- 24 6月, 2019 2 次提交
-
-
由 Ján Tomko 提交于
This API can be used to execute arbitrary emulators. Forbid it on read-only connections. Fixes: CVE-2019-10167 Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com> (cherry picked from commit 8afa68ba) Signed-off-by: NJán Tomko <jtomko@redhat.com>
-
由 Ján Tomko 提交于
The virDomainSaveImageGetXMLDesc API is taking a path parameter, which can point to any path on the system. This file will then be read and parsed by libvirtd running with root privileges. Forbid it on read-only connections. Fixes: CVE-2019-10161 Reported-by: NMatthias Gerstner <mgerstner@suse.de> Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com> (cherry picked from commit aed6a032) Signed-off-by: NJán Tomko <jtomko@redhat.com> Conflicts: src/libvirt-domain.c src/remote/remote_protocol.x Upstream commit 12a51f37 which introduced the VIR_DOMAIN_SAVE_IMAGE_XML_SECURE alias for VIR_DOMAIN_XML_SECURE is not backported. Just skip the commit since we now disallow the whole API on read-only connections, regardless of the flag. Signed-off-by: NJán Tomko <jtomko@redhat.com>
-
- 04 10月, 2016 5 次提交
-
-
由 Martin Kletzander 提交于
Fixed in master by multiple commits. This merely makes sure syntax-check works with cppi installed. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Pavel Hrdina 提交于
Fix the regex for excluding files for this syntax-rule. The rule "include/" will not work, because we are matching the whole line like this "^(...|include/|...)$ so we need to use "include/libvirt/libvirt.+". The second issue is that we are using only one '$' but there should be two of those at the end. The last small adjustment is to escape dots '.' so it match only dot. Signed-off-by: NPavel Hrdina <phrdina@redhat.com> (cherry picked from commit a94efa50)
-
由 Marc Hartmayer 提交于
Before the variable 'bits' was initialized with 0 (commit 3470cd86), the following bug was possible. A function call with an empty bitmap leads to undefined behavior. Because if 'bitmap->map_len == 0' 'unusedBits' will be <= 0 and 'sz == 1'. So the non global and non static variable 'bits' would have never been set. Consequently the check 'bits == 0' results in undefined behavior. This patch clarifies the current version of the function by handling the empty bitmap explicitly. Also, for an empty bitmap there is obviously no bit set so we can just return -1 (indicating no bit set) right away. The explicit check for 'bits == 0' after the loop is unnecessary because we only get to this point if no set bit was found. Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Reviewed-by: NSascha Silbe <silbe@linux.vnet.ibm.com> Reviewed-by: NBjoern Walk <bwalk@linux.vnet.ibm.com> Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> (cherry picked from commit 7cd01a24)
-
由 Martin Kletzander 提交于
When building using -Og, gcc sees that some variables can be used uninitialized It can be debatable whether it is possible with our codeflow, but functions should be self-contained and initializations are always good. The return instead of goto is due to actualType being used in the cleanup. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com> (cherry picked from commit 3470cd86)
-
由 Martin Kletzander 提交于
If this reminds you of a commit message from around a year ago, it's 41c2aa72 and yes, we're dealing with "the same thing" again. Or f309db1f and it's similar. There is a logic in place that if there is no real need for memory-backend-file, qemuBuildMemoryBackendStr() returns 0. However that wasn't the case with hugepage backing. The reason for that was that we abused the 'pagesize' variable for storing that information, but we should rather have a separate one that specifies whether we really need the new object for hugepage backing. And that variable should be set only if this particular NUMA cell needs special treatment WRT hugepages. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1372153Signed-off-by: NMartin Kletzander <mkletzan@redhat.com> (cherry picked from commit 4372a7845acbc6974f6027ef68e7dd3eeb47f425)
-
- 14 7月, 2016 1 次提交
-
-
由 Daniel P. Berrange 提交于
The systemd-machined tools libvirt uses were split into a systemd-container RPM. Without depending on this, libvirt may silently fallback to the non-systemd cgroup impl which is not desirable. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit ffc49e57)
-
- 04 7月, 2016 1 次提交
-
-
由 Jiri Denemark 提交于
CVE-2016-5008 Setting an empty graphics password is documented as a way to disable VNC/SPICE access, but QEMU does not always behaves like that. VNC would happily accept the empty password. Let's enforce the behavior by setting password expiration to "now". https://bugzilla.redhat.com/show_bug.cgi?id=1180092Signed-off-by: NJiri Denemark <jdenemar@redhat.com> (cherry picked from commit bb848fee)
-
- 01 5月, 2016 1 次提交
-
-
由 Daniel Veillard 提交于
* docs/news.html.in libvirt.spec.in: update for release * po/*.po* : regenerated
-
- 30 4月, 2016 4 次提交
-
-
由 Yuri Chornoivan 提交于
Signed-off-by: NYuri Chornoivan <yurchor@ukr.net>
-
由 Laine Stump 提交于
This reverts commit 6e244c65, which added support to qemu for the "peer" attribute in domain interface <ip> elements. It's being removed temporarily for the release of libvirt 1.3.4 because the feature doesn't work, and there are concerns that it may need to be modified in an externally visible manner which could create backward compatibility problems. Conflicts: tests/qemuxml2argvmock.c - a mock of virNetDevSetOnline() was added which may be assumed by other tests added since the original commit, so it isn't being reverted.
-
由 Laine Stump 提交于
This reverts commit afee47d0, which added support to lxc for the "peer" attribute in domain interface <ip> elements. It's being removed temporarily for the release of libvirt 1.3.4 because the feature doesn't work, and there are concerns that it may need to be modified in an externally visible manner which could create backward compatibility problems.
-
由 Laine Stump 提交于
This reverts commit 690969af, which added the domain config parts to support a "peer" attribute in domain interface <ip> elements. It's being removed temporarily for the release of libvirt 1.3.4 because the feature doesn't work, and there are concerns that it may need to be modified in an externally visible manner which could create backward compatibility problems.
-
- 29 4月, 2016 3 次提交
-
-
由 Ben Gray 提交于
FD passing APIs like CreateXMLWithFiles or OpenGraphicsFD will leak file descriptors. The user passes in an fd, which is dup()'d in virNetClientProgramCall. The new fd is what is transfered to the server virNetClientIOWriteMessage. Once all the fds have been written though, the parent msg->fds list is immediately free'd, so the individual fds are never closed. This closes each FD as its send to the server, so all fds have been closed by the time msg->fds is free'd. https://bugzilla.redhat.com/show_bug.cgi?id=1159766
-
由 Mikhail Feoktistov 提交于
If we want to delete all disks for container or vm we should make a loop from 0 to NumberOfDisks and always use zero index in PrlVmCfg_GetHardDisk to get disk handle. When we delete first disk after that numbers of other disks will be changed, start from 0 to NumberOfDisks-1. That's why we should always use zero index.
-
由 Nikolay Shirokovskiy 提交于
Add ULL suffix to all related operands of << or shift will give all zeros instead of correct mask. Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
-
- 28 4月, 2016 3 次提交
-
-
由 Martin Kletzander 提交于
Similarly to what commit 71408079 did with some internal paths, clear vnc socket paths that were generated by us. Having such path in the definition can cause trouble when restoring the domain. The path is generated to the per-domain directory that contains the domain ID. However, that ID will be different upon restoration, so qemu won't be able to create that socket because the directory will not be prepared. To be able to migrate to older libvirt, skip formatting the socket path in migratable XML if it was autogenerated. And mark it as autogenerated if it already exists and we're parsing live XML. Best viewed with '-C'. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1326270Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Peter Krempa 提交于
When the domain definition describes a machine with NUMA, setting the maximum vCPU count via the API might lead to an invalid config. Add a check that will forbid this until we add more advanced cpu config capabilities. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1327499
-
由 Peter Krempa 提交于
Instead of setting the default qemu stdio logging approach in virQEMUDriverConfigLoadFile set it in virQEMUDriverConfigNew so that it's properly set even when the config is not present. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1325075
-
- 27 4月, 2016 3 次提交
-
-
由 Martin Kletzander 提交于
If the domain name is long enough, the timestamp can prolong the filename for automatic coredump to more than the filesystem's limit. Simply shorten it like we do in other places. The timestamp helps with the unification, but having the ID in the name won't hurt. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1289363Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Martin Kletzander 提交于
Add virDomainObjGetShortName() and use it. For now that's used in one place, but we should expose it so that future patches can use it. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Martin Kletzander 提交于
Introduced by commit 15ad2ecf. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
- 26 4月, 2016 17 次提交
-
-
由 Cole Robinson 提交于
Currently we only allow /dev/random and /dev/hwrng as host input for <rng><backend model='random'/> device. This was added after various upstream discussions in commit 4932ef45 However this restriction has generated quite a few complaints over the years, so a new discussion was initiated: http://www.redhat.com/archives/libvir-list/2016-April/msg00987.html Several people suggested removing the restriction, and nobody really spoke up to defend it. So this patch drops the path restriction entirely https://bugzilla.redhat.com/show_bug.cgi?id=1074464
-
由 Cole Robinson 提交于
If you compile a client --without-polkit, and connect to a URI that needs polkit auth, the connection will fail with: $ ./tools/virsh --connect qemu+ssh://crobinso@machine/system error: failed to connect to the hypervisor error: authentication failed: unsupported authentication type 2 This is because the client side portion of the polkit handling is compiled out. However, nothing polkit specific is actually required of the client. Fix that error by unconditionally compiling the basic polkit client handling. https://bugzilla.redhat.com/show_bug.cgi?id=635529
-
由 Andrea Bolognani 提交于
Commit 1d440008 added some code that was not indented properly and broke syntax-check. Fix it.
-
由 Cole Robinson 提交于
If libvirt-daemon-config-network is installed while libvirtd is already running, the daemon doesn't notice the network. Users then have to manually restart libvirtd (or reboot) to pick up the network. Instead let's trigger a daemon restart when the package is first installed. Then the default network is available immediately if libvirtd was already running. https://bugzilla.redhat.com/show_bug.cgi?id=867546
-
由 Cole Robinson 提交于
The hex range already tried to allow for it, but it wasn't using the correct XML hex syntax. Fix it, and test it
-
由 Andrea Bolognani 提交于
Since commit 9b77ce63 we create a .in file while building all man pages, including those in the tools/ directory; update the ignore patterns to take this change into account. The new ignore patterns are generic enough that we can get rid of a few existing ones as well.
-
由 Andrea Bolognani 提交于
-
由 Andrea Bolognani 提交于
All top-level functions have been moved to this class. On top of that, the app.warning() method has been defined, so that calls to it - already present in rebuild() - can actually succeed.
-
由 Andrea Bolognani 提交于
This method is used in eg. index.merge(), but is not defined anywhere. The implementation has been copied from docBuilder.
-
由 Andrea Bolognani 提交于
Since commit d195cffa, both $(srcdir) and $(abs_builddir) are passed to the apibuild.py script; however, since the former is a relative path and the latter an absolute one, the script might not be able to detect whether they point to the same location. Pass both as relative paths to avoid the issue.
-
由 John Ferlan 提交于
Change 'ephemeral' to 'isephemeral' and 'private' to 'isprivate' since both are bools.
-
由 John Ferlan 提交于
Introduce the final accessor's to _virSecretObject data and move the structure from virsecretobj.h to virsecretobj.c The virSecretObjSetValue logic will handle setting both the secret value and the value_size. Some slight adjustments to the error path over what was in secretSetValue were made. Additionally, a slight logic change in secretGetValue where we'll check for the internalFlags and error out before checking for and erroring out for a NULL secret->value. That way, it won't be obvious to anyone that the secret value wasn't set rather they'll just know they cannot get the secret value since it's private.
-
由 John Ferlan 提交于
Introduce fetch and set accessor to the secretObj->def field for usage by the driver to avoid the driver needing to know the format of virSecretObj
-
由 John Ferlan 提交于
Move and rename the secretRewriteFile, secretSaveDef, and secretSaveValue from secret_driver to virsecretobj Need to make some slight adjustments since the secretSave* functions called secretEnsureDirectory, but otherwise mostly just a move of code.
-
由 John Ferlan 提交于
Move and rename secretDeleteSaved from secret_driver into virsecretobj and split it up into two parts since there is error path code that looks to just delete the secret data file
-
由 John Ferlan 提交于
Move to secret_conf.c and rename to virSecretLoadAllConfigs. Also includes moving/renaming the supporting virSecretLoad, virSecretLoadValue, and virSecretLoadValidateUUID.
-
由 John Ferlan 提交于
This patch replaces most of the guts of secret_driver.c with recently added secret_conf.c APIs in order manage secret lists and objects using the hashed virSecretObjList* lookup API's.
-