- 24 6月, 2019 2 次提交
-
-
由 Ján Tomko 提交于
This API can be used to execute arbitrary emulators. Forbid it on read-only connections. Fixes: CVE-2019-10167 Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com> (cherry picked from commit 8afa68ba) Signed-off-by: NJán Tomko <jtomko@redhat.com>
-
由 Ján Tomko 提交于
The virDomainSaveImageGetXMLDesc API is taking a path parameter, which can point to any path on the system. This file will then be read and parsed by libvirtd running with root privileges. Forbid it on read-only connections. Fixes: CVE-2019-10161 Reported-by: NMatthias Gerstner <mgerstner@suse.de> Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com> (cherry picked from commit aed6a032) Signed-off-by: NJán Tomko <jtomko@redhat.com> Conflicts: src/libvirt-domain.c src/remote/remote_protocol.x Upstream commit 12a51f37 which introduced the VIR_DOMAIN_SAVE_IMAGE_XML_SECURE alias for VIR_DOMAIN_XML_SECURE is not backported. Just skip the commit since we now disallow the whole API on read-only connections, regardless of the flag. Signed-off-by: NJán Tomko <jtomko@redhat.com>
-
- 04 10月, 2016 2 次提交
-
-
由 Andrea Bolognani 提交于
Commit ffc49e57 broke syntax-check: cppi: libvirt.spec.in: line 622: not properly indented cppi: libvirt.spec.in: line 624: not properly indented cppi: libvirt.spec.in: line 640: not properly indented cppi: libvirt.spec.in: line 642: not properly indented maint.mk: incorrect preprocessor indentation cfg.mk:697: recipe for target 'sc_spec_indentation' failed Indent the new conditionals properly. (cherry picked from commit 55d8daa0)
-
由 Martin Kletzander 提交于
If this reminds you of a commit message from around a year ago, it's 41c2aa72 and yes, we're dealing with "the same thing" again. Or f309db1f and it's similar. There is a logic in place that if there is no real need for memory-backend-file, qemuBuildMemoryBackendStr() returns 0. However that wasn't the case with hugepage backing. The reason for that was that we abused the 'pagesize' variable for storing that information, but we should rather have a separate one that specifies whether we really need the new object for hugepage backing. And that variable should be set only if this particular NUMA cell needs special treatment WRT hugepages. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1372153Signed-off-by: NMartin Kletzander <mkletzan@redhat.com> (cherry picked from commit 4372a7845acbc6974f6027ef68e7dd3eeb47f425)
-
- 17 8月, 2016 1 次提交
-
-
由 John Ferlan 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1182074 Since libvirt still uses a legacy qemu arg format to add a disk, the manner in which the 'password-secret' argument is passed to qemu needs to change to prepend a 'file.' If in the future, usage of the more modern disk format, then the prepended 'file.' can be removed. Fix based on Jim Fehlig <jfehlig@suse.com> posting and subsequent upstream list followups, see: http://www.redhat.com/archives/libvir-list/2016-August/msg00777.html for details. Introduced by commit id 'a1344f70'. (cherry picked from commit d53d4650) Resolved a couple of conflicts due to upstream commits not present in the v2.0-maint branch
-
- 14 7月, 2016 1 次提交
-
-
由 Daniel P. Berrange 提交于
The systemd-machined tools libvirt uses were split into a systemd-container RPM. Without depending on this, libvirt may silently fallback to the non-systemd cgroup impl which is not desirable. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit ffc49e57)
-
- 01 7月, 2016 1 次提交
-
-
由 Daniel Veillard 提交于
* docs/news.html.in: update documentation * po/*.po*: regenerate
-
- 30 6月, 2016 10 次提交
-
-
由 Martin Kletzander 提交于
This almost reverts b7200d72. The size is increased from 11M to 13M and the compression is sped up from 2 minutes to 17 seconds. The compression level is removed because -9 doesn't allow multiple threads to be spawned. Effectively speeds up distcheck as well. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Peter Krempa 提交于
virTypedParameterAssign steals the string rather than copying it into the typed parameter and thus freeing it leads to a crash when attempting to serialize the results. This was introduced in commit 9f50f6e2 and later made an universal helper in 32e6339c. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1351473
-
由 Peter Krempa 提交于
Some code paths already assume that it is allocated since it was always allocated by virDomainPerfDefParseXML. Make it member of virDomainDef directly so that we don't have to allocate it all the time. This fixes crash when attempting to connect to an existing process via virDomainQemuAttach since we would not allocate it in that code path. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1350688
-
由 Jiri Denemark 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1046833Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Marc Hartmayer 提交于
Verify that SCSI controllers get created automatically when a SCSI disk is hot-plugged to a domain that doesn't have a matching SCSI controller defined already. Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com>
-
由 Marc Hartmayer 提交于
Ensure that the given controller and all controllers with a smaller index exist; there must not be any missing index in between. Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Reviewed-by: NBjoern Walk <bwalk@linux.vnet.ibm.com> Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com>
-
由 Marc Hartmayer 提交于
The commit "qemu: hot-plug: Assume support for -device in qemuDomainAttachSCSIDisk" dropped the code for the automatic SCSI controller creation used in SCSI disk hot-plugging. If we are hot-plugging a SCSI disk to a domain and there is no proper SCSI controller defined, it results in an "error: internal error: Could not find scsi controller with index X required for device" error. For that reason reverting a hunk of the commit d4d32005. This patch also adds an extra comment to the code to clarify the loop. Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Reviewed-by: NBjoern Walk <bwalk@linux.vnet.ibm.com> Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com>
-
由 Jiri Denemark 提交于
CVE-2016-5008 Setting an empty graphics password is documented as a way to disable VNC/SPICE access, but QEMU does not always behaves like that. VNC would happily accept the empty password. Let's enforce the behavior by setting password expiration to "now". https://bugzilla.redhat.com/show_bug.cgi?id=1180092Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Jiri Denemark 提交于
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Jean-Marc Liger 提交于
RHEL-6 still needs to use libnl instead of libnl3, so re-add the spec conditional mistakenly removed in commit 3694e038 Author: Daniel P. Berrange <berrange@redhat.com> Date: Wed May 4 15:43:08 2016 +0100 libvirt.spec.in: drop Fedora < 20 and RHEL < 6
-
- 29 6月, 2016 2 次提交
-
-
由 Erik Skultety 提交于
Similarly to what virsh virt-login-shell do, call virAdmInitialize prior to initializing an event loop and initializing the error handler. Commit 97973ebb described and fixed an identical issue for libvirt_lxc. Since virAdmInitialize becomes a public API after applying this patch, the symbol is also added to public syms and the doc string of the method is slightly enhanced analogically to virInitialize. Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
由 Ján Tomko 提交于
virNetServerClientGetInfo returns the client's remote address as a string, which is a part of the client object. Use VIR_STRDUP to make a copy which can be freely accessed even after the virNetServerClient object is unlocked. To reproduce, put a sleep between virObjectUnlock in virNetServerClientGetInfo and virTypedParamsAddString in adminClientGetInfo, then close the queried connection during that sleep.
-
- 28 6月, 2016 5 次提交
-
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1316370 Consider the following disk for a domain: <disk type='volume' device='cdrom'> <driver name='qemu' type='raw'/> <auth username='libvirt'> <secret type='iscsi' usage='libvirtiscsi'/> </auth> <source pool='iscsi-secret-pool' volume='unit:0:0:0' mode='direct' startupPolicy='optional'/> <target dev='sda' bus='scsi'/> <readonly/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> Now, startupPolicy is currently not allowed for iscsi disks, so one would expect an error message to be thrown. But what a surprise is waiting for users if they try to start up such domain: ==15724== Invalid free() / delete / delete[] / realloc() ==15724== at 0x4C2B1F0: free (vg_replace_malloc.c:473) ==15724== by 0x54B7A69: virFree (viralloc.c:582) ==15724== by 0x552DC90: virStorageAuthDefFree (virstoragefile.c:1549) ==15724== by 0x552F023: virStorageSourceClear (virstoragefile.c:2055) ==15724== by 0x552F054: virStorageSourceFree (virstoragefile.c:2067) ==15724== by 0x55556AA: virDomainDiskDefFree (domain_conf.c:1562) ==15724== by 0x5557ABE: virDomainDefFree (domain_conf.c:2547) ==15724== by 0x1B43CC42: qemuProcessStop (qemu_process.c:5918) ==15724== by 0x1B43BA2E: qemuProcessStart (qemu_process.c:5511) ==15724== by 0x1B48993E: qemuDomainObjStart (qemu_driver.c:7050) ==15724== by 0x1B489B9A: qemuDomainCreateWithFlags (qemu_driver.c:7104) ==15724== by 0x1B489C01: qemuDomainCreate (qemu_driver.c:7122) ==15724== Address 0x21cfbb90 is 0 bytes inside a block of size 48 free'd ==15724== at 0x4C2B1F0: free (vg_replace_malloc.c:473) ==15724== by 0x54B7A69: virFree (viralloc.c:582) ==15724== by 0x552DC90: virStorageAuthDefFree (virstoragefile.c:1549) ==15724== by 0x12D1C8D4: virStorageTranslateDiskSourcePool (storage_driver.c:3475) ==15724== by 0x1B4396E4: qemuProcessPrepareDomain (qemu_process.c:4896) ==15724== by 0x1B43B880: qemuProcessStart (qemu_process.c:5466) ==15724== by 0x1B48993E: qemuDomainObjStart (qemu_driver.c:7050) ==15724== by 0x1B489B9A: qemuDomainCreateWithFlags (qemu_driver.c:7104) ==15724== by 0x1B489C01: qemuDomainCreate (qemu_driver.c:7122) ==15724== by 0x561CA97: virDomainCreate (libvirt-domain.c:6787) ==15724== by 0x12B6FD: remoteDispatchDomainCreate (remote_dispatch.h:4116) ==15724== by 0x12B61A: remoteDispatchDomainCreateHelper (remote_dispatch.h:4092) The problem is, in virStorageTranslateDiskSourcePool disk def->src->auth is freed, but the pointer is not set to NULL. So later, when qemuProcessStop starts to free the domain definition, virStorageAuthDefFree() tries to free the memory again, instead of jumping out immediately. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Jaroslav Suchanek 提交于
Reorder code for setting default log level from cmdline prior initialization of log outputs. Thus the --verbose option is reflected. This resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1325072
-
由 Jiri Denemark 提交于
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Andrea Bolognani 提交于
-
由 Olga Krishtal 提交于
Patch fixes vz build after changes in IP-related netdev functions(cf0568b0, fbc1843d). Signed-off-by: NOlga Krishtal <okrishtal@virtuozzo.com>
-
- 27 6月, 2016 16 次提交
-
-
由 Andrea Bolognani 提交于
Commit cf0568b0 moved a bunch of functions from virNetDev to the more specific virNetDevIP; however, not all of the existing uses were moved properly, causing build failures on FreeBSD. Complete the transition to the new names and drop the obsolete declarations from the header file while at it.
-
由 Andrea Bolognani 提交于
Not including the header causes util/virnetdevip.c:520:5: error: unknown type name 'virCommandPtr'; did you mean 'virCondPtr'? virCommandPtr cmd = NULL; ^~~~~~~~~~~~~ and plenty more similar failures when compiling on FreeBSD.
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1343442 When a client connects, it is placed into a queue. As soon as it authenticate, it is taken out of that queue and placed into a different one. Now, we have a setting in the daemon config file that allows users to control the length of the queue of yet not authenticated clients. By default, it has a value 20 but in the description to the config knob we clam it's zero. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Laine Stump 提交于
For type='ethernet' interfaces only.
-
由 Laine Stump 提交于
-
由 Laine Stump 提交于
This will apply to any IP address setting that uses virNetDevIPInfoAddToDev() (which so far is only the guest-side of LXC type='ethernet' interfaces).
-
由 Laine Stump 提交于
This is place as a sub-element of <source>, where other aspects of the host-side connection to the network device are located (network or bridge name, udp listen port, etc). It's a bit odd that the interface we're configuring with this info is itself named in <target dev='x'/>, but that ship sailed long ago: <interface type='ethernet'> <mac address='00:16:3e:0f:ef:8a'/> <source> <ip address='192.168.122.12' family='ipv4' prefix='24' peer='192.168.122.1'/> <ip address='192.168.122.13' family='ipv4' prefix='24'/> <route family='ipv4' address='0.0.0.0' gateway='192.168.122.1'/> <route family='ipv4' address='192.168.124.0' prefix='24' gateway='192.168.124.1'/> </source> </interface> In practice, this will likely only be useful for type='ethernet', so its presence in any other type of interface is currently forbidden in the generic device Validate function (but it's been put into the general population of virDomainNetDef rather than the ethernet-specific union member so that 1) we can more easily add the capability to other types, and 2) we can retain the info when set to an invalid interface type all the way through to validation and report a proper error, rather than just ignoring it (which is currently what happens for many other type-specific settings). (NB: The already-existing configuration of IP info for the guest-side of interfaces is in subelements directly under <interface>, and the name of the guest-side interface (when configurable) is in <guest dev='x'/>).
-
由 Vasiliy Tolstov 提交于
The peer attribute is used to set the property of the same name in the interface IP info: <interface type='ethernet'> ... <ip family='ipv4' address='192.168.122.5' prefix='32' peer='192.168.122.6'/> ... </interface> Note that this element is used to set the IP information on the *guest* side interface, not the host side interface - that will be supported in an upcoming patch. (This is an updated *re*-commit of commit 690969af, which was subsequently reverted in commit 1d14b13f). Signed-off-by: NVasiliy Tolstov <v.tolstov@selfip.ru> Signed-off-by: NLaine Stump <laine@laine.org>
-
由 Laine Stump 提交于
This patch takes the code out of lxcContainerRenameAndEnableInterfaces() that adds all IP addresses and IP routes to the interface, and puts it into a utility function virNetDevIPInfoAddToDev() in virnetdevip.c so that it can be used by anyone. One small change in functionality - lxcContainerRenameAndEnableInterfaces() previously would add all IP addresses to the interface while it was still offline, then set the interface online, and then add the routes. Because I don't want the utility function to set the interface online, I've moved this up so the interface is first set online, then IP addresses and routes are added. This is the same order that the network service from initscripts (in ifup-ether) does it, so it shouldn't pose any problem (and hasn't, in the tests that I've run).
-
由 Laine Stump 提交于
It makes more sense to have the logging at the lower level so other callers can share the goodness. While removing so much stuff from / touching so many lines in lxcContainerRenameAndEnableInterfaces() (which used to have this debug/error logging), label names were changed and it was updated to use the now-more-common method of initializing ret to -1 (failure), then setting to 0 right before the cleanup label.