| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Change the network configuration so everything is set using
some macros at the top of src/guestfs.c.
Also, rename the macros used in the daemon so they are not the
same. It was a very long time since these sets of macros had to
match the ones defined in src/guestfs.c, despite what the comment
said.
Note that this commit should not change the semantics of the
program at all.
|
| |
|
|
|
|
| |
Detect if qemu dies during launch by wait(2)-ing for it, and
then getting EOF on the qemu pipe. This was broken in null
vmchannel mode, causing a hang.
|
| |
|
|
|
|
| |
Always check that pid > 0 before calling kill (pid, 9). The
issue was that sometimes pid == 0, and this ends up killing
ourselves.
|
| |
|
|
|
|
|
|
| |
This warning is currently a fatal error. The code attempts
to retry the accept call, but because we don't reset sock = -1
the retry doesn't happen and it dies anyway.
Set sock = -1 so the retry attempt can happen.
|
| |
|
|
|
| |
We set it on the kernel command line, then get it out from
there when the rescue appliance boots.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
As far as I can tell, Darwin has no way to check the peer euid
of a _loopback_ TCP socket. This is required for the "null vmchannel"
implementation to work securely.
Therefore disable this - Darwin will use one of the other supported
vmchannel implementations instead.
|
| | |
|
| | |
|
| |
|
|
|
| |
Really this should be turned into a configure-time test.
Perhaps one exists already?
|
| | |
|
| | |
|
| |
|
|
|
| |
On Mac OS X this prevents a short "flash" as qemu opens a
toplevel window.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change the add_drive_ro call so it adds the readonly=on option
if qemu supports that.
This just means that qemu will not try to open the drive with
O_RDWR, and should not otherwise change the behaviour of qemu or
libguestfs. (In particular, writes to the read-only drive are
still permitted, and are just discarded when the handle is closed).
However it should alleviate RHBZ#571714 where udev was deciding
to incorrectly relabel a device because we had opened the device
for writing (even though we didn't actually write to it).
|
| |
|
|
|
|
|
| |
Reimplement qemu_supports() internal function. Allow it to run
before launch so we can test qemu features. Document that you
should run guestfs_set_qemu as early as possible to make sure
these tests are reliable.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libguestfs-supermin-helper was previously a shell script. Although
we had steadily optimized it, there were a number of intractable
hot spots:
(1) cpio still reads input files in 512 byte chunks; this is *very*
pessimal behaviour, particularly when SELinux is enabled.
(2) the hostfiles globbing was done very inefficiently by the shell,
with the shell rereading the same directory over and over again.
This is a rewrite of this shell script in C. It is approximately
3 times faster without SELinux, and has an even greater speed difference
with SELinux.
The main features are:
(a) It never frees memory, making it simpler. The program is designed
to run and exit in sub-second times, so this is acceptable.
(b) It caches directory reads, making the globbing of host files much
faster (measured this as ~ 4 x speed up).
(c) It doesn't use external cpio, but instead contains code to write
newc format cpio files, which is all that the kernel can read. Unlike
cpio, this code uses large buffers for reads and writes.
(d) Ignores missing or unreadable hostfiles, whereas cpio gave a
warning.
(e) Checks all return values from system calls.
(f) With --verbose flag, it will print messages timing itself.
This passes all tests.
Updated with feedback from Jim Meyering.
|
| |
|
|
|
|
| |
Since we have to compile with -Wno-unused-variables, we don't
spot unused variables in code. I found these by compiling the
code in Ubuntu.
|
| |
|
|
|
|
|
|
|
|
|
| |
The default if=... comes from configure time (currently it
defaults to if=virtio).
This change allows you to set the QEMU block emulation.
We don't think this will be used very often, but virt-v2v
requires it in order to work around a subtle problem with
running 'mkinitrd' in an appliance attached to a guest.
|
| |
|
|
|
|
|
|
| |
If the version of qemu being used supports -enable-kvm option,
then check if /dev/kvm is openable and add this option.
I have found this option makes no difference, although it is
*supposed* to enable KVM (hardware virtualization) support.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On some combination of installing, upgrading and removing the base
libguestfs package on x86_64, multilib can corrupt libguestfs by
leaving a copy of /usr/bin/libguestfs-supermin-helper around which
references the wrong architecture (usually, contains links to the
i386-based appliance, when the x86_64 appliance should be constructed).
This commit changes libguestfs-supermin-helper so that the script is
the same on all architectures. Instead, the library passes the
differences to the script (eg. $host_cpu). Because the i386 and
x86_64 libraries should be at different locations (/usr/lib vs
/usr/lib64) this should prevent multilib from screwing things up.
Related links:
https://bugzilla.redhat.com/show_bug.cgi?id=558593
http://rwmj.wordpress.com/2009/11/16/please-someone-shoot-multilib/#content
https://bugzilla.redhat.com/show_bug.cgi?id=235752
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Best explained by the comment in the code:
/* Newer versions of qemu (from around 2009/12) changed the
* behaviour of monitors so that an implicit '-monitor stdio' is
* assumed if we are in -nographic mode and there is no other
* -monitor option. Only a single stdio device is allowed, so
* this broke the '-serial stdio' option. There is a new flag
* called -nodefaults which gets rid of all this default crud, so
* let's use that to avoid this and any future surprises.
*/
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit uses the Gnulib 'lock' module to implement a mutex on
the global list of handles which is stored by the library.
Note that Gnulib nicely avoids explicitly linking with -lpthread
unless the application program itself links to -lpthread. Locks
are only enabled in multithreaded applications.
$ ldd src/.libs/libguestfs.so.0.217.0
linux-vdso.so.1 => (0x00007fffcb7ff000)
libc.so.6 => /lib64/libc.so.6 (0x00007f96a4e6c000)
/lib64/ld-linux-x86-64.so.2 (0x00007f96a544d000)
Please enter the commit message for your changes. Lines starting
|
| |
|
|
|
| |
Move these to private header file(s) and other places as required
since these aren't part of the public API.
|
| | |
|
| |
|
|
|
| |
In verbose mode, print timestamped messages during guestfs_launch
so we can see how long each step takes.
|
| |
|
|
|
|
|
|
|
|
| |
The guest handle field start_t was previously used (when we
had the wait_ready call), but had fallen into disuse. Note
that it could never be accessed through the API.
Rename this field as launch_t, convert it to a timeval, and
use it to measure the time since guestfs_launch was called
so that we can start profiling guest launch.
|
| | |
|
| |
|
|
|
| |
git grep -l 'strcmp *([^=]*== *0'|xargs \
perl -pi -e 's/\bstrcmp( *\(.*?\)) *== *0/STREQ$1/g'
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cfg.mk (disable_temporarily): Don't disable sc_avoid_ctype_macros.
* fish/tilde.c: Remove unnecessary inclusion of ctype.h.
* bootstrap: Add gnulib's c-ctype module to the list.
* daemon/m4/gnulib-cache.m4: Likewise.
* daemon/ext2.c: Include "c-ctype.h", not <ctype.h>.
Use c_isspace, etc, rather than isspace.
* daemon/guestfsd.c: Likewise.
* daemon/lvm.c: Likewise.
* daemon/proto.c: Likewise.
* fish/fish.c: Likewise.
* fish/tilde.c: Likewise.
* src/generator.ml: Likewise.
* src/guestfs.c: Likewise.
* examples/to-xml.c: Likewise.
* examples/Makefile.am (to_xml_CPPFLAGS): Add -I$(top_srcdir)/gnulib/lib
so inclusion of "c-ctype.h" works.
(to_xml_CPPFLAGS): Rename from to_xml_CFLAGS.
|
| |
|
|
|
|
|
|
| |
When the g->direct flag is set, the appliance stdin/stdout
are not connected to the library. Instead they inherit the
stdin/stdout of the caller.
This is used to implement virt-rescue.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit removes the requirement for vmchannel, although retaining
support for it.
In this configuration, known as "null vmchannel", the library
listens on a random loopback port. It passes the number of this
port to the appliance (guestfs_vmchannel=tcp:10.0.2.2:12345), and
the daemon then connects back. The library, instead of connecting,
listens and accepts the connection during guestfs_launch.
QEMU SLIRP (user mode networking) is still required to make this
work: SLIRP forwards the TCP connection transparently (instead of
explicitly as with guestfwd) to 127.0.0.1:<port>
There is a window in which any other local process on the machine
could see the port number in the qemu command line and try to
connect to it. This would be a devastating security hole, because
any local process could pretend to be the daemon and feed back
malicious replies to our remote procedure calls. To prevent this,
we check the UID of the other side of the TCP connection. If
the UID is different from the library's EUID, then we reject the
connection. To do this we have to parse /proc/net/tcp. (On Solaris
we could use getsockopt (SO_PEERCRED), but this doesn't work on
Linux TCP sockets).
Other vmchannel(s) are still supported. This is important, because
we can't in general be sure the qemu will always support SLIRP.
In particular, in recent versions of qemu it is possible to compile
out SLIRP.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reimplements parts of commit da0a4f8d1f6ddd302ceba028d87c6e009589e503
in a different, but compatible way.
We pass guestfs_vmchannel=tcp:<ip>:<port> on the command line. This
is intended to be used as follows (now and in future versions):
tcp:10.0.2.4:6666 for guestfwd vmchannel
tcp:10.0.2.2:<port> for future "no vmchannel" implementation
/dev/vcon4 for future virtio-console vmchannel*
It also accepts the old-style guestfs=10.0.2.4:6666 parameter which
is sent by older libraries, and turns this transparently into the
correct format above.
If no guestfs_vmchannel is passed, then this defaults to the guestfwd
vmchannel which older libraries would expect.
* Maybe this last one should be dev:/dev/vcon4 or file:/dev/vcon4, but
we don't need to decide that now.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit changes guestfs_launch so that it both launches
the appliance and waits until it is ready (ie. the daemon communicates
back to us).
Since we removed the pretence that we could implement a low-level
asynchronous API, the need to call launch() followed by wait_ready()
has looked a bit silly.
Now guestfs_wait_ready() is basically a no-op. It is left in the
API for backwards compatibility. Any calls to guestfs_wait_ready()
can be removed from client code.
|
| |
|
|
|
|
|
| |
buf[], append[] and memsize_str[] were all temporary buffers
used in non-overlapping code.
Combine them to use a single buffer (buf[]).
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Newer versions of qemu have changed the command line format
(again). '-net channel' is now deprecated. Instead we use:
-chardev socket,id=guestfsvmc,path=/path/to/sock,server,nowait
-net user,vlan=0,net=10.0.2.0/8,guestfwd=tcp:10.0.2.4:6666-chardev:guestfsvmc
-net nic,model=ne2k_pci,vlan=0
The old style format is still used if the new style is not
detected at runtime.
|
| |
|
|
|
|
|
|
|
|
| |
Since we control the appliance tightly, we can just specify
that it will always use a particular host and port, and we
don't need to pass it on the command line each time.
Also the VMCHANNEL_* constants are only relevant to the
particular guestfwd vmchannel implementation, so we rename
them as GUESTFWD_*.
|
| |
|
|
|
|
|
|
|
|
| |
Add the configure parameter --enable-packet-dump so that this
code can be enabled without editing the source.
This code is normally commented out, because it is too verbose
unless you happen to be debugging the underlying protocol. Because
it is normally commented out, I found it had bit-rotted slightly.
This commit also fixes the obvious problems.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit removes the external main loop, which never worked
and caused a number of bugs. Requests are now done synchronously,
and if the user wants to have requests issued in the background
or to have a responsive GUI, then they'll just have to use threads.
The big change is to push all reads and writes through two
functions called send_to_daemon (for writes) and recv_from_daemon
(for reads) which operate synchronously. These functions
read/write whole messages, and also handle checking for EOF
(ie. daemon died) and asynchronous log message events from
qemu (eg. from debug / dmesg printed by the guest). A more
complete description of how these work can be found in the code.
This code passes a complete run of the tests.
Bugs believed to be fixed by this commit:
https://bugzilla.redhat.com/show_bug.cgi?id=501888
internal error: reply callback called twice
https://bugzilla.redhat.com/show_bug.cgi?id=504418
In virt-inspector: "download: guestfs_download reply failed, see earlier error messages"
I have tried to avoid reintroducing this:
https://bugzilla.redhat.com/show_bug.cgi?id=508713
libguestfs: error: write: Broken pipe (guestfish only)
One other benefit of this is that 'set_busy/end_busy' calls
no longer appear in traces.
|
| |
|
|
|
| |
Enable this by calling guestfs_trace (handle, 1) or by
setting the LIBGUESTFS_TRACE=1 environment variable.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously non-daemon actions were called directly by
user code, eg:
/* Non-generated */
int
guestfs_set_verbose (guestfs_h *g, int v)
{
g->verbose = !!v;
return 0;
}
This changes these actions so they go indirectly via
some generated code, eg:
/* Generated */
int guestfs_set_verbose (guestfs_h *g,
int verbose)
{
return guestfs__set_verbose (g, verbose);
}
/* Non-generated */
int
guestfs__set_verbose (guestfs_h *g, int v)
{
g->verbose = !!v;
return 0;
}
The aim is to have a place in the generated code where
we can add debug or tracing information for these non-
daemon calls.
|
| |
|
|
|
| |
* src/guestfs.c (guestfs__receive_file_sync): Don't set "r",
only to ignore it.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Now that we're using gnulib in earnest, any manual definition
would provoke a redefinition warning.
* fish/fish.c (_GNU_SOURCE): Don't define.
* fish/destpaths.c (_GNU_SOURCE): Likewise.
* src/guestfs.c (_GNU_SOURCE): Likewise.
* bootstrap (modules): Add asprintf, strchrnul, strerror, strndup
and vasprintf.
* fish/fish.c (main): Set argv[0] to sanitized program_name, so
functions like getopt_long that use argv[0] use the clean name.
|
