1
0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-10-26 07:34:04 +03:00

Compare commits

...

17 Commits

Author SHA1 Message Date
Jiri Denemark
d933f68ee6 qemu: Let empty default VNC password work as documented
CVE-2016-5008

Setting an empty graphics password is documented as a way to disable
VNC/SPICE access, but QEMU does not always behaves like that. VNC would
happily accept the empty password. Let's enforce the behavior by setting
password expiration to "now".

https://bugzilla.redhat.com/show_bug.cgi?id=1180092

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
(cherry picked from commit bb848feec0)
2016-06-30 13:57:17 +01:00
Eric Blake
6ae4339383 CVE-2015-5313: storage: don't allow '/' in filesystem volume names
The libvirt file system storage driver determines what file to
act on by concatenating the pool location with the volume name.
If a user is able to pick names like "../../../etc/passwd", then
they can escape the bounds of the pool.  For that matter,
virStoragePoolListVolumes() doesn't descend into subdirectories,
so a user really shouldn't use a name with a slash.

Normally, only privileged users can coerce libvirt into creating
or opening existing files using the virStorageVol APIs; and such
users already have full privilege to create any domain XML (so it
is not an escalation of privilege).  But in the case of
fine-grained ACLs, it is feasible that a user can be granted
storage_vol:create but not domain:write, and it violates
assumptions if such a user can abuse libvirt to access files
outside of the storage pool.

Therefore, prevent all use of volume names that contain "/",
whether or not such a name is actually attempting to escape the
pool.

This changes things from:

$ virsh vol-create-as default ../../../../../../etc/haha --capacity 128
Vol ../../../../../../etc/haha created
$ rm /etc/haha

to:

$ virsh vol-create-as default ../../../../../../etc/haha --capacity 128
error: Failed to create vol ../../../../../../etc/haha
error: Requested operation is not valid: volume name '../../../../../../etc/haha' cannot contain '/'

Signed-off-by: Eric Blake <eblake@redhat.com>
(cherry picked from commit 034e47c338)
2015-12-15 19:52:26 -07:00
Martin Kletzander
aaf8c5dc14 util: Prepare URI formatting for libxml2 >= 2.9.2
Since commit 8eb55d782a2b9afacc7938694891cc6fad7b42a5 libxml2 removes
two slashes from the URI when there is no server part.  This is fixed
with beb7281055dbf0ed4d041022a67c6c5cfd126f25, but only if the calling
application calls xmlSaveUri() on URI that xmlURIParse() parsed.  And
that is not the case in virURIFormat().  virURIFormat() accepts
virURIPtr that can be created without parsing it and we do that when we
format network storage paths for gluster for example.  Even though
virStorageSourceParseBackingURI() uses virURIParse(), it throws that data
structure right away.

Since we want to format URIs as URIs and not absolute URIs or opaque
URIs (see RFC 3986), we can specify that with a special hack thanks to
commit beb7281055dbf0ed4d041022a67c6c5cfd126f25, by setting port to -1.

This fixes qemuxml2argvtest test where the disk-drive-network-gluster
case was failing.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
(cherry picked from commit 8f17d0eaae)
2015-12-15 19:52:26 -07:00
Daniel P. Berrange
dd2b525161 avoid using deprecated udev logging functions
In systemd >= 218, the udev_set_log_fn method has been marked
deprecated and turned into a no-op. Nothing in the udev client
library will print to stderr by default anymore, so we can
just stop installing a logging hook for new enough udev.

(cherry picked from commit a93a3b975c)
2015-12-15 19:52:26 -07:00
John Ferlan
11b1dd70e4 qemu_driver: Resolve Coverity CONSTANT_EXPRESSION_RESULT
The call to virDomainSnapshotRedefinePrep() had a spurrious ! in front of
it which caused Coverity to complan that the expression is always false.

(cherry picked from commit 9d7254de43)
2015-12-15 19:52:26 -07:00
Michal Privoznik
42e0a5bfd7 remoteClientCloseFunc: Don't mangle connection object refcount
Well, in 8ad126e6 we tried to fix a memory corruption problem.
However, the fix was not as good as it could be. I mean, the
commit has one line more than it should. I've noticed this output
just recently:

  # ./run valgrind --leak-check=full --show-reachable=yes ./tools/virsh domblklist gentoo
  ==17019== Memcheck, a memory error detector
  ==17019== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
  ==17019== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
  ==17019== Command: /home/zippy/work/libvirt/libvirt.git/tools/.libs/virsh domblklist gentoo
  ==17019==
  Target     Source
  ------------------------------------------------
  fda        /var/lib/libvirt/images/fd.img
  vda        /var/lib/libvirt/images/gentoo.qcow2
  hdc        /home/zippy/tmp/install-amd64-minimal-20150402.iso

  ==17019== Thread 2:
  ==17019== Invalid read of size 4
  ==17019==    at 0x4EFF5B4: virObjectUnref (virobject.c:258)
  ==17019==    by 0x5038CFF: remoteClientCloseFunc (remote_driver.c:552)
  ==17019==    by 0x5069D57: virNetClientCloseLocked (virnetclient.c:685)
  ==17019==    by 0x506C848: virNetClientIncomingEvent (virnetclient.c:1852)
  ==17019==    by 0x5082136: virNetSocketEventHandle (virnetsocket.c:1913)
  ==17019==    by 0x4ECD64E: virEventPollDispatchHandles (vireventpoll.c:509)
  ==17019==    by 0x4ECDE02: virEventPollRunOnce (vireventpoll.c:658)
  ==17019==    by 0x4ECBF00: virEventRunDefaultImpl (virevent.c:308)
  ==17019==    by 0x130386: vshEventLoop (vsh.c:1864)
  ==17019==    by 0x4F1EB07: virThreadHelper (virthread.c:206)
  ==17019==    by 0xA8462D3: start_thread (in /lib64/libpthread-2.20.so)
  ==17019==    by 0xAB441FC: clone (in /lib64/libc-2.20.so)
  ==17019==  Address 0x139023f4 is 4 bytes inside a block of size 240 free'd
  ==17019==    at 0x4C2B1F0: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
  ==17019==    by 0x4EA8949: virFree (viralloc.c:582)
  ==17019==    by 0x4EFF6D0: virObjectUnref (virobject.c:273)
  ==17019==    by 0x4FE74D6: virConnectClose (libvirt.c:1390)
  ==17019==    by 0x13342A: virshDeinit (virsh.c:406)
  ==17019==    by 0x134A37: main (virsh.c:950)

The problem is, when registering remoteClientCloseFunc(), it's
conn->closeCallback which is ref'd. But in the function itself
it's conn->closeCallback->conn what is unref'd. This is causing
imbalance in reference counting. Moreover, there's no need for
the remote driver to increase/decrease conn refcount since it's
not used anywhere. It's just merely passed to client registered
callback. And for that purpose it's correctly ref'd in
virConnectRegisterCloseCallback() and then unref'd in
virConnectUnregisterCloseCallback().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit e689300770)
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-09-03 17:45:53 +02:00
Michal Privoznik
b0f598e82e xend: Don't crash in virDomainXMLDevID
The function is called from all {Attach,Update,Detach}Device APIs to
create config strings that are later passed to the xend to perform the
desired action. The function is intended to handle all supported
devices. However, as of 5b05358aba we
are trying to get disk driver of the device without checking if the
device really is a disk. This leads to an segmentation fault:

  #0 0x00007ffff7571815 in virDomainDiskGetDriver () from /usr/lib/libvirt.so.0
  #1 0x00007fffeb9ad471 in ?? () from /usr/lib/libvirt/connection-driver/libvirt_driver_xen.so
  #2 0x00007fffeb9b1062 in xenDaemonAttachDeviceFlags () from /usr/lib/libvirt/connection-driver/libvirt_driver_xen.so
  #3 0x00007fffeb9a8a86 in ?? () from /usr/lib/libvirt/connection-driver/libvirt_driver_xen.so
  #4 0x00007ffff7609266 in virDomainAttachDevice () from /usr/lib/libvirt.so.0
  #5 0x0000555555593c9d in ?? ()
  #6 0x00007ffff76743c9 in virNetServerProgramDispatch () from /usr/lib/libvirt.so.0
  #7 0x00005555555a678d in ?? ()
  #8 0x00007ffff755460e in ?? () from /usr/lib/libvirt.so.0
  #9 0x00007ffff7553b06 in ?? () from /usr/lib/libvirt.so.0
  #10 0x00007ffff4998b50 in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
  #11 0x00007ffff46e30ed in clone () from /lib/x86_64-linux-gnu/libc.so.6
  #12 0x0000000000000000 in ?? ()

Reported-by: Xiaolin Su <linxxnil@126.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit cd7702d456)
2015-01-30 14:31:08 +01:00
Peter Krempa
b87f3f835a CVE-2015-0236: qemu: Check ACLs when dumping security info from snapshots
The ACL check didn't check the VIR_DOMAIN_XML_SECURE flag and the
appropriate permission for it. Found via code inspection while fixing
permissions for save images.

(cherry picked from commit b347c0c2a3)
2015-01-22 10:09:35 -07:00
Peter Krempa
9b056d8daf CVE-2015-0236: qemu: Check ACLs when dumping security info from save image
The ACL check didn't check the VIR_DOMAIN_XML_SECURE flag and the
appropriate permission for it.

(cherry picked from commit 03c3c0c874)
2015-01-22 10:09:35 -07:00
Michal Privoznik
6a3b2c09fe wireshark: Honor API change coming with 1.12 release
https://bugs.gentoo.org/show_bug.cgi?id=508336

At wireshark, they have this promise to change public dissector APIs
only with minor version number change. Which they did when releasing
the version of 1.12.

Firstly, they've changed tvb_memdup() in
a0c53ffaa1bb46d8c9db2ec739401aa411c9790e so now it takes four arguments
instead of three. The new argument is placed at the very beginning of
the list of arguments and basically says the scope where we'd like to
allocate the memory. According to the documentation NULL should be the
default value.

Then, the tcp_dissect_pdus() signature changed too. Well, the function
that actually dissects reassembled packets as tcp_dissect_pdus()
reorder TCP packets into one big chunk and then calls a user function
to dissect the PDU at once. The change is dated back to
8081cf1d90397cbbb4404f9720595e1537ed5e14.

Then, WS_DLL_PUBLIC_NOEXTERN was replaced with WS_DLL_PUBLIC_DEF in
5d87a8c46171f572568db5a47c093423482e342f.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit e74fa5702a)
2014-12-22 17:09:49 -07:00
Michal Privoznik
3f874370d2 wireshark: Include more of libvirt internals
The rationale is to not duplicate code which is done in
packet-libvirt.h for instance. Moreover, this way we can drop
__attribute_((unused)) used int packet-libvirt.c in favor of
ATTRIBUTE_UNUSED.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 906d0abfe7)
2014-12-22 17:09:43 -07:00
Peter Krempa
bad50b7501 qemu: migration: Unlock vm on failed ACL check in protocol v2 APIs
Avoid leaving the domain locked on a failed ACL check in
qemuDomainMigratePerform() and qemuDomainMigrateFinish2().

Introduced in commit abf75aea24 (Add ACL checks into the QEMU driver).

(cherry picked from commit 2bdcd29c71)
2014-12-22 16:58:56 -07:00
Laine Stump
16d1074306 util: eliminate "use after free" in callers of virNetDevLinkDump
virNetDevLinkDump() gets a message from netlink into "resp", then
calls nlmsg_parse() to fill the table "tb" with pointers into resp. It
then returns tb to its caller, but not before freeing the buffer at
resp. That means that all the callers of virNetDevLinkDump() are
examining memory that has already been freed. This can be verified by
filling the buffer at resp with garbage prior to freeing it (or, I
suppose, just running libvirtd under valgrind) then performing some
operation that calls virNetDevLinkDump().

The upstream commit log incorrectly states that the code has been like
this ever since virNetDevLinkDump() was written. In reality, the
problem was introduced with commit e95de74d, first in libvirt-1.0.5,
which was attempting to eliminate a typecast that caused compiler
warnings. It has only been pure luck (or maybe a lack of heavy load,
and/or maybe an allocation algorithm in malloc() that delays re-use of
just-freed memory) that has kept this from causing errors, for example
when configuring a PCI passthrough or macvtap passthrough network
interface.

The solution taken in this patch is the simplest - just return resp to
the caller along with tb, then have the caller free it after they are
finished using the data (pointers) in tb. I alternately could have
made a cleaner interface by creating a new struct that put tb and resp
together along with a vir*Free() function for it, but this function is
only used in a couple places, and I'm not sure there will be
additional new uses of virNetDevLinkDump(), so the value of adding a
new type, extra APIs, etc. is dubious.

(cherry picked from commit f9f9699f40)
2014-11-12 14:27:09 -05:00
Eric Blake
59fff7ff98 CVE-2014-7823: dumpxml: security hole with migratable flag
Commit 28f8dfd (v1.0.0) introduced a security hole: in at least
the qemu implementation of virDomainGetXMLDesc, the use of the
flag VIR_DOMAIN_XML_MIGRATABLE (which is usable from a read-only
connection) triggers the implicit use of VIR_DOMAIN_XML_SECURE
prior to calling qemuDomainFormatXML.  However, the use of
VIR_DOMAIN_XML_SECURE is supposed to be restricted to read-write
clients only.  This patch treats the migratable flag as requiring
the same permissions, rather than analyzing what might break if
migratable xml no longer includes secret information.

Fortunately, the information leak is low-risk: all that is gated
by the VIR_DOMAIN_XML_SECURE flag is the VNC connection password;
but VNC passwords are already weak (FIPS forbids their use, and
on a non-FIPS machine, anyone stupid enough to trust a max-8-byte
password sent in plaintext over the network deserves what they
get).  SPICE offers better security than VNC, and all other
secrets are properly protected by use of virSecret associations
rather than direct output in domain XML.

* src/remote/remote_protocol.x (REMOTE_PROC_DOMAIN_GET_XML_DESC):
Tighten rules on use of migratable flag.
* src/libvirt-domain.c (virDomainGetXMLDesc): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
(cherry picked from commit b1674ad5a9)

Conflicts:
	src/libvirt-domain.c - file split from older src/libvirt.c
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-11-07 09:18:19 +01:00
Pavel Hrdina
7dcab231de domain_conf: fix domain deadlock
If you use public api virConnectListAllDomains() with second parameter
set to NULL to get only the number of domains you will lock out all
other operations with domains.

Introduced by commit 2c680804.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
(cherry picked from commit fc22b2e748)
2014-10-01 11:08:43 -06:00
Peter Krempa
4e701c06c5 CVE-2014-3633: qemu: blkiotune: Use correct definition when looking up disk
Live definition was used to look up the disk index while persistent one
was indexed leading to a crash in qemuDomainGetBlockIoTune. Use the
correct def and report a nice error.

Unfortunately it's accessible via read-only connection, though it can
only crash libvirtd in the cases where the guest is hot-plugging disks
without reflecting those changes to the persistent definition.  So
avoiding hotplug, or doing hotplug where persistent is always modified
alongside live definition, will avoid the out-of-bounds access.

Introduced in: eca96694a7 (v0.9.8)
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1140724
Reported-by: Luyao Huang <lhuang@redhat.com>
Signed-off-by: Peter Krempa <pkrempa@redhat.com>

(cherry picked from commit 3e745e8f77)
2014-09-17 16:01:24 -06:00
Eric Blake
87eac02988 build: package .pc files for mingw64
Commit 65d8c92a fixed the mingw spec file for 32-bit builds,
but forgot to make the adjustment for 64-bit builds:

Checking for unpackaged file(s): /usr/lib/rpm/check-files /home/eblake/rpmbuild/BUILDROOT/mingw-libvirt-1.2.7-1.fc20.eblake1404944503.x86_64
error: Installed (but unpackaged) file(s) found:
   /usr/x86_64-w64-mingw32/sys-root/mingw/lib/pkgconfig/libvirt-lxc.pc
   /usr/x86_64-w64-mingw32/sys-root/mingw/lib/pkgconfig/libvirt-qemu.pc

* mingw-libvirt.spec.in (%files): List missing .pc files.

Signed-off-by: Eric Blake <eblake@redhat.com>
(cherry picked from commit ddf6b139cf)
2014-07-09 16:55:28 -06:00
19 changed files with 133 additions and 58 deletions

View File

@@ -24,6 +24,13 @@ AC_DEFUN([LIBVIRT_CHECK_UDEV],[
if test "$with_udev" = "yes" && test "$with_pciaccess" != "yes" ; then
AC_MSG_ERROR([You must install the pciaccess module to build with udev])
fi
if test "$with_udev" = "yes" ; then
PKG_CHECK_EXISTS([libudev >= 218], [with_udev_logging=no], [with_udev_logging=yes])
if test "$with_udev_logging" = "yes" ; then
AC_DEFINE_UNQUOTED([HAVE_UDEV_LOGGING], 1, [whether libudev logging can be used])
fi
fi
])
AC_DEFUN([LIBVIRT_RESULT_UDEV],[

View File

@@ -257,6 +257,8 @@ rm -rf $RPM_BUILD_ROOT%{mingw64_libexecdir}/libvirt-guests.sh
%{mingw64_libdir}/libvirt.dll.a
%{mingw64_libdir}/pkgconfig/libvirt.pc
%{mingw64_libdir}/pkgconfig/libvirt-qemu.pc
%{mingw64_libdir}/pkgconfig/libvirt-lxc.pc
%{mingw64_libdir}/libvirt-lxc.dll.a
%{mingw64_libdir}/libvirt-qemu.dll.a

View File

@@ -19407,7 +19407,7 @@ virDomainListPopulate(void *payload,
/* just count the machines */
if (!data->domains) {
data->ndomains++;
return;
goto cleanup;
}
if (!(dom = virGetDomain(data->conn, vm->def->name, vm->def->uuid))) {

View File

@@ -4348,7 +4348,8 @@ virDomainGetXMLDesc(virDomainPtr domain, unsigned int flags)
virCheckDomainReturn(domain, NULL);
conn = domain->conn;
if ((conn->flags & VIR_CONNECT_RO) && (flags & VIR_DOMAIN_XML_SECURE)) {
if ((conn->flags & VIR_CONNECT_RO) &&
(flags & (VIR_DOMAIN_XML_SECURE | VIR_DOMAIN_XML_MIGRATABLE))) {
virReportError(VIR_ERR_OPERATION_DENIED, "%s",
_("virDomainGetXMLDesc with secure flag"));
goto error;

View File

@@ -351,7 +351,7 @@ static int udevGenerateDeviceName(struct udev_device *device,
return ret;
}
#if HAVE_UDEV_LOGGING
typedef void (*udevLogFunctionPtr)(struct udev *udev,
int priority,
const char *file,
@@ -384,6 +384,7 @@ udevLogFunction(struct udev *udev ATTRIBUTE_UNUSED,
VIR_FREE(format);
}
#endif
static int udevTranslatePCIIds(unsigned int vendor,
@@ -1774,8 +1775,10 @@ static int nodeStateInitialize(bool privileged,
* its return value.
*/
udev = udev_new();
#if HAVE_UDEV_LOGGING
/* cast to get rid of missing-format-attribute warning */
udev_set_log_fn(udev, (udevLogFunctionPtr) udevLogFunction);
#endif
priv->udev_monitor = udev_monitor_new_from_netlink(udev, "udev");
if (priv->udev_monitor == NULL) {

View File

@@ -5612,7 +5612,7 @@ qemuDomainSaveImageGetXMLDesc(virConnectPtr conn, const char *path,
if (fd < 0)
goto cleanup;
if (virDomainSaveImageGetXMLDescEnsureACL(conn, def) < 0)
if (virDomainSaveImageGetXMLDescEnsureACL(conn, def, flags) < 0)
goto cleanup;
ret = qemuDomainDefFormatXML(driver, def, flags);
@@ -10743,8 +10743,10 @@ qemuDomainMigratePerform(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
if (virDomainMigratePerformEnsureACL(dom->conn, vm->def) < 0)
if (virDomainMigratePerformEnsureACL(dom->conn, vm->def) < 0) {
virObjectUnlock(vm);
goto cleanup;
}
if (flags & VIR_MIGRATE_PEER2PEER) {
dconnuri = uri;
@@ -10791,8 +10793,10 @@ qemuDomainMigrateFinish2(virConnectPtr dconn,
goto cleanup;
}
if (virDomainMigrateFinish2EnsureACL(dconn, vm->def) < 0)
if (virDomainMigrateFinish2EnsureACL(dconn, vm->def) < 0) {
virObjectUnlock(vm);
goto cleanup;
}
/* Do not use cookies in v2 protocol, since the cookie
* length was not sufficiently large, causing failures
@@ -13523,8 +13527,8 @@ qemuDomainSnapshotCreateXML(virDomainPtr domain,
}
if (redefine) {
if (!virDomainSnapshotRedefinePrep(domain, vm, &def, &snap,
&update_current, flags) < 0)
if (virDomainSnapshotRedefinePrep(domain, vm, &def, &snap,
&update_current, flags) < 0)
goto cleanup;
} else {
/* Easiest way to clone inactive portion of vm->def is via
@@ -13950,7 +13954,7 @@ static char *qemuDomainSnapshotGetXMLDesc(virDomainSnapshotPtr snapshot,
if (!(vm = qemuDomObjFromSnapshot(snapshot)))
goto cleanup;
if (virDomainSnapshotGetXMLDescEnsureACL(snapshot->domain->conn, vm->def) < 0)
if (virDomainSnapshotGetXMLDescEnsureACL(snapshot->domain->conn, vm->def, flags) < 0)
goto cleanup;
if (!(snap = qemuSnapObjFromSnapshot(vm, snapshot)))
@@ -15966,9 +15970,13 @@ qemuDomainGetBlockIoTune(virDomainPtr dom,
}
if (flags & VIR_DOMAIN_AFFECT_CONFIG) {
int idx = virDomainDiskIndexByName(vm->def, disk, true);
if (idx < 0)
int idx = virDomainDiskIndexByName(persistentDef, disk, true);
if (idx < 0) {
virReportError(VIR_ERR_INVALID_ARG,
_("disk '%s' was not found in the domain config"),
disk);
goto endjob;
}
reply = persistentDef->disks[idx]->blkdeviotune;
}

View File

@@ -3502,6 +3502,7 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
time_t now = time(NULL);
char expire_time [64];
const char *connected = NULL;
const char *password;
int ret = -1;
virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
@@ -3509,15 +3510,13 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
ret = 0;
goto cleanup;
}
password = auth->passwd ? auth->passwd : defaultPasswd;
if (auth->connected)
connected = virDomainGraphicsAuthConnectedTypeToString(auth->connected);
qemuDomainObjEnterMonitor(driver, vm);
ret = qemuMonitorSetPassword(priv->mon,
type,
auth->passwd ? auth->passwd : defaultPasswd,
connected);
ret = qemuMonitorSetPassword(priv->mon, type, password, connected);
if (ret == -2) {
if (type != VIR_DOMAIN_GRAPHICS_TYPE_VNC) {
@@ -3525,14 +3524,15 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
_("Graphics password only supported for VNC"));
ret = -1;
} else {
ret = qemuMonitorSetVNCPassword(priv->mon,
auth->passwd ? auth->passwd : defaultPasswd);
ret = qemuMonitorSetVNCPassword(priv->mon, password);
}
}
if (ret != 0)
goto end_job;
if (auth->expires) {
if (password[0] == '\0') {
snprintf(expire_time, sizeof(expire_time), "now");
} else if (auth->expires) {
time_t lifetime = auth->validTo - now;
if (lifetime <= 0)
snprintf(expire_time, sizeof(expire_time), "now");

View File

@@ -518,10 +518,6 @@ remoteClientCloseFunc(virNetClientPtr client ATTRIBUTE_UNUSED,
cbdata->freeCallback = NULL;
}
virObjectUnlock(cbdata);
/* free the connection reference that comes along with the callback
* registration */
virObjectUnref(cbdata->conn);
}
/* helper macro to ease extraction of arguments from the URI */

View File

@@ -3189,6 +3189,7 @@ enum remote_procedure {
* @generate: both
* @acl: domain:read
* @acl: domain:read_secure:VIR_DOMAIN_XML_SECURE
* @acl: domain:read_secure:VIR_DOMAIN_XML_MIGRATABLE
*/
REMOTE_PROC_DOMAIN_GET_XML_DESC = 14,
@@ -4381,6 +4382,7 @@ enum remote_procedure {
* @generate: both
* @priority: high
* @acl: domain:read
* @acl: domain:read_secure:VIR_DOMAIN_XML_SECURE
*/
REMOTE_PROC_DOMAIN_SNAPSHOT_GET_XML_DESC = 186,
@@ -4711,6 +4713,7 @@ enum remote_procedure {
* @generate: both
* @priority: high
* @acl: domain:read
* @acl: domain:read_secure:VIR_DOMAIN_XML_SECURE
*/
REMOTE_PROC_DOMAIN_SAVE_IMAGE_GET_XML_DESC = 235,

View File

@@ -1,7 +1,7 @@
/*
* storage_backend_fs.c: storage backend for FS and directory handling
*
* Copyright (C) 2007-2014 Red Hat, Inc.
* Copyright (C) 2007-2015 Red Hat, Inc.
* Copyright (C) 2007-2008 Daniel P. Berrange
*
* This library is free software; you can redistribute it and/or
@@ -996,6 +996,14 @@ virStorageBackendFileSystemVolCreate(virConnectPtr conn ATTRIBUTE_UNUSED,
vol->type = VIR_STORAGE_VOL_FILE;
/* Volumes within a directory pools are not recursive; do not
* allow escape to ../ or a subdir */
if (strchr(vol->name, '/')) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("volume name '%s' cannot contain '/'"), vol->name);
return -1;
}
VIR_FREE(vol->target.path);
if (virAsprintf(&vol->target.path, "%s/%s",
pool->def->target.path,

View File

@@ -1354,23 +1354,25 @@ static struct nla_policy ifla_vf_policy[IFLA_VF_MAX+1] = {
/**
* virNetDevLinkDump:
*
* @ifname: The name of the interface; only use if ifindex < 0
* @ifindex: The interface index; may be < 0 if ifname is given
* @nlattr: pointer to a pointer of netlink attributes that will contain
* the results
* @ifname: The name of the interface; only use if ifindex <= 0
* @ifindex: The interface index; may be <= 0 if ifname is given
* @data: Gets a pointer to the raw data from netlink.
MUST BE FREED BY CALLER!
* @nlattr: Pointer to a pointer of netlink attributes that will contain
* the results
* @src_pid: pid used for nl_pid of the local end of the netlink message
* (0 == "use getpid()")
* @dst_pid: pid of destination nl_pid if the kernel
* is not the target of the netlink message but it is to be
* sent to another process (0 if sending to the kernel)
*
* Get information about an interface given its name or index.
* Get information from netlink about an interface given its name or index.
*
* Returns 0 on success, -1 on fatal error.
*/
int
virNetDevLinkDump(const char *ifname, int ifindex,
struct nlattr **tb,
void **nlData, struct nlattr **tb,
uint32_t src_pid, uint32_t dst_pid)
{
int rc = -1;
@@ -1452,7 +1454,9 @@ virNetDevLinkDump(const char *ifname, int ifindex,
rc = 0;
cleanup:
nlmsg_free(nl_msg);
VIR_FREE(resp);
if (rc < 0)
VIR_FREE(resp);
*nlData = resp;
return rc;
malformed_resp:
@@ -1648,15 +1652,18 @@ virNetDevGetVfConfig(const char *ifname, int vf, virMacAddrPtr mac,
int *vlanid)
{
int rc = -1;
void *nlData = NULL;
struct nlattr *tb[IFLA_MAX + 1] = {NULL, };
int ifindex = -1;
rc = virNetDevLinkDump(ifname, ifindex, tb, 0, 0);
rc = virNetDevLinkDump(ifname, ifindex, &nlData, tb, 0, 0);
if (rc < 0)
return rc;
goto cleanup;
rc = virNetDevParseVfConfig(tb, vf, mac, vlanid);
cleanup:
VIR_FREE(nlData);
return rc;
}
@@ -1799,6 +1806,7 @@ virNetDevRestoreNetConfig(const char *linkdev, int vf, const char *stateDir)
int
virNetDevLinkDump(const char *ifname ATTRIBUTE_UNUSED,
int ifindex ATTRIBUTE_UNUSED,
void **nlData ATTRIBUTE_UNUSED,
struct nlattr **tb ATTRIBUTE_UNUSED,
uint32_t src_pid ATTRIBUTE_UNUSED,
uint32_t dst_pid ATTRIBUTE_UNUSED)

View File

@@ -130,7 +130,7 @@ int virNetDevGetVirtualFunctions(const char *pfname,
ATTRIBUTE_NONNULL(4) ATTRIBUTE_RETURN_CHECK;
int virNetDevLinkDump(const char *ifname, int ifindex,
struct nlattr **tb,
void **nlData, struct nlattr **tb,
uint32_t src_pid, uint32_t dst_pid)
ATTRIBUTE_RETURN_CHECK;

View File

@@ -787,7 +787,8 @@ virNetDevVPortProfileGetNthParent(const char *ifname, int ifindex, unsigned int
int *parent_ifindex, char *parent_ifname,
unsigned int *nth)
{
int rc;
int rc = -1;
void *nlData = NULL;
struct nlattr *tb[IFLA_MAX + 1] = { NULL, };
bool end = false;
size_t i = 0;
@@ -798,7 +799,8 @@ virNetDevVPortProfileGetNthParent(const char *ifname, int ifindex, unsigned int
return -1;
while (!end && i <= nthParent) {
rc = virNetDevLinkDump(ifname, ifindex, tb, 0, 0);
VIR_FREE(nlData);
rc = virNetDevLinkDump(ifname, ifindex, &nlData, tb, 0, 0);
if (rc < 0)
break;
@@ -807,7 +809,8 @@ virNetDevVPortProfileGetNthParent(const char *ifname, int ifindex, unsigned int
IFNAMSIZ)) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("buffer for root interface name is too small"));
return -1;
rc = -1;
goto cleanup;
}
*parent_ifindex = ifindex;
}
@@ -823,6 +826,8 @@ virNetDevVPortProfileGetNthParent(const char *ifname, int ifindex, unsigned int
*nth = i - 1;
cleanup:
VIR_FREE(nlData);
return rc;
}
@@ -844,6 +849,7 @@ virNetDevVPortProfileOpCommon(const char *ifname, int ifindex,
int rc;
int src_pid = 0;
uint32_t dst_pid = 0;
void *nlData = NULL;
struct nlattr *tb[IFLA_MAX + 1] = { NULL, };
int repeats = STATUS_POLL_TIMEOUT_USEC / STATUS_POLL_INTERVL_USEC;
uint16_t status = 0;
@@ -876,7 +882,8 @@ virNetDevVPortProfileOpCommon(const char *ifname, int ifindex,
}
while (--repeats >= 0) {
rc = virNetDevLinkDump(NULL, ifindex, tb, src_pid, dst_pid);
VIR_FREE(nlData);
rc = virNetDevLinkDump(NULL, ifindex, &nlData, tb, src_pid, dst_pid);
if (rc < 0)
goto cleanup;
@@ -908,7 +915,7 @@ virNetDevVPortProfileOpCommon(const char *ifname, int ifindex,
}
cleanup:
VIR_FREE(nlData);
return rc;
}

View File

@@ -258,6 +258,13 @@ virURIFormat(virURIPtr uri)
xmluri.server = tmpserver;
}
/*
* This helps libxml2 deal with the difference
* between uri:/absolute/path and uri:///absolute/path.
*/
if (!xmluri.server && !xmluri.port)
xmluri.port = -1;
ret = (char *)xmlSaveUri(&xmluri);
if (!ret) {
virReportOOMError();

View File

@@ -3341,9 +3341,10 @@ virDomainXMLDevID(virConnectPtr conn,
xenUnifiedPrivatePtr priv = conn->privateData;
char *xref;
char *tmp;
const char *driver = virDomainDiskGetDriver(dev->data.disk);
if (dev->type == VIR_DOMAIN_DEVICE_DISK) {
const char *driver = virDomainDiskGetDriver(dev->data.disk);
if (STREQ_NULLABLE(driver, "tap") || STREQ_NULLABLE(driver, "tap2"))
strcpy(class, driver);
else

View File

@@ -18,7 +18,7 @@
#
# Author: Yuto KAWAMURA(kawamuray)
INCLUDES = -I$(top_srcdir)
INCLUDES = -I$(top_srcdir) -I$(top_srcdir)/src -I$(top_srcdir)/gnulib/lib
ws_plugin_LTLIBRARIES = libvirt.la
libvirt_la_SOURCES = packet-libvirt.h packet-libvirt.c plugin.c

View File

@@ -34,6 +34,17 @@
#endif
#include <rpc/xdr.h>
#include "packet-libvirt.h"
#include "internal.h"
#define WIRESHARK_VERSION \
((VERSION_MAJOR * 1000 * 1000) + \
(VERSION_MINOR * 1000) + \
(VERSION_MICRO))
/* Wireshark 1.12 brings API change */
#if WIRESHARK_VERSION < 1012000
# define WIRESHARK_COMPAT
#endif
static int proto_libvirt = -1;
static int hf_libvirt_length = -1;
@@ -306,7 +317,11 @@ dissect_libvirt_payload_xdr_data(tvbuff_t *tvb, proto_tree *tree, gint payload_l
}
payload_tvb = tvb_new_subset(tvb, start, -1, payload_length);
#ifdef WIRESHARK_COMPAT
payload_data = (caddr_t)tvb_memdup(payload_tvb, 0, payload_length);
#else
payload_data = (caddr_t)tvb_memdup(NULL, payload_tvb, 0, payload_length);
#endif
xdrmem_create(&xdrs, payload_data, payload_length, XDR_DECODE);
dissect(payload_tvb, tree, &xdrs, -1);
@@ -349,8 +364,14 @@ dissect_libvirt_payload(tvbuff_t *tvb, proto_tree *tree,
proto_tree_add_item(tree, hf_libvirt_unknown, tvb, VIR_HEADER_LEN, -1, ENC_NA);
}
#ifdef WIRESHARK_COMPAT
static void
dissect_libvirt_message(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
#else
static int
dissect_libvirt_message(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
void *opaque ATTRIBUTE_UNUSED)
#endif
{
goffset offset;
guint32 prog, proc, type, serial, status;
@@ -410,10 +431,14 @@ dissect_libvirt_message(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
/* Dissect payload remaining */
dissect_libvirt_payload(tvb, libvirt_tree, prog, proc, type, status);
}
#ifndef WIRESHARK_COMPAT
return 0;
#endif
}
static guint32
get_message_len(packet_info *pinfo __attribute__((unused)), tvbuff_t *tvb, int offset)
get_message_len(packet_info *pinfo ATTRIBUTE_UNUSED, tvbuff_t *tvb, int offset)
{
return tvb_get_ntohl(tvb, offset);
}
@@ -423,7 +448,13 @@ dissect_libvirt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
/* Another magic const - 4; simply, how much bytes
* is needed to tell the length of libvirt packet. */
tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 4, get_message_len, dissect_libvirt_message);
#ifdef WIRESHARK_COMPAT
tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 4,
get_message_len, dissect_libvirt_message);
#else
tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 4,
get_message_len, dissect_libvirt_message, NULL);
#endif
}
void

View File

@@ -21,6 +21,8 @@
#ifndef _PACKET_LIBVIRT_H_
# define _PACKET_LIBVIRT_H_
# include "libvirt/libvirt.h"
# ifndef LIBVIRT_PORT
# define LIBVIRT_PORT 16509
# endif
@@ -84,22 +86,6 @@ static const value_string status_strings[] = {
{ -1, NULL }
};
/* TODO: These symbols will automatically included in generated headers in the feature */
# define VIR_SECURITY_MODEL_BUFLEN (256 + 1)
# define VIR_SECURITY_LABEL_BUFLEN (4096 + 1)
# define VIR_SECURITY_DOI_BUFLEN (256 + 1)
# define VIR_UUID_BUFLEN (16)
enum {
VIR_TYPED_PARAM_INT = 1, /* integer case */
VIR_TYPED_PARAM_UINT = 2, /* unsigned integer case */
VIR_TYPED_PARAM_LLONG = 3, /* long long case */
VIR_TYPED_PARAM_ULLONG = 4, /* unsigned long long case */
VIR_TYPED_PARAM_DOUBLE = 5, /* double case */
VIR_TYPED_PARAM_BOOLEAN = 6, /* boolean(character) case */
VIR_TYPED_PARAM_STRING = 7, /* string case */
};
/* / */
# define VIR_ERROR_MESSAGE_DISSECTOR dissect_xdr_remote_error
static gboolean dissect_xdr_int(tvbuff_t *tvb, proto_tree *tree, XDR *xdrs, int hf);

View File

@@ -55,6 +55,13 @@ then
#define WS_BUILD_DLL
#include "ws_symbol_export.h"
/* In 1.12 wireshark WS_DLL_PUBLIC_NOEXTERN was substitued with
* WS_DLL_PUBLIC_DEF. See wireshark's commit
* 5d87a8c46171f572568db5a47c093423482e342f for more info. */
#ifndef WS_DLL_PUBLIC_NOEXTERN
# define WS_DLL_PUBLIC_NOEXTERN WS_DLL_PUBLIC_DEF
#endif
#ifndef ENABLE_STATIC
WS_DLL_PUBLIC_NOEXTERN const gchar version[] = VERSION;