char *virSecurityManagerGetMountOptions(virSecurityManagerPtr mgr,
virDomainDefPtr vm)
{
if (mgr->drv->domainGetSecurityMountOptions) {
char *ret;
virObjectLock(mgr);
ret = mgr->drv->domainGetSecurityMountOptions(mgr, vm);
virObjectUnlock(mgr);
return ret;
}
virReportUnsupportedError();
return NULL;
}
int virSecurityManagerSetHugepages(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
const char *path)
{
if (mgr->drv->domainSetSecurityHugepages) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainSetSecurityHugepages(mgr, vm, path);
virObjectUnlock(mgr);
return ret;
}
return 0;
}
const char *
virSecurityManagerGetModel(virSecurityManagerPtr mgr)
{
if (mgr->drv->getModel) {
const char *ret;
virObjectLock(mgr);
ret = mgr->drv->getModel(mgr);
virObjectUnlock(mgr);
return ret;
}
virReportUnsupportedError();
return NULL;
}
int virSecurityManagerSetProcessLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm)
{
if (mgr->drv->domainSetSecurityProcessLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainSetSecurityProcessLabel(mgr, vm);
virObjectUnlock(mgr);
return ret;
}
virReportUnsupportedError();
return -1;
}
static void virLXCProcessMonitorEOFNotify(virLXCMonitorPtr mon,
virDomainObjPtr vm)
{
virLXCDriverPtr driver = lxc_driver;
virObjectEventPtr event = NULL;
virLXCDomainObjPrivatePtr priv;
VIR_DEBUG("mon=%p vm=%p", mon, vm);
virObjectLock(vm);
priv = vm->privateData;
virLXCProcessStop(driver, vm, VIR_DOMAIN_SHUTOFF_SHUTDOWN);
if (!priv->wantReboot) {
virLXCProcessStop(driver, vm, VIR_DOMAIN_SHUTOFF_SHUTDOWN);
if (!priv->doneStopEvent) {
event = virDomainEventLifecycleNewFromObj(vm,
VIR_DOMAIN_EVENT_STOPPED,
priv->stopReason);
virDomainAuditStop(vm, "shutdown");
} else {
VIR_DEBUG("Stop event has already been sent");
}
if (!vm->persistent) {
virDomainObjListRemove(driver->domains, vm);
vm = NULL;
}
} else {
int ret = virLXCProcessReboot(driver, vm);
virDomainAuditStop(vm, "reboot");
virDomainAuditStart(vm, "reboot", ret == 0);
if (ret == 0) {
event = virDomainEventRebootNewFromObj(vm);
} else {
event = virDomainEventLifecycleNewFromObj(vm,
VIR_DOMAIN_EVENT_STOPPED,
priv->stopReason);
if (!vm->persistent) {
virDomainObjListRemove(driver->domains, vm);
vm = NULL;
}
}
}
if (vm)
virObjectUnlock(vm);
if (event) {
virObjectEventStateQueue(driver->domainEventState, event);
}
}
bool
virKeepAliveCheckMessage(virKeepAlivePtr ka,
virNetMessagePtr msg,
virNetMessagePtr *response)
{
bool ret = false;
VIR_DEBUG("ka=%p, client=%p, msg=%p",
ka, ka ? ka->client : "(null)", msg);
*response = NULL;
if (!ka)
return false;
virObjectLock(ka);
ka->countToDeath = ka->count;
ka->lastPacketReceived = ka->intervalStart = time(NULL);
if (msg->header.prog == KEEPALIVE_PROGRAM &&
msg->header.vers == KEEPALIVE_PROTOCOL_VERSION &&
msg->header.type == VIR_NET_MESSAGE) {
PROBE(RPC_KEEPALIVE_RECEIVED,
"ka=%p client=%p prog=%d vers=%d proc=%d",
ka, ka->client, msg->header.prog,
msg->header.vers, msg->header.proc);
ret = true;
switch (msg->header.proc) {
case KEEPALIVE_PROC_PING:
VIR_DEBUG("Got keepalive request from client %p", ka->client);
*response = virKeepAliveMessage(ka, KEEPALIVE_PROC_PONG);
break;
case KEEPALIVE_PROC_PONG:
VIR_DEBUG("Got keepalive response from client %p", ka->client);
break;
default:
VIR_DEBUG("Ignoring unknown keepalive message %d from client %p",
msg->header.proc, ka->client);
}
}
if (ka->timer >= 0)
virEventUpdateTimeout(ka->timer, ka->interval * 1000);
virObjectUnlock(ka);
return ret;
}
/* return NULL if a base label is not present */
const char *
virSecurityManagerGetBaseLabel(virSecurityManagerPtr mgr,
int virtType)
{
if (mgr->drv->getBaseLabel) {
const char *ret;
virObjectLock(mgr);
ret = mgr->drv->getBaseLabel(mgr, virtType);
virObjectUnlock(mgr);
return ret;
}
return NULL;
}
void qemuMonitorTestFree(qemuMonitorTestPtr test)
{
size_t i;
int timer = -1;
if (!test)
return;
virMutexLock(&test->lock);
if (test->running) {
test->quit = true;
/* HACK: Add a dummy timeout to break event loop */
timer = virEventAddTimeout(0, qemuMonitorTestFreeTimer, NULL, NULL);
}
virMutexUnlock(&test->lock);
if (test->client) {
virNetSocketRemoveIOCallback(test->client);
virNetSocketClose(test->client);
virObjectUnref(test->client);
}
virObjectUnref(test->server);
if (test->mon) {
virObjectUnlock(test->mon);
qemuMonitorClose(test->mon);
}
virObjectUnref(test->vm);
virThreadJoin(&test->thread);
if (timer != -1)
virEventRemoveTimeout(timer);
VIR_FREE(test->incoming);
VIR_FREE(test->outgoing);
for (i = 0 ; i < test->nitems ; i++)
qemuMonitorTestItemFree(test->items[i]);
VIR_FREE(test->items);
if (test->tmpdir && rmdir(test->tmpdir) < 0)
VIR_WARN("Failed to remove tempdir: %s", strerror(errno));
VIR_FREE(test->tmpdir);
virMutexDestroy(&test->lock);
VIR_FREE(test);
}
/*
* Must be called before fork()'ing to ensure mutex state
* is sane for the child to use. A negative return means the
* child must not be forked; a successful return must be
* followed by a call to virSecurityManagerPostFork() in both
* parent and child.
*/
int
virSecurityManagerPreFork(virSecurityManagerPtr mgr)
{
int ret = 0;
virObjectLock(mgr);
if (mgr->drv->preFork) {
ret = mgr->drv->preFork(mgr);
if (ret < 0)
virObjectUnlock(mgr);
}
return ret;
}
void virNetServerClientSetDispatcher(virNetServerClientPtr client,
virNetServerClientDispatchFunc func,
void *opaque)
{
virObjectLock(client);
/* Only set dispatcher if not already set, to avoid race
* with dispatch code that runs without locks held
*/
if (!client->dispatchFunc) {
client->dispatchFunc = func;
client->dispatchOpaque = opaque;
}
virObjectUnlock(client);
}
const char *
virSecurityManagerGetModel(virSecurityManagerPtr mgr)
{
if (mgr->drv->getModel) {
const char *ret;
virObjectLock(mgr);
ret = mgr->drv->getModel(mgr);
virObjectUnlock(mgr);
return ret;
}
virReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
return NULL;
}
/**
* virAdmConnectUnregisterCloseCallback:
* @conn: pointer to connection object
* @cb: pointer to the current registered callback
*
* Unregisters the callback previously set with the
* virAdmConnectRegisterCloseCallback method. The callback
* will no longer receive notifications when the connection
* closes. If a virFreeCallback was provided at time of
* registration, it will be invoked.
*
* Returns 0 on success, -1 on error
*/
int virAdmConnectUnregisterCloseCallback(virAdmConnectPtr conn,
virAdmConnectCloseFunc cb)
{
VIR_DEBUG("conn=%p", conn);
virResetLastError();
virCheckAdmConnectReturn(conn, -1);
virObjectLock(conn);
virObjectLock(conn->closeCallback);
virCheckNonNullArgGoto(cb, error);
if (conn->closeCallback->callback != cb) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
_("A different callback was requested"));
goto error;
}
conn->closeCallback->callback = NULL;
if (conn->closeCallback->freeCallback)
conn->closeCallback->freeCallback(conn->closeCallback->opaque);
conn->closeCallback->freeCallback = NULL;
virObjectUnlock(conn->closeCallback);
virObjectUnlock(conn);
virObjectUnref(conn);
return 0;
error:
virObjectUnlock(conn->closeCallback);
virObjectUnlock(conn);
virDispatchError(NULL);
return -1;
}
int
virSecurityManagerDomainSetDirLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
const char *path)
{
if (mgr->drv->domainSetDirLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainSetDirLabel(mgr, vm, path);
virObjectUnlock(mgr);
return ret;
}
return 0;
}
int virSecurityManagerRestoreImageLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
virDomainDiskDefPtr disk)
{
if (mgr->drv->domainRestoreSecurityImageLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainRestoreSecurityImageLabel(mgr, vm, disk);
virObjectUnlock(mgr);
return ret;
}
virReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
return -1;
}
bool virNetServerClientIsSecure(virNetServerClientPtr client)
{
bool secure = false;
virObjectLock(client);
if (client->tls)
secure = true;
#if WITH_SASL
if (client->sasl)
secure = true;
#endif
if (client->sock && virNetSocketIsLocal(client->sock))
secure = true;
virObjectUnlock(client);
return secure;
}
int virSecurityManagerSetAllLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
const char *stdin_path)
{
if (mgr->drv->domainSetSecurityAllLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainSetSecurityAllLabel(mgr, vm, stdin_path);
virObjectUnlock(mgr);
return ret;
}
virReportUnsupportedError();
return -1;
}
int virSecurityManagerRestoreAllLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
int migrated)
{
if (mgr->drv->domainRestoreSecurityAllLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainRestoreSecurityAllLabel(mgr, vm, migrated);
virObjectUnlock(mgr);
return ret;
}
virReportUnsupportedError();
return -1;
}
int virSecurityManagerRestoreSavedStateLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
const char *savefile)
{
if (mgr->drv->domainRestoreSavedStateLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainRestoreSavedStateLabel(mgr, vm, savefile);
virObjectUnlock(mgr);
return ret;
}
virReportUnsupportedError();
return -1;
}
int virSecurityManagerReserveLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
pid_t pid)
{
if (mgr->drv->domainReserveSecurityLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainReserveSecurityLabel(mgr, vm, pid);
virObjectUnlock(mgr);
return ret;
}
virReportUnsupportedError();
return -1;
}
int virSecurityManagerSetImageLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
virDomainDiskDefPtr disk)
{
if (mgr->drv->domainSetSecurityImageLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainSetSecurityImageLabel(mgr, vm, disk);
virObjectUnlock(mgr);
return ret;
}
virReportUnsupportedError();
return -1;
}
int virSecurityManagerSetTapFDLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
int fd)
{
if (mgr->drv->domainSetSecurityTapFDLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainSetSecurityTapFDLabel(mgr, vm, fd);
virObjectUnlock(mgr);
return ret;
}
virReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
return -1;
}
static int virNetServerAddClient(virNetServerPtr srv,
virNetServerClientPtr client)
{
virObjectLock(srv);
if (srv->nclients >= srv->nclients_max) {
virReportError(VIR_ERR_RPC,
_("Too many active clients (%zu), dropping connection from %s"),
srv->nclients_max, virNetServerClientRemoteAddrString(client));
goto error;
}
if (virNetServerClientInit(client) < 0)
goto error;
if (VIR_EXPAND_N(srv->clients, srv->nclients, 1) < 0) {
virReportOOMError();
goto error;
}
srv->clients[srv->nclients-1] = client;
virObjectRef(client);
virNetServerClientSetDispatcher(client,
virNetServerDispatchNewMessage,
srv);
virNetServerClientInitKeepAlive(client, srv->keepaliveInterval,
srv->keepaliveCount);
virObjectUnlock(srv);
return 0;
error:
virObjectUnlock(srv);
return -1;
}
int virSecurityManagerRestoreAllLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
int migrated)
{
if (mgr->drv->domainRestoreSecurityAllLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainRestoreSecurityAllLabel(mgr, vm, migrated);
virObjectUnlock(mgr);
return ret;
}
virReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
return -1;
}
int virSecurityManagerSetAllLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
const char *stdin_path)
{
if (mgr->drv->domainSetSecurityAllLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainSetSecurityAllLabel(mgr, vm, stdin_path);
virObjectUnlock(mgr);
return ret;
}
virReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
return -1;
}
int virSecurityManagerReserveLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
pid_t pid)
{
if (mgr->drv->domainReserveSecurityLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainReserveSecurityLabel(mgr, vm, pid);
virObjectUnlock(mgr);
return ret;
}
virReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
return -1;
}
int virSecurityManagerRestoreSavedStateLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
const char *savefile)
{
if (mgr->drv->domainRestoreSavedStateLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainRestoreSavedStateLabel(mgr, vm, savefile);
virObjectUnlock(mgr);
return ret;
}
virReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
return -1;
}
int virPortAllocatorAcquire(virPortAllocatorPtr pa,
unsigned short *port)
{
int ret = -1;
size_t i;
*port = 0;
virObjectLock(pa);
for (i = pa->start; i <= pa->end && !*port; i++) {
bool used = false, v6used = false;
if (virBitmapGetBit(pa->bitmap,
i - pa->start, &used) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Failed to query port %zu"), i);
goto cleanup;
}
if (used)
continue;
if (virPortAllocatorBindToPort(&v6used, i, AF_INET6) < 0 ||
virPortAllocatorBindToPort(&used, i, AF_INET) < 0)
goto cleanup;
if (!used && !v6used) {
/* Add port to bitmap of reserved ports */
if (virBitmapSetBit(pa->bitmap,
i - pa->start) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Failed to reserve port %zu"), i);
goto cleanup;
}
*port = i;
ret = 0;
}
}
if (*port == 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Unable to find an unused port in range '%s' (%d-%d)"),
pa->name, pa->start, pa->end);
}
cleanup:
virObjectUnlock(pa);
return ret;
}
static int
vmwareDomainResume(virDomainPtr dom)
{
struct vmware_driver *driver = dom->conn->privateData;
virDomainObjPtr vm;
const char *cmd[] = {
VMRUN, "-T", PROGRAM_SENTINAL, "unpause", PROGRAM_SENTINAL,
NULL
};
int ret = -1;
if (driver->type == TYPE_PLAYER) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("vmplayer does not support libvirt suspend/resume "
"(vmware pause/unpause) operation "));
return ret;
}
vmwareDriverLock(driver);
vm = virDomainObjListFindByUUID(driver->domains, dom->uuid);
vmwareDriverUnlock(driver);
if (!vm) {
virReportError(VIR_ERR_NO_DOMAIN, "%s",
_("no domain with matching uuid"));
goto cleanup;
}
vmwareSetSentinal(cmd, vmw_types[driver->type]);
vmwareSetSentinal(cmd, ((vmwareDomainPtr) vm->privateData)->vmxPath);
if (virDomainObjGetState(vm, NULL) != VIR_DOMAIN_PAUSED) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("domain is not in suspend state"));
goto cleanup;
}
if (virRun(cmd, NULL) < 0)
goto cleanup;
virDomainObjSetState(vm, VIR_DOMAIN_RUNNING, VIR_DOMAIN_RUNNING_UNPAUSED);
ret = 0;
cleanup:
if (vm)
virObjectUnlock(vm);
return ret;
}
int virSecurityManagerSetHostdevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
virDomainHostdevDefPtr dev,
const char *vroot)
{
if (mgr->drv->domainSetSecurityHostdevLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainSetSecurityHostdevLabel(mgr, vm, dev, vroot);
virObjectUnlock(mgr);
return ret;
}
virReportUnsupportedError();
return -1;
}
int virSecurityManagerGetProcessLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
pid_t pid,
virSecurityLabelPtr sec)
{
if (mgr->drv->domainGetSecurityProcessLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainGetSecurityProcessLabel(mgr, vm, pid, sec);
virObjectUnlock(mgr);
return ret;
}
virReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
return -1;
}
