Oliver Kurth [Tue, 26 May 2020 22:32:56 +0000 (15:32 -0700)]
GuestSDK and vmtoolslib cleanup.
* Removed the vmtools dependency for guestsdk. This has been already
done for tar tools build/target. The same is being done for OVT
builds.
* Used various static libraries for building guestlib in OVT instead of
depending on vmtoolslib. Similar thing has already been done for
appmonitor library in OVT.
* GuestSDK_{Panic|Debug|Warning|Log} functions in vmtoolslib are not used
anywhere and hence they are completely removed from the code.
Oliver Kurth [Tue, 26 May 2020 22:32:56 +0000 (15:32 -0700)]
Improve logging on signature verification
If xmlsec and vgauth are built inconsistently, xmlSecSize
can differ between the two, which results in a key datastructure
being a different size, and vgauth ends up looking in the
wrong place in memory for the signature check status.
Log the status, so that if its not one of the two
expected values, we have some ideas of what went wrong.
Oliver Kurth [Tue, 26 May 2020 22:32:56 +0000 (15:32 -0700)]
lib/file: Fix a memory leak in FileLock_Lock.
Valgrind complained about a minor leak within FileLock_Lock when running
test-vmx Firmware.Efi.QuickBoot . FileLockScanner builds a list of "active
locks" and traverses that list repeatedly, but whenever it decides to remove
an entry from the list, it would simply leak it.
This change ensures that the list item is not leaked by Posix_Free()ing it
once it is no longer needed.
Linux and OS X Hgfs server has an incorrect failure status check when a
user has a write-only share enabled. In a write-only share any failure
is mapped to EACESS unless the error is ENOENT when a new file is to be
created. The error check currently fails all errors when it should
only allow creation of new files i.e., ENOENT with flags specifying
O_CREAT.
The check should be
if (status == EACCES) goto exit
Oliver Kurth [Mon, 4 May 2020 18:54:13 +0000 (11:54 -0700)]
[AppInfo] Tweak the gather loop only for a real config reload.
The poll loop for the appInfo is being tweaked (destroyed and recreated)
for every conf reload even when nothing related to appinfo changed.
This may cause few scenarios where the 'application information'
will never be collected inside the guest. Fixed the code, to
tweak the loop only when there is a real appinfo related config change
in the tools.conf file.
Oliver Kurth [Mon, 4 May 2020 18:54:13 +0000 (11:54 -0700)]
Use RPCI_UNKNOWN_COMMAND macro instead of hardcoded 'Unknown command" string.
At few places in the code, the result from the RPC channel send APIs
is explicitly compared with a harcoded "Unknown command" string. We already
have a well defined macro for that. Changed the code to re-use the macro
wherever possible.
Oliver Kurth [Mon, 4 May 2020 18:54:12 +0000 (11:54 -0700)]
Fix minor misc. issues.
* In ServiceLoadFileContentsPosix() function, fd is always a positive
value when close() is called. The if check 'fd >= 0' is not really
required. Removed it.
* Fixed the function name in the "procedure comment block" for the
ParseShareName function.
Oliver Kurth [Mon, 4 May 2020 18:54:11 +0000 (11:54 -0700)]
CodeSet: Add CodeSet_IsValidUTF8String() and more comments
This change adds a new function CodeSet_IsValidUTF8String() to
lib/misc/codesetUTF8.c, and adds comments for CodeSet_IsValidUTF8()
and CodeSet_IsStringValidUTF8().
Oliver Kurth [Tue, 21 Apr 2020 21:52:11 +0000 (14:52 -0700)]
Use random poll-interval for appInfo on channel reset.
In few workflows like instant clone, when a large number of VMs are
cloned at the same time, if the appinfo plugin runs at the same time
in all the VMs, the underlying ESXi may encounter heavy load. To
avoid these situations, a random poll interval should be used
for the appinfo whenever applicable workflows are detected.
Detecting a 'rpc channel reset' is a simple approach to detect.
In this changeset, add the following changes:
- Added a new callback function for the 'rpc channel reset'. If
the rpc channel is reset, a new random poll interval is calculated
and poll timer is adjusted accordingly. If the existing appinfo
poll interval is greater than the minimum interval of 30 seconds,
random interval will be generated between 30 and appinfopollinterval.
If the existing poll interval is less than the minimum 30 seconds
time, then random interval will not be changed.
- Code refactoring for few functions.
- Changed one global variable as static.
- Added few debug/info log messages.
Oliver Kurth [Tue, 21 Apr 2020 21:52:11 +0000 (14:52 -0700)]
AppInfo updates.
While most of the changes are only applicable to VMware Tools for Windows
and are not applicable to open-vm-tools, the following changes do apply.
- Modified few log messages from g_debug from g_warning.
- Modified the default poll interval to 360 minutes (Once in six hours).
- Modified log messages to log the filepath whose version is being retrieved.
Oliver Kurth [Tue, 21 Apr 2020 21:52:10 +0000 (14:52 -0700)]
Make Backdoor fallback temporary.
When RpcOut falls to Backdoor, it stays with Backdoor
permanently for the life of vmtoolsd service. It is a
long standing bug in the reset handling code. Typically,
channel type is not changed during reset. Our reset
handling code can either keep the channel type same or
switch it from vsocket to Backdoor, but it can't do other
way. Though it is supposed to switch to vsocket on reset
caused by events like vmtoolsd being restarted or VMX
breaking the channel for some VM management operation.
With this change when we start the channel, we always
try vsocket first unless Backdoor is enforced by the
caller.
Using Backdoor for too long is not desirable because
privileged RPCs can't be used on such channel. So, we
need to retry switching the channel back to vsocket
periodically. We don't want to try vsocket on every
RpcChannel_Send call because that adds to overhead and
increases the latency of RpcChannel_Send due to connection
timeouts. So, we retry vsocket with a backoff delay
between 2sec-5min.
As some RpcChannel callers intend to use Backdoor channel
we need to differentiate between such usage from the
callers that create vsocket channel and fallback to
Backdoor. Therefore, introduced a concept of mutable
channel. The vsocket channel is mutable as it can fallback
to Backdoor and restore vsocket. However, if a caller
creates Backdoor channel, it will not be mutable and
stay with Backdoor for its lifetime.
As vmxLogger frequently connects and disconnects the
channel for every log message and does not use any
privileged RPC, so make it use Backdoor channel
permanently to avoid frequent vsocket connections.
Additionally, removed the redundant 'stopRpcOut' interface
and renamed 'onStartErr' to 'destroy'.
Oliver Kurth [Tue, 21 Apr 2020 21:43:46 +0000 (14:43 -0700)]
Use random poll-interval for appInfo on channel reset.
In few workflows like instant clone, when a large number of VMs are
cloned at the same time, if the appinfo plugin runs at the same time
in all the VMs, the underlying ESXi may encounter heavy load. To
avoid these situations, a random poll interval should be used
for the appinfo whenever applicable workflows are detected.
Detecting a 'rpc channel reset' is a simple approach to detect.
In this changeset, add the following changes:
- Added a new callback function for the 'rpc channel reset'. If
the rpc channel is reset, a new random poll interval is calculated
and poll timer is adjusted accordingly. If the existing appinfo
poll interval is greater than the minimum interval of 30 seconds,
random interval will be generated between 30 and appinfopollinterval.
If the existing poll interval is less than the minimum 30 seconds
time, then random interval will not be changed.
- Code refactoring for few functions.
- Changed one global variable as static.
- Added few debug/info log messages.
Oliver Kurth [Tue, 21 Apr 2020 21:43:46 +0000 (14:43 -0700)]
Free old ununsed loggers when tools.conf changes.
Existing unused loggers are leaked when there is a change
in logging configuration. Added a check to free the loggers
that are not used after tools.conf is modified.
Oliver Kurth [Tue, 21 Apr 2020 21:43:46 +0000 (14:43 -0700)]
Add option to vmware-vgauth-cmd to support remove alias by [username]
and subject
a. subject is mandatory
b. if user only provide subject, will only remove subject matched mapped aliases
c. if user provide username and subject, remove matched aliases
Oliver Kurth [Tue, 21 Apr 2020 21:43:46 +0000 (14:43 -0700)]
Make Backdoor fallback temporary.
When RpcOut falls to Backdoor, it stays with Backdoor
permanently for the life of vmtoolsd service. It is a
long standing bug in the reset handling code. Typically,
channel type is not changed during reset. Our reset
handling code can either keep the channel type same or
switch it from vsocket to Backdoor, but it can't do other
way. Though it is supposed to switch to vsocket on reset
caused by events like vmtoolsd being restarted or VMX
breaking the channel for some VM management operation.
With this change when we start the channel, we always
try vsocket first unless Backdoor is enforced by the
caller.
Using Backdoor for too long is not desirable because
privileged RPCs can't be used on such channel. So, we
need to retry switching the channel back to vsocket
periodically. We don't want to try vsocket on every
RpcChannel_Send call because that adds to overhead and
increases the latency of RpcChannel_Send due to connection
timeouts. So, we retry vsocket with a backoff delay
between 2sec-5min.
As some RpcChannel callers intend to use Backdoor channel
we need to differentiate between such usage from the
callers that create vsocket channel and fallback to
Backdoor. Therefore, introduced a concept of mutable
channel. The vsocket channel is mutable as it can fallback
to Backdoor and restore vsocket. However, if a caller
creates Backdoor channel, it will not be mutable and
stay with Backdoor for its lifetime.
As vmxLogger frequently connects and disconnects the
channel for every log message and does not use any
privileged RPC, so make it use Backdoor channel
permanently to avoid frequent vsocket connections.
Additionally, removed the redundant 'stopRpcOut' interface
and renamed 'onStartErr' to 'destroy'.
Oliver Kurth [Tue, 21 Apr 2020 21:43:45 +0000 (14:43 -0700)]
AppInfo updates.
While most of the changes are only applicable to VMware Tools for Windows
and are not applicable to open-vm-tools, the following changes do apply.
- Modified few log messages from g_debug from g_warning.
- Modified the default poll interval to 360 minutes (Once in six hours).
- Modified log messages to log the filepath whose version is being retrieved.
Oliver Kurth [Tue, 21 Apr 2020 21:43:45 +0000 (14:43 -0700)]
Add option to vmware-vgauth-cmd to support remove alias by [username]
and subject
a. subject is mandatory
b. if user only provide subject, will only remove subject matched mapped aliases
c. if user provide username and subject, remove matched aliases
Oliver Kurth [Wed, 1 Apr 2020 18:34:06 +0000 (11:34 -0700)]
Add a retry loop to VSockChannelStart() to recover on start failure.
On failure, a vsock RPC channel will eventually fallback to the
backdoor channel. Services that require or are limited to the
priviledge RPC channel will fail.
Adding a simple, limited loop in VSockChannelStart to retry the vsock
channel start before ultimately switching to the backdoor channel.
Retries are not done for "send once" operations.
Oliver Kurth [Wed, 1 Apr 2020 18:34:06 +0000 (11:34 -0700)]
Fixing some log messages
1. PublishScriptOutputToNamespaceDB can fail for various reasons,
caller can't know exact reason from return values, so just printing
that the function failed in case return value is FALSE. Exact cause
must be inferred from the function's logs itself.
2. Printing log for chunkCount only if we successfully wrote it in NDB
Oliver Kurth [Wed, 1 Apr 2020 18:34:05 +0000 (11:34 -0700)]
vmtools: fix compiler errors in posix service discovery core plugin
As we build the vmtools for arm (unfortunately not on main), we hit
a compiler warnings "ISO C90 forbids mixed declarations and code"
in this new code.
Oliver Kurth [Wed, 1 Apr 2020 18:34:05 +0000 (11:34 -0700)]
Annotate a Coverity false positive.
The open-vm-tools Coverity scan reports a NULL pointer dereference
for the variable untrustedCerts. However, untrustedCerts is NULL
only if no untrusted certs are found, in which case the code that
dereferences untrustedCerts isn't executed.
Oliver Kurth [Wed, 1 Apr 2020 18:31:37 +0000 (11:31 -0700)]
Add a retry loop to VSockChannelStart() to recover on start failure.
On failure, a vsock RPC channel will eventually fallback to the
backdoor channel. Services that require or are limited to the
priviledge RPC channel will fail.
Adding a simple, limited loop in VSockChannelStart to retry the vsock
channel start before ultimately switching to the backdoor channel.
Retries are not done for "send once" operations.
Oliver Kurth [Wed, 1 Apr 2020 18:31:37 +0000 (11:31 -0700)]
Fixing some log messages
1. PublishScriptOutputToNamespaceDB can fail for various reasons,
caller can't know exact reason from return values, so just printing
that the function failed in case return value is FALSE. Exact cause
must be inferred from the function's logs itself.
2. Printing log for chunkCount only if we successfully wrote it in NDB
Oliver Kurth [Wed, 1 Apr 2020 18:31:36 +0000 (11:31 -0700)]
Add a Coverity annotation.
The Coverity scan of open-vm-tools reports an out-of-bounds access
issue in Util_BacktraceWithFunc. This is intentional, to compute
the base pointer for a stack trace.
Oliver Kurth [Wed, 1 Apr 2020 18:31:36 +0000 (11:31 -0700)]
lib/unicode/unicodeSimpleTypes.c: fix leak on exit
The hashtable used for encoding name -> IANA table index
lookups was not getting freed.
Also, HashTable_AllocOnce() incorrectly instructs
the hashtable to clear its clientData, which contains
an integer index and not a pointer, using "free".
Oliver Kurth [Wed, 1 Apr 2020 18:31:36 +0000 (11:31 -0700)]
Annotate a Coverity false positive.
The open-vm-tools Coverity scan reports a NULL pointer dereference
for the variable untrustedCerts. However, untrustedCerts is NULL
only if no untrusted certs are found, in which case the code that
dereferences untrustedCerts isn't executed.
Oliver Kurth [Wed, 1 Apr 2020 18:31:36 +0000 (11:31 -0700)]
vmtools: fix compiler errors in posix service discovery core plugin
As we build the vmtools for arm (unfortunately not on main), we hit
a compiler warnings "ISO C90 forbids mixed declarations and code"
in this new code.
Oliver Kurth [Wed, 1 Apr 2020 18:31:35 +0000 (11:31 -0700)]
Fix localization issue of vmware-vgauth-cmd
1. default msg catalog folder is wrong, add correct msgCatalog in
vgauth.conf
2. rename vmsg file name to "VGAuthCli" since file name used in main
is "VGAuthCli"
3. Move I18n init up to fix variable localization issue
projects / thirdparty / open-vm-tools.git / log
