On 4/3/19 8:00 AM, Daniel P. Berrangé wrote:
The virDomainGetHostname API is fetching guest information and this may
involve use of an untrusted guest agent. As such its use must be
forbidden on a read-only connection to libvirt.
Fixes CVE-2019-3886
Signed-off-by: Daniel P. Berrangé
---
On 4/2/19 3:42 AM, Michal Privoznik wrote:
On 4/2/19 10:58 AM, Daniel P. Berrangé wrote:
On Mon, Apr 01, 2019 at 06:03:29PM +0100, Daniel P. Berrangé wrote:
Quite a few of the tests have a need to mock the stat() / lstat()
functions and they are taking somewhat different & inconsistent
On 4/3/19 8:00 AM, Daniel P. Berrangé wrote:
Getting the guest time and hostname both require use of guest agent
commands. These must not be allowed for read-only users, so the
permissions check must validate "write" permission not "read".
Fixes CVE-2019-3886
Signed-off-by: Daniel P. Berrangé
virConnectGetAllDomainStats, used unconditionally, was introduced in
libvirt 1.2.8.
Signed-off-by: Pino Toscano
---
configure.ac| 2 +-
libvirt/libvirt.mli | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure.ac b/configure.ac
index 7d923bf..a463dba 100644
Wrap the virConnectGetDomainCapabilities C API.
Signed-off-by: Pino Toscano
---
libvirt/libvirt.ml | 2 ++
libvirt/libvirt.mli | 16
libvirt/libvirt_c_oneoffs.c | 16
3 files changed, 34 insertions(+)
diff --git a/libvirt/libvirt.ml
Signed-off-by: Pino Toscano
---
libvirt/libvirt.ml | 10 ++
libvirt/libvirt.mli | 5 +
libvirt/libvirt_c_epilogue.c | 4 ++--
3 files changed, 17 insertions(+), 2 deletions(-)
diff --git a/libvirt/libvirt.ml b/libvirt/libvirt.ml
index c7c5ffc..d935bfc 100644
---
Raise the libvirt version to the de-facto requirement, and add a new
API which will be useful. Also, sync Virterror with libvirt.
Pino Toscano (3):
build: bump required libvirt to 1.2.8
Implement Connect.get_domain_capabilities
Synchronize Virterror with libvirt 5.2.0
configure.ac
This is a locally used helper struct but we can make use of automatic
freeing for it.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_block.c | 9 +
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index 822ba44e18..2017eca139
Demonstrate how VIR_RETURN_PTR by refactoring qemu_block.c
Signed-off-by: Peter Krempa
---
src/qemu/qemu_block.c | 48 +++
1 file changed, 12 insertions(+), 36 deletions(-)
diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index
Signed-off-by: Peter Krempa
---
src/qemu/qemu_block.c | 24
1 file changed, 8 insertions(+), 16 deletions(-)
diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index b00f4c6f8e..822ba44e18 100644
--- a/src/qemu/qemu_block.c
+++ b/src/qemu/qemu_block.c
@@ -293,7
With the introduction of more and more internal data types which support
VIR_AUTOPTR it's becoming common to see the following pattern:
VIR_AUTOPTR(virSomething) some = NULL
virSomethingPtr ret = NULL;
... (ret is not touched ) ...
VIR_STEAL_PTR(ret, some);
return ret;
This patch
Signed-off-by: Peter Krempa
---
src/qemu/qemu_block.c | 206 +++---
1 file changed, 72 insertions(+), 134 deletions(-)
diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index 2017eca139..31800919a7 100644
--- a/src/qemu/qemu_block.c
+++
Signed-off-by: Peter Krempa
---
src/util/viruri.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/util/viruri.h b/src/util/viruri.h
index b6e97dafe6..f5b472860e 100644
--- a/src/util/viruri.h
+++ b/src/util/viruri.h
@@ -25,6 +25,7 @@
# include "internal.h"
# include "virconf.h"
+#
The function open-codes addition into an array. Use the helper instead.
Signed-off-by: Peter Krempa
---
src/util/virjson.c | 19 +++
1 file changed, 7 insertions(+), 12 deletions(-)
diff --git a/src/util/virjson.c b/src/util/virjson.c
index 1dceb746b9..7b874bf2ec 100644
---
Signed-off-by: Peter Krempa
---
src/qemu/qemu_block.c | 80 ---
1 file changed, 29 insertions(+), 51 deletions(-)
diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index 7961d31978..769e07d3d8 100644
--- a/src/qemu/qemu_block.c
+++
Signed-off-by: Peter Krempa
---
src/qemu/qemu_block.c | 6 ++
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index 769e07d3d8..0504a79957 100644
--- a/src/qemu/qemu_block.c
+++ b/src/qemu/qemu_block.c
@@ -435,7 +435,7 @@
Few patches require
https://www.redhat.com/archives/libvir-list/2019-April/msg00324.html
to be applied.
This is a collection of cleanups and improvements from my blockdev
branch which make sense even without the rest of the blockdev patches.
Peter Krempa (11):
qemu: block: Introduce and use
Signed-off-by: Peter Krempa
---
src/qemu/qemu_block.c | 16 +++-
1 file changed, 7 insertions(+), 9 deletions(-)
diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index 0504a79957..b00f4c6f8e 100644
--- a/src/qemu/qemu_block.c
+++ b/src/qemu/qemu_block.c
@@ -240,8 +240,8 @@
Signed-off-by: Peter Krempa
---
src/qemu/qemu_block.c | 3 +--
src/qemu/qemu_block.h | 3 +++
src/qemu/qemu_command.c | 14 +++---
src/qemu/qemu_hotplug.c | 9 +++--
src/qemu/qemu_migration.c | 3 +--
5 files changed, 15 insertions(+), 17 deletions(-)
diff --git
---
en-US/Guest_Domains.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/en-US/Guest_Domains.xml b/en-US/Guest_Domains.xml
index c15bbb8..2a4ef7c 100644
--- a/en-US/Guest_Domains.xml
+++ b/en-US/Guest_Domains.xml
@@ -88,7 +88,7 @@ dom = virDomainLookupByID(conn, domainID);
On Fri, 2019-04-05 at 16:12 +0100, Daniel P. Berrangé wrote:
[...]
> +} else if (what == "devs") {
> +form.setAttribute("action", "https://google.com/search;);
> +newq.setAttribute("name", "q");
> +newq.value = "site:redhat.com inurl:/archives/libvir-list " +
>
On Fri, Apr 05, 2019 at 05:45:10PM +0200, Andrea Bolognani wrote:
> On Fri, 2019-04-05 at 17:38 +0200, Andrea Bolognani wrote:
> > On Fri, 2019-04-05 at 16:12 +0100, Daniel P. Berrangé wrote:
> > > Instead of duplicating javascript in every single page, put it in a
> > > standalone file which can
On Fri, 2019-04-05 at 17:38 +0200, Andrea Bolognani wrote:
> On Fri, 2019-04-05 at 16:12 +0100, Daniel P. Berrangé wrote:
> > Instead of duplicating javascript in every single page, put it in a
> > standalone file which can be cached by the browser.
> >
> > Signed-off-by: Daniel P. Berrangé
> >
On Fri, 2019-04-05 at 16:12 +0100, Daniel P. Berrangé wrote:
> Instead of duplicating javascript in every single page, put it in a
> standalone file which can be cached by the browser.
>
> Signed-off-by: Daniel P. Berrangé
> ---
> docs/Makefile.am | 1 +
> docs/main.js | 25
On Fri, 2019-04-05 at 16:12 +0100, Daniel P. Berrangé wrote:
> Signed-off-by: Daniel P. Berrangé
> ---
> docs/Makefile.am | 14 +-
> 1 file changed, 13 insertions(+), 1 deletion(-)
Reviewed-by: Andrea Bolognani
--
Andrea Bolognani / Red Hat / Virtualization
--
libvir-list
Allow targetting the search scope to the website, wiki or mailing lists
only. When javascript is disabled this should gracefully fallback to
only searching the website.
Signed-off-by: Daniel P. Berrangé
---
docs/js/main.js | 77
docs/libvirt.css
Instead of duplicating javascript in every single page, put it in a
standalone file which can be cached by the browser.
Signed-off-by: Daniel P. Berrangé
---
docs/Makefile.am | 1 +
docs/main.js | 25 +
docs/page.xsl| 35 +++
3
Andrea suggested it would be nice to redirect the search box to a local
search page which then let the user submit a site-restricted search to
google for website vs wiki vs mailing lists.
I took a slightly different approach here, and instead simply popup an
extra set of radio buttons below the
Signed-off-by: Daniel P. Berrangé
---
docs/Makefile.am | 14 +-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/docs/Makefile.am b/docs/Makefile.am
index ebdc734ddd..2a9d99071c 100644
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -55,6 +55,12 @@ css = \
mobile.css
On Fri, Apr 05, 2019 at 04:53:49PM +0200, Andrea Bolognani wrote:
> On Fri, 2019-04-05 at 14:30 +0100, Daniel P. Berrangé wrote:
> > Allow targetting the search scope to the website, wiki or mailing lists
> > only. When javascript is disabled this should gracefully fallback to
> > only searching
On Fri, 2019-04-05 at 14:30 +0100, Daniel P. Berrangé wrote:
> Allow targetting the search scope to the website, wiki or mailing lists
> only. When javascript is disabled this should gracefully fallback to
> only searching the website.
I'm sure if the fallback doesn't work one of the many libvirt
On Fri, Apr 05, 2019 at 04:35:27PM +0200, Andrea Bolognani wrote:
> On Fri, 2019-04-05 at 14:30 +0100, Daniel P. Berrangé wrote:
> > Instead of duplicating javascript in every single page, put it in a
> > standalone file which can be cached by the browser.
> >
> > Signed-off-by: Daniel P.
On Fri, 2019-04-05 at 14:30 +0100, Daniel P. Berrangé wrote:
> Instead of duplicating javascript in every single page, put it in a
> standalone file which can be cached by the browser.
>
> Signed-off-by: Daniel P. Berrangé
> ---
> docs/main.js | 25 +
> docs/page.xsl |
On Tue, Apr 02, 2019 at 11:02:06AM +0100, Daniel P. Berrangé wrote:
The example programs emitted a number of warnings even without having
the WARN_CFLAGS set. Once they were set a bunch more flaws came to
light. Fix them all and enforce warnings so that the example programs
are higher quality
Instead of duplicating javascript in every single page, put it in a
standalone file which can be cached by the browser.
Signed-off-by: Daniel P. Berrangé
---
docs/main.js | 25 +
docs/page.xsl | 35 +++
2 files changed, 28 insertions(+),
Allow targetting the search scope to the website, wiki or mailing lists
only. When javascript is disabled this should gracefully fallback to
only searching the website.
Signed-off-by: Daniel P. Berrangé
---
docs/libvirt.css | 40
docs/main.js | 44
Andrea suggested it would be nice to redirect the search box to a local
search page which then let the user submit a site-restricted search to
google for website vs wiki vs mailing lists.
I took a slightly different approach here, and instead simply popup an
extra set of radio buttons below the
So, what's my course of action here?
Daniel P. Berrangé [2019-04-04, 11:32AM +0100]:
> I guess the obvious extra thing to want to report is CPU registers, since
> the crash info is largely containing register and/or memory address info.
Sounds reasonable if we go with the virDomainGetCPUState
On Fri, Apr 05, 2019 at 10:42:25AM +0200, Michal Privoznik wrote:
> On 4/3/19 8:34 PM, Syed Humaid wrote:
> > From: Humaid
> >
> > Converted few instances of virSaveLastError() to virErrorPreserveLast() as
> > per the newer internal APIs for saving and restoring error reports.
> >
>
> Please
On 4/5/19 10:31 AM, Daniel P. Berrangé wrote:
On Fri, Apr 05, 2019 at 09:19:48AM +0200, Michal Privoznik wrote:
If a management application wants to use firmware auto selection
feature it can't currently know if the libvirtd it's talking to
support is or not. Moreover, it doesn't know which
On 4/3/19 8:34 PM, Syed Humaid wrote:
From: Humaid
Converted few instances of virSaveLastError() to virErrorPreserveLast() as per
the newer internal APIs for saving and restoring error reports.
Please split this long line.
Signed-off-by: Syed Humaid
---
src/libvirt-domain.c | 6
On Fri, Apr 05, 2019 at 09:19:48AM +0200, Michal Privoznik wrote:
> If a management application wants to use firmware auto selection
> feature it can't currently know if the libvirtd it's talking to
> support is or not. Moreover, it doesn't know which values that
> are accepted for the @firmware
Some devices that we want to emit event for do not have an alias.
Rework event emitting to make code more generic.
Signed-off-by: Michal Privoznik
---
src/qemu/qemu_driver.c | 36
1 file changed, 16 insertions(+), 20 deletions(-)
diff --git
https://bugzilla.redhat.com/show_bug.cgi?id=1639228
This event will be emitted whenever a lease is attached or
detached.
Signed-off-by: Michal Privoznik
---
examples/object-events/event-test.c | 34 +++
include/libvirt/libvirt-domain.h| 33 +++
src/conf/domain_event.c
https://bugzilla.redhat.com/show_bug.cgi?id=1639228
Signed-off-by: Michal Privoznik
---
src/qemu/qemu_driver.c | 7 ++-
src/qemu/qemu_hotplug.c | 7 +++
2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index
Unfortunately, we can't emit VIR_DOMAIN_EVENT_ID_DEVICE_ADDED or
VIR_DOMAIN_EVENT_ID_DEVICE_REMOVED event because that carries device
alias within itself and leases don't have one.
Michal Prívozník (3):
qemuDomainAttachDeviceLive: Rework event emitting
Introduce
On Thu, Apr 04, 2019 at 04:46:25PM +0200, Andrea Bolognani wrote:
> On Thu, 2019-04-04 at 15:29 +0100, Daniel P. Berrangé wrote:
> > On Thu, Apr 04, 2019 at 10:25:52AM +0200, Andrea Bolognani wrote:
> > > I would, however, suggest a slightly different implementation than
> > > what you have here,
The point of this API is to fetch all FW descriptors, parse them
and return list of supported interfaces for given combination of
machine type and guest architecture.
Signed-off-by: Michal Privoznik
---
src/qemu/qemu_firmware.c | 51 ++-
src/qemu/qemu_firmware.h
This part of the code will be reused later.
Signed-off-by: Michal Privoznik
---
src/qemu/qemu_firmware.c | 47 +---
1 file changed, 29 insertions(+), 18 deletions(-)
diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c
index
If a management application wants to use firmware auto selection
feature it can't currently know if the libvirtd it's talking to
support is or not. Moreover, it doesn't know which values that
are accepted for the @firmware attribute of when parsing
will allow successful start of the domain later,
Motivated by discussion with Pino and others.
Michal Prívozník (4):
qemu_firmware: Separate firmware loading into a function
qemu_firmware: Separate machine and arch matching into a function
qemu_firmware: Introduce qemuFirmwareGetSupported
domain capabilities: Expose firmware auto
This piece of code will be reused later.
Signed-off-by: Michal Privoznik
---
src/qemu/qemu_firmware.c | 53
1 file changed, 38 insertions(+), 15 deletions(-)
diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c
index 787b76b531..065e0d11aa
On 04.04.2019 17:48, Cole Robinson wrote:
> On 4/4/19 2:57 AM, Nikolay Shirokovskiy wrote:
>>
>>
>> On 03.04.2019 23:44, Cole Robinson wrote:
>>> On 3/18/19 5:08 AM, Nikolay Shirokovskiy wrote:
Stream/fd callbacks accessing console object are called from the
event loop thread and the
On Thu, Apr 04, 2019 at 15:29:30 -0500, Eric Blake wrote:
> On 4/4/19 3:16 PM, Eric Blake wrote:
> > On 3/22/19 1:00 PM, Peter Krempa wrote:
> >> There was only one caller, remove the unnecessary wrapper.
> >>
> >> Signed-off-by: Peter Krempa
> >> ---
> >> src/conf/domain_conf.c | 60
54 matches
Mail list logo