March 2018 - Devel - libvirt List Archives

[libvirt] [PATCH 0/5] Partially successful attempt at Python 3 compatibility
by Andrea Bolognani 14 Mar '18

14 Mar '18

We use Python in out build system: more specifically, we're stuck with Python 2 even though Python 3's been out for a decade and some major Linux distributions have gone Python 3-only recently. This series tries to solve the issue, but falls quite short. Maybe someone who actually knows Python should have tried instead of me? The good news is that, once the first two patches have been merged, anyone will be able to give it a shot by running PYTHON=$(which python3) ./autogen.sh or similar. Let's get the ball rolling! Andrea Bolognani (5): NEWS: Move generation to the docs/ directory docs: Call reformat-news.py with $(PYTHON) esx: Port esx_vi_generator.py to Python 3 hyperv: Port hyperv_wmi_generator.py to Python 3 docs: Port apibuild.py to Python 3 .gitignore | 1 + Makefile.am | 24 +-- docs/Makefile.am | 24 +++ docs/apibuild.py | 379 ++++++++++++++++++------------------- src/esx/esx_vi_generator.py | 30 ++- src/hyperv/hyperv_wmi_generator.py | 17 +- 6 files changed, 233 insertions(+), 242 deletions(-) -- 2.14.3

2 10

[libvirt] [PATCH 0/2] qemu: Remove memory backing files on failed memory hotplug
by Peter Krempa 14 Mar '18

14 Mar '18

see 2/2 Peter Krempa (2): REPRODUCER -- DO NOT PUSH qemu: hotplug: Clean up memory backing files after failed memory hotplug dom.xml | 110 ++++++++++++++++++++++++++++++++++++++++++++++++ mem.xml | 6 +++ src/qemu/qemu_hotplug.c | 7 +++ 3 files changed, 123 insertions(+) create mode 100644 dom.xml create mode 100644 mem.xml -- 2.16.2

3 6

[libvirt] [PATCH] m4: use pkgconfig to detect xenstore
by Olaf Hering 14 Mar '18

14 Mar '18

Since Xen 4.9 a pkgconfig file exists to gather info about building against libxenstore.so. Use it if available. Signed-off-by: Olaf Hering <olaf(a)aepfle.de> --- m4/virt-driver-xen.m4 | 41 +++++++++++++++++++++++++++++------------ 1 file changed, 29 insertions(+), 12 deletions(-) diff --git a/m4/virt-driver-xen.m4 b/m4/virt-driver-xen.m4 index 2a26863ca..52d4f5162 100644 --- a/m4/virt-driver-xen.m4 +++ b/m4/virt-driver-xen.m4 @@ -27,25 +27,42 @@ AC_DEFUN([LIBVIRT_DRIVER_CHECK_XEN], [ old_CFLAGS="$CFLAGS" XEN_LIBS="" XEN_CFLAGS="" + fail=0 dnl search for the Xen store library + dnl Either use the provided path, or make use of pkgconfig + dnl Xen versions prior 4.9 had no pkgconfig file if test "$with_xen" != "no" ; then + xen_path_provided="no" if test "$with_xen" != "yes" && test "$with_xen" != "check" ; then XEN_CFLAGS="-I$with_xen/include" XEN_LIBS="-L$with_xen/lib64 -L$with_xen/lib" + xen_path_provided="yes" + fi + + if test "$xen_path_provided" = "no" ; then + PKG_CHECK_MODULES([XEN], [xenstore], [ + fail=0 + with_xen=yes + ], [ + fail=1 + ]) + fi + dnl manual check if either path was provided or pkgconfig does not exist + if test "$xen_path_provided" = "yes" || test "$fail" = 1 ; then + CFLAGS="$CFLAGS $XEN_CFLAGS" + LIBS="$LIBS $XEN_LIBS" + AC_CHECK_LIB([xenstore], [xs_read], [ + fail=0 + with_xen=yes + XEN_LIBS="$XEN_LIBS -lxenstore" + ],[ + if test "$with_xen" = "yes"; then + fail=1 + fi + with_xen=no + ]) fi - fail=0 - CFLAGS="$CFLAGS $XEN_CFLAGS" - LIBS="$LIBS $XEN_LIBS" - AC_CHECK_LIB([xenstore], [xs_read], [ - with_xen=yes - XEN_LIBS="$XEN_LIBS -lxenstore" - ],[ - if test "$with_xen" = "yes"; then - fail=1 - fi - with_xen=no - ]) fi if test "$with_xen" != "no" ; then

2 2

[libvirt] [PATCH] bugfix: add lock in ClientClose to avoid data race
by xinhua.Cao 14 Mar '18

14 Mar '18

From: l00425170 <liujunjie23(a)huawei.com> When libvirt client registers callback function, remoteDispatchConnectDomainEventCallbackRegisterAny is called, then virInsertElementsN will be called to add new callback for struct daemonClientPrivate *priv. But at the same time, if the corresponding socket is closed (one way is to kill the client process), the close callback remoteClientCloseFunc is called, then remoteFreePrivCallbacks(priv) is called to free priv. So there exists data race to cause libvirtd coredump. More details, in add callback, when memset for ptrptr (that is priv) is done in virExpandN at the process of virInsertElementsN. At this time point, priv can be free to be 0x0 when close client. So when the procedure goes to memcpy in virInsertElementsN, the libvirtd will coredump. And the stack are as follows: Thread 1 (Thread 0x7feadf7fe700 (LWP 8978)): #0 0x00007feb7b77f314 in __memcpy_ssse3_back() from /usr/lib64/libc.so.6 #1 0x00007feb7e769a82 in memcpy (__len=8, __src=0x7feadf7fdb58, __dest=<optimized out>) at /usr/include/bits/string3.h:51 #2 virInsertElementsN (ptrptr=ptrptr@entry=0x558e9c36fae8, size=size@entry=8, at=<optimized out>, at@entry=18446744073709551615, countptr=countptr@entry=0x558e9c36faf0, add=add@entry=1, newelems=newelems@entry=0x7feadf7fdb58, clearOriginal=clearOriginal@entry=true, inPlace=inPlace@entry=false, report=report@entry=true, domcode=domcode@entry=7, filename=filename@entry=0x558e9af16107 "remote.c", funcname=funcname@entry=0x558e9af24600 <__FUNCTION__.48097> "remoteDispatchConnectDomainEventCallbackRegisterAny", linenr=linenr@entry=4424) at util/viralloc.c:454 #3 0x0000558e9aed7001 in remoteDispatchConnectDomainEventCallbackRegisterAny (server=<optimized out>, msg=<optimized out>, ret=0x7feab805e6f0, args=0x7feab806aa40, rerr=0x7feadf7fdc90, client=<optimized out>) at remote.c:4422 #4 remoteDispatchConnectDomainEventCallbackRegisterAnyHelper (server=<optimized out>, client=<optimized out>, msg=<optimized out>, rerr=0x7feadf7fdc90, args=0x7feab806aa40, ret=0x7feab805e6f0) at remote_dispatch.h:424 #5 0x0000558e9af0ca48 in virNetServerProgramDispatchCall (msg=0x558e9c3925c0, client=0x558e9c36f970, server=0x558e9c351570, prog=0x558e9c367d50) at rpc/virnetserverprogram.c:474 #6 virNetServerProgramDispatch (prog=0x558e9c367d50, server=server@entry=0x558e9c351570, client=0x558e9c36f970, msg=0x558e9c3925c0) at rpc/virnetserverprogram.c:311 #7 0x0000558e9af085ed in virNetServerProcessMsg (msg=<optimized out>, prog=<optimized out>, client=<optimized out>, srv=0x558e9c351570) at rpc/virnetserver.c:148 #8 virNetServerHandleJob (jobOpaque=<optimized out>, opaque=0x558e9c351570) at rpc/virnetserver.c:169 #9 0x00007feb7e7f1861 in virThreadPoolWorker (opaque=opaque@entry=0x558e9c36b5f0) at util/virthreadpool.c:167 #10 0x00007feb7e7f0b78 in virThreadHelper (data=<optimized out>) at util/virthread.c:219 #11 0x00007feb7b9fcdc5 in start_thread () from /usr/lib64/libpthread.so.0 #12 0x00007feb7b72b75d in clone () from /usr/lib64/libc.so.6 Signed-off-by: l00425170 <liujunjie23(a)huawei.com> --- src/remote/remote_daemon.h | 2 ++ src/remote/remote_daemon_dispatch.c | 46 ++++++++++++++++++++++++++++++++++++- 2 files changed, 47 insertions(+), 1 deletion(-) diff --git a/src/remote/remote_daemon.h b/src/remote/remote_daemon.h index 4467f71..8accafc 100644 --- a/src/remote/remote_daemon.h +++ b/src/remote/remote_daemon.h @@ -76,6 +76,8 @@ struct daemonClientPrivate { virConnectPtr conn; daemonClientStreamPtr streams; + + bool clientClosed; }; diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c index fdb0a36..59e69e6 100644 --- a/src/remote/remote_daemon_dispatch.c +++ b/src/remote/remote_daemon_dispatch.c @@ -1752,8 +1752,12 @@ static void remoteClientCloseFunc(virNetServerClientPtr client) daemonRemoveAllClientStreams(priv->streams); /* Deregister event delivery callback */ - if (priv->conn) + if (priv->conn) { + virMutexLock(&priv->lock); remoteClientFreePrivateCallbacks(priv); + priv->clientClosed = true; + virMutexUnlock(&priv->lock); + } } @@ -3889,6 +3893,11 @@ remoteDispatchConnectDomainEventRegister(virNetServerPtr server ATTRIBUTE_UNUSED virMutexLock(&priv->lock); + if (priv->clientClosed) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection want close")); + goto cleanup; + } + /* If we call register first, we could append a complete callback * to our array, but on OOM append failure, we'd have to then hope * deregister works to undo our register. So instead we append an @@ -4116,6 +4125,11 @@ remoteDispatchConnectDomainEventRegisterAny(virNetServerPtr server ATTRIBUTE_UNU virMutexLock(&priv->lock); + if (priv->clientClosed) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection want close")); + goto cleanup; + } + /* We intentionally do not use VIR_DOMAIN_EVENT_ID_LAST here; any * new domain events added after this point should only use the * modern callback style of RPC. */ @@ -4192,6 +4206,11 @@ remoteDispatchConnectDomainEventCallbackRegisterAny(virNetServerPtr server ATTRI virMutexLock(&priv->lock); + if (priv->clientClosed) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection want close")); + goto cleanup; + } + if (args->dom && !(dom = get_nonnull_domain(priv->conn, *args->dom))) goto cleanup; @@ -5702,6 +5721,11 @@ remoteDispatchConnectNetworkEventRegisterAny(virNetServerPtr server ATTRIBUTE_UN virMutexLock(&priv->lock); + if (priv->clientClosed) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection want close")); + goto cleanup; + } + if (args->net && !(net = get_nonnull_network(priv->conn, *args->net))) goto cleanup; @@ -5824,6 +5848,11 @@ remoteDispatchConnectStoragePoolEventRegisterAny(virNetServerPtr server ATTRIBUT virMutexLock(&priv->lock); + if (priv->clientClosed) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection want close")); + goto cleanup; + } + if (args->pool && !(pool = get_nonnull_storage_pool(priv->conn, *args->pool))) goto cleanup; @@ -5945,6 +5974,11 @@ remoteDispatchConnectNodeDeviceEventRegisterAny(virNetServerPtr server ATTRIBUTE virMutexLock(&priv->lock); + if (priv->clientClosed) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection want close")); + goto cleanup; + } + if (args->dev && !(dev = get_nonnull_node_device(priv->conn, *args->dev))) goto cleanup; @@ -6066,6 +6100,11 @@ remoteDispatchConnectSecretEventRegisterAny(virNetServerPtr server ATTRIBUTE_UNU virMutexLock(&priv->lock); + if (priv->clientClosed) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection want close")); + goto cleanup; + } + if (args->secret && !(secret = get_nonnull_secret(priv->conn, *args->secret))) goto cleanup; @@ -6188,6 +6227,11 @@ qemuDispatchConnectDomainMonitorEventRegister(virNetServerPtr server ATTRIBUTE_U virMutexLock(&priv->lock); + if (priv->clientClosed) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection want close")); + goto cleanup; + } + if (args->dom && !(dom = get_nonnull_domain(priv->conn, *args->dom))) goto cleanup; -- 2.13.3.windows.1

2 1

[libvirt] [PATCH] qemu: hotplug: fail when net device detach times out
by Jonathan Davies 14 Mar '18

14 Mar '18

qemuDomainDetachNetDevice should not treat a timeout in a call to qemuDomainWaitForDeviceRemoval as success. Instead, it should treat it as failure -- this is the intention behind having a timeout. If qemuDomainWaitForDeviceRemoval times out, it returns 0. In this instance, if qemuDomainDetachNetDevice returns 0, virsh detach-interface reports: Interface detached successfully with a zero exit status. But with a negative return value from qemuDomainDetachNetDevice, virsh detach-interface reports: error: Failed to detach interface error: An error occurred, but the cause is unknown with a non-zero exit status, which is more appropriate. Signed-off-by: Jonathan Davies <jonathan.davies(a)nutanix.com> --- src/qemu/qemu_hotplug.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index 4be0f546c..d9a2f2d4d 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -5082,8 +5082,13 @@ qemuDomainDetachNetDevice(virQEMUDriverPtr driver, if (qemuDomainObjExitMonitor(driver, vm) < 0) goto cleanup; - if ((ret = qemuDomainWaitForDeviceRemoval(vm)) == 1) + ret = qemuDomainWaitForDeviceRemoval(vm); + if (ret == 1) { ret = qemuDomainRemoveNetDevice(driver, vm, detach); + } else if (ret == 0) { + VIR_WARN("Detach of device %s timed out; treating as a failure", detach->ifname); + ret = -1; + } cleanup: qemuDomainResetDeviceRemoval(vm); -- 2.14.1

5 7

[libvirt] [PATCH security-notice 0/4] Add missing security notices
by Daniel P. Berrangé 14 Mar '18

14 Mar '18

This provides the security notices we've had so far in 2018 and a script to make future ones easier to create. Daniel P. Berrangé (4): LSN-2018-0001 / CVE-2017-5715 - Spectre variant 2 branch target injection LSN-2018-0002 / CVE-2018-5748 - QEMU monitor denial of service LSN-2018-0003 / CVE-2018-6764 - Insecure usage of NSS modules during container startup Add a script for generating a list of vulnerable tags & branches notices/2018/0001.xml | 276 ++++++++++++++++++++++++++++++++++++++ notices/2018/0002.xml | 274 +++++++++++++++++++++++++++++++++++++ notices/2018/0003.xml | 269 +++++++++++++++++++++++++++++++++++++ scripts/report-vulnerable-tags.pl | 108 +++++++++++++++ 4 files changed, 927 insertions(+) create mode 100644 notices/2018/0001.xml create mode 100644 notices/2018/0002.xml create mode 100644 notices/2018/0003.xml create mode 100644 scripts/report-vulnerable-tags.pl -- 2.14.3

1 4

[libvirt] [PATCH] tests: Fix path to status XML test directory in makefile
by Peter Krempa 13 Mar '18

13 Mar '18

Commit 99e30acfdce added 'qemustatusxml2xmloutdata' to EXTRA_DIST but the directory added in the commit is called 'qemustatusxml2xmldata' Signed-off-by: Peter Krempa <pkrempa(a)redhat.com> --- Pushed under the I-didn't-run-distcheck-when-messing-with-files-in-the-tree-and-broke-the-build-rule. tests/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 1f60ee0393..11a9b904ed 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -128,7 +128,7 @@ EXTRA_DIST = \ qemumonitorjsondata \ qemuxml2argvdata \ qemuxml2xmloutdata \ - qemustatusxml2xmloutdata \ + qemustatusxml2xmldata \ qemumemlockdata \ secretxml2xmlin \ securityselinuxhelperdata \ -- 2.16.2

1 0

[libvirt] [PATCH] tests: bhyvexml2xml: Fix call to testCompareDomXML2XMLFiles
by Peter Krempa 13 Mar '18

13 Mar '18

Commit 1b28038300b forgot to fix the arguments for this one caller. Signed-off-by: Peter Krempa <pkrempa(a)redhat.com> --- Pushed under the build-breaker rule. tests/bhyvexml2xmltest.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/bhyvexml2xmltest.c b/tests/bhyvexml2xmltest.c index e483dac630..4d9c1681db 100644 --- a/tests/bhyvexml2xmltest.c +++ b/tests/bhyvexml2xmltest.c @@ -39,7 +39,7 @@ testCompareXMLToXMLHelper(const void *data) ret = testCompareDomXML2XMLFiles(driver.caps, driver.xmlopt, xml_in, is_different ? xml_out : xml_in, - false, NULL, NULL, 0, + false, 0, TEST_COMPARE_DOM_XML2XML_RESULT_SUCCESS); if ((ret != 0) && (info->flags & FLAG_EXPECT_FAILURE)) { -- 2.16.2

1 0

[libvirt] [PATCH] build: Add srpm make target
by Jiri Denemark 13 Mar '18

13 Mar '18

Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com> --- Makefile.am | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Makefile.am b/Makefile.am index 0d46c16c22..81c7f52d9c 100644 --- a/Makefile.am +++ b/Makefile.am @@ -69,6 +69,9 @@ EXTRA_DIST += \ rpm: clean @(unset CDPATH ; $(MAKE) dist && rpmbuild -ta $(distdir).tar.xz) +srpm: clean + @(unset CDPATH ; $(MAKE) dist && rpmbuild -ts $(distdir).tar.xz) + check-local: all tests check-access: -- 2.16.2

2 1

[libvirt] [PATCH 0/2] Two small memleak fixes
by Michal Privoznik 13 Mar '18

13 Mar '18

*** BLURB HERE *** Michal Privoznik (2): virSysinfoParseX86Chassis: Store asset tag into correct pointer virSecurityDACChownListFree: Don't leak list->items array src/security/security_dac.c | 1 + src/util/virsysinfo.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) -- 2.16.1

2 4