update to libvirt 0.9.3

OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=134
This commit is contained in:
James Fehlig 2011-07-05 20:25:50 +00:00 committed by Git OBS Bridge
parent 9af5be6895
commit fd05ea59ce
8 changed files with 64 additions and 134 deletions

View File

@ -1,83 +0,0 @@
commit 774b21c163845170c9ffa873f5720d318812eaf6
Author: Eric Blake <eblake@redhat.com>
Date: Fri Jun 24 12:16:05 2011 -0600
remote: protect against integer overflow
Integer overflow and remote code are never a nice mix.
This has existed since commit 56cd414.
* src/libvirt.c (virDomainGetVcpus): Reject overflow up front.
* src/remote/remote_driver.c (remoteDomainGetVcpus): Avoid overflow
on sending rpc.
* daemon/remote.c (remoteDispatchDomainGetVcpus): Avoid overflow on
receiving rpc.
Index: libvirt-0.9.2/daemon/remote.c
===================================================================
--- libvirt-0.9.2.orig/daemon/remote.c
+++ libvirt-0.9.2/daemon/remote.c
@@ -61,6 +61,7 @@
#include "network.h"
#include "libvirt/libvirt-qemu.h"
#include "command.h"
+#include "intprops.h"
#define VIR_FROM_THIS VIR_FROM_REMOTE
@@ -1074,7 +1075,8 @@ remoteDispatchDomainGetVcpus(struct qemu
goto cleanup;
}
- if (args->maxinfo * args->maplen > REMOTE_CPUMAPS_MAX) {
+ if (INT_MULTIPLY_OVERFLOW(args->maxinfo, args->maplen) ||
+ args->maxinfo * args->maplen > REMOTE_CPUMAPS_MAX) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", _("maxinfo * maplen > REMOTE_CPUMAPS_MAX"));
goto cleanup;
}
Index: libvirt-0.9.2/src/libvirt.c
===================================================================
--- libvirt-0.9.2.orig/src/libvirt.c
+++ libvirt-0.9.2/src/libvirt.c
@@ -39,6 +39,7 @@
#include "util.h"
#include "memory.h"
#include "configmake.h"
+#include "intprops.h"
#ifndef WITH_DRIVER_MODULES
# ifdef WITH_TEST
@@ -6805,8 +6806,8 @@ virDomainGetVcpus(virDomainPtr domain, v
/* Ensure that domainGetVcpus (aka remoteDomainGetVcpus) does not
try to memcpy anything into a NULL pointer. */
- if ((cpumaps == NULL && maplen != 0)
- || (cpumaps && maplen <= 0)) {
+ if (!cpumaps ? maplen != 0
+ : (maplen <= 0 || INT_MULTIPLY_OVERFLOW(maxinfo, maplen))) {
virLibDomainError(VIR_ERR_INVALID_ARG, __FUNCTION__);
goto error;
}
Index: libvirt-0.9.2/src/remote/remote_driver.c
===================================================================
--- libvirt-0.9.2.orig/src/remote/remote_driver.c
+++ libvirt-0.9.2/src/remote/remote_driver.c
@@ -84,6 +84,7 @@
#include "ignore-value.h"
#include "files.h"
#include "command.h"
+#include "intprops.h"
#define VIR_FROM_THIS VIR_FROM_REMOTE
@@ -2032,7 +2033,8 @@ remoteDomainGetVcpus (virDomainPtr domai
maxinfo, REMOTE_VCPUINFO_MAX);
goto done;
}
- if (maxinfo * maplen > REMOTE_CPUMAPS_MAX) {
+ if (INT_MULTIPLY_OVERFLOW(maxinfo, maplen) ||
+ maxinfo * maplen > REMOTE_CPUMAPS_MAX) {
remoteError(VIR_ERR_RPC,
_("vCPU map buffer length exceeds maximum: %d > %d"),
maxinfo * maplen, REMOTE_CPUMAPS_MAX);

View File

@ -2,8 +2,8 @@ Index: src/lxc/lxc_container.c
===================================================================
--- src/lxc/lxc_container.c.orig
+++ src/lxc/lxc_container.c
@@ -879,6 +879,9 @@ int lxcContainerStart(virDomainDefPtr de
lxc_child_argv_t args = { def, nveths, veths, control, ttyPath };
@@ -896,6 +896,9 @@ int lxcContainerStart(virDomainDefPtr de
handshakefd};
/* allocate a stack for the container */
+#ifdef __ia64__
@ -12,7 +12,7 @@ Index: src/lxc/lxc_container.c
if (VIR_ALLOC_N(stack, stacksize) < 0) {
virReportOOMError();
return -1;
@@ -897,7 +900,11 @@ int lxcContainerStart(virDomainDefPtr de
@@ -914,7 +917,11 @@ int lxcContainerStart(virDomainDefPtr de
flags |= CLONE_NEWNET;
}
@ -24,7 +24,7 @@ Index: src/lxc/lxc_container.c
VIR_FREE(stack);
VIR_DEBUG("clone() completed, new container PID is %d", pid);
@@ -924,6 +931,7 @@ int lxcContainerAvailable(int features)
@@ -941,6 +948,7 @@ int lxcContainerAvailable(int features)
char *childStack;
char *stack;
int childStatus;
@ -32,7 +32,7 @@ Index: src/lxc/lxc_container.c
if (features & LXC_CONTAINER_FEATURE_USER)
flags |= CLONE_NEWUSER;
@@ -931,14 +939,21 @@ int lxcContainerAvailable(int features)
@@ -948,14 +956,21 @@ int lxcContainerAvailable(int features)
if (features & LXC_CONTAINER_FEATURE_NET)
flags |= CLONE_NEWNET;

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:6125b2151c99df356b35a41c19744bcf90aad343d3ecf170a51fc1a24b0701ab
size 10791970

3
libvirt-0.9.3.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7b83113a581b4e256245e49b6aa7bc99c0d85219ab5917cb1036301dcb810dcd
size 10948358

View File

@ -1,3 +1,18 @@
-------------------------------------------------------------------
Tue Jul 5 14:15:22 MDT 2011 - jfehlig@suse.de
- Update to libvirt 0.9.3
- vcpupin: introduce the new libvirt API (virDomainGetVcpupinInfo)
- Add TXT record support for virtual DNS service
- Support reboots with the QEMU driver
- Introduce virDomainGetControlInfo API
- virNodeGetMemoryStats: Expose new API
- virNodeGetCPUTime: Implement public API
- send-key: Defining the public API
- vcpupin: introduce a new libvirt API (virDomainPinVcpuFlags)
- support multifunction PCI device
- lxc: various improvements
-------------------------------------------------------------------
Fri Jul 1 10:10:23 MDT 2011 - jfehlig@suse.de

View File

@ -17,6 +17,9 @@
# norootforbuild
# In the future, we may want a client only build, which will create a
# libvirt.so only containing the generic RPC driver and the test driver,
# but no libvirtd
# For now, default to a full server + client build
%define client_only 0
@ -41,13 +44,13 @@
%define with_lxc 0%{!?_without_lxc:%{server_drivers}}
%define with_vbox 0%{!?_without_vbox:%{server_drivers}}
%define with_uml 0%{!?_without_uml:%{server_drivers}}
%define with_xenapi 0%{!?_without_xenapi:%{server_drivers}}
%define with_libxl 0%{!?_without_libxl:%{server_drivers}}
%define with_vmware 0%{!?_without_vmware:%{server_drivers}}
# Then the hypervisor drivers that talk a native remote protocol
%define with_phyp 0%{!?_without_phyp:0}
%define with_esx 0%{!?_without_esx:1}
%define with_vmware 0%{!?_without_vmware:1}
%define with_xenapi 0%{!?_without_xenapi:1}
# Then the secondary host drivers
%define with_network 0%{!?_without_network:%{server_drivers}}
@ -283,8 +286,8 @@ Url: http://libvirt.org/
License: LGPLv2.1+
Group: Development/Libraries/C and C++
AutoReqProv: yes
Version: 0.9.2
Release: 3
Version: 0.9.3
Release: 1
Summary: A C toolkit to interract with the virtualization capabilities of Linux
# The client side, i.e. shared libs and virsh are in a subpackage
@ -349,7 +352,6 @@ Source0: %{name}-%{version}.tar.bz2
Source1: libvirtd.init
Source2: libvirtd-relocation-server.fw
# Upstream patches
Patch0: 774b21c1-CVE-2011-2511.patch
# Need to go upstream
Patch100: xen-name-for-devid.patch
Patch101: clone.patch
@ -443,7 +445,6 @@ Authors:
Karel Zak <kzak@redhat.com>
%if %{with_python}
%package python
License: LGPLv2.1+
Summary: A C toolkit to interract with the virtualization capabilities of Linux
@ -466,7 +467,6 @@ Authors:
%prep
%setup -q
%patch0 -p1
%patch100 -p1
%patch101
%patch102 -p1
@ -740,7 +740,6 @@ fi
%postun client -p /sbin/ldconfig
%if %{with_libvirtd}
%files
%defattr(-, root, root)
%{_sbindir}/libvirtd
@ -858,7 +857,6 @@ fi
%doc %{_docdir}/%{name}/html
%if %{with_python}
%files python
%defattr(-, root, root)
%doc %{_docdir}/%{name}-python

View File

@ -1,7 +1,7 @@
Index: libvirt-0.9.0/daemon/libvirtd.conf
Index: libvirt-0.9.3/daemon/libvirtd.conf
===================================================================
--- libvirt-0.9.0.orig/daemon/libvirtd.conf
+++ libvirt-0.9.0/daemon/libvirtd.conf
--- libvirt-0.9.3.orig/daemon/libvirtd.conf
+++ libvirt-0.9.3/daemon/libvirtd.conf
@@ -18,8 +18,8 @@
# It is necessary to setup a CA and issue server certificates before
# using this capability.
@ -28,25 +28,25 @@ Index: libvirt-0.9.0/daemon/libvirtd.conf
# Override the default mDNS advertizement name. This must be
# unique on the immediate broadcast network.
Index: libvirt-0.9.0/daemon/libvirtd.c
Index: libvirt-0.9.3/daemon/libvirtd.c
===================================================================
--- libvirt-0.9.0.orig/daemon/libvirtd.c
+++ libvirt-0.9.0/daemon/libvirtd.c
@@ -148,7 +148,7 @@ static int sigwrite = -1; /* Signa
static int ipsock = 0; /* -l Listen for TCP/IP */
--- libvirt-0.9.3.orig/daemon/libvirtd.c
+++ libvirt-0.9.3/daemon/libvirtd.c
@@ -897,7 +897,7 @@ daemonConfigNew(bool privileged ATTRIBUT
return NULL;
}
/* Defaults for configuration file elements */
-static int listen_tls = 1;
+static int listen_tls = 0;
static int listen_tcp = 0;
static char *listen_addr = (char *) LIBVIRTD_LISTEN_ADDR;
static char *tls_port = (char *) LIBVIRTD_TLS_PORT;
@@ -170,7 +170,7 @@ static int auth_tcp = REMOTE_AUTH_NONE;
- data->listen_tls = 1;
+ data->listen_tls = 0;
data->listen_tcp = 0;
if (!(data->tls_port = strdup(LIBVIRTD_TLS_PORT)))
@@ -934,7 +934,7 @@ daemonConfigNew(bool privileged ATTRIBUT
#endif
static int auth_tls = REMOTE_AUTH_NONE;
data->auth_tls = REMOTE_AUTH_NONE;
-static int mdns_adv = 1;
+static int mdns_adv = 0;
static char *mdns_name = NULL;
- data->mdns_adv = 1;
+ data->mdns_adv = 0;
static int tls_no_verify_certificate = 0;
data->min_workers = 5;
data->max_workers = 20;

View File

@ -1,8 +1,8 @@
Index: libvirt-0.9.2/tools/Makefile.am
Index: libvirt-0.9.3/tools/Makefile.am
===================================================================
--- libvirt-0.9.2.orig/tools/Makefile.am
+++ libvirt-0.9.2/tools/Makefile.am
@@ -131,16 +131,17 @@ uninstall-local: uninstall-init
--- libvirt-0.9.3.orig/tools/Makefile.am
+++ libvirt-0.9.3/tools/Makefile.am
@@ -147,16 +147,17 @@ uninstall-local: uninstall-init
if LIBVIRT_INIT_SCRIPT_RED_HAT
install-init: libvirt-guests.init
@ -26,10 +26,10 @@ Index: libvirt-0.9.2/tools/Makefile.am
BUILT_SOURCES += libvirt-guests.init
Index: libvirt-0.9.2/tools/libvirt-guests.sysconf
Index: libvirt-0.9.3/tools/libvirt-guests.sysconf
===================================================================
--- libvirt-0.9.2.orig/tools/libvirt-guests.sysconf
+++ libvirt-0.9.2/tools/libvirt-guests.sysconf
--- libvirt-0.9.3.orig/tools/libvirt-guests.sysconf
+++ libvirt-0.9.3/tools/libvirt-guests.sysconf
@@ -1,18 +1,28 @@
+## Path: System/Virtualization/libvirt
+
@ -74,10 +74,10 @@ Index: libvirt-0.9.2/tools/libvirt-guests.sysconf
# number of seconds we're willing to wait for a guest to shut down
-#SHUTDOWN_TIMEOUT=0
+SHUTDOWN_TIMEOUT=120
Index: libvirt-0.9.2/tools/libvirt-guests.init.sh
Index: libvirt-0.9.3/tools/libvirt-guests.init.sh
===================================================================
--- libvirt-0.9.2.orig/tools/libvirt-guests.init.sh
+++ libvirt-0.9.2/tools/libvirt-guests.init.sh
--- libvirt-0.9.3.orig/tools/libvirt-guests.init.sh
+++ libvirt-0.9.3/tools/libvirt-guests.init.sh
@@ -4,10 +4,10 @@
#
### BEGIN INIT INFO
@ -220,11 +220,11 @@ Index: libvirt-0.9.2/tools/libvirt-guests.init.sh
esac
-exit $RETVAL
+rc_exit
Index: libvirt-0.9.2/daemon/Makefile.am
Index: libvirt-0.9.3/daemon/Makefile.am
===================================================================
--- libvirt-0.9.2.orig/daemon/Makefile.am
+++ libvirt-0.9.2/daemon/Makefile.am
@@ -302,16 +302,12 @@ install-logrotate: $(LOGROTATE_CONFS)
--- libvirt-0.9.3.orig/daemon/Makefile.am
+++ libvirt-0.9.3/daemon/Makefile.am
@@ -246,16 +246,12 @@ install-logrotate: $(LOGROTATE_CONFS)
if LIBVIRT_INIT_SCRIPT_RED_HAT
install-init: libvirtd.init