646cd8897b
Updated block-dmmd script - fate#310510 - fix xenpaging restore changes to integrate paging into xm/xend xenpaging.autostart.patch xenpaging.doc.patch - bnc#787163 - VUL-0: CVE-2012-4544: xen: Domain builder Out-of- memory due to malicious kernel/ramdisk (XSA 25) CVE-2012-4544-xsa25.patch - bnc#779212 - VUL-0: CVE-2012-4411: XEN / qemu: guest administrator can access qemu monitor console (XSA-19) CVE-2012-4411-xsa19.patch - bnc#786516 - VUL-0: CVE-2012-4535: xen: Timer overflow DoS vulnerability CVE-2012-4535-xsa20.patch - bnc#786518 - VUL-0: CVE-2012-4536: xen: pirq range check DoS vulnerability CVE-2012-4536-xsa21.patch - bnc#786517 - VUL-0: CVE-2012-4537: xen: Memory mapping failure DoS vulnerability CVE-2012-4537-xsa22.patch - bnc#786519 - VUL-0: CVE-2012-4538: xen: Unhooking empty PAE entries DoS vulnerability CVE-2012-4538-xsa23.patch - bnc#786520 - VUL-0: CVE-2012-4539: xen: Grant table hypercall infinite loop DoS vulnerability CVE-2012-4539-xsa24.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=212
158 lines
6.0 KiB
Diff
158 lines
6.0 KiB
Diff
Add support of change-vnc-password while vm is running.
|
|
|
|
Signed-off-by: Chunyan Liu <cyliu@novell.com>
|
|
|
|
Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c
|
|
===================================================================
|
|
--- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vl.c
|
|
+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/vl.c
|
|
@@ -200,7 +200,7 @@ DriveInfo drives_table[MAX_DRIVES+1];
|
|
int nb_drives;
|
|
enum vga_retrace_method vga_retrace_method = VGA_RETRACE_DUMB;
|
|
int vga_ram_size;
|
|
-static DisplayState *display_state;
|
|
+DisplayState *display_state;
|
|
int nographic;
|
|
static int curses;
|
|
static int sdl;
|
|
Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/vnc.c
|
|
===================================================================
|
|
--- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/vnc.c
|
|
+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/vnc.c
|
|
@@ -2627,6 +2627,7 @@ int vnc_display_password(DisplayState *d
|
|
if (password && password[0]) {
|
|
if (!(vs->password = qemu_strdup(password)))
|
|
return -1;
|
|
+ vs->auth = VNC_AUTH_VNC;
|
|
}
|
|
|
|
return 0;
|
|
Index: xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c
|
|
===================================================================
|
|
--- xen-4.2.0-testing.orig/tools/qemu-xen-traditional-dir-remote/xenstore.c
|
|
+++ xen-4.2.0-testing/tools/qemu-xen-traditional-dir-remote/xenstore.c
|
|
@@ -24,6 +24,7 @@
|
|
#include "qemu-timer.h"
|
|
#include "qemu-xen.h"
|
|
|
|
+extern DisplayState *display_state;
|
|
struct xs_handle *xsh = NULL;
|
|
static char *media_filename[MAX_DRIVES+1];
|
|
static QEMUTimer *insert_timer = NULL;
|
|
@@ -937,6 +938,19 @@ static void xenstore_process_dm_command_
|
|
} else if (!strncmp(command, "continue", len)) {
|
|
fprintf(logfile, "dm-command: continue after state save\n");
|
|
xen_pause_requested = 0;
|
|
+ } else if (!strncmp(command, "chgvncpasswd", len)) {
|
|
+ fprintf(logfile, "dm-command: change vnc passwd\n");
|
|
+ if (pasprintf(&path,
|
|
+ "/local/domain/0/backend/vfb/%u/0/vncpasswd", domid) == -1) {
|
|
+ fprintf(logfile, "out of memory reading dm command parameter\n");
|
|
+ goto out;
|
|
+ }
|
|
+ par = xs_read(xsh, XBT_NULL, path, &len);
|
|
+ if (!par)
|
|
+ goto out;
|
|
+ if (vnc_display_password(display_state, par) == 0)
|
|
+ xenstore_record_dm_state("vncpasswdchged");
|
|
+ free(par);
|
|
} else if (!strncmp(command, "usb-add", len)) {
|
|
fprintf(logfile, "dm-command: usb-add a usb device\n");
|
|
if (pasprintf(&path,
|
|
Index: xen-4.2.0-testing/tools/python/xen/xend/XendDomainInfo.py
|
|
===================================================================
|
|
--- xen-4.2.0-testing.orig/tools/python/xen/xend/XendDomainInfo.py
|
|
+++ xen-4.2.0-testing/tools/python/xen/xend/XendDomainInfo.py
|
|
@@ -1490,6 +1490,20 @@ class XendDomainInfo:
|
|
target = max_target
|
|
self.setMemoryTarget(target)
|
|
|
|
+ def chgvncpasswd(self, passwd):
|
|
+ if self._stateGet() != DOM_STATE_HALTED:
|
|
+ path = '/local/domain/0/backend/vfb/%u/0/' % self.getDomid()
|
|
+ xstransact.Write(path, 'vncpasswd', passwd)
|
|
+ self.image.signalDeviceModel("chgvncpasswd", "vncpasswdchged")
|
|
+
|
|
+ for dev_uuid, (dev_type, dev_info) in self.info['devices'].items():
|
|
+ if dev_type == 'vfb':
|
|
+ dev_info['vncpasswd'] = passwd
|
|
+ dev_info['other_config']['vncpasswd'] = passwd
|
|
+ self.info.device_update(dev_uuid, cfg_xenapi = dev_info)
|
|
+ break
|
|
+ xen.xend.XendDomain.instance().managed_config_save(self)
|
|
+
|
|
def setMemoryTarget(self, target):
|
|
"""Set the memory target of this domain.
|
|
@param target: In MiB.
|
|
Index: xen-4.2.0-testing/tools/python/xen/xend/server/XMLRPCServer.py
|
|
===================================================================
|
|
--- xen-4.2.0-testing.orig/tools/python/xen/xend/server/XMLRPCServer.py
|
|
+++ xen-4.2.0-testing/tools/python/xen/xend/server/XMLRPCServer.py
|
|
@@ -95,7 +95,7 @@ methods = ['device_create', 'device_conf
|
|
'destroyDevice','getDeviceSxprs',
|
|
'setMemoryTarget', 'setName', 'setVCpuCount', 'shutdown',
|
|
'send_sysrq', 'getVCPUInfo', 'waitForDevices',
|
|
- 'getRestartCount', 'getBlockDeviceClass']
|
|
+ 'getRestartCount', 'getBlockDeviceClass', 'chgvncpasswd']
|
|
|
|
exclude = ['domain_create', 'domain_restore']
|
|
|
|
Index: xen-4.2.0-testing/tools/python/xen/xm/main.py
|
|
===================================================================
|
|
--- xen-4.2.0-testing.orig/tools/python/xen/xm/main.py
|
|
+++ xen-4.2.0-testing/tools/python/xen/xm/main.py
|
|
@@ -21,6 +21,7 @@
|
|
|
|
"""Grand unified management application for Xen.
|
|
"""
|
|
+import getpass
|
|
import atexit
|
|
import cmd
|
|
import os
|
|
@@ -281,6 +282,9 @@ SUBCOMMAND_HELP = {
|
|
'getenforce' : ('', 'Returns the current enforcing mode for the Flask XSM module (Enforcing,Permissive)'),
|
|
'setenforce' : ('[ (Enforcing|1) | (Permissive|0) ]',
|
|
'Modifies the current enforcing mode for the Flask XSM module'),
|
|
+ #change vnc password
|
|
+ 'change-vnc-passwd' : ('<Domain>',\
|
|
+ 'Change vnc password'),
|
|
}
|
|
|
|
SUBCOMMAND_OPTIONS = {
|
|
@@ -406,6 +410,7 @@ common_commands = [
|
|
"usb-del",
|
|
"domstate",
|
|
"vcpu-set",
|
|
+ "change-vnc-passwd",
|
|
]
|
|
|
|
domain_commands = [
|
|
@@ -443,6 +448,7 @@ domain_commands = [
|
|
"vcpu-list",
|
|
"vcpu-pin",
|
|
"vcpu-set",
|
|
+ "change-vnc-passwd",
|
|
]
|
|
|
|
host_commands = [
|
|
@@ -3806,6 +3812,10 @@ def xm_cpupool_migrate(args):
|
|
else:
|
|
server.xend.cpu_pool.migrate(domname, poolname)
|
|
|
|
+def xm_chgvncpasswd(args):
|
|
+ arg_check(args, "change-vnc-passwd", 1)
|
|
+ pwd = getpass.getpass("Enter new password: ")
|
|
+ server.xend.domain.chgvncpasswd(args[0], pwd)
|
|
|
|
commands = {
|
|
"shell": xm_shell,
|
|
@@ -3914,6 +3924,8 @@ commands = {
|
|
"usb-del": xm_usb_del,
|
|
#domstate
|
|
"domstate": xm_domstate,
|
|
+ #change vnc password:
|
|
+ "change-vnc-passwd": xm_chgvncpasswd,
|
|
}
|
|
|
|
## The commands supported by a separate argument parser in xend.xm.
|