Compare commits
10 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Daniel P. Berrange
|
576c952d6c | ||
|
Daniel Veillard
|
6cba2d7c9e | ||
|
Daniel Veillard
|
824ac1932d | ||
|
Daniel Veillard
|
2457ff7037 | ||
|
Daniel Veillard
|
d8ce9b00e6 | ||
|
Daniel P. Berrange
|
5238691972 | ||
|
Daniel P. Berrange
|
49bd0fe0f6 | ||
|
Daniel P. Berrange
|
f57c13f43b | ||
|
Daniel Veillard
|
b4531a6202 | ||
|
Jesse Keating
|
0685aa3535 |
@@ -1,31 +0,0 @@
|
||||
[suppress_function]
|
||||
symbol_version_regexp = LIBVIRT_PRIVATE.*
|
||||
soname_regexp = libvirt\\.so.*
|
||||
|
||||
[suppress_function]
|
||||
symbol_version_regexp = LIBVIRT_ADMIN_PRIVATE.*
|
||||
soname_regexp = libvirt-admin\\.so.*
|
||||
|
||||
[suppress_variable]
|
||||
symbol_version_regexp = LIBVIRT_PRIVATE.*
|
||||
soname_regexp = libvirt\\.so.*
|
||||
|
||||
[suppress_variable]
|
||||
symbol_version_regexp = LIBVIRT_ADMIN_PRIVATE.*
|
||||
soname_regexp = libvirt-admin\\.so.*
|
||||
|
||||
[suppress_function]
|
||||
symbol_version_regexp = .*
|
||||
soname_regexp = libvirt_storage_.*\\.so.*
|
||||
|
||||
[suppress_variable]
|
||||
symbol_version_regexp = .*
|
||||
soname_regexp = libvirt_storage_.*\\.so.*
|
||||
|
||||
[suppress_function]
|
||||
symbol_version_regexp = .*
|
||||
soname_regexp = libvirt_driver_.*\\.so.*
|
||||
|
||||
[suppress_variable]
|
||||
symbol_version_regexp = .*
|
||||
soname_regexp = libvirt_driver_.*\\.so.*
|
||||
+24
@@ -0,0 +1,24 @@
|
||||
libvirt-0.0.3.tar.gz
|
||||
libvirt-0.0.4.tar.gz
|
||||
libvirt-0.0.5.tar.gz
|
||||
libvirt-0.0.6.tar.gz
|
||||
libvirt-0.1.0.tar.gz
|
||||
libvirt-0.1.2.tar.gz
|
||||
libvirt-0.1.1.tar.gz
|
||||
libvirt-0.1.3.tar.gz
|
||||
libvirt-0.1.4.tar.gz
|
||||
libvirt-0.1.5.tar.gz
|
||||
libvirt-0.1.6.tar.gz
|
||||
libvirt-0.1.7.tar.gz
|
||||
libvirt-0.1.8.tar.gz
|
||||
libvirt-0.1.9.tar.gz
|
||||
libvirt-0.1.10.tar.gz
|
||||
libvirt-0.1.11.tar.gz
|
||||
libvirt-0.2.0.tar.gz
|
||||
libvirt-0.2.1.tar.gz
|
||||
libvirt-0.2.2.tar.gz
|
||||
libvirt-0.2.3.tar.gz
|
||||
libvirt-0.3.0.tar.gz
|
||||
libvirt-0.3.1.tar.gz
|
||||
libvirt-0.3.2.tar.gz
|
||||
libvirt-0.3.3.tar.gz
|
||||
@@ -1,5 +0,0 @@
|
||||
.build*.log
|
||||
*.rpm
|
||||
i686
|
||||
x86_64
|
||||
libvirt-*.tar.xz
|
||||
@@ -1,40 +0,0 @@
|
||||
From 6f3ee0c553bafec957e69df7fc42f83985d55c0f Mon Sep 17 00:00:00 2001
|
||||
From: Martin Kletzander <mkletzan@redhat.com>
|
||||
Date: Tue, 27 Feb 2024 16:20:12 +0100
|
||||
Subject: [PATCH] Fix off-by-one error in udevListInterfacesByStatus
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Ever since this function was introduced in 2012 it could've tried
|
||||
filling in an extra interface name. That was made worse in 2019 when
|
||||
the caller functions started accepting NULL arrays of size 0.
|
||||
|
||||
This is assigned CVE-2024-1441.
|
||||
|
||||
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
Reported-by: Alexander Kuznetsov <kuznetsovam@altlinux.org>
|
||||
Fixes: 5a33366f5c0b18c93d161bd144f9f079de4ac8ca
|
||||
Fixes: d6064e2759a24e0802f363e3a810dc5a7d7ebb15
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit c664015fe3a7bf59db26686e9ed69af011c6ebb8)
|
||||
---
|
||||
src/interface/interface_backend_udev.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/interface/interface_backend_udev.c b/src/interface/interface_backend_udev.c
|
||||
index ef334f175b..abeb766294 100644
|
||||
--- a/src/interface/interface_backend_udev.c
|
||||
+++ b/src/interface/interface_backend_udev.c
|
||||
@@ -222,7 +222,7 @@ udevListInterfacesByStatus(virConnectPtr conn,
|
||||
g_autoptr(virInterfaceDef) def = NULL;
|
||||
|
||||
/* Ensure we won't exceed the size of our array */
|
||||
- if (count > names_len)
|
||||
+ if (count >= names_len)
|
||||
break;
|
||||
|
||||
path = udev_list_entry_get_name(dev_entry);
|
||||
--
|
||||
2.43.0
|
||||
|
||||
@@ -1,90 +0,0 @@
|
||||
From 13ea81b22cde0a429aa1de8b58655296084ce8d7 Mon Sep 17 00:00:00 2001
|
||||
From: Dmitry Frolov <frolov@swemel.ru>
|
||||
Date: Tue, 12 Sep 2023 15:56:47 +0300
|
||||
Subject: [PATCH] interface: fix udev_device_get_sysattr_value return value
|
||||
check
|
||||
|
||||
Reviewing the code I found that return value of function
|
||||
udev_device_get_sysattr_value() is dereferenced without a check.
|
||||
udev_device_get_sysattr_value() may return NULL by number of reasons.
|
||||
|
||||
v2: VIR_DEBUG added, replaced STREQ(NULLSTR()) with STREQ_NULLABLE()
|
||||
v3: More checks added, to skip earlier. More verbose VIR_DEBUG.
|
||||
|
||||
Signed-off-by: Dmitry Frolov <frolov@swemel.ru>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit 2ca94317ac642a70921947150ced8acc674ccdc8)
|
||||
---
|
||||
src/interface/interface_backend_udev.c | 26 +++++++++++++++++++-------
|
||||
1 file changed, 19 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/src/interface/interface_backend_udev.c b/src/interface/interface_backend_udev.c
|
||||
index 54b43fb999..ef334f175b 100644
|
||||
--- a/src/interface/interface_backend_udev.c
|
||||
+++ b/src/interface/interface_backend_udev.c
|
||||
@@ -23,6 +23,7 @@
|
||||
#include <dirent.h>
|
||||
#include <libudev.h>
|
||||
|
||||
+#include "virlog.h"
|
||||
#include "virerror.h"
|
||||
#include "virfile.h"
|
||||
#include "datatypes.h"
|
||||
@@ -40,6 +41,8 @@
|
||||
|
||||
#define VIR_FROM_THIS VIR_FROM_INTERFACE
|
||||
|
||||
+VIR_LOG_INIT("interface.interface_backend_udev");
|
||||
+
|
||||
struct udev_iface_driver {
|
||||
struct udev *udev;
|
||||
/* pid file FD, ensures two copies of the driver can't use the same root */
|
||||
@@ -354,11 +357,20 @@ udevConnectListAllInterfaces(virConnectPtr conn,
|
||||
const char *macaddr;
|
||||
g_autoptr(virInterfaceDef) def = NULL;
|
||||
|
||||
- path = udev_list_entry_get_name(dev_entry);
|
||||
- dev = udev_device_new_from_syspath(udev, path);
|
||||
- name = udev_device_get_sysname(dev);
|
||||
+ if (!(path = udev_list_entry_get_name(dev_entry))) {
|
||||
+ VIR_DEBUG("Skipping interface, path == NULL");
|
||||
+ continue;
|
||||
+ }
|
||||
+ if (!(dev = udev_device_new_from_syspath(udev, path))) {
|
||||
+ VIR_DEBUG("Skipping interface '%s', dev == NULL", path);
|
||||
+ continue;
|
||||
+ }
|
||||
+ if (!(name = udev_device_get_sysname(dev))) {
|
||||
+ VIR_DEBUG("Skipping interface '%s', name == NULL", path);
|
||||
+ continue;
|
||||
+ }
|
||||
macaddr = udev_device_get_sysattr_value(dev, "address");
|
||||
- status = STREQ(udev_device_get_sysattr_value(dev, "operstate"), "up");
|
||||
+ status = STREQ_NULLABLE(udev_device_get_sysattr_value(dev, "operstate"), "up");
|
||||
|
||||
def = udevGetMinimalDefForDevice(dev);
|
||||
if (!virConnectListAllInterfacesCheckACL(conn, def)) {
|
||||
@@ -962,9 +974,9 @@ udevGetIfaceDef(struct udev *udev, const char *name)
|
||||
|
||||
/* MTU */
|
||||
mtu_str = udev_device_get_sysattr_value(dev, "mtu");
|
||||
- if (virStrToLong_ui(mtu_str, NULL, 10, &mtu) < 0) {
|
||||
+ if (!mtu_str || virStrToLong_ui(mtu_str, NULL, 10, &mtu) < 0) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR,
|
||||
- _("Could not parse MTU value '%s'"), mtu_str);
|
||||
+ _("Could not parse MTU value '%s'"), NULLSTR(mtu_str));
|
||||
goto error;
|
||||
}
|
||||
ifacedef->mtu = mtu;
|
||||
@@ -1087,7 +1099,7 @@ udevInterfaceIsActive(virInterfacePtr ifinfo)
|
||||
goto cleanup;
|
||||
|
||||
/* Check if it's active or not */
|
||||
- status = STREQ(udev_device_get_sysattr_value(dev, "operstate"), "up");
|
||||
+ status = STREQ_NULLABLE(udev_device_get_sysattr_value(dev, "operstate"), "up");
|
||||
|
||||
udev_device_unref(dev);
|
||||
|
||||
--
|
||||
2.43.0
|
||||
|
||||
@@ -1,58 +0,0 @@
|
||||
From: Peter Krempa <pkrempa@redhat.com>
|
||||
Date: Thu, 9 Feb 2023 09:40:32 +0100
|
||||
Subject: [PATCH] qemuProcessRefreshDisks: Don't skip filling of disk
|
||||
information if tray state didn't change
|
||||
Content-type: text/plain
|
||||
|
||||
Commit 5ef2582646eb98 added emitting of even when refreshign disk state,
|
||||
where it wanted to avoid sending the event if disk state didn't change.
|
||||
This was achieved by using 'continue' in the loop filling the
|
||||
information. Unfortunately this skips extraction of whether the device
|
||||
has a tray which is propagated into internal structures, which in turn
|
||||
broke cdrom media change as the code thought there's no tray for the
|
||||
device.
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2166411
|
||||
Fixes: 5ef2582646eb98af208ce37355f82bdef39931fa
|
||||
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
|
||||
(cherry picked from commit 86cfe93ef7fdc2d665a2fc88b79af89e7978ba78)
|
||||
---
|
||||
src/qemu/qemu_process.c | 11 +++++------
|
||||
1 file changed, 5 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
|
||||
index ee9f0784d3..0c408ee547 100644
|
||||
--- a/src/qemu/qemu_process.c
|
||||
+++ b/src/qemu/qemu_process.c
|
||||
@@ -8724,16 +8724,13 @@ qemuProcessRefreshDisks(virDomainObj *vm,
|
||||
continue;
|
||||
|
||||
if (info->removable) {
|
||||
- virObjectEvent *event = NULL;
|
||||
+ bool emitEvent = info->tray_open != disk->tray_status;
|
||||
int reason;
|
||||
|
||||
if (info->empty)
|
||||
virDomainDiskEmptySource(disk);
|
||||
|
||||
if (info->tray) {
|
||||
- if (info->tray_open == disk->tray_status)
|
||||
- continue;
|
||||
-
|
||||
if (info->tray_open) {
|
||||
reason = VIR_DOMAIN_EVENT_TRAY_CHANGE_OPEN;
|
||||
disk->tray_status = VIR_DOMAIN_DISK_TRAY_OPEN;
|
||||
@@ -8742,8 +8739,10 @@ qemuProcessRefreshDisks(virDomainObj *vm,
|
||||
disk->tray_status = VIR_DOMAIN_DISK_TRAY_CLOSED;
|
||||
}
|
||||
|
||||
- event = virDomainEventTrayChangeNewFromObj(vm, disk->info.alias, reason);
|
||||
- virObjectEventStateQueue(driver->domainEventState, event);
|
||||
+ if (emitEvent) {
|
||||
+ virObjectEvent *event = virDomainEventTrayChangeNewFromObj(vm, disk->info.alias, reason);
|
||||
+ virObjectEventStateQueue(driver->domainEventState, event);
|
||||
+ }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,39 +0,0 @@
|
||||
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
||||
Date: Wed, 18 Jan 2023 09:45:52 +0000
|
||||
Subject: [PATCH] ch: use CURLOPT_UPLOAD instead of CURLOPT_PUT
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
Content-type: text/plain
|
||||
|
||||
The CURLOPT_PUT constant causes a deprecation warning when compiling on
|
||||
Alpine Edge. The docs indicate it is deprecated since 7.2.1
|
||||
|
||||
https://curl.se/libcurl/c/CURLOPT_PUT.html
|
||||
|
||||
Since 7.87 the deprecation is now exposed at build time via a compiler
|
||||
warning.
|
||||
|
||||
We already use CURLOPT_UPLOAD in the ESX driver, so this brings the CH
|
||||
driver into line.
|
||||
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
||||
(cherry picked from commit 9cd70fb25cad171e415fb05a4e01f244304c602e)
|
||||
---
|
||||
src/ch/ch_monitor.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/ch/ch_monitor.c b/src/ch/ch_monitor.c
|
||||
index 8d8654332f..7b8f0a8077 100644
|
||||
--- a/src/ch/ch_monitor.c
|
||||
+++ b/src/ch/ch_monitor.c
|
||||
@@ -660,7 +660,7 @@ virCHMonitorPutNoContent(virCHMonitor *mon, const char *endpoint)
|
||||
|
||||
curl_easy_setopt(mon->handle, CURLOPT_UNIX_SOCKET_PATH, mon->socketpath);
|
||||
curl_easy_setopt(mon->handle, CURLOPT_URL, url);
|
||||
- curl_easy_setopt(mon->handle, CURLOPT_PUT, true);
|
||||
+ curl_easy_setopt(mon->handle, CURLOPT_UPLOAD, 1L);
|
||||
curl_easy_setopt(mon->handle, CURLOPT_HTTPHEADER, NULL);
|
||||
|
||||
responseCode = virCHMonitorCurlPerform(mon->handle);
|
||||
@@ -1,56 +0,0 @@
|
||||
From 9a47442366fcf8a7b6d7422016d7bbb6764a1098 Mon Sep 17 00:00:00 2001
|
||||
From: Peter Krempa <pkrempa@redhat.com>
|
||||
Date: Thu, 13 Jul 2023 16:16:37 +0200
|
||||
Subject: [PATCH] storage: Fix returning of locked objects from
|
||||
'virStoragePoolObjListSearch'
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
CVE-2023-3750
|
||||
|
||||
'virStoragePoolObjListSearch' explicitly documents that it's returning
|
||||
a pointer to a locked and ref'd pool that maches the lookup function.
|
||||
|
||||
This was not the case as in commit 0c4b391e2a9 (released in
|
||||
libvirt-8.3.0) the code was accidentally converted to use 'VIR_LOCK_GUARD'
|
||||
which auto-unlocked it when leaving the scope, even when the code was
|
||||
originally "leaking" the lock.
|
||||
|
||||
Revert the corresponding conversion and add a comment that this function
|
||||
is intentionally leaking a locked object.
|
||||
|
||||
Fixes: 0c4b391e2a9
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2221851
|
||||
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
Signed-off-by: Han Han <hhan@redhat.com>
|
||||
---
|
||||
src/conf/virstorageobj.c | 7 ++++++-
|
||||
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/conf/virstorageobj.c b/src/conf/virstorageobj.c
|
||||
index 7010e97d61..59fa5da372 100644
|
||||
--- a/src/conf/virstorageobj.c
|
||||
+++ b/src/conf/virstorageobj.c
|
||||
@@ -454,11 +454,16 @@ virStoragePoolObjListSearchCb(const void *payload,
|
||||
virStoragePoolObj *obj = (virStoragePoolObj *) payload;
|
||||
struct _virStoragePoolObjListSearchData *data =
|
||||
(struct _virStoragePoolObjListSearchData *)opaque;
|
||||
- VIR_LOCK_GUARD lock = virObjectLockGuard(obj);
|
||||
|
||||
+ virObjectLock(obj);
|
||||
+
|
||||
+ /* If we find the matching pool object we must return while the object is
|
||||
+ * locked as the caller wants to return a locked object. */
|
||||
if (data->searcher(obj, data->opaque))
|
||||
return 1;
|
||||
|
||||
+ virObjectUnlock(obj);
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
||||
--
|
||||
2.41.0
|
||||
|
||||
@@ -1,51 +0,0 @@
|
||||
From 6425a311b8ad19d6f9c0b315bf1d722551ea3585 Mon Sep 17 00:00:00 2001
|
||||
From: Tim Shearer <TShearer@adva.com>
|
||||
Date: Mon, 1 May 2023 13:15:48 +0000
|
||||
Subject: [PATCH] virpci: Resolve leak in virPCIVirtualFunctionList cleanup
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Repeatedly querying an SR-IOV PCI device's capabilities exposes a
|
||||
memory leak caused by a failure to free the virPCIVirtualFunction
|
||||
array within the parent struct's g_autoptr cleanup.
|
||||
|
||||
Valgrind output after getting a single interface's XML description
|
||||
1000 times:
|
||||
|
||||
==325982== 256,000 bytes in 1,000 blocks are definitely lost in loss record 2,634 of 2,635
|
||||
==325982== at 0x4C3C096: realloc (vg_replace_malloc.c:1437)
|
||||
==325982== by 0x59D952D: g_realloc (in /usr/lib64/libglib-2.0.so.0.5600.4)
|
||||
==325982== by 0x4EE1F52: virReallocN (viralloc.c:52)
|
||||
==325982== by 0x4EE1FB7: virExpandN (viralloc.c:78)
|
||||
==325982== by 0x4EE219A: virInsertElementInternal (viralloc.c:183)
|
||||
==325982== by 0x4EE23B2: virAppendElement (viralloc.c:288)
|
||||
==325982== by 0x4F65D85: virPCIGetVirtualFunctionsFull (virpci.c:2389)
|
||||
==325982== by 0x4F65753: virPCIGetVirtualFunctions (virpci.c:2256)
|
||||
==325982== by 0x505CB75: virNodeDeviceGetPCISRIOVCaps (node_device_conf.c:2969)
|
||||
==325982== by 0x505D181: virNodeDeviceGetPCIDynamicCaps (node_device_conf.c:3099)
|
||||
==325982== by 0x505BC4E: virNodeDeviceUpdateCaps (node_device_conf.c:2677)
|
||||
==325982== by 0x260FCBB2: nodeDeviceGetXMLDesc (node_device_driver.c:355)
|
||||
|
||||
Signed-off-by: Tim Shearer <tshearer@adva.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
Signed-off-by: Han Han <hhan@redhat.com>
|
||||
---
|
||||
src/util/virpci.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/src/util/virpci.c b/src/util/virpci.c
|
||||
index 9e564e4a4f..cc2b07bbba 100644
|
||||
--- a/src/util/virpci.c
|
||||
+++ b/src/util/virpci.c
|
||||
@@ -2245,6 +2245,7 @@ virPCIVirtualFunctionListFree(virPCIVirtualFunctionList *list)
|
||||
g_free(list->functions[i].ifname);
|
||||
}
|
||||
|
||||
+ g_free(list->functions);
|
||||
g_free(list);
|
||||
}
|
||||
|
||||
--
|
||||
2.41.0
|
||||
|
||||
@@ -0,0 +1,21 @@
|
||||
# Makefile for source rpm: libvirt
|
||||
# $Id$
|
||||
NAME := libvirt
|
||||
SPECFILE = $(firstword $(wildcard *.spec))
|
||||
|
||||
define find-makefile-common
|
||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(find-makefile-common))
|
||||
|
||||
ifeq ($(MAKEFILE_COMMON),)
|
||||
# attempt a checkout
|
||||
define checkout-makefile-common
|
||||
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
|
||||
endif
|
||||
|
||||
include $(MAKEFILE_COMMON)
|
||||
@@ -0,0 +1,48 @@
|
||||
diff -rup libvirt-0.4.1.orig/qemud/qemud.c libvirt-0.4.1.new/qemud/qemud.c
|
||||
--- libvirt-0.4.1.orig/qemud/qemud.c 2008-03-10 17:31:09.000000000 -0400
|
||||
+++ libvirt-0.4.1.new/qemud/qemud.c 2008-03-10 17:31:36.000000000 -0400
|
||||
@@ -393,7 +393,7 @@ static int qemudGoDaemon(void) {
|
||||
case -1:
|
||||
return -1;
|
||||
default:
|
||||
- return nextpid;
|
||||
+ _exit(0);
|
||||
}
|
||||
|
||||
cleanup:
|
||||
@@ -418,8 +418,7 @@ static int qemudGoDaemon(void) {
|
||||
status != 0) {
|
||||
return -1;
|
||||
}
|
||||
-
|
||||
- return pid;
|
||||
+ _exit(0);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -2116,16 +2115,12 @@ int main(int argc, char **argv) {
|
||||
goto error1;
|
||||
|
||||
if (godaemon) {
|
||||
- int pid;
|
||||
openlog("libvirtd", 0, 0);
|
||||
- pid = qemudGoDaemon();
|
||||
- if (pid < 0) {
|
||||
+ if (qemudGoDaemon() < 0) {
|
||||
qemudLog(QEMUD_ERR, _("Failed to fork as daemon: %s"),
|
||||
strerror(errno));
|
||||
goto error1;
|
||||
}
|
||||
- if (pid > 0)
|
||||
- goto out;
|
||||
|
||||
/* Choose the name of the PID file. */
|
||||
if (!pid_file) {
|
||||
@@ -2172,7 +2167,6 @@ int main(int argc, char **argv) {
|
||||
if (godaemon)
|
||||
closelog();
|
||||
|
||||
- out:
|
||||
ret = 0;
|
||||
|
||||
error2:
|
||||
@@ -0,0 +1,400 @@
|
||||
diff -rup libvirt-0.4.1.orig/configure.in libvirt-0.4.1.new/configure.in
|
||||
--- libvirt-0.4.1.orig/configure.in 2008-03-03 09:14:19.000000000 -0500
|
||||
+++ libvirt-0.4.1.new/configure.in 2008-04-03 15:37:49.000000000 -0400
|
||||
@@ -450,10 +450,6 @@ if test "x$with_polkit" = "xyes" -o "x$w
|
||||
CFLAGS="$old_CFLAGS"
|
||||
LDFLAGS="$old_LDFLAGS"
|
||||
|
||||
- AC_PATH_PROG(POLKIT_GRANT, polkit-grant)
|
||||
- if test "x$POLKIT_GRANT" != "x"; then
|
||||
- AC_DEFINE_UNQUOTED([POLKIT_GRANT],["$POLKIT_GRANT"],[Location of polkit-grant program])
|
||||
- fi
|
||||
AC_PATH_PROG(POLKIT_AUTH, polkit-auth)
|
||||
if test "x$POLKIT_AUTH" != "x"; then
|
||||
AC_DEFINE_UNQUOTED([POLKIT_AUTH],["$POLKIT_AUTH"],[Location of polkit-auth program])
|
||||
diff -rup libvirt-0.4.1.orig/qemud/internal.h libvirt-0.4.1.new/qemud/internal.h
|
||||
--- libvirt-0.4.1.orig/qemud/internal.h 2008-01-24 12:07:43.000000000 -0500
|
||||
+++ libvirt-0.4.1.new/qemud/internal.h 2008-04-03 15:38:03.000000000 -0400
|
||||
@@ -179,6 +179,9 @@ void qemudLog(int priority, const char *
|
||||
void remoteDispatchClientRequest (struct qemud_server *server,
|
||||
struct qemud_client *client);
|
||||
|
||||
+#if HAVE_POLKIT
|
||||
+int qemudGetSocketIdentity(int fd, uid_t *uid, pid_t *pid);
|
||||
+#endif
|
||||
|
||||
#endif
|
||||
|
||||
diff -rup libvirt-0.4.1.orig/qemud/qemud.c libvirt-0.4.1.new/qemud/qemud.c
|
||||
--- libvirt-0.4.1.orig/qemud/qemud.c 2008-04-03 15:39:15.000000000 -0400
|
||||
+++ libvirt-0.4.1.new/qemud/qemud.c 2008-04-03 15:38:03.000000000 -0400
|
||||
@@ -1040,6 +1040,28 @@ remoteCheckAccess (struct qemud_client *
|
||||
return 0;
|
||||
}
|
||||
|
||||
+#if HAVE_POLKIT
|
||||
+int qemudGetSocketIdentity(int fd, uid_t *uid, pid_t *pid) {
|
||||
+#ifdef SO_PEERCRED
|
||||
+ struct ucred cr;
|
||||
+ unsigned int cr_len = sizeof (cr);
|
||||
+
|
||||
+ if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) < 0) {
|
||||
+ qemudLog(QEMUD_ERR, _("Failed to verify client credentials: %s"),
|
||||
+ strerror(errno));
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ *pid = cr.pid;
|
||||
+ *uid = cr.uid;
|
||||
+#else
|
||||
+ /* XXX Many more OS support UNIX socket credentials we could port to. See dbus ....*/
|
||||
+#error "UNIX socket credentials not supported/implemented on this platform yet..."
|
||||
+#endif
|
||||
+ return 0;
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
static int qemudDispatchServer(struct qemud_server *server, struct qemud_socket *sock) {
|
||||
int fd;
|
||||
struct sockaddr_storage addr;
|
||||
@@ -1075,6 +1097,26 @@ static int qemudDispatchServer(struct qe
|
||||
memcpy (&client->addr, &addr, sizeof addr);
|
||||
client->addrlen = addrlen;
|
||||
|
||||
+#if HAVE_POLKIT
|
||||
+ /* Only do policy checks for non-root - allow root user
|
||||
+ through with no checks, as a fail-safe - root can easily
|
||||
+ change policykit policy anyway, so its pointless trying
|
||||
+ to restrict root */
|
||||
+ if (client->auth == REMOTE_AUTH_POLKIT) {
|
||||
+ uid_t uid;
|
||||
+ pid_t pid;
|
||||
+
|
||||
+ if (qemudGetSocketIdentity(client->fd, &uid, &pid) < 0)
|
||||
+ goto cleanup;
|
||||
+
|
||||
+ /* Cient is running as root, so disable auth */
|
||||
+ if (uid == 0) {
|
||||
+ qemudLog(QEMUD_INFO, _("Turn off polkit auth for privileged client %d"), pid);
|
||||
+ client->auth = REMOTE_AUTH_NONE;
|
||||
+ }
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
if (client->type != QEMUD_SOCK_TYPE_TLS) {
|
||||
client->mode = QEMUD_MODE_RX_HEADER;
|
||||
client->bufferLength = REMOTE_MESSAGE_HEADER_XDR_LEN;
|
||||
diff -rup libvirt-0.4.1.orig/qemud/remote.c libvirt-0.4.1.new/qemud/remote.c
|
||||
--- libvirt-0.4.1.orig/qemud/remote.c 2008-02-29 11:23:17.000000000 -0500
|
||||
+++ libvirt-0.4.1.new/qemud/remote.c 2008-04-03 15:38:03.000000000 -0400
|
||||
@@ -2564,27 +2564,6 @@ remoteDispatchAuthSaslStep (struct qemud
|
||||
|
||||
|
||||
#if HAVE_POLKIT
|
||||
-static int qemudGetSocketIdentity(int fd, uid_t *uid, pid_t *pid) {
|
||||
-#ifdef SO_PEERCRED
|
||||
- struct ucred cr;
|
||||
- unsigned int cr_len = sizeof (cr);
|
||||
-
|
||||
- if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) < 0) {
|
||||
- qemudLog(QEMUD_ERR, _("Failed to verify client credentials: %s"),
|
||||
- strerror(errno));
|
||||
- return -1;
|
||||
- }
|
||||
-
|
||||
- *pid = cr.pid;
|
||||
- *uid = cr.uid;
|
||||
-#else
|
||||
- /* XXX Many more OS support UNIX socket credentials we could port to. See dbus ....*/
|
||||
-#error "UNIX socket credentials not supported/implemented on this platform yet..."
|
||||
-#endif
|
||||
- return 0;
|
||||
-}
|
||||
-
|
||||
-
|
||||
static int
|
||||
remoteDispatchAuthPolkit (struct qemud_server *server ATTRIBUTE_UNUSED,
|
||||
struct qemud_client *client,
|
||||
@@ -2594,6 +2573,15 @@ remoteDispatchAuthPolkit (struct qemud_s
|
||||
{
|
||||
pid_t callerPid;
|
||||
uid_t callerUid;
|
||||
+ PolKitCaller *pkcaller = NULL;
|
||||
+ PolKitAction *pkaction = NULL;
|
||||
+ PolKitContext *pkcontext = NULL;
|
||||
+ PolKitError *pkerr = NULL;
|
||||
+ PolKitResult pkresult;
|
||||
+ DBusError err;
|
||||
+ const char *action = client->readonly ?
|
||||
+ "org.libvirt.unix.monitor" :
|
||||
+ "org.libvirt.unix.manage";
|
||||
|
||||
REMOTE_DEBUG("Start PolicyKit auth %d", client->fd);
|
||||
if (client->auth != REMOTE_AUTH_POLKIT) {
|
||||
@@ -2609,98 +2597,78 @@ remoteDispatchAuthPolkit (struct qemud_s
|
||||
return -2;
|
||||
}
|
||||
|
||||
- /* Only do policy checks for non-root - allow root user
|
||||
- through with no checks, as a fail-safe - root can easily
|
||||
- change policykit policy anyway, so its pointless trying
|
||||
- to restrict root */
|
||||
- if (callerUid == 0) {
|
||||
- qemudLog(QEMUD_INFO, _("Allowing PID %d running as root"), callerPid);
|
||||
- ret->complete = 1;
|
||||
- client->auth = REMOTE_AUTH_NONE;
|
||||
- } else {
|
||||
- PolKitCaller *pkcaller = NULL;
|
||||
- PolKitAction *pkaction = NULL;
|
||||
- PolKitContext *pkcontext = NULL;
|
||||
- PolKitError *pkerr = NULL;
|
||||
- PolKitResult pkresult;
|
||||
- DBusError err;
|
||||
- const char *action = client->readonly ?
|
||||
- "org.libvirt.unix.monitor" :
|
||||
- "org.libvirt.unix.manage";
|
||||
-
|
||||
- qemudLog(QEMUD_INFO, _("Checking PID %d running as %d"),
|
||||
- callerPid, callerUid);
|
||||
- dbus_error_init(&err);
|
||||
- if (!(pkcaller = polkit_caller_new_from_pid(server->sysbus,
|
||||
- callerPid, &err))) {
|
||||
- qemudLog(QEMUD_ERR, _("Failed to lookup policy kit caller: %s"),
|
||||
- err.message);
|
||||
- dbus_error_free(&err);
|
||||
- remoteDispatchFailAuth(client, req);
|
||||
- return -2;
|
||||
- }
|
||||
-
|
||||
- if (!(pkaction = polkit_action_new())) {
|
||||
- qemudLog(QEMUD_ERR, _("Failed to create polkit action %s\n"),
|
||||
- strerror(errno));
|
||||
- polkit_caller_unref(pkcaller);
|
||||
- remoteDispatchFailAuth(client, req);
|
||||
- return -2;
|
||||
- }
|
||||
- polkit_action_set_action_id(pkaction, action);
|
||||
-
|
||||
- if (!(pkcontext = polkit_context_new()) ||
|
||||
- !polkit_context_init(pkcontext, &pkerr)) {
|
||||
- qemudLog(QEMUD_ERR, _("Failed to create polkit context %s\n"),
|
||||
- (pkerr ? polkit_error_get_error_message(pkerr)
|
||||
- : strerror(errno)));
|
||||
- if (pkerr)
|
||||
- polkit_error_free(pkerr);
|
||||
- polkit_caller_unref(pkcaller);
|
||||
- polkit_action_unref(pkaction);
|
||||
- dbus_error_free(&err);
|
||||
- remoteDispatchFailAuth(client, req);
|
||||
- return -2;
|
||||
- }
|
||||
+ qemudLog(QEMUD_INFO, _("Checking PID %d running as %d"),
|
||||
+ callerPid, callerUid);
|
||||
+ dbus_error_init(&err);
|
||||
+ if (!(pkcaller = polkit_caller_new_from_pid(server->sysbus,
|
||||
+ callerPid, &err))) {
|
||||
+ qemudLog(QEMUD_ERR, _("Failed to lookup policy kit caller: %s"),
|
||||
+ err.message);
|
||||
+ dbus_error_free(&err);
|
||||
+ remoteDispatchFailAuth(client, req);
|
||||
+ return -2;
|
||||
+ }
|
||||
+
|
||||
+ if (!(pkaction = polkit_action_new())) {
|
||||
+ qemudLog(QEMUD_ERR, _("Failed to create polkit action %s\n"),
|
||||
+ strerror(errno));
|
||||
+ polkit_caller_unref(pkcaller);
|
||||
+ remoteDispatchFailAuth(client, req);
|
||||
+ return -2;
|
||||
+ }
|
||||
+ polkit_action_set_action_id(pkaction, action);
|
||||
+
|
||||
+ if (!(pkcontext = polkit_context_new()) ||
|
||||
+ !polkit_context_init(pkcontext, &pkerr)) {
|
||||
+ qemudLog(QEMUD_ERR, _("Failed to create polkit context %s\n"),
|
||||
+ (pkerr ? polkit_error_get_error_message(pkerr)
|
||||
+ : strerror(errno)));
|
||||
+ if (pkerr)
|
||||
+ polkit_error_free(pkerr);
|
||||
+ polkit_caller_unref(pkcaller);
|
||||
+ polkit_action_unref(pkaction);
|
||||
+ dbus_error_free(&err);
|
||||
+ remoteDispatchFailAuth(client, req);
|
||||
+ return -2;
|
||||
+ }
|
||||
|
||||
#if HAVE_POLKIT_CONTEXT_IS_CALLER_AUTHORIZED
|
||||
- pkresult = polkit_context_is_caller_authorized(pkcontext,
|
||||
- pkaction,
|
||||
- pkcaller,
|
||||
- 0,
|
||||
- &pkerr);
|
||||
- if (pkerr && polkit_error_is_set(pkerr)) {
|
||||
- qemudLog(QEMUD_ERR,
|
||||
- _("Policy kit failed to check authorization %d %s"),
|
||||
- polkit_error_get_error_code(pkerr),
|
||||
- polkit_error_get_error_message(pkerr));
|
||||
- remoteDispatchFailAuth(client, req);
|
||||
- return -2;
|
||||
- }
|
||||
+ pkresult = polkit_context_is_caller_authorized(pkcontext,
|
||||
+ pkaction,
|
||||
+ pkcaller,
|
||||
+ 0,
|
||||
+ &pkerr);
|
||||
+ if (pkerr && polkit_error_is_set(pkerr)) {
|
||||
+ qemudLog(QEMUD_ERR,
|
||||
+ _("Policy kit failed to check authorization %d %s"),
|
||||
+ polkit_error_get_error_code(pkerr),
|
||||
+ polkit_error_get_error_message(pkerr));
|
||||
+ remoteDispatchFailAuth(client, req);
|
||||
+ return -2;
|
||||
+ }
|
||||
#else
|
||||
- pkresult = polkit_context_can_caller_do_action(pkcontext,
|
||||
- pkaction,
|
||||
- pkcaller);
|
||||
+ pkresult = polkit_context_can_caller_do_action(pkcontext,
|
||||
+ pkaction,
|
||||
+ pkcaller);
|
||||
#endif
|
||||
- polkit_context_unref(pkcontext);
|
||||
- polkit_caller_unref(pkcaller);
|
||||
- polkit_action_unref(pkaction);
|
||||
- if (pkresult != POLKIT_RESULT_YES) {
|
||||
- qemudLog(QEMUD_ERR,
|
||||
- _("Policy kit denied action %s from pid %d, uid %d,"
|
||||
- " result: %s\n"),
|
||||
- action, callerPid, callerUid,
|
||||
- polkit_result_to_string_representation(pkresult));
|
||||
- remoteDispatchFailAuth(client, req);
|
||||
- return -2;
|
||||
- }
|
||||
- qemudLog(QEMUD_INFO,
|
||||
- _("Policy allowed action %s from pid %d, uid %d, result %s"),
|
||||
+ polkit_context_unref(pkcontext);
|
||||
+ polkit_caller_unref(pkcaller);
|
||||
+ polkit_action_unref(pkaction);
|
||||
+ if (pkresult != POLKIT_RESULT_YES) {
|
||||
+ qemudLog(QEMUD_ERR,
|
||||
+ _("Policy kit denied action %s from pid %d, uid %d,"
|
||||
+ " result: %s\n"),
|
||||
action, callerPid, callerUid,
|
||||
polkit_result_to_string_representation(pkresult));
|
||||
- ret->complete = 1;
|
||||
- client->auth = REMOTE_AUTH_NONE;
|
||||
+ remoteDispatchFailAuth(client, req);
|
||||
+ return -2;
|
||||
}
|
||||
+ qemudLog(QEMUD_INFO,
|
||||
+ _("Policy allowed action %s from pid %d, uid %d, result %s"),
|
||||
+ action, callerPid, callerUid,
|
||||
+ polkit_result_to_string_representation(pkresult));
|
||||
+ ret->complete = 1;
|
||||
+ client->auth = REMOTE_AUTH_NONE;
|
||||
|
||||
return 0;
|
||||
}
|
||||
diff -rup libvirt-0.4.1.orig/src/libvirt.c libvirt-0.4.1.new/src/libvirt.c
|
||||
--- libvirt-0.4.1.orig/src/libvirt.c 2008-02-26 10:37:43.000000000 -0500
|
||||
+++ libvirt-0.4.1.new/src/libvirt.c 2008-04-03 15:38:47.000000000 -0400
|
||||
@@ -19,6 +19,9 @@
|
||||
#include <sys/stat.h>
|
||||
#include <unistd.h>
|
||||
#include <assert.h>
|
||||
+#ifdef HAVE_SYS_WAIT_H
|
||||
+#include <sys/wait.h>
|
||||
+#endif
|
||||
|
||||
#include <libxml/parser.h>
|
||||
#include <libxml/xpath.h>
|
||||
@@ -66,6 +69,39 @@ static int initialized = 0;
|
||||
int debugFlag = 0;
|
||||
#endif
|
||||
|
||||
+#if defined(POLKIT_AUTH)
|
||||
+static int virConnectAuthGainPolkit(const char *privilege) {
|
||||
+ const char *const args[] = {
|
||||
+ POLKIT_AUTH, "--obtain", privilege, NULL
|
||||
+ };
|
||||
+ int childpid, status, ret;
|
||||
+
|
||||
+ /* Root has all rights */
|
||||
+ if (getuid() == 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ if ((childpid = fork()) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
+ if (!childpid) {
|
||||
+ execvp(args[0], (char **)args);
|
||||
+ _exit(-1);
|
||||
+ }
|
||||
+
|
||||
+ while ((ret = waitpid(childpid, &status, 0) == -1) && errno == EINTR);
|
||||
+ if (ret == -1) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ if (!WIFEXITED(status) ||
|
||||
+ (WEXITSTATUS(status) != 0 && WEXITSTATUS(status) != 1)) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
static int virConnectAuthCallbackDefault(virConnectCredentialPtr cred,
|
||||
unsigned int ncred,
|
||||
void *cbdata ATTRIBUTE_UNUSED) {
|
||||
@@ -77,28 +113,25 @@ static int virConnectAuthCallbackDefault
|
||||
size_t len;
|
||||
|
||||
switch (cred[i].type) {
|
||||
-#if defined(POLKIT_GRANT) || defined(POLKIT_AUTH)
|
||||
case VIR_CRED_EXTERNAL: {
|
||||
int ret;
|
||||
- const char *const args[] = {
|
||||
-#if defined(POLKIT_GRANT)
|
||||
- POLKIT_GRANT, "--gain", cred[i].prompt, NULL
|
||||
-#else
|
||||
- POLKIT_AUTH, "--obtain", cred[i].prompt, NULL
|
||||
-#endif
|
||||
- };
|
||||
-
|
||||
if (STRNEQ(cred[i].challenge, "PolicyKit"))
|
||||
return -1;
|
||||
- if (virRun(NULL, (char **) args, &ret) < 0)
|
||||
- return -1;
|
||||
|
||||
- if (!WIFEXITED(ret) ||
|
||||
- (WEXITSTATUS(ret) != 0 && WEXITSTATUS(ret) != 1))
|
||||
+#if defined(POLKIT_AUTH)
|
||||
+ if (virConnectAuthGainPolkit(cred[i].prompt) < 0)
|
||||
return -1;
|
||||
+#else
|
||||
+ /*
|
||||
+ * Ignore & carry on. Although we can't auth
|
||||
+ * directly, the user may have authenticated
|
||||
+ * themselves already outside context of libvirt
|
||||
+ */
|
||||
+#endif
|
||||
+
|
||||
break;
|
||||
}
|
||||
-#endif
|
||||
+
|
||||
case VIR_CRED_USERNAME:
|
||||
case VIR_CRED_AUTHNAME:
|
||||
case VIR_CRED_ECHOPROMPT:
|
||||
@@ -158,9 +191,7 @@ static int virConnectCredTypeDefault[] =
|
||||
VIR_CRED_REALM,
|
||||
VIR_CRED_PASSPHRASE,
|
||||
VIR_CRED_NOECHOPROMPT,
|
||||
-#if defined(POLKIT_AUTH) || defined(POLKIT_GRANT)
|
||||
VIR_CRED_EXTERNAL,
|
||||
-#endif
|
||||
};
|
||||
|
||||
static virConnectAuth virConnectAuthDefault = {
|
||||
@@ -0,0 +1,128 @@
|
||||
commit 570fd656d1b67e5d02f52e107946930257e811a7
|
||||
Author: Daniel Veillard <veillard@redhat.com>
|
||||
Date: Thu Mar 13 09:17:45 2008 +0000
|
||||
|
||||
* src/qemu_conf.c src/qemu_driver.c: patch from Cole Robinson
|
||||
fixing CD Rom change on live QEmu/KVM domains.
|
||||
Daniel
|
||||
|
||||
diff --git a/src/qemu_conf.c b/src/qemu_conf.c
|
||||
index e54da5b..ebbd251 100644
|
||||
--- a/src/qemu_conf.c
|
||||
+++ b/src/qemu_conf.c
|
||||
@@ -594,9 +594,16 @@ static int qemudParseDiskXML(virConnectPtr conn,
|
||||
}
|
||||
|
||||
if (source == NULL) {
|
||||
- qemudReportError(conn, NULL, NULL, VIR_ERR_NO_SOURCE, target ? "%s" : NULL, target);
|
||||
- goto error;
|
||||
+ /* There is a case without the source
|
||||
+ * to the CD-ROM device
|
||||
+ */
|
||||
+ if (!device || STRNEQ((const char *) device, "cdrom")) {
|
||||
+ qemudReportError(conn, NULL, NULL, VIR_ERR_NO_SOURCE,
|
||||
+ target ? "%s" : NULL, target);
|
||||
+ goto error;
|
||||
+ }
|
||||
}
|
||||
+
|
||||
if (target == NULL) {
|
||||
qemudReportError(conn, NULL, NULL, VIR_ERR_NO_TARGET, source ? "%s" : NULL, source);
|
||||
goto error;
|
||||
@@ -630,7 +637,7 @@ static int qemudParseDiskXML(virConnectPtr conn,
|
||||
goto error;
|
||||
}
|
||||
|
||||
- strncpy(disk->src, (const char *)source, NAME_MAX-1);
|
||||
+ strncpy(disk->src, (source ? (const char *) source : "\0"), NAME_MAX-1);
|
||||
disk->src[NAME_MAX-1] = '\0';
|
||||
|
||||
strncpy(disk->dst, (const char *)target, NAME_MAX-1);
|
||||
@@ -1747,9 +1754,15 @@ int qemudBuildCommandLine(virConnectPtr conn,
|
||||
char dev[NAME_MAX];
|
||||
char file[PATH_MAX];
|
||||
if (!strcmp(disk->dst, "hdc") &&
|
||||
- disk->device == QEMUD_DISK_CDROM)
|
||||
- snprintf(dev, NAME_MAX, "-%s", "cdrom");
|
||||
- else
|
||||
+ disk->device == QEMUD_DISK_CDROM) {
|
||||
+ if (disk->src[0])
|
||||
+ snprintf(dev, NAME_MAX, "-%s", "cdrom");
|
||||
+ else {
|
||||
+ /* Don't put anything on the cmdline for an empty cdrom*/
|
||||
+ disk = disk->next;
|
||||
+ continue;
|
||||
+ }
|
||||
+ } else
|
||||
snprintf(dev, NAME_MAX, "-%s", disk->dst);
|
||||
snprintf(file, PATH_MAX, "%s", disk->src);
|
||||
|
||||
@@ -2906,8 +2919,10 @@ char *qemudGenerateXML(virConnectPtr conn,
|
||||
types[disk->type], devices[disk->device]) < 0)
|
||||
goto no_memory;
|
||||
|
||||
- if (virBufferVSprintf(buf, " <source %s='%s'/>\n", typeAttrs[disk->type], disk->src) < 0)
|
||||
- goto no_memory;
|
||||
+ if (disk->src[0])
|
||||
+ if (virBufferVSprintf(buf, " <source %s='%s'/>\n",
|
||||
+ typeAttrs[disk->type], disk->src) < 0)
|
||||
+ goto no_memory;
|
||||
|
||||
if (virBufferVSprintf(buf, " <target dev='%s'/>\n", disk->dst) < 0)
|
||||
goto no_memory;
|
||||
diff --git a/src/qemu_driver.c b/src/qemu_driver.c
|
||||
index 21f0fed..2b4c2a6 100644
|
||||
--- a/src/qemu_driver.c
|
||||
+++ b/src/qemu_driver.c
|
||||
@@ -2223,23 +2223,29 @@ static int qemudDomainChangeCDROM(virDomainPtr dom,
|
||||
struct qemud_driver *driver = (struct qemud_driver *)dom->conn->privateData;
|
||||
char *cmd, *reply, *safe_path;
|
||||
|
||||
- /* Migrate to file */
|
||||
- safe_path = qemudEscapeMonitorArg(newdisk->src);
|
||||
- if (!safe_path) {
|
||||
- qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
|
||||
- "out of memory");
|
||||
- return -1;
|
||||
- }
|
||||
- if (asprintf (&cmd, "change %s \"%s\"",
|
||||
- /* XXX qemu may support multiple CDROM in future */
|
||||
- /* olddisk->dst */ "cdrom",
|
||||
- safe_path) == -1) {
|
||||
+ if (newdisk->src[0]) {
|
||||
+ safe_path = qemudEscapeMonitorArg(newdisk->src);
|
||||
+ if (!safe_path) {
|
||||
+ qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
|
||||
+ "out of memory");
|
||||
+ return -1;
|
||||
+ }
|
||||
+ if (asprintf (&cmd, "change %s \"%s\"",
|
||||
+ /* XXX qemu may support multiple CDROM in future */
|
||||
+ /* olddisk->dst */ "cdrom",
|
||||
+ safe_path) == -1) {
|
||||
+ qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
|
||||
+ "out of memory");
|
||||
+ free(safe_path);
|
||||
+ return -1;
|
||||
+ }
|
||||
+ free(safe_path);
|
||||
+
|
||||
+ } else if (asprintf(&cmd, "eject cdrom") == -1) {
|
||||
qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
|
||||
"out of memory");
|
||||
- free(safe_path);
|
||||
return -1;
|
||||
}
|
||||
- free(safe_path);
|
||||
|
||||
if (qemudMonitorCommand(driver, vm, cmd, &reply) < 0) {
|
||||
qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED, "cannot change cdrom media");
|
||||
@@ -2248,7 +2254,7 @@ static int qemudDomainChangeCDROM(virDomainPtr dom,
|
||||
}
|
||||
free(reply);
|
||||
free(cmd);
|
||||
- strcpy(olddisk->dst, newdisk->dst);
|
||||
+ strcpy(olddisk->src, newdisk->src);
|
||||
olddisk->type = newdisk->type;
|
||||
return 0;
|
||||
}
|
||||
@@ -0,0 +1,38 @@
|
||||
|
||||
Avoid segfault upon early libvirtd failure.
|
||||
* qemud/qemud.c (main): Don't call qemudCleanup on an
|
||||
uninitialized pointer.
|
||||
|
||||
By the way, even though this evoked a warning from gcc,
|
||||
"make distcheck" passes. Obviously, that means the distcheck
|
||||
rule is inadequate. I'll fix it so that it turns on -Werror
|
||||
for the final build.
|
||||
|
||||
Signed-off-by: Jim Meyering <meyering@redhat.com>
|
||||
---
|
||||
qemud/qemud.c | 5 +++--
|
||||
1 files changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/qemud/qemud.c b/qemud/qemud.c
|
||||
index 96fdf32..b6b82ed 100644
|
||||
--- a/qemud/qemud.c
|
||||
+++ b/qemud/qemud.c
|
||||
@@ -2025,7 +2025,7 @@ libvirt management daemon:\n\
|
||||
|
||||
#define MAX_LISTEN 5
|
||||
int main(int argc, char **argv) {
|
||||
- struct qemud_server *server;
|
||||
+ struct qemud_server *server = NULL;
|
||||
struct sigaction sig_action;
|
||||
int sigpipe[2];
|
||||
const char *pid_file = NULL;
|
||||
@@ -2180,7 +2180,8 @@ int main(int argc, char **argv) {
|
||||
unlink (pid_file);
|
||||
|
||||
error1:
|
||||
- qemudCleanup(server);
|
||||
+ if (server)
|
||||
+ qemudCleanup(server);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -0,0 +1,23 @@
|
||||
|
||||
Don't use first byte of string as a pointer.
|
||||
* src/qemu_conf.c (qemudReportError): Use the pointer, errorMessage,
|
||||
not its first byte, errorMessage[0].
|
||||
|
||||
Signed-off-by: Jim Meyering <meyering@redhat.com>
|
||||
---
|
||||
src/qemu_conf.c | 2 +-
|
||||
1 files changed, 1 insertions(+), 1 deletions(-)
|
||||
|
||||
diff --git a/src/qemu_conf.c b/src/qemu_conf.c
|
||||
index eead0bc..e54da5b 100644
|
||||
--- a/src/qemu_conf.c
|
||||
+++ b/src/qemu_conf.c
|
||||
@@ -68,7 +68,7 @@ void qemudReportError(virConnectPtr conn,
|
||||
errorMessage[0] = '\0';
|
||||
}
|
||||
|
||||
- virerr = __virErrorMsg(code, (errorMessage[0] ? errorMessage[0] : NULL));
|
||||
+ virerr = __virErrorMsg(code, (errorMessage[0] ? errorMessage : NULL));
|
||||
__virRaiseError(conn, dom, net, VIR_FROM_QEMU, code, VIR_ERR_ERROR,
|
||||
virerr, errorMessage, NULL, -1, -1, virerr, errorMessage);
|
||||
}
|
||||
@@ -0,0 +1,63 @@
|
||||
diff -rupN libvirt-0.4.1.orig/src/bridge.c libvirt-0.4.1.new/src/bridge.c
|
||||
--- libvirt-0.4.1.orig/src/bridge.c 2008-02-28 06:16:21.000000000 -0500
|
||||
+++ libvirt-0.4.1.new/src/bridge.c 2008-03-13 11:25:12.000000000 -0400
|
||||
@@ -313,7 +313,6 @@ brDeleteInterface(brControl *ctl ATTRIBU
|
||||
int
|
||||
brAddTap(brControl *ctl,
|
||||
const char *bridge,
|
||||
- unsigned char *macaddr,
|
||||
char *ifname,
|
||||
int maxlen,
|
||||
int *tapfd)
|
||||
@@ -357,18 +356,6 @@ brAddTap(brControl *ctl,
|
||||
}
|
||||
|
||||
if (ioctl(fd, TUNSETIFF, &try) == 0) {
|
||||
- struct ifreq addr;
|
||||
- memset(&addr, 0, sizeof(addr));
|
||||
- memcpy(addr.ifr_hwaddr.sa_data, macaddr, 6);
|
||||
- addr.ifr_hwaddr.sa_family = ARPHRD_ETHER;
|
||||
-
|
||||
- /* Device actually starts in 'UP' state, but it
|
||||
- * needs to be down to set the MAC addr
|
||||
- */
|
||||
- if ((errno = brSetInterfaceUp(ctl, try.ifr_name, 0)))
|
||||
- goto error;
|
||||
- if (ioctl(fd, SIOCSIFHWADDR, &addr) != 0)
|
||||
- goto error;
|
||||
if ((errno = brAddInterface(ctl, bridge, try.ifr_name)))
|
||||
goto error;
|
||||
if ((errno = brSetInterfaceUp(ctl, try.ifr_name, 1)))
|
||||
diff -rupN libvirt-0.4.1.orig/src/bridge.h libvirt-0.4.1.new/src/bridge.h
|
||||
--- libvirt-0.4.1.orig/src/bridge.h 2008-02-28 06:16:21.000000000 -0500
|
||||
+++ libvirt-0.4.1.new/src/bridge.h 2008-03-13 11:25:12.000000000 -0400
|
||||
@@ -62,7 +62,6 @@ int brDeleteInterface (brContr
|
||||
|
||||
int brAddTap (brControl *ctl,
|
||||
const char *bridge,
|
||||
- unsigned char *mac,
|
||||
char *ifname,
|
||||
int maxlen,
|
||||
int *tapfd);
|
||||
diff -rupN libvirt-0.4.1.orig/src/qemu_conf.c libvirt-0.4.1.new/src/qemu_conf.c
|
||||
--- libvirt-0.4.1.orig/src/qemu_conf.c 2008-03-13 11:24:39.000000000 -0400
|
||||
+++ libvirt-0.4.1.new/src/qemu_conf.c 2008-03-13 11:25:12.000000000 -0400
|
||||
@@ -1540,7 +1540,6 @@ qemudNetworkIfaceConnect(virConnectPtr c
|
||||
}
|
||||
|
||||
if ((err = brAddTap(driver->brctl, brname,
|
||||
- net->mac,
|
||||
ifname, BR_IFNAME_MAXLEN, &tapfd))) {
|
||||
qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
|
||||
"Failed to add tap interface '%s' to bridge '%s' : %s",
|
||||
@@ -1548,7 +1547,9 @@ qemudNetworkIfaceConnect(virConnectPtr c
|
||||
goto error;
|
||||
}
|
||||
|
||||
- snprintf(tapfdstr, sizeof(tapfdstr), "tap,fd=%d,script=,vlan=%d", tapfd, vlan);
|
||||
+ snprintf(tapfdstr, sizeof(tapfdstr),
|
||||
+ "tap,fd=%d,script=,vlan=%d,ifname=%s",
|
||||
+ tapfd, vlan, ifname);
|
||||
|
||||
if (!(retval = strdup(tapfdstr)))
|
||||
goto no_memory;
|
||||
@@ -0,0 +1,21 @@
|
||||
commit 2bcf35336cd649e58c08d7cf3452a8d4353bcf85
|
||||
Author: Daniel Veillard <veillard@redhat.com>
|
||||
Date: Fri Mar 7 09:23:30 2008 +0000
|
||||
|
||||
* src/xend_internal.c: applied patch from Cole Robinson to not
|
||||
loose the boot tag when defining a fully virtualized xen domain
|
||||
Daniel
|
||||
|
||||
diff --git a/src/xend_internal.c b/src/xend_internal.c
|
||||
index 8bbc28f..fef54f8 100644
|
||||
--- a/src/xend_internal.c
|
||||
+++ b/src/xend_internal.c
|
||||
@@ -1323,7 +1323,7 @@ xend_parse_sexp_desc_os(virConnectPtr xend, struct sexpr *node, virBufferPtr buf
|
||||
if (hvm)
|
||||
virBufferVSprintf(buf, " <loader>%s</loader>\n", loader);
|
||||
|
||||
- if (kernel) {
|
||||
+ if ((kernel) && ((!loader) || (STRNEQ(kernel, loader)))) {
|
||||
virBufferVSprintf(buf, " <kernel>%s</kernel>\n", kernel);
|
||||
if (initrd && initrd[0])
|
||||
virBufferVSprintf(buf, " <initrd>%s</initrd>\n", initrd);
|
||||
@@ -0,0 +1,146 @@
|
||||
--- a/src/storage_backend_iscsi.c 4 Mar 2008 20:02:34 -0000 1.3
|
||||
+++ b/src/storage_backend_iscsi.c 26 Mar 2008 22:07:05 -0000
|
||||
@@ -170,20 +170,91 @@
|
||||
virStorageBackendISCSIMakeLUN(virConnectPtr conn,
|
||||
virStoragePoolObjPtr pool,
|
||||
char **const groups,
|
||||
- void *data ATTRIBUTE_UNUSED)
|
||||
+ void *data)
|
||||
{
|
||||
virStorageVolDefPtr vol;
|
||||
int fd = -1;
|
||||
+ unsigned int target, channel, id, lun;
|
||||
char lunid[100];
|
||||
- char *dev = groups[4];
|
||||
int opentries = 0;
|
||||
char *devpath = NULL;
|
||||
+ char *session = data;
|
||||
+ char sysfs_path[PATH_MAX];
|
||||
+ char *dev = NULL;
|
||||
+ DIR *sysdir;
|
||||
+ struct dirent *block_dirent;
|
||||
+ struct stat sbuf;
|
||||
+ int len;
|
||||
+
|
||||
+ if ((virStrToLong_ui(groups[0], NULL, 10, &target) < 0) ||
|
||||
+ (virStrToLong_ui(groups[1], NULL, 10, &channel) < 0) ||
|
||||
+ (virStrToLong_ui(groups[2], NULL, 10, &id) < 0) ||
|
||||
+ (virStrToLong_ui(groups[3], NULL, 10, &lun) < 0)) {
|
||||
+ virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR, "%s",
|
||||
+ _("Failed parsing iscsiadm commands"));
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ if (lun == 0) {
|
||||
+ /* the 0'th LUN isn't a real LUN, it's just a control LUN; skip it */
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+ snprintf(sysfs_path, PATH_MAX,
|
||||
+ "/sys/class/iscsi_session/session%s/device/"
|
||||
+ "target%d:%d:%d/%d:%d:%d:%d/block",
|
||||
+ session, target, channel, id, target, channel, id, lun);
|
||||
+
|
||||
+ if (stat(sysfs_path, &sbuf) < 0) {
|
||||
+ /* block path in subdir didn't exist; this is unexpected, so fail */
|
||||
+ virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR,
|
||||
+ _("Failed to find the sysfs path for %d:%d:%d:%d: %s"),
|
||||
+ target, channel, id, lun, strerror(errno));
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ sysdir = opendir(sysfs_path);
|
||||
+ if (sysdir == NULL) {
|
||||
+ /* we failed for some reason; return an error */
|
||||
+ virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR,
|
||||
+ _("Failed to opendir sysfs path %s: %s"),
|
||||
+ sysfs_path, strerror(errno));
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ while ((block_dirent = readdir(sysdir)) != NULL) {
|
||||
+ len = strlen(block_dirent->d_name);
|
||||
+ if ((len == 1 && block_dirent->d_name[0] == '.') ||
|
||||
+ (len == 2 && block_dirent->d_name[0] == '.' && block_dirent->d_name[1] == '.')) {
|
||||
+ /* the . and .. directories; just skip them */
|
||||
+ continue;
|
||||
+ }
|
||||
+
|
||||
+ /* OK, not . or ..; let's see if it is a SCSI device */
|
||||
+ if (len > 2 &&
|
||||
+ block_dirent->d_name[0] == 's' &&
|
||||
+ block_dirent->d_name[1] == 'd') {
|
||||
+ /* looks like a scsi device, smells like scsi device; it must be
|
||||
+ a scsi device */
|
||||
+ dev = strdup(block_dirent->d_name);
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+ closedir(sysdir);
|
||||
+
|
||||
+ if (dev == NULL) {
|
||||
+ /* we didn't find the sd? device we were looking for; fail */
|
||||
+ virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR,
|
||||
+ _("Failed to find SCSI device for %d:%d:%d:%d: %s"),
|
||||
+ target, channel, id, lun, strerror(errno));
|
||||
+ return -1;
|
||||
+ }
|
||||
|
||||
snprintf(lunid, sizeof(lunid)-1, "lun-%s", groups[3]);
|
||||
|
||||
if ((vol = calloc(1, sizeof(virStorageVolDef))) == NULL) {
|
||||
virStorageReportError(conn, VIR_ERR_NO_MEMORY, "%s", _("volume"));
|
||||
- return -1;
|
||||
+ goto cleanup;
|
||||
}
|
||||
|
||||
if ((vol->name = strdup(lunid)) == NULL) {
|
||||
@@ -197,6 +268,8 @@
|
||||
}
|
||||
strcpy(devpath, "/dev/");
|
||||
strcat(devpath, dev);
|
||||
+ free(dev);
|
||||
+ dev = NULL;
|
||||
/* It can take a little while between logging into the ISCSI
|
||||
* server and udev creating the /dev nodes, so if we get ENOENT
|
||||
* we must retry a few times - they should eventually appear.
|
||||
@@ -258,6 +331,7 @@
|
||||
if (fd != -1) close(fd);
|
||||
free(devpath);
|
||||
virStorageVolDefFree(vol);
|
||||
+ free(dev);
|
||||
return -1;
|
||||
}
|
||||
|
||||
@@ -281,14 +355,13 @@
|
||||
* scsi1 Channel 00 Id 0 Lun: 5
|
||||
* Attached scsi disk sdg State: running
|
||||
*
|
||||
- * Need 2 regex to match alternating lines
|
||||
+ * Need a regex to match the Channel:Id:Lun lines
|
||||
*/
|
||||
const char *regexes[] = {
|
||||
- "^\\s*scsi(\\S+)\\s+Channel\\s+(\\S+)\\s+Id\\s+(\\S+)\\s+Lun:\\s+(\\S+)\\s*$",
|
||||
- "^\\s*Attached\\s+scsi\\s+disk\\s+(\\S+)\\s+State:\\s+running\\s*$"
|
||||
+ "^\\s*scsi(\\S+)\\s+Channel\\s+(\\S+)\\s+Id\\s+(\\S+)\\s+Lun:\\s+(\\S+)\\s*$"
|
||||
};
|
||||
int vars[] = {
|
||||
- 4, 1
|
||||
+ 4
|
||||
};
|
||||
const char *prog[] = {
|
||||
ISCSIADM, "--mode", "session", "-r", session, "-P", "3", NULL,
|
||||
@@ -296,11 +369,11 @@
|
||||
|
||||
return virStorageBackendRunProgRegex(conn, pool,
|
||||
prog,
|
||||
- 2,
|
||||
+ 1,
|
||||
regexes,
|
||||
vars,
|
||||
virStorageBackendISCSIMakeLUN,
|
||||
- NULL);
|
||||
+ (void *)session);
|
||||
}
|
||||
|
||||
|
||||
@@ -0,0 +1,17 @@
|
||||
Index: src/storage_conf.c
|
||||
===================================================================
|
||||
RCS file: /data/cvs/libvirt/src/storage_conf.c,v
|
||||
retrieving revision 1.3
|
||||
retrieving revision 1.4
|
||||
diff -u -r1.3 -r1.4
|
||||
--- a/src/storage_conf.c 27 Feb 2008 10:37:19 -0000 1.3
|
||||
+++ b/src/storage_conf.c 28 Mar 2008 17:56:44 -0000 1.4
|
||||
@@ -479,7 +479,7 @@
|
||||
}
|
||||
if ((options->flags & VIR_STORAGE_BACKEND_POOL_SOURCE_DIR) &&
|
||||
def->source.dir &&
|
||||
- virBufferVSprintf(buf," <directory path='%s'/>\n", def->source.dir) < 0)
|
||||
+ virBufferVSprintf(buf," <dir path='%s'/>\n", def->source.dir) < 0)
|
||||
goto no_memory;
|
||||
if ((options->flags & VIR_STORAGE_BACKEND_POOL_SOURCE_ADAPTER) &&
|
||||
def->source.adapter &&
|
||||
@@ -0,0 +1,17 @@
|
||||
--- /home/boston/clalance/devel/libvirt--devel/src/storage_backend_iscsi.c 2008-02-13 13:48:32.497466000 -0500
|
||||
+++ libvirt-0.4.0/src/storage_backend_iscsi.c 2008-02-11 17:19:35.000000000 -0500
|
||||
@@ -143,6 +143,14 @@ static int virStorageBackendISCSIConnect
|
||||
"--targetname", pool->def->source.devices[0].path, action, NULL
|
||||
};
|
||||
|
||||
+ const char *cmdsendtarget[] = {
|
||||
+ ISCSIADM, "--mode", "discovery", "--type", "sendtargets",
|
||||
+ "--portal", portal, NULL
|
||||
+ };
|
||||
+
|
||||
+ if (virRun(conn, (char **)cmdsendtarget, NULL) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
if (virRun(conn, (char **)cmdargv, NULL) < 0)
|
||||
return -1;
|
||||
|
||||
+444
-2342
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user