Re: [PATCH] Сheck snapshot disk is not NULL when searching it in the VM config
by Peter Krempa
On Mon, May 20, 2024 at 14:48:47 +0000, Efim Shevrin via Devel wrote:
> Hello,
>
> > If vmdisk is NULL, shouldn't this function (qemuSnapshotDeleteValidate()) return an error?
>
> I think this qemuSnapshotDeleteValidate should not return an error.
>
> It seems to me that when vmdisk is NULL, this does not invalidate
> the snapshot itself, but indicates that the config has changed since
> the snapshot was done. And if the VM config has changed, this adds evidence that the snapshot should be deleted,
> because the snapshot does not reflect the real vm config.
>
> Since we do not have an analogue of the --force option for deleting a snapshot, in the case when qemuSnapshotDeleteValidate returns
> an error when vmdisk is NULL, we will never delete a snapshot which has invalid disk.
Snapshot deletion does have something that can be considered force and
that is the '--metadata' option that removes just the snapshot
definition (metadata) and doesn't touch the disk images.
> > Similarly, disk can be NULL too
> Thank you for the comment regarding the disk variable. I`ve reworked patch.
>
> When creating a snapshot of a VM with multiple hard disks,
> the snapshot takes into account the presence of all disks
> in the system. If, over time, one of the disks is deleted,
> the snapshot will continue to store knowledge of the deleted disk.
> This results in the fact that at the moment of deleting the snapshot,
> at the validation stage, a disk from the snapshot will be searched which
> is not in the VM configuration. As a result, vmdisk variable will
> be equal to NULL. Dereferencing a null pointer at the time of calling
> virStorageSourceIsSameLocation(vmdisk->src, disk->src)
> will result in SIGSEGV.
Crashing is obviously not okay ...
> Also, the disk variable can also be equal to NULL and this
> requires to check that disk != NULL before calling the
> virStorageSourceIsSameLocation function to avoid SIGSEGV.
.. but going ahead with the snapshot deletion isn't always okay either.
The disk isn't referenced by the VM so the disk state can't be merged,
while the state would be merged for any other disk.
When reverting back to a previous snapshot, which is still referencing
the older state of the disk which was removed from the VM, the VM would
see that the image state of disks that were present at deletion would
contain the merged state, but only a partial state for the disk which
was later removed.
3 months
[PATCH 0/4] vircommand: Make FD closing more robust on __APPLE__
by Michal Privoznik
Found these on an old branch. Might as well post them.
Michal Prívozník (4):
vircommand: Drop unused arguments from virCommandMassCloseGetFDs*()
vircommand: Isolate FD dir parsing into a separate function
vircommand: Make sysconf(_SC_OPEN_MAX) failure non-fatal
vircommand: Parse /dev/fd on *BSD-like systems when looking for opened
FDs
src/util/vircommand.c | 43 ++++++++++++++++++-------------------------
1 file changed, 18 insertions(+), 25 deletions(-)
--
2.44.2
3 months, 2 weeks
[PATCH 00/14] Introduce fuzzing of XML formats
by Rayhan Faizel
This series introduces multiple fuzzers developed as part of Google Summer
of Code 2024. We adopt a structure-aware fuzzing approach to fuzz libvirt
XML formats. The fuzzing methodology makes use of libFuzzer and
libprotobuf-mutator. The fuzzers work by mutating intermediate protobufs
and converting them to XML.
The fuzzing method in use requires inclusion of C++ sources. However, C++
compilation will be done only if '-Dfuzz' is enabled. Otherwise, libvirt will
compile normally as before. The fuzzing method works only on clang compilers
which support libFuzzer.
This series introduces a total of six fuzzers:
1. QEMU XML domain
2. QEMU XML hotplug
3. CH XML domain
4. VMX XML domain
5. libXL XML domain
6. NWFilter XML
In terms of the number of crashes discovered, QEMU XML domain, QEMU XML
hotplug and libXL fuzzers are the most interesting ones.
The setup process is documented at the end of the series (patch 14).
Rayhan Faizel (14):
src: Tweak source code to allow C++ compilation
meson: Add support for clang/LLVM coverage instrumentation
tests: Export handlers for fake secondary drivers
schemas: Refactor relaxNG schema to ease protobuf conversion
scripts: Add script to convert relaxNG to protobuf
fuzz: Implement base fuzzing setup for XML domain
fuzz: Implement QEMU XML domain fuzzer
fuzz: Implement QEMU XML hotplug fuzzer
ch: Remove unused variables
fuzz: Implement CH XML domain fuzzer
fuzz: Implement VMX XML domain fuzzer
fuzz: Implement libXL XML domain fuzzer
fuzz: Implement NWFilter XML fuzzer
docs: Document the fuzzers
build-aux/syntax-check.mk | 1 +
docs/kbase/index.rst | 3 +
docs/kbase/internals/meson.build | 1 +
docs/kbase/internals/xml-fuzzing.rst | 120 ++++
meson.build | 55 ++
meson_options.txt | 5 +-
scripts/meson.build | 1 +
scripts/relaxng-to-proto.py | 521 ++++++++++++++++++
src/ch/ch_monitor.c | 2 +-
src/ch/ch_monitor.h | 3 +
src/ch/ch_process.c | 2 -
src/conf/domain_conf.c | 18 +-
src/conf/domain_conf.h | 6 +-
src/conf/netdev_vport_profile_conf.c | 2 +-
src/conf/schemas/basictypes.rng | 20 +-
src/conf/schemas/domaincommon.rng | 11 +-
src/conf/schemas/networkcommon.rng | 14 +-
src/qemu/qemu_hotplug.c | 4 +
src/qemu/qemu_monitor.c | 6 +-
src/qemu/qemu_monitor.h | 2 +-
src/util/virfile.h | 2 +-
src/util/virnetdev.h | 12 +-
src/util/virnetdevip.h | 2 +-
src/util/virnetdevmacvlan.h | 2 +-
src/util/virnetdevvportprofile.c | 2 +-
src/util/virnetdevvportprofile.h | 2 +-
src/util/virnvme.c | 4 +-
src/util/virnvme.h | 2 +-
src/util/viruuid.h | 2 +-
tests/commandhelper.c | 8 +-
tests/fuzz/README.rst | 131 +++++
tests/fuzz/ch_xml_domain_fuzz.cc | 157 ++++++
tests/fuzz/libxl_xml_domain_fuzz.cc | 159 ++++++
tests/fuzz/llvm_symbolizer_wrapper.c | 11 +
tests/fuzz/meson.build | 183 ++++++
tests/fuzz/proto_custom_datatypes.cc | 234 ++++++++
tests/fuzz/proto_custom_datatypes.h | 30 +
tests/fuzz/proto_header_common.h | 51 ++
tests/fuzz/proto_to_xml.cc | 277 ++++++++++
tests/fuzz/proto_to_xml.h | 39 ++
tests/fuzz/protos/meson.build | 46 ++
tests/fuzz/protos/xml_datatypes.proto | 93 ++++
tests/fuzz/protos/xml_domain.proto | 62 +++
tests/fuzz/protos/xml_domain_disk_only.proto | 21 +
.../protos/xml_domain_interface_only.proto | 21 +
tests/fuzz/protos/xml_hotplug.proto | 38 ++
tests/fuzz/protos/xml_nwfilter.proto | 9 +
tests/fuzz/qemu_xml_domain_fuzz.cc | 277 ++++++++++
tests/fuzz/qemu_xml_hotplug_fuzz.cc | 340 ++++++++++++
tests/fuzz/run_fuzz.in | 142 +++++
tests/fuzz/vmx_xml_domain_fuzz.cc | 208 +++++++
tests/fuzz/xml_nwfilter_fuzz.cc | 149 +++++
tests/meson.build | 5 +
tests/qemumonitortestutils.c | 48 ++
tests/qemumonitortestutils.h | 6 +
tests/qemuxmlconftest.c | 249 ---------
tests/testutilsqemu.c | 256 +++++++++
tests/testutilsqemu.h | 57 ++
58 files changed, 3832 insertions(+), 302 deletions(-)
create mode 100644 docs/kbase/internals/xml-fuzzing.rst
create mode 100644 scripts/relaxng-to-proto.py
create mode 100644 tests/fuzz/README.rst
create mode 100644 tests/fuzz/ch_xml_domain_fuzz.cc
create mode 100644 tests/fuzz/libxl_xml_domain_fuzz.cc
create mode 100644 tests/fuzz/llvm_symbolizer_wrapper.c
create mode 100644 tests/fuzz/meson.build
create mode 100644 tests/fuzz/proto_custom_datatypes.cc
create mode 100644 tests/fuzz/proto_custom_datatypes.h
create mode 100644 tests/fuzz/proto_header_common.h
create mode 100644 tests/fuzz/proto_to_xml.cc
create mode 100644 tests/fuzz/proto_to_xml.h
create mode 100644 tests/fuzz/protos/meson.build
create mode 100644 tests/fuzz/protos/xml_datatypes.proto
create mode 100644 tests/fuzz/protos/xml_domain.proto
create mode 100644 tests/fuzz/protos/xml_domain_disk_only.proto
create mode 100644 tests/fuzz/protos/xml_domain_interface_only.proto
create mode 100644 tests/fuzz/protos/xml_hotplug.proto
create mode 100644 tests/fuzz/protos/xml_nwfilter.proto
create mode 100644 tests/fuzz/qemu_xml_domain_fuzz.cc
create mode 100644 tests/fuzz/qemu_xml_hotplug_fuzz.cc
create mode 100644 tests/fuzz/run_fuzz.in
create mode 100644 tests/fuzz/vmx_xml_domain_fuzz.cc
create mode 100644 tests/fuzz/xml_nwfilter_fuzz.cc
--
2.34.1
3 months, 3 weeks
[PATCH] spec: Fix dtrace BuildRequires on fedora 41+
by Cole Robinson
/usr/bin/dtrace has been split from `systemtap-sdt-devel` into
`systemtap-sdt-dtrace`
It's forward and backward compatible to require the dtrace binary
directly.
We still need the latter dep though, for sdt.h in generated
libvirt_probes.h
Signed-off-by: Cole Robinson <crobinso(a)redhat.com>
---
libvirt.spec.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 29101e74fe..86af13a861 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -425,8 +425,8 @@ BuildRequires: libcurl-devel
BuildRequires: libwsman-devel >= 2.6.3
%endif
BuildRequires: audit-libs-devel
-# we need /usr/sbin/dtrace
BuildRequires: systemtap-sdt-devel
+BuildRequires: /usr/bin/dtrace
# For mount/umount in FS driver
BuildRequires: util-linux
# For showmount in FS driver (netfs discovery)
--
2.46.0
3 months, 3 weeks
Changing permissions for /var/lib/libvirt/images/
by Lee Garrett
Hi everyone,
while using virt-v2v I've hit an issue [0], where essentially virt-v2v fails as
non-root user, due to /var/lib/libvirt/images/ belonging to root:root. I
proposed to change the ownership to root:libvirt, and permission bits to
ug=rwx,o=x, as that would allow users of the libvirt group to use virt-v2v
without running as root.
My questions here are: Are there any downsides to this? AFAICS users of the
libvirt group are allowed changed images via the libvirt API anyway, so from the
security standpoint there should be no change. And if there are none, can we
change the upstream default to those permissions?
Thanks in advance,
Lee
P.S.: Keep me CCed, I'm off-list.
[0] downstream Debian bug with more details: https://bugs.debian.org/1054230
3 months, 3 weeks
[PATCH] cpu_map: Add SierraForest CPU model
by Tim Wiederhake
This was added in qemu commit 6e82d3b6220777667968a04c87e1667f164ebe88.
Signed-off-by: Tim Wiederhake <twiederh(a)redhat.com>
---
src/cpu_map/index.xml | 1 +
src/cpu_map/x86_SierraForest.xml | 177 ++++++++++++++++++
.../domaincapsdata/qemu_9.1.0-q35.x86_64.xml | 1 +
.../domaincapsdata/qemu_9.1.0-tcg.x86_64.xml | 1 +
tests/domaincapsdata/qemu_9.1.0.x86_64.xml | 1 +
5 files changed, 181 insertions(+)
create mode 100644 src/cpu_map/x86_SierraForest.xml
diff --git a/src/cpu_map/index.xml b/src/cpu_map/index.xml
index 39bad07f11..15cb63afe5 100644
--- a/src/cpu_map/index.xml
+++ b/src/cpu_map/index.xml
@@ -58,6 +58,7 @@
<include filename='x86_Snowridge.xml'/>
<include filename='x86_SapphireRapids.xml'/>
<include filename='x86_GraniteRapids.xml'/>
+ <include filename='x86_SierraForest.xml'/>
<!-- AMD CPUs -->
<include filename='x86_athlon.xml'/>
diff --git a/src/cpu_map/x86_SierraForest.xml b/src/cpu_map/x86_SierraForest.xml
new file mode 100644
index 0000000000..3fc3049be1
--- /dev/null
+++ b/src/cpu_map/x86_SierraForest.xml
@@ -0,0 +1,177 @@
+<cpus>
+ <model name='SierraForest'>
+ <decode host='on' guest='on'/>
+ <signature family='6' model='175'/>
+ <vendor name='Intel'/>
+ <feature name='3dnowprefetch'/>
+ <feature name='abm'/>
+ <feature name='adx'/>
+ <feature name='aes'/>
+ <feature name='apic'/>
+ <feature name='arat'/>
+ <feature name='arch-capabilities'/>
+ <feature name='avx'/>
+ <feature name='avx-ifma'/>
+ <feature name='avx-ne-convert'/>
+ <feature name='avx-vnni'/>
+ <feature name='avx-vnni-int8'/>
+ <feature name='avx2'/>
+ <feature name='bmi1'/>
+ <feature name='bmi2'/>
+ <feature name='bus-lock-detect'/>
+ <feature name='clflush'/>
+ <feature name='clflushopt'/>
+ <feature name='clwb'/>
+ <feature name='cmov'/>
+ <feature name='cmpccxadd'/>
+ <feature name='cx16'/>
+ <feature name='cx8'/>
+ <feature name='de'/>
+ <feature name='erms'/>
+ <feature name='f16c'/>
+ <feature name='fbsdp-no'/>
+ <feature name='fma'/>
+ <feature name='fpu'/>
+ <feature name='fsgsbase'/>
+ <feature name='fsrm'/>
+ <feature name='fsrs'/>
+ <feature name='fxsr'/>
+ <feature name='gfni'/>
+ <feature name='ibrs-all'/>
+ <feature name='invpcid'/>
+ <feature name='lahf_lm'/>
+ <feature name='lm'/>
+ <feature name='mca'/>
+ <feature name='mcdt-no'/>
+ <feature name='mce'/>
+ <feature name='mds-no'/>
+ <feature name='mmx'/>
+ <feature name='movbe'/>
+ <feature name='msr'/>
+ <feature name='mtrr'/>
+ <feature name='nx'/>
+ <feature name='pae'/>
+ <feature name='pat'/>
+ <feature name='pbrsb-no'/>
+ <feature name='pcid'/>
+ <feature name='pclmuldq'/>
+ <feature name='pdpe1gb'/>
+ <feature name='pge'/>
+ <feature name='pku'/>
+ <feature name='pni'/>
+ <feature name='popcnt'/>
+ <feature name='pschange-mc-no'/>
+ <feature name='psdp-no'/>
+ <feature name='pse'/>
+ <feature name='pse36'/>
+ <feature name='rdctl-no'/>
+ <feature name='rdpid'/>
+ <feature name='rdrand'/>
+ <feature name='rdseed'/>
+ <feature name='rdtscp'/>
+ <feature name='sbdr-ssdp-no'/>
+ <feature name='sep'/>
+ <feature name='serialize'/>
+ <feature name='sha-ni'/>
+ <feature name='skip-l1dfl-vmentry'/>
+ <feature name='smap'/>
+ <feature name='smep'/>
+ <feature name='spec-ctrl'/>
+ <feature name='ssbd'/>
+ <feature name='sse'/>
+ <feature name='sse2'/>
+ <feature name='sse4.1'/>
+ <feature name='sse4.2'/>
+ <feature name='ssse3'/>
+ <feature name='syscall'/>
+ <feature name='tsc'/>
+ <feature name='tsc-deadline'/>
+ <feature name='umip'/>
+ <feature name='vaes'/>
+ <feature name='vme'/>
+ <feature name='vmx-activity-hlt'/>
+ <feature name='vmx-apicv-register'/>
+ <feature name='vmx-apicv-vid'/>
+ <feature name='vmx-apicv-x2apic'/>
+ <feature name='vmx-apicv-xapic'/>
+ <feature name='vmx-cr3-load-noexit'/>
+ <feature name='vmx-cr3-store-noexit'/>
+ <feature name='vmx-cr8-load-exit'/>
+ <feature name='vmx-cr8-store-exit'/>
+ <feature name='vmx-desc-exit'/>
+ <feature name='vmx-entry-ia32e-mode'/>
+ <feature name='vmx-entry-load-efer'/>
+ <feature name='vmx-entry-load-pat'/>
+ <feature name='vmx-entry-load-perf-global-ctrl'/>
+ <feature name='vmx-entry-noload-debugctl'/>
+ <feature name='vmx-ept'/>
+ <feature name='vmx-ept-1gb'/>
+ <feature name='vmx-ept-2mb'/>
+ <feature name='vmx-ept-execonly'/>
+ <feature name='vmx-ept-wb'/>
+ <feature name='vmx-eptad'/>
+ <feature name='vmx-eptp-switching'/>
+ <feature name='vmx-exit-ack-intr'/>
+ <feature name='vmx-exit-load-efer'/>
+ <feature name='vmx-exit-load-pat'/>
+ <feature name='vmx-exit-load-perf-global-ctrl'/>
+ <feature name='vmx-exit-nosave-debugctl'/>
+ <feature name='vmx-exit-save-efer'/>
+ <feature name='vmx-exit-save-pat'/>
+ <feature name='vmx-exit-save-preemption-timer'/>
+ <feature name='vmx-flexpriority'/>
+ <feature name='vmx-hlt-exit'/>
+ <feature name='vmx-ins-outs'/>
+ <feature name='vmx-intr-exit'/>
+ <feature name='vmx-invept'/>
+ <feature name='vmx-invept-all-context'/>
+ <feature name='vmx-invept-single-context'/>
+ <feature name='vmx-invlpg-exit'/>
+ <feature name='vmx-invpcid-exit'/>
+ <feature name='vmx-invvpid'/>
+ <feature name='vmx-invvpid-all-context'/>
+ <feature name='vmx-invvpid-single-addr'/>
+ <feature name='vmx-invvpid-single-context'/>
+ <feature name='vmx-invvpid-single-context-noglobals'/>
+ <feature name='vmx-io-bitmap'/>
+ <feature name='vmx-io-exit'/>
+ <feature name='vmx-monitor-exit'/>
+ <feature name='vmx-movdr-exit'/>
+ <feature name='vmx-msr-bitmap'/>
+ <feature name='vmx-mtf'/>
+ <feature name='vmx-mwait-exit'/>
+ <feature name='vmx-nmi-exit'/>
+ <feature name='vmx-page-walk-4'/>
+ <feature name='vmx-pause-exit'/>
+ <feature name='vmx-pml'/>
+ <feature name='vmx-posted-intr'/>
+ <feature name='vmx-preemption-timer'/>
+ <feature name='vmx-rdpmc-exit'/>
+ <feature name='vmx-rdrand-exit'/>
+ <feature name='vmx-rdseed-exit'/>
+ <feature name='vmx-rdtsc-exit'/>
+ <feature name='vmx-rdtscp-exit'/>
+ <feature name='vmx-secondary-ctls'/>
+ <feature name='vmx-shadow-vmcs'/>
+ <feature name='vmx-store-lma'/>
+ <feature name='vmx-true-ctls'/>
+ <feature name='vmx-tsc-offset'/>
+ <feature name='vmx-unrestricted-guest'/>
+ <feature name='vmx-vintr-pending'/>
+ <feature name='vmx-vmfunc'/>
+ <feature name='vmx-vmwrite-vmexit-fields'/>
+ <feature name='vmx-vnmi'/>
+ <feature name='vmx-vnmi-pending'/>
+ <feature name='vmx-vpid'/>
+ <feature name='vmx-wbinvd-exit'/>
+ <feature name='vmx-xsaves'/>
+ <feature name='vpclmulqdq'/>
+ <feature name='wbnoinvd'/>
+ <feature name='x2apic'/>
+ <feature name='xgetbv1'/>
+ <feature name='xsave'/>
+ <feature name='xsavec'/>
+ <feature name='xsaveopt'/>
+ <feature name='xsaves'/>
+ </model>
+</cpus>
diff --git a/tests/domaincapsdata/qemu_9.1.0-q35.x86_64.xml b/tests/domaincapsdata/qemu_9.1.0-q35.x86_64.xml
index ef364621c4..5db1b2486c 100644
--- a/tests/domaincapsdata/qemu_9.1.0-q35.x86_64.xml
+++ b/tests/domaincapsdata/qemu_9.1.0-q35.x86_64.xml
@@ -98,6 +98,7 @@
<model usable='no' vendor='Intel'>Skylake-Client-noTSX-IBRS</model>
<model usable='no' vendor='Intel'>Skylake-Client-IBRS</model>
<model usable='no' vendor='Intel'>Skylake-Client</model>
+ <model usable='no' vendor='Intel'>SierraForest</model>
<model usable='no' vendor='Intel'>SapphireRapids</model>
<model usable='no' vendor='Intel'>SandyBridge-IBRS</model>
<model usable='yes' vendor='Intel'>SandyBridge</model>
diff --git a/tests/domaincapsdata/qemu_9.1.0-tcg.x86_64.xml b/tests/domaincapsdata/qemu_9.1.0-tcg.x86_64.xml
index 2415f76f92..3aa47fa247 100644
--- a/tests/domaincapsdata/qemu_9.1.0-tcg.x86_64.xml
+++ b/tests/domaincapsdata/qemu_9.1.0-tcg.x86_64.xml
@@ -93,6 +93,7 @@
<model usable='no' vendor='Intel'>Skylake-Client-noTSX-IBRS</model>
<model usable='no' vendor='Intel'>Skylake-Client-IBRS</model>
<model usable='no' vendor='Intel'>Skylake-Client</model>
+ <model usable='no' vendor='Intel'>SierraForest</model>
<model usable='no' vendor='Intel'>SapphireRapids</model>
<model usable='no' vendor='Intel'>SandyBridge-IBRS</model>
<model usable='no' vendor='Intel'>SandyBridge</model>
diff --git a/tests/domaincapsdata/qemu_9.1.0.x86_64.xml b/tests/domaincapsdata/qemu_9.1.0.x86_64.xml
index 8cba35fbc4..59d1cab3c9 100644
--- a/tests/domaincapsdata/qemu_9.1.0.x86_64.xml
+++ b/tests/domaincapsdata/qemu_9.1.0.x86_64.xml
@@ -97,6 +97,7 @@
<model usable='no' vendor='Intel'>Skylake-Client-noTSX-IBRS</model>
<model usable='no' vendor='Intel'>Skylake-Client-IBRS</model>
<model usable='no' vendor='Intel'>Skylake-Client</model>
+ <model usable='no' vendor='Intel'>SierraForest</model>
<model usable='no' vendor='Intel'>SapphireRapids</model>
<model usable='no' vendor='Intel'>SandyBridge-IBRS</model>
<model usable='yes' vendor='Intel'>SandyBridge</model>
--
2.43.0
3 months, 3 weeks
Re: [PATCH] chardev: allow specifying finer-grained reconnect timeouts
by Markus Armbruster
Daniil Tatianin <d-tatianin(a)yandex-team.ru> writes:
> The "reconnect" option only allows to specify the time in seconds,
> which is way too long for certain workflows.
>
> We have a lightweight disk backend server, which takes about 20ms to
> live update, but due to this limitation in QEMU, previously the guest
> disk controller would hang for one second because it would take this
> long for QEMU to reinitialize the socket connection.
>
> Make it possible to specify a smaller timeout by treating the value in
> "reconnect" as milliseconds via the new "reconnect-is-ms" option.
>
> Signed-off-by: Daniil Tatianin <d-tatianin(a)yandex-team.ru>
Your use case demonstrates that a granularity of seconds was the wrong
choice for the reconnection delay.
[...]
> diff --git a/qapi/char.json b/qapi/char.json
> index ef58445cee..61aeccf09d 100644
> --- a/qapi/char.json
> +++ b/qapi/char.json
> @@ -272,8 +272,13 @@
> # (default: false) (Since: 3.1)
> #
> # @reconnect: For a client socket, if a socket is disconnected, then
> -# attempt a reconnect after the given number of seconds. Setting
> -# this to zero disables this function. (default: 0) (Since: 2.2)
> +# attempt a reconnect after the given number of seconds (unless
> +# @reconnect-is-ms is set to true, in that case the number is
> +# treated as milliseconds). Setting this to zero disables
> +# this function. (default: 0) (Since: 2.2)
> +#
> +# @reconnect-is-ms: The value specified in @reconnect should be treated
> +# as milliseconds. (default: false) (Since: 9.2)
> #
> # Since: 1.4
> ##
> @@ -287,7 +292,8 @@
> '*telnet': 'bool',
> '*tn3270': 'bool',
> '*websocket': 'bool',
> - '*reconnect': 'int' },
> + '*reconnect': 'int',
> + '*reconnect-is-ms': 'bool' },
> 'base': 'ChardevCommon' }
>
> ##
I don't like this interface.
PRO: compatible extension; no management application updates needed
unless they want to support sub-second delays.
CON: specifying a sub-second delay takes two parameters, which is
awkward.
CON: trap in combination with -set. Before the patch, something like
-set chardev.ID.reconnect=N means N seconds no matter what.
Afterwards, it depends on the value of reconnect-is-ms, which may be
set far away. Mitigating factor: -set is obscure.
Alternatives:
1. Change @reconnect to 'number', specify sub-second delays as
fractions.
PRO: compatible extension; no management application updates needed
unless they want to support sub-second delays.
CON: first use of floating-point for time in seconds in QAPI, as far
as I can see.
CON: QemuOpts can't do floating-point.
2. Deprecate @reconnect in favour of a new member with a more suitable
unit. Error if both are present.
PRO: after @reconnect is gone, the interface is what it arguably
should've been from the start.
CON: incompatible change. Management application updates needed
within the deprecation grace period.
Let's get additional input from management application developers. I
cc'ed some.
Related: NetdevSocketOptions member @reconnect.
3 months, 4 weeks
[PATCH 0/3] Add TPM emulator <source file=''/>
by marcandre.lureau@redhat.com
From: Marc-André Lureau <marcandre.lureau(a)redhat.com>
Hi,
When swtpm capabilities reports "nvram-backend-dir", it can accepts a single
file or block device where TPM state will be stored.
--tpmstate must be backend-uri=file://.
Let me know what you think of this approach of exposing this.
Related: https://issues.redhat.com/browse/CNV-35250
Marc-André Lureau (3):
util: check swtpm nvram-backend-dir capability
schema: add TPM emulator <source file='..'>
qemu_tpm: handle file/block storage
docs/formatdomain.rst | 15 +++++
src/conf/domain_conf.c | 21 ++++++
src/conf/domain_conf.h | 6 ++
src/conf/schemas/domaincommon.rng | 11 +++
src/qemu/qemu_tpm.c | 74 +++++++++++++++++----
src/util/virtpm.c | 1 +
src/util/virtpm.h | 1 +
tests/qemuxmlconfdata/tpm-emulator-tpm2.xml | 1 +
8 files changed, 117 insertions(+), 13 deletions(-)
--
2.45.2.827.g557ae147e6
3 months, 4 weeks
[PATCH] NEWS: Mention fix for CVE-2024-8235
by Peter Krempa
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
NEWS.rst | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 9234e70590..755f51d5b7 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -13,6 +13,18 @@ v10.7.0 (unreleased)
* **Security**
+ * CVE-2024-8235: Crash of ``virtinterfaced`` via ``virConnectListInterfaces()``
+
+ A refactor of the code fetching the list of interfaces for multiple APIs
+ introduced corner case on platforms where allocating 0 bytes of memory
+ results in a NULL pointer.
+
+ This corner case would lead to a NULL-pointer dereference and subsequent
+ crash of ``virtinterfaced`` if ``virConnectListInterfaces()`` is called
+ requesting 0 networks to be filled.
+
+ The bug was introduced in libvirt-10.4.0
+
* **Removed features**
* **New features**
--
2.46.0
3 months, 4 weeks
Entering freeze for libvirt-10.7.0
by Jiri Denemark
I have just tagged v10.7.0-rc1 in the repository and pushed signed
tarballs to https://download.libvirt.org/
Please give the release candidate some testing and in case you find a
serious issue which should have a fix in the upcoming release, feel
free to reply to this thread to make sure the issue is more visible.
If you have not done so yet, please update NEWS.rst to document any
significant change you made since the last release.
Thanks,
Jirka
3 months, 4 weeks