5674459f46
- CVE-2013-2230: Fix crash when multiple event callbacks were registered f38c8185-CVE-2013-2230.patch bnc#827801 - Update to libvirt 1.1.0 - Extensible migration APIs - Add a policy kit access control driver - various improvements in the Xen and libxl drivers - improve networking support on BSD - agent based vCPU hotplug support - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Drop upstream patches: 244e0b8c-CVE-2013-2218.patch OBS-URL: https://build.opensuse.org/request/show/182783 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=282
172 lines
6.3 KiB
Diff
172 lines
6.3 KiB
Diff
Do not search xenstore for disk/network/PCI device IDs
|
|
|
|
Disk, network, and PCI devices can be referenced by name in Xen,
|
|
e.g. when modifying their configuration or remvoving them. As such,
|
|
don't search xenstore for a device ID corresponding to these devices.
|
|
Instead, search the devices contained in the domain definition and use
|
|
the devices's target name if found.
|
|
|
|
Note that for network devices, the mac address is used for the device
|
|
name. For PCI devices, the bdf (bus:dev:fun) specifier is used for
|
|
the device name.
|
|
|
|
This approach allows removing a disk/network/PCI device when domain
|
|
is inactive. We obviously can't search xenstore when the domain is
|
|
inactive.
|
|
|
|
Index: libvirt-1.1.0/src/xen/xend_internal.c
|
|
===================================================================
|
|
--- libvirt-1.1.0.orig/src/xen/xend_internal.c
|
|
+++ libvirt-1.1.0/src/xen/xend_internal.c
|
|
@@ -70,7 +70,7 @@
|
|
#define XEND_RCV_BUF_MAX_LEN (256 * 1024)
|
|
|
|
static int
|
|
-virDomainXMLDevID(virConnectPtr conn, virDomainDefPtr domain,
|
|
+virDomainXMLDevID(virConnectPtr conn ATTRIBUTE_UNUSED, virDomainDefPtr domain,
|
|
virDomainDeviceDefPtr dev, char *class,
|
|
char *ref, int ref_len);
|
|
|
|
@@ -3332,18 +3332,18 @@ xenDaemonDomainBlockPeek(virConnectPtr c
|
|
* Returns 0 in case of success, -1 in case of failure.
|
|
*/
|
|
static int
|
|
-virDomainXMLDevID(virConnectPtr conn,
|
|
+virDomainXMLDevID(virConnectPtr conn ATTRIBUTE_UNUSED,
|
|
virDomainDefPtr def,
|
|
virDomainDeviceDefPtr dev,
|
|
char *class,
|
|
char *ref,
|
|
int ref_len)
|
|
{
|
|
- xenUnifiedPrivatePtr priv = conn->privateData;
|
|
- char *xref;
|
|
- char *tmp;
|
|
+ unsigned int i;
|
|
|
|
if (dev->type == VIR_DOMAIN_DEVICE_DISK) {
|
|
+ if (dev->data.disk->dst == NULL)
|
|
+ return -1;
|
|
if (dev->data.disk->driverName &&
|
|
STREQ(dev->data.disk->driverName, "tap"))
|
|
strcpy(class, "tap");
|
|
@@ -3353,19 +3353,17 @@ virDomainXMLDevID(virConnectPtr conn,
|
|
else
|
|
strcpy(class, "vbd");
|
|
|
|
- if (dev->data.disk->dst == NULL)
|
|
- return -1;
|
|
- xenUnifiedLock(priv);
|
|
- xref = xenStoreDomainGetDiskID(conn, def->id,
|
|
- dev->data.disk->dst);
|
|
- xenUnifiedUnlock(priv);
|
|
- if (xref == NULL)
|
|
- return -1;
|
|
-
|
|
- tmp = virStrcpy(ref, xref, ref_len);
|
|
- VIR_FREE(xref);
|
|
- if (tmp == NULL)
|
|
- return -1;
|
|
+ /* For disks, the device name can be used directly. */
|
|
+ for (i = 0; i < def->ndisks; i++) {
|
|
+ virDomainDiskDefPtr disk = def->disks[i];
|
|
+ if (STREQ(dev->data.disk->dst, disk->dst)) {
|
|
+ if (virStrcpy(ref, disk->dst, ref_len) == NULL)
|
|
+ return -1;
|
|
+ else
|
|
+ return 0;
|
|
+ }
|
|
+ }
|
|
+ return -1;
|
|
} else if (dev->type == VIR_DOMAIN_DEVICE_NET) {
|
|
char mac[VIR_MAC_STRING_BUFLEN];
|
|
virDomainNetDefPtr netdef = dev->data.net;
|
|
@@ -3373,16 +3371,22 @@ virDomainXMLDevID(virConnectPtr conn,
|
|
|
|
strcpy(class, "vif");
|
|
|
|
- xenUnifiedLock(priv);
|
|
- xref = xenStoreDomainGetNetworkID(conn, def->id, mac);
|
|
- xenUnifiedUnlock(priv);
|
|
- if (xref == NULL)
|
|
- return -1;
|
|
-
|
|
- tmp = virStrcpy(ref, xref, ref_len);
|
|
- VIR_FREE(xref);
|
|
- if (tmp == NULL)
|
|
- return -1;
|
|
+ /* For nics, the mac address can be used directly. */
|
|
+ for (i = 0; i < def->nnets; i++) {
|
|
+ char dst_mac[30];
|
|
+ virDomainNetDefPtr dst_net = def->nets[i];
|
|
+ snprintf(dst_mac, sizeof(dst_mac), "%02x:%02x:%02x:%02x:%02x:%02x",
|
|
+ dst_net->mac.addr[0], dst_net->mac.addr[1],
|
|
+ dst_net->mac.addr[2], dst_net->mac.addr[3],
|
|
+ dst_net->mac.addr[4], dst_net->mac.addr[5]);
|
|
+ if (STREQ(mac, dst_mac)) {
|
|
+ if (virStrcpy(ref, dst_mac, ref_len) == NULL)
|
|
+ return -1;
|
|
+ else
|
|
+ return 0;
|
|
+ }
|
|
+ }
|
|
+ return -1;
|
|
} else if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV &&
|
|
dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS &&
|
|
dev->data.hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) {
|
|
@@ -3400,17 +3404,44 @@ virDomainXMLDevID(virConnectPtr conn,
|
|
|
|
strcpy(class, "pci");
|
|
|
|
- xenUnifiedLock(priv);
|
|
- xref = xenStoreDomainGetPCIID(conn, def->id, bdf);
|
|
- xenUnifiedUnlock(priv);
|
|
- VIR_FREE(bdf);
|
|
- if (xref == NULL)
|
|
- return -1;
|
|
+ /* For PCI devices, the device BFD can be used directly. */
|
|
+ for (i = 0 ; i < def->nhostdevs ; i++) {
|
|
+ char *dst_bdf;
|
|
+ virDomainHostdevDefPtr hostdev = def->hostdevs[i];
|
|
+
|
|
+ if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
|
|
+ continue;
|
|
+ if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI)
|
|
+ continue;
|
|
+
|
|
+ if (virAsprintf(&dst_bdf, "%04x:%02x:%02x.%0x",
|
|
+ hostdev->source.subsys.u.pci.addr.domain,
|
|
+ hostdev->source.subsys.u.pci.addr.bus,
|
|
+ hostdev->source.subsys.u.pci.addr.slot,
|
|
+ hostdev->source.subsys.u.pci.addr.function) < 0) {
|
|
+ virReportOOMError();
|
|
+ VIR_FREE(bdf);
|
|
+ return -1;
|
|
+ }
|
|
|
|
- tmp = virStrcpy(ref, xref, ref_len);
|
|
- VIR_FREE(xref);
|
|
- if (tmp == NULL)
|
|
- return -1;
|
|
+ if (STREQ(bdf, dst_bdf)) {
|
|
+ if (virStrcpy(ref, dst_bdf, ref_len) == NULL) {
|
|
+ virReportOOMError();
|
|
+ VIR_FREE(dst_bdf);
|
|
+ VIR_FREE(bdf);
|
|
+ return -1;
|
|
+ }
|
|
+ else {
|
|
+ VIR_FREE(dst_bdf);
|
|
+ VIR_FREE(bdf);
|
|
+ return 0;
|
|
+ }
|
|
+ }
|
|
+ VIR_FREE(dst_bdf);
|
|
+ }
|
|
+
|
|
+ VIR_FREE(bdf);
|
|
+ return -1;
|
|
} else {
|
|
virReportError(VIR_ERR_OPERATION_INVALID,
|
|
"%s", _("hotplug of device type not supported"));
|