summaryrefslogtreecommitdiffstats
path: root/os-posix.c
Commit message (Collapse)AuthorAgeFilesLines
* os: deprecate the -enable-fips option and QEMU's FIPS enforcementDaniel P. Berrangé2021-01-291-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | The -enable-fips option was added a long time ago to prevent the use of single DES when VNC when FIPS mode is enabled. It should never have been added, because apps are supposed to unconditionally honour FIPS mode based on the '/proc/sys/crypto/fips_enabled' file contents. In addition there is more to achieving FIPS compliance than merely blocking use of certain algorithms. Those algorithms which are used need to perform self-tests at runtime. QEMU's built-in cryptography provider has no support for self-tests, and neither does the nettle library. If QEMU is required to be used in a FIPS enabled host, then it must be built with the libgcrypt library enabled, which will unconditionally enforce FIPS compliance in any algorithm usage. Thus there is no need to keep either the -enable-fips option in QEMU, or QEMU's internal FIPS checking methods. Reviewed-by: John Snow <jsnow@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* vl: relocate paths to data directoriesPaolo Bonzini2020-09-301-20/+0Star
| | | | | | | As an additional advantage, the logic is now unified between POSIX and Win32 systems. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* oslib: do not call g_strdup from qemu_get_exec_dirPaolo Bonzini2020-09-301-5/+1Star
| | | | | | | | Just return the directory without requiring the caller to free it. This also removes a bogus check for NULL in os_find_datadir and module_load_one; g_strdup of a static variable cannot return NULL. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* util: rename qemu_open() to qemu_open_old()Daniel P. Berrangé2020-09-161-1/+1
| | | | | | | | | | | We want to introduce a new version of qemu_open() that uses an Error object for reporting problems and make this it the preferred interface. Rename the existing method to release the namespace for the new impl. Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* meson: link emulators without Makefile.targetPaolo Bonzini2020-08-211-2/+2
| | | | | | | | The binaries move to the root directory, e.g. qemu-system-i386 or qemu-arm. This requires changes to qtests, CI, etc. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* qemu/osdep: Document os_find_datadir() return valuePhilippe Mathieu-Daudé2020-07-211-0/+3
| | | | | | | | | | Document os_find_datadir() returned data must be freed. Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Michael Rolnik <mrolnik@gmail.com> Tested-by: Michael Rolnik <mrolnik@gmail.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20200714164257.23330-2-f4bug@amsat.org>
* build: Check that mlockall() existsDavid CARLIER2020-07-131-0/+4
| | | | | | | | | | | | | | | | Instead of assuming that all POSIX platforms provide mlockall(), test for it in configure. If the host doesn't provide this platform then os_mlock() will fail -ENOSYS, as it does already on Windows. This is necessary for Haiku, which does not have mlockall(). Signed-off-by: David Carlier <devnexen@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20200703145614.16684-4-peter.maydell@linaro.org [PMM: Expanded commit message; rename to HAVE_MLOCKALL] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* os-posix: simplify os_find_datadirMarc-André Lureau2019-12-171-28/+13Star
| | | | | | | | Use g_build_filename instead of sprintf, and g_autofree instead of manual freeing. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* sysemu: Split sysemu/runstate.h off sysemu/sysemu.hMarkus Armbruster2019-08-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | sysemu/sysemu.h is a rather unfocused dumping ground for stuff related to the system-emulator. Evidence: * It's included widely: in my "build everything" tree, changing sysemu/sysemu.h still triggers a recompile of some 1100 out of 6600 objects (not counting tests and objects that don't depend on qemu/osdep.h, down from 5400 due to the previous two commits). * It pulls in more than a dozen additional headers. Split stuff related to run state management into its own header sysemu/runstate.h. Touching sysemu/sysemu.h now recompiles some 850 objects. qemu/uuid.h also drops from 1100 to 850, and qapi/qapi-types-run-state.h from 4400 to 4200. Touching new sysemu/runstate.h recompiles some 500 objects. Since I'm touching MAINTAINERS to add sysemu/runstate.h anyway, also add qemu/main-loop.h. Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20190812052359.30071-30-armbru@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> [Unbreak OS-X build]
* Include qemu-common.h exactly where neededMarkus Armbruster2019-06-121-0/+1
| | | | | | | | | | | | | | | | No header includes qemu-common.h after this commit, as prescribed by qemu-common.h's file comment. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20190523143508.25387-5-armbru@redhat.com> [Rebased with conflicts resolved automatically, except for include/hw/arm/xlnx-zynqmp.h hw/arm/nrf51_soc.c hw/arm/msf2-soc.c block/qcow2-refcount.c block/qcow2-cluster.c block/qcow2-cache.c target/arm/cpu.h target/lm32/cpu.h target/m68k/cpu.h target/mips/cpu.h target/moxie/cpu.h target/nios2/cpu.h target/openrisc/cpu.h target/riscv/cpu.h target/tilegx/cpu.h target/tricore/cpu.h target/unicore32/cpu.h target/xtensa/cpu.h; bsd-user/main.c and net/tap-bsd.c fixed up]
* util: add qemu_write_pidfile()Marc-André Lureau2018-10-021-24/+0Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are variants of qemu_create_pidfile() in qemu-pr-helper and qemu-ga. Let's have a common implementation in libqemuutil. The code is initially based from pr-helper write_pidfile(), with various improvements and suggestions from Daniel Berrangé: QEMU will leave the pidfile existing on disk when it exits which initially made me think it avoids the deletion race. The app managing QEMU, however, may well delete the pidfile after it has seen QEMU exit, and even if the app locks the pidfile before deleting it, there is still a race. eg consider the following sequence QEMU 1 libvirtd QEMU 2 1. lock(pidfile) 2. exit() 3. open(pidfile) 4. lock(pidfile) 5. open(pidfile) 6. unlink(pidfile) 7. close(pidfile) 8. lock(pidfile) IOW, at step 8 the new QEMU has successfully acquired the lock, but the pidfile no longer exists on disk because it was deleted after the original QEMU exited. While we could just say no external app should ever delete the pidfile, I don't think that is satisfactory as people don't read docs, and admins don't like stale pidfiles being left around on disk. To make this robust, I think we might want to copy libvirt's approach to pidfile acquisition which runs in a loop and checks that the file on disk /after/ acquiring the lock matches the file that was locked. Then we could in fact safely let QEMU delete its own pidfiles on clean exit.. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20180831145314.14736-2-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* net: Remove the deprecated -tftp, -bootp, -redir and -smb optionsThomas Huth2018-08-311-8/+0Star
| | | | | | | | | | | | | These options likely do not work as expected as soon as the user tries to use more than one network interface at once. The parameters have been marked as deprecated since QEMU v2.6, so users had plenty of time to move their scripts to the new syntax. Time to remove the old parameters now. Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Acked-by: Peter Krempa <pkrempa@redhat.com> Acked-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
* qemu-options: Bail out on unsupported options instead of silently ignoring themThomas Huth2018-05-091-1/+5
| | | | | | | | | | | | | | The dangling remainder of the -tdf option revealed a deficiency in our option parsing: Options that have been declared, but are not supported in the switch-case statement in vl.c and not handled in the OS-specifc os_parse_cmd_args() functions are currently silently ignored. We should rather tell the users that they specified something that we can not handle, so let's print an error message and exit instead. Reported-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <1525453270-23074-3-git-send-email-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* os-posix: cleanup: Replace perror with error_reportIan Jackson2018-04-261-4/+4
| | | | | | | | | | | | | | perror() is defined to fprintf(stderr,...). HACKING says fprintf(stderr,...) is wrong. So perror() is too. Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com> CC: Paolo Bonzini <pbonzini@redhat.com> CC: Markus Armbruster <armbru@redhat.com> CC: Daniel P. Berrange <berrange@redhat.com> CC: Michael Tokarev <mjt@tls.msk.ru> CC: Alistair Francis <alistair.francis@xilinx.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
* os-posix: cleanup: Replace fprintf with error_report in remaining call sitesIan Jackson2018-04-261-2/+2
| | | | | | | | | | Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com> CC: Paolo Bonzini <pbonzini@redhat.com> CC: Markus Armbruster <armbru@redhat.com> CC: Daniel P. Berrange <berrange@redhat.com> CC: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
* os-posix: Provide new -runas <uid>:<gid> facilityIan Jackson2018-04-261-12/+65
| | | | | | | | | | | | | | | | | | | This allows the caller to specify a uid and gid to use, even if there is no corresponding password entry. This will be useful in certain Xen configurations. We don't support just -runas <uid> because: (i) deprivileging without calling setgroups would be ineffective (ii) given only a uid we don't know what gid we ought to use (since uids may eppear in multiple passwd file entries with different gids). Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com> Reviewed-by: Anthony PERARD <anthony.perard@citrix.com> CC: Paolo Bonzini <pbonzini@redhat.com> CC: Markus Armbruster <armbru@redhat.com> CC: Daniel P. Berrange <berrange@redhat.com> CC: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Markus Armbruster <armbru@redhat.com>
* os-posix: cleanup: Replace fprintfs with error_report in change_process_uidIan Jackson2018-04-261-5/+5
| | | | | | | | | | | | | I'm going to be editing this function and it makes sense to clean up this style problem in advance. Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com> CC: Paolo Bonzini <pbonzini@redhat.com> CC: Markus Armbruster <armbru@redhat.com> CC: Daniel P. Berrange <berrange@redhat.com> CC: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
* os-posix: Drop misleading commentMarkus Armbruster2017-10-161-1/+0Star
| | | | | | | | | | | Comments explaining why we include a header tend to go bad. This one's almost comical: not only doesn't qemu-options.hx use MAP_POPULATE anymore (since commit ef36fa1, v2.0.0, 2013), even the include it applies to got moved away in commit 02d0e09 (v2.7.0). Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
* Revert "rcu: do not create thread in pthread_atfork callback"Paolo Bonzini2017-08-081-2/+0Star
| | | | | | | | | | This reverts commit a59629fcc6f603e19b516dc08f75334e5c480bd0. This is not needed anymore because the IOThread mutex is not "magic" anymore (need not kick the CPU thread)and also because fork callbacks are only enabled at the very beginning of QEMU's execution. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* use g_path_get_dirname instead of dirnameWei Jiangang2016-07-171-1/+2
| | | | | | | | | Use g_path_get_basename to get the directory components of a file name, and free its return when no longer needed. Signed-off-by: Wei Jiangang <weijg.fnst@cn.fujitsu.com> Message-Id: <1459997185-15669-3-git-send-email-weijg.fnst@cn.fujitsu.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* os-posix: include sys/mman.hPaolo Bonzini2016-06-161-1/+0Star
| | | | | | | | | qemu/osdep.h checks whether MAP_ANONYMOUS is defined, but this check is bogus without a previous inclusion of sys/mman.h. Include it in sysemu/os-posix.h and remove it from everywhere else. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* util: move declarations out of qemu-common.hVeronia Bahaa2016-03-221-0/+1
| | | | | | | | | | Move declarations out of qemu-common.h for functions declared in utils/ files: e.g. include/qemu/path.h for utils/path.c. Move inline functions out of qemu-common.h and into new files (e.g. include/qemu/bcd.h) Signed-off-by: Veronia Bahaa <veroniabahaa@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* log: Redirect stderr to logfile if deamonizedDimitris Aragiorgis2016-02-221-1/+5
| | | | | | | | | | | In case of daemonize, use the logfile passed with the -D option in order to redirect stderr to it instead of /dev/null. Also remove some unused code in log.h. Signed-off-by: Dimitris Aragiorgis <dimara@arrikto.com> Message-Id: <1455795518-19205-1-git-send-email-dimara@arrikto.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* all: Clean up includesPeter Maydell2016-02-041-5/+1Star
| | | | | | | | | | Clean up includes so that osdep.h is included first and headers which it implies are not included manually. This commit was created with scripts/clean-includes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1454089805-5470-16-git-send-email-peter.maydell@linaro.org
* net/slirp: Tell the users when they are using deprecated optionsThomas Huth2016-02-041-0/+3
| | | | | | | | | We don't want to support the legacy -tftp, -bootp, -smb and -net channel options forever. So let's start telling the users that they are deprecated and what option should be used instead. Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* rcu: do not create thread in pthread_atfork callbackPaolo Bonzini2015-04-011-0/+2
| | | | | | | | | | | | | | | | | | | | | If QEMU forks after the CPU threads have been created, qemu_mutex_lock_iothread will not be able to do qemu_cpu_kick_thread. There is no solution other than assuming that forks after the CPU threads have been created will end up in an exec. Forks before the CPU threads have been created (such as -daemonize) have to call rcu_after_fork manually. Notably, the oxygen theme for GTK+ forks and shows a "No such process" error without this patch. This patch can be reverted once the iothread loses the "kick the TCG thread" magic. User-mode emulation does not use the iothread, so it can also call rcu_after_fork. Reported by: Dr. David Alan Gilbert <dgilbert@redhat.com> Tested by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* os-posix: reorder parent notification for -daemonizeMichael Tokarev2014-11-021-9/+10
| | | | | | | | | | Put "success" parent reporting in os_setup_post() to after all other initializers which may also fail, to the very end, so more possible failure cases are reported properly to the calling process. Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Gonglei <arei.gonglei@huawei.com>
* pidfile: stop making pidfile error a special caseMichael Tokarev2014-11-021-23/+8Star
| | | | | | | | | | | | | | | | | | In case of -daemonize, we write non-zero to the daemon pipe only if pidfile creation failed, so the parent will report error about pidfile problem. There's no need to make special case for this, since all other errors are reported by the child just fine. Let the parent report error and simplify logic in os_daemonize(). This way, we don't need os_pidfile_error() function, since it only prints error now, so put the error reporting printf into the only place where qemu_create_pidfile() is called, in vl.c. While at it, fix wrong indentation in os_daemonize(). Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
* os-posix: replace goto again with a proper loopMichael Tokarev2014-11-021-10/+6Star
| | | | | | | | Eliminiate two fullwrite implementations with goto replacing them with a proper do..while loop. Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Gonglei <arei.gonglei@huawei.com>
* os-posix: use global daemon_pipe instead of cryptic fds[1]Michael Tokarev2014-11-021-4/+6
| | | | | | | | | | | | When asked to -daemonize, we fork a child and setup a pipe between it and parent to pass exit status. os-posix.c used global fds[2] array for that, but actually only the writing side of the pipe is needed to be global, and this name is really too generic. Use just one interger for the writing side of the pipe, and name it daemon_pipe to be more understandable than cryptic fds[1]. Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Gonglei <arei.gonglei@huawei.com>
* Revert "os-posix: report error message when lock file failed"Michael Tokarev2014-11-021-2/+0Star
| | | | | | | | | | | | | | | | | | | | | | This reverts commit e5048d15ce6addae869f23514b2a1f0d4466418a. qemu_create_pidfile() is only created from main(), and there, if that function returns failure, os_pidfile_error() function is called, to, guess that, report error (which is done differently whenever we're daemonizing or not). qemu_create_pidfile() function has several error returns, this lockf() failure is one of them, there are others (another shown in the patch context too). So this patch makes whole thing inconsistent at least. If we need to show error message when we're daemonizing, it looks like we should modify os_pidfile_error() routine to always report error and only after that check for daemon mode. This way all errors will be reported the same way. Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
* os-posix: report error message when lock file failedGonglei2014-09-261-0/+2
| | | | | | | | | | | | It will cause that create vm failed When manager tool is killed forcibly (kill -9 libvirtd_pid), the file not was unlink, and unlock. It's better that report the error message for users. Signed-off-by: Huangweidong <weidong.huang@huawei.com> Signed-off-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
* os-posix: remove confused errnoGonglei2014-09-261-1/+1
| | | | | | | | | | | | If we get inside the 'else if (status == 1)' conditional, then we know that read() succeeded, and therefore errno is unspecified. Printing strerror(errno) on a random value is not helpful. Cc: Eric Blake <eblake@redhat.com> Signed-off-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
* os-posix: change tab to space avoid violating coding styleGonglei2014-09-261-37/+42
| | | | | | | Cc: Eric Blake <eblake@redhat.com> Signed-off-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
* oslib-posix: Fix build on FreeBSDAndreas Färber2014-03-131-4/+0Star
| | | | | | | | | | | | | Commit 10f5bff622cad71645e22c027b77ac31e51008ef (util: Split out exec_dir from os_find_datadir) moved code from os-posix.c to util/oslib-posix.c but forgot to move a FreeBSD #include alongside, needed for CTL_KERN among others. Cc: Fam Zheng <famz@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Andreas Färber <andreas.faerber@web.de> Message-id: 1394717279-23406-1-git-send-email-andreas.faerber@web.de Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* util: Split out exec_dir from os_find_datadirFam Zheng2014-02-201-35/+7Star
| | | | | | | | | With this change, main() calls qemu_init_exec_dir and uses argv[0] to init exec_dir. The saved value can be retrieved with qemu_get_exec_dir later. It will be reused by module loading. Signed-off-by: Fam Zheng <famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* Add option to mlock qemu and guest memorySatoru Moriya2013-04-221-0/+12
| | | | | | | | | | | | | | | | | | In certain scenario, latency induced by paging is significant and memory locking is needed. Also, in the scenario with untrusted guests, latency improvement due to mlock is desired. This patch introduces a following new option to mlock guest and qemu memory: -realtime mlock=on|off Signed-off-by: Satoru Moriya <satoru.moriya@hds.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1366382526-26146-1-git-send-email-pbonzini@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* softmmu: move include files to include/sysemu/Paolo Bonzini2012-12-191-1/+1
| | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* Merge branch 'trivial-patches' of git://github.com/stefanha/qemuAurelien Jarno2012-10-061-1/+0Star
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 'trivial-patches' of git://github.com/stefanha/qemu: versatilepb: Use symbolic indices for ARM PIC qdev: kill bogus comment qemu-barrier: Fix compiler version check for future gcc versions hw: Add missing 'static' attribute for QEMUMachine cleanup useless return sentence qemu-sockets: Fix compiler warning (regression for MinGW) vnc: Fix spelling (hellmen -> hellman) in comment slirp: Fix spelling in comment (enought -> enough, insure -> ensure) tcg/arm: Use tcg_out_mov_reg rather than inline equivalent code cpu: Add missing 'static' attribute to qemu_global_mutex configure: Support empty target list (--target-list=) hw: Fix return value check for bdrv_read, bdrv_write
| * cleanup useless return sentenceAmos Kong2012-10-051-1/+0Star
| | | | | | | | | | | | | | | | This patch cleans up return sentences in the end of void functions. Reported-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Amos Kong <akong@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
* | os-posix: avoid buffer overrunJim Meyering2012-10-051-2/+1Star
|/ | | | | | | | os_set_proc_name: Use pstrcpy, in place of strncpy and the ineffectual preceding assignment: name[sizeof(name) - 1] = 0; Signed-off-by: Jim Meyering <meyering@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* curses: don't initialize curses when qemu is daemonizedHitoshi Mitake2012-09-231-0/+5
| | | | | | | | | | | | | | | | | | | | | | Current qemu initializes curses even if -daemonize option is passed. This cause problem because shell prompt appears without calling endwin(). This patch adds new function, is_daemonized(), to OS dependent code. With this function, curses_display_init() can check that qemu is daemonized or not. If daemonized, curses_display_init() isn't called and the problem is avoided. Of course, -daemonize && -curses doesn't make sense. Users shouldn't pass the arguments at the same time. But the problem is very painful because Ctrl-C cannot be delivered to the terminal. Cc: Andrzej Zaborowski <balrog@zabor.org> Cc: Stefan Hajnoczi <stefanha@gmail.com> Cc: Anthony Liguori <aliguori@us.ibm.com> Cc: Michael Roth <mdroth@linux.vnet.ibm.com> Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com> Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
* fips: fix build on !LinuxAnthony Liguori2012-08-041-0/+5
| | | | | | | | | | Commit 0f66998 makes -enable-fips conditional on Linux hosts but then uses it unconditionally in vl.c. Fix this by moving the fips handling to os-posix.c and adding a condition. Cc: Paul Moore <pmoore@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* os-posix: Fix build on FreeBSDNathan Whitehorn2012-04-261-0/+4
| | | | | | | | Add an include for a header required to build on recent FreeBSD. Signed-off-by: Nathan Whitehorn <nwhitehorn@freebsd.org> Signed-off-by: Andreas Färber <andreas.faerber@web.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* keep the PID file locked for the lifetime of the processLaszlo Ersek2012-02-011-1/+1
| | | | | | | | | | | | | | | | | | | | | The lockf() call in qemu_create_pidfile() aims at ensuring mutual exclusion. We shouldn't close the pidfile on success (as introduced by commit 1bbd1592), because that drops the lock as well [1]: "File locks shall be released on first close by the locking process of any file descriptor for the file." Coverity may complain again about the leaked file descriptor; let's worry about that later. v1->v2: - add reference to 1bbd1592 - explain the intentional fd leak in the source [1] http://pubs.opengroup.org/onlinepubs/9699919799/functions/lockf.html Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* link the main loop and its dependencies into the toolsPaolo Bonzini2011-12-221-42/+0Star
| | | | | | | | Using the main loop code from QEMU enables tools to operate fully asynchronously. Advantages include better Windows portability (for some definition of portability) over glib's. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* os-posix: Plug fd leak in qemu_create_pidfile()Markus Armbruster2011-11-111-0/+3
| | | | | | | Spotted by Coverity. Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* Use glib memory allocation and free functionsAnthony Liguori2011-08-211-2/+2
| | | | | | qemu_malloc/qemu_free no longer exist after this commit. Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* os-posix: set groups properly for -runasStefan Hajnoczi2011-07-121-0/+6
| | | | | | | | | | | | | Andrew Griffiths reports that -runas does not set supplementary group IDs. This means that gid 0 (root) is not dropped when switching to an unprivileged user. Add an initgroups(3) call to use the -runas user's /etc/groups membership to update the supplementary group IDs. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Acked-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* Introduce format string for pid_tAndreas Färber2011-06-151-1/+1
| | | | | | | | | | | | | | | | | | | | | BeOS and Haiku on i386 use long for 32-bit types, including pid_t. Using %d with pid_t therefore results in a warning. Unfortunately POSIX:2008 does not define a PRId* string for pid_t. In some places pid_t was previously casted to long and %ld hardcoded. The predecessor of this patch added another upcast for the simpletrace filename but was not applied to date. Since new uses of pid_t with %d keep creeping in, let's instead define an OS-dependent format string and use that consistently. Cc: Stefan Hajnoczi <stefanha@gmail.com> Cc: Blue Swirl <blauwirbel@gmail.com> Cc: Ingo Weinhold <ingo_weinhold@gmx.de> Cc: Gleb Natapov <gleb@redhat.com> Signed-off-by: Andreas Färber <andreas.faerber@web.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>