1. 03 7月, 2013 10 次提交
    • G
      LXC: blkio: allow to setup weight_device · 350fd95f
      Gao feng 提交于
      libivrt lxc can only set generic weight for container,
      This patch allows user to setup per device blkio
      weigh for container.
      Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
      350fd95f
    • G
      LXC: fix memory leak when userns configuration is incorrect · e7b3349f
      Gao feng 提交于
      We forgot to free the stack when Kernel doesn't
      support user namespace.
      Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
      e7b3349f
    • M
      virNetDevBandwidthUnplug: Don't leak @cmd · 5995fcf0
      Michal Privoznik 提交于
      When removing a TAP device, the associated bandwidth settings are
      removed. Currently, the /sbin/tc is used for that. It is spawned
      several times. Moreover, we use the same @cmd variable to
      construct the command and its arguments. That means we need to
      virCommandFree(cmd); prior to each virCommandNew(TC); which
      wasn't done.
      5995fcf0
    • M
      virCgroupNewPartition: Don't leak @newpath · bc132221
      Michal Privoznik 提交于
      The @newpath variable is allocated in virCgroupSetPartitionSuffix(). But
      it's newer freed.
      bc132221
    • C
      qemu: Implement 'oncrash' coredump events when guest panicked · 36bac65d
      Chen Fan 提交于
      Add doDumpCoreToAutoPath to implement
      'coredump-destroy' and 'coredump-restart' events of the 'on_crash'
      in the XML when domain crashed.
      36bac65d
    • C
      qemu: Implement 'oncrash' events when guest panicked · 9aa527dc
      Chen Fan 提交于
      Add monitor callback API domainGuestPanic, that implements
      'destroy', 'restart' and 'preserve' events of the 'on_crash'
      in the XML when domain crashed.
      9aa527dc
    • C
      qemu: expose qemuProcessShutdownOrReboot() · e8ccf7ed
      Chen Fan 提交于
      Later code will need this outside of qemu_process.c
      e8ccf7ed
    • C
      qemu: refactor processWatchdogEvent · bcf0c144
      Chen Fan 提交于
      Split the code to make the driver workpool more generalized
      bcf0c144
    • C
      libvirt: Define domain crash event types · 14e7e0ae
      Chen Fan 提交于
      This patch introduces domain crashed types and crashed reasons which
      will be used while guest panicked.
      14e7e0ae
    • E
      build: don't ship access syms files in tarball · 336bf8e2
      Eric Blake 提交于
      On a mingw VPATH build (such as done by ./autobuild.sh), the tarball
      created by 'make dist' was including generated files.  The VPATH
      rules were then seeing that the tarball files were up-to-date, and
      not regenerating files locally, leading to this failure:
      
        GEN      libvirt.syms
      cat: libvirt_access.syms: No such file or directory
      cat: libvirt_access_qemu.syms: No such file or directory
      cat: libvirt_access_lxc.syms: No such file or directory
      make: *** [libvirt.syms] Error 1
      
      We already have a category for generated sym files, which are
      intentionally not part of the tarball; stick the access sym
      files in that category.  The rearrange the declarations a bit
      to make it harder to repeat the problem, dropping things that
      are now redundant (for example, BUILT_FILES already includes
      GENERATED_SYM_FILES, so it does not also need to call out
      ACCESS_DRIVER_SYM_FILES).
      
      * src/Makefile.am (USED_SYM_FILES): Don't include generated files.
      (GENERATED_SYM_FILES): Access syms files are generated.
      (libvirt.syms): Include access syms files here.
      (ACCESS_DRIVER_SYMFILES): Rename...
      (ACCESS_DRIVER_SYM_FILES): ...for consistency.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      336bf8e2
  2. 02 7月, 2013 21 次提交
  3. 01 7月, 2013 7 次提交
    • J
      qemu: indentation fix · 87bbf83f
      Ján Tomko 提交于
      87bbf83f
    • M
      qemu: Implement CPUs check against machine type's cpu-max · ff968889
      Michal Novotny 提交于
      Implement check whether (maximum) vCPUs doesn't exceed machine
      type's cpu-max settings.
      
      On older versions of QEMU the check is disabled.
      Signed-off-by: NMichal Novotny <minovotn@redhat.com>
      ff968889
    • D
      Release of libvirt-1.1.0 · 034d3229
      Daniel Veillard 提交于
      * configure.ac docs/news.html.in libvirt.spec.in: updated for the release
      * po/*.po*: updated localizations and regenerated
      034d3229
    • D
      Crash of libvirtd by unprivileged user in virConnectListAllInterfaces · 244e0b8c
      Daniel P. Berrange 提交于
      On Thu, Jun 27, 2013 at 03:56:42PM +0100, Daniel P. Berrange wrote:
      > Hi Security Team,
      >
      > I've discovered a way for an unprivileged user with a readonly connection
      > to libvirtd, to crash the daemon.
      
      Ok, the final patch for this is issue will be the simpler variant that
      Eric suggested
      
      The embargo can be considered to be lifted on Monday July 1st, at
      0900 UTC
      
      The following is the GIT change that DV or myself will apply to libvirt
      GIT master immediately before the 1.1.0 release:
      
      >From 177b4165c531a4b3ba7f6ab6aa41dca9ceb0b8cf Mon Sep 17 00:00:00 2001
      From: "Daniel P. Berrange" <berrange@redhat.com>
      Date: Fri, 28 Jun 2013 10:48:37 +0100
      Subject: [PATCH] CVE-2013-2218: Fix crash listing network interfaces with
       filters
      
      The virConnectListAllInterfaces method has a double-free of the
      'struct netcf_if' object when any of the filtering flags cause
      an interface to be skipped over. For example when running the
      command 'virsh iface-list --inactive'
      
      This is a regression introduced in release 1.0.6 by
      
        commit 7ac2c4fe
        Author: Guannan Ren <gren@redhat.com>
        Date:   Tue May 21 21:29:38 2013 +0800
      
          interface: list all interfaces with flags == 0
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      244e0b8c
    • L
      pci: initialize virtual_functions array pointer to avoid segfault · 2c2525ab
      Laine Stump 提交于
      This fixes https://bugzilla.redhat.com/show_bug.cgi?id=971325
      
      The problem was that if virPCIGetVirtualFunctions was given the name
      of a non-existent interface, it would return to its caller without
      initializing the pointer to the array of virtual functions to NULL,
      and the caller (virNetDevGetVirtualFunctions) would try to VIR_FREE()
      the invalid pointer.
      
      The final error message before the crash would be:
      
       virPCIGetVirtualFunctions:2088 :
        Failed to open dir '/sys/class/net/eth2/device':
        No such file or directory
      
      In this patch I move the initialization in virPCIGetVirtualFunctions()
      to the begining of the function, and also do an explicit
      initialization in virNetDevGetVirtualFunctions, just in case someone
      in the future adds code into that function prior to the call to
      virPCIGetVirtualFunctions.
      2c2525ab
    • L
      node device driver: update driver name during dumpxml · 374c5e4f
      Laine Stump 提交于
      This fixes:
      
        https://bugzilla.redhat.com/show_bug.cgi?id=979290
        https://bugzilla.redhat.com/show_bug.cgi?id=979330
      
      The node device driver was written with the assumption that udev would
      use a "change" event to notify libvirt of any change to device status
      (including the name of the driver it was bound to). It turns out this
      is not the case (see Comment 4 of BZ 979290). That means that a
      dumpxml for a device would always show whatever driver happened to be
      bound at the time libvirt was started (when the node device cache was
      built).
      
      There was already code in the driver (for the benefit of the HAL
      backend) that updated the driver name from sysfs each time a device's
      info was retrieved from the cache. This patch just enables that manual
      update for the udev backend as well.
      374c5e4f
    • D
      Document security reporting & handling process · 49e6a16f
      Daniel P. Berrange 提交于
      Historically security issues in libvirt have been primarily
      triaged & fixed by the Red Hat libvirt members & Red Hat
      security team, who then usually notify other vendors via
      appropriate channels. There have been a number of times
      when vendors have not been properly notified ahead of
      announcement. It has also disadvantaged community members
      who have to backport fixes to releases for which there are
      no current libvirt stable branches.
      
      To address this, we want to make the libvirt security process
      entirely community focused / driven. To this end I have setup
      a new email address "libvirt-security@redhat.com" for end
      users to report bugs which have (possible) security implications.
      
      This email addr is backed by an invitation only, private
      archive, mailing list. The intent is for the list membership
      to comprise a subset of the libvirt core team, along with any
      vendor security team engineers who wish to participate in a
      responsible disclosure process for libvirt. Members of the
      list will be responsible for analysing the problem to determine
      if a security issue exists and then issue fixes for all current
      official stable branches & git master.
      
      I am proposing the following libvirt core team people as
      members of the security team / list (all cc'd):
      
         Daniel Berrange (Red Hat)
         Eric Blake (Red Hat)
         Jiri Denemar (Red Hat)
         Daniel Veillard (Red Hat)
         Jim Fehlig (SUSE)
         Doug Goldstein (Gentoo)
         Guido Günther (Debian)
      
      We don't have anyone from Ubuntu on the libvirt core team.
      Serge Hallyn is the most frequent submitter of patches from
      Ubuntu in recent history, so I'd like to invite him to join.
      Alternatively, Serge, feel free to suggest someone else to
      represent Ubuntu's interests.
      
      If any other vendors/distros have security people who are
      responsible for dealing with libvirt security issues, and
      want to join to get early disclosure of issues, they can
      suggest people. Existing security team members will vet /
      approve such requests to ensure they are genuine.
      
      Anyone on the team / list will be **required** to honour any
      embargo period agreed between members for non-public issues
      that are reported. The aim will be to have a maximum 2 week
      embargo period in the common case, extendable to 1 month if
      there is sufficient justification made. If anyone feels they
      are unable to follow such an embargo process for whatever
      reason, please decline membership of the security list/team.
      
      The patch which follows puts up some docs on the website
      about all of this....
      
      Document how to report security bugs and the process that
      will be used for addressing them.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      49e6a16f
  4. 30 6月, 2013 1 次提交
    • E
      spec: require xen-devel for libxl driver · 3a214482
      Eric Blake 提交于
      When using 'rpmbuild --define "_without_xen 1"', but on a new enough
      Fedora where %{with_libxl} still gets set to 1 by default, the
      build dependencies were incomplete, which could result in 'make rpm'
      failing because ./configure failed to build the libxl driver.
      
      * libvirt.spec.in (BuildRequires): Fix xen-devel condition.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      3a214482
  5. 29 6月, 2013 1 次提交
    • J
      Resolve valgrind errors for nodedev cap parsing · 79e9a224
      John Ferlan 提交于
      There were two errors, one as a direct result of commit id '8807b285'
      and the other from cut-n-paste
      
      TEST: nodedevxml2xmltest
            ..............                           14  OK
      ==25735== 3 bytes in 1 blocks are definitely lost in loss record 1 of 24
      ==25735==    at 0x4A0887C: malloc (vg_replace_malloc.c:270)
      ==25735==    by 0x344D2AF275: xmlStrndup (in /usr/lib64/libxml2.so.2.9.1)
      ==25735==    by 0x4D0C767: virNodeDeviceDefParseNode (node_device_conf.c:997)
      ==25735==    by 0x4D0D3D2: virNodeDeviceDefParse (node_device_conf.c:1337)
      ==25735==    by 0x401CA4: testCompareXMLToXMLHelper (nodedevxml2xmltest.c:28)
      ==25735==    by 0x402B2F: virtTestRun (testutils.c:158)
      ==25735==    by 0x401B27: mymain (nodedevxml2xmltest.c:81)
      ==25735==    by 0x40316A: virtTestMain (testutils.c:722)
      ==25735==    by 0x37C1021A04: (below main) (libc-start.c:225)
      ==25735==
      ==25735== 16 bytes in 1 blocks are definitely lost in loss record 10 of 24
      ==25735==    at 0x4A08A6E: realloc (vg_replace_malloc.c:662)
      ==25735==    by 0x4C7385E: virReallocN (viralloc.c:184)
      ==25735==    by 0x4C73906: virExpandN (viralloc.c:214)
      ==25735==    by 0x4C73B4A: virInsertElementsN (viralloc.c:324)
      ==25735==    by 0x4D0C84C: virNodeDeviceDefParseNode (node_device_conf.c:1026)
      ==25735==    by 0x4D0D3D2: virNodeDeviceDefParse (node_device_conf.c:1337)
      ==25735==    by 0x401CA4: testCompareXMLToXMLHelper (nodedevxml2xmltest.c:28)
      ==25735==    by 0x402B2F: virtTestRun (testutils.c:158)
      ==25735==    by 0x401B27: mymain (nodedevxml2xmltest.c:81)
      ==25735==    by 0x40316A: virtTestMain (testutils.c:722)
      ==25735==    by 0x37C1021A04: (below main) (libc-start.c:225)
      ==25735==
      PASS: nodedevxml2xmltest
      
      The first error was resolved by adding a missing VIR_FREE(numberStr); in
      the new function virNodeDevCapPciDevIommuGroupParseXML().
      
      The second error was a bit more opaque as the error was a result of copying
      the free methodolgy of the existing code in virNodeDevCapsDefFree(). The code
      would free each of the entries in the array, but not the memory for the
      array itself.  Added the necessary VIR_FREE(data->pci_dev.iommuGroupDevices)
      and while at it added the missing VIR_FREE(data->pci_dev.virtual_functions)
      although there wasn't a test that tripped across it (thus it's been lurking
      since commit id 'a010165d').
      79e9a224