1. 30 10月, 2013 2 次提交
  2. 21 10月, 2013 2 次提交
    • D
      Don't link virt-login-shell against libvirt.so (CVE-2013-4400) · 062ad8b2
      Daniel P. Berrange 提交于
      The libvirt.so library has far too many library deps to allow
      linking against it from setuid programs. Those libraries can
      do stuff in __attribute__((constructor) functions which is
      not setuid safe.
      
      The virt-login-shell needs to link directly against individual
      files that it uses, with all library deps turned off except
      for libxml2 and libselinux.
      
      Create a libvirt-setuid-rpc-client.la library which is linked
      to by virt-login-shell. A config-post.h file allows this library
      to disable all external deps except libselinux and libxml2.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      (cherry picked from commit 3e2f27e1)
      062ad8b2
    • D
      Fix perms for virConnectDomainXML{To,From}Native (CVE-2013-4401) · 1adbe4fa
      Daniel P. Berrange 提交于
      The virConnectDomainXMLToNative API should require 'connect:write'
      not 'connect:read', since it will trigger execution of the QEMU
      binaries listed in the XML.
      
      Also make virConnectDomainXMLFromNative API require a full
      read-write connection and 'connect:write' permission. Although the
      current impl doesn't trigger execution of QEMU, we should not
      rely on that impl detail from an API permissioning POV.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      (cherry picked from commit 57687fd6)
      1adbe4fa
  3. 24 9月, 2013 1 次提交
  4. 17 9月, 2013 1 次提交
    • P
      lib: Don't force the key argument when deleting metadata · 3b6784d1
      Peter Krempa 提交于
      virDomainSetMetadata when operating on the metadata element was
      requesting the @key argument to be passed even if @metadata was NULL
      used to delete the corresponding metadata element. This is not needed as
      the key is only used when adding the element and matching is done via
      the XML namespace.
      3b6784d1
  5. 13 9月, 2013 1 次提交
    • E
      docs: mention hostname subtlety · 5c7f820d
      Eric Blake 提交于
      An off-list bug report mentioned some confusion where the public
      documentation of libvirt.c:virConnectGetHostname did not match
      the private documentation of util/virutil.c:virGetHostname.
      
      * src/libvirt.c (virConnectGetHostname): Tweak docs.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      5c7f820d
  6. 12 9月, 2013 1 次提交
  7. 11 9月, 2013 1 次提交
  8. 17 8月, 2013 1 次提交
  9. 12 8月, 2013 1 次提交
    • E
      build: avoid -lgcrypt with newer gnutls · 6094b1ff
      Eric Blake 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=951637
      
      Newer gnutls uses nettle, rather than gcrypt, which is a lot nicer
      regarding initialization.  Yet we were unconditionally initializing
      gcrypt even when gnutls wouldn't be using it, and having two crypto
      libraries linked into libvirt.so is pointless, but mostly harmless
      (it doesn't crash, but does interfere with certification efforts).
      
      There are three distinct version ranges to worry about when
      determining which crypto lib gnutls uses, per these gnutls mails:
      2.12: http://lists.gnu.org/archive/html/gnutls-devel/2011-03/msg00034.html
      3.0: http://lists.gnu.org/archive/html/gnutls-devel/2011-07/msg00035.html
      
      If pkg-config can prove version numbers and/or list the crypto
      library used for static linking, we have our proof; if not, it
      is safer (even if pointless) to continue to use gcrypt ourselves.
      
      * configure.ac (WITH_GNUTLS): Probe whether to add -lgcrypt, and
      define a witness WITH_GNUTLS_GCRYPT.
      * src/libvirt.c (virTLSMutexInit, virTLSMutexDestroy)
      (virTLSMutexLock, virTLSMutexUnlock, virTLSThreadImpl)
      (virGlobalInit): Honor the witness.
      * libvirt.spec.in (BuildRequires): Make gcrypt usage conditional,
      no longer needed in Fedora 19.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      6094b1ff
  10. 26 7月, 2013 1 次提交
  11. 22 7月, 2013 1 次提交
  12. 18 7月, 2013 2 次提交
    • J
      Clarify virDomainDetachDeviceFlags documentation · 1f71de59
      Jiri Denemark 提交于
      1f71de59
    • D
      Introduce new domain create APIs to pass pre-opened FDs to LXC · d76227be
      Daniel P. Berrange 提交于
      With container based virt, it is useful to be able to pass
      pre-opened file descriptors to the container init process.
      This allows for containers to be auto-activated from incoming
      socket connections, passing the active socket into the container.
      
      To do this, introduce a pair of new APIs, virDomainCreateXMLWithFiles
      and virDomainCreateWithFiles, which accept an array of file
      descriptors. For the LXC driver, UNIX file descriptor passing
      will be used to send them to libvirtd, which will them pass
      them down to libvirt_lxc, which will then pass them to the container
      init process.
      
      This will only be implemented for LXC right now, but the design
      is generic enough it could work with other hypervisors, hence
      I suggest adding this to libvirt.so, rather than libvirt-lxc.so
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      d76227be
  13. 16 7月, 2013 1 次提交
  14. 11 7月, 2013 1 次提交
  15. 10 7月, 2013 1 次提交
  16. 08 7月, 2013 1 次提交
  17. 25 6月, 2013 6 次提交
  18. 24 6月, 2013 2 次提交
  19. 18 6月, 2013 2 次提交
  20. 10 6月, 2013 1 次提交
    • P
      Fix commit 29c1e913 · c2093b2a
      Peter Krempa 提交于
      This patch fixes changes done in commit 29c1e913
      that was pushed without implementing review feedback.
      
      The flag introduced by the patch is changed to VIR_DOMAIN_VCPU_GUEST and
      documentation makes the difference between regular hotplug and this new
      functionality more explicit.
      
      The virsh options that enable the use of the new flag are changed to
      "--guest" and the documentation is fixed too.
      c2093b2a
  21. 07 6月, 2013 1 次提交
  22. 01 6月, 2013 1 次提交
  23. 21 5月, 2013 1 次提交
  24. 16 5月, 2013 1 次提交
    • D
      Move VirtualBox driver into libvirtd · ba5f3c7c
      Daniel P. Berrange 提交于
      Change the build process & driver initialization so that the
      VirtualBox driver is built into libvirtd, instead of libvirt.so
      This change avoids the VirtualBox GPLv2-only license causing
      compatibility problems with libvirt.so which is under the
      GPLv2-or-later license.
      
      NB this change prevents use of the VirtualBox driver on the
      Windows platform, until such time as libvirtd can be made
      to work there.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      ba5f3c7c
  25. 15 5月, 2013 2 次提交
  26. 11 5月, 2013 1 次提交
    • L
      util: move virFile* functions from virutil.c to virfile.c · bfe7721d
      Laine Stump 提交于
      These all existed before virfile.c was created, and for some reason
      weren't moved.
      
      This is mostly straightfoward, although the syntax rule prohibiting
      write() had to be changed to have an exception for virfile.c instead
      of virutil.c.
      
      This movement pointed out that there is a function called
      virBuildPath(), and another almost identical function called
      virFileBuildPath(). They really should be a single function, which
      I'll take care of as soon as I figure out what the arglist should look
      like.
      bfe7721d
  27. 10 5月, 2013 1 次提交
  28. 09 5月, 2013 1 次提交
  29. 07 5月, 2013 1 次提交
    • D
      rpc: message related sizes enlarged · e914dcfd
      Daniel Hansel 提交于
      We have seen an issue on s390x platform where domain XMLs larger than 1MB
      were used. The define command was finished successfully. The dumpxml command
      was not successful (i.e. could not encode message payload).
      
      Enlarged message related sizes (e.g. maximum string size, message size, etc.)
      to handle larger system configurations used on s390x platform.
      
      To improve handling of the RPC message size the allocation during encode process
      is changed to a dynamic one (i.e. starting with 64kB initial size and increasing
      that size in steps up to 16MB if the payload data is larger).
      Signed-off-by: NDaniel Hansel <daniel.hansel@linux.vnet.ibm.com>
      Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
      e914dcfd