void virMacAddrGenerate(const unsigned char prefix[VIR_MAC_PREFIX_BUFLEN],
virMacAddrPtr addr)
{
addr->addr[0] = prefix[0];
addr->addr[1] = prefix[1];
addr->addr[2] = prefix[2];
addr->addr[3] = virRandomBits(8);
addr->addr[4] = virRandomBits(8);
addr->addr[5] = virRandomBits(8);
}
void virMacAddrGenerate(const unsigned char *prefix,
unsigned char *addr)
{
addr[0] = prefix[0];
addr[1] = prefix[1];
addr[2] = prefix[2];
addr[3] = virRandomBits(8);
addr[4] = virRandomBits(8);
addr[5] = virRandomBits(8);
}
/**
* virHashCreateFull:
* @size: the size of the hash table
* @dataFree: callback to free data
* @keyCode: callback to compute hash code
* @keyEqual: callback to compare hash keys
* @keyCopy: callback to copy hash keys
* @keyFree: callback to free keys
*
* Create a new virHashTablePtr.
*
* Returns the newly created object, or NULL if an error occurred.
*/
virHashTablePtr virHashCreateFull(ssize_t size,
virHashDataFree dataFree,
virHashKeyCode keyCode,
virHashKeyEqual keyEqual,
virHashKeyCopy keyCopy,
virHashKeyFree keyFree)
{
virHashTablePtr table = NULL;
if (size <= 0)
size = 256;
if (VIR_ALLOC(table) < 0) {
virReportOOMError();
return NULL;
}
table->seed = virRandomBits(32);
table->size = size;
table->nbElems = 0;
table->dataFree = dataFree;
table->keyCode = keyCode;
table->keyEqual = keyEqual;
table->keyCopy = keyCopy;
table->keyFree = keyFree;
if (VIR_ALLOC_N(table->table, size) < 0) {
virReportOOMError();
VIR_FREE(table);
return NULL;
}
return table;
}
int
virRandomGenerateWWN(char **wwn,
const char *virt_type)
{
const char *oui = NULL;
if (!virt_type) {
virReportError(VIR_ERR_INVALID_ARG, "%s",
_("argument virt_type must not be NULL"));
return -1;
}
if (STREQ(virt_type, "QEMU")) {
oui = QUMRANET_OUI;
} else if (STREQ(virt_type, "Xen") ||
STREQ(virt_type, "xenlight") ||
STREQ(virt_type, "XenAPI")) {
oui = XEN_OUI;
} else if (STREQ(virt_type, "ESX") ||
STREQ(virt_type, "VMWARE")) {
oui = VMWARE_OUI;
} else if (STREQ(virt_type, "HYPER-V")) {
oui = MICROSOFT_OUI;
} else {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Unsupported virt type"));
return -1;
}
if (virAsprintf(wwn, "5" "%s%09llx", oui,
(unsigned long long)virRandomBits(36)) < 0)
return -1;
return 0;
}
/**
* virRandomInt:
* @max: upper limit
*
* Generate an evenly distributed random integer between [0, @max)
*
* Return: a random number between [0,@max)
*/
uint32_t virRandomInt(uint32_t max)
{
if ((max & (max - 1)) == 0)
return virRandomBits(ffs(max) - 1);
double val = virRandom();
return val * max;
}
static int
virUUIDGeneratePseudoRandomBytes(unsigned char *buf,
int buflen)
{
while (buflen > 0) {
*buf++ = virRandomBits(8);
buflen--;
}
return 0;
}
static int
SELinuxGenSecurityLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def)
{
int rc = -1;
char *mcs = NULL;
char *scontext = NULL;
int c1 = 0;
int c2 = 0;
context_t ctx = NULL;
const char *range;
virSecuritySELinuxDataPtr data = virSecurityManagerGetPrivateData(mgr);
VIR_DEBUG("SELinuxGenSecurityLabel %s", virSecurityManagerGetDriver(mgr));
if ((def->seclabel.type == VIR_DOMAIN_SECLABEL_DYNAMIC) &&
!def->seclabel.baselabel &&
def->seclabel.model) {
virSecurityReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("security model already defined for VM"));
return rc;
}
if (def->seclabel.type == VIR_DOMAIN_SECLABEL_DYNAMIC &&
def->seclabel.label) {
virSecurityReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("security label already defined for VM"));
return rc;
}
if (def->seclabel.imagelabel) {
virSecurityReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("security image label already defined for VM"));
return rc;
}
if (def->seclabel.model &&
STRNEQ(def->seclabel.model, SECURITY_SELINUX_NAME)) {
virSecurityReportError(VIR_ERR_INTERNAL_ERROR,
_("security label model %s is not supported with selinux"),
def->seclabel.model);
return rc;
}
VIR_DEBUG("SELinuxGenSecurityLabel %d", def->seclabel.type);
switch (def->seclabel.type) {
case VIR_DOMAIN_SECLABEL_STATIC:
if (!(ctx = context_new(def->seclabel.label)) ) {
virReportSystemError(errno,
_("unable to allocate socket security context '%s'"),
def->seclabel.label);
return rc;
}
range = context_range_get(ctx);
if (!range ||
!(mcs = strdup(range))) {
virReportOOMError();
goto cleanup;
}
break;
case VIR_DOMAIN_SECLABEL_DYNAMIC:
do {
c1 = virRandomBits(10);
c2 = virRandomBits(10);
if ( c1 == c2 ) {
if (virAsprintf(&mcs, "s0:c%d", c1) < 0) {
virReportOOMError();
goto cleanup;
}
} else {
if (c1 > c2) {
c1 ^= c2;
c2 ^= c1;
c1 ^= c2;
}
if (virAsprintf(&mcs, "s0:c%d,c%d", c1, c2) < 0) {
virReportOOMError();
goto cleanup;
}
}
} while (mcsAdd(mcs) == -1);
def->seclabel.label =
SELinuxGenNewContext(def->seclabel.baselabel ?
def->seclabel.baselabel :
data->domain_context, mcs);
if (! def->seclabel.label) {
virSecurityReportError(VIR_ERR_INTERNAL_ERROR,
_("cannot generate selinux context for %s"), mcs);
goto cleanup;
}
break;
case VIR_DOMAIN_SECLABEL_NONE:
/* no op */
break;
default:
virSecurityReportError(VIR_ERR_INTERNAL_ERROR,
_("unexpected security label type '%s'"),
virDomainSeclabelTypeToString(def->seclabel.type));
goto cleanup;
}
if (!def->seclabel.norelabel) {
def->seclabel.imagelabel = SELinuxGenNewContext(data->file_context, mcs);
if (!def->seclabel.imagelabel) {
virSecurityReportError(VIR_ERR_INTERNAL_ERROR,
_("cannot generate selinux context for %s"), mcs);
goto cleanup;
}
}
if (!def->seclabel.model &&
!(def->seclabel.model = strdup(SECURITY_SELINUX_NAME))) {
virReportOOMError();
goto cleanup;
}
rc = 0;
cleanup:
if (rc != 0) {
if (def->seclabel.type == VIR_DOMAIN_SECLABEL_DYNAMIC)
VIR_FREE(def->seclabel.label);
VIR_FREE(def->seclabel.imagelabel);
if (def->seclabel.type == VIR_DOMAIN_SECLABEL_DYNAMIC &&
!def->seclabel.baselabel)
VIR_FREE(def->seclabel.model);
}
if (ctx)
context_free(ctx);
VIR_FREE(scontext);
VIR_FREE(mcs);
VIR_DEBUG("model=%s label=%s imagelabel=%s baselabel=%s",
NULLSTR(def->seclabel.model),
NULLSTR(def->seclabel.label),
NULLSTR(def->seclabel.imagelabel),
NULLSTR(def->seclabel.baselabel));
return rc;
}
static int
virStorageBackendCreateIfaceIQN(const char *initiatoriqn,
char **ifacename)
{
int ret = -1, exitstatus = -1;
char temp_ifacename[32];
const char *const cmdargv1[] = {
ISCSIADM, "--mode", "iface", "--interface",
temp_ifacename, "--op", "new", NULL
};
const char *const cmdargv2[] = {
ISCSIADM, "--mode", "iface", "--interface", temp_ifacename,
"--op", "update", "--name", "iface.initiatorname", "--value",
initiatoriqn, NULL
};
snprintf(temp_ifacename, sizeof(temp_ifacename), "libvirt-iface-%08llx",
(unsigned long long)virRandomBits(30));
VIR_DEBUG("Attempting to create interface '%s' with IQN '%s'",
&temp_ifacename[0], initiatoriqn);
/* Note that we ignore the exitstatus. Older versions of iscsiadm
* tools returned an exit status of > 0, even if they succeeded.
* We will just rely on whether the interface got created
* properly. */
if (virRun(cmdargv1, &exitstatus) < 0) {
virStorageReportError(VIR_ERR_INTERNAL_ERROR,
_("Failed to run command '%s' to create new iscsi interface"),
cmdargv1[0]);
goto out;
}
/* Note that we ignore the exitstatus. Older versions of iscsiadm tools
* returned an exit status of > 0, even if they succeeded. We will just
* rely on whether iface file got updated properly. */
if (virRun(cmdargv2, &exitstatus) < 0) {
virStorageReportError(VIR_ERR_INTERNAL_ERROR,
_("Failed to run command '%s' to update iscsi interface with IQN '%s'"),
cmdargv2[0], initiatoriqn);
goto out;
}
/* Check again to make sure the interface was created. */
if (virStorageBackendIQNFound(initiatoriqn, ifacename) != IQN_FOUND) {
VIR_DEBUG("Failed to find interface '%s' with IQN '%s' "
"after attempting to create it",
&temp_ifacename[0], initiatoriqn);
goto out;
} else {
VIR_DEBUG("Interface '%s' with IQN '%s' was created successfully",
*ifacename, initiatoriqn);
}
ret = 0;
out:
if (ret != 0)
VIR_FREE(*ifacename);
return ret;
}
/**
* virRandom:
*
* Generate an evenly distributed random number between [0.0,1.0)
*
* Return: a random number with 48 bits of entropy
*/
double virRandom(void)
{
uint64_t val = virRandomBits(48);
return ldexp(val, -48);
}
