util: Move virIsDevMapperDevice() to virdevmapper.c
virdevmapper: Don't use libdevmapper to obtain dependencies
Signed-off-by: Jiajie Li <lijiajie11@huawei.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
CVE-2020-14339
When building domain's private /dev in a namespace, libdevmapper
is consulted for getting full dependency tree of domain's disks.
The reason is that for a multipath devices all dependent devices
must be created in the namespace and allowed in CGroups.
However, this approach is very fragile as building of namespace
happens in the forked off child process, after mass close of FDs
and just before dropping privileges and execing QEMU. And it so
happens that when calling libdevmapper APIs, one of them opens
/dev/mapper/control and saves the FD into a global variable. The
FD is kept open until the lib is unlinked or dm_lib_release() is
called explicitly. We are doing neither.
However, the virDevMapperGetTargets() function is called also
from libvirtd (when setting up CGroups) and thus has to be thread
safe. Unfortunately, libdevmapper APIs are not thread safe (nor
async signal safe) and thus we can't use them. Reimplement what
libdevmapper would do using plain C (ioctl()-s, /proc/devices
parsing, /dev/mapper dirwalking, and so on).
Fixes: a30078cb832646177defd256e77c632905f1e6d0
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1858260
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
cherry-pick from commit 22494556542c676d1b9e7f1c1f2ea13ac17e1e3e
Signed-off-by: Jiajie Li <lijiajie11@huawei.com>
CVE-2020-14339
When introducing virdevmapper.c (in v4.3.0-rc1~427) I didn't
realize there is a function that calls in devmapper. The function
is called virIsDevMapperDevice() and lives in virutil.c. Now that
we have a special file for handling devmapper move it there.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
cherry-pick from commit dfa0e118f745fe3f4fe95975c6100f0fc6d788be
Signed-off-by: Jiajie Li <lijiajie11@huawei.com>
rpc: gendispatch: handle empty flags
rpc: add support for filtering @acls by uint params
rpc: require write acl for guest agent in virDomainInterfaceAddresses
qemu: agent: set ifname to NULL after freeing
Signed-off-by: Jan Tomko <jtomko@redhat.com>
Signed-off-by: Jiajie Li <lijiajie11@huawei.com>
CVE-2020-25637
Add a requirement for domain:write if source is set to
VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_AGENT.
Signed-off-by: Jan Tomko <jtomko@redhat.com>
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
cherry-pick from commit e4116eaa44cb366b59f7fe98f4b88d04c04970ad
Signed-off-by: Jiajie Li <lijiajie11@huawei.com>
CVE-2020-25637
Add a new field to @acl annotations for filtering by
unsigned int parameters.
Signed-off-by: Jan Tomko <jtomko@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
cherry-pick from commit 50864dcda191eb35732dbd80fb6ca251a6bba923
Signed-off-by: Jiajie Li <lijiajie11@huawei.com>
CVE-2020-25637
Prepare for omission of the <flagname> in remote_protocol.x
@acl annotations:
@acl: <object>:<permission>:<flagname>
so that we can add more field after, e.g.:
@acl: <object>:<permission>::<field>
Signed-off-by: Jan Tomko <jtomko@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
cherry-pick from commit 955029bd0ad7ef96000f529ac38204a8f4a96401
Signed-off-by: Jiajie Li <lijiajie11@huawei.com>
cherry-pick patchs list:
2ab8dba5 qemuDomainGetUnplugTimeout: Add G_GNUC_NO_INLINE
423664a6 virNetDevSwitchdevFeature: Make failure to get 'family_id' non-fatal
ca616274 virNetDevGetFamilyId: Change signature
67b973b5 qemuDomainDefPostParse: Fail if unable to fill machine type
67e19fc9 qemu: Revoke access to mirror on failed blockcopy
93b15ba0 qemu: fix hang in p2p + xbzrle compression + parallel migration
a13ac587 util: fix iteration in virSocketAddrResolveService
88011ed2 libxl: fix crash when initializing driver
Signed-off-by: AlexChen <alex.chen@huawei.com>
There are races condiction to make '/run/libvirt/qemu/dbus' directory in
virDirCreateNoFork() while concurrent start VMs, and get "failed to create
directory '/run/libvirt/qemu/dbus': File exists" error message. pre-create the
dbus directory in qemuStateInitialize.
Signed-off-by: Bihong Yu <yubihong@huawei.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
bugfix patches list:
d677de remote: fix driver name check for libxl driver
075641 systemd: start libvirtd after firewalld iptables services
06fc99 qemuDomainCleanupRun: Actually run cleanup callbacks in reverse order
01626c virDevMapperGetTargetsImpl: quit early if device is not a devmapper target
006782 qemu: only stop external devices after the domain
42a415 qemuDomainStorageSourcePrivateDispose: Free httpcookie
cc8c29 Don't require secdrivers to implement .domainMoveImageMetadata
0230e3 qemuProcessStop: Use XATTRs to restore seclabels on disks a domain is mirroring into
8fd274 qemuProcessStop: Reattach NVMe disks a domain is mirroring into
55029d security: don't fail if built without attr support
a5a297 qemu: Skip pre creation of NVMe disks
2a372 Fix some wrong usage of ATTRIBUTE_NONNULL
e728ff conf: Increase cpuset length limit for CPU pinning
8f58a4 virQEMUDriverConfigNew: Add slash to cfg defaultTLSx509certdir for non-embeded driver
1b22dd qemuDomainSetNumaParamsLive: set nodeset for root cgroup
bdb8f2 qemu: do not add model when actual iface type is hostdev
Signed-off-by: Jin Yan <jinyan12@huawei.com>
