1. 03 7月, 2013 13 次提交
  2. 02 7月, 2013 21 次提交
  3. 01 7月, 2013 6 次提交
    • J
      qemu: indentation fix · 87bbf83f
      Ján Tomko 提交于
      87bbf83f
    • M
      qemu: Implement CPUs check against machine type's cpu-max · ff968889
      Michal Novotny 提交于
      Implement check whether (maximum) vCPUs doesn't exceed machine
      type's cpu-max settings.
      
      On older versions of QEMU the check is disabled.
      Signed-off-by: NMichal Novotny <minovotn@redhat.com>
      ff968889
    • D
      Release of libvirt-1.1.0 · 034d3229
      Daniel Veillard 提交于
      * configure.ac docs/news.html.in libvirt.spec.in: updated for the release
      * po/*.po*: updated localizations and regenerated
      034d3229
    • D
      Crash of libvirtd by unprivileged user in virConnectListAllInterfaces · 244e0b8c
      Daniel P. Berrange 提交于
      On Thu, Jun 27, 2013 at 03:56:42PM +0100, Daniel P. Berrange wrote:
      > Hi Security Team,
      >
      > I've discovered a way for an unprivileged user with a readonly connection
      > to libvirtd, to crash the daemon.
      
      Ok, the final patch for this is issue will be the simpler variant that
      Eric suggested
      
      The embargo can be considered to be lifted on Monday July 1st, at
      0900 UTC
      
      The following is the GIT change that DV or myself will apply to libvirt
      GIT master immediately before the 1.1.0 release:
      
      >From 177b4165c531a4b3ba7f6ab6aa41dca9ceb0b8cf Mon Sep 17 00:00:00 2001
      From: "Daniel P. Berrange" <berrange@redhat.com>
      Date: Fri, 28 Jun 2013 10:48:37 +0100
      Subject: [PATCH] CVE-2013-2218: Fix crash listing network interfaces with
       filters
      
      The virConnectListAllInterfaces method has a double-free of the
      'struct netcf_if' object when any of the filtering flags cause
      an interface to be skipped over. For example when running the
      command 'virsh iface-list --inactive'
      
      This is a regression introduced in release 1.0.6 by
      
        commit 7ac2c4fe
        Author: Guannan Ren <gren@redhat.com>
        Date:   Tue May 21 21:29:38 2013 +0800
      
          interface: list all interfaces with flags == 0
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      244e0b8c
    • L
      pci: initialize virtual_functions array pointer to avoid segfault · 2c2525ab
      Laine Stump 提交于
      This fixes https://bugzilla.redhat.com/show_bug.cgi?id=971325
      
      The problem was that if virPCIGetVirtualFunctions was given the name
      of a non-existent interface, it would return to its caller without
      initializing the pointer to the array of virtual functions to NULL,
      and the caller (virNetDevGetVirtualFunctions) would try to VIR_FREE()
      the invalid pointer.
      
      The final error message before the crash would be:
      
       virPCIGetVirtualFunctions:2088 :
        Failed to open dir '/sys/class/net/eth2/device':
        No such file or directory
      
      In this patch I move the initialization in virPCIGetVirtualFunctions()
      to the begining of the function, and also do an explicit
      initialization in virNetDevGetVirtualFunctions, just in case someone
      in the future adds code into that function prior to the call to
      virPCIGetVirtualFunctions.
      2c2525ab
    • L
      node device driver: update driver name during dumpxml · 374c5e4f
      Laine Stump 提交于
      This fixes:
      
        https://bugzilla.redhat.com/show_bug.cgi?id=979290
        https://bugzilla.redhat.com/show_bug.cgi?id=979330
      
      The node device driver was written with the assumption that udev would
      use a "change" event to notify libvirt of any change to device status
      (including the name of the driver it was bound to). It turns out this
      is not the case (see Comment 4 of BZ 979290). That means that a
      dumpxml for a device would always show whatever driver happened to be
      bound at the time libvirt was started (when the node device cache was
      built).
      
      There was already code in the driver (for the benefit of the HAL
      backend) that updated the driver name from sysfs each time a device's
      info was retrieved from the cache. This patch just enables that manual
      update for the udev backend as well.
      374c5e4f