[libvirt] [PATCH] virsh: avoid null pointer dereference
by Eric Blake
Clang detected that vol-download will call unlink(NULL) if there
is a parse error during option parsing. Also, mingw doesn't like
unlinking an open file.
* tools/virsh.c (cmdVolDownload): Only unlink file if created.
---
tools/virsh.c | 9 +++++----
1 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/tools/virsh.c b/tools/virsh.c
index 3d4ed2f..5d8b025 100644
--- a/tools/virsh.c
+++ b/tools/virsh.c
@@ -7259,10 +7259,10 @@ cmdVolDownload (vshControl *ctl, const vshCmd *cmd)
virStreamPtr st = NULL;
const char *name = NULL;
unsigned long long offset = 0, length = 0;
- bool created = true;
+ bool created = false;
if (!vshConnectionUsability(ctl, ctl->conn))
- goto cleanup;
+ return false;
if (vshCommandOptULongLong(cmd, "offset", &offset) < 0) {
vshError(ctl, _("Unable to parse integer"));
@@ -7283,12 +7283,13 @@ cmdVolDownload (vshControl *ctl, const vshCmd *cmd)
}
if ((fd = open(file, O_WRONLY|O_CREAT|O_EXCL, 0666)) < 0) {
- created = false;
if (errno != EEXIST ||
(fd = open(file, O_WRONLY|O_TRUNC, 0666)) < 0) {
vshError(ctl, _("cannot create %s"), file);
goto cleanup;
}
+ } else {
+ created = true;
}
st = virStreamNew(ctl->conn, 0);
@@ -7316,13 +7317,13 @@ cmdVolDownload (vshControl *ctl, const vshCmd *cmd)
ret = true;
cleanup:
+ VIR_FORCE_CLOSE(fd);
if (ret == false && created)
unlink(file);
if (vol)
virStorageVolFree(vol);
if (st)
virStreamFree(st);
- VIR_FORCE_CLOSE(fd);
return ret;
}
--
1.7.4.4
13 years, 7 months
[libvirt] [PATCH] pci: fix null pointer dereference
by Eric Blake
Clang detected a null-pointer dereference regression, introduced
in commit 4e8969eb. Without this patch, a device with
unbind_from_stub set to false would eventually try to call
virFileExists on uncomputed drvdir.
* src/util/pci.c (pciUnbindDeviceFromStub): Ensure drvdir is set
before use.
---
src/util/pci.c | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/util/pci.c b/src/util/pci.c
index 945f32a..d7f74f9 100644
--- a/src/util/pci.c
+++ b/src/util/pci.c
@@ -879,15 +879,16 @@ pciUnbindDeviceFromStub(pciDevice *dev, const char *driver)
char *drvdir = NULL;
char *path = NULL;
+ if (pciDriverDir(&drvdir, driver) < 0)
+ goto cleanup;
+
if (!dev->unbind_from_stub)
goto remove_slot;
/* If the device is bound to stub, unbind it.
*/
- if (pciDriverDir(&drvdir, driver) < 0 ||
- pciDeviceFile(&path, dev->name, "driver") < 0) {
+ if (pciDeviceFile(&path, dev->name, "driver") < 0)
goto cleanup;
- }
if (virFileExists(drvdir) && virFileLinkPointsTo(path, drvdir)) {
if (pciDriverFile(&path, driver, "unbind") < 0) {
--
1.7.4.4
13 years, 7 months
[libvirt] [PATCH] qemu: avoid null pointer dereference
by Eric Blake
This code has had problems historically. As originally
written, in commit 6bcf2501 (Jun 08), it could call unlink
on a random string, nuking an unrelated file.
Then commit 182a80b9 (Sep 09), the code was rewritten to
allocate tmp, with both a use-after-free bug and a chance to
call unlink(NULL).
Commit e206946 (Mar 11) fixed the use-after-free, but not the
NULL dereference. Thanks to clang for catching this!
* src/qemu/qemu_driver.c (qemudDomainMemoryPeek): Don't call
unlink on NULL.
---
src/qemu/qemu_driver.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 16d869d..3ee4720 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -5355,7 +5355,8 @@ endjob:
cleanup:
VIR_FORCE_CLOSE(fd);
- unlink (tmp);
+ if (tmp)
+ unlink (tmp);
VIR_FREE(tmp);
if (vm)
virDomainObjUnlock(vm);
--
1.7.4.4
13 years, 7 months
[libvirt] [PATCH] tests: avoid null pointer dereference
by Eric Blake
Unlikely to hit in real life, but clang noticed it.
* tests/commandtest.c (test4): Avoid unlink(NULL) on OOM.
---
Much like a similar patch I sent for qemu_driver, but this time
the unlink(NULL) is much harder to trigger.
tests/commandtest.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/tests/commandtest.c b/tests/commandtest.c
index fa0061c..e8d8858 100644
--- a/tests/commandtest.c
+++ b/tests/commandtest.c
@@ -240,7 +240,8 @@ static int test4(const void *unused ATTRIBUTE_UNUSED)
cleanup:
virCommandFree(cmd);
- unlink(pidfile);
+ if (pidfile)
+ unlink(pidfile);
VIR_FREE(pidfile);
return ret;
}
--
1.7.4.4
13 years, 7 months
[libvirt] [PATCH] Fix security driver handling of FIFOs with QEMU
by Daniel P. Berrange
When setting up a FIFO for QEMU, it allows either a pair
of fifos used unidirectionally, or a single fifo used
bidirectionally. Look for the bidirectional fifo first
when labelling since that is more useful
* src/security/security_dac.c,
src/security/security_selinux.c: Fix fifo handling
---
src/security/security_dac.c | 19 ++++++++++++-------
src/security/security_selinux.c | 19 ++++++++++++-------
2 files changed, 24 insertions(+), 14 deletions(-)
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index fba2d1d..b8642d2 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -406,14 +406,19 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
break;
case VIR_DOMAIN_CHR_TYPE_PIPE:
- if ((virAsprintf(&in, "%s.in", dev->data.file.path) < 0) ||
- (virAsprintf(&out, "%s.out", dev->data.file.path) < 0)) {
- virReportOOMError();
- goto done;
+ if (virFileExists(dev->data.file.path)) {
+ if (virSecurityDACSetOwnership(dev->data.file.path, priv->user, priv->group) < 0)
+ goto done;
+ } else {
+ if ((virAsprintf(&in, "%s.in", dev->data.file.path) < 0) ||
+ (virAsprintf(&out, "%s.out", dev->data.file.path) < 0)) {
+ virReportOOMError();
+ goto done;
+ }
+ if ((virSecurityDACSetOwnership(in, priv->user, priv->group) < 0) ||
+ (virSecurityDACSetOwnership(out, priv->user, priv->group) < 0))
+ goto done;
}
- if ((virSecurityDACSetOwnership(in, priv->user, priv->group) < 0) ||
- (virSecurityDACSetOwnership(out, priv->user, priv->group) < 0))
- goto done;
ret = 0;
break;
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 216208e..476bbbf 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -733,14 +733,19 @@ SELinuxSetSecurityChardevLabel(virDomainObjPtr vm,
break;
case VIR_DOMAIN_CHR_TYPE_PIPE:
- if ((virAsprintf(&in, "%s.in", dev->data.file.path) < 0) ||
- (virAsprintf(&out, "%s.out", dev->data.file.path) < 0)) {
- virReportOOMError();
- goto done;
+ if (virFileExists(dev->data.file.path)) {
+ if (SELinuxSetFilecon(dev->data.file.path, secdef->imagelabel) < 0)
+ goto done;
+ } else {
+ if ((virAsprintf(&in, "%s.in", dev->data.file.path) < 0) ||
+ (virAsprintf(&out, "%s.out", dev->data.file.path) < 0)) {
+ virReportOOMError();
+ goto done;
+ }
+ if ((SELinuxSetFilecon(in, secdef->imagelabel) < 0) ||
+ (SELinuxSetFilecon(out, secdef->imagelabel) < 0))
+ goto done;
}
- if ((SELinuxSetFilecon(in, secdef->imagelabel) < 0) ||
- (SELinuxSetFilecon(out, secdef->imagelabel) < 0))
- goto done;
ret = 0;
break;
--
1.7.4.4
13 years, 7 months
[libvirt] [PATCH] tests: Update valgrind suppressions file
by Matthias Bolte
---
tests/.valgrind.supp | 58 +++++++++++++++++++++++++++++++++++++++++++------
1 files changed, 51 insertions(+), 7 deletions(-)
diff --git a/tests/.valgrind.supp b/tests/.valgrind.supp
index 4af10b1..68cfa0c 100644
--- a/tests/.valgrind.supp
+++ b/tests/.valgrind.supp
@@ -258,14 +258,58 @@
Memcheck:Param
capget(data)
fun:capget
+ fun:*
fun:capng_clear
+ fun:virClearCapabilities
fun:__virExec
fun:virExecWithHook
- fun:virExec
- fun:qemudProbeMachineTypes
- fun:qemudCapsInitGuest
- fun:qemudCapsInit
- fun:qemudStartup
- fun:virStateInitialize
- fun:main
+}
+{
+ libnlMemoryLeak1
+ Memcheck:Leak
+ fun:malloc
+ fun:strdup
+ obj:/usr/lib/libnl.so.1.1
+}
+{
+ libnlMemoryLeak2
+ Memcheck:Leak
+ fun:calloc
+ obj:/usr/lib/libnl.so.1.1
+}
+{
+ libselinuxMemoryLeak1
+ Memcheck:Leak
+ fun:malloc
+ fun:getdelim
+ obj:/lib/libselinux.so.1
+}
+{
+ dashMemoryLeak1
+ Memcheck:Leak
+ fun:malloc
+ obj:/bin/dash
+}
+{
+ dashMemoryLeak2
+ Memcheck:Leak
+ fun:malloc
+ fun:strdup
+ obj:/bin/dash
+}
+{
+ vboxMemoryLeak1
+ Memcheck:Leak
+ ...
+ fun:VBoxNsxpNS_InitXPCOM2
+}
+{
+ libnetcfMemoryLeak1
+ fun:malloc
+ fun:xmlStrndup
+ fun:xmlHashUpdateEntry3
+ fun:*
+ fun:xsltRegisterAllExtras
+ fun:drv_init
+ fun:interfaceOpenInterface
}
--
1.7.0.4
13 years, 7 months
[libvirt] [PATCH] spice: support streaming-video parameter
by Alon Levy
This adds a streaming-video=filter|all|off attribute. It is used to change
the behavior of video stream detection in spice, the default is filter (the
default for libvirt is not to specify it - the actual default is defined in
libspice-server.so).
Usage:
<graphics type='spice' autoport='yes'>
<streaming mode='off'/>
</graphics>
Tested with the above and with tests/qemuxml2argvtest.
Signed-off-by: Alon Levy <alevy(a)redhat.com>
bla
---
docs/schemas/domain.rng | 12 ++++++++
src/conf/domain_conf.c | 30 ++++++++++++++++++++
src/conf/domain_conf.h | 11 +++++++
src/libvirt_private.syms | 2 +
src/qemu/qemu_command.c | 3 ++
.../qemuxml2argv-graphics-spice.args | 2 +-
.../qemuxml2argv-graphics-spice.xml | 1 +
7 files changed, 60 insertions(+), 1 deletions(-)
diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng
index 7163c6e..9083ff9 100644
--- a/docs/schemas/domain.rng
+++ b/docs/schemas/domain.rng
@@ -1334,6 +1334,18 @@
<empty/>
</element>
</optional>
+ <optional>
+ <element name="streaming">
+ <attribute name="mode">
+ <choice>
+ <value>filter</value>
+ <value>all</value>
+ <value>off</value>
+ </choice>
+ </attribute>
+ <empty/>
+ </element>
+ </optional>
</interleave>
</group>
<group>
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 2a681d9..eb9f587 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -352,6 +352,13 @@ VIR_ENUM_IMPL(virDomainGraphicsSpicePlaybackCompression,
"on",
"off");
+VIR_ENUM_IMPL(virDomainGraphicsSpiceStreamingMode,
+ VIR_DOMAIN_GRAPHICS_SPICE_STREAMING_MODE_LAST,
+ "default",
+ "filter",
+ "all",
+ "off");
+
VIR_ENUM_IMPL(virDomainHostdevMode, VIR_DOMAIN_HOSTDEV_MODE_LAST,
"subsystem",
"capabilities")
@@ -4082,6 +4089,26 @@ virDomainGraphicsDefParseXML(xmlNodePtr node, int flags) {
VIR_FREE(compression);
def->data.spice.playback = compressionVal;
+ } else if (xmlStrEqual(cur->name, BAD_CAST "streaming")) {
+ const char *mode = virXMLPropString(cur, "mode");
+ int modeVal;
+
+ if (!mode) {
+ virDomainReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("spice streaming missing mode"));
+ goto error;
+ }
+ if ((modeVal =
+ virDomainGraphicsSpiceStreamingModeTypeFromString(mode)) <= 0) {
+ virDomainReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("unknown spice streaming mode"));
+ VIR_FREE(mode);
+ goto error;
+
+ }
+ VIR_FREE(mode);
+
+ def->data.spice.streaming = modeVal;
}
}
cur = cur->next;
@@ -7979,6 +8006,9 @@ virDomainGraphicsDefFormat(virBufferPtr buf,
if (def->data.spice.playback)
virBufferVSprintf(buf, " <playback compression='%s'/>\n",
virDomainGraphicsSpicePlaybackCompressionTypeToString(def->data.spice.playback));
+ if (def->data.spice.streaming)
+ virBufferVSprintf(buf, " <streaming mode='%s'/>\n",
+ virDomainGraphicsSpiceStreamingModeTypeToString(def->data.spice.streaming));
}
if (children) {
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 1dadf98..7a1f29a 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -696,6 +696,15 @@ enum virDomainGraphicsSpicePlaybackCompression {
VIR_DOMAIN_GRAPHICS_SPICE_PLAYBACK_COMPRESSION_LAST
};
+enum virDomainGraphicsSpiceStreamingMode {
+ VIR_DOMAIN_GRAPHICS_SPICE_STREAMING_MODE_DEFAULT = 0,
+ VIR_DOMAIN_GRAPHICS_SPICE_STREAMING_MODE_FILTER,
+ VIR_DOMAIN_GRAPHICS_SPICE_STREAMING_MODE_ALL,
+ VIR_DOMAIN_GRAPHICS_SPICE_STREAMING_MODE_OFF,
+
+ VIR_DOMAIN_GRAPHICS_SPICE_STREAMING_MODE_LAST
+};
+
typedef struct _virDomainGraphicsDef virDomainGraphicsDef;
typedef virDomainGraphicsDef *virDomainGraphicsDefPtr;
struct _virDomainGraphicsDef {
@@ -737,6 +746,7 @@ struct _virDomainGraphicsDef {
int jpeg;
int zlib;
int playback;
+ int streaming;
} spice;
} data;
};
@@ -1476,6 +1486,7 @@ VIR_ENUM_DECL(virDomainGraphicsSpiceImageCompression)
VIR_ENUM_DECL(virDomainGraphicsSpiceJpegCompression)
VIR_ENUM_DECL(virDomainGraphicsSpiceZlibCompression)
VIR_ENUM_DECL(virDomainGraphicsSpicePlaybackCompression)
+VIR_ENUM_DECL(virDomainGraphicsSpiceStreamingMode)
/* from libvirt.h */
VIR_ENUM_DECL(virDomainState)
VIR_ENUM_DECL(virDomainSeclabel)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 1b22be6..2e25202 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -273,6 +273,8 @@ virDomainGraphicsSpicePlaybackCompressionTypeFromString;
virDomainGraphicsSpicePlaybackCompressionTypeToString;
virDomainGraphicsSpiceZlibCompressionTypeFromString;
virDomainGraphicsSpiceZlibCompressionTypeToString;
+virDomainGraphicsSpiceStreamingModeTypeFromString;
+virDomainGraphicsSpiceStreamingModeTypeToString;
virDomainGraphicsTypeFromString;
virDomainGraphicsTypeToString;
virDomainHostdevDefFree;
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 2205ed1..8036f0c 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -4037,6 +4037,9 @@ qemuBuildCommandLine(virConnectPtr conn,
if (def->graphics[0]->data.spice.playback)
virBufferVSprintf(&opt, ",playback-compression=%s",
virDomainGraphicsSpicePlaybackCompressionTypeToString(def->graphics[0]->data.spice.playback));
+ if (def->graphics[0]->data.spice.streaming)
+ virBufferVSprintf(&opt, ",streaming-video=%s",
+ virDomainGraphicsSpiceStreamingModeTypeToString(def->graphics[0]->data.spice.streaming));
virCommandAddArg(cmd, "-spice");
virCommandAddArgBuffer(cmd, &opt);
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.args b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.args
index 70cd35b..084a100 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.args
@@ -4,6 +4,6 @@ unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -hda \
/dev/HostVG/QEMUGuest1 -usb -spice port=5903,tls-port=5904,addr=127.0.0.1,\
x509-dir=/etc/pki/libvirt-spice,tls-channel=main,plaintext-channel=inputs,\
image-compression=auto_glz,jpeg-wan-compression=auto,zlib-glz-wan-compression=auto,\
-playback-compression=on -vga \
+playback-compression=on,streaming-video=filter -vga \
qxl -global qxl.vram_size=18874368 -device qxl,id=video1,vram_size=33554432,bus=pci.0,addr=0x4 \
-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.xml b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.xml
index a29f50d..0d3dd48 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.xml
@@ -28,6 +28,7 @@
<jpeg compression='auto'/>
<zlib compression='auto'/>
<playback compression='on'/>
+ <streaming mode='filter'/>
</graphics>
<video>
<model type='qxl' vram='18432' heads='1'/>
--
1.7.5
13 years, 7 months
[libvirt] [PATCH v2] Fix disability to run on systems with no PCI bus
by Michal Privoznik
The patch which moved libpciaccess initialization to one place caused
regression - we were not able to run on system with no PCI bus, like
s390(x).
---
src/node_device/node_device_udev.c | 9 +++++++++
1 files changed, 9 insertions(+), 0 deletions(-)
diff --git a/src/node_device/node_device_udev.c b/src/node_device/node_device_udev.c
index 2139ef3..fcff252 100644
--- a/src/node_device/node_device_udev.c
+++ b/src/node_device/node_device_udev.c
@@ -1421,8 +1421,12 @@ static int udevDeviceMonitorShutdown(void)
ret = -1;
}
+#if defined __s390__ || defined __s390x_
+ /* Nothing was initialized, nothing needs to be cleaned up */
+#else
/* pci_system_cleanup returns void */
pci_system_cleanup();
+#endif
return ret;
}
@@ -1595,6 +1599,10 @@ static int udevDeviceMonitorStartup(int privileged)
int ret = 0;
int pciret;
+#if defined __s390__ || defined __s390x_
+ /* On x390(x) system there is no PCI bus.
+ * Therefore there is nothing to initialize here. */
+#else
if ((pciret = pci_system_init()) != 0) {
/* Ignore failure as non-root; udev is not as helpful in that
* situation, but a non-privileged user won't benefit much
@@ -1607,6 +1615,7 @@ static int udevDeviceMonitorStartup(int privileged)
goto out;
}
}
+#endif
if (VIR_ALLOC(priv) < 0) {
virReportOOMError();
--
1.7.4.4
13 years, 7 months
[libvirt] [PATCH] fix missing VLAN id for Qbg example
by Gerhard Stenzel
For IEEE 802.1Qbg, it is necessary to use a VLAN interface.
vepa itself does not require a VLAN interface.
Signed-off-by: Gerhard Stenzel <stenzel at de.ibm.com>
===================================================================
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -1440,6 +1440,10 @@
the Virtual Station Interface (VSI) represents the virtual interface
of a virtual machine.
</p>
+ <p>
+ Please note, that IEEE 802.1Qbg requires a non-zero value for the
+ VLAN ID.
+ </p>
<dl>
<dt><code>managerid</code></dt>
<dd>The VSI Manager ID identifies the database containing the VSI type
@@ -1466,7 +1470,7 @@
<interface type='direct'/>
...
<interface type='direct'>
- <source dev='eth0' mode='vepa'/>
+ <source dev='eth0.2' mode='vepa'/>
<virtualport type="802.1Qbg">
<parameters managerid="11" typeid="1193047" typeidversion="2" instanceid="09b11c53-8b5c-4eeb-8f00-d84eaa0aaa4f"/>
</virtualport>
===================================================================
Best regards,
Gerhard Stenzel
-------------------------------------------------------------------------------------
IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Martin Jetter
Geschaeftsfuehrung: Dirk Wittkopp
Sitz der Gesellschaft: Boeblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
13 years, 7 months
[libvirt] [PATCH] tests: avoid compiler warning
by Eric Blake
../../tests/xmconfigtest.c: In function 'testCompareParseXML':
../../tests/xmconfigtest.c:49:19: error: 'conn' may be used uninitialized in this function [-Wuninitialized]
* tests/xmconfigtest.c (testCompareParseXML): Initialize variable.
---
Pushing under the build-breaker rule.
tests/xmconfigtest.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/tests/xmconfigtest.c b/tests/xmconfigtest.c
index 02a8900..6022621 100644
--- a/tests/xmconfigtest.c
+++ b/tests/xmconfigtest.c
@@ -46,7 +46,7 @@ testCompareParseXML(const char *xmcfg, const char *xml, int xendConfigVersion)
char *gotxmcfgData = NULL;
virConfPtr conf = NULL;
int ret = -1;
- virConnectPtr conn;
+ virConnectPtr conn = NULL;
int wrote = 4096;
struct _xenUnifiedPrivate priv;
virDomainDefPtr def = NULL;
--
1.7.4.4
13 years, 7 months