July 2021 - Devel - libvirt List Archives

[libvirt PATCH v2 0/5] mdev tweaks
by Jonathon Jongsma 01 Jul '21

01 Jul '21

A few minor fixes to mdev support in the nodedev driver Changes in v2: - split out the error-reporting macro into a separate commit as recommended by Peter - Since virCommandRun() may report an error, ensure that the virMdevctl$COMMAND() functions always set an error to make error-handling consistent. v1 tried to return an error message and have the caller report the error. - Added a new patch (destroying inactive device) Jonathon Jongsma (5): nodedev: Remove useless device name from error message nodedev: Handle NULL command variable nodedev: add macro to handle command errors nodedev: handle mdevctl errors consistently nodedev: improve error message when destroying an inactive device src/node_device/node_device_driver.c | 147 +++++++++++++++++---------- 1 file changed, 94 insertions(+), 53 deletions(-) -- 2.31.1

3 13

[libvirt PATCH] nodedev: handle mdevs from multiple parents
by Jonathon Jongsma 01 Jul '21

01 Jul '21

Due to a rather unfortunate misunderstanding, we were parsing the list of defined devices from mdevctl incorrectly. Since my primary development machine only has a single device capable of mdevs, I apparently neglected to test multiple parent devices and made some assumptions based on reading the mdevctl code. These assumptions turned out to be incorrect, so the parsing failed when devices from more than one parent device were returned. The details: mdevctl returns an array of objects representing the defined devices. But instead of an array of multiple objects (with each object representing a parent device), the array always contains only a single object. That object has a separate property for each parent device. Signed-off-by: Jonathon Jongsma <jjongsma(a)redhat.com> --- src/node_device/node_device_driver.c | 41 ++++++++++--------- .../mdevctl-list-multiple.json | 4 +- 2 files changed, 23 insertions(+), 22 deletions(-) diff --git a/src/node_device/node_device_driver.c b/src/node_device/node_device_driver.c index 8a0a2c3847..cb2c3ceaa4 100644 --- a/src/node_device/node_device_driver.c +++ b/src/node_device/node_device_driver.c @@ -1056,6 +1056,7 @@ nodeDeviceParseMdevctlJSON(const char *jsonstring, size_t noutdevs = 0; size_t i; size_t j; + virJSONValue *obj; json_devicelist = virJSONValueFromString(jsonstring); @@ -1065,31 +1066,33 @@ nodeDeviceParseMdevctlJSON(const char *jsonstring, goto error; } - n = virJSONValueArraySize(json_devicelist); + /* mdevctl list --dumpjson produces an output that is an array that + * contains only a single object which contains a property for each parent + * device */ + if (virJSONValueArraySize(json_devicelist) != 1) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("Unexpected format for mdevctl response")); + goto error; + } + + obj = virJSONValueArrayGet(json_devicelist, 0); + + if (!virJSONValueIsObject(obj)) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("device list is not an object")); + goto error; + } + n = virJSONValueObjectKeysNumber(obj); for (i = 0; i < n; i++) { - virJSONValue *obj = virJSONValueArrayGet(json_devicelist, i); const char *parent; virJSONValue *child_array; int nchildren; - if (!virJSONValueIsObject(obj)) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("Parent device is not an object")); - goto error; - } - - /* mdevctl returns an array of objects. Each object is a parent device - * object containing a single key-value pair which maps from the name - * of the parent device to an array of child devices */ - if (virJSONValueObjectKeysNumber(obj) != 1) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("Unexpected format for parent device object")); - goto error; - } - - parent = virJSONValueObjectGetKey(obj, 0); - child_array = virJSONValueObjectGetValue(obj, 0); + /* The key of each object property is the name of a parent device + * which maps to an array of child devices */ + parent = virJSONValueObjectGetKey(obj, i); + child_array = virJSONValueObjectGetValue(obj, i); if (!virJSONValueIsArray(child_array)) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", diff --git a/tests/nodedevmdevctldata/mdevctl-list-multiple.json b/tests/nodedevmdevctldata/mdevctl-list-multiple.json index eefcd90c62..ca1918d00a 100644 --- a/tests/nodedevmdevctldata/mdevctl-list-multiple.json +++ b/tests/nodedevmdevctldata/mdevctl-list-multiple.json @@ -24,9 +24,7 @@ ] } } - ] - }, - { + ], "matrix": [ { "783e6dbb-ea0e-411f-94e2-717eaad438bf": { "mdev_type": "vfio_ap-passthrough", -- 2.31.1

2 3

[libvirt PATCH] NEWS: Fix spacing between releases
by Andrea Bolognani 01 Jul '21

01 Jul '21

Signed-off-by: Andrea Bolognani <abologna(a)redhat.com> --- NEWS.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index 552f845211..2536955a4a 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -90,6 +90,7 @@ v7.4.0 (2021-06-01) Having a 0 offset so that the size of the image can be limited is a valid configuration so it was allowed in the XML schema. + v7.3.0 (2021-05-03) =================== @@ -189,6 +190,7 @@ v7.3.0 (2021-05-03) properly when a connection URI or read only flag were specified on ``virsh`` or ``virt-admin`` command line. + v7.2.0 (2021-04-01) =================== -- 2.31.1

1 1

Release of libvirt-7.5.0
by Jiri Denemark 01 Jul '21

01 Jul '21

The 7.5.0 release of both libvirt and libvirt-python is tagged and signed tarballs and source RPMs are available at https://libvirt.org/sources/ https://libvirt.org/sources/python/ Thanks everybody who helped with this release by sending patches, reviewing, testing, or providing any other feedback. Your work is greatly appreciated. * Security * svirt: fix MCS label generation (CVE-2021-3631) A flaw in the way MCS labels were generated could result in a VM's resource not being fully protected from access by another VM were it to be compromised. https://gitlab.com/libvirt/libvirt/-/issues/153 * Removed features * xen: Remove support for Xen < 4.9 In accordance with our platform support policy, the oldest supported Xen version is now bumped from 4.6 to 4.9. * Improvements * docs: Document disk serial truncation status quo Disk ``<serial>`` is being truncated by QEMU before passed to the guest. Since it's impossible to fix it without running into further regressions the documentation was improved to document the intricacies. * Bug fixes * qemu: Fixed validation of disk ``iothread`` configuration The validation of ``iothread`` config was previously moved to a place where it caused bogus errors when address wasn't allocated when hotplugging a disk. The check is now removed as it wasn't actually necessary at all. Enjoy. Jirka

1 0

[PATCH] Add news item for sVirt CVE fix
by Daniel P. Berrangé 01 Jul '21

01 Jul '21

Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com> --- NEWS.rst | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index 935b0d0aad..3297560941 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -11,6 +11,14 @@ For a more fine-grained view, use the `git log`_. v7.5.0 (unreleased) =================== +* **Security fixes** + + * svirt: fix MCS label generation (CVE-2021-3631) + + A flaw in the way MCS labels were generated could result in a VM's + resource not being fully protected from access by another VM were + it to be compromised. https://gitlab.com/libvirt/libvirt/-/issues/153 + * **Removed features** * xen: Remove support for Xen < 4.9 -- 2.31.1

2 1

[PATCH] qemu: code protection for qemuBlockJobEventProcessLegacy
by huangy81＠chinatelecom.cn 01 Jul '21

01 Jul '21

From: Chongyun Wu <wucy11(a)chinatelecom.cn> pointer disk might be null in some special cases or new usage scenarios, therefore code protection is needed to prevent segment faults. Signed-off-by: Chongyun Wu <wucy11(a)chinatelecom.cn> --- src/qemu/qemu_blockjob.c | 43 ++++++++++++++++++++++++------------------- 1 file changed, 24 insertions(+), 19 deletions(-) diff --git a/src/qemu/qemu_blockjob.c b/src/qemu/qemu_blockjob.c index faf9a9f..00506b9 100644 --- a/src/qemu/qemu_blockjob.c +++ b/src/qemu/qemu_blockjob.c @@ -781,12 +781,13 @@ qemuBlockJobEventProcessLegacy(virQEMUDriver *driver, { virDomainDiskDef *disk = job->disk; - VIR_DEBUG("disk=%s, mirrorState=%s, type=%d, state=%d, newstate=%d", - disk->dst, - NULLSTR(virDomainDiskMirrorStateTypeToString(disk->mirrorState)), - job->type, - job->state, - job->newstate); + if (disk) + VIR_DEBUG("disk=%s, mirrorState=%s, type=%d, state=%d, newstate=%d", + disk->dst, + NULLSTR(virDomainDiskMirrorStateTypeToString(disk->mirrorState)), + job->type, + job->state, + job->newstate); if (job->newstate == -1) return; @@ -804,26 +805,30 @@ qemuBlockJobEventProcessLegacy(virQEMUDriver *driver, break; case VIR_DOMAIN_BLOCK_JOB_READY: - disk->mirrorState = VIR_DOMAIN_DISK_MIRROR_STATE_READY; - qemuDomainSaveStatus(vm); + if (disk) { + disk->mirrorState = VIR_DOMAIN_DISK_MIRROR_STATE_READY; + qemuDomainSaveStatus(vm); + } break; case VIR_DOMAIN_BLOCK_JOB_FAILED: case VIR_DOMAIN_BLOCK_JOB_CANCELED: - if (disk->mirror) { - virDomainLockImageDetach(driver->lockManager, vm, disk->mirror); + if (disk) { + if (disk->mirror) { + virDomainLockImageDetach(driver->lockManager, vm, disk->mirror); - /* Ideally, we would restore seclabels on the backing chain here - * but we don't know if somebody else is not using parts of it. - * Remove security driver metadata so that they are not leaked. */ - qemuBlockRemoveImageMetadata(driver, vm, disk->dst, disk->mirror); + /* Ideally, we would restore seclabels on the backing chain here + * but we don't know if somebody else is not using parts of it. + * Remove security driver metadata so that they are not leaked. */ + qemuBlockRemoveImageMetadata(driver, vm, disk->dst, disk->mirror); - virObjectUnref(disk->mirror); - disk->mirror = NULL; + virObjectUnref(disk->mirror); + disk->mirror = NULL; + } + disk->mirrorState = VIR_DOMAIN_DISK_MIRROR_STATE_NONE; + disk->mirrorJob = VIR_DOMAIN_BLOCK_JOB_TYPE_UNKNOWN; + qemuBlockJobUnregister(job, vm); } - disk->mirrorState = VIR_DOMAIN_DISK_MIRROR_STATE_NONE; - disk->mirrorJob = VIR_DOMAIN_BLOCK_JOB_TYPE_UNKNOWN; - qemuBlockJobUnregister(job, vm); break; case VIR_DOMAIN_BLOCK_JOB_LAST: -- 1.8.3.1

3 3