Hello community,
here is the log from the commit of package libvirt.2428 for openSUSE:13.1:Update checked in at 2014-01-03 21:14:33
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:13.1:Update/libvirt.2428 (Old)
and /work/SRC/openSUSE:13.1:Update/.libvirt.2428.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libvirt.2428"
Changes:
--------
New Changes file:
--- /dev/null 2013-11-25 01:44:08.036031256 +0100
+++ /work/SRC/openSUSE:13.1:Update/.libvirt.2428.new/libvirt.changes 2014-01-03 21:14:35.000000000 +0100
@@ -0,0 +1,2268 @@
+-------------------------------------------------------------------
+Fri Dec 20 09:04:45 MST 2013 - jfehlig@suse.com
+
+- CVE-2013-6436: Fix crashes in lxc memtune code, one of which
+ results in DoS
+ f8c1cb90-CVE-2013-6436.patch, 9faf3f29-LXC-memtune.patch
+ bnc#854486
+
+-------------------------------------------------------------------
+Thu Dec 12 21:00:32 UTC 2013 - cbosdonnat@suse.com
+
+- Backported upstream patch to fix LXC container failing start.
+ bnc#855239
+
+-------------------------------------------------------------------
+Mon Dec 9 13:07:29 MST 2013 - jfehlig@suse.com
+
+- Building with polkit support requires polkit-devel
+ bnc#854144
+
+-------------------------------------------------------------------
+Fri Dec 6 10:52:56 MST 2013 - jfehlig@suse.com
+
+- More adjustments to the spec file to fix package dependency
+ issues
+ bnc#848918
+
+-------------------------------------------------------------------
+Tue Nov 26 14:46:21 MST 2013 - jfehlig@suse.com
+
+- Allow execution of libvirt hook scripts in /etc/libvirt/hooks/
+ in libvirtd AppArmor profile
+
+-------------------------------------------------------------------
+Tue Nov 19 14:23:27 MST 2013 - jfehlig@suse.com
+
+- Allow execution of Xen binaries in /usr/lib{,64}/xen/bin in
+ libvirtd AppArmor profile
+ bnc#849524
+
+-------------------------------------------------------------------
+Tue Nov 19 13:09:31 MST 2013 - jfehlig@suse.com
+
+- Require libvirt-daemon-<hypervisor> in the main libvirt package
+ for each supported hypervisor
+ bnc#850882
+
+-------------------------------------------------------------------
+Mon Nov 4 15:44:39 MST 2013 - jfehlig@suse.com
+
+- Fix initialization of libxl NIC devices
+ libxl-hvm-nic.patch
+ bnc#848918
+
+-------------------------------------------------------------------
+Wed Oct 30 08:35:47 MDT 2013 - jfehlig@suse.com
+
+- Fix typo in libvirtd apparmor profile which prevented the profile
+ from loading
+ bnc#848216
+
+-------------------------------------------------------------------
+Fri Oct 25 13:10:27 MDT 2013 - jfehlig@suse.com
+
+- libxl driver: fix initialization of VNC and SDL info for
+ HVM domains
+ libxl-hvm-vnc.patch
+ bnc#847566
+- Allow libvirtd apparmor profile to access /etc/xen/scripts/*
+
+-------------------------------------------------------------------
+Tue Oct 22 21:37:08 MDT 2013 - jfehlig@suse.com
+
+- Fix file descriptor passing in python bindings
+ e350826c-python-fix-fd-passing.patch
+ rhb#1021434
+
+-------------------------------------------------------------------
+Tue Oct 22 14:37:08 MDT 2013 - cbosdonnat@suse.com
+
+- Have systemd terminate the machine as a workaround of fdo#68370
+ bd773e74-lxc-terminate-machine.patch
+ bnc#842834
+
+-------------------------------------------------------------------
+Tue Oct 22 12:28:03 MDT 2013 - jfehlig@suse.com
+
+- Spec file fixes to only package libvirt-login-shell when
+ building the LXC driver
+
+-------------------------------------------------------------------
+Mon Oct 21 11:33:03 MDT 2013 - jfehlig@suse.com
+
+- CVE-2013-4400: Unsantized use of env variables allows privilege
+ escalation via virt-login-shell
+ ae53e5d1-CVE-2013-4400.patch, 8c3586ea-CVE-2013-4400.patch,
+ b7fcc799a-CVE-2013-4400.patch, 3e2f27e1-CVE-2013-4400.patch,
+ 5a0ea4b7-CVE-2013-4400.patch, 843bdb2f-CVE-2013-4400.patch
+ bnc#837609
+- CVE-2013-4401: Fix perms for virConnectDomainXML{To,From}Native
+ 57687fd6-CVE-2013-4401.patch
+ bnc#845704
+
+-------------------------------------------------------------------
+Fri Oct 18 14:42:39 MDT 2013 - jfehlig@suse.com
+
+- Move hypervisor-specific files out of libvirt-daemon package
+ and into libvirt-daemon-<hypervisor> subpackage
+ bnc#845851
+- conf: Don't crash on invalid chardev source definition
+ 79552754-libvirtd-chardev-crash.patch
+ bnc#845704, rhb#1012196
+
+-------------------------------------------------------------------
+Thu Oct 17 14:14:46 MDT 2013 - jfehlig@suse.com
+
+- Use newer libnl3 instead of libnl-1_1
+ bnc#845540
+
+-------------------------------------------------------------------
+Mon Oct 14 22:20:41 MDT 2013 - jfehlig@suse.com
+
+- Move virt-login-shell to new subpackage libvirt-login-shell,
+ requiring users to opt-in for this setuid binary. Note: For now,
+ virt-login-shell will not have setuid permissions, pending
+ resolution of bnc#837609
+
+-------------------------------------------------------------------
+Mon Oct 14 21:25:49 MDT 2013 - jfehlig@suse.com
+
+- qemu: Fix seamless SPICE migration
+ 484cc321-fix-spice-migration.patch
+ bnc#842301
+
+-------------------------------------------------------------------
+Mon Oct 14 20:33:43 MDT 2013 - jfehlig@suse.com
+
+- CVE-2013-4399: Fix crash in libvirtd when events are registered
+ and ACLs active
+ 8294aa0c-CVE-2013-4399.patch
+ bnc#844052, bnc#842300
+
+-------------------------------------------------------------------
+Mon Oct 14 16:40:25 MDT 2013 - jfehlig@suse.com
+
+- Update the stale gettext BuildRequires and Requires dependencies
+ in the spec file
+ bnc#841325
+
+-------------------------------------------------------------------
+Mon Oct 14 16:01:46 MDT 2013 - jfehlig@suse.com
+
+- virt-aa-helper apparmor profile was denying read access to
+ /proc/$PID/*. Give read accesss to these files.
+ Updated install-apparmor-profiles.patch
+ bnc#841720
+
+-------------------------------------------------------------------
+Mon Oct 14 13:46:14 MDT 2013 - jfehlig@suse.com
+
+- libvirtd apparmor profile was denying access to
+ /usr/lib/xen/bin/qemu-system-i386, which is now the default
+ emulator used with Xen guests
+ Updated install-apparmor-profiles.patch
+ bnc#845648
+
+-------------------------------------------------------------------
+Thu Oct 3 11:04:26 MDT 2013 - jfehlig@suse.com
+
+- Fix condrestart|try-restart invocation of virtlockd init script
+ Modifed virtlockd-init-script.patch
+
+-------------------------------------------------------------------
+Tue Sep 17 16:29:20 MDT 2013 - jfehlig@suse.com
+
+- CVE-2013-4311: Add support for using 3-arg pkcheck syntax for
+ process
+ db7a5688-CVE-2013-4311.patch, e65667c0-CVE-2013-4311.patch,
+ 922b7fda-CVE-2013-4311.patch, e4697b92-CVE-2013-4311.patch
+ bnc#836931
+
+-------------------------------------------------------------------
+Thu Sep 5 15:28:28 MDT 2013 - jfehlig@suse.com
+
+- CVE-2013-4296: Fix crash in remoteDispatchDomainMemoryStats
+ e7f400a1-CVE-2013-4296.patch
+ bnc#838638
+- CVE-2013-4297: Fix crash in virFileNBDDeviceAssociate
+ 2dba0323-CVE-2013-4297.patch
+ bnc#838642
+
+-------------------------------------------------------------------
+Tue Sep 3 11:04:45 MDT 2013 - jfehlig@suse.com
+
+- Update to libvirt 1.1.2
+ - various improvements to libxl driver
+ - systemd integration improvements
++++ 2071 more lines (skipped)
++++ between /dev/null
++++ and /work/SRC/openSUSE:13.1:Update/.libvirt.2428.new/libvirt.changes
New:
----
2dba0323-CVE-2013-4297.patch
3e2f27e1-CVE-2013-4400.patch
484cc321-fix-spice-migration.patch
57687fd6-CVE-2013-4401.patch
5a0ea4b7-CVE-2013-4400.patch
79552754-libvirtd-chardev-crash.patch
8294aa0c-CVE-2013-4399.patch
843bdb2f-CVE-2013-4400.patch
8c3586ea-CVE-2013-4400.patch
922b7fda-CVE-2013-4311.patch
97973ebb-LXC-threading-error.patch
9faf3f29-LXC-memtune.patch
ae53e5d1-CVE-2013-4400.patch
b7fcc799a-CVE-2013-4400.patch
baselibs.conf
bd773e74-lxc-terminate-machine.patch
clone.patch
db7a5688-CVE-2013-4311.patch
e350826c-python-fix-fd-passing.patch
e4697b92-CVE-2013-4311.patch
e65667c0-CVE-2013-4311.patch
e7f400a1-CVE-2013-4296.patch
f8c1cb90-CVE-2013-6436.patch
fix-pci-attach-xen-driver.patch
install-apparmor-profiles.patch
libvirt-1.1.2.tar.bz2
libvirt-guests-init-script.patch
libvirt-suse-netcontrol.patch
libvirt.changes
libvirt.spec
libvirtd-defaults.patch
libvirtd-init-script.patch
libvirtd-relocation-server.fw
libvirtd.init
libxl-hvm-nic.patch
libxl-hvm-vnc.patch
support-managed-pci-xen-driver.patch
suse-qemu-conf.patch
systemd-service-xen.patch
virtlockd-init-script.patch
xen-name-for-devid.patch
xen-pv-cdrom.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libvirt.spec ++++++
++++ 1785 lines (skipped)
++++++ 2dba0323-CVE-2013-4297.patch ++++++
commit 2dba0323ff0cec31bdcea9dd3b2428af297401f2
Author: Michal Privoznik
Date: Tue Sep 3 18:56:06 2013 +0200
virFileNBDDeviceAssociate: Avoid use of uninitialized variable
The @qemunbd variable can be used uninitialized.
Index: libvirt-1.1.2/src/util/virfile.c
===================================================================
--- libvirt-1.1.2.orig/src/util/virfile.c
+++ libvirt-1.1.2/src/util/virfile.c
@@ -732,7 +732,7 @@ int virFileNBDDeviceAssociate(const char
char **dev)
{
char *nbddev;
- char *qemunbd;
+ char *qemunbd = NULL;
virCommandPtr cmd = NULL;
int ret = -1;
const char *fmtstr = NULL;
++++++ 3e2f27e1-CVE-2013-4400.patch ++++++
commit 3e2f27e13b94f7302ad948bcacb5e02c859a25fc
Author: Daniel P. Berrange
Date: Thu Oct 10 13:09:08 2013 +0100
Don't link virt-login-shell against libvirt.so (CVE-2013-4400)
The libvirt.so library has far too many library deps to allow
linking against it from setuid programs. Those libraries can
do stuff in __attribute__((constructor) functions which is
not setuid safe.
The virt-login-shell needs to link directly against individual
files that it uses, with all library deps turned off except
for libxml2 and libselinux.
Create a libvirt-setuid-rpc-client.la library which is linked
to by virt-login-shell. A config-post.h file allows this library
to disable all external deps except libselinux and libxml2.
Signed-off-by: Daniel P. Berrange
Index: libvirt-1.1.2/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/Makefile.am
+++ libvirt-1.1.2/Makefile.am
@@ -31,6 +31,7 @@ XML_EXAMPLES = \
test/*.xml storage/*.xml)))
EXTRA_DIST = \
+ config-post.h \
ChangeLog-old \
libvirt.spec libvirt.spec.in \
mingw-libvirt.spec.in \
Index: libvirt-1.1.2/config-post.h
===================================================================
--- /dev/null
+++ libvirt-1.1.2/config-post.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2013 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * http://www.gnu.org/licenses/.
+ */
+
+/*
+ * Since virt-login-shell will be setuid, we must do everything
+ * we can to avoid linking to other libraries. Many of them do
+ * unsafe things in functions marked __atttribute__((constructor)).
+ * The only way avoid to avoid such deps is to re-compile the
+ * functions with the code in question disabled, and for that we
+ * must override the main config.h rules. Hence this file :-(
+ */
+
+#ifdef LIBVIRT_SETUID_RPC_CLIENT
+# undef HAVE_LIBDEVMAPPER_H
+# undef HAVE_LIBNL
+# undef HAVE_LIBNL3
+# undef HAVE_LIBSASL2
+# undef WITH_CAPNG
+# undef WITH_CURL
+# undef WITH_DTRACE_PROBES
+# undef WITH_GNUTLS
+# undef WITH_MACVTAP
+# undef WITH_NUMACTL
+# undef WITH_SASL
+# undef WITH_SSH2
+# undef WITH_VIRTUALPORT
+# undef WITH_YAJL
+# undef WITH_YAJL2
+#endif
Index: libvirt-1.1.2/configure.ac
===================================================================
--- libvirt-1.1.2.orig/configure.ac
+++ libvirt-1.1.2/configure.ac
@@ -20,6 +20,7 @@ AC_INIT([libvirt], [1.1.2], [libvir-list
AC_CONFIG_SRCDIR([src/libvirt.c])
AC_CONFIG_AUX_DIR([build-aux])
AC_CONFIG_HEADERS([config.h])
+AH_BOTTOM([#include ])
AC_CONFIG_MACRO_DIR([m4])
dnl Make automake keep quiet about wildcards & other GNUmake-isms
AM_INIT_AUTOMAKE([-Wno-portability tar-ustar])
Index: libvirt-1.1.2/daemon/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/daemon/Makefile.am
+++ libvirt-1.1.2/daemon/Makefile.am
@@ -18,6 +18,7 @@
INCLUDES = \
-I$(top_builddir)/gnulib/lib -I$(top_srcdir)/gnulib/lib \
+ -I$(top_srcdir) \
-I$(top_builddir)/include -I$(top_srcdir)/include \
-I$(top_builddir)/src -I$(top_srcdir)/src \
-I$(top_srcdir)/src/util \
Index: libvirt-1.1.2/examples/domain-events/events-c/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/examples/domain-events/events-c/Makefile.am
+++ libvirt-1.1.2/examples/domain-events/events-c/Makefile.am
@@ -15,7 +15,8 @@
## http://www.gnu.org/licenses/.
INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include \
- -I$(top_builddir)/gnulib/lib -I$(top_srcdir)/gnulib/lib
+ -I$(top_builddir)/gnulib/lib -I$(top_srcdir)/gnulib/lib \
+ -I$(top_srcdir)
noinst_PROGRAMS = event-test
event_test_CFLAGS = $(WARN_CFLAGS)
event_test_SOURCES = event-test.c
Index: libvirt-1.1.2/examples/hellolibvirt/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/examples/hellolibvirt/Makefile.am
+++ libvirt-1.1.2/examples/hellolibvirt/Makefile.am
@@ -14,7 +14,7 @@
## License along with this library. If not, see
## http://www.gnu.org/licenses/.
-INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include
+INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include -I$(top_srcdir)
noinst_PROGRAMS = hellolibvirt
hellolibvirt_CFLAGS = $(WARN_CFLAGS)
hellolibvirt_SOURCES = hellolibvirt.c
Index: libvirt-1.1.2/examples/openauth/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/examples/openauth/Makefile.am
+++ libvirt-1.1.2/examples/openauth/Makefile.am
@@ -14,7 +14,7 @@
## License along with this library. If not, see
## http://www.gnu.org/licenses/.
-INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include
+INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include -I$(top_srcdir)
noinst_PROGRAMS = openauth
openauth_CFLAGS = $(WARN_CFLAGS)
openauth_SOURCES = openauth.c
Index: libvirt-1.1.2/gnulib/lib/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/gnulib/lib/Makefile.am
+++ libvirt-1.1.2/gnulib/lib/Makefile.am
@@ -27,4 +27,4 @@ noinst_LTLIBRARIES =
include gnulib.mk
-INCLUDES = $(GETTEXT_CPPFLAGS)
+INCLUDES = -I$(top_srcdir) $(GETTEXT_CPPFLAGS)
Index: libvirt-1.1.2/python/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/python/Makefile.am
+++ libvirt-1.1.2/python/Makefile.am
@@ -20,6 +20,7 @@ INCLUDES = \
$(PYTHON_INCLUDES) \
-I$(top_builddir)/gnulib/lib \
-I$(top_srcdir)/gnulib/lib \
+ -I$(top_srcdir) \
-I$(top_builddir)/src \
-I$(top_srcdir)/src \
-I$(top_srcdir)/src/util \
Index: libvirt-1.1.2/src/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/src/Makefile.am
+++ libvirt-1.1.2/src/Makefile.am
@@ -21,6 +21,7 @@
# that actually use them. Also keep GETTEXT_CPPFLAGS at the end.
INCLUDES = -I../gnulib/lib \
-I$(top_srcdir)/gnulib/lib \
+ -I$(top_srcdir) \
-I../include \
-I$(top_srcdir)/include \
-I$(top_srcdir)/src/util \
@@ -1917,6 +1918,77 @@ libvirt_lxc_la_LDFLAGS = \
libvirt_lxc_la_CFLAGS = $(AM_CFLAGS)
libvirt_lxc_la_LIBADD = libvirt.la $(CYGWIN_EXTRA_LIBADD)
+# Since virt-login-shell will be setuid, we must do everything
+# we can to avoid linking to other libraries. Many of them do
+# unsafe things in functions marked __atttribute__((constructor)).
+# This library is built to include the bare minimum required to
+# have a RPC client for local UNIX socket access only. We use
+# the ../config-post.h header to disable all external deps that
+# we don't want
+if WITH_LXC
+noinst_LTLIBRARIES += libvirt-setuid-rpc-client.la
+
+libvirt_setuid_rpc_client_la_SOURCES = \
+ util/viralloc.c \
+ util/virbitmap.c \
+ util/virbuffer.c \
+ util/vircommand.c \
+ util/virconf.c \
+ util/virerror.c \
+ util/virevent.c \
+ util/vireventpoll.c \
+ util/virfile.c \
+ util/virhash.c \
+ util/virhashcode.c \
+ util/virjson.c \
+ util/virlog.c \
+ util/virobject.c \
+ util/virpidfile.c \
+ util/virprocess.c \
+ util/virrandom.c \
+ util/virsocketaddr.c \
+ util/virstoragefile.c \
+ util/virstring.c \
+ util/virtime.c \
+ util/virthread.c \
+ util/virtypedparam.c \
+ util/viruri.c \
+ util/virutil.c \
+ util/viruuid.c \
+ conf/domain_event.c \
+ rpc/virnetsocket.c \
+ rpc/virnetsocket.h \
+ rpc/virnetmessage.h \
+ rpc/virnetmessage.c \
+ rpc/virkeepalive.c \
+ rpc/virkeepalive.h \
+ rpc/virnetclient.c \
+ rpc/virnetclientprogram.c \
+ rpc/virnetclientstream.c \
+ rpc/virnetprotocol.c \
+ remote/remote_driver.c \
+ remote/remote_protocol.c \
+ remote/qemu_protocol.c \
+ remote/lxc_protocol.c \
+ datatypes.c \
+ libvirt.c \
+ libvirt-lxc.c \
+ $(NULL)
+
+libvirt_setuid_rpc_client_la_LDFLAGS = \
+ $(AM_LDFLAGS) \
+ $(LIBXML_LIBS) \
+ $(SELINUX_LIBS) \
+ $(NULL)
+libvirt_setuid_rpc_client_la_CFLAGS = \
+ -DLIBVIRT_SETUID_RPC_CLIENT \
+ -I$(top_srcdir)/src/conf \
+ -I$(top_srcdir)/src/rpc \
+ $(AM_CFLAGS) \
+ $(SELINUX_CFLAGS) \
+ $(NULL)
+endif WITH_LXC
+
lockdriverdir = $(libdir)/libvirt/lock-driver
lockdriver_LTLIBRARIES =
Index: libvirt-1.1.2/src/libvirt.c
===================================================================
--- libvirt-1.1.2.orig/src/libvirt.c
+++ libvirt-1.1.2/src/libvirt.c
@@ -446,40 +446,46 @@ virGlobalInit(void)
goto error;
/*
+ * Note we must avoid everything except 'remote' driver
+ * for virt-login-shell usage
+ */
+#ifndef LIBVIRT_SETUID_RPC_CLIENT
+ /*
* Note that the order is important: the first ones have a higher
* priority when calling virConnectOpen.
*/
-#ifdef WITH_TEST
+# ifdef WITH_TEST
if (testRegister() == -1)
goto error;
-#endif
-#ifdef WITH_OPENVZ
+# endif
+# ifdef WITH_OPENVZ
if (openvzRegister() == -1)
goto error;
-#endif
-#ifdef WITH_VMWARE
+# endif
+# ifdef WITH_VMWARE
if (vmwareRegister() == -1)
goto error;
-#endif
-#ifdef WITH_PHYP
+# endif
+# ifdef WITH_PHYP
if (phypRegister() == -1)
goto error;
-#endif
-#ifdef WITH_ESX
+# endif
+# ifdef WITH_ESX
if (esxRegister() == -1)
goto error;
-#endif
-#ifdef WITH_HYPERV
+# endif
+# ifdef WITH_HYPERV
if (hypervRegister() == -1)
goto error;
-#endif
-#ifdef WITH_XENAPI
+# endif
+# ifdef WITH_XENAPI
if (xenapiRegister() == -1)
goto error;
-#endif
-#ifdef WITH_PARALLELS
+# endif
+# ifdef WITH_PARALLELS
if (parallelsRegister() == -1)
goto error;
+# endif
#endif
#ifdef WITH_REMOTE
if (remoteRegister() == -1)
Index: libvirt-1.1.2/tools/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/tools/Makefile.am
+++ libvirt-1.1.2/tools/Makefile.am
@@ -149,6 +149,11 @@ virt_host_validate_CFLAGS = \
$(COVERAGE_CFLAGS) \
$(NULL)
+# Since virt-login-shell will be setuid, we must do everything
+# we can to avoid linking to other libraries. Many of them do
+# unsafe things in functions marked __atttribute__((constructor)).
+# This we statically link to a library containing only the minimal
+# libvirt client code, not libvirt.so itself.
virt_login_shell_SOURCES = \
virt-login-shell.c
@@ -159,11 +164,11 @@ virt_login_shell_LDFLAGS = \
virt_login_shell_LDADD = \
$(STATIC_BINARIES) \
$(PIE_LDFLAGS) \
- ../src/libvirt.la \
- ../src/libvirt-lxc.la \
+ ../src/libvirt-setuid-rpc-client.la \
../gnulib/lib/libgnu.la
virt_login_shell_CFLAGS = \
+ -DLIBVIRT_SETUID_RPC_CLIENT \
$(WARN_CFLAGS) \
$(PIE_CFLAGS) \
$(COVERAGE_CFLAGS)
++++++ 484cc321-fix-spice-migration.patch ++++++
commit 484cc3217b73b865f00bf42a9c12187b37200699
Author: Martin Kletzander
Date: Fri Sep 20 16:40:20 2013 +0200
qemu: Fix seamless SPICE migration
Since the wait is done during migration (still inside
QEMU_ASYNC_JOB_MIGRATION_OUT), the code should enter the monitor as such
in order to prohibit all other jobs from interfering in the meantime.
This patch fixes bug #1009886 in which qemuDomainGetBlockInfo was
waiting on the monitor condition and after GetSpiceMigrationStatus
mangled its internal data, the daemon crashed.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1009886
Index: libvirt-1.1.2/src/qemu/qemu_migration.c
===================================================================
--- libvirt-1.1.2.orig/src/qemu/qemu_migration.c
+++ libvirt-1.1.2/src/qemu/qemu_migration.c
@@ -1598,7 +1598,10 @@ qemuMigrationWaitForSpice(virQEMUDriverP
/* Poll every 50ms for progress & to allow cancellation */
struct timespec ts = { .tv_sec = 0, .tv_nsec = 50 * 1000 * 1000ull };
- qemuDomainObjEnterMonitor(driver, vm);
+ if (qemuDomainObjEnterMonitorAsync(driver, vm,
+ QEMU_ASYNC_JOB_MIGRATION_OUT) < 0)
+ return -1;
+
if (qemuMonitorGetSpiceMigrationStatus(priv->mon,
&spice_migrated) < 0) {
qemuDomainObjExitMonitor(driver, vm);
++++++ 57687fd6-CVE-2013-4401.patch ++++++
commit 57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c
Author: Daniel P. Berrange
Date: Thu Oct 3 16:37:57 2013 +0100
Fix perms for virConnectDomainXML{To,From}Native (CVE-2013-4401)
The virConnectDomainXMLToNative API should require 'connect:write'
not 'connect:read', since it will trigger execution of the QEMU
binaries listed in the XML.
Also make virConnectDomainXMLFromNative API require a full
read-write connection and 'connect:write' permission. Although the
current impl doesn't trigger execution of QEMU, we should not
rely on that impl detail from an API permissioning POV.
Signed-off-by: Daniel P. Berrange
Index: libvirt-1.1.2/src/libvirt.c
===================================================================
--- libvirt-1.1.2.orig/src/libvirt.c
+++ libvirt-1.1.2/src/libvirt.c
@@ -4606,6 +4606,10 @@ char *virConnectDomainXMLFromNative(virC
virDispatchError(NULL);
return NULL;
}
+ if (conn->flags & VIR_CONNECT_RO) {
+ virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ goto error;
+ }
virCheckNonNullArgGoto(nativeFormat, error);
virCheckNonNullArgGoto(nativeConfig, error);
Index: libvirt-1.1.2/src/remote/remote_protocol.x
===================================================================
--- libvirt-1.1.2.orig/src/remote/remote_protocol.x
+++ libvirt-1.1.2/src/remote/remote_protocol.x
@@ -3812,13 +3812,13 @@ enum remote_procedure {
/**
* @generate: both
- * @acl: connect:read
+ * @acl: connect:write
*/
REMOTE_PROC_CONNECT_DOMAIN_XML_FROM_NATIVE = 135,
/**
* @generate: both
- * @acl: connect:read
+ * @acl: connect:write
*/
REMOTE_PROC_CONNECT_DOMAIN_XML_TO_NATIVE = 136,
++++++ 5a0ea4b7-CVE-2013-4400.patch ++++++
commit 5a0ea4b7b9af2231ed161b94f9af65375c6ee9c2
Author: Jim Fehlig
Date: Mon Oct 21 15:36:11 2013 -0600
build: fix linking virt-login-shell
After commit 3e2f27e1, I've noticed build failures of virt-login-shell
when libapparmor-devel is installed on the build host
CCLD virt-login-shell
../src/.libs/libvirt-setuid-rpc-client.a(libvirt_setuid_rpc_client_la-vircommand.o):
In function `virExec':
/home/jfehlig/virt/upstream/libvirt/src/util/vircommand.c:653: undefined
reference to `aa_change_profile'
collect2: error: ld returned 1 exit status
I was about to commit an easy fix under the build-breaker rule
(build-fix-1.patch), but thought to extend the notion of SECDRIVER_LIBS
to SECDRIVER_CFLAGS, and use both throughout src/Makefile.am where it
makes sense (build-fix-2.patch).
Should I just stick with the simple fix, or is something along the lines
of patch 2 preferred?
Regards,
Jim
>From a0f35945f3127ab70d051101037e821b1759b4bb Mon Sep 17 00:00:00 2001
From: Jim Fehlig
Date: Mon, 21 Oct 2013 15:30:02 -0600
Subject: [PATCH] build: fix virt-login-shell build with apparmor
With libapparmor-devel installed, virt-login-shell fails to link
CCLD virt-login-shell
../src/.libs/libvirt-setuid-rpc-client.a(libvirt_setuid_rpc_client_la-vircommand.o): In function `virExec':
/home/jfehlig/virt/upstream/libvirt/src/util/vircommand.c:653: undefined reference to `aa_change_profile'
collect2: error: ld returned 1 exit status
Fix by linking libvirt_setuid_rpc_client with previously determined
SECDRIVER_LIBS in src/Makefile.am. While at it, introduce SECDRIVER_CFLAGS
and use both throughout src/Makefile.am where it makes sense.
Signed-off-by: Jim Fehlig
Index: libvirt-1.1.2/src/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/src/Makefile.am
+++ libvirt-1.1.2/src/Makefile.am
@@ -49,11 +49,14 @@ nodist_conf_DATA =
THREAD_LIBS = $(LIB_PTHREAD) $(LTLIBMULTITHREAD)
+SECDRIVER_CFLAGS =
SECDRIVER_LIBS =
if WITH_SECDRIVER_SELINUX
+SECDRIVER_CFLAGS += $(SELINUX_CFLAGS)
SECDRIVER_LIBS += $(SELINUX_LIBS)
endif
if WITH_SECDRIVER_APPARMOR
+SECDRIVER_CFLAGS += $(APPARMOR_CFLAGS)
SECDRIVER_LIBS += $(APPARMOR_LIBS)
endif
@@ -1978,14 +1981,14 @@ libvirt_setuid_rpc_client_la_SOURCES =
libvirt_setuid_rpc_client_la_LDFLAGS = \
$(AM_LDFLAGS) \
$(LIBXML_LIBS) \
- $(SELINUX_LIBS) \
+ $(SECDRIVER_LIBS) \
$(NULL)
libvirt_setuid_rpc_client_la_CFLAGS = \
-DLIBVIRT_SETUID_RPC_CLIENT \
-I$(top_srcdir)/src/conf \
-I$(top_srcdir)/src/rpc \
$(AM_CFLAGS) \
- $(SELINUX_CFLAGS) \
+ $(SECDRIVER_CFLAGS) \
$(NULL)
endif WITH_LXC
@@ -2268,6 +2271,7 @@ libvirt_net_rpc_la_LDFLAGS = \
$(GNUTLS_LIBS) \
$(SASL_LIBS) \
$(SSH2_LIBS)\
+ $(SECDRIVER_LIBS) \
$(AM_LDFLAGS) \
$(CYGWIN_EXTRA_LDFLAGS) \
$(MINGW_EXTRA_LDFLAGS)
@@ -2410,12 +2414,7 @@ if WITH_BLKID
libvirt_lxc_CFLAGS += $(BLKID_CFLAGS)
libvirt_lxc_LDADD += $(BLKID_LIBS)
endif
-if WITH_SECDRIVER_SELINUX
-libvirt_lxc_CFLAGS += $(SELINUX_CFLAGS)
-endif
-if WITH_SECDRIVER_APPARMOR
-libvirt_lxc_CFLAGS += $(APPARMOR_CFLAGS)
-endif
+libvirt_lxc_CFLAGS += $(SECDRIVER_CFLAGS)
endif
endif
EXTRA_DIST += $(LXC_CONTROLLER_SOURCES)
++++++ 79552754-libvirtd-chardev-crash.patch ++++++
commit 795527548fea79902ea4ce32747e069944cf3e61
Author: Peter Krempa
Date: Thu Sep 26 08:12:39 2013 +0200
conf: Don't crash on invalid chardev source definition of RNGs and other
Since commit 297c99a5 an invalid source definition XML of a character
device that is used as backend for RNG devices, smartcards and redirdevs
causes crash of the daemon when parsing such a definition.
The device types mentioned above are not a part of a regular character
device but are backends for other types. Thus when parsing such device
NULL is passed as the argument @chr_def. Later when checking the
validity of the definition @chr_def was dereferenced when parsing a UNIX
socket backend with missing path of the socket and crashed the daemon.
Sample offending configuration:
<devices>
...
<rng model='virtio'>
<backend model='egd' type='unix'>
<source mode='bind' service='1024'/>
</backend>
</rng>
</devices>
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1012196
Index: libvirt-1.1.2/src/conf/domain_conf.c
===================================================================
--- libvirt-1.1.2.orig/src/conf/domain_conf.c
+++ libvirt-1.1.2/src/conf/domain_conf.c
@@ -7026,7 +7026,8 @@ virDomainChrSourceDefParseXML(virDomainC
case VIR_DOMAIN_CHR_TYPE_UNIX:
/* path can be auto generated */
if (!path &&
- chr_def->targetType != VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_VIRTIO) {
+ (!chr_def ||
+ chr_def->targetType != VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_VIRTIO)) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Missing source path attribute for char device"));
goto error;
Index: libvirt-1.1.2/tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-egd-crash.xml
===================================================================
--- /dev/null
+++ libvirt-1.1.2/tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-egd-crash.xml
@@ -0,0 +1,27 @@
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219100</memory>
+ <currentMemory unit='KiB'>219100</currentMemory>
+ <vcpu placement='static' cpuset='1-4,8-20,525'>1</vcpu>
+ <os>
+ <type arch='i686' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <clock offset='utc'/>
+ destroy
+ restart
+ destroy
+ <devices>
+ <emulator>/usr/bin/qemu</emulator>
+ <controller type='usb' index='0'/>
+ <controller type='pci' index='0' model='pci-root'/>
+ <memballoon model='virtio'/>
+ <rng model='virtio'>
+ <backend model='egd' type='unix'>
+ <!-- https://bugzilla.redhat.com/show_bug.cgi?id=1012196 -->
+ <source mode='connect' host='1.2.3.4' service='1234'/>
+ </backend>
+ </rng>
+ </devices>
+</domain>
Index: libvirt-1.1.2/tests/qemuxml2argvtest.c
===================================================================
--- libvirt-1.1.2.orig/tests/qemuxml2argvtest.c
+++ libvirt-1.1.2/tests/qemuxml2argvtest.c
@@ -973,6 +973,8 @@ mymain(void)
QEMU_CAPS_OBJECT_RNG_RANDOM);
DO_TEST("virtio-rng-egd", QEMU_CAPS_DEVICE, QEMU_CAPS_DEVICE_VIRTIO_RNG,
QEMU_CAPS_OBJECT_RNG_EGD);
+ DO_TEST_PARSE_ERROR("virtio-rng-egd-crash", QEMU_CAPS_DEVICE,
+ QEMU_CAPS_DEVICE_VIRTIO_RNG, QEMU_CAPS_OBJECT_RNG_EGD);
DO_TEST("virtio-rng-ccw",
QEMU_CAPS_DEVICE, QEMU_CAPS_CHARDEV, QEMU_CAPS_NODEFCONFIG,
QEMU_CAPS_DRIVE, QEMU_CAPS_BOOTINDEX, QEMU_CAPS_VIRTIO_CCW,
++++++ 8294aa0c-CVE-2013-4399.patch ++++++
commit 8294aa0c1750dcb49d6345cd9bd97bf421580d8b
Author: Daniel P. Berrange
Date: Fri Sep 27 15:46:07 2013 +0100
Fix crash in libvirtd when events are registered & ACLs active
When a client disconnects from libvirtd, all event callbacks
must be removed. This involves running the public API
virConnectDomainEventDeregisterAny
This code does not run in normal API dispatch context, so no
identity was set. The result was that the access control drivers
denied the attempt to deregister callbacks. The callbacks thus
continued to trigger after the client was free'd causing fairly
predictable use of free memory & a crash.
This can be triggered by any client with readonly access when
the ACL drivers are active.
Signed-off-by: Daniel P. Berrange
Index: libvirt-1.1.2/daemon/remote.c
===================================================================
--- libvirt-1.1.2.orig/daemon/remote.c
+++ libvirt-1.1.2/daemon/remote.c
@@ -666,8 +666,11 @@ void remoteClientFreeFunc(void *data)
/* Deregister event delivery callback */
if (priv->conn) {
+ virIdentityPtr sysident = virIdentityGetSystem();
size_t i;
+ virIdentitySetCurrent(sysident);
+
for (i = 0; i < VIR_DOMAIN_EVENT_ID_LAST; i++) {
if (priv->domainEventCallbackID[i] != -1) {
VIR_DEBUG("Deregistering to relay remote events %zu", i);
@@ -678,6 +681,9 @@ void remoteClientFreeFunc(void *data)
}
virConnectClose(priv->conn);
+
+ virIdentitySetCurrent(NULL);
+ virObjectUnref(sysident);
}
VIR_FREE(priv);
++++++ 843bdb2f-CVE-2013-4400.patch ++++++
commit 843bdb2f8a3364637cda2911624149525188843f
Author: Jim Fehlig
Date: Mon Oct 21 23:12:22 2013 -0600
build: fix build of virt-login-shell on systems with older gnutls
On systems where gnutls uses libgcrypt, I'm seeing the following
build failure
libvirt.c:314: error: variable 'virTLSThreadImpl' has initializer but incomplete type
libvirt.c:319: error: 'GCRY_THREAD_OPTION_PTHREAD' undeclared here (not in a function)
...
Fix by undefining WITH_GNUTLS_GCRYPT in config-post.h
Index: libvirt-1.1.2/config-post.h
===================================================================
--- libvirt-1.1.2.orig/config-post.h
+++ libvirt-1.1.2/config-post.h
@@ -34,6 +34,7 @@
# undef WITH_CURL
# undef WITH_DTRACE_PROBES
# undef WITH_GNUTLS
+# undef WITH_GNUTLS_GCRYPT
# undef WITH_MACVTAP
# undef WITH_NUMACTL
# undef WITH_SASL
++++++ 8c3586ea-CVE-2013-4400.patch ++++++
commit 8c3586ea755c40d5e01b22cb7b5c1e668cdec994
Author: Daniel P. Berrange
Date: Wed Oct 9 10:59:36 2013 +0100
Only allow 'stderr' log output when running setuid (CVE-2013-4400)
We must not allow file/syslog/journald log outputs when running
setuid since they can be abused to do bad things. In particular
the 'file' output can be used to overwrite files.
Signed-off-by: Daniel P. Berrange
Index: libvirt-1.1.2/src/util/virlog.c
===================================================================
--- libvirt-1.1.2.orig/src/util/virlog.c
+++ libvirt-1.1.2/src/util/virlog.c
@@ -1318,6 +1318,9 @@ int virLogPriorityFromSyslog(int priorit
* Multiple output can be defined in a single @output, they just need to be
* separated by spaces.
*
+ * If running in setuid mode, then only the 'stderr' output will
+ * be allowed
+ *
* Returns the number of output parsed and installed or -1 in case of error
*/
int
@@ -1329,6 +1332,7 @@ virLogParseOutputs(const char *outputs)
virLogPriority prio;
int ret = -1;
int count = 0;
+ bool isSUID = virIsSUID();
if (cur == NULL)
return -1;
@@ -1348,6 +1352,8 @@ virLogParseOutputs(const char *outputs)
if (virLogAddOutputToStderr(prio) == 0)
count++;
} else if (STREQLEN(cur, "syslog", 6)) {
+ if (isSUID)
+ goto cleanup;
cur += 6;
if (*cur != ':')
goto cleanup;
@@ -1365,6 +1371,8 @@ virLogParseOutputs(const char *outputs)
VIR_FREE(name);
#endif /* HAVE_SYSLOG_H */
} else if (STREQLEN(cur, "file", 4)) {
+ if (isSUID)
+ goto cleanup;
cur += 4;
if (*cur != ':')
goto cleanup;
@@ -1385,6 +1393,8 @@ virLogParseOutputs(const char *outputs)
VIR_FREE(name);
VIR_FREE(abspath);
} else if (STREQLEN(cur, "journald", 8)) {
+ if (isSUID)
+ goto cleanup;
cur += 8;
#if USE_JOURNALD
if (virLogAddOutputToJournald(prio) == 0)
++++++ 922b7fda-CVE-2013-4311.patch ++++++
commit 922b7fda77b094dbf022d625238262ea05335666
Author: Daniel P. Berrange
Date: Wed Aug 28 15:25:40 2013 +0100
Add support for using 3-arg pkcheck syntax for process (CVE-2013-4311)
With the existing pkcheck (pid, start time) tuple for identifying
the process, there is a race condition, where a process can make
a libvirt RPC call and in another thread exec a setuid application,
causing it to change to effective UID 0. This in turn causes polkit
to do its permission check based on the wrong UID.
To address this, libvirt must get the UID the caller had at time
of connect() (from SO_PEERCRED) and pass a (pid, start time, uid)
triple to the pkcheck program.
This fix requires that libvirt is re-built against a version of
polkit that has the fix for its CVE-2013-4288, so that libvirt
can see 'pkg-config --variable pkcheck_supports_uid polkit-gobject-1'
Signed-off-by: Colin Walters
Signed-off-by: Daniel P. Berrange
Index: libvirt-1.1.2/configure.ac
===================================================================
--- libvirt-1.1.2.orig/configure.ac
+++ libvirt-1.1.2/configure.ac
@@ -1184,6 +1184,14 @@ if test "x$with_polkit" = "xyes" || test
AC_PATH_PROG([PKCHECK_PATH],[pkcheck], [], [/usr/sbin:$PATH])
if test "x$PKCHECK_PATH" != "x" ; then
AC_DEFINE_UNQUOTED([PKCHECK_PATH],["$PKCHECK_PATH"],[Location of pkcheck program])
+ AC_MSG_CHECKING([whether pkcheck supports uid value])
+ pkcheck_supports_uid=`$PKG_CONFIG --variable pkcheck_supports_uid polkit-gobject-1`
+ if test "x$pkcheck_supports_uid" = "xtrue"; then
+ AC_MSG_RESULT([yes])
+ AC_DEFINE_UNQUOTED([PKCHECK_SUPPORTS_UID], 1, [Pass uid to pkcheck])
+ else
+ AC_MSG_RESULT([no])
+ fi
AC_DEFINE_UNQUOTED([WITH_POLKIT], 1,
[use PolicyKit for UNIX socket access checks])
AC_DEFINE_UNQUOTED([WITH_POLKIT1], 1,
Index: libvirt-1.1.2/daemon/remote.c
===================================================================
--- libvirt-1.1.2.orig/daemon/remote.c
+++ libvirt-1.1.2/daemon/remote.c
@@ -2738,10 +2738,12 @@ remoteDispatchAuthPolkit(virNetServerPtr
int status = -1;
char *ident = NULL;
bool authdismissed = 0;
+ bool supportsuid = false;
char *pkout = NULL;
struct daemonClientPrivate *priv =
virNetServerClientGetPrivateData(client);
virCommandPtr cmd = NULL;
+ static bool polkitInsecureWarned;
virMutexLock(&priv->lock);
action = virNetServerClientGetReadonly(client) ?
@@ -2763,14 +2765,28 @@ remoteDispatchAuthPolkit(virNetServerPtr
goto authfail;
}
+ if (timestamp == 0) {
+ VIR_WARN("Failing polkit auth due to missing client (pid=%lld) start time",
+ (long long)callerPid);
+ goto authfail;
+ }
+
VIR_INFO("Checking PID %lld running as %d",
(long long) callerPid, callerUid);
virCommandAddArg(cmd, "--process");
- if (timestamp != 0) {
- virCommandAddArgFormat(cmd, "%lld,%llu", (long long) callerPid, timestamp);
+# ifdef PKCHECK_SUPPORTS_UID
+ supportsuid = true;
+# endif
+ if (supportsuid) {
+ virCommandAddArgFormat(cmd, "%lld,%llu,%lu",
+ (long long) callerPid, timestamp, (unsigned long) callerUid);
} else {
- virCommandAddArgFormat(cmd, "%lld", (long long) callerPid);
+ if (!polkitInsecureWarned) {
+ VIR_WARN("No support for caller UID with pkcheck. This deployment is known to be insecure.");
+ polkitInsecureWarned = true;
+ }
+ virCommandAddArgFormat(cmd, "%lld,%llu", (long long) callerPid, timestamp);
}
virCommandAddArg(cmd, "--allow-user-interaction");
Index: libvirt-1.1.2/libvirt.spec.in
===================================================================
--- libvirt-1.1.2.orig/libvirt.spec.in
+++ libvirt-1.1.2/libvirt.spec.in
@@ -508,8 +508,7 @@ BuildRequires: cyrus-sasl-devel
%endif
%if %{with_polkit}
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
-# Only need the binary, not -devel
-BuildRequires: polkit >= 0.93
+BuildRequires: polkit-devel >= 0.93
%else
BuildRequires: PolicyKit-devel >= 0.6
%endif
Index: libvirt-1.1.2/src/access/viraccessdriverpolkit.c
===================================================================
--- libvirt-1.1.2.orig/src/access/viraccessdriverpolkit.c
+++ libvirt-1.1.2/src/access/viraccessdriverpolkit.c
@@ -72,8 +72,12 @@ static char *
virAccessDriverPolkitFormatProcess(const char *actionid)
{
virIdentityPtr identity = virIdentityGetCurrent();
- const char *process = NULL;
+ const char *callerPid = NULL;
+ const char *callerTime = NULL;
+ const char *callerUid = NULL;
char *ret = NULL;
+ bool supportsuid = false;
+ static bool polkitInsecureWarned;
if (!identity) {
virAccessError(VIR_ERR_ACCESS_DENIED,
@@ -81,17 +85,43 @@ virAccessDriverPolkitFormatProcess(const
actionid);
return NULL;
}
- if (virIdentityGetAttr(identity, VIR_IDENTITY_ATTR_UNIX_PROCESS_ID, &process) < 0)
+ if (virIdentityGetAttr(identity, VIR_IDENTITY_ATTR_UNIX_PROCESS_ID, &callerPid) < 0)
+ goto cleanup;
+ if (virIdentityGetAttr(identity, VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME, &callerTime) < 0)
+ goto cleanup;
+ if (virIdentityGetAttr(identity, VIR_IDENTITY_ATTR_UNIX_USER_ID, &callerUid) < 0)
goto cleanup;
- if (!process) {
+ if (!callerPid) {
virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
_("No UNIX process ID available"));
goto cleanup;
}
-
- if (VIR_STRDUP(ret, process) < 0)
+ if (!callerTime) {
+ virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("No UNIX process start time available"));
+ goto cleanup;
+ }
+ if (!callerUid) {
+ virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("No UNIX caller UID available"));
goto cleanup;
+ }
+
+#ifdef PKCHECK_SUPPORTS_UID
+ supportsuid = true;
+#endif
+ if (supportsuid) {
+ if (virAsprintf(&ret, "%s,%s,%s", callerPid, callerTime, callerUid) < 0)
+ goto cleanup;
+ } else {
+ if (!polkitInsecureWarned) {
+ VIR_WARN("No support for caller UID with pkcheck. This deployment is known to be insecure.");
+ polkitInsecureWarned = true;
+ }
+ if (virAsprintf(&ret, "%s,%s", callerPid, callerTime) < 0)
+ goto cleanup;
+ }
cleanup:
virObjectUnref(identity);
++++++ 97973ebb-LXC-threading-error.patch ++++++
From 97973ebb7a64a3be6710ddd38d124307991ad7cb Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange"
Date: Tue, 8 Oct 2013 14:35:01 +0100
Subject: [PATCH] Initialize threading & error layer in LXC controller
In Fedora 20, libvirt_lxc crashes immediately at startup with a
trace
#0 0x00007f0cddb653ec in free () from /lib64/libc.so.6
#1 0x00007f0ce0e16f4a in virFree (ptrptr=ptrptr@entry=0x7f0ce1830058) at util/viralloc.c:580
#2 0x00007f0ce0e2764b in virResetError (err=0x7f0ce1830030) at util/virerror.c:354
#3 0x00007f0ce0e27a5a in virResetLastError () at util/virerror.c:387
#4 0x00007f0ce0e28858 in virEventRegisterDefaultImpl () at util/virevent.c:233
#5 0x00007f0ce0db47c6 in main (argc=11, argv=0x7fff4596c328) at lxc/lxc_controller.c:2352
Normally virInitialize calls virErrorInitialize and
virThreadInitialize, but we don't link to libvirt.so
in libvirt_lxc, and nor did we ever call the error
or thread initializers.
I have absolutely no idea how this has ever worked, let alone
what caused it to stop working in Fedora 20.
In addition not all code paths from virLogSetFromEnv will
ensure virLogInitialize is called correctly, which is another
possible crash scenario.
Signed-off-by: Daniel P. Berrange
---
src/lxc/lxc_controller.c | 4 +++-
src/util/virlog.c | 6 ++++++
2 files changed, 9 insertions(+), 1 deletion(-)
Index: libvirt-1.1.2/src/lxc/lxc_controller.c
===================================================================
--- libvirt-1.1.2.orig/src/lxc/lxc_controller.c
+++ libvirt-1.1.2/src/lxc/lxc_controller.c
@@ -2250,7 +2250,9 @@ int main(int argc, char *argv[])
if (setlocale(LC_ALL, "") == NULL ||
bindtextdomain(PACKAGE, LOCALEDIR) == NULL ||
- textdomain(PACKAGE) == NULL) {
+ textdomain(PACKAGE) == NULL ||
+ virThreadInitialize() < 0 ||
+ virErrorInitialize() < 0) {
fprintf(stderr, _("%s: initialization failed\n"), argv[0]);
exit(EXIT_FAILURE);
}
Index: libvirt-1.1.2/src/util/virlog.c
===================================================================
--- libvirt-1.1.2.orig/src/util/virlog.c
+++ libvirt-1.1.2/src/util/virlog.c
@@ -547,6 +547,9 @@ virLogDefineFilter(const char *match,
virCheckFlags(VIR_LOG_STACK_TRACE, -1);
+ if (virLogInitialize() < 0)
+ return -1;
+
if ((match == NULL) || (priority < VIR_LOG_DEBUG) ||
(priority > VIR_LOG_ERROR))
return -1;
@@ -662,6 +665,9 @@ virLogDefineOutput(virLogOutputFunc f,
virCheckFlags(0, -1);
+ if (virLogInitialize() < 0)
+ return -1;
+
if (f == NULL)
return -1;
++++++ 9faf3f29-LXC-memtune.patch ++++++
commit 9faf3f2950aed1643ab7564afcb4c693c77f71b5
Author: Martin Kletzander
Date: Mon Dec 9 11:15:12 2013 +0100
Fix crash in lxcDomainSetMemoryParameters
The function doesn't check whether the request is made for active or
inactive domain. Thus when the domain is not running it still tries
accessing non-existing cgroups (priv->cgroup, which is NULL).
I re-made the function in order for it to work the same way it's qemu
counterpart does.
Reproducer:
1) Define an LXC domain
2) Do 'virsh memtune <domain> --hard-limit 133T'
Backtrace:
Thread 6 (Thread 0x7fffec8c0700 (LWP 26826)):
#0 0x00007ffff70edcc4 in virCgroupPathOfController (group=0x0, controller=3,
key=0x7ffff75734bd "memory.limit_in_bytes", path=0x7fffec8bf718) at util/vircgroup.c:1764
#1 0x00007ffff70e9206 in virCgroupSetValueStr (group=0x0, controller=3,
key=0x7ffff75734bd "memory.limit_in_bytes", value=0x7fffe409f360 "1073741824")
at util/vircgroup.c:669
#2 0x00007ffff70e98b4 in virCgroupSetValueU64 (group=0x0, controller=3,
key=0x7ffff75734bd "memory.limit_in_bytes", value=1073741824) at util/vircgroup.c:740
#3 0x00007ffff70ee518 in virCgroupSetMemory (group=0x0, kb=1048576) at util/vircgroup.c:1904
#4 0x00007ffff70ee675 in virCgroupSetMemoryHardLimit (group=0x0, kb=1048576)
at util/vircgroup.c:1944
#5 0x00005555557d54c8 in lxcDomainSetMemoryParameters (dom=0x7fffe40cc420,
params=0x7fffe409f100, nparams=1, flags=0) at lxc/lxc_driver.c:774
#6 0x00007ffff72c20f9 in virDomainSetMemoryParameters (domain=0x7fffe40cc420,
params=0x7fffe409f100, nparams=1, flags=0) at libvirt.c:4051
#7 0x000055555561365f in remoteDispatchDomainSetMemoryParameters (server=0x555555eb7e00,
client=0x555555ec4b10, msg=0x555555eb94e0, rerr=0x7fffec8bfb70, args=0x7fffe40b8510)
at remote_dispatch.h:7621
#8 0x00005555556133fd in remoteDispatchDomainSetMemoryParametersHelper (server=0x555555eb7e00,
client=0x555555ec4b10, msg=0x555555eb94e0, rerr=0x7fffec8bfb70, args=0x7fffe40b8510,
ret=0x7fffe40b84f0) at remote_dispatch.h:7591
#9 0x00007ffff73b293f in virNetServerProgramDispatchCall (prog=0x555555ec3ae0,
server=0x555555eb7e00, client=0x555555ec4b10, msg=0x555555eb94e0)
at rpc/virnetserverprogram.c:435
#10 0x00007ffff73b207f in virNetServerProgramDispatch (prog=0x555555ec3ae0,
server=0x555555eb7e00, client=0x555555ec4b10, msg=0x555555eb94e0)
at rpc/virnetserverprogram.c:305
#11 0x00007ffff73a4d2c in virNetServerProcessMsg (srv=0x555555eb7e00, client=0x555555ec4b10,
prog=0x555555ec3ae0, msg=0x555555eb94e0) at rpc/virnetserver.c:165
#12 0x00007ffff73a4e8d in virNetServerHandleJob (jobOpaque=0x555555ec3e30, opaque=0x555555eb7e00)
at rpc/virnetserver.c:186
#13 0x00007ffff7187f3f in virThreadPoolWorker (opaque=0x555555eb7ac0) at util/virthreadpool.c:144
#14 0x00007ffff718733a in virThreadHelper (data=0x555555eb7890) at util/virthreadpthread.c:161
#15 0x00007ffff468ed89 in start_thread (arg=0x7fffec8c0700) at pthread_create.c:308
#16 0x00007ffff3da26bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113
Signed-off-by: Martin Kletzander
Index: libvirt-1.1.2/src/lxc/lxc_driver.c
===================================================================
--- libvirt-1.1.2.orig/src/lxc/lxc_driver.c
+++ libvirt-1.1.2/src/lxc/lxc_driver.c
@@ -743,12 +743,24 @@ lxcDomainSetMemoryParameters(virDomainPt
int nparams,
unsigned int flags)
{
- size_t i;
+ virCapsPtr caps = NULL;
+ virDomainDefPtr vmdef = NULL;
virDomainObjPtr vm = NULL;
+ virLXCDomainObjPrivatePtr priv = NULL;
+ virLXCDriverConfigPtr cfg = NULL;
+ virLXCDriverPtr driver = dom->conn->privateData;
+ unsigned long long hard_limit;
+ unsigned long long soft_limit;
+ unsigned long long swap_hard_limit;
+ bool set_hard_limit = false;
+ bool set_soft_limit = false;
+ bool set_swap_hard_limit = false;
+ int rc;
int ret = -1;
- virLXCDomainObjPrivatePtr priv;
- virCheckFlags(0, -1);
+ virCheckFlags(VIR_DOMAIN_AFFECT_LIVE |
+ VIR_DOMAIN_AFFECT_CONFIG, -1);
+
if (virTypedParamsValidate(params, nparams,
VIR_DOMAIN_MEMORY_HARD_LIMIT,
VIR_TYPED_PARAM_ULLONG,
@@ -763,29 +775,97 @@ lxcDomainSetMemoryParameters(virDomainPt
goto cleanup;
priv = vm->privateData;
+ cfg = virLXCDriverGetConfig(driver);
- if (virDomainSetMemoryParametersEnsureACL(dom->conn, vm->def, flags) < 0)
+ if (virDomainSetMemoryParametersEnsureACL(dom->conn, vm->def, flags) < 0 ||
+ !(caps = virLXCDriverGetCapabilities(driver, false)) ||
+ virDomainLiveConfigHelperMethod(caps, driver->xmlopt,
+ vm, &flags, &vmdef) < 0)
goto cleanup;
- ret = 0;
- for (i = 0; i < nparams; i++) {
- virTypedParameterPtr param = ¶ms[i];
+ if (flags & VIR_DOMAIN_AFFECT_LIVE &&
+ !virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_MEMORY)) {
+ virReportError(VIR_ERR_OPERATION_INVALID,
+ "%s", _("cgroup memory controller is not mounted"));
+ goto cleanup;
+ }
- if (STREQ(param->field, VIR_DOMAIN_MEMORY_HARD_LIMIT)) {
- if (virCgroupSetMemoryHardLimit(priv->cgroup, params[i].value.ul) < 0)
- ret = -1;
- } else if (STREQ(param->field, VIR_DOMAIN_MEMORY_SOFT_LIMIT)) {
- if (virCgroupSetMemorySoftLimit(priv->cgroup, params[i].value.ul) < 0)
- ret = -1;
- } else if (STREQ(param->field, VIR_DOMAIN_MEMORY_SWAP_HARD_LIMIT)) {
- if (virCgroupSetMemSwapHardLimit(priv->cgroup, params[i].value.ul) < 0)
- ret = -1;
+#define VIR_GET_LIMIT_PARAMETER(PARAM, VALUE) \
+ if ((rc = virTypedParamsGetULLong(params, nparams, PARAM, &VALUE)) < 0) \
+ goto cleanup; \
+ \
+ if (rc == 1) \
+ set_ ## VALUE = true;
+
+ VIR_GET_LIMIT_PARAMETER(VIR_DOMAIN_MEMORY_SWAP_HARD_LIMIT, swap_hard_limit)
+ VIR_GET_LIMIT_PARAMETER(VIR_DOMAIN_MEMORY_HARD_LIMIT, hard_limit)
+ VIR_GET_LIMIT_PARAMETER(VIR_DOMAIN_MEMORY_SOFT_LIMIT, soft_limit)
+
+#undef VIR_GET_LIMIT_PARAMETER
+
+ /* Swap hard limit must be greater than hard limit.
+ * Note that limit of 0 denotes unlimited */
+ if (set_swap_hard_limit || set_hard_limit) {
+ unsigned long long mem_limit = vm->def->mem.hard_limit;
+ unsigned long long swap_limit = vm->def->mem.swap_hard_limit;
+
+ if (set_swap_hard_limit)
+ swap_limit = swap_hard_limit;
+
+ if (set_hard_limit)
+ mem_limit = hard_limit;
+
+ if (virCompareLimitUlong(mem_limit, swap_limit) > 0) {
+ virReportError(VIR_ERR_INVALID_ARG, "%s",
+ _("memory hard_limit tunable value must be lower "
+ "than or equal to swap_hard_limit"));
+ goto cleanup;
}
}
+#define LXC_SET_MEM_PARAMETER(FUNC, VALUE) \
+ if (set_ ## VALUE) { \
+ if (flags & VIR_DOMAIN_AFFECT_LIVE) { \
+ if ((rc = FUNC(priv->cgroup, VALUE)) < 0) { \
+ virReportSystemError(-rc, _("unable to set memory %s tunable"), \
+ #VALUE); \
+ \
+ goto cleanup; \
+ } \
+ vm->def->mem.VALUE = VALUE; \
+ } \
+ \
+ if (flags & VIR_DOMAIN_AFFECT_CONFIG) \
+ vmdef->mem.VALUE = VALUE; \
+ }
+
+ /* Soft limit doesn't clash with the others */
+ LXC_SET_MEM_PARAMETER(virCgroupSetMemorySoftLimit, soft_limit);
+
+ /* set hard limit before swap hard limit if decreasing it */
+ if (virCompareLimitUlong(vm->def->mem.hard_limit, hard_limit) > 0) {
+ LXC_SET_MEM_PARAMETER(virCgroupSetMemoryHardLimit, hard_limit);
+ /* inhibit changing the limit a second time */
+ set_hard_limit = false;
+ }
+
+ LXC_SET_MEM_PARAMETER(virCgroupSetMemSwapHardLimit, swap_hard_limit);
+
+ /* otherwise increase it after swap hard limit */
+ LXC_SET_MEM_PARAMETER(virCgroupSetMemoryHardLimit, hard_limit);
+
+#undef LXC_SET_MEM_PARAMETER
+
+ if (flags & VIR_DOMAIN_AFFECT_CONFIG &&
+ virDomainSaveConfig(cfg->configDir, vmdef) < 0)
+ goto cleanup;
+
+ ret = 0;
cleanup:
if (vm)
virObjectUnlock(vm);
+ virObjectUnref(caps);
+ virObjectUnref(cfg);
return ret;
}
++++++ ae53e5d1-CVE-2013-4400.patch ++++++
commit ae53e5d10e434e07079d7e3ba11ec654ba6a256e
Author: Daniel P. Berrange
Date: Wed Oct 9 10:52:39 2013 +0100
Add helpers for getting env vars in a setuid environment
Care must be taken accessing env variables when running
setuid. Introduce a virGetEnvAllowSUID for env vars which
are safe to use in a setuid environment, and another
virGetEnvBlockSUID for vars which are not safe. Also add
a virIsSUID helper method for any other non-env var code
to use.
Signed-off-by: Daniel P. Berrange
Index: libvirt-1.1.2/src/libvirt_private.syms
===================================================================
--- libvirt-1.1.2.orig/src/libvirt_private.syms
+++ libvirt-1.1.2/src/libvirt_private.syms
@@ -2042,6 +2042,8 @@ virFindFCHostCapableVport;
virFormatIntDecimal;
virGetDeviceID;
virGetDeviceUnprivSGIO;
+virGetEnvAllowSUID;
+virGetEnvBlockSUID;
virGetFCHostNameByWWN;
virGetGroupID;
virGetGroupList;
@@ -2060,6 +2062,7 @@ virIndexToDiskName;
virIsCapableFCHost;
virIsCapableVport;
virIsDevMapperDevice;
+virIsSUID;
virManageVport;
virParseNumber;
virParseOwnershipIds;
Index: libvirt-1.1.2/src/util/virutil.c
===================================================================
--- libvirt-1.1.2.orig/src/util/virutil.c
+++ libvirt-1.1.2/src/util/virutil.c
@@ -2116,3 +2116,42 @@ cleanup:
return rc;
}
+
+
+/**
+ * virGetEnvBlockSUID:
+ * @name: the environment variable name
+ *
+ * Obtain an environment variable which is unsafe to
+ * use when running setuid. If running setuid, a NULL
+ * value will be returned
+ */
+const char *virGetEnvBlockSUID(const char *name)
+{
+ return secure_getenv(name);
+}
+
+
+/**
+ * virGetEnvBlockSUID:
+ * @name: the environment variable name
+ *
+ * Obtain an environment variable which is safe to
+ * use when running setuid. The value will be returned
+ * even when running setuid
+ */
+const char *virGetEnvAllowSUID(const char *name)
+{
+ return getenv(name);
+}
+
+
+/**
+ * virIsSUID:
+ * Return a true value if running setuid. Does not
+ * check for elevated capabilities bits.
+ */
+bool virIsSUID(void)
+{
+ return getuid() != geteuid();
+}
Index: libvirt-1.1.2/src/util/virutil.h
===================================================================
--- libvirt-1.1.2.orig/src/util/virutil.h
+++ libvirt-1.1.2/src/util/virutil.h
@@ -172,4 +172,8 @@ int virCompareLimitUlong(unsigned long l
int virParseOwnershipIds(const char *label, uid_t *uidPtr, gid_t *gidPtr);
+const char *virGetEnvBlockSUID(const char *name);
+const char *virGetEnvAllowSUID(const char *name);
+bool virIsSUID(void);
+
#endif /* __VIR_UTIL_H__ */
++++++ b7fcc799a-CVE-2013-4400.patch ++++++
commit b7fcc799ad5d8f3e55b89b94e599903e3c092467
Author: Daniel P. Berrange
Date: Wed Oct 9 15:14:34 2013 +0100
Close all non-stdio FDs in virt-login-shell (CVE-2013-4400)
We don't want to inherit any FDs in the new namespace
except for the stdio FDs. Explicitly close them all,
just in case some do not have the close-on-exec flag
set.
Signed-off-by: Daniel P. Berrange
Index: libvirt-1.1.2/tools/virt-login-shell.c
===================================================================
--- libvirt-1.1.2.orig/tools/virt-login-shell.c
+++ libvirt-1.1.2/tools/virt-login-shell.c
@@ -313,6 +313,18 @@ main(int argc, char **argv)
if (cpid == 0) {
pid_t ccpid;
+ int openmax = sysconf(_SC_OPEN_MAX);
+ int fd;
+ if (openmax < 0) {
+ virReportSystemError(errno, "%s",
+ _("sysconf(_SC_OPEN_MAX) failed"));
+ return EXIT_FAILURE;
+ }
+ for (fd = 3; fd < openmax; fd++) {
+ int tmpfd = fd;
+ VIR_MASS_CLOSE(tmpfd);
+ }
+
/* Fork once because we don't want to affect
* virt-login-shell's namespace itself
*/
++++++ baselibs.conf ++++++
libvirt-client
requires -libvirt-<targettype>
libvirt-devel
requires -libvirt-<targettype>
++++++ bd773e74-lxc-terminate-machine.patch ++++++
commit bd773e74f0d1d1b9ebbfcaa645178316b4f2265c
Author: Cédric Bosdonnat
Date: Mon Sep 30 16:46:29 2013 +0200
LXC: workaround machined uncleaned data with containers running systemd.
The problem is described by [0] but its effect on libvirt is that
starting a container with a full distro running systemd after having
stopped it simply fails.
The container cleanup now calls the machined Terminate function to make
sure that everything is in order for the next run.
[0]: https://bugs.freedesktop.org/show_bug.cgi?id=68370
Index: libvirt-1.1.2/src/libvirt_private.syms
===================================================================
--- libvirt-1.1.2.orig/src/libvirt_private.syms
+++ libvirt-1.1.2/src/libvirt_private.syms
@@ -1940,8 +1940,10 @@ virSysinfoSetup;
# util/virsystemd.h
virSystemdCreateMachine;
+virSystemdMakeMachineName;
virSystemdMakeScopeName;
virSystemdMakeSliceName;
+virSystemdTerminateMachine;
# util/virthread.h
Index: libvirt-1.1.2/src/lxc/lxc_process.c
===================================================================
--- libvirt-1.1.2.orig/src/lxc/lxc_process.c
+++ libvirt-1.1.2/src/lxc/lxc_process.c
@@ -50,6 +50,7 @@
#include "virstring.h"
#include "viratomic.h"
#include "virprocess.h"
+#include "virsystemd.h"
#define VIR_FROM_THIS VIR_FROM_LXC
@@ -210,6 +211,13 @@ static void virLXCProcessCleanup(virLXCD
virCgroupFree(&priv->cgroup);
}
+ /* Get machined to terminate the machine as it may not have cleaned it
+ * properly. See https://bugs.freedesktop.org/show_bug.cgi?id=68370 for
+ * the bug we are working around here.
+ */
+ virSystemdTerminateMachine(vm->def->name, "lxc", true);
+
+
/* now that we know it's stopped call the hook if present */
if (virHookPresent(VIR_HOOK_DRIVER_LXC)) {
char *xml = virDomainDefFormat(vm->def, 0);
Index: libvirt-1.1.2/src/util/virsystemd.c
===================================================================
--- libvirt-1.1.2.orig/src/util/virsystemd.c
+++ libvirt-1.1.2/src/util/virsystemd.c
@@ -116,6 +116,27 @@ char *virSystemdMakeSliceName(const char
return virBufferContentAndReset(&buf);
}
+char *virSystemdMakeMachineName(const char *name,
+ const char *drivername,
+ bool privileged)
+{
+ char *machinename = NULL;
+ char *username = NULL;
+ if (privileged) {
+ if (virAsprintf(&machinename, "%s-%s", drivername, name) < 0)
+ goto cleanup;
+ } else {
+ if (!(username = virGetUserName(geteuid())))
+ goto cleanup;
+ if (virAsprintf(&machinename, "%s-%s-%s", username, drivername, name) < 0)
+ goto cleanup;
+ }
+
+cleanup:
+ VIR_FREE(username);
+
+ return machinename;
+}
/**
* virSystemdCreateMachine:
@@ -142,7 +163,6 @@ int virSystemdCreateMachine(const char *
DBusConnection *conn;
char *machinename = NULL;
char *creatorname = NULL;
- char *username = NULL;
char *slicename = NULL;
if (!virDBusHasSystemBus())
@@ -150,15 +170,8 @@ int virSystemdCreateMachine(const char *
conn = virDBusGetSystemBus();
- if (privileged) {
- if (virAsprintf(&machinename, "%s-%s", drivername, name) < 0)
- goto cleanup;
- } else {
- if (!(username = virGetUserName(geteuid())))
- goto cleanup;
- if (virAsprintf(&machinename, "%s-%s-%s", username, drivername, name) < 0)
- goto cleanup;
- }
+ if (!(machinename = virSystemdMakeMachineName(name, drivername, privileged)))
+ goto cleanup;
if (virAsprintf(&creatorname, "libvirt-%s", drivername) < 0)
goto cleanup;
@@ -241,8 +254,52 @@ int virSystemdCreateMachine(const char *
ret = 0;
cleanup:
- VIR_FREE(username);
VIR_FREE(creatorname);
VIR_FREE(machinename);
return ret;
}
+
+int virSystemdTerminateMachine(const char *name,
+ const char *drivername,
+ bool privileged)
+{
+ int ret;
+ DBusConnection *conn;
+ char *machinename = NULL;
+
+ if(!virDBusHasSystemBus())
+ return -2;
+
+ conn = virDBusGetSystemBus();
+
+ ret = -1;
+ if (!(machinename = virSystemdMakeMachineName(name, drivername, privileged)))
+ goto cleanup;
+
+ /*
+ * The systemd DBus API we're invoking has the
+ * following signature
+ *
+ * TerminateMachine(in s name);
+ *
+ * @name a host unique name for the machine. shows up
+ * in 'ps' listing & similar
+ */
+
+ VIR_DEBUG("Attempting to terminate machine via systemd");
+ if (virDBusCallMethod(conn,
+ NULL,
+ "org.freedesktop.machine1",
+ "/org/freedesktop/machine1",
+ "org.freedesktop.machine1.Manager",
+ "TerminateMachine",
+ "s",
+ machinename) < 0)
+ goto cleanup;
+
+ ret = 0;
+
+cleanup:
+ VIR_FREE(machinename);
+ return ret;
+}
Index: libvirt-1.1.2/src/util/virsystemd.h
===================================================================
--- libvirt-1.1.2.orig/src/util/virsystemd.h
+++ libvirt-1.1.2/src/util/virsystemd.h
@@ -29,6 +29,10 @@ char *virSystemdMakeScopeName(const char
const char *slicename);
char *virSystemdMakeSliceName(const char *partition);
+char *virSystemdMakeMachineName(const char *name,
+ const char *drivername,
+ bool privileged);
+
int virSystemdCreateMachine(const char *name,
const char *drivername,
bool privileged,
@@ -38,4 +42,8 @@ int virSystemdCreateMachine(const char *
bool iscontainer,
const char *partition);
+int virSystemdTerminateMachine(const char *name,
+ const char *drivername,
+ bool privileged);
+
#endif /* __VIR_SYSTEMD_H__ */
Index: libvirt-1.1.2/tests/virsystemdtest.c
===================================================================
--- libvirt-1.1.2.orig/tests/virsystemdtest.c
+++ libvirt-1.1.2/tests/virsystemdtest.c
@@ -51,6 +51,18 @@ static int testCreateContainer(const voi
return 0;
}
+static int testTerminateContainer(const void *opaque ATTRIBUTE_UNUSED)
+{
+ if (virSystemdTerminateMachine("demo",
+ "lxc",
+ true) < 0) {
+ fprintf(stderr, "%s", "Failed to terminate LXC machine\n");
+ return -1;
+ }
+
+ return 0;
+}
+
static int testCreateMachine(const void *opaque ATTRIBUTE_UNUSED)
{
unsigned char uuid[VIR_UUID_BUFLEN] = {
@@ -74,6 +86,18 @@ static int testCreateMachine(const void
return 0;
}
+static int testTerminateMachine(const void *opaque ATTRIBUTE_UNUSED)
+{
+ if (virSystemdTerminateMachine("demo",
+ "qemu",
+ false) < 0) {
+ fprintf(stderr, "%s", "Failed to terminate KVM machine\n");
+ return -1;
+ }
+
+ return 0;
+}
+
static int testCreateNoSystemd(const void *opaque ATTRIBUTE_UNUSED)
{
unsigned char uuid[VIR_UUID_BUFLEN] = {
@@ -177,8 +201,12 @@ mymain(void)
if (virtTestRun("Test create container ", 1, testCreateContainer, NULL) < 0)
ret = -1;
+ if (virtTestRun("Test terminate container ", 1, testTerminateContainer, NULL) < 0)
+ ret = -1;
if (virtTestRun("Test create machine ", 1, testCreateMachine, NULL) < 0)
ret = -1;
+ if (virtTestRun("Test terminate machine ", 1, testTerminateMachine, NULL) < 0)
+ ret = -1;
if (virtTestRun("Test create no systemd ", 1, testCreateNoSystemd, NULL) < 0)
ret = -1;
if (virtTestRun("Test create bad systemd ", 1, testCreateBadSystemd, NULL) < 0)
++++++ clone.patch ++++++
Index: src/lxc/lxc_container.c
===================================================================
--- src/lxc/lxc_container.c.orig
+++ src/lxc/lxc_container.c
@@ -144,6 +144,7 @@ int lxcContainerHasReboot(void)
int cmd, v;
int status;
char *tmp;
+ int stacksize = getpagesize() * 4;
if (virFileReadAll("/proc/sys/kernel/ctrl-alt-del", 10, &buf) < 0)
return -1;
@@ -160,12 +161,19 @@ int lxcContainerHasReboot(void)
VIR_FREE(buf);
cmd = v ? LINUX_REBOOT_CMD_CAD_ON : LINUX_REBOOT_CMD_CAD_OFF;
- if (VIR_ALLOC_N(stack, getpagesize() * 4) < 0)
+#ifdef __ia64__
+ stacksize *= 2;
+#endif
+ if (VIR_ALLOC_N(stack, stacksize) < 0)
return -1;
- childStack = stack + (getpagesize() * 4);
+ childStack = stack + stacksize;
+#ifdef __ia64__
+ cpid = __clone2(lxcContainerRebootChild, childStack, stacksize, flags, &cmd);
+#else
cpid = clone(lxcContainerRebootChild, childStack, flags, &cmd);
+#endif
VIR_FREE(stack);
if (cpid < 0) {
virReportSystemError(errno, "%s",
@@ -1893,7 +1901,11 @@ int lxcContainerStart(virDomainDefPtr de
cflags |= CLONE_NEWNET;
}
+#ifdef __ia64__
+ pid = __clone2(lxcContainerChild, stacktop, stacksize, cflags, &args);
+#else
pid = clone(lxcContainerChild, stacktop, cflags, &args);
+#endif
VIR_FREE(stack);
VIR_DEBUG("clone() completed, new container PID is %d", pid);
@@ -1919,6 +1931,7 @@ int lxcContainerAvailable(int features)
int cpid;
char *childStack;
char *stack;
+ int stacksize = getpagesize() * 4;
if (features & LXC_CONTAINER_FEATURE_USER)
flags |= CLONE_NEWUSER;
@@ -1926,14 +1939,21 @@ int lxcContainerAvailable(int features)
if (features & LXC_CONTAINER_FEATURE_NET)
flags |= CLONE_NEWNET;
- if (VIR_ALLOC_N(stack, getpagesize() * 4) < 0) {
+#ifdef __ia64__
+ stacksize *= 2;
+#endif
+ if (VIR_ALLOC_N(stack, stacksize) < 0) {
VIR_DEBUG("Unable to allocate stack");
return -1;
}
- childStack = stack + (getpagesize() * 4);
+ childStack = stack + stacksize;
+#ifdef __ia64__
+ cpid = __clone2(lxcContainerDummyChild, childStack, stacksize, flags, NULL);
+#else
cpid = clone(lxcContainerDummyChild, childStack, flags, NULL);
+#endif
VIR_FREE(stack);
if (cpid < 0) {
char ebuf[1024] ATTRIBUTE_UNUSED;
++++++ db7a5688-CVE-2013-4311.patch ++++++
commit db7a5688c05f3fd60d9d2b74c72427eb9ee9c176
Author: Daniel P. Berrange
Date: Thu Aug 22 16:00:01 2013 +0100
Also store user & group ID values in virIdentity
Future improvements to the polkit code will require access to
the numeric user ID, not merely user name.
Signed-off-by: Daniel P. Berrange
Index: libvirt-1.1.2/src/rpc/virnetserverclient.c
===================================================================
--- libvirt-1.1.2.orig/src/rpc/virnetserverclient.c
+++ libvirt-1.1.2/src/rpc/virnetserverclient.c
@@ -652,7 +652,9 @@ virNetServerClientCreateIdentity(virNetS
char *processid = NULL;
char *processtime = NULL;
char *username = NULL;
+ char *userid = NULL;
char *groupname = NULL;
+ char *groupid = NULL;
#if WITH_SASL
char *saslname = NULL;
#endif
@@ -672,8 +674,12 @@ virNetServerClientCreateIdentity(virNetS
if (!(username = virGetUserName(uid)))
goto cleanup;
+ if (virAsprintf(&userid, "%d", (int)uid) < 0)
+ goto cleanup;
if (!(groupname = virGetGroupName(gid)))
goto cleanup;
+ if (virAsprintf(&userid, "%d", (int)gid) < 0)
+ goto cleanup;
if (virAsprintf(&processid, "%llu",
(unsigned long long)pid) < 0)
goto cleanup;
@@ -710,11 +716,21 @@ virNetServerClientCreateIdentity(virNetS
VIR_IDENTITY_ATTR_UNIX_USER_NAME,
username) < 0)
goto error;
+ if (userid &&
+ virIdentitySetAttr(ret,
+ VIR_IDENTITY_ATTR_UNIX_USER_ID,
+ userid) < 0)
+ goto error;
if (groupname &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
groupname) < 0)
goto error;
+ if (groupid &&
+ virIdentitySetAttr(ret,
+ VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
+ groupid) < 0)
+ goto error;
if (processid &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
@@ -745,7 +761,9 @@ virNetServerClientCreateIdentity(virNetS
cleanup:
VIR_FREE(username);
+ VIR_FREE(userid);
VIR_FREE(groupname);
+ VIR_FREE(groupid);
VIR_FREE(processid);
VIR_FREE(processtime);
VIR_FREE(seccontext);
Index: libvirt-1.1.2/src/util/viridentity.c
===================================================================
--- libvirt-1.1.2.orig/src/util/viridentity.c
+++ libvirt-1.1.2/src/util/viridentity.c
@@ -133,7 +133,9 @@ int virIdentitySetCurrent(virIdentityPtr
virIdentityPtr virIdentityGetSystem(void)
{
char *username = NULL;
+ char *userid = NULL;
char *groupname = NULL;
+ char *groupid = NULL;
char *seccontext = NULL;
virIdentityPtr ret = NULL;
#if WITH_SELINUX
@@ -147,8 +149,13 @@ virIdentityPtr virIdentityGetSystem(void
if (!(username = virGetUserName(getuid())))
goto cleanup;
+ if (virAsprintf(&userid, "%d", (int)getuid()) < 0)
+ goto cleanup;
+
if (!(groupname = virGetGroupName(getgid())))
goto cleanup;
+ if (virAsprintf(&groupid, "%d", (int)getgid()) < 0)
+ goto cleanup;
#if WITH_SELINUX
if (getcon(&con) < 0) {
@@ -166,16 +173,22 @@ virIdentityPtr virIdentityGetSystem(void
if (!(ret = virIdentityNew()))
goto cleanup;
- if (username &&
- virIdentitySetAttr(ret,
+ if (virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_USER_NAME,
username) < 0)
goto error;
- if (groupname &&
- virIdentitySetAttr(ret,
+ if (virIdentitySetAttr(ret,
+ VIR_IDENTITY_ATTR_UNIX_USER_ID,
+ userid) < 0)
+ goto error;
+ if (virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
groupname) < 0)
goto error;
+ if (virIdentitySetAttr(ret,
+ VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
+ groupid) < 0)
+ goto error;
if (seccontext &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_SELINUX_CONTEXT,
@@ -188,7 +201,9 @@ virIdentityPtr virIdentityGetSystem(void
cleanup:
VIR_FREE(username);
+ VIR_FREE(userid);
VIR_FREE(groupname);
+ VIR_FREE(groupid);
VIR_FREE(seccontext);
VIR_FREE(processid);
return ret;
Index: libvirt-1.1.2/src/util/viridentity.h
===================================================================
--- libvirt-1.1.2.orig/src/util/viridentity.h
+++ libvirt-1.1.2/src/util/viridentity.h
@@ -29,7 +29,9 @@ typedef virIdentity *virIdentityPtr;
typedef enum {
VIR_IDENTITY_ATTR_UNIX_USER_NAME,
+ VIR_IDENTITY_ATTR_UNIX_USER_ID,
VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
+ VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
VIR_IDENTITY_ATTR_SASL_USER_NAME,
++++++ e350826c-python-fix-fd-passing.patch ++++++
commit e350826c653b20dd271ab99075d2f224c7451356
Author: Marian Neagul
Date: Tue Oct 22 16:03:39 2013 +0100
python: Fix Create*WithFiles filefd passing
Commit d76227be added functions virDomainCreateWithFiles and
virDomainCreateXMLWithFiles, but there was a little piece missing in
python bindings. This patch fixes proper passing of file descriptors
in the overwrites of these functions.
Index: libvirt-1.1.2/python/libvirt-override.c
===================================================================
--- libvirt-1.1.2.orig/python/libvirt-override.c
+++ libvirt-1.1.2/python/libvirt-override.c
@@ -7149,6 +7149,10 @@ libvirt_virDomainCreateXMLWithFiles(PyOb
if (libvirt_intUnwrap(pyfd, &fd) < 0)
goto cleanup;
+
+ files[i] = fd;
+
+ files[i] = fd;
}
LIBVIRT_BEGIN_ALLOW_THREADS;
++++++ e4697b92-CVE-2013-4311.patch ++++++
commit e4697b92abaad16e8e6b41a1e55be9b084d48d5a
Author: Daniel P. Berrange
Date: Mon Sep 23 12:46:25 2013 +0100
Fix typo in identity code which is pre-requisite for CVE-2013-4311
The fix for CVE-2013-4311 had a pre-requisite enhancement
to the identity code
commit db7a5688c05f3fd60d9d2b74c72427eb9ee9c176
Author: Daniel P. Berrange
Date: Thu Aug 22 16:00:01 2013 +0100
Also store user & group ID values in virIdentity
This had a typo which caused the group ID to overwrite the
user ID string. This meant any checks using this would have
the wrong ID value. This only affected the ACL code, not the
initial polkit auth. It also leaked memory.
Signed-off-by: Daniel P. Berrange
Index: libvirt-1.1.2/src/rpc/virnetserverclient.c
===================================================================
--- libvirt-1.1.2.orig/src/rpc/virnetserverclient.c
+++ libvirt-1.1.2/src/rpc/virnetserverclient.c
@@ -678,7 +678,7 @@ virNetServerClientCreateIdentity(virNetS
goto cleanup;
if (!(groupname = virGetGroupName(gid)))
goto cleanup;
- if (virAsprintf(&userid, "%d", (int)gid) < 0)
+ if (virAsprintf(&groupid, "%d", (int)gid) < 0)
goto cleanup;
if (virAsprintf(&processid, "%llu",
(unsigned long long)pid) < 0)
++++++ e65667c0-CVE-2013-4311.patch ++++++
commit e65667c0c6e016d42abea077e31628ae43f57b74
Author: Daniel P. Berrange
Date: Wed Aug 28 15:22:05 2013 +0100
Ensure system identity includes process start time
The polkit access driver will want to use the process start
time field. This was already set for network identities, but
not for the system identity.
Signed-off-by: Daniel P. Berrange
Index: libvirt-1.1.2/src/util/viridentity.c
===================================================================
--- libvirt-1.1.2.orig/src/util/viridentity.c
+++ libvirt-1.1.2/src/util/viridentity.c
@@ -35,6 +35,7 @@
#include "virthread.h"
#include "virutil.h"
#include "virstring.h"
+#include "virprocess.h"
#define VIR_FROM_THIS VIR_FROM_IDENTITY
@@ -142,11 +143,20 @@ virIdentityPtr virIdentityGetSystem(void
security_context_t con;
#endif
char *processid = NULL;
+ unsigned long long timestamp;
+ char *processtime = NULL;
if (virAsprintf(&processid, "%llu",
(unsigned long long)getpid()) < 0)
goto cleanup;
+ if (virProcessGetStartTime(getpid(), ×tamp) < 0)
+ goto cleanup;
+
+ if (timestamp != 0 &&
+ virAsprintf(&processtime, "%llu", timestamp) < 0)
+ goto cleanup;
+
if (!(username = virGetUserName(getuid())))
goto cleanup;
if (virAsprintf(&userid, "%d", (int)getuid()) < 0)
@@ -198,6 +208,11 @@ virIdentityPtr virIdentityGetSystem(void
VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
processid) < 0)
goto error;
+ if (processtime &&
+ virIdentitySetAttr(ret,
+ VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
+ processtime) < 0)
+ goto error;
cleanup:
VIR_FREE(username);
@@ -206,6 +221,7 @@ cleanup:
VIR_FREE(groupid);
VIR_FREE(seccontext);
VIR_FREE(processid);
+ VIR_FREE(processtime);
return ret;
error:
++++++ e7f400a1-CVE-2013-4296.patch ++++++
commit e7f400a110e2e3673b96518170bfea0855dd82c0
Author: Daniel P. Berrange
Date: Tue Sep 3 16:52:06 2013 +0100
Fix crash in remoteDispatchDomainMemoryStats (CVE-2013-4296)
The 'stats' variable was not initialized to NULL, so if some
early validation of the RPC call fails, it is possible to jump
to the 'cleanup' label and VIR_FREE an uninitialized pointer.
This is a security flaw, since the API can be called from a
readonly connection which can trigger the validation checks.
This was introduced in release v0.9.1 onwards by
commit 158ba8730e44b7dd07a21ab90499996c5dec080a
Author: Daniel P. Berrange
Date: Wed Apr 13 16:21:35 2011 +0100
Merge all returns paths from dispatcher into single path
Signed-off-by: Daniel P. Berrange
Index: libvirt-1.1.2/daemon/remote.c
===================================================================
--- libvirt-1.1.2.orig/daemon/remote.c
+++ libvirt-1.1.2/daemon/remote.c
@@ -1146,7 +1146,7 @@ remoteDispatchDomainMemoryStats(virNetSe
remote_domain_memory_stats_ret *ret)
{
virDomainPtr dom = NULL;
- struct _virDomainMemoryStat *stats;
+ struct _virDomainMemoryStat *stats = NULL;
int nr_stats;
size_t i;
int rv = -1;
++++++ f8c1cb90-CVE-2013-6436.patch ++++++
commit f8c1cb90213508c4f32549023b0572ed774e48aa
Author: Martin Kletzander
Date: Mon Dec 9 11:15:11 2013 +0100
CVE-2013-6436: fix crash in lxcDomainGetMemoryParameters
The function doesn't check whether the request is made for active or
inactive domain. Thus when the domain is not running it still tries
accessing non-existing cgroups (priv->cgroup, which is NULL).
I re-made the function in order for it to work the same way it's qemu
counterpart does.
Reproducer:
1) Define an LXC domain
2) Do 'virsh memtune <domain>'
Backtrace:
Thread 6 (Thread 0x7fffec8c0700 (LWP 13387)):
#0 0x00007ffff70edcc4 in virCgroupPathOfController (group=0x0, controller=3,
key=0x7ffff75734bd "memory.limit_in_bytes", path=0x7fffec8bf750) at util/vircgroup.c:1764
#1 0x00007ffff70e958c in virCgroupGetValueStr (group=0x0, controller=3,
key=0x7ffff75734bd "memory.limit_in_bytes", value=0x7fffec8bf7c0) at util/vircgroup.c:705
#2 0x00007ffff70e9d29 in virCgroupGetValueU64 (group=0x0, controller=3,
key=0x7ffff75734bd "memory.limit_in_bytes", value=0x7fffec8bf810) at util/vircgroup.c:804
#3 0x00007ffff70ee706 in virCgroupGetMemoryHardLimit (group=0x0, kb=0x7fffec8bf8a8)
at util/vircgroup.c:1962
#4 0x00005555557d590f in lxcDomainGetMemoryParameters (dom=0x7fffd40024a0,
params=0x7fffd40027a0, nparams=0x7fffec8bfa24, flags=0) at lxc/lxc_driver.c:826
#5 0x00007ffff72c28d3 in virDomainGetMemoryParameters (domain=0x7fffd40024a0,
params=0x7fffd40027a0, nparams=0x7fffec8bfa24, flags=0) at libvirt.c:4137
#6 0x000055555563714d in remoteDispatchDomainGetMemoryParameters (server=0x555555eb7e00,
client=0x555555ebaef0, msg=0x555555ebb3e0, rerr=0x7fffec8bfb70, args=0x7fffd40024e0,
ret=0x7fffd4002420) at remote.c:1895
#7 0x00005555556052c4 in remoteDispatchDomainGetMemoryParametersHelper (server=0x555555eb7e00,
client=0x555555ebaef0, msg=0x555555ebb3e0, rerr=0x7fffec8bfb70, args=0x7fffd40024e0,
ret=0x7fffd4002420) at remote_dispatch.h:4050
#8 0x00007ffff73b293f in virNetServerProgramDispatchCall (prog=0x555555ec3ae0,
server=0x555555eb7e00, client=0x555555ebaef0, msg=0x555555ebb3e0)
at rpc/virnetserverprogram.c:435
#9 0x00007ffff73b207f in virNetServerProgramDispatch (prog=0x555555ec3ae0,
server=0x555555eb7e00, client=0x555555ebaef0, msg=0x555555ebb3e0)
at rpc/virnetserverprogram.c:305
#10 0x00007ffff73a4d2c in virNetServerProcessMsg (srv=0x555555eb7e00, client=0x555555ebaef0,
prog=0x555555ec3ae0, msg=0x555555ebb3e0) at rpc/virnetserver.c:165
#11 0x00007ffff73a4e8d in virNetServerHandleJob (jobOpaque=0x555555ebc7e0, opaque=0x555555eb7e00)
at rpc/virnetserver.c:186
#12 0x00007ffff7187f3f in virThreadPoolWorker (opaque=0x555555eb7ac0) at util/virthreadpool.c:144
#13 0x00007ffff718733a in virThreadHelper (data=0x555555eb7890) at util/virthreadpthread.c:161
#14 0x00007ffff468ed89 in start_thread (arg=0x7fffec8c0700) at pthread_create.c:308
#15 0x00007ffff3da26bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113
Signed-off-by: Martin Kletzander
Index: libvirt-1.1.2/src/lxc/lxc_driver.c
===================================================================
--- libvirt-1.1.2.orig/src/lxc/lxc_driver.c
+++ libvirt-1.1.2/src/lxc/lxc_driver.c
@@ -795,22 +795,36 @@ lxcDomainGetMemoryParameters(virDomainPt
int *nparams,
unsigned int flags)
{
- size_t i;
+ virCapsPtr caps = NULL;
+ virDomainDefPtr vmdef = NULL;
virDomainObjPtr vm = NULL;
+ virLXCDomainObjPrivatePtr priv = NULL;
+ virLXCDriverPtr driver = dom->conn->privateData;
unsigned long long val;
int ret = -1;
- virLXCDomainObjPrivatePtr priv;
+ size_t i;
- virCheckFlags(0, -1);
+ virCheckFlags(VIR_DOMAIN_AFFECT_LIVE |
+ VIR_DOMAIN_AFFECT_CONFIG, -1);
if (!(vm = lxcDomObjFromDomain(dom)))
goto cleanup;
priv = vm->privateData;
- if (virDomainGetMemoryParametersEnsureACL(dom->conn, vm->def) < 0)
+ if (virDomainGetMemoryParametersEnsureACL(dom->conn, vm->def) < 0 ||
+ !(caps = virLXCDriverGetCapabilities(driver, false)) ||
+ virDomainLiveConfigHelperMethod(caps, driver->xmlopt,
+ vm, &flags, &vmdef) < 0)
goto cleanup;
+ if (flags & VIR_DOMAIN_AFFECT_LIVE &&
+ !virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_MEMORY)) {
+ virReportError(VIR_ERR_OPERATION_INVALID,
+ "%s", _("cgroup memory controller is not mounted"));
+ goto cleanup;
+ }
+
if ((*nparams) == 0) {
/* Current number of memory parameters supported by cgroups */
*nparams = LXC_NB_MEM_PARAM;
@@ -824,22 +838,34 @@ lxcDomainGetMemoryParameters(virDomainPt
switch (i) {
case 0: /* fill memory hard limit here */
- if (virCgroupGetMemoryHardLimit(priv->cgroup, &val) < 0)
+ if (flags & VIR_DOMAIN_AFFECT_CONFIG) {
+ val = vmdef->mem.hard_limit;
+ val = val ? val : VIR_DOMAIN_MEMORY_PARAM_UNLIMITED;
+ } else if (virCgroupGetMemoryHardLimit(priv->cgroup, &val) < 0) {
goto cleanup;
+ }
if (virTypedParameterAssign(param, VIR_DOMAIN_MEMORY_HARD_LIMIT,
VIR_TYPED_PARAM_ULLONG, val) < 0)
goto cleanup;
break;
case 1: /* fill memory soft limit here */
- if (virCgroupGetMemorySoftLimit(priv->cgroup, &val) < 0)
+ if (flags & VIR_DOMAIN_AFFECT_CONFIG) {
+ val = vmdef->mem.soft_limit;
+ val = val ? val : VIR_DOMAIN_MEMORY_PARAM_UNLIMITED;
+ } else if (virCgroupGetMemorySoftLimit(priv->cgroup, &val) < 0) {
goto cleanup;
+ }
if (virTypedParameterAssign(param, VIR_DOMAIN_MEMORY_SOFT_LIMIT,
VIR_TYPED_PARAM_ULLONG, val) < 0)
goto cleanup;
break;
case 2: /* fill swap hard limit here */
- if (virCgroupGetMemSwapHardLimit(priv->cgroup, &val) < 0)
+ if (flags & VIR_DOMAIN_AFFECT_CONFIG) {
+ val = vmdef->mem.swap_hard_limit;
+ val = val ? val : VIR_DOMAIN_MEMORY_PARAM_UNLIMITED;
+ } else if (virCgroupGetMemSwapHardLimit(priv->cgroup, &val) < 0) {
goto cleanup;
+ }
if (virTypedParameterAssign(param,
VIR_DOMAIN_MEMORY_SWAP_HARD_LIMIT,
VIR_TYPED_PARAM_ULLONG, val) < 0)
@@ -860,6 +886,7 @@ lxcDomainGetMemoryParameters(virDomainPt
cleanup:
if (vm)
virObjectUnlock(vm);
+ virObjectUnref(caps);
return ret;
}
++++++ fix-pci-attach-xen-driver.patch ++++++
Fix PCI device attach in xend driver
When attaching PCI device using the xend driver, the 'device_create'
RPC is called, which is not sufficient to fully prepare/configure
the device for attachment to a domain. In the xen tools, xm pci-attach
uses the 'device_configure' RPC.
This patch changes the xend driver to always call 'device_configure' for
PCI devices to be consistent with the usage in the xen tools.
Index: libvirt-1.1.2/src/xen/xend_internal.c
===================================================================
--- libvirt-1.1.2.orig/src/xen/xend_internal.c
+++ libvirt-1.1.2/src/xen/xend_internal.c
@@ -2206,6 +2206,7 @@ xenDaemonAttachDeviceFlags(virConnectPtr
virBuffer buf = VIR_BUFFER_INITIALIZER;
char class[8], ref[80];
char *target = NULL;
+ int new_dev;
virCheckFlags(VIR_DOMAIN_AFFECT_LIVE | VIR_DOMAIN_AFFECT_CONFIG, -1);
@@ -2304,8 +2305,18 @@ xenDaemonAttachDeviceFlags(virConnectPtr
}
sexpr = virBufferContentAndReset(&buf);
+ new_dev = virDomainXMLDevID(conn, minidef, dev, class, ref, sizeof(ref));
- if (virDomainXMLDevID(conn, minidef, dev, class, ref, sizeof(ref))) {
+ /* always call 'device_configure' for pci device */
+ if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV &&
+ dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS &&
+ dev->data.hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) {
+ ret = xend_op(conn, def->name, "op", "device_configure",
+ "config", sexpr, "dev", ref, NULL);
+ goto cleanup;
+ }
+
+ if (new_dev) {
/* device doesn't exist, define it */
ret = xend_op(conn, def->name, "op", "device_create",
"config", sexpr, NULL);
++++++ install-apparmor-profiles.patch ++++++
Index: libvirt-1.1.2/examples/apparmor/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/examples/apparmor/Makefile.am
+++ libvirt-1.1.2/examples/apparmor/Makefile.am
@@ -14,8 +14,45 @@
## License along with this library. If not, see
## http://www.gnu.org/licenses/.
-EXTRA_DIST= \
- TEMPLATE \
- libvirt-qemu \
- usr.lib.libvirt.virt-aa-helper \
- usr.sbin.libvirtd
+EXTRA_DIST= \
+ TEMPLATE \
+ libvirt-qemu.in \
+ usr.lib.libvirt.virt-aa-helper.in \
+ usr.sbin.libvirtd.in
+
+if WITH_SECDRIVER_APPARMOR
+
+libvirt-qemu: libvirt-qemu.in
+ sed \
+ -e 's![@]libdir[@]!$(libdir)!g' \
+ < $< > $@-t
+ mv $@-t $@
+
+usr.lib.libvirt.virt-aa-helper: usr.lib.libvirt.virt-aa-helper.in
+ sed \
+ -e 's![@]libdir[@]!$(libdir)!g' \
+ < $< > $@-t
+ mv $@-t $@
+
+usr.sbin.libvirtd: usr.sbin.libvirtd.in
+ sed \
+ -e 's![@]libdir[@]!$(libdir)!g' \
+ < $< > $@-t
+ mv $@-t $@
+
+install-data-local: libvirt-qemu usr.sbin.libvirtd usr.lib.libvirt.virt-aa-helper
+ mkdir -p $(DESTDIR)$(sysconfdir)/apparmor.d/
+ $(INSTALL_DATA) usr.lib.libvirt.virt-aa-helper $(DESTDIR)$(sysconfdir)/apparmor.d/usr.lib.libvirt.virt-aa-helper
+ $(INSTALL_DATA) usr.sbin.libvirtd $(DESTDIR)$(sysconfdir)/apparmor.d/usr.sbin.libvirtd
+ mkdir -p $(DESTDIR)$(sysconfdir)/apparmor.d/libvirt
+ $(INSTALL_DATA) TEMPLATE $(DESTDIR)$(sysconfdir)/apparmor.d/libvirt/TEMPLATE
+ mkdir -p $(DESTDIR)$(sysconfdir)/apparmor.d/abstractions
+ $(INSTALL_DATA) libvirt-qemu $(DESTDIR)$(sysconfdir)/apparmor.d/abstractions/libvirt-qemu
+
+uninstall-local::
+ rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/usr.lib.libvirt.virt-aa-helper
+ rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/usr.sbin.libvirtd
+ rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/abstractions/libvirt-qemu
+ rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/libvirt/TEMPLATE
+
+endif
Index: libvirt-1.1.2/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
===================================================================
--- /dev/null
+++ libvirt-1.1.2/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
@@ -0,0 +1,41 @@
+# Last Modified: Fri Aug 19 11:21:48 2011
+#include
+
+@libdir@/libvirt/virt-aa-helper {
+ #include
+
+ # needed for searching directories
+ capability dac_override,
+ capability dac_read_search,
+
+ # needed for when disk is on a network filesystem
+ network inet,
+
+ @{PROC}/[0-9]** r,
+ deny @{PROC}/[0-9]*/mounts r,
+ @{PROC}/filesystems r,
+
+ # for hostdev
+ /sys/devices/ r,
+ /sys/devices/** r,
+
+ @libdir@/libvirt/virt-aa-helper mr,
+ /sbin/apparmor_parser Ux,
+
+ /etc/apparmor.d/libvirt/* r,
+ /etc/apparmor.d/libvirt/libvirt-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]* rw,
+
+ # for backingstore -- allow access to non-hidden files in @{HOME} as well
+ # as storage pools
+ audit deny @{HOME}/.* mrwkl,
+ audit deny @{HOME}/.*/ rw,
+ audit deny @{HOME}/.*/** mrwkl,
+ audit deny @{HOME}/bin/ rw,
+ audit deny @{HOME}/bin/** mrwkl,
+ @{HOME}/ r,
+ @{HOME}/** r,
+ /var/lib/libvirt/images/ r,
+ /var/lib/libvirt/images/** r,
+ /var/lib/kvm/images/ r,
+ /var/lib/kvm/images/** r,
+}
Index: libvirt-1.1.2/examples/apparmor/usr.lib.libvirt.virt-aa-helper
===================================================================
--- libvirt-1.1.2.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+++ /dev/null
@@ -1,38 +0,0 @@
-# Last Modified: Mon Apr 5 15:10:27 2010
-#include
-
-/usr/lib/libvirt/virt-aa-helper {
- #include
-
- # needed for searching directories
- capability dac_override,
- capability dac_read_search,
-
- # needed for when disk is on a network filesystem
- network inet,
-
- deny @{PROC}/[0-9]*/mounts r,
- @{PROC}/filesystems r,
-
- # for hostdev
- /sys/devices/ r,
- /sys/devices/** r,
-
- /usr/lib/libvirt/virt-aa-helper mr,
- /sbin/apparmor_parser Ux,
-
- /etc/apparmor.d/libvirt/* r,
- /etc/apparmor.d/libvirt/libvirt-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]* rw,
-
- # for backingstore -- allow access to non-hidden files in @{HOME} as well
- # as storage pools
- audit deny @{HOME}/.* mrwkl,
- audit deny @{HOME}/.*/ rw,
- audit deny @{HOME}/.*/** mrwkl,
- audit deny @{HOME}/bin/ rw,
- audit deny @{HOME}/bin/** mrwkl,
- @{HOME}/ r,
- @{HOME}/** r,
- /var/lib/libvirt/images/ r,
- /var/lib/libvirt/images/** r,
-}
Index: libvirt-1.1.2/examples/apparmor/usr.sbin.libvirtd
===================================================================
--- libvirt-1.1.2.orig/examples/apparmor/usr.sbin.libvirtd
+++ /dev/null
@@ -1,52 +0,0 @@
-# Last Modified: Mon Apr 5 15:03:58 2010
-#include
-@{LIBVIRT}="libvirt"
-
-/usr/sbin/libvirtd {
- #include
-
- capability kill,
- capability net_admin,
- capability net_raw,
- capability setgid,
- capability sys_admin,
- capability sys_module,
- capability sys_ptrace,
- capability sys_nice,
- capability sys_chroot,
- capability setuid,
- capability dac_override,
- capability dac_read_search,
- capability fowner,
- capability chown,
- capability setpcap,
- capability mknod,
- capability fsetid,
-
- network inet stream,
- network inet dgram,
- network inet6 stream,
- network inet6 dgram,
-
- # Very lenient profile for libvirtd since we want to first focus on confining
- # the guests. Guests will have a very restricted profile.
- /** rwmkl,
-
- /bin/* Ux,
- /sbin/* Ux,
- /usr/bin/* Ux,
- /usr/sbin/* Ux,
-
- # force the use of virt-aa-helper
- audit deny /sbin/apparmor_parser rwxl,
- audit deny /etc/apparmor.d/libvirt/** wxl,
- audit deny /sys/kernel/security/apparmor/features rwxl,
- audit deny /sys/kernel/security/apparmor/matching rwxl,
- audit deny /sys/kernel/security/apparmor/.* rwxl,
- /sys/kernel/security/apparmor/profiles r,
- /usr/lib/libvirt/* PUxr,
-
- # allow changing to our UUID-based named profiles
- change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*,
-
-}
Index: libvirt-1.1.2/examples/apparmor/usr.sbin.libvirtd.in
===================================================================
--- /dev/null
+++ libvirt-1.1.2/examples/apparmor/usr.sbin.libvirtd.in
@@ -0,0 +1,61 @@
+# Last Modified: Fri Aug 19 11:20:36 2011
+#include
+@{LIBVIRT}="libvirt"
+
+/usr/sbin/libvirtd {
+ #include
+
+ capability kill,
+ capability net_admin,
+ capability net_raw,
+ capability setgid,
+ capability sys_admin,
+ capability sys_module,
+ capability sys_ptrace,
+ capability sys_nice,
+ capability sys_chroot,
+ capability setuid,
+ capability dac_override,
+ capability dac_read_search,
+ capability fowner,
+ capability chown,
+ capability setpcap,
+ capability mknod,
+ capability fsetid,
+ capability ipc_lock,
+
+ network inet stream,
+ network inet dgram,
+ network inet6 stream,
+ network inet6 dgram,
+ network packet dgram,
+
+ # Very lenient profile for libvirtd since we want to first focus on confining
+ # the guests. Guests will have a very restricted profile.
+ /** rwmkl,
+
+ /bin/* Ux,
+ /sbin/* Ux,
+ /usr/bin/* Ux,
+ /usr/sbin/* Ux,
+ /usr/lib/xen/bin/* Ux,
+ /usr/lib64/xen/bin/* Ux,
+ /usr/lib/PolicyKit/polkit-read-auth-helper Px,
+
+ # force the use of virt-aa-helper
+ audit deny /sbin/apparmor_parser rwxl,
+ audit deny /etc/apparmor.d/libvirt/** wxl,
+ audit deny /sys/kernel/security/apparmor/features rwxl,
+ audit deny /sys/kernel/security/apparmor/matching rwxl,
+ audit deny /sys/kernel/security/apparmor/.* rwxl,
+ /sys/kernel/security/apparmor/profiles r,
+ /etc/libvirt/hooks/* rix,
+ /etc/xen/scripts/* rix,
+ @libdir@/libvirt/* Pxr,
+ @libdir@/libvirt/libvirt_parthelper Ux,
+ @libdir@/libvirt/libvirt_iohelper Ux,
+
+ # allow changing to our UUID-based named profiles
+ change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*,
+
+}
Index: libvirt-1.1.2/examples/apparmor/libvirt-qemu
===================================================================
--- libvirt-1.1.2.orig/examples/apparmor/libvirt-qemu
+++ /dev/null
@@ -1,129 +0,0 @@
-# Last Modified: Fri Mar 9 14:43:22 2012
-
- #include
- #include
- #include
-
- # required for reading disk images
- capability dac_override,
- capability dac_read_search,
- capability chown,
-
- network inet stream,
- network inet6 stream,
-
- /dev/net/tun rw,
- /dev/kvm rw,
- /dev/ptmx rw,
- /dev/kqemu rw,
- @{PROC}/*/status r,
-
- # For hostdev access. The actual devices will be added dynamically
- /sys/bus/usb/devices/ r,
- /sys/devices/*/*/usb[0-9]*/** r,
-
- # WARNING: this gives the guest direct access to host hardware and specific
- # portions of shared memory. This is required for sound using ALSA with kvm,
- # but may constitute a security risk. If your environment does not require
- # the use of sound in your VMs, feel free to comment out or prepend 'deny' to
- # the rules for files in /dev.
- /{dev,run}/shm r,
- /{dev,run}/shmpulse-shm* r,
- /{dev,run}/shmpulse-shm* rwk,
- /dev/snd/* rw,
- capability ipc_lock,
- # 'kill' is not required for sound and is a security risk. Do not enable
- # unless you absolutely need it.
- deny capability kill,
-
- # Uncomment the following if you need access to /dev/fb*
- #/dev/fb* rw,
-
- /etc/pulse/client.conf r,
- @{HOME}/.pulse-cookie rwk,
- owner /root/.pulse-cookie rwk,
- owner /root/.pulse/ rw,
- owner /root/.pulse/* rw,
- /usr/share/alsa/** r,
- owner /tmp/pulse-*/ rw,
- owner /tmp/pulse-*/* rw,
- /var/lib/dbus/machine-id r,
-
- # access to firmware's etc
- /usr/share/kvm/** r,
- /usr/share/qemu/** r,
- /usr/share/bochs/** r,
- /usr/share/openbios/** r,
- /usr/share/openhackware/** r,
- /usr/share/proll/** r,
- /usr/share/vgabios/** r,
- /usr/share/seabios/** r,
-
- # access PKI infrastructure
- /etc/pki/libvirt-vnc/** r,
-
- # the various binaries
- /usr/bin/kvm rmix,
- /usr/bin/qemu rmix,
- /usr/bin/qemu-system-arm rmix,
- /usr/bin/qemu-system-cris rmix,
- /usr/bin/qemu-system-i386 rmix,
- /usr/bin/qemu-system-m68k rmix,
- /usr/bin/qemu-system-microblaze rmix,
- /usr/bin/qemu-system-microblazeel rmix,
- /usr/bin/qemu-system-mips rmix,
- /usr/bin/qemu-system-mips64 rmix,
- /usr/bin/qemu-system-mips64el rmix,
- /usr/bin/qemu-system-mipsel rmix,
- /usr/bin/qemu-system-ppc rmix,
- /usr/bin/qemu-system-ppc64 rmix,
- /usr/bin/qemu-system-ppcemb rmix,
- /usr/bin/qemu-system-sh4 rmix,
- /usr/bin/qemu-system-sh4eb rmix,
- /usr/bin/qemu-system-sparc rmix,
- /usr/bin/qemu-system-sparc64 rmix,
- /usr/bin/qemu-system-x86_64 rmix,
- /usr/bin/qemu-alpha rmix,
- /usr/bin/qemu-arm rmix,
- /usr/bin/qemu-armeb rmix,
- /usr/bin/qemu-cris rmix,
- /usr/bin/qemu-i386 rmix,
- /usr/bin/qemu-m68k rmix,
- /usr/bin/qemu-microblaze rmix,
- /usr/bin/qemu-microblazeel rmix,
- /usr/bin/qemu-mips rmix,
- /usr/bin/qemu-mipsel rmix,
- /usr/bin/qemu-ppc rmix,
- /usr/bin/qemu-ppc64 rmix,
- /usr/bin/qemu-ppc64abi32 rmix,
- /usr/bin/qemu-sh4 rmix,
- /usr/bin/qemu-sh4eb rmix,
- /usr/bin/qemu-sparc rmix,
- /usr/bin/qemu-sparc64 rmix,
- /usr/bin/qemu-sparc32plus rmix,
- /usr/bin/qemu-sparc64 rmix,
- /usr/bin/qemu-x86_64 rmix,
-
- # for save and resume
- /bin/dash rmix,
- /bin/dd rmix,
- /bin/cat rmix,
-
- /usr/libexec/qemu-bridge-helper Cx,
- # child profile for bridge helper process
- profile /usr/libexec/qemu-bridge-helper {
- #include
-
- capability setuid,
- capability setgid,
- capability setpcap,
- capability net_admin,
-
- network inet stream,
-
- /dev/net/tun rw,
- /etc/qemu/** r,
- owner @{PROC}/*/status r,
-
- /usr/libexec/qemu-bridge-helper rmix,
- }
Index: libvirt-1.1.2/examples/apparmor/libvirt-qemu.in
===================================================================
--- /dev/null
+++ libvirt-1.1.2/examples/apparmor/libvirt-qemu.in
@@ -0,0 +1,132 @@
+# Last Modified: Fri Mar 9 14:43:22 2012
+
+ #include
+ #include
+ #include
+
+ # required for reading disk images
+ capability dac_override,
+ capability dac_read_search,
+ capability chown,
+ capability setgid,
+
+ network inet stream,
+ network inet6 stream,
+
+ /dev/net/tun rw,
+ /dev/kvm rw,
+ /dev/ptmx rw,
+ /dev/kqemu rw,
+ @{PROC}/*/status r,
+
+ # For hostdev access. The actual devices will be added dynamically
+ /sys/bus/usb/devices/ r,
+ /sys/devices/*/*/usb[0-9]*/** r,
+
+ # WARNING: this gives the guest direct access to host hardware and specific
+ # portions of shared memory. This is required for sound using ALSA with kvm,
+ # but may constitute a security risk. If your environment does not require
+ # the use of sound in your VMs, feel free to comment out or prepend 'deny' to
+ # the rules for files in /dev.
+ /{dev,run}/shm r,
+ /{dev,run}/shmpulse-shm* r,
+ /{dev,run}/shmpulse-shm* rwk,
+ /dev/snd/* rw,
+ capability ipc_lock,
+ # 'kill' is not required for sound and is a security risk. Do not enable
+ # unless you absolutely need it.
+ deny capability kill,
+
+ # Uncomment the following if you need access to /dev/fb*
+ #/dev/fb* rw,
+
+ /etc/pulse/client.conf r,
+ @{HOME}/.pulse-cookie rwk,
+ owner /root/.pulse-cookie rwk,
+ owner /root/.pulse/ rw,
+ owner /root/.pulse/* rw,
+ /usr/share/alsa/** r,
+ owner /tmp/pulse-*/ rw,
+ owner /tmp/pulse-*/* rw,
+ /var/lib/dbus/machine-id r,
+
+ # access to firmware's etc
+ /usr/share/kvm/** r,
+ /usr/share/qemu/** r,
+ /usr/share/qemu-kvm/** r,
+ /usr/share/bochs/** r,
+ /usr/share/openbios/** r,
+ /usr/share/openhackware/** r,
+ /usr/share/proll/** r,
+ /usr/share/vgabios/** r,
+ /usr/share/seabios/** r,
+
+ # access PKI infrastructure
+ /etc/pki/libvirt-vnc/** r,
+
+ # the various binaries
+ /usr/bin/kvm rmix,
+ /usr/bin/qemu rmix,
+ /usr/bin/qemu-kvm rmix,
+ /usr/bin/qemu-system-arm rmix,
+ /usr/bin/qemu-system-cris rmix,
+ /usr/bin/qemu-system-i386 rmix,
+ /usr/bin/qemu-system-m68k rmix,
+ /usr/bin/qemu-system-microblaze rmix,
+ /usr/bin/qemu-system-microblazeel rmix,
+ /usr/bin/qemu-system-mips rmix,
+ /usr/bin/qemu-system-mips64 rmix,
+ /usr/bin/qemu-system-mips64el rmix,
+ /usr/bin/qemu-system-mipsel rmix,
+ /usr/bin/qemu-system-ppc rmix,
+ /usr/bin/qemu-system-ppc64 rmix,
+ /usr/bin/qemu-system-ppcemb rmix,
+ /usr/bin/qemu-system-sh4 rmix,
+ /usr/bin/qemu-system-sh4eb rmix,
+ /usr/bin/qemu-system-sparc rmix,
+ /usr/bin/qemu-system-sparc64 rmix,
+ /usr/bin/qemu-system-x86_64 rmix,
+ /usr/bin/qemu-alpha rmix,
+ /usr/bin/qemu-arm rmix,
+ /usr/bin/qemu-armeb rmix,
+ /usr/bin/qemu-cris rmix,
+ /usr/bin/qemu-i386 rmix,
+ /usr/bin/qemu-m68k rmix,
+ /usr/bin/qemu-microblaze rmix,
+ /usr/bin/qemu-microblazeel rmix,
+ /usr/bin/qemu-mips rmix,
+ /usr/bin/qemu-mipsel rmix,
+ /usr/bin/qemu-ppc rmix,
+ /usr/bin/qemu-ppc64 rmix,
+ /usr/bin/qemu-ppc64abi32 rmix,
+ /usr/bin/qemu-sh4 rmix,
+ /usr/bin/qemu-sh4eb rmix,
+ /usr/bin/qemu-sparc rmix,
+ /usr/bin/qemu-sparc64 rmix,
+ /usr/bin/qemu-sparc32plus rmix,
+ /usr/bin/qemu-sparc64 rmix,
+ /usr/bin/qemu-x86_64 rmix,
+
+ # for save and resume
+ /bin/dash rmix,
+ /bin/dd rmix,
+ /bin/cat rmix,
+
+ @libdir@/qemu-bridge-helper Cx,
+ # child profile for bridge helper process
+ profile @libdir@/qemu-bridge-helper {
+ #include
+
+ capability setuid,
+ capability setgid,
+ capability setpcap,
+ capability net_admin,
+
+ network inet stream,
+
+ /dev/net/tun rw,
+ /etc/qemu/** r,
+ owner @{PROC}/*/status r,
+
+ @libdir@/qemu-bridge-helper rmix,
+ }
++++++ libvirt-guests-init-script.patch ++++++
Adjust libvirt-guests init files to conform to SUSE standards
Index: libvirt-1.1.2/tools/libvirt-guests.init.in
===================================================================
--- libvirt-1.1.2.orig/tools/libvirt-guests.init.in
+++ libvirt-1.1.2/tools/libvirt-guests.init.in
@@ -3,15 +3,15 @@
# the following is the LSB init header
#
### BEGIN INIT INFO
-# Provides: libvirt-guests
-# Required-Start: libvirtd
-# Required-Stop: libvirtd
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
+# Provides: libvirt-guests
+# Required-Start: $network $remote_fs libvirtd
+# Required-Stop: $network $remote_fs libvirtd
+# Default-Start: 3 5
+# Default-Stop: 0 1 2 4 6
# Short-Description: suspend/resume libvirt guests on shutdown/boot
-# Description: This is a script for suspending active libvirt guests
-# on shutdown and resuming them on next boot
-# See http://libvirt.org
+# Description: This is a script for suspending active libvirt guests
+# on shutdown and resuming them on next boot
+# See http://libvirt.org
### END INIT INFO
# the following is chkconfig init header
Index: libvirt-1.1.2/tools/libvirt-guests.sh.in
===================================================================
--- libvirt-1.1.2.orig/tools/libvirt-guests.sh.in
+++ libvirt-1.1.2/tools/libvirt-guests.sh.in
@@ -16,14 +16,13 @@
# License along with this library. If not, see
# http://www.gnu.org/licenses/.
+. /etc/rc.status
+rc_reset
+
sysconfdir="@sysconfdir@"
localstatedir="@localstatedir@"
libvirtd="@sbindir@"/libvirtd
-# Source function library.
-test ! -r "$sysconfdir"/rc.d/init.d/functions ||
- . "$sysconfdir"/rc.d/init.d/functions
-
# Source gettext library.
# Make sure this file is recognized as having translations: _("dummy")
. "@bindir@"/gettext.sh
@@ -42,9 +41,11 @@ test -f "$sysconfdir"/sysconfig/libvirt-
. "$sysconfdir"/sysconfig/libvirt-guests
LISTFILE="$localstatedir"/lib/libvirt/libvirt-guests
-VAR_SUBSYS_LIBVIRT_GUESTS="$localstatedir"/lock/subsys/libvirt-guests
-
-RETVAL=0
+if [ -d "$localstatedir"/lock/subsys ]; then
+ VAR_SUBSYS_LIBVIRT_GUESTS="$localstatedir"/lock/subsys/libvirt-guests
+else
+ VAR_SUBSYS_LIBVIRT_GUESTS="$localstatedir"/lock/libvirt-guests
+fi
# retval COMMAND ARGUMENTS...
# run command with arguments and convert non-zero return value to 1 and set
@@ -52,7 +53,7 @@ RETVAL=0
retval() {
"$@"
if [ $? -ne 0 ]; then
- RETVAL=1
+ rc_failed 1
return 1
else
return 0
@@ -81,6 +82,25 @@ run_virsh_c() {
( export LC_ALL=C; run_virsh "$@" )
}
+await_daemon_up()
+{
+ uri=$1
+ i=1
+ rets=10
+ run_virsh $uri list > /dev/null 2>&1
+ while [ $? -ne 0 -a $i -lt $rets ]; do
+ sleep 1
+ echo -n .
+ i=$(($i + 1))
+ run_virsh $uri list > /dev/null 2>&1
+ done
+ if [ $i -eq $rets ]; then
+ echo $"libvirt-guests unable to connect to URI: $uri"
+ return 1
+ fi
+ return 0
+}
+
# test_connect URI
# check if URI is reachable
test_connect()
@@ -107,7 +127,7 @@ list_guests() {
list=$(run_virsh_c "$uri" list --uuid $persistent)
if [ $? -ne 0 ]; then
- RETVAL=1
+ rc_failed 1
return 1
fi
@@ -133,7 +153,7 @@ guest_is_on() {
guest_running=false
id=$(run_virsh "$uri" domid "$uuid")
if [ $? -ne 0 ]; then
- RETVAL=1
+ rc_failed 1
return 1
fi
@@ -181,6 +201,12 @@ start() {
test_connect "$uri" || continue
+ await_daemon_up $uri
+ if [ $? -ne 0 ]; then
+ echo $"Ignoring guests on $uri URI, can't connect"
+ continue
+ fi
+
eval_gettext "Resuming guests on \$uri URI..."; echo
for guest in $list; do
name=$(guest_name "$uri" "$guest")
@@ -394,7 +420,7 @@ shutdown_guests_parallel()
timeout=$(($timeout - 1))
if [ $timeout -le 0 ]; then
eval_gettext "Timeout expired while shutting down domains"; echo
- RETVAL=1
+ rc_failed 1
return
fi
else
@@ -422,7 +448,7 @@ stop() {
if [ $SHUTDOWN_TIMEOUT -lt 0 ]; then
gettext "SHUTDOWN_TIMEOUT must be equal or greater than 0"
echo
- RETVAL=6
+ rc_failed 6
return
fi
fi
@@ -470,14 +496,14 @@ stop() {
if [ $? -ne 0 ]; then
eval_gettext "Failed to list persistent guests on \$uri"
echo
- RETVAL=1
+ rc_failed 1
set +f
return
fi
else
gettext "Failed to list transient guests"
echo
- RETVAL=1
+ rc_failed 1
set +f
return
fi
@@ -536,14 +562,13 @@ gueststatus() {
rh_status() {
if [ -f "$LISTFILE" ]; then
gettext "stopped, with saved guests"; echo
- RETVAL=3
+ rc_failed 3
else
if [ -f "$VAR_SUBSYS_LIBVIRT_GUESTS" ]; then
gettext "started"; echo
- RETVAL=0
else
gettext "stopped, with no saved guests"; echo
- RETVAL=3
+ rc_failed 3
fi
fi
}
@@ -588,4 +613,4 @@ case "$1" in
usage
;;
esac
-exit $RETVAL
+rc_exit
Index: libvirt-1.1.2/tools/libvirt-guests.sysconf
===================================================================
--- libvirt-1.1.2.orig/tools/libvirt-guests.sysconf
+++ libvirt-1.1.2/tools/libvirt-guests.sysconf
@@ -1,19 +1,29 @@
+## Path: System/Virtualization/libvirt-guests
+
+## Type: string
+## Default: default
# URIs to check for running guests
# example: URIS='default xen:/// vbox+tcp://host/system lxc:///'
-#URIS=default
+URIS=default
+## Type: string
+## Default: start
# action taken on host boot
# - start all guests which were running on shutdown are started on boot
# regardless on their autostart settings
# - ignore libvirt-guests init script won't start any guest on boot, however,
# guests marked as autostart will still be automatically started by
# libvirtd
-#ON_BOOT=start
+ON_BOOT=start
+## Type: integer
+## Default: 0
# Number of seconds to wait between each guest start. Set to 0 to allow
# parallel startup.
-#START_DELAY=0
+START_DELAY=0
+## Type: string
+## Default: suspend
# action taken on host shutdown
# - suspend all running guests are suspended using virsh managedsave
# - shutdown all running guests are asked to shutdown. Please be careful with
@@ -22,12 +32,16 @@
# which just needs a long time to shutdown. When setting
# ON_SHUTDOWN=shutdown, you must also set SHUTDOWN_TIMEOUT to a
# value suitable for your guests.
-#ON_SHUTDOWN=suspend
+ON_SHUTDOWN=suspend
+## Type: integer
+## Default: 0
# If set to non-zero, shutdown will suspend guests concurrently. Number of
# guests on shutdown at any time will not exceed number set in this variable.
-#PARALLEL_SHUTDOWN=0
+PARALLEL_SHUTDOWN=0
+## Type: integer
+## Default: 300
# Number of seconds we're willing to wait for a guest to shut down. If parallel
# shutdown is enabled, this timeout applies as a timeout for shutting down all
# guests on a single URI defined in the variable URIS. If this is 0, then there
@@ -35,7 +49,9 @@
# request). The default value is 300 seconds (5 minutes).
#SHUTDOWN_TIMEOUT=300
+## Type: integer
+## Default: 0
# If non-zero, try to bypass the file system cache when saving and
# restoring guests, even though this may give slower operation for
# some file systems.
-#BYPASS_CACHE=0
+BYPASS_CACHE=0
++++++ libvirt-suse-netcontrol.patch ++++++
Index: libvirt-1.1.2/configure.ac
===================================================================
--- libvirt-1.1.2.orig/configure.ac
+++ libvirt-1.1.2/configure.ac
@@ -174,6 +174,7 @@ LIBVIRT_CHECK_DBUS
LIBVIRT_CHECK_FUSE
LIBVIRT_CHECK_HAL
LIBVIRT_CHECK_NETCF
+LIBVIRT_CHECK_NETCONTROL
LIBVIRT_CHECK_NUMACTL
LIBVIRT_CHECK_OPENWSMAN
LIBVIRT_CHECK_PCIACCESS
@@ -2297,11 +2298,12 @@ if test "$with_libvirtd" = "no" ; then
with_interface=no
fi
-dnl The interface driver depends on the netcf library or udev library
-case $with_interface:$with_netcf:$with_udev in
+dnl The interface driver depends on the netcf library, netcontrol library, or
+dnl udev library
+case $with_interface:$with_netcf:$with_netcontrol:$with_udev in
check:*yes*) with_interface=yes ;;
check:no:no) with_interface=no ;;
- yes:no:no) AC_MSG_ERROR([Requested the Interface driver without netcf or udev support]) ;;
+ yes:no:no) AC_MSG_ERROR([Requested the Interface driver without netcf, netcontrol, or udev support]) ;;
esac
if test "$with_interface" = "yes" ; then
@@ -2609,6 +2611,7 @@ LIBVIRT_RESULT_DBUS
LIBVIRT_RESULT_FUSE
LIBVIRT_RESULT_HAL
LIBVIRT_RESULT_NETCF
+LIBVIRT_RESULT_NETCONTROL
LIBVIRT_RESULT_NUMACTL
LIBVIRT_RESULT_OPENWSMAN
LIBVIRT_RESULT_PCIACCESS
Index: libvirt-1.1.2/src/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/src/Makefile.am
+++ libvirt-1.1.2/src/Makefile.am
@@ -754,6 +754,10 @@ if WITH_NETCF
INTERFACE_DRIVER_SOURCES += \
interface/interface_backend_netcf.c
endif
+if WITH_NETCONTROL
+INTERFACE_DRIVER_SOURCES += \
+ interface/interface_backend_netcf.c
+endif
if WITH_UDEV
INTERFACE_DRIVER_SOURCES += \
interface/interface_backend_udev.c
@@ -1314,11 +1318,16 @@ if WITH_NETCF
libvirt_driver_interface_la_CFLAGS += $(NETCF_CFLAGS)
libvirt_driver_interface_la_LIBADD += $(NETCF_LIBS)
else
+if WITH_NETCONTROL
+libvirt_driver_interface_la_CFLAGS += $(NETCONTROL_CFLAGS)
+libvirt_driver_interface_la_LIBADD += $(NETCONTROL_LIBS)
+else
if WITH_UDEV
libvirt_driver_interface_la_CFLAGS += $(UDEV_CFLAGS)
libvirt_driver_interface_la_LIBADD += $(UDEV_LIBS)
endif
endif
+endif
if WITH_DRIVER_MODULES
libvirt_driver_interface_la_LIBADD += ../gnulib/lib/libgnu.la
libvirt_driver_interface_la_LDFLAGS += -module -avoid-version
Index: libvirt-1.1.2/tools/virsh.c
===================================================================
--- libvirt-1.1.2.orig/tools/virsh.c
+++ libvirt-1.1.2/tools/virsh.c
@@ -2864,6 +2864,8 @@ vshShowVersion(vshControl *ctl ATTRIBUTE
vshPrint(ctl, " Interface");
# if defined(WITH_NETCF)
vshPrint(ctl, " netcf");
+# elif defined(WITH_NETCONTROL)
+ vshPrint(ctl, " netcontrol");
# elif defined(WITH_UDEV)
vshPrint(ctl, " udev");
# endif
Index: libvirt-1.1.2/src/interface/interface_backend_netcf.c
===================================================================
--- libvirt-1.1.2.orig/src/interface/interface_backend_netcf.c
+++ libvirt-1.1.2/src/interface/interface_backend_netcf.c
@@ -23,7 +23,12 @@
#include
-#include
+#ifdef WITH_NETCONTROL
+# include
+# include
+#else
+# include
+#endif
#include "virerror.h"
#include "datatypes.h"
@@ -54,6 +59,38 @@ static void interfaceDriverUnlock(struct
virMutexUnlock(&driver->lock);
}
+#ifdef WITH_NETCONTROL
+static void
+interface_nc_log_driver(const char *category,
+ int priority,
+ const char *func,
+ const char *file,
+ long long line,
+ const char *msg,
+ size_t len ATTRIBUTE_UNUSED)
+{
+ int vp;
+
+ switch(priority) {
+ case NC_LOG_FATAL:
+ case NC_LOG_ERROR:
+ vp = VIR_LOG_ERROR;
+ break;
+ case NC_LOG_WARN:
+ vp = VIR_LOG_WARN;
+ break;
+ case NC_LOG_INFO:
+ vp = VIR_LOG_INFO;
+ break;
+ case NC_LOG_DEBUG:
+ default:
+ vp = VIR_LOG_DEBUG;
+ break;
+ }
+ virLogMessage(VIR_LOG_FROM_FILE, vp, file, line, func, 0, "%s", msg);
+}
+#endif
+
/*
* Get a minimal virInterfaceDef containing enough metadata
* for access control checks to be performed. Currently
@@ -164,6 +201,10 @@ static virDrvOpenStatus netcfInterfaceOp
goto mutex_error;
}
+#ifdef WITH_NETCONTROL
+ nc_logger_redirect_to(interface_nc_log_driver);
+#endif
+
/* open netcf */
if (ncf_init(&driverState->netcf, NULL) != 0)
{
Index: libvirt-1.1.2/src/interface/interface_driver.c
===================================================================
--- libvirt-1.1.2.orig/src/interface/interface_driver.c
+++ libvirt-1.1.2/src/interface/interface_driver.c
@@ -28,8 +28,15 @@ interfaceRegister(void) {
if (netcfIfaceRegister() == 0)
return 0;
#endif /* WITH_NETCF */
+#ifdef WITH_NETCONTROL
+ /* Attempt to load the netcontrol based backend, which is a slightly
+ patched netcf backend */
+ if (netcfIfaceRegister() == 0)
+ return 0;
+#endif /* WITH_NETCONTROL */
#if WITH_UDEV
- /* If there's no netcf or it failed to load, register the udev backend */
+ /* If there's no netcf or netcontrol, or it failed to load, register the
+ udev backend */
if (udevIfaceRegister() == 0)
return 0;
#endif /* WITH_UDEV */
Index: libvirt-1.1.2/m4/virt-netcontrol.m4
===================================================================
--- /dev/null
+++ libvirt-1.1.2/m4/virt-netcontrol.m4
@@ -0,0 +1,35 @@
+dnl The libnetcontrol library
+dnl
+dnl Copyright (C) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+dnl
+dnl This library is free software; you can redistribute it and/or
+dnl modify it under the terms of the GNU Lesser General Public
+dnl License as published by the Free Software Foundation; either
+dnl version 2.1 of the License, or (at your option) any later version.
+dnl
+dnl This library is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+dnl Lesser General Public License for more details.
+dnl
+dnl You should have received a copy of the GNU Lesser General Public
+dnl License along with this library. If not, see
+dnl http://www.gnu.org/licenses/.
+dnl
+
+AC_DEFUN([LIBVIRT_CHECK_NETCONTROL],[
+ LIBVIRT_CHECK_PKG([NETCONTROL], [netcontrol], [0.2.0])
+
+ if test "$with_netcontrol" = "yes" ; then
+ old_CFLAGS="$CFLAGS"
+ old_LIBS="$CFLAGS"
+ CFLAGS="$CFLAGS $NETCONTROL_CFLAGS"
+ LIBS="$LIBS $NETCONTROL_LIBS"
+ CFLAGS="$old_CFLAGS"
+ LIBS="$old_LIBS"
+ fi
+])
+
+AC_DEFUN([LIBVIRT_RESULT_NETCONTROL],[
+ LIBVIRT_RESULT_LIB([NETCONTROL])
+])
++++++ libvirtd-defaults.patch ++++++
Index: libvirt-1.1.2/daemon/libvirtd.conf
===================================================================
--- libvirt-1.1.2.orig/daemon/libvirtd.conf
+++ libvirt-1.1.2/daemon/libvirtd.conf
@@ -18,8 +18,8 @@
# It is necessary to setup a CA and issue server certificates before
# using this capability.
#
-# This is enabled by default, uncomment this to disable it
-#listen_tls = 0
+# This is disabled by default, uncomment this to enable it
+#listen_tls = 1
# Listen for unencrypted TCP connections on the public TCP/IP port.
# NB, must pass the --listen flag to the libvirtd process for this to
Index: libvirt-1.1.2/daemon/libvirtd-config.c
===================================================================
--- libvirt-1.1.2.orig/daemon/libvirtd-config.c
+++ libvirt-1.1.2/daemon/libvirtd-config.c
@@ -222,7 +222,7 @@ daemonConfigNew(bool privileged ATTRIBUT
if (VIR_ALLOC(data) < 0)
return NULL;
- data->listen_tls = 1;
+ data->listen_tls = 0;
data->listen_tcp = 0;
if (VIR_STRDUP(data->tls_port, LIBVIRTD_TLS_PORT) < 0 ||
++++++ libvirtd-init-script.patch ++++++
Adjust libvirtd sysconfig file to conform to SUSE standards
Index: libvirt-1.1.2/daemon/libvirtd.sysconf
===================================================================
--- libvirt-1.1.2.orig/daemon/libvirtd.sysconf
+++ libvirt-1.1.2/daemon/libvirtd.sysconf
@@ -1,16 +1,25 @@
+## Path: System/Virtualization/libvirt
+
+## Type: string
+## Default: /etc/libvirt/libvirtd.conf
# Override the default config file
# NOTE: This setting is no longer honoured if using
# systemd. Set '--config /etc/libvirt/libvirtd.conf'
# in LIBVIRTD_ARGS instead.
-#LIBVIRTD_CONFIG=/etc/libvirt/libvirtd.conf
+LIBVIRTD_CONFIG=/etc/libvirt/libvirtd.conf
-# Listen for TCP/IP connections
-# NB. must setup TLS/SSL keys prior to using this
-#LIBVIRTD_ARGS="--listen"
+## Type: string
+## Default: --listen
+# Arguments to pass to libvirtd
+LIBVIRTD_ARGS="--listen"
+## Type: string
+## Default: none
# Override Kerberos service keytab for SASL/GSSAPI
#KRB5_KTNAME=/etc/libvirt/krb5.tab
+## Type: string
+## Default: none
# Override the QEMU/SDL default audio driver probing when
# starting virtual machines using SDL graphics
#
@@ -20,5 +29,7 @@
#
#SDL_AUDIODRIVER=pulse
-# Override the maximum number of opened files
-#LIBVIRTD_NOFILES_LIMIT=2048
+## Type: integer
+## Default: 2048
+## Override the maximum number of opened files
+LIBVIRTD_NOFILES_LIMIT=2048
++++++ libvirtd-relocation-server.fw ++++++
## Name: Libvirtd Relocation Server
## Description: Enables libvirtd plain relocation service
TCP="49152:49215"
++++++ libvirtd.init ++++++
#!/bin/sh
# the following is the LSB init header see
# http://www.linux-foundation.org/spec//booksets/LSB-Core-generic/LSB-Core-gen...
#
### BEGIN INIT INFO
# Provides: libvirtd
# Required-Start: $network $remote_fs
# Should-Start: xend cgconfig
# Default-Start: 3 5
# Required-Stop: $network $remote_fs
# Should-Stop: xend cgconfig
# Default-Stop: 0 1 2 4 6
# Short-Description: daemon for libvirt virtualization API
# Description: This is a daemon for managing QEMU guest instances
# and libvirt virtual networks
# See http://libvirt.org
### END INIT INFO
LIBVIRTD_BIN=/usr/sbin/libvirtd
LIBVIRTD_PIDFILE=/var/run/libvirtd.pid
test -x $LIBVIRTD_BIN || { echo "$LIBVIRD_BIN not installed";
if [ "$1" = "stop" ]; then exit 0;
else exit 5; fi; }
. /etc/rc.status
rc_reset
test -f /etc/sysconfig/libvirtd && . /etc/sysconfig/libvirtd
LIBVIRTD_CONFIG_ARGS=
if [ -n "$LIBVIRTD_CONFIG" ]
then
LIBVIRTD_CONFIG_ARGS="--config $LIBVIRTD_CONFIG"
fi
case "$1" in
start)
if [ -e $LIBVIRTD_PIDFILE ]; then
if checkproc $LIBVIRTD_BIN ; then
echo -n "libvirtd is already running."
rc_status -v
exit
else
echo "Removing stale PID file $LIBVIRTD_PIDFILE."
rm -f $LIBVIRTD_PIDFILE
fi
fi
echo -n "Starting libvirtd "
mkdir -p /var/cache/libvirt
rm -rf /var/cache/libvirt/*
# LIBVIRTD_NOFILES_LIMIT from /etc/sysconfig/libvirtd is not handled
# automatically
if [ -n "$LIBVIRTD_NOFILES_LIMIT" ]; then
ulimit -n "$LIBVIRTD_NOFILES_LIMIT"
fi
startproc $LIBVIRTD_BIN --daemon $LIBVIRTD_CONFIG_ARGS $LIBVIRTD_ARGS
rc_status -v
;;
stop)
echo -n "Shutting down libvirtd "
rm -rf /var/cache/libvirt/*
killproc -TERM $LIBVIRTD_BIN > /dev/null 2>&1
rm -f $LIBVIRTD_PIDFILE
rc_status -v
;;
try-restart)
$0 status >/dev/null && $0 restart
rc_status
;;
restart)
$0 stop
$0 start
rc_status
;;
reload)
killproc -HUP $LIBVIRTD_BIN
rc_status -v
;;
status)
echo -n "Checking status of libvirtd "
checkproc $LIBVIRTD_BIN
rc_status -v
;;
*)
echo "Usage: $0 {start|stop|restart|try-restart|reload|status}"
rc_failed 2
rc_exit
;;
esac
rc_exit
++++++ libxl-hvm-nic.patch ++++++
Index: libvirt-1.1.2/src/libxl/libxl_conf.c
===================================================================
--- libvirt-1.1.2.orig/src/libxl/libxl_conf.c
+++ libvirt-1.1.2/src/libxl/libxl_conf.c
@@ -846,8 +846,6 @@ libxlMakeNic(virDomainNetDefPtr l_nic, l
* x_nics[i].mtu = 1492;
*/
- libxl_device_nic_init(x_nic);
-
virMacAddrGetRaw(&l_nic->mac, x_nic->mac);
if (l_nic->model && !STREQ(l_nic->model, "netfront")) {
@@ -892,6 +890,8 @@ libxlMakeNicList(virDomainDefPtr def, l
return -1;
for (i = 0; i < nnics; i++) {
+ libxl_device_nic_init(&x_nics[i]);
+ x_nics[i].devid = i;
if (libxlMakeNic(l_nics[i], &x_nics[i]))
goto error;
}
++++++ libxl-hvm-vnc.patch ++++++
Index: libvirt-1.1.2/src/libxl/libxl_conf.c
===================================================================
--- libvirt-1.1.2.orig/src/libxl/libxl_conf.c
+++ libvirt-1.1.2/src/libxl/libxl_conf.c
@@ -524,6 +524,30 @@ libxlMakeChrdevStr(virDomainChrDefPtr de
}
static int
+libxlFixupDomBuildInfo(virDomainDefPtr def, libxl_domain_config *d_config)
+{
+ libxl_domain_build_info *b_info = &d_config->b_info;
+ int hvm = STREQ(def->os.type, "hvm");
+ libxl_device_vfb vfb;
+
+ if (!hvm)
+ return 0;
+
+ if (d_config->num_vfbs) {
+ vfb = d_config->vfbs[0];
+ if (libxl_defbool_val(vfb.vnc.enable))
+ memcpy(&b_info->u.hvm.vnc, &vfb.vnc, sizeof(libxl_vnc_info));
+ else if (libxl_defbool_val(vfb.sdl.enable))
+ memcpy(&b_info->u.hvm.sdl, &vfb.sdl, sizeof(libxl_sdl_info));
+ else
+ return -1;
+ }
+
+ return 0;
+}
+
+
+static int
libxlMakeDomBuildInfo(virDomainObjPtr vm, libxl_domain_config *d_config)
{
virDomainDefPtr def = vm->def;
@@ -1025,6 +1049,9 @@ libxlBuildDomainConfig(libxlDriverPrivat
if (libxlMakeVfbList(driver, def, d_config) < 0)
return -1;
+ if (libxlFixupDomBuildInfo(def, d_config) < 0)
+ return -1;
+
d_config->on_reboot = def->onReboot;
d_config->on_poweroff = def->onPoweroff;
d_config->on_crash = def->onCrash;
++++++ support-managed-pci-xen-driver.patch ++++++
From 5aeda96eafd230af55343e7ef835e081ded484aa Mon Sep 17 00:00:00 2001
From: Chunyan Liu
Date: Fri, 25 Jan 2013 17:37:14 +0800
Subject: [PATCH] support managed pci devices in xen driver
---
src/xenxs/xen_sxpr.c | 22 ++++++++--------------
src/xenxs/xen_xm.c | 28 +++++++++++++++++++++++++++-
2 files changed, 35 insertions(+), 15 deletions(-)
Index: libvirt-1.1.2/src/xenxs/xen_sxpr.c
===================================================================
--- libvirt-1.1.2.orig/src/xenxs/xen_sxpr.c
+++ libvirt-1.1.2/src/xenxs/xen_sxpr.c
@@ -993,6 +993,7 @@ xenParseSxprPCI(virDomainDefPtr def,
int busID;
int slotID;
int funcID;
+ bool managed;
node = cur->u.s.car;
if (!sexpr_lookup(node, "dev"))
@@ -1040,11 +1041,13 @@ xenParseSxprPCI(virDomainDefPtr def,
goto error;
}
+ managed = sexpr_int(node, "dev/opts/managed");
+
if (!(dev = virDomainHostdevDefAlloc()))
goto error;
dev->mode = VIR_DOMAIN_HOSTDEV_MODE_SUBSYS;
- dev->managed = false;
+ dev->managed = managed ? true : false;
dev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI;
dev->source.subsys.u.pci.addr.domain = domainID;
dev->source.subsys.u.pci.addr.bus = busID;
@@ -1990,11 +1993,15 @@ static void
xenFormatSxprPCI(virDomainHostdevDefPtr def,
virBufferPtr buf)
{
- virBufferAsprintf(buf, "(dev (domain 0x%04x)(bus 0x%02x)(slot 0x%02x)(func 0x%x))",
+ virBufferAsprintf(buf, "(dev (domain 0x%04x)(bus 0x%02x)(slot 0x%02x)(func 0x%x)",
def->source.subsys.u.pci.addr.domain,
def->source.subsys.u.pci.addr.bus,
def->source.subsys.u.pci.addr.slot,
def->source.subsys.u.pci.addr.function);
+
+ if (def->managed)
+ virBufferAddLit(buf, "(opts (managed 1))");
+ virBufferAddLit(buf, ")");
}
@@ -2013,12 +2020,6 @@ xenFormatSxprOnePCI(virDomainHostdevDefP
virBufferPtr buf,
int detach)
{
- if (def->managed) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("managed PCI devices not supported with XenD"));
- return -1;
- }
-
virBufferAddLit(buf, "(pci ");
xenFormatSxprPCI(def, buf);
if (detach)
@@ -2073,12 +2074,6 @@ xenFormatSxprAllPCI(virDomainDefPtr def,
for (i = 0; i < def->nhostdevs; i++) {
if (def->hostdevs[i]->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS &&
def->hostdevs[i]->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) {
- if (def->hostdevs[i]->managed) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("managed PCI devices not supported with XenD"));
- return -1;
- }
-
xenFormatSxprPCI(def->hostdevs[i], buf);
}
}
Index: libvirt-1.1.2/src/xenxs/xen_xm.c
===================================================================
--- libvirt-1.1.2.orig/src/xenxs/xen_xm.c
+++ libvirt-1.1.2/src/xenxs/xen_xm.c
@@ -802,6 +802,8 @@ xenParseXM(virConfPtr conf, int xendConf
int busID;
int slotID;
int funcID;
+ char *opt;
+ int managed = 0;
domain[0] = bus[0] = slot[0] = func[0] = '\0';
@@ -811,6 +813,11 @@ xenParseXM(virConfPtr conf, int xendConf
/* pci=['0000:00:1b.0','0000:00:13.0'] */
if (!(key = list->str))
goto skippci;
+
+ opt = strchr(key, ',');
+ if (opt)
+ opt++;
+
if (!(nextkey = strchr(key, ':')))
goto skippci;
@@ -859,10 +866,30 @@ xenParseXM(virConfPtr conf, int xendConf
if (virStrToLong_i(func, NULL, 16, &funcID) < 0)
goto skippci;
+ if (opt) {
+ char opt_managed[2];
+ char *data;
+
+ opt_managed[0] = '\0';
+ data = strchr(opt, '=');
+ data++;
+
+ if (STRPREFIX(opt, "managed=")) {
+ if (virStrncpy(opt_managed, data, 1, sizeof(opt_managed)) == NULL) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("managed option %s too big for destination"),
+ data);
+ goto skippci;
+ }
+ }
+ if (virStrToLong_i(opt_managed, NULL, 10, &managed) < 0)
+ goto skippci;
+ }
+
if (!(hostdev = virDomainHostdevDefAlloc()))
goto cleanup;
- hostdev->managed = false;
+ hostdev->managed = managed ? true : false;
hostdev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI;
hostdev->source.subsys.u.pci.addr.domain = domainID;
hostdev->source.subsys.u.pci.addr.bus = busID;
++++++ suse-qemu-conf.patch ++++++
Index: libvirt-1.1.2/src/qemu/qemu.conf
===================================================================
--- libvirt-1.1.2.orig/src/qemu/qemu.conf
+++ libvirt-1.1.2/src/qemu/qemu.conf
@@ -175,7 +175,16 @@
# a special value; security_driver can be set to that value in
# isolation, but it cannot appear in a list of drivers.
#
+# SUSE Note:
+# Currently, Apparmor is the default security framework in SUSE
+# distros. If Apparmor is enabled on the host, libvirtd is
+# generously confined but users must opt-in to confine qemu
+# instances. Change this to 'apparmor' to enable Apparmor
+# confinement of qemu instances.
+#
#security_driver = "selinux"
+# security_driver = "apparmor"
+security_driver = "none"
# If set to non-zero, then the default security labeling
# will make guests confined. If set to zero, then guests
@@ -371,6 +380,15 @@
#allow_disk_format_probing = 1
+# SUSE note:
+# Many lock managers, sanlock included, will kill the resources
+# they protect when terminated. E.g. the sanlock daemon will kill
+# any virtual machines for which it holds disk leases when the
+# daemon is stopped or restarted. Administrators must be vigilant
+# when enabling a lock manager since simply updating the manager
+# may cause it to be restarted, potentially killing the resources
+# it protects.
+#
# To enable 'Sanlock' project based locking of the file
# content (to prevent two VMs writing to the same
# disk), uncomment this
++++++ systemd-service-xen.patch ++++++
Index: libvirt-1.1.2/daemon/libvirtd.service.in
===================================================================
--- libvirt-1.1.2.orig/daemon/libvirtd.service.in
+++ libvirt-1.1.2/daemon/libvirtd.service.in
@@ -9,6 +9,8 @@ Before=libvirt-guests.service
After=network.target
After=dbus.service
After=iscsid.service
+Wants=xencommons.service
+After=xencommons.service
[Service]
EnvironmentFile=-/etc/sysconfig/libvirtd
++++++ virtlockd-init-script.patch ++++++
Adjust virtlockd init files to conform to SUSE standards
Index: libvirt-1.1.2/src/locking/virtlockd.sysconf
===================================================================
--- libvirt-1.1.2.orig/src/locking/virtlockd.sysconf
+++ libvirt-1.1.2/src/locking/virtlockd.sysconf
@@ -1,3 +1,7 @@
+## Path: System/Virtualization/virtlockd
+
+## Type: string
+## Default: ""
#
# Pass extra arguments to virtlockd
#VIRTLOCKD_ARGS=
Index: libvirt-1.1.2/src/locking/virtlockd.init.in
===================================================================
--- libvirt-1.1.2.orig/src/locking/virtlockd.init.in
+++ libvirt-1.1.2/src/locking/virtlockd.init.in
@@ -4,11 +4,13 @@
# http://www.linux-foundation.org/spec//booksets/LSB-Core-generic/LSB-Core-gen...
#
### BEGIN INIT INFO
-# Provides: virtlockd
-# Default-Start: 3 4 5
+# Provides: virtlockd
+# Required-Start: $network $remote_fs
+# Default-Start: 3 4 5
+# Required-Stop: $network $remote_fs
# Short-Description: virtual machine lock manager
-# Description: This is a daemon for managing locks
-# on virtual machine disk images
+# Description: This is a daemon for managing locks
+# on virtual machine disk images
### END INIT INFO
# the following is chkconfig init header
@@ -23,35 +25,33 @@
# pidfile: @localstatedir@/run/libvirt/virtlockd.pid
#
-# Source function library.
-. @sysconfdir@/rc.d/init.d/functions
+. @sysconfdir@/rc.status
+rc_reset
SERVICE=virtlockd
-PROCESS=virtlockd
-PIDFILE=@localstatedir@/run/libvirt/lockd/$SERVICE.pid
+PROCESS=@sbindir@/virtlockd
+PIDDIR=@localstatedir@/run/libvirt/lockd/
+PIDFILE=$PIDDIR/$SERVICE.pid
VIRTLOCKD_ARGS=
test -f @sysconfdir@/sysconfig/virtlockd && . @sysconfdir@/sysconfig/virtlockd
-RETVAL=0
-
start() {
- echo -n $"Starting $SERVICE daemon: "
- daemon --pidfile $PIDFILE --check $SERVICE $PROCESS --daemon $VIRTLOCKD_ARGS
+ echo -n $"Starting $SERVICE "
+ test -d $PIDDIR || mkdir -p $PIDDIR
+ startproc -p $PIDFILE $PROCESS --pid-file $PIDFILE --daemon $VIRTLOCKD_ARGS
RETVAL=$?
- echo
- [ $RETVAL -eq 0 ] && touch @localstatedir@/lock/subsys/$SERVICE
+ rc_status -v
}
stop() {
- echo -n $"Stopping $SERVICE daemon: "
+ echo -n $"Stopping $SERVICE "
- killproc -p $PIDFILE $PROCESS
+ killproc -p $PIDFILE $PROCESS > /dev/null 2>&1
RETVAL=$?
- echo
+ rc_status -v
if [ $RETVAL -eq 0 ]; then
- rm -f @localstatedir@/lock/subsys/$SERVICE
rm -f $PIDFILE
fi
}
@@ -65,9 +65,7 @@ reload() {
echo -n $"Reloading $SERVICE configuration: "
killproc -p $PIDFILE $PROCESS -HUP
- RETVAL=$?
- echo
- return $RETVAL
+ rc_status
}
# See how we were called.
@@ -76,18 +74,20 @@ case "$1" in
$1
;;
status)
- status -p $PIDFILE $PROCESS
- RETVAL=$?
+ echo -n "Checking status of $SERVICE "
+ checkproc $PROCESS
+ rc_status -v
;;
force-reload)
reload
;;
condrestart|try-restart)
- [ -f @localstatedir@/lock/subsys/$SERVICE ] && restart || :
+ $0 status >/dev/null && restart || :
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|reload|force-reload|try-restart}"
- exit 2
+ rc_failed 2
+ rc_exit
;;
esac
-exit $RETVAL
+rc_exit
++++++ xen-name-for-devid.patch ++++++
Do not search xenstore for disk/network/PCI device IDs
Disk, network, and PCI devices can be referenced by name in Xen,
e.g. when modifying their configuration or remvoving them. As such,
don't search xenstore for a device ID corresponding to these devices.
Instead, search the devices contained in the domain definition and use
the devices's target name if found.
Note that for network devices, the mac address is used for the device
name. For PCI devices, the bdf (bus:dev:fun) specifier is used for
the device name.
This approach allows removing a disk/network/PCI device when domain
is inactive. We obviously can't search xenstore when the domain is
inactive.
Index: libvirt-1.1.2/src/xen/xend_internal.c
===================================================================
--- libvirt-1.1.2.orig/src/xen/xend_internal.c
+++ libvirt-1.1.2/src/xen/xend_internal.c
@@ -70,7 +70,7 @@
#define XEND_RCV_BUF_MAX_LEN (256 * 1024)
static int
-virDomainXMLDevID(virConnectPtr conn, virDomainDefPtr domain,
+virDomainXMLDevID(virConnectPtr conn ATTRIBUTE_UNUSED, virDomainDefPtr domain,
virDomainDeviceDefPtr dev, char *class,
char *ref, int ref_len);
@@ -3314,18 +3314,18 @@ xenDaemonDomainBlockPeek(virConnectPtr c
* Returns 0 in case of success, -1 in case of failure.
*/
static int
-virDomainXMLDevID(virConnectPtr conn,
+virDomainXMLDevID(virConnectPtr conn ATTRIBUTE_UNUSED,
virDomainDefPtr def,
virDomainDeviceDefPtr dev,
char *class,
char *ref,
int ref_len)
{
- xenUnifiedPrivatePtr priv = conn->privateData;
- char *xref;
- char *tmp;
+ unsigned int i;
if (dev->type == VIR_DOMAIN_DEVICE_DISK) {
+ if (dev->data.disk->dst == NULL)
+ return -1;
if (dev->data.disk->driverName &&
STREQ(dev->data.disk->driverName, "tap"))
strcpy(class, "tap");
@@ -3335,19 +3335,17 @@ virDomainXMLDevID(virConnectPtr conn,
else
strcpy(class, "vbd");
- if (dev->data.disk->dst == NULL)
- return -1;
- xenUnifiedLock(priv);
- xref = xenStoreDomainGetDiskID(conn, def->id,
- dev->data.disk->dst);
- xenUnifiedUnlock(priv);
- if (xref == NULL)
- return -1;
-
- tmp = virStrcpy(ref, xref, ref_len);
- VIR_FREE(xref);
- if (tmp == NULL)
- return -1;
+ /* For disks, the device name can be used directly. */
+ for (i = 0; i < def->ndisks; i++) {
+ virDomainDiskDefPtr disk = def->disks[i];
+ if (STREQ(dev->data.disk->dst, disk->dst)) {
+ if (virStrcpy(ref, disk->dst, ref_len) == NULL)
+ return -1;
+ else
+ return 0;
+ }
+ }
+ return -1;
} else if (dev->type == VIR_DOMAIN_DEVICE_NET) {
char mac[VIR_MAC_STRING_BUFLEN];
virDomainNetDefPtr netdef = dev->data.net;
@@ -3355,16 +3353,22 @@ virDomainXMLDevID(virConnectPtr conn,
strcpy(class, "vif");
- xenUnifiedLock(priv);
- xref = xenStoreDomainGetNetworkID(conn, def->id, mac);
- xenUnifiedUnlock(priv);
- if (xref == NULL)
- return -1;
-
- tmp = virStrcpy(ref, xref, ref_len);
- VIR_FREE(xref);
- if (tmp == NULL)
- return -1;
+ /* For nics, the mac address can be used directly. */
+ for (i = 0; i < def->nnets; i++) {
+ char dst_mac[30];
+ virDomainNetDefPtr dst_net = def->nets[i];
+ snprintf(dst_mac, sizeof(dst_mac), "%02x:%02x:%02x:%02x:%02x:%02x",
+ dst_net->mac.addr[0], dst_net->mac.addr[1],
+ dst_net->mac.addr[2], dst_net->mac.addr[3],
+ dst_net->mac.addr[4], dst_net->mac.addr[5]);
+ if (STREQ(mac, dst_mac)) {
+ if (virStrcpy(ref, dst_mac, ref_len) == NULL)
+ return -1;
+ else
+ return 0;
+ }
+ }
+ return -1;
} else if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV &&
dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS &&
dev->data.hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) {
@@ -3380,17 +3384,44 @@ virDomainXMLDevID(virConnectPtr conn,
strcpy(class, "pci");
- xenUnifiedLock(priv);
- xref = xenStoreDomainGetPCIID(conn, def->id, bdf);
- xenUnifiedUnlock(priv);
- VIR_FREE(bdf);
- if (xref == NULL)
- return -1;
+ /* For PCI devices, the device BFD can be used directly. */
+ for (i = 0 ; i < def->nhostdevs ; i++) {
+ char *dst_bdf;
+ virDomainHostdevDefPtr hostdev = def->hostdevs[i];
+
+ if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
+ continue;
+ if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI)
+ continue;
+
+ if (virAsprintf(&dst_bdf, "%04x:%02x:%02x.%0x",
+ hostdev->source.subsys.u.pci.addr.domain,
+ hostdev->source.subsys.u.pci.addr.bus,
+ hostdev->source.subsys.u.pci.addr.slot,
+ hostdev->source.subsys.u.pci.addr.function) < 0) {
+ virReportOOMError();
+ VIR_FREE(bdf);
+ return -1;
+ }
- tmp = virStrcpy(ref, xref, ref_len);
- VIR_FREE(xref);
- if (tmp == NULL)
- return -1;
+ if (STREQ(bdf, dst_bdf)) {
+ if (virStrcpy(ref, dst_bdf, ref_len) == NULL) {
+ virReportOOMError();
+ VIR_FREE(dst_bdf);
+ VIR_FREE(bdf);
+ return -1;
+ }
+ else {
+ VIR_FREE(dst_bdf);
+ VIR_FREE(bdf);
+ return 0;
+ }
+ }
+ VIR_FREE(dst_bdf);
+ }
+
+ VIR_FREE(bdf);
+ return -1;
} else {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("hotplug of device type not supported"));
++++++ xen-pv-cdrom.patch ++++++
Index: libvirt-1.1.2/src/xenxs/xen_sxpr.c
===================================================================
--- libvirt-1.1.2.orig/src/xenxs/xen_sxpr.c
+++ libvirt-1.1.2/src/xenxs/xen_sxpr.c
@@ -327,7 +327,7 @@ error:
static int
xenParseSxprDisks(virDomainDefPtr def,
const struct sexpr *root,
- int hvm,
+ int hvm ATTRIBUTE_UNUSED,
int xendConfigVersion)
{
const struct sexpr *cur, *node;
@@ -378,7 +378,6 @@ xenParseSxprDisks(virDomainDefPtr def,
/* There is a case without the uname to the CD-ROM device */
offset = strchr(dst, ':');
if (!offset ||
- !hvm ||
STRNEQ(offset, ":cdrom")) {
virReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("domain information incomplete, vbd has no src"));
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org