1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
|
/*
* internal.h: internal definitions just used by code from the library
*
* Copyright (C) 2006-2014 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see
* <http://www.gnu.org/licenses/>.
*/
#pragma once
#include <errno.h>
#include <limits.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "glibcompat.h"
#if defined __clang_analyzer__ || defined __COVERITY__
# define STATIC_ANALYSIS 1
#endif
#if STATIC_ANALYSIS
# undef NDEBUG /* Don't let a prior NDEBUG definition cause trouble. */
# include <assert.h>
# define sa_assert(expr) assert (expr)
#else
# define sa_assert(expr) /* empty */
#endif
#define VIR_INT_MULTIPLY_OVERFLOW(a,b) (G_UNLIKELY ((b) > 0 && (a) > G_MAXINT / (b)))
/* The library itself is allowed to use deprecated functions /
* variables, so effectively undefine the deprecated attribute
* which would otherwise be defined in libvirt.h.
*/
#undef VIR_DEPRECATED
#define VIR_DEPRECATED /*empty*/
/* The library itself needs to know enum sizes. */
#define VIR_ENUM_SENTINELS
#ifdef WITH_LIBINTL_H
# define DEFAULT_TEXT_DOMAIN PACKAGE
# include <libintl.h>
# define _(str) dgettext(PACKAGE, str)
#else /* WITH_LIBINTL_H */
# define _(str) str
#endif /* WITH_LIBINTL_H */
#define N_(str) str
#include "libvirt/libvirt.h"
#include "libvirt/libvirt-lxc.h"
#include "libvirt/libvirt-qemu.h"
#include "libvirt/libvirt-admin.h"
#include "libvirt/virterror.h"
/* Merely casting to (void) is not sufficient since the
* introduction of the "warn_unused_result" attribute
*/
#define ignore_value(x) \
(__extension__ ({ __typeof__ (x) __x = (x); (void) __x; }))
/* String equality tests, suggested by Jim Meyering. */
#define STREQ(a, b) (strcmp(a, b) == 0)
#define STRCASEEQ(a, b) (g_ascii_strcasecmp(a, b) == 0)
#define STRNEQ(a, b) (strcmp(a, b) != 0)
#define STRCASENEQ(a, b) (g_ascii_strcasecmp(a, b) != 0)
#define STREQLEN(a, b, n) (strncmp(a, b, n) == 0)
#define STRCASEEQLEN(a, b, n) (g_ascii_strncasecmp(a, b, n) == 0)
#define STRNEQLEN(a, b, n) (strncmp(a, b, n) != 0)
#define STRCASENEQLEN(a, b, n) (g_ascii_strncasecmp(a, b, n) != 0)
#define STRPREFIX(a, b) (strncmp(a, b, strlen(b)) == 0)
#define STRCASEPREFIX(a, b) (g_ascii_strncasecmp(a, b, strlen(b)) == 0)
#define STRSKIP(a, b) (STRPREFIX(a, b) ? (a) + strlen(b) : NULL)
#define STRCASESKIP(a, b) (STRCASEPREFIX(a, b) ? (a) + strlen(b) : NULL)
/**
* STRLIM
* @str: pointer to a string (evaluated once)
* @lim: length limit (evaluated twice)
*
* Evaluates as true if length of @str doesn't exceed the limit @lim. Note
* that @lim + 1 characters may be accessed.
*/
#define STRLIM(str, lim) (strnlen((str), (lim) + 1) <= (lim))
#define STREQ_NULLABLE(a, b) (g_strcmp0(a, b) == 0)
#define STRNEQ_NULLABLE(a, b) (g_strcmp0(a, b) != 0)
#define CONCAT_(a, b) a ## b
#define CONCAT(a, b) CONCAT_(a, b)
#ifdef WIN32
# ifndef O_CLOEXEC
# define O_CLOEXEC _O_NOINHERIT
# endif
#endif
/**
* ATTRIBUTE_PACKED
*
* force a structure to be packed, i.e. not following architecture and
* compiler best alignments for its sub components. It's needed for example
* for the network filetering code when defining the content of raw
* ethernet packets.
* Others compiler than gcc may use something different e.g. #pragma pack(1)
*/
#ifndef ATTRIBUTE_PACKED
# define ATTRIBUTE_PACKED __attribute__((packed))
#endif
/* gcc's handling of attribute nonnull is less than stellar - it does
* NOT improve diagnostics, and merely allows gcc to optimize away
* null code checks even when the caller manages to pass null in spite
* of the attribute, leading to weird crashes. Coverity, on the other
* hand, knows how to do better static analysis based on knowing
* whether a parameter is nonnull. Make this attribute conditional
* based on whether we are compiling for real or for analysis, while
* still requiring correct gcc syntax when it is turned off. See also
* https://gcc.gnu.org/bugzilla/show_bug.cgi?id=17308 */
#ifndef ATTRIBUTE_NONNULL
# if STATIC_ANALYSIS
# define ATTRIBUTE_NONNULL(m) __attribute__((__nonnull__(m)))
# else
# define ATTRIBUTE_NONNULL(m) __attribute__(())
# endif
#endif
/**
*
* G_GNUC_FALLTHROUGH
*
* silence the compiler warning when falling through a switch case
*
* Note: GLib 2.69.0 introduced version checks on the
* macro usage. Thus an app setting GLIB_VERSION_MAX_ALLOWED
* to less than 2.60 will trigger a warning using G_GNUC_FALLTHROUGH
* Normally the warning is a good thing, but we want to use our
* fallback impl, so we have to temporarily cull the GLib macro.
*
* All this should be removed once updating to min GLib >= 2.60
*/
#if GLIB_CHECK_VERSION(2, 69, 0)
# undef G_GNUC_FALLTHROUGH
#endif
#ifndef G_GNUC_FALLTHROUGH
# if __GNUC_PREREQ (7, 0)
# define G_GNUC_FALLTHROUGH __attribute__((fallthrough))
# else
# define G_GNUC_FALLTHROUGH do {} while(0)
# endif
#endif
#define VIR_WARNINGS_NO_CAST_ALIGN \
_Pragma ("GCC diagnostic push") \
_Pragma ("GCC diagnostic ignored \"-Wcast-align\"")
#define VIR_WARNINGS_NO_DEPRECATED \
_Pragma ("GCC diagnostic push") \
_Pragma ("GCC diagnostic ignored \"-Wdeprecated-declarations\"")
#define VIR_WARNINGS_NO_POINTER_SIGN \
_Pragma ("GCC diagnostic push") \
_Pragma ("GCC diagnostic ignored \"-Wpointer-sign\"")
#if WITH_SUGGEST_ATTRIBUTE_FORMAT
# define VIR_WARNINGS_NO_PRINTF \
_Pragma ("GCC diagnostic push") \
_Pragma ("GCC diagnostic ignored \"-Wsuggest-attribute=format\"")
#else
# define VIR_WARNINGS_NO_PRINTF \
_Pragma ("GCC diagnostic push")
#endif
#define VIR_WARNINGS_NO_UNUSED_FUNCTION \
_Pragma ("GCC diagnostic push") \
_Pragma ("GCC diagnostic ignored \"-Wunused-function\"")
/* Workaround bogus GCC 6.0 for logical 'or' equal expression warnings.
* (GCC bz 69602) */
#if BROKEN_GCC_WLOGICALOP_EQUAL_EXPR
# define VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR \
_Pragma ("GCC diagnostic push") \
_Pragma ("GCC diagnostic ignored \"-Wlogical-op\"")
#else
# define VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR \
_Pragma ("GCC diagnostic push")
#endif
/* Where ignore_value cannot be used because it's a statement */
#define VIR_WARNINGS_NO_UNUSED_VARIABLE \
_Pragma ("GCC diagnostic push") \
_Pragma ("GCC diagnostic ignored \"-Wunused-variable\"")
#define VIR_WARNINGS_NO_DECLARATION_AFTER_STATEMENT \
_Pragma ("GCC diagnostic push") \
_Pragma ("GCC diagnostic ignored \"-Wdeclaration-after-statement\"")
#define VIR_WARNINGS_RESET \
_Pragma ("GCC diagnostic pop")
/*
* Use this when passing possibly-NULL strings to printf-a-likes.
*/
#define NULLSTR(s) ((s) ? (s) : "<null>")
/*
* Turn a NULL string into an empty string
*/
#define NULLSTR_EMPTY(s) ((s) ? (s) : "")
/*
* Turn a NULL string into a star
*/
#define NULLSTR_STAR(s) ((s) ? (s) : "*")
/*
* Turn a NULL string into a minus sign
*/
#define NULLSTR_MINUS(s) ((s) ? (s) : "-")
/**
* SWAP:
*
* In place exchange of two values
*/
#define SWAP(a, b) \
do { \
(a) = (a) ^ (b); \
(b) = (a) ^ (b); \
(a) = (a) ^ (b); \
} while (0)
/**
* VIR_IS_POW2:
*
* Returns true if given number is a power of two
*/
#define VIR_IS_POW2(x) \
((x) && !((x) & ((x) - 1)))
/**
* virCheckFlags:
* @supported: an OR'ed set of supported flags
* @retval: return value in case unsupported flags were passed
*
* To avoid memory leaks this macro has to be used before any non-trivial
* code which could possibly allocate some memory.
*
* Returns nothing. Exits the caller function if unsupported flags were
* passed to it.
*/
#define virCheckFlags(supported, retval) \
do { \
unsigned int __uiflags = flags; \
unsigned int __unsuppflags = flags & ~(supported); \
if (__uiflags != flags) { \
virReportInvalidArg(flags, \
_("unsupported use of long flags in function %1$s"), \
__FUNCTION__); \
return retval; \
} \
if (__unsuppflags) { \
virReportInvalidArg(flags, \
_("unsupported flags (0x%1$x) in function %2$s"), \
__unsuppflags, __FUNCTION__); \
return retval; \
} \
} while (0)
/**
* virCheckFlagsGoto:
* @supported: an OR'ed set of supported flags
* @label: label to jump to on error
*
* To avoid memory leaks this macro has to be used before any non-trivial
* code which could possibly allocate some memory.
*
* Returns nothing. Jumps to a label if unsupported flags were
* passed to it.
*/
#define virCheckFlagsGoto(supported, label) \
do { \
unsigned int __uiflags = flags; \
unsigned int __unsuppflags = flags & ~(supported); \
if (__uiflags != flags) { \
virReportInvalidArg(flags, \
_("unsupported use of long flags in function %1$s"), \
__FUNCTION__); \
goto label; \
} \
if (__unsuppflags) { \
virReportInvalidArg(flags, \
_("unsupported flags (0x%1$x) in function %2$s"), \
__unsuppflags, __FUNCTION__); \
goto label; \
} \
} while (0)
/* Macros to help dealing with mutually exclusive flags. */
/**
* VIR_EXCLUSIVE_FLAGS_RET:
*
* @FLAG1: First flag to be checked.
* @FLAG2: Second flag to be checked.
* @RET: Return value.
*
* Reject mutually exclusive API flags. The checked flags are compared
* with flags variable.
*
* This helper does an early return and therefore it has to be called
* before anything that would require cleanup.
*/
#define VIR_EXCLUSIVE_FLAGS_RET(FLAG1, FLAG2, RET) \
do { \
if ((flags & FLAG1) && (flags & FLAG2)) { \
virReportInvalidArg(ctl, \
_("Flags '%1$s' and '%2$s' are mutually exclusive"), \
#FLAG1, #FLAG2); \
return RET; \
} \
} while (0)
/**
* VIR_EXCLUSIVE_FLAGS_GOTO:
*
* @FLAG1: First flag to be checked.
* @FLAG2: Second flag to be checked.
* @LABEL: Label to jump to.
*
* Reject mutually exclusive API flags. The checked flags are compared
* with flags variable.
*
* Returns nothing. Jumps to a label if unsupported flags were
* passed to it.
*/
#define VIR_EXCLUSIVE_FLAGS_GOTO(FLAG1, FLAG2, LABEL) \
do { \
if ((flags & FLAG1) && (flags & FLAG2)) { \
virReportInvalidArg(ctl, \
_("Flags '%1$s' and '%2$s' are mutually exclusive"), \
#FLAG1, #FLAG2); \
goto LABEL; \
} \
} while (0)
/* Macros to help dealing with flag requirements. */
/**
* VIR_REQUIRE_FLAG_RET:
*
* @FLAG1: First flag to be checked.
* @FLAG2: Second flag that is required by first flag.
* @RET: Return value.
*
* Check whether required flag is set. The checked flags are compared
* with flags variable.
*
* This helper does an early return and therefore it has to be called
* before anything that would require cleanup.
*/
#define VIR_REQUIRE_FLAG_RET(FLAG1, FLAG2, RET) \
do { \
if ((flags & (FLAG1)) && !(flags & (FLAG2))) { \
virReportInvalidArg(ctl, \
_("Flag '%1$s' is required by flag '%2$s'"), \
#FLAG2, #FLAG1); \
return RET; \
} \
} while (0)
/**
* VIR_REQUIRE_FLAG_GOTO:
*
* @FLAG1: First flag to be checked.
* @FLAG2: Second flag that is required by first flag.
* @LABEL: Label to jump to.
*
* Check whether required flag is set. The checked flags are compared
* with flags variable.
*
* Returns nothing. Jumps to a label if required flag is not set.
*/
#define VIR_REQUIRE_FLAG_GOTO(FLAG1, FLAG2, LABEL) \
do { \
if ((flags & (FLAG1)) && !(flags & (FLAG2))) { \
virReportInvalidArg(ctl, \
_("Flag '%1$s' is required by flag '%2$s'"), \
#FLAG2, #FLAG1); \
goto LABEL; \
} \
} while (0)
#define virCheckNonNullArgReturn(argname, retval) \
do { \
if (argname == NULL) { \
virReportInvalidNonNullArg(argname); \
return retval; \
} \
} while (0)
#define virCheckNullArgGoto(argname, label) \
do { \
if (argname != NULL) { \
virReportInvalidNullArg(argname); \
goto label; \
} \
} while (0)
#define virCheckNonNullArgGoto(argname, label) \
do { \
if (argname == NULL) { \
virReportInvalidNonNullArg(argname); \
goto label; \
} \
} while (0)
#define virCheckNonEmptyStringArgGoto(argname, label) \
do { \
if (argname == NULL) { \
virReportInvalidNonNullArg(argname); \
goto label; \
} \
if (*argname == '\0') { \
virReportInvalidEmptyStringArg(argname); \
goto label; \
} \
} while (0)
#define virCheckPositiveArgGoto(argname, label) \
do { \
if (argname <= 0) { \
virReportInvalidPositiveArg(argname); \
goto label; \
} \
} while (0)
#define virCheckPositiveArgReturn(argname, retval) \
do { \
if (argname <= 0) { \
virReportInvalidPositiveArg(argname); \
return retval; \
} \
} while (0)
#define virCheckNonZeroArgGoto(argname, label) \
do { \
if (argname == 0) { \
virReportInvalidNonZeroArg(argname); \
goto label; \
} \
} while (0)
#define virCheckZeroArgGoto(argname, label) \
do { \
if (argname != 0) { \
virReportInvalidNonZeroArg(argname); \
goto label; \
} \
} while (0)
#define virCheckNonNegativeArgGoto(argname, label) \
do { \
if (argname < 0) { \
virReportInvalidNonNegativeArg(argname); \
goto label; \
} \
} while (0)
#define virCheckReadOnlyGoto(flags, label) \
do { \
if ((flags) & VIR_CONNECT_RO) { \
virReportRestrictedError(_("read only access prevents %1$s"), \
__FUNCTION__); \
goto label; \
} \
} while (0)
/* This check is intended to be used with legacy APIs only which expect the
* caller to pre-allocate the target buffer.
* We want to allow callers pass NULL arrays if the size is declared as 0 and
* still succeed in calling the API.
*/
#define virCheckNonNullArrayArgGoto(argname, argsize, label) \
do { \
if (!argname && argsize > 0) { \
virReportInvalidNonNullArg(argname); \
goto label; \
} \
} while (0)
/* Count leading zeros in an unsigned int.
*
* Wrapper needed as __builtin_clz is undefined if value is zero
*/
#define VIR_CLZ(value) \
(value ? __builtin_clz(value) : (8 * sizeof(unsigned)))
/* divide value by size, rounding up */
#define VIR_DIV_UP(value, size) (((value) + (size) - 1) / (size))
/* round up value to the closest multiple of size */
#define VIR_ROUND_UP(value, size) (VIR_DIV_UP(value, size) * (size))
/* Round up to the next closest power of 2. It will return rounded number or 0
* for 0 or number more than 2^31 (for 32bit unsigned int). */
#define VIR_ROUND_UP_POWER_OF_TWO(value) \
((value) > 0 && (value) <= 1U << (sizeof(unsigned int) * 8 - 1) ? \
1U << (sizeof(unsigned int) * 8 - VIR_CLZ((value) - 1)) : 0)
/* Specific error values for use in forwarding programs such as
* virt-login-shell; these values match what GNU env does. */
enum {
EXIT_CANCELED = 125, /* Failed before attempting exec */
EXIT_CANNOT_INVOKE = 126, /* Exists but couldn't exec */
EXIT_ENOENT = 127, /* Could not find program to exec */
};
#ifndef ENODATA
# define ENODATA EIO
#endif
#ifdef WIN32
# ifndef ENOMSG
# define ENOMSG 122
# endif
#endif
/* Ideally callers would use the g_*printf
* functions directly but there are a lot to
* convert, so until then...
*/
#ifndef VIR_NO_GLIB_STDIO
# undef printf
# define printf(...) g_printf(__VA_ARGS__)
# undef fprintf
# define fprintf(fh, ...) g_fprintf(fh, __VA_ARGS__)
#endif /* VIR_NO_GLIB_STDIO */
|
