1. 13 4月, 2013 4 次提交
  2. 12 4月, 2013 6 次提交
  3. 11 4月, 2013 17 次提交
  4. 10 4月, 2013 4 次提交
    • P
      conf: Fix race between looking up a domain object and freeing it · b7c98329
      Peter Krempa 提交于
      This patch fixes crash of the daemon that happens due to the following race
      condition:
      
      Let's have two threads in the libvirtd daemon's qemu driver:
      A - thread executing undefine on the same domain
      B - thread executing a API call to get information about a domain
      
      Assume following serialization of operations done by the threads:
      1) A has the lock on the domain object and is executing some code prior to
         virDomainObjListRemove()
      2) B takes the lock on the domain object list, looks up the domain object
      pointer and blocks in the attempt to lock the domain object as A is holding the
      lock
      3) A reaches virDomainObjListRemove() and unlocks the lock on the domain object
      4) A blocks on the attempt to get the domain list lock
      5) B is able to lock the domain object now and unlocks the domain list
      6) A is now able to lock the domain list, and sheds the last reference on the
      domain object, this triggers the freeing function.
      6) B starts executing the code on the pointer that is being freed
      7) The libvirtd daemon crashes while attempting to access invalid pointer in
      thread B.
      
      This patch fixes the race by acquiring a reference on the domain object before
      unlocking it in virDomainObjListRemove() and re-locks the object prior to
      removing and freeing it. This ensures that no thread holds a lock on the domain
      object at the time it is removed from the list, and that doing a list lookup
      will never find a domain that is about to vanish.
      
      This is a minimal fix of the problem, but a better solution will be to switch to
      full reference counting for domain objects.
      b7c98329
    • E
      docs: fix typo when using Kerberos principals · cdb1c3b6
      Eric Blake 提交于
      Kerberos uses 'primary' or 'key' files (principals), not 'abstract
      ideal' or 'rule' files (principles).  Reported by Jason Meinzer.
      
      Reflow a paragraph to fit in 80 columns in the process.
      
      * docs/auth.html.in: Fix spelling.
      cdb1c3b6
    • E
      maint: update to latest gnulib · d7468b7d
      Eric Blake 提交于
      While this update doesn't address any reported problems in libvirt,
      doing a post-release update to latest gnulib makes it easier to
      stay in sync with best upstream practices.
      
      * .gnulib: Update to latest.
      * bootstrap: Resynchronize.
      d7468b7d
    • L
      Fix crash in virNetDevGetVirtualFunctions · 9579b6bc
      Laine Stump 提交于
      Commit 9a3ff01d (which was ACKed at
      the end of January, but for some reason didn't get pushed until during
      the 1.0.4 freeze) fixed the logic in virPCIGetVirtualFunctions().
      Unfortunately, a typo in the fix (replacing VIR_REALLOC_N with
      VIR_ALLOC_N during code movement) caused not only a memory leak, but
      also resulted in most of the elements of the result array being
      replaced with NULL. virNetDevGetVirtualFunctions() assumed (and I think
      rightly so) that virPCIGetVirtualFunctions() wouldn't return any NULL
      elements in the array, so it ended up segfaulting.
      
      This was found when attempting to use a virtual network with an
      auto-created pool of SRIOV VFs, e.g.:
      
          <forward mode='hostdev' managed='yes'>
            <pf dev='eth4'/>
          </forward>
      
      (the pool of PCI addresses is discovered by calling
      virNetDevGetVirtualFunctions() on the PF dev).
      9579b6bc
  5. 09 4月, 2013 9 次提交