sh (no_git): Avoid git when requested.
* cfg.mk (_update_required): Skip automatic rerun of bootstrap if
we can't use git.
* docs/compiling.html.in: Document this setup.
* docs/hacking.html.in: Mention this.
* HACKING: Regenerate.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-07-09 16:15:29 -06:00
Laine Stump d80d0d5d40 syntax: virPCIDeviceFree is also a NOP for NULL args
add it to the syntax-check list and fix the one offending caller.
2013-06-24 17:33:23 -04:00
Eric Blake 1add9c78da maint: don't use config.h in .h files
Enforce the rule that .h files don't need to (redundantly)
include <config.h>.

* cfg.mk (sc_prohibit_config_h_in_headers): New rule.
(_virsh_includes): Delete; instead, inline a smaller number of
exclusions...
(exclude_file_name_regexp--sc_require_config_h)
(exclude_file_name_regexp--sc_require_config_h_first): ...here.
* daemon/libvirtd.h (includes): Fix offenders.
* src/driver.h (includes): Likewise.
* src/gnutls_1_0_compat.h (includes): Likewise.
* src/libxl/libxl_conf.h (includes): Likewise.
* src/libxl/libxl_driver.h (includes): Likewise.
* src/lxc/lxc_conf.h (includes): Likewise.
* src/lxc/lxc_driver.h (includes): Likewise.
* src/lxc/lxc_fuse.h (includes): Likewise.
* src/network/bridge_driver.h (includes): Likewise.
* src/phyp/phyp_driver.h (includes): Likewise.
* src/qemu/qemu_conf.h (includes): Likewise.
* src/util/virnetlink.h (includes): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-06-05 05:53:25 -06:00
Eric Blake 0c8926daf9 syntax: fix broken error message in previous patch
Osier Yang pointed out that I introduced a syntax error in my
syntax check (I really shouldn't make last-minute changes without
testing them....).

/bin/sh: -c: line 2: syntax error near unexpected token `;'
/bin/sh: -c: line 2: `  { echo 'maint.mk: incorrect whitespace, see HACKING for rules' 2>&; \'
make: *** [bracket-spacing-check] Error 1

* cfg.mk (bracket-spacing-check): Fix copy-and-paste error.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-05-28 09:52:03 -06:00
Eric Blake 134e685b1d syntax-check: mandate space after mid-line semicolon
Enforce the style cleanup in the previous patch.

* build-aux/bracket-spacing.pl: Enforce trailing spacing.
* cfg.mk (bracket-spacing-check): Tweak error wording.
* docs/hacking.html.in: Document the rule.
* HACKING: Regenerate.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-05-28 08:26:05 -06:00
Michal Privoznik d1527ba5d7 Introduce syntax-check rule to prefer VIR_STRDUP over strdup 2013-05-24 10:13:02 +02:00
Eric Blake 0e55024e7b maint: enforce correct copyright usage
To ensure we don't regress and cause the need for further
cleanups, add a 'make syntax-check' rule that ensures new
files have proper copyright contents.

* cfg.mk (sc_copyright_address): Rename...
(sc_copyright_usage): ...and enhance.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-05-20 14:50:12 -06:00
Eric Blake de483052a2 maint: follow recommended practice for using LGPL
https://www.gnu.org/licenses/gpl-howto.html states:

You should also include a copy of the license itself somewhere in the
distribution of your program. All programs, whether they are released
under the GPL or LGPL, should include the text version of the GPL. In
GNU programs the license is usually in a file called COPYING.

If you are releasing your program under the LGPL, you should also
include the text version of the LGPL, usually in a file called
COPYING.LESSER. Please note that, since the LGPL is a set of
additional permissions on top of the GPL, it's important to include
both licenses so users have all the materials they need to understand
their rights.

* configure.ac (COPYING): No more games with non-git file.
* COPYING: New file, copied from gnulib.
* COPYING.LIB: Rename...
* COPYING.LESSER: ...to this.
* .gitignore: Track licenses in git.
* cfg.mk (exclude_file_name_regexp--sc_copyright_address): Tweak
rule.
* libvirt.spec.in (daemon, client, python): Reflect rename.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-05-20 14:15:21 -06:00
Daniel P. Berrange 8845d8dfa3 Remove & ban use of select() for waiting for I/O
Use of the select() system call is inherantly dangerous since
applications will hit a buffer overrun if any FD number exceeds
the size of the select set size (typically 1024). Replace the
two uses of select() with poll() and use cfg.mk to ban any
future use of select().

NB: This changes the phyp driver so that it uses an infinite
timeout, instead of busy-waiting for 1ms at a time.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-05-13 17:32:43 +01:00
Laine Stump bfe7721d50 util: move virFile* functions from virutil.c to virfile.c
These all existed before virfile.c was created, and for some reason
weren't moved.

This is mostly straightfoward, although the syntax rule prohibiting
write() had to be changed to have an exception for virfile.c instead
of virutil.c.

This movement pointed out that there is a function called
virBuildPath(), and another almost identical function called
virFileBuildPath(). They really should be a single function, which
I'll take care of as soon as I figure out what the arglist should look
like.
2013-05-10 13:09:30 -04:00
Ján Tomko 605a077244 syntax-check: forbid virBufferAsprintf with string literals 2013-05-07 17:49:59 +02:00
Eric Blake 25ae3d3015 build: avoid useless virAsprintf
virAsprintf(&foo, "%s", bar) is wasteful compared to
foo = strdup(bar) (or eventually, VIR_STRDUP(foo, bar),
but one thing at a time...).

Noticed while reviewing Laine's attempt to clean up broken
qemu:///session.

* cfg.mk (sc_prohibit_asprintf): Enhance rule.
* src/esx/esx_storage_backend_vmfs.c
(esxStorageBackendVMFSVolumeLookupByKey): Fix offender.
* src/network/bridge_driver.c (networkStateInitialize): Likewise.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopDHCPOpen):
Likewise.
* src/storage/storage_backend_sheepdog.c
(virStorageBackendSheepdogRefreshVol): Likewise.
* src/util/vircgroup.c (virCgroupAddTaskStrController): Likewise.
* src/util/virdnsmasq.c (addnhostsAdd): Likewise.
* src/xen/block_stats.c (xenLinuxDomainDeviceID): Likewise.
* src/xen/xen_driver.c (xenUnifiedConnectOpen): Likewise.
* tools/virsh.c (vshGetTypedParamValue): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-05-02 13:35:26 -06:00
Michal Privoznik 7c9a2d88cd virutil: Move string related functions to virstring.c
The source code base needs to be adapted as well. Some files
include virutil.h just for the string related functions (here,
the include is substituted to match the new file), some include
virutil.h without any need (here, the include is removed), and
some require both.
2013-05-02 16:56:55 +02:00
Eric Blake 1fbf190554 build: avoid unsafe functions in libgen.h
POSIX says that both basename() and dirname() may return static
storage (aka they need not be thread-safe); and that they may but
not must modify their input argument.  Furthermore, <libgen.h>
is not available on all platforms.  For these reasons, you should
never use these functions in a multi-threaded library.

Gnulib instead recommends a way to avoid the portability nightmare:
gnulib's "dirname.h" provides useful thread-safe counterparts.  The
obvious dir_name() and base_name() are GPL (because they malloc(),
but call exit() on failure) so we can't use them; but the LGPL
variants mdir_name() (malloc's or returns NULL) and last_component
(always points into the incoming string without modifying it,
differing from basename semantics only on corner cases like the
empty string that we shouldn't be hitting in the first place) are
already in use in libvirt.  This finishes the swap over to the safe
functions.

* cfg.mk (sc_prohibit_libgen): New rule.
* src/util/vircgroup.c: Fix offenders.
* src/parallels/parallels_storage.c (parallelsPoolAddByDomain):
Likewise.
* src/parallels/parallels_network.c (parallelsGetBridgedNetInfo):
Likewise.
* src/node_device/node_device_udev.c (udevProcessSCSIHost)
(udevProcessSCSIDevice): Likewise.
* src/storage/storage_backend_disk.c
(virStorageBackendDiskDeleteVol): Likewise.
* src/util/virpci.c (virPCIGetDeviceAddressFromSysfsLink):
Likewise.
* src/util/virstoragefile.h (_virStorageFileMetadata): Avoid false
positive.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-04-25 14:47:01 -06:00
Osier Yang 9969ade669 syntax-check: Only allows to include public headers in external tools
With this patch, include public headers in "" form is only allowed
for "internal.h". And only the external tools (examples|tools|python
|include/libvirt) can include the public headers in <> form.
2013-04-18 11:31:19 +08:00
Osier Yang 1d69c6334b syntax-check: Don't include public headers in internal source
Directories python/tools/examples should include them in <> form,
though this patch allows "" form in these directories by excluding
them, a later patch will do the cleanup.
2013-04-18 11:24:46 +08:00
Osier Yang 83d801a7e6 syntax-check: Don't include duplicate header
gnulib is excluded.
2013-04-18 11:19:19 +08:00
Daniel P. Berrange d14524701a Add a test suite for cgroups functionality
Some aspects of the cgroups setup / detection code are quite subtle
and easy to break. It would greatly benefit from unit testing, but
this is difficult because the test suite won't have privileges to
play around with cgroups. The solution is to use monkey patching
via LD_PRELOAD to override the fopen, open, mkdir, access functions
to redirect access of cgroups files to some magic stubs in the
test suite.

Using this we provide custom content for the /proc/cgroup and
/proc/self/mounts files which report a fixed cgroup setup. We
then override open/mkdir/access so that access to the cgroups
filesystem gets redirected into files in a temporary directory
tree in the test suite build dir.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-04-15 17:35:31 +01:00
Eric Blake 7af86379ef util: portably check for unchanged uid
We've already scrubbed for comparisons of 'uid_t == -1' (which fail
on platforms where uid_t is a u16), but another one snuck in.

* src/util/virutil.c (virSetUIDGIDWithCaps): Correct uid comparison.
* cfg.mk (sc_prohibit_risky_id_promotion): New rule.
2013-03-15 10:55:51 -06:00
Eric Blake dce95297e3 tests: uniformly report test failures
testutils.c likes to print summaries after a test completes,
including if it failed.  But if the test outright exit()s,
this summary is skipped.  Enforce that we return instead of exit.

* cfg.mk (sc_prohibit_exit_in_tests): New syntax check.
* tests/commandhelper.c (main): Fix offenders.
* tests/qemumonitorjsontest.c (mymain): Likewise.
* tests/seclabeltest.c (main): Likewise.
* tests/securityselinuxlabeltest.c (mymain): Likewise.
* tests/securityselinuxtest.c (mymain): Likewise.
* tests/testutils.h (VIRT_TEST_MAIN_PRELOAD): Likewise.
* tests/testutils.c (virtTestMain): Likewise.
(virtTestCaptureProgramOutput): Use symbolic name.
2013-02-25 17:38:11 -07:00
John Ferlan a141a43e33 hacking: Add some details to handle Valgrind output
hacking: Add some text around the running of Valgrind along with example
output for "real" vs. "false positives".

cfg.mk: Add hacking.in.html to sc_prohibit_raw_allocation
2013-02-07 14:08:14 -05:00
Guido Günther 7f5c285082 Add syntax-check to make sure Python files don't contain trailing semicolon
We allow for a trailing semicolon in full line comments since
docs/index.py has some SQL statements in it.
2013-02-07 19:52:49 +01:00
Peter Krempa 2198dadc2f syntax-check: Don't check non-reentrant functions in docs
Otherwise constructions like "random (used by default)" end up breaking
syntax check by apparently using non-reentrant functions.
2013-02-07 18:00:47 +01:00
John Ferlan 97278ab472 vbox: Adjust the UTF FREE macros
Adjust the macros to free memory allocated during various calls to
perform the check if parameter is NULL prior to really freeing and to
set the pointer to NULL after done freeing.
2013-01-25 16:16:35 -07:00
Eric Blake c8f79c9b29 spec: indent %if to make it easier to see conditions
Nested conditionals are hard to read if they are not indented.
We can't add arbitrary whitespace to everything in spec files,
but we CAN add spaces before %if and %define.  Use this trick,
plus a fancy sed script that rewrites a spec file into a C
file, so we can use cppi to keep our spec file nice.

For reference, the sed script converts code like:

|# RHEL-5 builds are client-only for s390, ppc
|%if 0%{?rhel} == 5
|    %ifnarch %{ix86} x86_64 ia64
|        %define client_only        1
|    %endif
|%endif

into the following for cppi:

|// # RHEL-5 builds are client-only for s390, ppc
|#if a // 0%{?rhel} == 5
|# if a // %{ix86} x86_64 ia64
|#  define client_only        1
|# endif
|#endif

and errors from 'make syntax-check' look like:
spec_indentation
cppi: mingw-libvirt.spec.in: line 130: not properly indented
maint.mk: incorrect preprocessor indentation

* libvirt.spec.in: Add some indentation to make it easier to follow
various conditionals.
* mingw-libvirt-spec.in: Likewise.
* cfg.mk (sc_spec_indentation): New syntax check to enforce it.
2013-01-21 10:36:14 -07:00
Daniel P. Berrange 3d1596b048 Introduce an LXC specific public API & library
This patch introduces support for LXC specific public APIs. In
common with what was done for QEMU, this creates a libvirt_lxc.so
library and libvirt/libvirt-lxc.h header file.

The actual APIs are

  int virDomainLxcOpenNamespace(virDomainPtr domain,
                                int **fdlist,
                                unsigned int flags);

  int virDomainLxcEnterNamespace(virDomainPtr domain,
                                 unsigned int nfdlist,
                                 int *fdlist,
                                 unsigned int *noldfdlist,
                                 int **oldfdlist,
                                 unsigned int flags);

which provide a way to use the setns() system call to move the
calling process into the container's namespace. It is not
practical to write in a generically applicable manner. The
nearest that we could get to such an API would be an API which
allows to pass a command + argv to be executed inside a
container. Even if we had such a generic API, this LXC specific
API is still useful, because it allows the caller to maintain
the current process context, in particular any I/O streams they
have open.

NB the virDomainLxcEnterNamespace() API is special in that it
runs client side, so does not involve the internal driver API.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-01-14 13:58:34 +00:00
Daniel P. Berrange 907a39e735 Add a test suite for validating SELinux labelling
There are many aspects of the guest XML which result in the
SELinux driver applying file labelling. With the increasing
configuration options it is desirable to test this behaviour.
It is not possible to assume that the test suite has the
ability to set SELinux labels. Most filesystems though will
support extended attributes. Thus for the purpose of testing,
it is possible to extend the existing LD_PRELOAD hack to
override setfilecon() and getfilecon() to simply use the
'user.libvirt.selinux' attribute for the sake of testing.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-01-14 13:40:04 +00:00
Daniel P. Berrange cd699ed150 Add some autoconf helper macros for checking for libraries
Most checks for libraries take the same format

  * --with-libFOO=yes|no|check|/some/path  argument
  * check for a function NNN in libFOO.so
  * check for a header file DDD/HHH.h
  * Define a WITH_FOO config.h symbol
  * Define a WITH_FOO make conditional
  * Substitute FOO_CFLAGS and FOO_LIBS make variables
  * Print CFLAGS & LIBS summary at the end

Doing all this correctly is rather difficult, typically
done by copy+paste of a previous usage. Further small
improvements people make are not applied to all previous
usages.

Improve this by creating some helper macros to apply
good practice. First, to perform the actual checks:

  LIBVIRT_CHECK_LIB([SELINUX], [selinux],
     [getfilecon], [selinux/selinux.h])

This checks for 'getfilecon' in -lselinux, and the
existence of 'selinux/selinux.h' header file. If successful
it sets SELINUX_CFLAGS and SELINUX_LIBS. The WITH_SELINUX
config.h macro and WITH_SELINUX make conditional are also
defined.

In some cases we need to check two variants of the same
library

  LIBVIRT_CHECK_LIB_ALT([SASL], [sasl2],
                        [sasl_client_init], [sasl/sasl.h],
                        [SASL1], [sasl],
                        [sasl_client_init], [sasl/sasl.h])

This checks for sasl_client_init in libsasl2, and if that
is not found, checks sasl_client_init in libsasl. If the
first check succeeds WITH_SASL is set, while if the second
check succeeds *both* WITH_SASL and WITH_SASL1 are set.

If the library supports pkg-config, then another variant
is available

  LIBVIRT_CHECK_PKG([AVAHI], [avahi-client], [0.6.0])

This checks for avahi-client >= 0.6.0 via pkg-config
and sets WITH_AVAHI if found.

Finally to print a summary of CFLAGS & LIBs found (if any):

  LIBVIRT_RESULT_LIB([SELINUX])

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-01-11 11:03:22 +00:00
John Ferlan fef8d1a010 util: Check for NULL 'dev' on input to usbFreeDevice
Added 'usbFreeDevice' to the useless_free_options list in cfg.mk
2013-01-08 08:45:40 -07:00
Daniel P. Berrange f24404a324 Rename virterror.c virterror_internal.h to virerror.{c,h} 2012-12-21 11:19:50 +00:00
Daniel P. Berrange 556cf5f617 Rename xml.{c,h} to virxml.{c,h} 2012-12-21 11:19:50 +00:00
Daniel P. Berrange 44f6ae27fe Rename util.{c,h} to virutil.{c,h} 2012-12-21 11:19:49 +00:00
Daniel P. Berrange 226ad9815a Rename sexpr.{c,h} to virsexpr.{c,h} 2012-12-21 11:19:48 +00:00
Daniel P. Berrange ab9b7ec2f6 Rename memory.{c,h} to viralloc.{c,h} 2012-12-21 11:17:14 +00:00
Daniel P. Berrange 04d9510f50 Rename command.{c,h} to vircommand.{c,h} 2012-12-21 11:17:13 +00:00
Viktor Mihajlovski 347a712ab1 tests: Add tests for sysinfo
Test cases for virSysinfoRead. Initially, there are tests for
x86 (DMI based) and s390 (/proc/... based).
In lack of PPC data, I have stubbed out the test for it, but it
can be added with a minimal effort.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-12-17 17:37:17 +00:00
Daniel P. Berrange ad39fd83a8 Define a wire protocol for talking to the virtlockd daemon
The virtlockd daemon will be responsible for managing locks
on virtual machines. Communication will be via the standard
RPC infrastructure. This provides the XDR protocol definition

* src/locking/lock_protocol.x: Wire protocol for virtlockd
* src/Makefile.am: Include lock_protocol.[ch] in virtlockd

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-12-13 15:26:57 +00:00
Daniel P. Berrange c57e3d8994 Introduce basic infrastructure for virtlockd daemon
The virtlockd daemon will maintain locks on behalf of libvirtd.
There are two reasons for it to be separate

 - Avoid risk of other libvirtd threads accidentally
   releasing fcntl() locks by opening + closing a file
   that is locked
 - Ensure locks can be preserved across libvirtd restarts.
   virtlockd will need to be able to re-exec itself while
   maintaining locks. This is simpler to achieve if its
   sole job is maintaining locks

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-12-13 15:26:57 +00:00
Laine Stump 85b22f528f util: add VIR_(APPEND|INSERT|DELETE)_ELEMENT
I noticed when writing the backend functions for virNetworkUpdate that
I was repeating the same sequence of memmove, VIR_REALLOC, nXXX-- (and
messed up the args to memmove at least once), and had seen the same
sequence in a lot of other places, so I decided to write a few
utility functions/macros - see the .h file for full documentation.

The intent is to reduce the number of lines of code, but more
importantly to eliminate the need to check the element size and
element count arithmetic every time we need to do this (I *always*
make at least one mistake.)

VIR_INSERT_ELEMENT: insert one element at an arbitrary index within an
  array of objects. The size of each object is determined
  automatically by the macro using sizeof(*array). The new element's
  contents are copied into the inserted space, then the original copy
  of contents are 0'ed out (if everything else was
  successful). Compile-time assignment and size compatibility between
  the array and the new element is guaranteed (see explanation below
  [*])

VIR_INSERT_ELEMENT_COPY: identical to VIR_INSERT_ELEMENT, except that
  the original contents of newelem are not cleared to 0 (i.e. a copy
  is made).

VIR_APPEND_ELEMENT: This is just a special case of VIR_INSERT_ELEMENT
  that "inserts" one past the current last element.

VIR_APPEND_ELEMENT_COPY: identical to VIR_APPEND_ELEMENT, except that
  the original contents of newelem are not cleared to 0 (i.e. a copy
  is made).

VIR_DELETE_ELEMENT: delete one element at an arbitrary index within an
  array of objects. It's assumed that the element being deleted is
  already saved elsewhere (or cleared, if that's what is appropriate).

All five of these macros have an _INPLACE variant, which skips the
memory re-allocation of the array, assuming that the caller has
already done it (when inserting) or will do it later (when deleting).

Note that VIR_DELETE_ELEMENT* can return a failure, but only if an
invalid index is given (index + amount to delete is > current array
size), so in most cases you can safely ignore the return (that's why
the helper function virDeleteElementsN isn't declared with
ATTRIBUTE_RETURN_CHECK). A warning is logged if this ever happens,
since it is surely a coding error.

[*] One initial problem with the INSERT and APPEND macros was that,
due to both the array pointer and newelem pointer being cast to void*
when passing to virInsertElementsN(), any chance of type-checking was
lost. If we were going to move in newelem with a memmove anyway, we
would be no worse off for this. However, most current open-coded
insert/append operations use direct struct assignment to move the new
element into place (or just populate the new element directly) - thus
use of the new macros would open a possibility for new usage errors
that didn't exist before (e.g. accidentally sending &newelemptr rather
than newelemptr - I actually did this quite a lot in my test
conversions of existing code).

But thanks to Eric Blake's clever thinking, I was able to modify the
INSERT and APPEND macros so that they *do* check for both assignment
and size compatibility of *ptr (an element in the array) and newelem
(the element being copied into the new position of the array). This is
done via clever use of the C89-guaranteed fact that the sizeof()
operator must have *no* side effects (so an assignment inside sizeof()
is checked for validity, but not actually evaluated), and the fact
that virInsertElementsN has a "# of new elements" argument that we
want to always be 1.
2012-12-11 05:49:44 -05:00
Eric Blake 55dc872bd8 build: fix incremental autogen.sh when no AUTHORS is present
Commit 71d1256 tried to fix a problem where rebasing an old
branch on top of newer libvirt.git resulted in automake failing
because of a missing AUTHORS file.  However, while the fix
worked for an incremental 'make', it did not work for someone
that directly reran './autogen.sh'.  Reported by Laine Stump.

* autogen.sh (autoreconf): Check for same conditions as cfg.mk.
* cfg.mk (_update_required): Add comments.
2012-12-03 14:59:09 -07:00
Eric Blake 71d125620d build: rerun bootstrap if AUTHORS is missing
Ever since commit 7b21981c started generating AUTHORS, we now have
the situation that if you flip between two branches in the same
git repository that cross that commit boundary, then 'make' will
fail due to automake complaining about AUTHORS not existing.  The
simplest solution is to realize that if AUTHORS does not exist,
then we flipped branches so we will need to rerun bootstrap
anyways; and rerunning bootstrap ensures AUTHORS will exist in time.

* cfg.mk (_update_required): Also depend on AUTHORS.
2012-11-14 13:41:15 -07:00
Daniel P. Berrange a3e95abeb5 Document bracket whitespace rules & add syntax-check rule
This documents the following whitespace rules

      if(foo)   // Bad
      if (foo)  // Good

      int foo (int wizz)  // Bad
      int foo(int wizz)   // Good

      bar = foo (wizz);  // Bad
      bar = foo(wizz);   // Good

      typedef int (*foo) (int wizz);  // Bad
      typedef int (*foo)(int wizz);   // Good

      int foo( int wizz );  // Bad
      int foo(int wizz);    // Good

There is a syntax-check rule extension to validate all these rules.
Checking for 'function (...args...)' is quite difficult since it
needs to ignore valid usage with keywords like 'if (...test...)'
and while/for/switch. It must also ignore source comments and
quoted strings.

It is not possible todo this with a simple regex in the normal
syntax-check style. So a short Perl script is created instead
to analyse the source. In practice this works well enough. The
only thing it can't cope with is multi-line quoted strings of
the form

 "start of string\
more lines\
more line\
the end"

but this can and should be written as

 "start of string"
 "more lines"
 "more line"
 "the end"

with this simple change, the bracket checking script does not
have any false positives across libvirt source, provided it
is only run against .c files. It is not practical to run it
against .h files, since those use whitespace extensively to
get alignment (though this is somewhat inconsistent and could
arguably be fixed).

The only limitation is that it cannot detect a violation where
the first arg starts with a '*', eg

   foo(*wizz);

since this generates too many false positives on function
typedefs which can't be supressed efficiently.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-11-02 14:00:32 +00:00
Jiri Denemark d055498d04 build: Do not ignore logging.c in sc_prohibit_mkstemp
Now that the offending code was removed, we may remove this as well.
2012-11-02 12:32:51 +01:00
Michal Privoznik 30b398d5ef logging.c: Properly indent and ignore one syntax-check rule
With our fix of mkostemp (pushed as 2b435c15) we define a macro
to compile with uclibc. However, this definition is conditional
and thus needs to be properly indented. Moreover, with this definition
sc_prohibit_mkstemp syntax-check rule keeps yelling:

  src/util/logging.c:63:# define mkostemp(x,y) mkstemp(x)
  maint.mk: use mkostemp with O_CLOEXEC instead of mkstemp

Therefore we should ignore this file for this rule.
2012-11-02 11:19:04 +01:00
Eric Blake 4dbd6e9654 build: prefer mkostemp for multi-thread safety
https://bugzilla.redhat.com/show_bug.cgi?id=871756

Commit cd1e8d1 assumed that systems new enough to have journald
also have mkostemp; but this is not true for uclibc.

For that matter, use of mkstemp[s] is unsafe in a multi-threaded
program.  We should prefer mkostemp[s] in the first place.

* bootstrap.conf (gnulib_modules): Add mkostemp, mkostemps; drop
mkstemp and mkstemps.
* cfg.mk (sc_prohibit_mkstemp): New syntax check.
* tools/virsh.c (vshEditWriteToTempFile): Adjust caller.
* src/qemu/qemu_driver.c (qemuDomainScreenshot)
(qemudDomainMemoryPeek): Likewise.
* src/secret/secret_driver.c (replaceFile): Likewise.
* src/vbox/vbox_tmpl.c (vboxDomainScreenshot): Likewise.
2012-10-31 10:06:10 -06:00
Laine Stump 7bafe009d9 util: do a better job of matching up pids with their binaries
This patch resolves: https://bugzilla.redhat.com/show_bug.cgi?id=871201

If libvirt is restarted after updating the dnsmasq or radvd packages,
a subsequent "virsh net-destroy" will fail to kill the dnsmasq/radvd
process.

The problem is that when libvirtd restarts, it re-reads the dnsmasq
and radvd pidfiles, then does a sanity check on each pid it finds,
including checking that the symbolic link in /proc/$pid/exe actually
points to the same file as the path used by libvirt to execute the
binary in the first place. If this fails, libvirt assumes that the
process is no longer alive.

But if the original binary has been replaced, the link in /proc is set
to "$binarypath (deleted)" (it literally has the string " (deleted)"
appended to the link text stored in the filesystem), so even if a new
binary exists in the same location, attempts to resolve the link will
fail.

In the end, not only is the old dnsmasq/radvd not terminated when the
network is stopped, but a new dnsmasq can't be started when the
network is later restarted (because the original process is still
listening on the ports that the new process wants).

The solution is, when the initial "use stat to check for identical
inodes" check for identity between /proc/$pid/exe and $binpath fails,
to check /proc/$pid/exe for a link ending with " (deleted)" and if so,
truncate that part of the link and compare what's left with the
original binarypath.

A twist to this problem is that on systems with "merged" /sbin and
/usr/sbin (i.e. /sbin is really just a symlink to /usr/sbin; Fedora
17+ is an example of this), libvirt may have started the process using
one path, but /proc/$pid/exe lists a different path (indeed, on F17
this is the case - libvirtd uses /sbin/dnsmasq, but /proc/$pid/exe
shows "/usr/sbin/dnsmasq"). The further bit of code to resolve this is
to call virFileResolveAllLinks() on both the original binarypath and
on the truncated link we read from /proc/$pid/exe, and compare the
results.

The resulting code still succeeds in all the same cases it did before,
but also succeeds if the binary was deleted or replaced after it was
started.
2012-10-30 13:28:47 -04:00
Cole Robinson 7b21981cdb Autogenerate AUTHORS
AUTHORS.in tracks the maintainers, as well as some folks who were
previously in AUTHORS but don't have a git commit with proper
attribution.

Generated output is sorted alphabetically and lacks pretty spacing, so
tweak AUTHORS.in to follow the same format.

Additionally, drop the syntax-check rule that previously validated
AUTHORS against git log.
2012-10-19 12:44:56 -04:00
Eric Blake c5f162200c build: avoid infinite autogen loop
Several people have reported that if the .gnulib submodule is dirty,
then 'make' will go into an infinite loop attempting to rerun bootstrap,
because that never cleans up the dirty submodule.  By default, we
should halt and make the user investigate, but if the user doesn't
know why or care that the submodule is dirty, I also added the ability
to 'make CLEAN_SUBMODULE=1' to get things going again.

Also, while testing this, I noticed that when a submodule update was
needed, 'make' would first run autoreconf, then bootstrap (which
reruns autoreconf); adding a strategic dependency allows for less work.

* .gnulib: Update to latest, for maint.mk improvements.
* cfg.mk (_autogen): Also hook maint.mk, to run before autoreconf.
* autogen.sh (bootstrap): Refuse to run if gnulib is dirty, unless
user requests discarding gnulib changes.
2012-10-01 09:47:38 -06:00
Martin Kletzander 9ac287f826 syntax-check: fix run.in
Two more problems in "run.in" made the syntax-check fail.
2012-09-18 13:59:53 +02:00
Eric Blake 2387aa26c1 maint: fix missing spaces in message
I got an off-list report about a bad diagnostic:
Target network card mac 52:54:00:49:07:ccdoes not match source 52:54:00:49:07:b8

True to form, I've added a syntax check rule to prevent it
from recurring, and found several other offenders.

* cfg.mk (sc_require_whitespace_in_translation): New rule.
* src/conf/domain_conf.c (virDomainNetDefCheckABIStability): Add
space.
* src/esx/esx_util.c (esxUtil_ParseUri): Likewise.
* src/qemu/qemu_command.c (qemuCollectPCIAddress): Likewise.
* src/qemu/qemu_driver.c (qemuDomainSetMetadata)
(qemuDomainGetMetadata): Likewise.
* src/qemu/qemu_hotplug.c (qemuDomainChangeNetBridge): Likewise.
* src/rpc/virnettlscontext.c
(virNetTLSContextCheckCertDNWhitelist): Likewise.
* src/vmware/vmware_driver.c (vmwareDomainResume): Likewise.
* src/vbox/vbox_tmpl.c (vboxDomainGetXMLDesc, vboxAttachDrives):
Avoid false negatives.
* tools/virsh-domain.c (info_save_image_dumpxml): Reword.
Based on a report by Luwen Su.
2012-09-12 11:55:29 -06:00
Daniel P. Berrange 8d78fd04be Add helper library for testing the qemu monitor code
To be able to test the QEMU monitor code, we need to have a fake
QEMU monitor server. This introduces a simple (dumb) framework
that can do this. The test case registers a series of items to
be sent back as replies to commands that will be executed. A
thread runs the event loop looking for incoming replies and
sending back this pre-registered data. This allows testing all
QEMU monitor code that deals with parsing responses and errors
from QEMU, without needing QEMU around

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-07 13:18:04 +01:00
Eric Blake 60efb60018 maint: avoid doubled name in syntax check failures
Based on the similar gnulib commit 96ad9077.  The use of
$(_sc_search_regexp) already injects $(ME) into any output
messages, so a failure of these rules would look like this,
pre-patch:

maint.mk: maint.mk: use virStrToLong_*, not strtol variants

* cfg.mk (sc_prohibit_strncmp, sc_prohibit_strtol)
(sc_libvirt_unmarked_diagnostics): Drop redundant $(ME).
2012-09-05 11:16:20 -06:00
Eric Blake 44342a0efe build: use re-entrant functions in virsh
Yesterday's commit 15d2c9f pointed out that virsh was still using
localtime(), which is not thread-safe, even though virsh is
definitely multi-threaded.  Even if we only ever triggered it from
one thread, it's better safe than sorry for maintenance purposes.

* cfg.mk (exclude_file_name_regexp--sc_prohibit_nonreentrant):
Tighten the rule.
* tools/virsh.c (vshOutputLogFile): Avoid localtime.
(vshEditWriteToTempFile, vshEditReadBackFile, cmdCd, cmdPwd)
(vshCloseLogFile): Avoid strerror.
* tools/console.c (vshMakeStdinRaw): Likewise.
* tools/virsh-domain.c (vshGenFileName): Fix spacing in previous
patch.
2012-09-05 11:09:04 -06:00
Eric Blake cc2150d212 maint: prohibit translations in testsuite
Nothing in the testsuite or examples directory should be translated,
as it is not part of the normally installed binary.  We already
meet this rule, but enforcing it will make it easier to remember.

Suggested by Daniel P. Berrange.

* cfg.mk (sc_prohibit_useless_translation): Enhance rule.
2012-08-20 09:34:22 -06:00
Daniel P. Berrange 2a336379e0 Fix syntax-check failures wrt virsh
* cfg.mk: Whitelist virsh.h instead of virsh.c for strcasecmp check
* tools/virsh-domain.h, tools/virsh.h: Fix #define indentation
2012-08-20 11:17:26 +01:00
Eric Blake ca9be83de9 build: fix syntax check during 'make distcheck'
'make distcheck' was failing because a syntax check file,
.sc-start-sc_vulnerable_makefile_CVE-2012-3386, got left
behind.  I traced it to the 'distdir' rule depending on a
shortcut syntax-check name rather than the full rule name
normally used during 'local-check' from maint.mk.

* cfg.mk (distdir): Depend on full rule, not shorthand name.
2012-08-16 16:37:27 -06:00
Osier Yang be023c0896 virsh: Add helper to avoid the strcase check for virsh-*.c
* tools/virsh.c: New macro vshStrcasecmp
* tools/virsh-domain-monitor.c: Use vshStrcasecmp instead of
                                strcasecmp
* tools/virsh-snapshot.c: Likewise
* cfg.mk: Only avoid doing strcase checking for virsh.c
2012-08-15 15:07:37 +08:00
Daniel P. Berrange 05e4e7b46e Turn virNetClient* into virObject instances
Make all the virNetClient* objects use virObject APIs for
reference counting

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-08-07 11:47:55 +01:00
Daniel P. Berrange 958499b0c1 Turn virNetServer* into virObject instances
Make all the virNetServer* objects use the virObject APIs
for reference counting

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-08-07 11:47:55 +01:00
Daniel P. Berrange 410a5dac42 Turn virSocket into a virObject
Make virSocket use the virObject APIs for reference counting

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-08-07 11:47:41 +01:00
Daniel P. Berrange 0b4d3fe556 Turn virNetSASLContext and virNetSASLSession into virObject instances
Make virNetSASLContext and virNetSASLSession use virObject APIs
for reference counting

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-08-07 11:47:41 +01:00
Daniel P. Berrange e10e1969d5 Turn virNetTLSContext and virNetTLSSession into virObject instances
Make virNetTLSContext and virNetTLSSession use the virObject
APIs for reference counting

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-08-07 11:47:41 +01:00
Daniel P. Berrange 784a99f794 Add a generic reference counted virObject type
This introduces a fairly basic reference counted virObject type
and an associated virClass type, that use atomic operations for
ref counting.

In a global initializer (recommended to be invoked using the
virOnceInit API), a virClass type must be allocated for each
object type. This requires a class name, a "dispose" callback
which will be invoked to free memory associated with the object's
fields, and the size in bytes of the object struct.

eg,

   virClassPtr  connclass = virClassNew("virConnect",
                                        sizeof(virConnect),
                                        virConnectDispose);

The struct for the object, must include 'virObject' as its
first member

eg

  struct _virConnect {
    virObject object;

    virURIPtr uri;
  };

The 'dispose' callback is only responsible for freeing
fields in the object, not the object itself. eg a suitable
impl for the above struct would be

  void virConnectDispose(void *obj) {
     virConnectPtr conn = obj;
     virURIFree(conn->uri);
  }

There is no need to reset fields to 'NULL' or '0' in the
dispose callback, since the entire object will be memset
to 0, and the klass pointer & magic integer fields will
be poisoned with 0xDEADBEEF before being free()d

When creating an instance of an object, one needs simply
pass the virClassPtr eg

   virConnectPtr conn = virObjectNew(connclass);
   if (!conn)
      return NULL;
   conn->uri = virURIParse("foo:///bar")

Object references can be manipulated with

   virObjectRef(conn)
   virObjectUnref(conn)

The latter returns a true value, if the object has been
freed (ie its ref count hit zero)

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-08-07 11:47:41 +01:00
Daniel P. Berrange 92c5924a05 Remove tabs from all perl files & enforce this
The cfg.mk file rule to check for tab characters was not
applied to perl files. Much of our Perl code is full of
tabs as a result. Kill them, kill them all !
2012-07-30 13:09:57 +01:00
Eric Blake 3ad13c92a7 maint: avoid regression on copyright listings
Commit f9ce7dad6 tried to kill uses of a raw street address, but
missed a few instances.  Automate things so we don't introduce
new problems in the future.

* cfg.mk (sc_copyright_address): New rule.
(exclude_file_name_regexp--sc_copyright_address): Add exemption.
* bootstrap.conf: Adjust offenders.
* build-aux/augeas-gentest.pl: Likewise.
* examples/systemtap/events.stp: Likewise.
* examples/systemtap/qemu-monitor.stp: Likewise.
* examples/systemtap/rpc-monitor.stp: Likewise.
* src/dtrace2systemtap.pl: Likewise.
* src/esx/esx_vi_generator.py: Likewise.
* src/hyperv/hyperv_wmi_generator.py: Likewise.
* src/remote/qemu_protocol.x: Likewise.
* src/remote/remote_protocol.x: Likewise.
* src/rpc/gensystemtap.pl: Likewise.
* src/rpc/virnetprotocol.x: Likewise.
* tests/object-locking.ml: Likewise.
* tools/virt-xml-validate.in: Likewise.
2012-07-27 07:42:34 -06:00
Eric Blake 768007aedc maint: don't permit format strings without %
Any time we have a string with no % passed through gettext, a
translator can inject a % to cause a stack overread.  When there
is nothing to format, it's easier to ask for a string that cannot
be used as a formatter, by using a trivial "%s" format instead.

In the past, we have used --disable-nls to catch some of the
offenders, but that doesn't get run very often, and many more
uses have crept in.  Syntax check to the rescue!

The syntax check can catch uses such as
virReportError(code,
               _("split "
                 "string"));
by using a sed script to fold context lines into one pattern
space before checking for a string without %.

This patch is just mechanical insertion of %s; there are probably
several messages touched by this patch where we would be better
off giving the user more information than a fixed string.

* cfg.mk (sc_prohibit_diagnostic_without_format): New rule.
* src/datatypes.c (virUnrefConnect, virGetDomain)
(virUnrefDomain, virGetNetwork, virUnrefNetwork, virGetInterface)
(virUnrefInterface, virGetStoragePool, virUnrefStoragePool)
(virGetStorageVol, virUnrefStorageVol, virGetNodeDevice)
(virGetSecret, virUnrefSecret, virGetNWFilter, virUnrefNWFilter)
(virGetDomainSnapshot, virUnrefDomainSnapshot): Add %s wrapper.
* src/lxc/lxc_driver.c (lxcDomainSetBlkioParameters)
(lxcDomainGetBlkioParameters): Likewise.
* src/conf/domain_conf.c (virSecurityDeviceLabelDefParseXML)
(virDomainDiskDefParseXML, virDomainGraphicsDefParseXML):
Likewise.
* src/conf/network_conf.c (virNetworkDNSHostsDefParseXML)
(virNetworkDefParseXML): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterIsValidChainName):
Likewise.
* src/conf/nwfilter_params.c (virNWFilterVarValueCreateSimple)
(virNWFilterVarAccessParse): Likewise.
* src/libvirt.c (virDomainSave, virDomainSaveFlags)
(virDomainRestore, virDomainRestoreFlags)
(virDomainSaveImageGetXMLDesc, virDomainSaveImageDefineXML)
(virDomainCoreDump, virDomainGetXMLDesc)
(virDomainMigrateVersion1, virDomainMigrateVersion2)
(virDomainMigrateVersion3, virDomainMigrate, virDomainMigrate2)
(virStreamSendAll, virStreamRecvAll)
(virDomainSnapshotGetXMLDesc): Likewise.
* src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
(virNWFilterDHCPSnoopReq): Likewise.
* src/openvz/openvz_driver.c (openvzUpdateDevice): Likewise.
* src/openvz/openvz_util.c (openvzKBPerPages): Likewise.
* src/qemu/qemu_cgroup.c (qemuSetupCgroup): Likewise.
* src/qemu/qemu_command.c (qemuBuildHubDevStr, qemuBuildChrChardevStr)
(qemuBuildCommandLine): Likewise.
* src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Likewise.
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
* src/rpc/virnetsaslcontext.c (virNetSASLSessionGetIdentity):
Likewise.
* src/rpc/virnetsocket.c (virNetSocketNewConnectUNIX)
(virNetSocketSendFD, virNetSocketRecvFD): Likewise.
* src/storage/storage_backend_disk.c
(virStorageBackendDiskBuildPool): Likewise.
* src/storage/storage_backend_fs.c
(virStorageBackendFileSystemProbe)
(virStorageBackendFileSystemBuild): Likewise.
* src/storage/storage_backend_rbd.c
(virStorageBackendRBDOpenRADOSConn): Likewise.
* src/storage/storage_driver.c (storageVolumeResize): Likewise.
* src/test/test_driver.c (testInterfaceChangeBegin)
(testInterfaceChangeCommit, testInterfaceChangeRollback):
Likewise.
* src/vbox/vbox_tmpl.c (vboxListAllDomains): Likewise.
* src/xenxs/xen_sxpr.c (xenFormatSxprDisk, xenFormatSxpr):
Likewise.
* src/xenxs/xen_xm.c (xenXMConfigGetUUID, xenFormatXMDisk)
(xenFormatXM): Likewise.
2012-07-26 14:32:30 -06:00
Eric Blake 72181978d5 maint: avoid empty regex in syntax checker
We were defining 'func_or' as '|VIR_ERROR|...', which when put
inside 'func_re' resulted in a regex that matches everything in
isolation.  Thankfully, we always used func_re with a leading
anchor \<, and since the empty regex does not start a word, we
happened to get the result we wanted; but it's better to define
func_or without a leading space converted into a leading empty
alternation.

* cfg.mk (func_or): Strip leading space.
2012-07-26 12:22:02 -06:00
Eric Blake f12e139621 build: update to latest gnulib, for secure tarball
Pick up some build fixes in the latest gnulib.  In particular,
we want to ensure that official tarballs are secure, but don't
want to penalize people who don't run 'make dist', since fixed
automake still hasn't hit common platforms like Fedora 17.

* .gnulib: Update to latest, for Automake CVE-2012-3386 detection.
* bootstrap: Resync from gnulib.
* bootstrap.conf (gnulib_extra_files): Drop missing, since gnulib
has dropped it in favor of Automake's version.
* cfg.mk (local-checks-to-skip): Conditionally skip the security
check in cases where it doesn't matter.
2012-07-26 07:50:59 -06:00
Osier Yang 49989d7025 virsh: Split cmds in node device group from virsh.c
Commands in node device group moved from virsh.c to virsh-nodedev.c,

* virsh.c: Remove commands in node device group.
* virsh-nodedev.c: New file, filled with commands in node device group
* po/POTFILES.in: Add virsh-nodedev.c
* cfg.mk: Skip to check config.h including for virsh-nodedev.c
2012-07-26 12:00:43 +08:00
Osier Yang 290eb0d9f2 virsh: Split cmds in host group from virsh.c
Commands in host group moved from virsh.c to virsh-host.c,

* virsh.c: Remove commands in host group.
* virsh-host.c: New file, filled with commands in host group
* po/POTFILES.in: Add virsh-host.c
* cfg.mk: Skip to check config.h including for virsh-host.c
2012-07-26 12:00:43 +08:00
Osier Yang 648ad2471b virsh: Split cmds to manage domain snapshot from virsh.c
Commands to manage domain snapshot are moved from virsh.c to
virsh-snapshot.c.

* virsh.c: Remove domain snapshot commands.
* virsh-snapshot.c: New file, filled with domain snapshot commands.
* po/POTFILES.in: Add virsh-snapshot.c
* cfg.mk: Skip strcase and config.h including checking for
          virsh-snapshot.c
2012-07-26 12:00:43 +08:00
Osier Yang d7acdcf093 virsh: Split cmds to manage secret from virsh.c
Commands to manage secret are moved from virsh.c to virsh-secret.c,
with a few helpers for secret command use.

* virsh.c: Remove secret commands and a few helpers.
           (vshCommandOptSecret, and vshCommandOptSecretBy)
* virsh-secret.c: New file, filled with secret commands and its helpers.
* po/POTFILES.in: Add virsh-secret.c
* cfg.mk: Skip to check config.h including for virsh-secret.c
2012-07-26 12:00:43 +08:00
Osier Yang e9d10055df virsh: Split cmds to manage network filter from virsh.c
Commands to manage network filter are moved from virsh.c to virsh-nwfilter.c,
with a few helpers for network filter command use.

* virsh.c: Remove network filter commands and a few helpers.
           (vshCommandOptNWFilter, and vshCommandOptNWFilterBy)
* virsh-nwfilter.c: New file, filled with network filter commands and its helpers.

* po/POTFILES.in: Add virsh-nwfilter.c

* cfg.mk: Skip to check config.h including for virsh-nwfilter.c
2012-07-26 12:00:42 +08:00
Osier Yang 0c39ea2fa5 virsh: Split cmds to manage host interface from virsh.c
Commands to manage host interface are moved from virsh.c to
virsh-interface.c, with a few helpers for interface command use.

* virsh.c: Remove interface commands and a few helpers.
           (vshCommandOptInterface, vshCommandOptInterfaceBy)
* virsh-interface.c: New file, filled with interface commands and
                     its helpers.
* cfg.mk: Skip to check config.h including for virsh-interface.c
* po/POTFILES.in: Add virsh-interface.c
2012-07-26 12:00:27 +08:00
Osier Yang 0510f97e73 virsh: Split cmds to manage network from virsh.c
Commands to manage network are moved from virsh.c to virsh-network.c,
with a few helpers for network command use.

* virsh.c: Remove network commands and a few helpers.
* virsh-network.c: New file, filled with network commands and its
                   helpers.
* po/POTFILES.in: Add virsh-network.c
* cfg.mk: Skip to check config.h including for virsh-network.c
2012-07-26 11:57:58 +08:00
Osier Yang 2f033890c6 virsh: Split cmds of storage pool group from virsh.c
This splits commands of storage pool group into virsh-pool.c,
The helpers not for common use are moved too. Standard copyright
is added for the new file.

* tools/virsh.c:
  Remove commands for storage storage pool and a few helpers.
  (vshCommandOptVol, vshCommandOptVolBy).

* tools/virsh-pool.c:
  New file, filled with commands of storage pool group and its
  helpers.

* po/POTFILES.in:
  Add virsh-pool.c

* cfg.mk:
  Skip to check config.h including for virsh-pool.c
2012-07-26 11:57:51 +08:00
Osier Yang 9fbb344f6e virsh: Split cmds of storage volume group from virsh.c
This splits commands of storage volume group into virsh-volume.c,
The helpers not for common use are moved too. Standard copyright
is added for the new file.

* tools/virsh.c:
  Remove commands for storage storage volume and a few helpers.
  (vshCommandOptVol, vshCommandOptVolBy).

* tools/virsh-volume.c:
  New file, filled with commands of storage volume group and its
  helpers.

* po/POTFILES.in:
  Add virsh-volume.c

* cfg.mk:
  Skip to check config.h including for virsh-volume.c
2012-07-26 11:57:42 +08:00
Osier Yang 73b89ed838 virsh: Split cmds of domain group from virsh.c
This splits commands to manage domain into virsh-domain.c,The helpers
not for common use are moved into them too. Standard copyright is added
for the new file.

* tools/virsh.c:
  - Remove commands for domain group, and one helper
    (vshDomainVcpuStateToString)
  - vshStreamSink is moved before commands's definition for it's
    also used by commands not of domain group, such as volUpload.

* tools/virsh-domain.c:
  - New file, commands for domain group and the one helper are
    moved into it.

* po/POTFILES.in:
  - Add virsh-domain.c

* cfg.mk:
  - Skip to check config.h including for virsh-domain.c
2012-07-26 11:57:18 +08:00
Osier Yang 9f4baa222e virsh: Split cmds for domain monitoring from virsh.c
This splits commands commands to monitor domain status into
virsh-domain-monitor.c. The helpers not for common use are moved too.
Standard copyright is added.

* tools/virsh.c:
  - Remove commands for domain monitoring group and a few helpers (
    vshDomainIOErrorToString, vshGetDomainDescription,
    vshDomainControlStateToString, vshDomainStateToString) not for
    common use.
  - Remove (incldue "intprops.h").

* tools/virsh-domain-monitor.c:
  - New file, filled with commands of domain monitor group.
  - Add "intprops.h".

* cfg.mk:
  - Skip strcase checking for virsh-domain-monitor.c
  - Skip to check config.h including for virsh-domain-monitor.c

* po/POTFILES.in
  - Add virsh-domain-monitor.c
2012-07-26 11:56:36 +08:00
Daniel P. Berrange e48daff7bb Replace use of custom macros with virReportError in the Xen drivers
Update the legacy Xen drivers to use virReportError instead of
the statsError, virXenInotifyError, virXenStoreError,
virXendError, xenUnifiedError, xenXMError custom macros

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-20 15:10:54 +01:00
Daniel P. Berrange c7af2c125e Replace use of VMX_ERROR with virReportError
Update the VMX shared code to use virReportError instead of
the VMX_ERROR custom macro

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-20 14:40:28 +01:00