- 18 10月, 2013 2 次提交
-
-
由 Zhou Yimin 提交于
Introduced by 7b87a3 When I quit the process which only register VIR_DOMAIN_EVENT_ID_REBOOT, I got error like: "libvirt: XML-RPC error : internal error: domain event 0 not registered". Then I add the following code, it fixed. Signed-off-by: NZhou Yimin <zhouyimin@huawei.com> Signed-off-by: NEric Blake <eblake@redhat.com> (cherry picked from commit 9712c251)
-
由 Martin Kletzander 提交于
Commit a0b6a36f "fixed" what abfff210 broke (URI precedence), but there was still one more thing missing to fix. When using virsh parameters to setup debugging, those weren't honored, because at the time debugging was initializing, arguments weren't parsed yet. To make ewerything work as expected, we need to initialize the debugging twice, once before debugging (so we can debug option parsing properly) and then again after these options are parsed. As a side effect, this patch also fixes a leak when virsh is ran with multiple '-l' parameters. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com> (cherry picked from commit ac43da70)
-
- 15 10月, 2013 6 次提交
-
-
由 Martin Kletzander 提交于
Commit abfff210 changed the order of vshParseArgv() and vshInit() in order to make fix debugging of parameter parsing. However, vshInit() did a vshReconnect() even though ctl->name wasn't set according to the '-c' parameter yet. In order to keep both issues fixed, I've split the vshInit() into vshInitDebug() and vshInit(). One simple memleak of ctl->name is fixed as a part of this patch, since it is related to the issue it's fixing. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=999323 (cherry picked from commit a0b6a36f)
-
由 Daniel Hansel 提交于
Introduced by commit 3f029fb5 the RPM build was broken due to a missing LXC textcase. Signed-off-by: NDaniel Hansel <daniel.hansel@linux.vnet.ibm.com> (cherry picked from commit 6285c17f)
-
由 Ján Tomko 提交于
Since 76b644c3 when the support for RAM filesystems was introduced, libvirt accepted the following XML: <source usage='1024' unit='KiB'/> This was parsed correctly and internally stored in bytes, but it was formatted as (with an extra 's'): <source usage='1024' units='KiB'/> When read again, this was treated as if the units were missing, meaning libvirt was unable to parse its own XML correctly. The usage attribute was documented as being in KiB, but it was not scaled if the unit was missing. Transient domains still worked, because this was balanced by an extra 'k' in the mount options. This patch: Changes the parser to use 'units' instead of 'unit', as the latter was never documented (fixing persistent domains) and some programs (libvirt-glib, libvirt-sandbox) already parse the 'units' attribute. Removes the extra 'k' from the tmpfs mount options, which is needed because now we parse our own XML correctly. Changes the default input unit to KiB to match documentation, fixing: https://bugzilla.redhat.com/show_bug.cgi?id=1015689 (cherry picked from commit 3f029fb5) Conflicts: src/conf/domain_conf.c src/lxc/lxc_container.c
-
由 Michal Privoznik 提交于
After successful @cmd construction the memory where @keys points to is part of @cmd. Avoid double freeing it. (cherry picked from commit 3e8343e1)
-
由 Liuji (Jeremy) 提交于
After freeing the bitmap pointer, it must set the pointer to NULL. This will avoid any other use of the freed memory of the bitmap pointer. https://bugzilla.redhat.com/show_bug.cgi?id=1006710Signed-off-by: NLiuji (Jeremy) <jeremy.liu@huawei.com> (cherry picked from commit ef5d51d4)
-
由 Jiri Denemark 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1006864 Commit 38ab1225 changed the default value of ret from true to false but forgot to set ret = true when job is NONE. Thus, virsh domjobinfo returned 1 when there was no job running for a domain but it used to (and should) return 0 in this case. (cherry picked from commit f084caae)
-
- 07 10月, 2013 1 次提交
-
-
由 Claudio Bley 提交于
Commit 27e81517 set the payload size to 256 KB, which is actually the max packet size, including the size of the header. Reduce this by VIR_NET_MESSAGE_HEADER_MAX (24) and set VIR_NET_MESSAGE_LEGACY_PAYLOAD_MAX to 262120, which was the original value before increasing the limit in commit eb635de1. (cherry picked from commit 609eb987)
-
- 01 10月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
The libvirtd server pushes data out to clients. It does not know what protocol version the client might have, so must be conservative and use the old payload limits. ie send no more than 256kb of data per packet. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit 27e81517)
-
- 19 9月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
The 'stats' variable was not initialized to NULL, so if some early validation of the RPC call fails, it is possible to jump to the 'cleanup' label and VIR_FREE an uninitialized pointer. This is a security flaw, since the API can be called from a readonly connection which can trigger the validation checks. This was introduced in release v0.9.1 onwards by commit 158ba873 Author: Daniel P. Berrange <berrange@redhat.com> Date: Wed Apr 13 16:21:35 2011 +0100 Merge all returns paths from dispatcher into single path Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit e7f400a1) Conflicts: daemon/remote.c - context
-
- 18 9月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
With the existing pkcheck (pid, start time) tuple for identifying the process, there is a race condition, where a process can make a libvirt RPC call and in another thread exec a setuid application, causing it to change to effective UID 0. This in turn causes polkit to do its permission check based on the wrong UID. To address this, libvirt must get the UID the caller had at time of connect() (from SO_PEERCRED) and pass a (pid, start time, uid) triple to the pkcheck program. Signed-off-by: NColin Walters <walters@redhat.com> Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit 922b7fda) Conflicts: src/access/viraccessdriverpolkit.c Resolution: Dropped file that does not exist in this branch.
-
- 05 9月, 2013 1 次提交
-
-
由 Michal Privoznik 提交于
The @qemunbd variable can be used uninitialized. (cherry picked from commit 2dba0323)
-
- 20 8月, 2013 1 次提交
-
-
由 Peter Krempa 提交于
The virBitmapParse function was calling virBitmapIsSet() function that requires the caller to check the bounds of the bitmap without checking them. This resulted into crashes when parsing a bitmap string that was exceeding the bounds used as argument. This patch refactors the function to use virBitmapSetBit without checking if the bit is set (this function does the checks internally) and then counts the bits in the bitmap afterwards (instead of keeping track while parsing the string). This patch also changes the "parse_error" label to a more common "error". The refactor should also get rid of the need to call sa_assert on the returned variable as the callpath should allow coverity to infer the possible return values. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=997367 Thanks to Alex Jia for tracking down the issue. This issue is introduced by commit 0fc89098. (cherry picked from commit 47b9127e)
-
- 12 7月, 2013 1 次提交
-
-
由 Ján Tomko 提交于
Remove assignment of the string freed by virURIFree to hostname, since it's not used anywhere. Double free introduced by ddf8ad82, useless code introduced by f03dcc5d. https://bugzilla.redhat.com/show_bug.cgi?id=977961 (cherry picked from commit 5744d96f)
-
- 11 7月, 2013 2 次提交
-
-
由 Ján Tomko 提交于
Don't reuse the return value of virStorageBackendFileSystemIsMounted. If it's 0, we'd return it even if the mount command failed. Also, don't report another error if it's -1, since one has already been reported. Introduced by 258e06c8. https://bugzilla.redhat.com/show_bug.cgi?id=981251 (cherry picked from commit 13fde7ce)
-
由 Ján Tomko 提交于
If qemuMonitorBlockJob returned 0, qemuDomainBlockPivot might return 0 even if an error occured. https://bugzilla.redhat.com/show_bug.cgi?id=977678 (cherry picked from commit c34107df)
-
- 09 7月, 2013 1 次提交
-
-
由 Viktor Mihajlovski 提交于
The device bus value was used instead of the device target when building the sysfs device path. Trivial. Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com> (cherry picked from commit 2c94e00c)
-
- 01 7月, 2013 3 次提交
-
-
由 Dennis Chen 提交于
When creating a virtual FC HBA with virsh/libvirt API, an error message will be returned: "error: Node device not found", also the 'nodedev-dumpxml' shows wrong information of wwpn & wwnn for the new created device. Signed-off-by: xschen@tnsoft.com.cn This reverts f90af691 which switched wwpn & wwwn in the wrong place. https://www.kernel.org/doc/Documentation/scsi/scsi_fc_transport.txt (cherry picked from commit 3c0d5e22)
-
由 Ján Tomko 提交于
If networkUnplugBandwidth is called on a network which has no bandwidth defined, print a warning instead of crashing. This can happen when destroying a domain with bandwidth if bandwidth was removed from the network after the domain was started. https://bugzilla.redhat.com/show_bug.cgi?id=975359 (cherry picked from commit 658c932a)
-
由 Daniel P. Berrange 提交于
On Thu, Jun 27, 2013 at 03:56:42PM +0100, Daniel P. Berrange wrote: > Hi Security Team, > > I've discovered a way for an unprivileged user with a readonly connection > to libvirtd, to crash the daemon. Ok, the final patch for this is issue will be the simpler variant that Eric suggested The embargo can be considered to be lifted on Monday July 1st, at 0900 UTC The following is the GIT change that DV or myself will apply to libvirt GIT master immediately before the 1.1.0 release: >From 177b4165c531a4b3ba7f6ab6aa41dca9ceb0b8cf Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" <berrange@redhat.com> Date: Fri, 28 Jun 2013 10:48:37 +0100 Subject: [PATCH] CVE-2013-2218: Fix crash listing network interfaces with filters The virConnectListAllInterfaces method has a double-free of the 'struct netcf_if' object when any of the filtering flags cause an interface to be skipped over. For example when running the command 'virsh iface-list --inactive' This is a regression introduced in release 1.0.6 by commit 7ac2c4fe Author: Guannan Ren <gren@redhat.com> Date: Tue May 21 21:29:38 2013 +0800 interface: list all interfaces with flags == 0 Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit 244e0b8c)
-
- 26 6月, 2013 3 次提交
-
-
由 Ján Tomko 提交于
Don't check for '\n' at the end of file if zero bytes were read. Found by valgrind: ==404== Invalid read of size 1 ==404== at 0x529B09F: virCgroupGetValueStr (vircgroup.c:540) ==404== by 0x529AF64: virCgroupMoveTask (vircgroup.c:1079) ==404== by 0x1EB475: qemuSetupCgroupForEmulator (qemu_cgroup.c:1061) ==404== by 0x1D9489: qemuProcessStart (qemu_process.c:3801) ==404== by 0x18557E: qemuDomainObjStart (qemu_driver.c:5787) ==404== by 0x190FA4: qemuDomainCreateWithFlags (qemu_driver.c:5839) Introduced by 0d0b4098. https://bugzilla.redhat.com/show_bug.cgi?id=978356 (cherry picked from commit 306c49ff)
-
由 Ján Tomko 提交于
We only break out of the while loop if *content is an empty string. However the buffer has been allocated to BUFSIZ + 1 (8193 in my case), but it gets overwritten in the next for iteration. Move VIR_FREE right before we overwrite it to avoid the leak. ==5777== 16,386 bytes in 2 blocks are definitely lost in loss record 1,022 of 1,027 ==5777== by 0x5296E28: virReallocN (viralloc.c:184) ==5777== by 0x52B0C66: virFileReadLimFD (virfile.c:1137) ==5777== by 0x52B0E1A: virFileReadAll (virfile.c:1199) ==5777== by 0x529B092: virCgroupGetValueStr (vircgroup.c:534) ==5777== by 0x529AF64: virCgroupMoveTask (vircgroup.c:1079) Introduced by 83e4c775. https://bugzilla.redhat.com/show_bug.cgi?id=978352 (cherry picked from commit 5bc8ecb8)
-
由 Ján Tomko 提交于
Free the old XML strings before overwriting them if the user has chosen to reedit the file or force the redefinition. Found by Alex Jia trying to reproduce another bug: https://bugzilla.redhat.com/show_bug.cgi?id=977430#c3 (cherry picked from commit 1e3a2529)
-
- 20 6月, 2013 2 次提交
-
-
由 John Ferlan 提交于
As a consequence of the cgroup layout changes from commit 'cfed9ad4', the lxcDomainGetSchedulerParameters[Flags]()' and lxcGetSchedulerType() APIs failed to return data for a non running domain. This can be seen through a 'virsh schedinfo <domain>' command which returns: Scheduler : Unknown error: Requested operation is not valid: cgroup CPU controller is not mounted Prior to that change a non running domain would return: Scheduler : posix cpu_shares : 0 vcpu_period : 0 vcpu_quota : 0 emulator_period: 0 emulator_quota : 0 This patch will restore the capability to return configuration only data for a non running domain regardless of whether cgroups are available. (cherry picked from commit 38ada092)
-
由 John Ferlan 提交于
As a consequence of the cgroup layout changes from commit '632f78ca', the qemuDomainGetSchedulerParameters[Flags]()' and qemuGetSchedulerType() APIs failed to return data for a non running domain. This can be seen through a 'virsh schedinfo <domain>' command which returns: Scheduler : Unknown error: Requested operation is not valid: cgroup CPU controller is not mounted Prior to that change a non running domain would return: Scheduler : posix cpu_shares : 0 vcpu_period : 0 vcpu_quota : 0 emulator_period: 0 emulator_quota : 0 This patch will restore the capability to return configuration only data for a non running domain regardless of whether cgroups are available. (cherry picked from commit b2375453)
-
- 18 6月, 2013 4 次提交
-
-
由 Ján Tomko 提交于
Use the host number as the host number when constructing the sysfs path instead of the variable we are trying to fill. https://bugzilla.redhat.com/show_bug.cgi?id=973543 (cherry picked from commit 371c1551)
-
由 Jiri Denemark 提交于
(cherry picked from commit ddf8ad82)
-
由 Ján Tomko 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=973543 (cherry picked from commit cbb3b71d)
-
由 Ján Tomko 提交于
Change the socket path to match the one used by lockd driver. https://bugzilla.redhat.com/show_bug.cgi?id=968128 (cherry picked from commit 70fe1295)
-
- 04 6月, 2013 3 次提交
-
-
由 Jiri Denemark 提交于
Our configure.ac says: Not all versions of gnutls include -lgcrypt, and so we add it explicitly for the calls to gcry_control/check_version Thus we cannot rely on gnutls-devel to bring grcypt-devel as a dependency. (cherry picked from commit 3b50a711)
-
由 Jiri Denemark 提交于
Using an uninitialized value and a bool saying if the value is valid may confuse compilators. (cherry picked from commit 4db39e3f)
-
- 03 6月, 2013 3 次提交
-
-
由 Daniel Veillard 提交于
* configure.ac docs/news.html.in libvirt.spec.in: update for the release * po/*.po*: pull localization updates and regenerate the po
-
由 Osier Yang 提交于
-
由 Osier Yang 提交于
Use style like: void foo (const char *name) { printf("Hello, %s\n", name); } Later patches will clean up node_device_hal.c more.
-
- 01 6月, 2013 4 次提交
-
-
由 Osier Yang 提交于
With unknown good reasons, the attribute "bus" of scsi device address is always set to 0, same for attribute "target". (See virDomainDiskDefAssignAddress). Though we might need to change the algorithm to honor "bus" and "target" too, that's a different issue. The address generator for scsi host device in this patch just follows the unknown good reasons, only considering the "controller" and "unit". It walks through all scsi controllers and their units, to see if the address $controller:0:0:$unit can be used (if not used by any disk or scsi host device yet), if found one, it sits on it, otherwise, it creates a new controller (actually the controller is implicitly created by someone else), and sits on $new_controller:0:0:0 instead.
-
由 Laine Stump 提交于
This should resolve: https://bugzilla.redhat.com/show_bug.cgi?id=959191 The problem was that qemuUpdateActivePciHostdevs was returning 0 (success) when no hostdevs were present, but would otherwise return -1 (failure) even when it completed successfully. It is only called from qemuProcessReconnect(), and when qemuProcessReconnect got back an error, it would not only stop reconnecting, but would terminate the guest qemu process "to remove danger of it ending up running twice if user tries to start it again later". (This bug was introduced in commit 011cf7ad, which was pushed between v1.0.2 and v1.0.3, so all maintenance branches from v1.0.3 up to 1.0.5 will need this one line patch applied.)
-
由 Guido Günther 提交于
Similar to what Eric did for Cygwin it helps at least to compile without --without-vbox
-
由 Eric Blake 提交于
A mingw build (where the qemu driver is not built, so WITH_QEMU is undefined) failed with: In file included from ../../src/qemu/qemu_command.h:30:0, from ../../tests/testutilsqemu.h:4, from ../../tests/networkxml2xmltest.c:14: ../../src/qemu/qemu_conf.h:53:4: error: #error "Port me" But since testutilsqemu.c is already conditional, the header should be likewise. * tests/testutilsqemu.h: Make content conditional. Signed-off-by: NEric Blake <eblake@redhat.com>
-