Re: [PATCH v2] virNodeDeviceDefParse: Don't call post-parse callbacks with NULL def

On Mon, Oct 18, 2021 at 02:08:41PM +0200, Peter Krempa wrote: > When parsing of the node device XML fails we'd still call the post-parse > and validation callbacks which makes no sense. Additionally the > callbacks were expecting a non-NULL pointer which leads to a crash. > > Resolves:

[libvirt PATCH] Switch to new GitHub repo-lockdown configuration

The repo-lockdown service used to run as a bot outside GitHub, but has now switched to using the GitHub Actions workflow framework. This requires use of a new configuration file. Signed-off-by: Daniel P. Berrangé --- .github/lockdown.yml | 38 -

Re: [PATCH v2] virsh: Add QMP command wrapping for 'qemu-monitor-command'

On Fri, Sep 17, 2021 at 03:34:56PM +0200, Peter Krempa wrote: > Issuing simple QMP commands is pain as they need to be wrapped by the > JSON wrapper: > > { "execute": "COMMAND" } > > and optionally also: > > { "execute": "COMMAND", "arguments":...} > > For simple commands without arguments

[PATCH v2] virNodeDeviceDefParse: Don't call post-parse callbacks with NULL def

When parsing of the node device XML fails we'd still call the post-parse and validation callbacks which makes no sense. Additionally the callbacks were expecting a non-NULL pointer which leads to a crash. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2014139 Fixes: d5ae634ba28

[PATCH v2 2/2] selinux: Don't ignore ENOENT in Permissive mode

In selinux driver there's virSecuritySELinuxSetFileconImpl() which is responsible for actual setting of SELinux label on given file and handling possible failures. In fhe failure handling code we decide whether failure is fatal or not. But there is a bug: depending on SELinux mode (Permissive vs.

[PATCH v2 0/2] selinux: Don't ignore ENOENT in Permissive mode

v2 of: https://listman.redhat.com/archives/libvir-list/2021-September/msg00553.html diff to v1: - Reworded commit message in 2/2. Michal Prívozník (2): selinux: Swap two blocks handling setfilecon_raw() failure selinux: Don't ignore ENOENT in Permissive mode

[PATCH v2 1/2] selinux: Swap two blocks handling setfilecon_raw() failure

In virSecuritySELinuxSetFileconImpl() we have code that handles setfilecon_raw() failure. The code consists of two blocks: one for dealing with shared filesystem like NFS (errno is ENOTSUP or EROFS) and the other block that's dealing with EPERM for privileged daemon. Well, the order of these two

Re: [PATCH 0/6] qemu: Type-aware generation of properties for -device (part 3)

On a Monday in 2021, Peter Krempa wrote: Kevin's patches were committed upstream, so libvirt can start using the JSON syntax now. This patch adds also validation of the parameters against the QMP schema, but the schema is incomplete for now. Peter Krempa (6): qemucapabilitiestest: Update

Re: [PATCH v4 0/5] Add support for librbd encryption

On Mon, Oct 18, 2021 at 09:28:00 +, Or Ozeri wrote: >Any comments? :) Oops, I meant to get to this last week but somehow it fell under my radar. I'll try to get to this today or tomorrow.

Re: [PATCH] qemu: Decrease scope of variables in qemuConnectGetAllDomainStats()

On Mon, Oct 18, 2021 at 10:54:55AM +0200, Michal Privoznik wrote: > There are two variables (@vm and @domflags) in qemuConnectGetAllDomainStats() > that are used only within the for() loop but declared for entire function. > Bring them into the loop to make it obvious they are not used outside of

Re: [PATCH 0/2] objecteventtest: Two simple improvements

On Fri, Oct 15, 2021 at 04:26:42PM +0200, Michal Privoznik wrote: > *** BLURB HERE *** > > Michal Prívozník (2): > objecteventtest: Drop lifecycleEventCounter_reset() > objecteventtest: Don't overwrite @ret on failure > > tests/objecteventtest.c | 129

Re: [PATCH v4 0/5] Add support for librbd encryption

Any comments? :)-"Or Ozeri" wrote: -To: libvir-list@redhat.comFrom: "Or Ozeri" Date: 10/07/2021 10:21PMCc: to.my.troc...@gmail.com, dan...@il.ibm.com, idryo...@gmail.com, "Or Ozeri" Subject: [PATCH v4 0/5] Add support for librbd

[PATCH v2 0/2] qemu: Move 2 pid files to stateDir

This is v2 of: https://listman.redhat.com/archives/libvir-list/2021-October/msg00535.html v1 -> v2: - Fix compatibility with old version libvirt [Michal] Peng Liang (2): qemu: Move pid file of pr-helper to stateDir qemu: Move pid file of virtiofsd to stateDir src/qemu/qemu_process.c | 22

[PATCH v2 2/2] qemu: Move pid file of virtiofsd to stateDir

Libvirt will put the pid file of virtiofsd to per-domain directory. However, the ownership of the per-domain directory is the user to run the QEMU process and the user has the write permission of the directory. If VM escape occurs, the attacker can 1. write arbitrary content to the pid file (if

[PATCH v2 1/2] qemu: Move pid file of pr-helper to stateDir

Libvirt will put the pid file of pr-helper to per-domain directory. However, the ownership of the per-domain directory is the user to run the QEMU process and the user has the write permission of the directory. If VM escape occurs, the attacker can 1. write arbitrary content to the pid file (if

Re: [PATCH] virNodeDeviceDefParse: Don't call post-parse callbacks with NULL def

On 10/18/21 9:58 AM, Peter Krempa wrote: > When parsing of the node device XML we'd still call the post-parse and > validation callbacks which makes no sense. Additionally the callbacks > were expecting a non-NULL pointer which leads to a crash. > > Resolves:

[PATCH] qemu: Decrease scope of variables in qemuConnectGetAllDomainStats()

There are two variables (@vm and @domflags) in qemuConnectGetAllDomainStats() that are used only within the for() loop but declared for entire function. Bring them into the loop to make it obvious they are not used outside of it. Signed-off-by: Michal Privoznik --- src/qemu/qemu_driver.c | 7

Re: [PATCH 0/4] Fix the bug about virsh domstats on qemu <5.2.0

On 10/18/21 4:16 AM, Hiroki Narukawa wrote: > Thank you for your review, I checked your suggestions in each patch, and I > agree to all the suggested changes. > Awesome! I've merged these. Thanks! Michal

[PATCH] virNodeDeviceDefParse: Don't call post-parse callbacks with NULL def

When parsing of the node device XML we'd still call the post-parse and validation callbacks which makes no sense. Additionally the callbacks were expecting a non-NULL pointer which leads to a crash. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2014139 Fixes: d5ae634ba28 Signed-off-by:

[PATCH 0/6] qemu: Type-aware generation of properties for -device (part 3)

Kevin's patches were committed upstream, so libvirt can start using the JSON syntax now. This patch adds also validation of the parameters against the QMP schema, but the schema is incomplete for now. Peter Krempa (6): qemucapabilitiestest: Update qemu-6.2 cycle capability test data

[PATCH 5/6] testCompareXMLToArgvValidateSchemaCommand: Add validation for '-device'

Now that we use JSON with -device we can validate it at least partially (since the schema for 'device_add' is for now incomplete) against the QMP schema. Signed-off-by: Peter Krempa --- tests/qemuxml2argvtest.c | 12 1 file changed, 8 insertions(+), 4 deletions(-) diff --git

[PATCH 2/6] testQEMUSchemaValidateCommand: Add possibility for partial QMP validation

The QMP schema for 'device_add' is not complete yet. Allow validation of incomplete schema so that we can enable at least some validation. Once there's more schema in the future all present members are still validated. Signed-off-by: Peter Krempa --- tests/qemumigparamstest.c | 1 +

[PATCH 6/6] NEWS: Mention conversion of '-device' to JSON starting with QEMU-6.2

Normally this would be considered an internal detail which we don't document in the news, but in this case I'd like to make people aware of the change so that they preferrably report them ASAP. Signed-off-by: Peter Krempa --- NEWS.rst | 7 +++ 1 file changed, 7 insertions(+) diff --git

[PATCH 3/6] qemuMonitorTestProcessCommandDefaultValidate: Partially validate 'device_add'

Use the 'allowIncomplete' argument of testQEMUSchemaValidateCommand to validate at least properties which are already described by the schema. Signed-off-by: Peter Krempa --- tests/qemumonitortestutils.c | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git

[PATCH 1/6] qemucapabilitiestest: Update qemu-6.2 cycle capability test data

Update to v6.1.0-1510-gc148a05721 which most notably adds the 'json-cli' feature for 'device_add' QMP command meaning that -device accepts JSON. Signed-off-by: Peter Krempa --- .../caps_6.2.0.x86_64.replies | 99 ++- .../caps_6.2.0.x86_64.xml

[PATCH 2/2] conf/test: add a negative test for invalid 'acpi-bridge-hotplug' configuration

'acpi-bridge-hotplug' global config only supports 'state=off|on' attribute. Any other attributes are invalid. Added a unit test to make sure we fail in case an invalid config option is specified. Signed-off-by: Ani Sinha --- ...i-bridge-hotplug-invalid.x86_64-latest.err | 1 +

[PATCH 1/2] conf/test: add a negative unit test for invalid pci feature config

This change adds a negative unit test to make sure that invalid or unknown pci related features specified in the input domain xml file will result in an error. Signed-off-by: Ani Sinha --- .../pci-feature-invalid.x86_64-latest.err | 1 + .../qemuxml2argvdata/pci-feature-invalid.xml | 25

Add a couple of negative unit tests

This patch series adds a couple of negative unit tests in order to make sure we fail in case of invalid conf options. * [PATCH 1/2] conf/test: add a negative unit test for invalid pci Above patch makes sure we fail if invalid pci specific global feature is specified. * [PATCH 2/2] conf/test: