- 04 1月, 2018 14 次提交
-
-
由 Marc Hartmayer 提交于
There is a race between virNetServerProcessClients (main thread) and remoteDispatchAuthList/remoteDispatchAuthPolkit/remoteSASLFinish (worker thread) that can lead to decrementing srv->nclients_unauth when it's zero. Since virNetServerCheckLimits relies on the value srv->nclients_unauth the underrun causes libvirtd to stop accepting new connections forever. Example race scenario (assuming libvirtd is using policykit and the client is privileged): 1. The client calls the RPC remoteDispatchAuthList => remoteDispatchAuthList is executed on a worker thread (Thread T1). We're assuming now the execution stops for some time before the line 'virNetServerClientSetAuth(client, 0)' 2. The client closes the connection irregularly. This causes the event loop to wake up and virNetServerProcessClient to be called (on the main thread T0). During the virNetServerProcessClients the srv lock is hold. The condition virNetServerClientNeedAuth(client) will be checked and as the authentication is not finished right now virNetServerTrackCompletedAuthLocked(srv) will be called => --srv->nclients_unauth => 0 3. The Thread T1 continues, marks the client as authenticated, and calls virNetServerTrackCompletedAuthLocked(srv) => --srv->nclients_unauth => --0 => wrap around as nclient_unauth is unsigned 4. virNetServerCheckLimits(srv) will disable the services forever To fix it, add an auth_pending field to the client struct so that it is now possible to determine if the authentication process has already been handled for this client. Setting the authentication method to none for the client in virNetServerProcessClients is not a proper way to indicate that the counter has been decremented, as this would imply that the client is authenticated. Additionally, adjust the existing test cases for this new field. Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>
-
由 Marc Hartmayer 提交于
Combine virNetServerClientSetAuth(client, VIR_NET_SERVER_SERVICE_AUTH_NONE) and virNetServerTrackCompletedAuth into one new function named virNetServerSetClientAuthenticated. After using this new function the function virNetServerTrackCompletedAuth was superfluous and is therefore removed. In addition, it is not very common that a '{{function}}' (virNetServerTrackCompletedAuth) does more than just the locking compared to '{{function}}Locked' (virNetServerTrackCompletedAuthLocked). virNetServerTrackPendingAuth was already superfluous and therefore it's also removed. Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Reviewed-by: NStefan Zimmermann <stzi@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Marc Hartmayer 提交于
The lock for @client must not only be held for the duration of checking whether the client wants to close, but also for as long as we're closing the client. The same applies to the tracking of authentications. Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com>
-
由 Marc Hartmayer 提交于
Add virNetServerClientAuthMethodImpliesAuthenticated() for deciding whether a authentication method implies that a client is automatically authenticated or not. Use this new function in virNetServerClientNeedAuthLocked(). Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Reviewed-by: NStefan Zimmermann <stzi@linux.vnet.ibm.com>
-
由 Marc Hartmayer 提交于
This makes the code more efficient. Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: NBjoern Walk <bwalk@linux.vnet.ibm.com> Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Reviewed-by: NStefan Zimmermann <stzi@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Marc Hartmayer 提交于
Be more precise in which cases the authentication is needed and introduce *Locked. Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Reviewed-by: NBjoern Walk <bwalk@linux.vnet.ibm.com> Reviewed-by: NStefan Zimmermann <stzi@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Marc Hartmayer 提交于
Add typedef for the anonymous enum used for the authentication methods and remove the default case. This allows the usage of the type in a switch statement and taking advantage of the compilers feature to detect uncovered cases. Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Reviewed-by: NStefan Zimmermann <stzi@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Marc Hartmayer 提交于
Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Reviewed-by: NBjoern Walk <bwalk@linux.vnet.ibm.com> Reviewed-by: NStefan Zimmermann <stzi@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Marc Hartmayer 提交于
Direct leak of 104 byte(s) in 1 object(s) allocated from: #0 0x7f904bfbe12b (/lib64/liblsan.so.0+0xe12b) #1 0x7f904ba0ad67 in virAlloc ../../src/util/viralloc.c:144 #2 0x7f904bbc11a4 in virNetMessageNew ../../src/rpc/virnetmessage.c:42 #3 0x7f904bbb8e77 in virNetServerClientNewInternal ../../src/rpc/virnetserverclient.c:392 #4 0x7f904bbb9921 in virNetServerClientNew ../../src/rpc/virnetserverclient.c:440 #5 0x402ce5 in testIdentity ../../tests/virnetserverclienttest.c:55 #6 0x403bed in virTestRun ../../tests/testutils.c:180 #7 0x402c1e in mymain ../../tests/virnetserverclienttest.c:146 #8 0x404c80 in virTestMain ../../tests/testutils.c:1119 #9 0x4030d5 in main ../../tests/virnetserverclienttest.c:152 #10 0x7f9047f7f889 in __libc_start_main (/lib64/libc.so.6+0x20889) Indirect leak of 4 byte(s) in 1 object(s) allocated from: #0 0x7f904bfbe12b (/lib64/liblsan.so.0+0xe12b) #1 0x7f904ba0adc7 in virAllocN ../../src/util/viralloc.c:191 #2 0x7f904bbb8ec7 in virNetServerClientNewInternal ../../src/rpc/virnetserverclient.c:395 #3 0x7f904bbb9921 in virNetServerClientNew ../../src/rpc/virnetserverclient.c:440 #4 0x402ce5 in testIdentity ../../tests/virnetserverclienttest.c:55 #5 0x403bed in virTestRun ../../tests/testutils.c:180 #6 0x402c1e in mymain ../../tests/virnetserverclienttest.c:146 #7 0x404c80 in virTestMain ../../tests/testutils.c:1119 #8 0x4030d5 in main ../../tests/virnetserverclienttest.c:152 #9 0x7f9047f7f889 in __libc_start_main (/lib64/libc.so.6+0x20889) SUMMARY: LeakSanitizer: 108 byte(s) leaked in 2 allocation(s). Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Marc Hartmayer 提交于
Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: NBjoern Walk <bwalk@linux.vnet.ibm.com> Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Reviewed-by: NStefan Zimmermann <stzi@linux.vnet.ibm.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Eduardo Habkost 提交于
All calls to virDomainAuditCgroupPath() were passing 'rc == 0' as argument, when it was supposed to pass the 'rc' value directly. As a consequence, the audit events that were supposed to be logged (actual cgroup changes) were never being logged, and bogus audit events were logged when using regular files as disk image. Fix all calls to use the return value of virCgroup{Allow,Deny}Device*() directly as the 'rc' argument. Signed-off-by: NEduardo Habkost <ehabkost@redhat.com> Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
We don't try to right align the backslashes anymore. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Eric Blake 提交于
This pulls in updates for the 2018 copyright year, among other things. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Cédric Bosdonnat 提交于
Fix rule introduced by commit 0f33025a: * to handle /var/run not being a symlink to /run * to be properly parsed: missing comma at the end.
-
- 03 1月, 2018 10 次提交
-
-
由 Julio Faracco 提交于
After commit a693fdba 'vol-dumpxml' missed the ability to show backingStore information. This commit adds a volume type for files that fixes this problem. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1529663Signed-off-by: NJulio Faracco <jcfaracco@gmail.com>
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1448149 If a domain has no numa nodes, that means we don't put any memory-backend-file onto the qemu command line. That in turn means we can't set access='shared'. Therefore, we should produce an error instead of ignoring the setting silently. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Peter Krempa 提交于
The PROBE macro used in qemuMonitorIOProcess and the VIR_DEBUG message in qemuMonitorJSONIOProcess create a lot of logging churn when debug logging is enabled during monitor communication. The messages logged from the PROBE macro are rather useless since they are reporting the partial state of receiving the reply from qemu. The actual full reply is still logged in qemuMonitorJSONIOProcessLine once the full message is received.
-
由 Peter Krempa 提交于
PROBE macro adds a logging entry, when used in places seeing a lot of traffic this can cause a significant slowdown.
-
由 Chen Hanxiao 提交于
There are a few more description-related issues that commit @9026d115 forgot to address. Signed-off-by: NChen Hanxiao <chenhanxiao@gmail.com> Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
由 Cédric Bosdonnat 提交于
Set a transient hostname on containers. The hostname is computed from the container name, only keeping the valid characters [a-zA-Z0-9-] in it. This filtering is based on RFC 1123 and allows a digit to start the hostname.
-
由 Cédric Bosdonnat 提交于
Add a function to filter a string based on a list of valid characters.
-
由 Chen Hanxiao 提交于
There's no argument named @result, use @matches instead. Signed-off-by: NChen Hanxiao <chenhanxiao@gmail.com> Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
由 Christian Ehrhardt 提交于
On live migration with --p2p like: $ virsh migrate --live --p2p kvmguest-bionic-normal \ qemu+ssh://10.6.221.80/system We hit an apparmor deny like: apparmor="DENIED" operation="file_inherit" profile="/usr/sbin/libvirtd" pid=23477 comm="ssh" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send" addr=none peer_addr=none peer="unconfined" The rule is not perfect, but can't be restricted further at the moment (new upstream kernel features needed). For now the lack of a profile on the peer as well as comm not being a conditional on rules do not allow to filter further. Signed-off-by: NChristian Ehrhardt <christian.ehrhardt@canonical.com>
-
由 Michal Privoznik 提交于
These are already exported at header file level because of VIR_ENUM_DECL being in numa_conf.h. However, they are not being exported at object level because of missing libvirt_private.syms record. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
- 02 1月, 2018 4 次提交
-
-
由 Andrea Bolognani 提交于
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
-
由 Andrea Bolognani 提交于
QEMU 2.7 and newer don't allow guests to start unless the initial vCPUs count is a multiple of the vCPU hotplug granularity, so validate it and report an error if needed. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1283700Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
-
由 Andrea Bolognani 提交于
While at the moment we're only performing a single check that is connected to vCPU hotplugging, we're going to introduce a second one soon. Move the topology check underneath the capability check to make that easier; since, after this change, the 'topologycpus' variable doesn't need to have function scope, we move its declaration to the inner scope as well. The comments around the check are modified in order to explain the different QEMU versions involved. Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
-
由 Pavel Hrdina 提交于
Introduced by commit <4ae9dbea>. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1528572Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
- 21 12月, 2017 3 次提交
-
-
由 John Ferlan 提交于
Similar to qemuDomainAddChardevTLSObjects let's move the chardev source must be TCP and it has the @haveTLS flag set checks before trying to delete the TLS objects. For the Chr device this represents no change; however, for RNG device this is an additionaly check that was missed in commit id '68808516'. Before adding the objects, TCP and haveTLS are checked.
-
由 John Ferlan 提交于
Let's make a comment deletion helper similar to the Add helper that can be called after the ExitMonitor. The modify qemuDomainRemoveChrDevice and qemuDomainRemoveRNGDevice to call the helper instead of inlining the copy and pasted code.
-
由 Cédric Bosdonnat 提交于
So far clients were closed when disposing the daemon, after the state driver cleanup. This was leading to libvirtd crashing at shutdown due to missing driver. Moving the client close in virNetServerClose() fixes the problem. Reviewed-by: NErik Skultety <eskultet@redhat.com>
-
- 20 12月, 2017 1 次提交
-
-
由 Cédric Bosdonnat 提交于
virt-aa-helper needs read access to the disk image to resolve symlinks and add the proper rules to the profile. Its profile whitelists a few common paths, but users can place their images anywhere. This commit helps users allowing access to their images by adding their own rules in apparmor.d/local/usr.lib.libvirt.virt-aa-helper. This commit also adds rules to allow reading files named: - *.raw as this is a rather common disk image extension - /run/libvirt/**[vd]d[a-z] as these are used by virt-sandbox
-
- 19 12月, 2017 2 次提交
-
-
由 Daniel P. Berrange 提交于
When autogen.sh finishes it helpfully prints "Now type 'make' to compile libvirt." which is fine if on a host with GNU make, but on *BSD running 'make' will end in tears. We should tell users to run 'gmake' on these platforms. If 'gmake' doesn't exist then we should report an error too "GNU make is required to build libvirt" Reviewed-by: NAndrea Bolognani <abologna@redhat.com> Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Jim Fehlig 提交于
The list_guests function in libvirt-guests uses 'grep -v' to filter Xen domain0 from a list of guests. If domain0 is the only item in the list, 'grep -v' returns 1, causing the 'stop' operation to fail when action is 'suspend'. Improve the filtering by using sed to remove domain0 from the list of guests.
-
- 18 12月, 2017 1 次提交
-
-
由 Erik Skultety 提交于
Prior to this change, we relied solely on the inherited readonly attribute of a service's socket. This only worked for our UNIX sockets (and only to some degree), but doesn't work for TCP sockets which are RW by default, but such connections support RO as well. This patch forces an update on the client object once we have established a connection to reflect the nature of the connection itself rather than relying on the underlying socket's attributes. Clients connected to the admin server have always been connected as RW only. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1524399Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
- 16 12月, 2017 1 次提交
-
-
由 Jim Fehlig 提交于
A Xen domain0 is better described as a persistent domain. Mark it as such during intialization.
-
- 15 12月, 2017 3 次提交
-
-
由 Andrea Bolognani 提交于
The use of [[:blank:]] was intended to cover tabs as well, but it couldn't possibly work in its current form, so the regex was tweaked in d09429ab. With the original reason for using [[:blank:]] now gone, we can replace its usage with plain spaces. A comment about the purpose of the check is added as well. Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
-
由 Laine Stump 提交于
ebtables/iptables processing is skipped for any interface connected to Open vSwitch (they have their own packet filtering), likewise for midonet (according to http://blog.midokura.com/2016/04/midonet-rule-chains), but libvirt would allow adding a <filterref> to interfaces connected in these ways, so the user might mistakenly believe they were being protected. This patch checks for a non-NULL <virtualport> element for an interface (or its network) and logs an error if <virtualport> and <filterref> are both present. This could cause some previously working domains to no longer start, but that's really the whole point of this patch - to warn people that their filterref isn't protecting them as they might have thought. I don't bother checking this during post-parse validation, because such a check would be incomplete - it's possible that a network would have a <virtualport> that would be applied to an interface, and you can't know that until the domain is started. Resolves: https://bugzilla.redhat.com/1502754
-
由 Laine Stump 提交于
When the <bandwidth> of an interface is changed with update-device, the old settings are cleared with tc, then new settings added with tc. But if the <bandwidth has been removed, the old settings weren't being removed, so the bandwidth restrictions would still be active on the interface although the interface status in libvirt showed that they had been removed. This patch fixes it by calling virNetDevBandwidthClear() if the "modification" to the interface bandwidth was to completely clear it. An alternative could have been to modify virNetDevBandwidthSet() to always clear existing bandwith settings at the beginning of the function (currently it short circuits in that case, doing nothing), but that would have led to cases where virNetDevBandwidthClear() was now being called in cases where it previously wasn't, and while many of those cases would be NOPs, there could be cases where it would cause an error. The way this patch works, the ...Clear() function is only called in cases where the ...Set() function had previously been called successfully, so the risk of regression is minimized. Resolves: https://bugzilla.redhat.com/1454709
-
- 14 12月, 2017 1 次提交
-
-
由 Ján Tomko 提交于
Also call qemuDomainRemoveInputDevice if we receive the event after the Detach API ends. Commit 67486bb2 failed to include this. https://bugzilla.redhat.com/show_bug.cgi?id=1524837Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NErik Skultety <eskultet@redhat.com>
-