July 2021 - Devel - libvirt List Archives

[PATCH libvirt v1] conf: verify for duplicate hostdevs
by Shalini Chellathurai Saroja 02 Jul '21

02 Jul '21

It is possible to define/edit(in shut off state) a domain XML with same hostdev device repeated more than once, as shown below. This behavior is not expected. So, this patch fixes it. vser1: <domain type='kvm'> [...] <devices> [...] <hostdev mode='subsystem' type='mdev' managed='no' model='vfio-ccw'> <source> <address uuid='8e782fea-e5f4-45fa-a0f9-024cf66e5009'/> </source> <address type='ccw' cssid='0xfe' ssid='0x0' devno='0x0005'/> </hostdev> <hostdev mode='subsystem' type='mdev' managed='no' model='vfio-ccw'> <source> <address uuid='8e782fea-e5f4-45fa-a0f9-024cf66e5009'/> </source> <address type='ccw' cssid='0xfe' ssid='0x0' devno='0x0006'/> </hostdev> [...] </devices> </domain> $ virsh define vser1 Domain 'vser1' defined from vser1 Signed-off-by: Shalini Chellathurai Saroja <shalini(a)linux.ibm.com> Reviewed-by: Bjoern Walk <bwalk(a)linux.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy(a)linux.ibm.com> --- src/conf/domain_conf.c | 2 +- src/conf/domain_conf.h | 2 + src/conf/domain_validate.c | 21 ++++++++++ src/libvirt_private.syms | 1 + .../hostdev-mdev-duplicate.err | 1 + .../hostdev-mdev-duplicate.xml | 41 +++++++++++++++++++ .../hostdev-pci-duplicate.err | 1 + .../hostdev-pci-duplicate.xml | 40 ++++++++++++++++++ .../hostdev-scsi-duplicate.err | 1 + .../hostdev-scsi-duplicate.xml | 40 ++++++++++++++++++ .../hostdev-usb-duplicate.err | 1 + .../hostdev-usb-duplicate.xml | 40 ++++++++++++++++++ tests/qemuxml2argvtest.c | 8 ++++ 13 files changed, 198 insertions(+), 1 deletion(-) create mode 100644 tests/qemuxml2argvdata/hostdev-mdev-duplicate.err create mode 100644 tests/qemuxml2argvdata/hostdev-mdev-duplicate.xml create mode 100644 tests/qemuxml2argvdata/hostdev-pci-duplicate.err create mode 100644 tests/qemuxml2argvdata/hostdev-pci-duplicate.xml create mode 100644 tests/qemuxml2argvdata/hostdev-scsi-duplicate.err create mode 100644 tests/qemuxml2argvdata/hostdev-scsi-duplicate.xml create mode 100644 tests/qemuxml2argvdata/hostdev-usb-duplicate.err create mode 100644 tests/qemuxml2argvdata/hostdev-usb-duplicate.xml diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index f65509d8..5746f69e 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -15369,7 +15369,7 @@ virDomainHostdevMatchCaps(virDomainHostdevDef *a, } -static int +int virDomainHostdevMatch(virDomainHostdevDef *a, virDomainHostdevDef *b) { diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index f706c498..4d9d499b 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -3590,6 +3590,8 @@ virDomainHostdevDef * virDomainHostdevRemove(virDomainDef *def, size_t i); int virDomainHostdevFind(virDomainDef *def, virDomainHostdevDef *match, virDomainHostdevDef **found); +int virDomainHostdevMatch(virDomainHostdevDef *a, + virDomainHostdevDef *b); virDomainGraphicsListenDef * virDomainGraphicsGetListen(virDomainGraphicsDef *def, size_t i); diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 2124d25d..df2ab473 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -1068,7 +1068,25 @@ virDomainDefDuplicateDiskInfoValidate(const virDomainDef *def) return 0; } +static int +virDomainDefDuplicateHostdevInfoValidate(const virDomainDef *def) +{ + size_t i; + size_t j; + for (i = 0; i < def->nhostdevs; i++) { + for (j = i + 1; j < def->nhostdevs; j++) { + if (virDomainHostdevMatch(def->hostdevs[i], + def->hostdevs[j])) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("Hostdev already exists in the domain configuration")); + return -1; + } + } + } + + return 0; +} /** * virDomainDefDuplicateDriveAddressesValidate: @@ -1529,6 +1547,9 @@ virDomainDefValidateInternal(const virDomainDef *def, if (virDomainDefDuplicateDiskInfoValidate(def) < 0) return -1; + if (virDomainDefDuplicateHostdevInfoValidate(def) < 0) + return -1; + if (virDomainDefDuplicateDriveAddressesValidate(def) < 0) return -1; diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 2efa7876..f0d1b7b4 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -457,6 +457,7 @@ virDomainHostdevDefFree; virDomainHostdevDefNew; virDomainHostdevFind; virDomainHostdevInsert; +virDomainHostdevMatch; virDomainHostdevModeTypeToString; virDomainHostdevRemove; virDomainHostdevSubsysPCIBackendTypeToString; diff --git a/tests/qemuxml2argvdata/hostdev-mdev-duplicate.err b/tests/qemuxml2argvdata/hostdev-mdev-duplicate.err new file mode 100644 index 00000000..590afd30 --- /dev/null +++ b/tests/qemuxml2argvdata/hostdev-mdev-duplicate.err @@ -0,0 +1 @@ +XML error: Hostdev already exists in the domain configuration diff --git a/tests/qemuxml2argvdata/hostdev-mdev-duplicate.xml b/tests/qemuxml2argvdata/hostdev-mdev-duplicate.xml new file mode 100644 index 00000000..1c5e3263 --- /dev/null +++ b/tests/qemuxml2argvdata/hostdev-mdev-duplicate.xml @@ -0,0 +1,41 @@ +<domain type='qemu'> + <name>QEMUGuest2</name> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid> + <memory unit='KiB'>219136</memory> + <currentMemory unit='KiB'>219136</currentMemory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='i686' machine='pc'>hvm</type> + <boot dev='hd'/> + </os> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-i386</emulator> + <controller type='usb' index='0'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/> + </controller> + <controller type='pci' index='0' model='pci-root'/> + <controller type='ide' index='0'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/> + </controller> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <audio id='1' type='none'/> + <hostdev mode='subsystem' type='mdev' managed='no' model='vfio-pci'> + <source> + <address uuid='53764d0e-85a0-42b4-af5c-2046b460b1dc'/> + </source> + <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/> + </hostdev> + <hostdev mode='subsystem' type='mdev' managed='no' model='vfio-pci'> + <source> + <address uuid='53764d0e-85a0-42b4-af5c-2046b460b1dc'/> + </source> + <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> + </hostdev> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvdata/hostdev-pci-duplicate.err b/tests/qemuxml2argvdata/hostdev-pci-duplicate.err new file mode 100644 index 00000000..590afd30 --- /dev/null +++ b/tests/qemuxml2argvdata/hostdev-pci-duplicate.err @@ -0,0 +1 @@ +XML error: Hostdev already exists in the domain configuration diff --git a/tests/qemuxml2argvdata/hostdev-pci-duplicate.xml b/tests/qemuxml2argvdata/hostdev-pci-duplicate.xml new file mode 100644 index 00000000..c744fddf --- /dev/null +++ b/tests/qemuxml2argvdata/hostdev-pci-duplicate.xml @@ -0,0 +1,40 @@ +<domain type='qemu'> + <name>QEMUGuest2</name> + <uuid>c7a5fdbd-edaf-9466-926a-d65c16db1809</uuid> + <memory unit='KiB'>219100</memory> + <currentMemory unit='KiB'>219100</currentMemory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='i686' machine='pc'>hvm</type> + <boot dev='hd'/> + </os> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-i386</emulator> + <disk type='block' device='disk'> + <driver name='qemu' type='raw'/> + <source dev='/dev/HostVG/QEMUGuest2'/> + <target dev='hda' bus='ide'/> + <address type='drive' controller='0' bus='0' target='0' unit='0'/> + </disk> + <controller type='usb' index='0'/> + <controller type='ide' index='0'/> + <controller type='pci' index='0' model='pci-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <hostdev mode='subsystem' type='pci' managed='yes'> + <source> + <address domain='0x0000' bus='0x06' slot='0x12' function='0x5'/> + </source> + </hostdev> + <hostdev mode='subsystem' type='pci' managed='yes'> + <source> + <address domain='0x0000' bus='0x06' slot='0x12' function='0x5'/> + </source> + </hostdev> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvdata/hostdev-scsi-duplicate.err b/tests/qemuxml2argvdata/hostdev-scsi-duplicate.err new file mode 100644 index 00000000..590afd30 --- /dev/null +++ b/tests/qemuxml2argvdata/hostdev-scsi-duplicate.err @@ -0,0 +1 @@ +XML error: Hostdev already exists in the domain configuration diff --git a/tests/qemuxml2argvdata/hostdev-scsi-duplicate.xml b/tests/qemuxml2argvdata/hostdev-scsi-duplicate.xml new file mode 100644 index 00000000..ea367de3 --- /dev/null +++ b/tests/qemuxml2argvdata/hostdev-scsi-duplicate.xml @@ -0,0 +1,40 @@ +<domain type='qemu'> + <name>QEMUGuest2</name> + <uuid>c7a5fdbd-edaf-9466-926a-d65c16db1809</uuid> + <memory unit='KiB'>219100</memory> + <currentMemory unit='KiB'>219100</currentMemory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='i686' machine='pc'>hvm</type> + <boot dev='hd'/> + </os> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-i386</emulator> + <disk type='block' device='disk'> + <source dev='/dev/HostVG/QEMUGuest2'/> + <target dev='hda' bus='ide'/> + <address type='drive' controller='0' bus='0' target='0' unit='0'/> + </disk> + <controller type='scsi' index='0' model='virtio-scsi'/> + <controller type='usb' index='0'/> + <controller type='ide' index='0'/> + <controller type='pci' index='0' model='pci-root'/> + <hostdev mode='subsystem' type='scsi' managed='yes'> + <source> + <adapter name='scsi_host0'/> + <address bus='0' target='0' unit='0'/> + </source> + </hostdev> + <hostdev mode='subsystem' type='scsi' managed='yes'> + <source> + <adapter name='scsi_host0'/> + <address bus='0' target='0' unit='0'/> + </source> + </hostdev> + <memballoon model='virtio'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvdata/hostdev-usb-duplicate.err b/tests/qemuxml2argvdata/hostdev-usb-duplicate.err new file mode 100644 index 00000000..590afd30 --- /dev/null +++ b/tests/qemuxml2argvdata/hostdev-usb-duplicate.err @@ -0,0 +1 @@ +XML error: Hostdev already exists in the domain configuration diff --git a/tests/qemuxml2argvdata/hostdev-usb-duplicate.xml b/tests/qemuxml2argvdata/hostdev-usb-duplicate.xml new file mode 100644 index 00000000..533a9059 --- /dev/null +++ b/tests/qemuxml2argvdata/hostdev-usb-duplicate.xml @@ -0,0 +1,40 @@ +<domain type='qemu'> + <name>QEMUGuest1</name> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid> + <memory unit='KiB'>219136</memory> + <currentMemory unit='KiB'>219136</currentMemory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='i686' machine='pc'>hvm</type> + <boot dev='hd'/> + </os> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-i386</emulator> + <disk type='block' device='disk'> + <driver name='qemu' type='raw'/> + <source dev='/dev/HostVG/QEMUGuest1'/> + <target dev='hda' bus='ide'/> + <address type='drive' controller='0' bus='0' target='0' unit='0'/> + </disk> + <controller type='usb' index='0'/> + <controller type='ide' index='0'/> + <controller type='pci' index='0' model='pci-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <hostdev mode='subsystem' type='usb' managed='no'> + <source> + <address bus='14' device='6'/> + </source> + </hostdev> + <hostdev mode='subsystem' type='usb' managed='no'> + <source> + <address bus='14' device='6'/> + </source> + </hostdev> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 7fed871c..b9f96532 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1915,8 +1915,11 @@ mymain(void) DO_TEST("hostdev-usb-address", NONE); DO_TEST("hostdev-usb-address-device", NONE); DO_TEST("hostdev-usb-address-device-boot", NONE); + DO_TEST_PARSE_ERROR("hostdev-usb-duplicate", NONE); DO_TEST("hostdev-pci-address", QEMU_CAPS_DEVICE_VFIO_PCI); DO_TEST("hostdev-pci-address-device", QEMU_CAPS_DEVICE_VFIO_PCI); + DO_TEST_PARSE_ERROR("hostdev-pci-duplicate", + QEMU_CAPS_DEVICE_VFIO_PCI); DO_TEST("hostdev-vfio", QEMU_CAPS_DEVICE_VFIO_PCI); DO_TEST("hostdev-vfio-multidomain", @@ -1927,6 +1930,8 @@ mymain(void) QEMU_CAPS_DEVICE_VFIO_PCI); DO_TEST_PARSE_ERROR("hostdev-mdev-invalid-target-address", QEMU_CAPS_DEVICE_VFIO_PCI); + DO_TEST_PARSE_ERROR("hostdev-mdev-duplicate", + QEMU_CAPS_DEVICE_VFIO_PCI); DO_TEST_CAPS_LATEST("hostdev-mdev-display-spice-opengl"); DO_TEST_CAPS_LATEST("hostdev-mdev-display-spice-egl-headless"); DO_TEST_CAPS_LATEST("hostdev-mdev-display-vnc"); @@ -2856,6 +2861,9 @@ mymain(void) QEMU_CAPS_VIRTIO_SCSI, QEMU_CAPS_DEVICE_VHOST_SCSI, QEMU_CAPS_DEVICE_PCIE_ROOT_PORT, QEMU_CAPS_VIRTIO_PCI_DISABLE_LEGACY); + DO_TEST_PARSE_ERROR("hostdev-scsi-duplicate", + QEMU_CAPS_VIRTIO_SCSI, + QEMU_CAPS_DEVICE_VHOST_SCSI); DO_TEST_CAPS_VER("mlock-on", "3.0.0"); DO_TEST_CAPS_VER("mlock-off", "3.0.0"); -- 2.30.2

2 5

[libvirt PATCH v2 0/5] mdev tweaks
by Jonathon Jongsma 01 Jul '21

01 Jul '21

A few minor fixes to mdev support in the nodedev driver Changes in v2: - split out the error-reporting macro into a separate commit as recommended by Peter - Since virCommandRun() may report an error, ensure that the virMdevctl$COMMAND() functions always set an error to make error-handling consistent. v1 tried to return an error message and have the caller report the error. - Added a new patch (destroying inactive device) Jonathon Jongsma (5): nodedev: Remove useless device name from error message nodedev: Handle NULL command variable nodedev: add macro to handle command errors nodedev: handle mdevctl errors consistently nodedev: improve error message when destroying an inactive device src/node_device/node_device_driver.c | 147 +++++++++++++++++---------- 1 file changed, 94 insertions(+), 53 deletions(-) -- 2.31.1

3 13

[libvirt PATCH] nodedev: handle mdevs from multiple parents
by Jonathon Jongsma 01 Jul '21

01 Jul '21

Due to a rather unfortunate misunderstanding, we were parsing the list of defined devices from mdevctl incorrectly. Since my primary development machine only has a single device capable of mdevs, I apparently neglected to test multiple parent devices and made some assumptions based on reading the mdevctl code. These assumptions turned out to be incorrect, so the parsing failed when devices from more than one parent device were returned. The details: mdevctl returns an array of objects representing the defined devices. But instead of an array of multiple objects (with each object representing a parent device), the array always contains only a single object. That object has a separate property for each parent device. Signed-off-by: Jonathon Jongsma <jjongsma(a)redhat.com> --- src/node_device/node_device_driver.c | 41 ++++++++++--------- .../mdevctl-list-multiple.json | 4 +- 2 files changed, 23 insertions(+), 22 deletions(-) diff --git a/src/node_device/node_device_driver.c b/src/node_device/node_device_driver.c index 8a0a2c3847..cb2c3ceaa4 100644 --- a/src/node_device/node_device_driver.c +++ b/src/node_device/node_device_driver.c @@ -1056,6 +1056,7 @@ nodeDeviceParseMdevctlJSON(const char *jsonstring, size_t noutdevs = 0; size_t i; size_t j; + virJSONValue *obj; json_devicelist = virJSONValueFromString(jsonstring); @@ -1065,31 +1066,33 @@ nodeDeviceParseMdevctlJSON(const char *jsonstring, goto error; } - n = virJSONValueArraySize(json_devicelist); + /* mdevctl list --dumpjson produces an output that is an array that + * contains only a single object which contains a property for each parent + * device */ + if (virJSONValueArraySize(json_devicelist) != 1) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("Unexpected format for mdevctl response")); + goto error; + } + + obj = virJSONValueArrayGet(json_devicelist, 0); + + if (!virJSONValueIsObject(obj)) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("device list is not an object")); + goto error; + } + n = virJSONValueObjectKeysNumber(obj); for (i = 0; i < n; i++) { - virJSONValue *obj = virJSONValueArrayGet(json_devicelist, i); const char *parent; virJSONValue *child_array; int nchildren; - if (!virJSONValueIsObject(obj)) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("Parent device is not an object")); - goto error; - } - - /* mdevctl returns an array of objects. Each object is a parent device - * object containing a single key-value pair which maps from the name - * of the parent device to an array of child devices */ - if (virJSONValueObjectKeysNumber(obj) != 1) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("Unexpected format for parent device object")); - goto error; - } - - parent = virJSONValueObjectGetKey(obj, 0); - child_array = virJSONValueObjectGetValue(obj, 0); + /* The key of each object property is the name of a parent device + * which maps to an array of child devices */ + parent = virJSONValueObjectGetKey(obj, i); + child_array = virJSONValueObjectGetValue(obj, i); if (!virJSONValueIsArray(child_array)) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", diff --git a/tests/nodedevmdevctldata/mdevctl-list-multiple.json b/tests/nodedevmdevctldata/mdevctl-list-multiple.json index eefcd90c62..ca1918d00a 100644 --- a/tests/nodedevmdevctldata/mdevctl-list-multiple.json +++ b/tests/nodedevmdevctldata/mdevctl-list-multiple.json @@ -24,9 +24,7 @@ ] } } - ] - }, - { + ], "matrix": [ { "783e6dbb-ea0e-411f-94e2-717eaad438bf": { "mdev_type": "vfio_ap-passthrough", -- 2.31.1

2 3

[libvirt PATCH] NEWS: Fix spacing between releases
by Andrea Bolognani 01 Jul '21

01 Jul '21

Signed-off-by: Andrea Bolognani <abologna(a)redhat.com> --- NEWS.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index 552f845211..2536955a4a 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -90,6 +90,7 @@ v7.4.0 (2021-06-01) Having a 0 offset so that the size of the image can be limited is a valid configuration so it was allowed in the XML schema. + v7.3.0 (2021-05-03) =================== @@ -189,6 +190,7 @@ v7.3.0 (2021-05-03) properly when a connection URI or read only flag were specified on ``virsh`` or ``virt-admin`` command line. + v7.2.0 (2021-04-01) =================== -- 2.31.1

1 1

Release of libvirt-7.5.0
by Jiri Denemark 01 Jul '21

01 Jul '21

The 7.5.0 release of both libvirt and libvirt-python is tagged and signed tarballs and source RPMs are available at https://libvirt.org/sources/ https://libvirt.org/sources/python/ Thanks everybody who helped with this release by sending patches, reviewing, testing, or providing any other feedback. Your work is greatly appreciated. * Security * svirt: fix MCS label generation (CVE-2021-3631) A flaw in the way MCS labels were generated could result in a VM's resource not being fully protected from access by another VM were it to be compromised. https://gitlab.com/libvirt/libvirt/-/issues/153 * Removed features * xen: Remove support for Xen < 4.9 In accordance with our platform support policy, the oldest supported Xen version is now bumped from 4.6 to 4.9. * Improvements * docs: Document disk serial truncation status quo Disk ``<serial>`` is being truncated by QEMU before passed to the guest. Since it's impossible to fix it without running into further regressions the documentation was improved to document the intricacies. * Bug fixes * qemu: Fixed validation of disk ``iothread`` configuration The validation of ``iothread`` config was previously moved to a place where it caused bogus errors when address wasn't allocated when hotplugging a disk. The check is now removed as it wasn't actually necessary at all. Enjoy. Jirka

1 0

[PATCH] Add news item for sVirt CVE fix
by Daniel P. Berrangé 01 Jul '21

01 Jul '21

Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com> --- NEWS.rst | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index 935b0d0aad..3297560941 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -11,6 +11,14 @@ For a more fine-grained view, use the `git log`_. v7.5.0 (unreleased) =================== +* **Security fixes** + + * svirt: fix MCS label generation (CVE-2021-3631) + + A flaw in the way MCS labels were generated could result in a VM's + resource not being fully protected from access by another VM were + it to be compromised. https://gitlab.com/libvirt/libvirt/-/issues/153 + * **Removed features** * xen: Remove support for Xen < 4.9 -- 2.31.1

2 1

[PATCH] qemu: code protection for qemuBlockJobEventProcessLegacy
by huangy81＠chinatelecom.cn 01 Jul '21

01 Jul '21

From: Chongyun Wu <wucy11(a)chinatelecom.cn> pointer disk might be null in some special cases or new usage scenarios, therefore code protection is needed to prevent segment faults. Signed-off-by: Chongyun Wu <wucy11(a)chinatelecom.cn> --- src/qemu/qemu_blockjob.c | 43 ++++++++++++++++++++++++------------------- 1 file changed, 24 insertions(+), 19 deletions(-) diff --git a/src/qemu/qemu_blockjob.c b/src/qemu/qemu_blockjob.c index faf9a9f..00506b9 100644 --- a/src/qemu/qemu_blockjob.c +++ b/src/qemu/qemu_blockjob.c @@ -781,12 +781,13 @@ qemuBlockJobEventProcessLegacy(virQEMUDriver *driver, { virDomainDiskDef *disk = job->disk; - VIR_DEBUG("disk=%s, mirrorState=%s, type=%d, state=%d, newstate=%d", - disk->dst, - NULLSTR(virDomainDiskMirrorStateTypeToString(disk->mirrorState)), - job->type, - job->state, - job->newstate); + if (disk) + VIR_DEBUG("disk=%s, mirrorState=%s, type=%d, state=%d, newstate=%d", + disk->dst, + NULLSTR(virDomainDiskMirrorStateTypeToString(disk->mirrorState)), + job->type, + job->state, + job->newstate); if (job->newstate == -1) return; @@ -804,26 +805,30 @@ qemuBlockJobEventProcessLegacy(virQEMUDriver *driver, break; case VIR_DOMAIN_BLOCK_JOB_READY: - disk->mirrorState = VIR_DOMAIN_DISK_MIRROR_STATE_READY; - qemuDomainSaveStatus(vm); + if (disk) { + disk->mirrorState = VIR_DOMAIN_DISK_MIRROR_STATE_READY; + qemuDomainSaveStatus(vm); + } break; case VIR_DOMAIN_BLOCK_JOB_FAILED: case VIR_DOMAIN_BLOCK_JOB_CANCELED: - if (disk->mirror) { - virDomainLockImageDetach(driver->lockManager, vm, disk->mirror); + if (disk) { + if (disk->mirror) { + virDomainLockImageDetach(driver->lockManager, vm, disk->mirror); - /* Ideally, we would restore seclabels on the backing chain here - * but we don't know if somebody else is not using parts of it. - * Remove security driver metadata so that they are not leaked. */ - qemuBlockRemoveImageMetadata(driver, vm, disk->dst, disk->mirror); + /* Ideally, we would restore seclabels on the backing chain here + * but we don't know if somebody else is not using parts of it. + * Remove security driver metadata so that they are not leaked. */ + qemuBlockRemoveImageMetadata(driver, vm, disk->dst, disk->mirror); - virObjectUnref(disk->mirror); - disk->mirror = NULL; + virObjectUnref(disk->mirror); + disk->mirror = NULL; + } + disk->mirrorState = VIR_DOMAIN_DISK_MIRROR_STATE_NONE; + disk->mirrorJob = VIR_DOMAIN_BLOCK_JOB_TYPE_UNKNOWN; + qemuBlockJobUnregister(job, vm); } - disk->mirrorState = VIR_DOMAIN_DISK_MIRROR_STATE_NONE; - disk->mirrorJob = VIR_DOMAIN_BLOCK_JOB_TYPE_UNKNOWN; - qemuBlockJobUnregister(job, vm); break; case VIR_DOMAIN_BLOCK_JOB_LAST: -- 1.8.3.1

3 3