Re: [libvirt] [PATCH] Introduce virConnectCrashDaemon API
On 04/01/14 09:34, Ján Tomko wrote:
This reduces the affect of an unexpected DoS vulnerablity in
libvirtd.
---
include/libvirt/libvirt.h.in | 13 +++++++++++++
src/driver.h | 5 +++++
src/libvirt.c | 32 +++++++++++++++++++++++++++++++
src/libvirt_private.syms | 1 +
src/libvirt_public.syms | 4 ++++
src/qemu/qemu_driver.c | 16 ++++++++++++++++
src/remote/remote_driver.c | 1 +
src/remote/remote_protocol.x | 15 ++++++++++++++-
src/util/virutil.c | 23 ++++++++++++++++++++++
src/util/virutil.h | 1 +
tools/virsh-host.c | 45 ++++++++++++++++++++++++++++++++++++++++++++
11 files changed, 155 insertions(+), 1 deletion(-)
...
+
+static bool
+cmdCrash(vshControl *ctl, const vshCmd *cmd ATTRIBUTE_UNUSED)
+{
+ unsigned int flags = VIR_CONNECT_CRASH_RANDOM;
+
+ if (vshCommandOptBool(cmd, "null"))
+ flags = VIR_CONNECT_CRASH_NULL_PTR;
+ if (vshCommandOptBool(cmd, "doublefree"))
+ flags = VIR_CONNECT_CRASH_DOUBLE_FREE;
The random crash method is not accessible here.
+
+ virConnectCrashDaemon(ctl->conn, flags);
+ return true;
+}
+
const vshCmdDef hostAndHypervisorCmds[] = {
{.name = "capabilities",
.handler = cmdCapabilities,
I really like this API, this will allow us to decrease load on the
libvirt-security list and avoid us having to go through the tedious CVE
process for every little crasher.
Additionally it will help attackers to avoid having to look through
complex code paths to crash the daemon by presenting them with a very
userfriendly API!
ACK if you support the random crash method too ;)
Peter
Attachments:
- signature.asc (application/pgp-signature — 901 bytes)