- 24 6月, 2019 2 次提交
-
-
由 Ján Tomko 提交于
This API can be used to execute arbitrary emulators. Forbid it on read-only connections. Fixes: CVE-2019-10167 Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com> (cherry picked from commit 8afa68ba) Signed-off-by: NJán Tomko <jtomko@redhat.com>
-
由 Ján Tomko 提交于
The virDomainSaveImageGetXMLDesc API is taking a path parameter, which can point to any path on the system. This file will then be read and parsed by libvirtd running with root privileges. Forbid it on read-only connections. Fixes: CVE-2019-10161 Reported-by: NMatthias Gerstner <mgerstner@suse.de> Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com> (cherry picked from commit aed6a032) Signed-off-by: NJán Tomko <jtomko@redhat.com> Conflicts: src/libvirt-domain.c src/remote/remote_protocol.x Upstream commit 12a51f37 which introduced the VIR_DOMAIN_SAVE_IMAGE_XML_SECURE alias for VIR_DOMAIN_XML_SECURE is not backported. Just skip the commit since we now disallow the whole API on read-only connections, regardless of the flag. Signed-off-by: NJán Tomko <jtomko@redhat.com>
-
- 04 10月, 2016 1 次提交
-
-
由 Andrea Bolognani 提交于
Commit ffc49e57 broke syntax-check: cppi: libvirt.spec.in: line 622: not properly indented cppi: libvirt.spec.in: line 624: not properly indented cppi: libvirt.spec.in: line 640: not properly indented cppi: libvirt.spec.in: line 642: not properly indented maint.mk: incorrect preprocessor indentation cfg.mk:697: recipe for target 'sc_spec_indentation' failed Indent the new conditionals properly. (cherry picked from commit 55d8daa0)
-
- 29 9月, 2016 1 次提交
-
-
由 Martin Kletzander 提交于
If this reminds you of a commit message from around a year ago, it's 41c2aa72 and yes, we're dealing with "the same thing" again. Or f309db1f and it's similar. There is a logic in place that if there is no real need for memory-backend-file, qemuBuildMemoryBackendStr() returns 0. However that wasn't the case with hugepage backing. The reason for that was that we abused the 'pagesize' variable for storing that information, but we should rather have a separate one that specifies whether we really need the new object for hugepage backing. And that variable should be set only if this particular NUMA cell needs special treatment WRT hugepages. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1372153Signed-off-by: NMartin Kletzander <mkletzan@redhat.com> (cherry picked from commit 4372a7845acbc6974f6027ef68e7dd3eeb47f425)
-
- 17 8月, 2016 1 次提交
-
-
由 John Ferlan 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1182074 Since libvirt still uses a legacy qemu arg format to add a disk, the manner in which the 'password-secret' argument is passed to qemu needs to change to prepend a 'file.' If in the future, usage of the more modern disk format, then the prepended 'file.' can be removed. Fix based on Jim Fehlig <jfehlig@suse.com> posting and subsequent upstream list followups, see: http://www.redhat.com/archives/libvir-list/2016-August/msg00777.html for details. Introduced by commit id 'a1344f70'. (cherry picked from commit d53d4650) Fixed some conflicts due to upstream commits not yet present in this maintenance branch.
-
- 14 7月, 2016 1 次提交
-
-
由 Daniel P. Berrange 提交于
The systemd-machined tools libvirt uses were split into a systemd-container RPM. Without depending on this, libvirt may silently fallback to the non-systemd cgroup impl which is not desirable. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit ffc49e57)
-
- 04 7月, 2016 1 次提交
-
-
由 Jiri Denemark 提交于
CVE-2016-5008 Setting an empty graphics password is documented as a way to disable VNC/SPICE access, but QEMU does not always behaves like that. VNC would happily accept the empty password. Let's enforce the behavior by setting password expiration to "now". https://bugzilla.redhat.com/show_bug.cgi?id=1180092Signed-off-by: NJiri Denemark <jdenemar@redhat.com> (cherry picked from commit bb848fee)
-
- 04 6月, 2016 1 次提交
-
-
由 Daniel Veillard 提交于
* docs/news.html.in: update with 1.3.5 data
-
- 03 6月, 2016 5 次提交
-
-
由 Daniel P. Berrange 提交于
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Martin Kletzander 提交于
When building using -Og, gcc sees that some variables can be used uninitialized It can be debatable whether it is possible with our codeflow, but functions should be self-contained and initializations are always good. The return instead of goto is due to actualType being used in the cleanup. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Michal Privoznik 提交于
So imagine the following. You connect read only to a daemon and try to fetch stats for a shut off domain, e.g.: virsh -r domstats $dom but all of a sudden, virsh instead of printing the stats throws the following error at you: error: Disconnected from qemu:///system due to I/O error error: End of file while reading data: Input/output error The daemon crashed. This is its backtrace: #0 0x00007fa43e3751a8 in virPerfEventIsEnabled (perf=0x0, type=VIR_PERF_EVENT_MBMT) at util/virperf.c:241 #1 0x00007fa424a9f042 in qemuDomainGetStatsPerf (driver=0x7fa3f4022a30, dom=0x7fa3f40e24c0, record=0x7fa41c000e20, maxparams=0x7fa4360b38d0, privflags=1) at qemu/qemu_driver.c:19110 #2 0x00007fa424a9f2e7 in qemuDomainGetStats (conn=0x7fa41c001b20, dom=0x7fa3f40e24c0, stats=127, record=0x7fa4360b3970, flags=1) at qemu/qemu_driver.c:19213 #3 0x00007fa424a9f672 in qemuConnectGetAllDomainStats (conn=0x7fa41c001b20, doms=0x7fa41c0017f0, ndoms=1, stats=127, retStats=0x7fa4360b3a50, flags=0) at qemu/qemu_driver.c:19303 #4 0x00007fa43e4e15f6 in virDomainListGetStats (doms=0x7fa41c0017f0, stats=0, retStats=0x7fa4360b3a50, flags=0) at libvirt-domain.c:11615 Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7f28d1a38700 (LWP 16154)] 0x00007f28da4fa1a8 in virPerfEventIsEnabled (perf=0x0, type=VIR_PERF_EVENT_MBMT) at util/virperf.c:241 241 return event->enabled; Problem is, shut off domains don't have priv->perf allocated. Therefore if in frame #1 qemuDomainGetStatsPerf() tries to check if perf events are enabled, NULL is passed to virPerfEventIsEnabled() which due to some incredible implementation dereference it. Fix this by checking whether passed object is not NULL. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
This function is not used anywhere. Moreover, the code that would use lives in virperf.c and therefore has access to the FD anyway. Well, for instance virPerfReadEvent is doing just that. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
There's this problem on the recent gcc-6.1: In file included from conf/domain_conf.c:37:0: conf/domain_conf.c: In function 'virDomainChrPreAlloc': conf/domain_conf.c:14109:35: error: potential null pointer dereference [-Werror=null-dereference] return VIR_REALLOC_N(*arrPtr, *cntPtr + 1); ^~ ./util/viralloc.h:158:73: note: in definition of macro 'VIR_REALLOC_N' # define VIR_REALLOC_N(ptr, count) virReallocN(&(ptr), sizeof(*(ptr)), (count), \ ^~~~~ conf/domain_conf.c: In function 'virDomainChrRemove': conf/domain_conf.c:14133:21: error: potential null pointer dereference [-Werror=null-dereference] for (i = 0; i < *cntPtr; i++) { ^~~~~~~ GCC basically fails to see, that the virDomainChrGetDomainPtrsInternal will never actually return NULL because it's never called over a domain char device with _LAST type. But to make it shut up, lets turn this function into returning an integer and check in the callers if a zero value value was returned. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 02 6月, 2016 3 次提交
-
-
由 Michal Privoznik 提交于
Okay, I admit that our code here is complex. It's not easy to spot that NULL deref can't really happen here. So it's no wonder that a dumb compiler fails to see all the connections and produces the following errors: CC conf/libvirt_conf_la-domain_conf.lo conf/domain_conf.c: In function 'virDomainDefFormatInternal': conf/domain_conf.c:22162:22: error: potential null pointer dereference [-Werror=null-dereference] if (sched->policy == i) ~~~~~^~~~~~~~ <snip/> cc1: all warnings being treated as errors Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
cpu/cpu_ppc64.c: In function 'ppc64Compute': cpu/cpu_ppc64.c:620:27: error: potential null pointer dereference [-Werror=null-dereference] if (STRNEQ(guest_model->name, host_model->name)) { ~~~~~~~~~~~^~~ cpu/cpu_ppc64.c:620:9: note: in expansion of macro 'STRNEQ' if (STRNEQ(guest_model->name, host_model->name)) { ^~~~~~ cc1: all warnings being treated as errors Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
So far, this function has just three callers. Two of them call virNetDevSetupControl to create a socket that we can then optionally use for ioctl() to fetch data. However, querying sysfs is preferred. Therefore it doesn't make much sense to require users to set up the socket if they don't even know it will be used in favour of sysfs. We can set up the socket iff we need to. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 01 6月, 2016 2 次提交
-
-
由 Laine Stump 提交于
Although dns host records are stored in a separate configuration file that is reread by dnsmasq when it receives a SIGHUP, the txt and srv records are directly in the dnsmasq .conf file which can't be reread after initial dnsmasq startup. This means that if an srv or txt record is modified in a network config, libvirt needs to restart the dnsmasq process rather than just sending a SIGHUP. This was pointed out in a question in https://bugzilla.redhat.com/show_bug.cgi?id=988718 , but no separate BZ was filed.
-
由 Pavel Hrdina 提交于
Commit b4a5fd95 introduced vram64 attribute for QXL video device but there were two issues. Only function qemuMonitorJSONUpdateVideoVram64Size should update the vram64 attribute and also the value is in MiB, not in B. Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
- 31 5月, 2016 2 次提交
-
-
由 Michal Privoznik 提交于
So the idea is as follows: firstly we obtain a list of all the luns, then iterate over it trying to find the one we want to work with and after all the iterations we detect whether we have found something. Now, the last check is broken, because it compares a value form previous iteration, not the one we've just been through. Then, when computing md5 sum of lun's UUID, we use wrong variable again. Well, @hostScsiDisk which is type of esxVI_HostScsiDisk extends esxVI_ScsiLun type so they both have the uuid member, but it just doesn't feel right to access the data via two different variables in one function call. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
There's a bug in the function. We expect the following format for the data we are parsing here: key: value So we use strchr() to find ':' and then see if it is followed by space. But the check that does just that is slightly incorrect. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 30 5月, 2016 2 次提交
-
-
由 Michal Privoznik 提交于
Yet another one of those where signed int (or long int) is not enough. And useless to as we're aiming at unsigned anyway. ../../src/util/virsocketaddr.c: In function 'virSocketAddrIsPrivate': ../../src/util/virsocketaddr.c:289:45: error: result of '192l << 24' requires 33 bits to represent, but 'long int' only has 32 bits [-Werror=shift-overflow=] return ((val & 0xFFFF0000) == ((192L << 24) + (168 << 16)) || ^~ ../../src/util/virsocketaddr.c:290:45: error: result of '172l << 24' requires 33 bits to represent, but 'long int' only has 32 bits [-Werror=shift-overflow=] (val & 0xFFF00000) == ((172L << 24) + (16 << 16)) || ^~ cc1: all warnings being treated as errors Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
In 38df47c9 I've tried to prepare our apibuild.py script for change made in 0628f349 (1U << 31). What I've done in the former commit was to replace \d+U in parsed tokens with \d. Problem was, my regular expression there was not quite right as it also translated VIR_123U_VAL into VIR_123_VAL. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 29 5月, 2016 1 次提交
-
-
由 Michal Privoznik 提交于
Now that gnulib has lifted it's licensing of unsetenv, we should use it. Just like we use its counterpart - setenv, already. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 28 5月, 2016 4 次提交
-
-
由 Michal Privoznik 提交于
Apparently, 1 << 31 is signed which in turn does not fit into a signed integer variable: ../../include/libvirt/libvirt-domain.h:1881:57: error: result of '1 << 31' requires 33 bits to represent, but 'int' only has 32 bits [-Werror=shift-overflow=] VIR_CONNECT_GET_ALL_DOMAINS_STATS_ENFORCE_STATS = 1 << 31, /* enforce requested stats */ ^~ cc1: all warnings being treated as errors The solution is to make it an unsigned value. I've found only two such occurrences in our code base. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
The apibuild script is a terrifying beast that parses some source files of ours and produces an XML representation of them. When it comes to parsing enums we have in some header files, it tries to be clever and detect a value that an enum member has (or if it is an alias for a different member). Whilst doing that it has to deal with values we give to the members in many formats. At some places we just pass the value in decimal: VIR_DOMAIN_BLOCK_JOB_TYPE_PULL = 1, in other places, we use the aliasing: VIR_CONNECT_GET_ALL_DOMAINS_STATS_ACTIVE = VIR_CONNECT_LIST_DOMAINS_ACTIVE, and in other places bitwise shifts are used: VIR_CONNECT_GET_ALL_DOMAINS_STATS_ENFORCE_STATS = 1 << 31, /* enforce requested stats */ The script tries to parse all of these resulting in the following tokens: "1", "VIR_CONNECT_LIST_DOMAINS_ACTIVE", "1<<31"; Then, the script tries to turn these into integers using python's eval() function. This function succeeds on the first and the last tokens. But, if we were to modify the last example so that it's of the following form: VIR_CONNECT_GET_ALL_DOMAINS_STATS_ENFORCE_STATS = 1U << 31, /* enforce requested stats */ the token representing enum's member value will then be "1U<<31". So our parsing is good. Unfortunately, python is not aware of the difference between signed and unsigned C types, therefore eval() fails over this token and the parser falls back thinking it's an alias to another enum member. Well it's not. The solution is to transform [0-9]U into [0-9] as for our purposes here it's the same thing. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Eric Blake 提交于
Fix a regression in checking for realpath (which caused link failures regarding duplicate rpl_canonicalize_file_name), and fix the mingw build regarding unsetenv. * .gnulib: Update to latest. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Cole Robinson 提交于
Fedora now ships edk2 firmware in its official repos, so adapt the nvram path list to match. Eventually we can remove the nightly links as well once some integration kinks have been worked out, and documentation updated. Move the macro building into the %build target, which lets us build up a shell variable and make things a bit more readable https://bugzilla.redhat.com/show_bug.cgi?id=1335395
-
- 27 5月, 2016 3 次提交
-
-
由 Katerina Koukiou 提交于
Adjust the code to perform the virLXCDomainObjBeginJob first and then the call virDomainLiveConfigHelperMethod. As Ján Tomko pointed out, in virDomainLiveConfigHelperMethod, there is a check to see if the domain is active when AFFECT_LIVE is set. Since virLXCDomainObjBeginJob unlocks the virDomainObjPtr lock, the domain could possibly be destroyed while we wait for the job and the check results would no longer be valid. Signed-off-by: NKaterina Koukiou <k.koukiou@gmail.com>
-
由 Eric Blake 提交于
Pulls in several portability fixes, including the fact that gnulib now only works on platforms with two's complement signed integers. Also makes for a smaller delta on the next update (we are waiting on a license change to unsetenv for the sake of mingw). * .gnulib: Update to latest. * bootstrap: Resync from upstream. * tests/virstringtest.c: Drop use of obsolete probes of integer properties. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Dawid Zamirski 提交于
This patch fixes an issue where screenshot API call was failing when the esx/vcenter password contains special characters such as apostrophee. The reason for failures was that passwords were escaped for XML and stored in esxVI_Context which was then passed to raw CURL API calls where the password must be passed in original form to authenticate successfully. So this patch addresses this by storing original passwords in the esxVI_Context struct and escape only for esxVI_Login call.
-
- 26 5月, 2016 8 次提交
-
-
由 Andrea Bolognani 提交于
Commit ff212622 changed the error message to be more detailed about the failure at hand; however, while the new error message claims that "bus must be <= index", the error message is displayed if "idx <= addr->bus", ie. when bus is larger than or *equal to* index. Change the error message to report the correct constraint, and format it in a way that mirrors the check exactly to make it clearer to people reading the code. The new error message reads "index must be larger than bus". Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1339900
-
由 Nikolay Shirokovskiy 提交于
This patch aims to fix observed crash on daemon shutdown. Main thread is in the process of state drivers cleanup, network driver is cleaned up and qemu driver is not yet. Meanwhile eof event from qemu process triggers qemuProcessStop -> networkReleaseActualDevice and crash happens as network driver is already cleaned up. Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
-
由 Dawid Zamirski 提交于
This is because there's a known issue where ESX will refuse to attach drives bigger than 4TB when virtualHW < 9. Therefore, to avoid that use the higher virtualHW for hosts that support it. https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2054952
-
由 Dawid Zamirski 提交于
This patch fixes an issue where vMotion fails when VMCI device is not present in the vmx file.
-
由 Dawid Zamirski 提交于
When a SCSI controller is present, ESX adds several pciBridge devices to vmx file. This fixes an error message where it refuses to create VM due to not enough PCI devices available. This applies only to virtualHW version >= 7.
-
由 Laine Stump 提交于
Hand-entering indexes for 20 PCI controllers is not as tedious as manually determining and entering their PCI addresses, but it's still annoying, and the algorithm for determining the proper index is incredibly simple (in all cases except one) - just pick the lowest unused index. The one exception is USB2 controllers because multiple controllers in the same group have the same index. For these we look to see if 1) the most recently added USB controller is also a USB2 controller, and 2) the group *that* controller belongs to doesn't yet have a controller of the exact model we're just now adding - if both are true, the new controller gets the same index, but in all other cases we just assign the lowest unused index. With this patch in place and combined with the automatic PCI address assignment, we can define a PCIe switch with several ports like this: <controller type='pci' model='pcie-root-port'/> <controller type='pci' model='pcie-switch-upstream-port'/> <controller type='pci' model='pcie-switch-downstream-port'/> <controller type='pci' model='pcie-switch-downstream-port'/> <controller type='pci' model='pcie-switch-downstream-port'/> <controller type='pci' model='pcie-switch-downstream-port'/> <controller type='pci' model='pcie-switch-downstream-port'/> ... These will each get a unique index, and PCI addresses that connect them together appropriately with no pesky numbers required.
-
由 Laine Stump 提交于
Make virDomainControllerFindUnusedIndex() a global function so that it can be used outside domain_conf.c (as well as higher up in domain_conf.c itself)/ Also make its DomainDef arg a const* so that functions which only have a const* to the domain can use it.
-
由 Laine Stump 提交于
IS_USB2_CONTROLLER() is useful in more places aside from just when assigning PCI addresses in QEMU, and is checking for enum values that are all defined in conf/domain_conf.h anyway, so define it there instead.
-
- 25 5月, 2016 2 次提交
-
-
由 Chunyan Liu 提交于
Add .domainInterfaceAddresses so that user can have a way to get domain interface address by 'virsh domifaddr'. Currently it only supports '--source lease'. Signed-off: Chunyan Liu <cyliu@suse.com>
-
由 Ján Tomko 提交于
Add support for the slic_table to the security drivers.
-