forked from pool/libvirt
ee07210d25
- CVE-2015-5247 - denial of service through root-squash NFS storage 3468542f-virFileUnlink.patch 8b1d84e6-refreshVol-failure.patch e0025d29-storage-mode-check.patch OBS-URL: https://build.opensuse.org/request/show/330855 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=484
40 lines
1.5 KiB
Diff
40 lines
1.5 KiB
Diff
From 8b1d84e640f1a6e6ebb47caf23a664e2f651b32d Mon Sep 17 00:00:00 2001
|
|
From: John Ferlan <jferlan@redhat.com>
|
|
Date: Mon, 24 Aug 2015 12:38:13 -0400
|
|
Subject: [PATCH] storage: Handle failure from refreshVol
|
|
|
|
Commit id '155ca616' added the 'refreshVol' API. In an NFS root-squash
|
|
environment it was possible that if the just created volume from XML wasn't
|
|
properly created with the right uid/gid and/or mode, then the followup
|
|
refreshVol will fail to open the volume in order to get the allocation/
|
|
capacity values. This would leave the volume still on the server and
|
|
cause a libvirtd crash because 'voldef' would be in the pool list, but
|
|
the cleanup code would free it.
|
|
|
|
(cherry picked from commit db9277a39bc364806e8d3e08a08fc128d59b7094)
|
|
---
|
|
src/storage/storage_driver.c | 6 +++++-
|
|
1 file changed, 5 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/src/storage/storage_driver.c b/src/storage/storage_driver.c
|
|
index ea7e0f3..0494e5d 100644
|
|
--- a/src/storage/storage_driver.c
|
|
+++ b/src/storage/storage_driver.c
|
|
@@ -1867,8 +1867,12 @@ storageVolCreateXML(virStoragePoolPtr obj,
|
|
}
|
|
|
|
if (backend->refreshVol &&
|
|
- backend->refreshVol(obj->conn, pool, voldef) < 0)
|
|
+ backend->refreshVol(obj->conn, pool, voldef) < 0) {
|
|
+ storageVolDeleteInternal(volobj, backend, pool, voldef,
|
|
+ 0, false);
|
|
+ voldef = NULL;
|
|
goto cleanup;
|
|
+ }
|
|
|
|
/* Update pool metadata ignoring the disk backend since
|
|
* it updates the pool values.
|
|
--
|
|
2.1.4
|
|
|