Re: [libvirt] [PATCH] virlog: determine the hostname on startup CVE-2018-XXX

On 02/07/2018 02:13 PM, Daniel P. Berrangé wrote: > On Wed, Feb 07, 2018 at 09:58:21AM +0530, P J P wrote: >> +-- On Mon, 5 Feb 2018, Daniel P. Berrangé wrote --+ >> | From: Lubomir Rintel >> | >> | At later point it might not be possible or even safe to use getaddrinfo(). >> It

Re: [libvirt] [PATCH] qemu: Alter condition to avoid possible NULL deref

At 2018-02-09 23:33:38, "John Ferlan" wrote: >Commit 'f0f2a5ec2' neglected to adjust the if condition to split >out the possibility that the @watchdog is NULL when altering the >message to add detail about the model. > >Just split out the condition and use previous/original

Re: [libvirt] [PATCH v3 08/15] conf: expand network device callbacks to cover resolving NIC type

On 02/05/2018 10:28 AM, Daniel P. Berrangé wrote: > Currently the QEMU driver will call directly into the network driver > impl to modify resolve the atual type of NICs with type=network. It > has todo this before it has allocated the actual NIC. This introduces > a callback system to allow us

Re: [libvirt] [PATCH] util: netlink: fix the mismatch parameter description of functions

On 02/06/2018 06:38 AM, Chen Hanxiao wrote: > From: Chen Hanxiao > > Some of netlink functions don't have the right > @parameters description according to the declaration of function. > > This patch fix them. > > Signed-off-by: Chen Hanxiao >

[libvirt] [PATCH 5/6] qemu: stop passing in virConnectPtr for looking up networks

When setting up graphics, we sometimes need to resolve networks, requiring the caller to pass in a virConnectPtr, except sometimes they pass in NULL. Use virGetConnectNetwork() to acquire the connection to the network driver when it is needed. Signed-off-by: Daniel P. Berrangé

[libvirt] [PATCH 3/6] conf: stop passing virConnectPtr into virDomainDiskTranslateSourcePool

Rather than expecting callers to pass a virConnectPtr into the virDomainDiskTranslateSourcePool() method, just acquire a connection to the storage driver when needed. Signed-off-by: Daniel P. Berrangé --- src/conf/domain_conf.c | 10 +++--- src/conf/domain_conf.h | 3

[libvirt] [PATCH 0/6] Cleanups in QEMU driver wrt virConnectPtr

There are many places we can stop passing around virConnectPtr now and directly open secondary drivers where required instead. Daniel P. Berrangé (6): conf: reimplement virDomainNetResolveActualType in terms of public API qemu: stop passing virConnectPtr into qemuMonitorStartCPUs conf: stop

[libvirt] [PATCH 1/6] conf: reimplement virDomainNetResolveActualType in terms of public API

Now that we have the ability to easily open connections to secondary drivers, eg network:///system, it is possible to reimplement the virDomainNetResolveActualType method in terms of the public API. This avoids the need to have the network driver provide a callback for it. Signed-off-by: Daniel

[libvirt] [PATCH 4/6] qemu: don't pass virConnectPtr around for secrets

During domain startup there are many places where we need to acquire secrets. Currently code passes around a virConnectPtr, except in the places where we pass in NULL. So there are a few codepaths where ability to start guests using secrets will fail. Change to acquire a handle to the secret

[libvirt] [PATCH 2/6] qemu: stop passing virConnectPtr into qemuMonitorStartCPUs

There is a long standing hack to pass a virConnectPtr into the qemuMonitorStartCPUs method, so that when the text monitor prompts for a disk password, we can lookup virSecretPtr objects. This causes us to have to pass a virConnectPtr around through countless methods up the call chainexcept

[libvirt] [PATCH 6/6] qemu: remove virConnectPtr from some more startup code paths

There's a few places in startup code paths which pass around a virConnectPtr which is no longer required. Specifically, the qemuProcessStart() method now only requires a non-NULL connection if autodestroy is requested. Signed-off-by: Daniel P. Berrangé ---

Re: [libvirt] [PATCH] qemu: Remove redundancy from qemuBuildControllerDevStr()

On 02/09/2018 11:15 AM, Andrea Bolognani wrote: > Several PCI controllers are handled the same and can thus > be squashed together. > > Signed-off-by: Andrea Bolognani > --- > src/qemu/qemu_command.c | 17 ++--- > 1 file changed, 2 insertions(+), 15

Re: [libvirt] [PATCH] qemu: Error out on invalid pci-root controller model name

On 02/09/2018 11:15 AM, Andrea Bolognani wrote: > This is a hard error, and should be handled as such. > Introduced in 24614760228b. > > Signed-off-by: Andrea Bolognani > --- > src/qemu/qemu_domain.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > Doh...

[libvirt] ANNOUNCE: libguestfs 1.38 released

I'm pleased to announce libguestfs 1.38, a library and a set of tools for accessing and modifying virtual machine disk images. This release represents about a year of work by many contributors. I'd like to call out in particular substantial contributions from: Cédric Bosdonnat, Pavel Butsykin,

[libvirt] [PATCH] qemu: Remove redundancy from qemuBuildControllerDevStr()

Several PCI controllers are handled the same and can thus be squashed together. Signed-off-by: Andrea Bolognani --- src/qemu/qemu_command.c | 17 ++--- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/src/qemu/qemu_command.c

[libvirt] [PATCH] qemu: Error out on invalid pci-root controller model name

This is a hard error, and should be handled as such. Introduced in 24614760228b. Signed-off-by: Andrea Bolognani --- src/qemu/qemu_domain.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index

[libvirt] [PATCH] qemu: Fix indentation in qemuDomainDeviceDefValidateControllerPCI()

Signed-off-by: Andrea Bolognani --- Pushed as trivial. src/qemu/qemu_domain.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 84207db16..16833474a 100644 --- a/src/qemu/qemu_domain.c +++

Re: [libvirt] [PATCH] qemu: fix migration with local and VIR_STORAGE_TYPE_NETWORK disks

On 02/09/2018 04:15 AM, Daniel P. Berrangé wrote: On Thu, Feb 08, 2018 at 01:24:58PM -0600, Chris Friesen wrote: Given your comment above about "I don't want to see the semantics of that change", it sounds like you're suggesting: 1) If there are any non-shared non-readonly network drives

Re: [libvirt] [PATCH] qemu: command: Extract formatting of floppy related stuff into a helper

On Thu, Feb 08, 2018 at 03:25:25PM +0100, Peter Krempa wrote: The floppy command formatting is special-cased since it does not directly translate to a single '-device' argument. Move the code from qemuBuildDiskDriveCommandLine to a new helper function so that all the related code is together.

[libvirt] [PATCH] qemu: Alter condition to avoid possible NULL deref

Commit 'f0f2a5ec2' neglected to adjust the if condition to split out the possibility that the @watchdog is NULL when altering the message to add detail about the model. Just split out the condition and use previous/original message, but with the new message code. Found by Coverity

Re: [libvirt] [tck PATCH v2 2/5] default to no nwfilter in test domains

On 02/08/2018 06:10 PM, Stefan Berger wrote: > All tests now have an explicit filter since 230-no-mac-broadcast.t got > one in the previous patch. All the *nwfilter* tests now have an explicit filter. There are also several tests in the domain, qemu, and selinux directories (and one in hooks)

[libvirt] [PATCH] rpc: export xdr_virNetMessageError for virnetmessagetest on Win32

The Win32 symbol export file format can't do wildcards, so none of the 'xdr_*' symbols are exported from the libvirt DLL. This doesn't matter generally since the RPC client is built into the DLL and we don't build libvirtd on Win32. The virnetmessagetest, however, does require

[libvirt] [PATCH 2/2] qemu: conf: Network stats support for hostdev VF Representor

In case of , return stats if its a Switchdev VF Representor interface of pci SR-IOV device. --- src/conf/domain_conf.c | 7 +++ src/qemu/qemu_driver.c | 34 ++ 2 files changed, 37 insertions(+), 4 deletions(-) diff --git a/src/conf/domain_conf.c

[libvirt] [PATCH 1/2] util: Add helper APIs to get/verify VF Representor name

Switchdev VF Representor interface name on host is derived based on BDF of pci SR-IOV device in 'hostdev' and querying required net sysfs entries on host. --- po/POTFILES.in | 1 + src/Makefile.am | 1 + src/libvirt_private.syms| 5 + src/util/virhostdev.c

[libvirt] [PATCH 0/2] Support network stats for hostdev(SR-IOV) in Switchdev mode

With availability of switchdev model in linux, it is possible to capture stats for hostdev SR-IOV VFs using its VF representor interface name on host for nics supporting switchdev model. These stats are supported by adding helper APIs for getting VF Representor name based on BDF info in 'hostdev'

[libvirt] [PATCH python] tests: add special case for virStoragePoolLookupByTargetPath

This new API trips up the sanity test for checking mapping of all C APIs into Python. Signed-off-by: Daniel P. Berrangé --- Pushed as build fix. sanitytest.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sanitytest.py b/sanitytest.py index

Re: [libvirt] [tck PATCH v2 0/5] Fix libvirt-tck nwfilter tests

On Fri, Feb 09, 2018 at 08:12:15AM -0500, John Ferlan wrote: > > > On 02/08/2018 02:19 PM, Laine Stump wrote: > > I've pushed the patches that passed review. These patches split a > > single patch from V1 into 2 patches, repost one patch that had no > > response, calls out a single line that had

Re: [libvirt] [PATCH v5 1/3] nwfilter: Convert _virNWFilterObj to use virObjectRWLockable

On 02/09/2018 03:41 AM, Michal Privoznik wrote: > On 02/08/2018 04:06 PM, John Ferlan wrote: >> [...] >> >> +static void >> +virNWFilterObjPromoteToWrite(virNWFilterObjPtr obj) >> +{ >> +virObjectRWUnlock(obj); >> +virObjectRWLockWrite(obj); >> +} > > How

Re: [libvirt] [tck PATCH v2 0/5] Fix libvirt-tck nwfilter tests

On 02/08/2018 02:19 PM, Laine Stump wrote: > I've pushed the patches that passed review. These patches split a > single patch from V1 into 2 patches, repost one patch that had no > response, calls out a single line that had sneaked into one of the > ACKed patches, and remove all tabs from perl

Re: [libvirt] [PATCH v5 2/3] nwfilter: Convert _virNWFilterObjList to use virObjectRWLockable

On 02/09/2018 01:48 AM, Michal Privoznik wrote: On 02/08/2018 10:13 PM, Stefan Berger wrote: On 02/08/2018 08:13 AM, Michal Privoznik wrote: On 02/06/2018 08:20 PM, John Ferlan wrote: Implement the self locking object list for nwfilter object lists that uses two hash tables to store the

Re: [libvirt] [tck PATCH v2 2/5] default to no nwfilter in test domains

On Thu, Feb 08, 2018 at 02:19:36PM -0500, Laine Stump wrote: > When the nwfilter tests were added, the config for *all* test domains > was changed to apply the "clean-traffic" filter. This doesn't have an > ill effect on any test that I know of, but if nwfilter code happened > to be broken in just

Re: [libvirt] [PATCH v4 4/8] libxl: do not enable nested HVM unless global nested_hvm option enabled

On Thu, Feb 08, 2018 at 11:58:57PM +0100, Marek Marczykowski-Górecki wrote: > Introduce global libxl option for enabling nested HVM feature, similar > to kvm module parameter. This will prevent enabling experimental feature > by mere presence of element in domain > config, unless explicitly

Re: [libvirt] [tck PATCH v2 1/5] parameterize filterref in generic_domain

On Thu, Feb 08, 2018 at 02:19:35PM -0500, Laine Stump wrote: > The default filterref is still clean-traffic, but we can now set it to > "no-broadcast-mac" for the test by that same name. > > This corrects a problem with the no-mac-broadcast test, which was > checking to see that packets with a

Re: [libvirt] [tck PATCH v2 4/5] kill dhclient before attempting to change guest IP in no-ip-spoofing test

On Thu, Feb 08, 2018 at 02:19:38PM -0500, Laine Stump wrote: > This test changes the IP address of the guest interface so that it can > send out a packet with a different source IP address. It may have > worked properly with older versions of Fedora running on the test > guest, but at least in

Re: [libvirt] [tck PATCH v2 3/5] filter for proper IP address in tcpdump looking for broadcast packet

On Thu, Feb 08, 2018 at 02:19:37PM -0500, Laine Stump wrote: > In the no-mac-broadcast test, a ping is sent to 192.168.122.255, but > tcpdump is set to look for packets with a destination IP of > 255.255.255.255. Change it to check for the correct IP address and > also for mac broadcast (which is

Re: [libvirt] [tck PATCH v2 5/5] untabify all perl and sh files

On Thu, Feb 08, 2018 at 02:19:39PM -0500, Laine Stump wrote: > verified that only tabs were removed by running "git diff -w". > > Signed-off-by: Laine Stump > --- > lib/Sys/Virt/TCK.pm | 544 > +++ >

Re: [libvirt] [PATCH] qemu: fix migration with local and VIR_STORAGE_TYPE_NETWORK disks

On Thu, Feb 08, 2018 at 01:24:58PM -0600, Chris Friesen wrote: > On 02/08/2018 03:07 AM, Daniel P. Berrangé wrote: > > On Wed, Feb 07, 2018 at 01:11:33PM -0600, Chris Friesen wrote: > > > Are you okay with the other change? > > > > That part of the code was intended to be funtionally identical to

Re: [libvirt] [PATCH v5 1/3] nwfilter: Convert _virNWFilterObj to use virObjectRWLockable

On 02/08/2018 04:06 PM, John Ferlan wrote: > [...] > > +static void > +virNWFilterObjPromoteToWrite(virNWFilterObjPtr obj) > +{ > +virObjectRWUnlock(obj); > +virObjectRWLockWrite(obj); > +} How can this not deadlock? This will work only if @obj is locked