import libvirt-6.0.0-37.1.module+el8.5.0+13858+39fdc467
This commit is contained in:
parent
6fb1a96509
commit
8331a2073e
@ -0,0 +1,210 @@
|
||||
From 39a12e8336d314a1f1e6ed1abf15e4ff10f6f81e Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <39a12e8336d314a1f1e6ed1abf15e4ff10f6f81e@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Mon, 10 Jan 2022 12:08:08 +0100
|
||||
Subject: [PATCH] lib: Fix calling of virNetworkUpdate() driver callback
|
||||
|
||||
The order in which virNetworkUpdate() accepts @section and
|
||||
@command arguments is not the same as in which it passes them
|
||||
onto networkUpdate() callback. Until recently, it did not really
|
||||
matter, because calling the API on client side meant arguments
|
||||
were encoded in reversed order (compared to the public API), but
|
||||
then on the server it was fixed again - because the server
|
||||
decoded RPC (still swapped), called public API (still swapped)
|
||||
and in turn called the network driver callback (with reversing
|
||||
the order - so magically fixing the order).
|
||||
|
||||
Long story short, if the public API is called even number of
|
||||
times those swaps cancel each other out. The problem is when the
|
||||
API is called an odd numbed of times - which happens with split
|
||||
daemons and the right URI. There's one call in the client (e.g.
|
||||
virsh net-update), the other in a hypervisor daemon (say
|
||||
virtqemud) which ends up calling the API in the virnetworkd.
|
||||
|
||||
The fix is obvious - fix the order in which arguments are passed
|
||||
to the callback.
|
||||
|
||||
But, to maintain compatibility with older, yet unfixed, daemons
|
||||
new connection feature is introduced. The feature is detected
|
||||
just before calling the callback and allows client to pass
|
||||
arguments in correct order (talking to fixed daemon) or in
|
||||
reversed order (talking to older daemon).
|
||||
|
||||
Unfortunately, older client talking to newer daemon can't be
|
||||
fixed. Let's hope that it's less frequent scenario.
|
||||
|
||||
Fixes: 574b9bc66b6b10cc4cf50f299c3f0ff55f2cbefb
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1870552
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit b0f78d626a18bcecae3a4d165540ab88bfbfc9ee)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2038812
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Message-Id: <4601f7b2c8ef354e0f8c8020ecd1bb20b20d0f53.1641812574.git.mprivozn@redhat.com>
|
||||
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
src/esx/esx_driver.c | 3 +++
|
||||
src/libvirt-network.c | 24 ++++++++++++++++++++++--
|
||||
src/libvirt_internal.h | 5 +++++
|
||||
src/libxl/libxl_driver.c | 1 +
|
||||
src/lxc/lxc_driver.c | 1 +
|
||||
src/network/bridge_driver.c | 2 ++
|
||||
src/openvz/openvz_driver.c | 1 +
|
||||
src/qemu/qemu_driver.c | 1 +
|
||||
src/remote/remote_daemon_dispatch.c | 1 +
|
||||
src/test/test_driver.c | 1 +
|
||||
10 files changed, 38 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c
|
||||
index 0ede65279a..07ce7961b0 100644
|
||||
--- a/src/esx/esx_driver.c
|
||||
+++ b/src/esx/esx_driver.c
|
||||
@@ -1059,6 +1059,9 @@ esxConnectSupportsFeature(virConnectPtr conn, int feature)
|
||||
return priv->vCenter &&
|
||||
supportsVMotion == esxVI_Boolean_True ? 1 : 0;
|
||||
|
||||
+ case VIR_DRV_FEATURE_NETWORK_UPDATE_HAS_CORRECT_ORDER:
|
||||
+ return 1;
|
||||
+
|
||||
case VIR_DRV_FEATURE_FD_PASSING:
|
||||
case VIR_DRV_FEATURE_MIGRATE_CHANGE_PROTECTION:
|
||||
case VIR_DRV_FEATURE_MIGRATION_DIRECT:
|
||||
diff --git a/src/libvirt-network.c b/src/libvirt-network.c
|
||||
index 09e24fb0a8..9edd30d2b7 100644
|
||||
--- a/src/libvirt-network.c
|
||||
+++ b/src/libvirt-network.c
|
||||
@@ -543,8 +543,28 @@ virNetworkUpdate(virNetworkPtr network,
|
||||
|
||||
if (conn->networkDriver && conn->networkDriver->networkUpdate) {
|
||||
int ret;
|
||||
- ret = conn->networkDriver->networkUpdate(network, section, command,
|
||||
- parentIndex, xml, flags);
|
||||
+ int rc;
|
||||
+
|
||||
+ /* Since its introduction in v0.10.2-rc1~9 the @section and @command
|
||||
+ * arguments were mistakenly swapped when passed to driver's callback.
|
||||
+ * Detect if the other side is fixed already or not. */
|
||||
+ rc = VIR_DRV_SUPPORTS_FEATURE(conn->driver, conn,
|
||||
+ VIR_DRV_FEATURE_NETWORK_UPDATE_HAS_CORRECT_ORDER);
|
||||
+
|
||||
+ VIR_DEBUG("Argument order feature detection returned: %d", rc);
|
||||
+ if (rc < 0)
|
||||
+ goto error;
|
||||
+
|
||||
+ if (rc == 0) {
|
||||
+ /* Feature not supported, preserve swapped order */
|
||||
+ ret = conn->networkDriver->networkUpdate(network, section, command,
|
||||
+ parentIndex, xml, flags);
|
||||
+ } else {
|
||||
+ /* Feature supported, correct order can be used */
|
||||
+ ret = conn->networkDriver->networkUpdate(network, command, section,
|
||||
+ parentIndex, xml, flags);
|
||||
+ }
|
||||
+
|
||||
if (ret < 0)
|
||||
goto error;
|
||||
return ret;
|
||||
diff --git a/src/libvirt_internal.h b/src/libvirt_internal.h
|
||||
index 4a74dbc2af..21b7243557 100644
|
||||
--- a/src/libvirt_internal.h
|
||||
+++ b/src/libvirt_internal.h
|
||||
@@ -123,6 +123,11 @@ typedef enum {
|
||||
* Support for driver close callback rpc
|
||||
*/
|
||||
VIR_DRV_FEATURE_REMOTE_CLOSE_CALLBACK = 15,
|
||||
+
|
||||
+ /*
|
||||
+ * Whether the virNetworkUpdate() API implementation passes arguments to
|
||||
+ * the driver's callback in correct order. */
|
||||
+ VIR_DRV_FEATURE_NETWORK_UPDATE_HAS_CORRECT_ORDER = 16,
|
||||
} virDrvFeature;
|
||||
|
||||
|
||||
diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
|
||||
index 9269e9b475..827a58b2c6 100644
|
||||
--- a/src/libxl/libxl_driver.c
|
||||
+++ b/src/libxl/libxl_driver.c
|
||||
@@ -5714,6 +5714,7 @@ libxlConnectSupportsFeature(virConnectPtr conn, int feature)
|
||||
case VIR_DRV_FEATURE_TYPED_PARAM_STRING:
|
||||
case VIR_DRV_FEATURE_MIGRATION_PARAMS:
|
||||
case VIR_DRV_FEATURE_MIGRATION_P2P:
|
||||
+ case VIR_DRV_FEATURE_NETWORK_UPDATE_HAS_CORRECT_ORDER:
|
||||
return 1;
|
||||
case VIR_DRV_FEATURE_FD_PASSING:
|
||||
case VIR_DRV_FEATURE_MIGRATE_CHANGE_PROTECTION:
|
||||
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
|
||||
index 853ddac8b9..8cf4dbab57 100644
|
||||
--- a/src/lxc/lxc_driver.c
|
||||
+++ b/src/lxc/lxc_driver.c
|
||||
@@ -1699,6 +1699,7 @@ lxcConnectSupportsFeature(virConnectPtr conn, int feature)
|
||||
|
||||
switch ((virDrvFeature) feature) {
|
||||
case VIR_DRV_FEATURE_TYPED_PARAM_STRING:
|
||||
+ case VIR_DRV_FEATURE_NETWORK_UPDATE_HAS_CORRECT_ORDER:
|
||||
return 1;
|
||||
case VIR_DRV_FEATURE_FD_PASSING:
|
||||
case VIR_DRV_FEATURE_MIGRATE_CHANGE_PROTECTION:
|
||||
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
|
||||
index 703348888a..cd6d09e164 100644
|
||||
--- a/src/network/bridge_driver.c
|
||||
+++ b/src/network/bridge_driver.c
|
||||
@@ -968,6 +968,8 @@ networkConnectSupportsFeature(virConnectPtr conn, int feature)
|
||||
return -1;
|
||||
|
||||
switch ((virDrvFeature) feature) {
|
||||
+ case VIR_DRV_FEATURE_NETWORK_UPDATE_HAS_CORRECT_ORDER:
|
||||
+ return 1;
|
||||
case VIR_DRV_FEATURE_MIGRATION_V2:
|
||||
case VIR_DRV_FEATURE_MIGRATION_V3:
|
||||
case VIR_DRV_FEATURE_MIGRATION_P2P:
|
||||
diff --git a/src/openvz/openvz_driver.c b/src/openvz/openvz_driver.c
|
||||
index 62644f3129..22715c8e22 100644
|
||||
--- a/src/openvz/openvz_driver.c
|
||||
+++ b/src/openvz/openvz_driver.c
|
||||
@@ -2007,6 +2007,7 @@ openvzConnectSupportsFeature(virConnectPtr conn G_GNUC_UNUSED, int feature)
|
||||
switch ((virDrvFeature) feature) {
|
||||
case VIR_DRV_FEATURE_MIGRATION_PARAMS:
|
||||
case VIR_DRV_FEATURE_MIGRATION_V3:
|
||||
+ case VIR_DRV_FEATURE_NETWORK_UPDATE_HAS_CORRECT_ORDER:
|
||||
return 1;
|
||||
case VIR_DRV_FEATURE_FD_PASSING:
|
||||
case VIR_DRV_FEATURE_MIGRATE_CHANGE_PROTECTION:
|
||||
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
|
||||
index 3914d3ff68..73f6247f2e 100644
|
||||
--- a/src/qemu/qemu_driver.c
|
||||
+++ b/src/qemu/qemu_driver.c
|
||||
@@ -1215,6 +1215,7 @@ qemuConnectSupportsFeature(virConnectPtr conn, int feature)
|
||||
case VIR_DRV_FEATURE_XML_MIGRATABLE:
|
||||
case VIR_DRV_FEATURE_MIGRATION_OFFLINE:
|
||||
case VIR_DRV_FEATURE_MIGRATION_PARAMS:
|
||||
+ case VIR_DRV_FEATURE_NETWORK_UPDATE_HAS_CORRECT_ORDER:
|
||||
return 1;
|
||||
case VIR_DRV_FEATURE_MIGRATION_DIRECT:
|
||||
case VIR_DRV_FEATURE_MIGRATION_V1:
|
||||
diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c
|
||||
index 9c294ddc39..b82548a999 100644
|
||||
--- a/src/remote/remote_daemon_dispatch.c
|
||||
+++ b/src/remote/remote_daemon_dispatch.c
|
||||
@@ -5009,6 +5009,7 @@ static int remoteDispatchConnectSupportsFeature(virNetServerPtr server G_GNUC_UN
|
||||
case VIR_DRV_FEATURE_XML_MIGRATABLE:
|
||||
case VIR_DRV_FEATURE_MIGRATION_OFFLINE:
|
||||
case VIR_DRV_FEATURE_MIGRATION_PARAMS:
|
||||
+ case VIR_DRV_FEATURE_NETWORK_UPDATE_HAS_CORRECT_ORDER:
|
||||
default:
|
||||
if ((supported = virConnectSupportsFeature(conn, args->feature)) < 0)
|
||||
goto cleanup;
|
||||
diff --git a/src/test/test_driver.c b/src/test/test_driver.c
|
||||
index 1908185743..d21fedbcf8 100644
|
||||
--- a/src/test/test_driver.c
|
||||
+++ b/src/test/test_driver.c
|
||||
@@ -1588,6 +1588,7 @@ testConnectSupportsFeature(virConnectPtr conn G_GNUC_UNUSED,
|
||||
{
|
||||
switch ((virDrvFeature) feature) {
|
||||
case VIR_DRV_FEATURE_TYPED_PARAM_STRING:
|
||||
+ case VIR_DRV_FEATURE_NETWORK_UPDATE_HAS_CORRECT_ORDER:
|
||||
return 1;
|
||||
case VIR_DRV_FEATURE_MIGRATION_V2:
|
||||
case VIR_DRV_FEATURE_MIGRATION_V3:
|
||||
--
|
||||
2.34.1
|
||||
|
@ -0,0 +1,81 @@
|
||||
From d6c2ed7802c150c9bd2d125e5757aabff5f75d05 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <d6c2ed7802c150c9bd2d125e5757aabff5f75d05@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Mon, 10 Jan 2022 12:08:07 +0100
|
||||
Subject: [PATCH] network: Implement virConnectSupportsFeature()
|
||||
|
||||
So far, it was not needed, but shortly a client will want to know
|
||||
whether virNetworkUpdate() API is fixed or not. See next commits
|
||||
for more info.
|
||||
|
||||
Side note, this driver's implementation is called only when using
|
||||
sub-driver's connection, i.e. "network:///system". For any other
|
||||
URI the corresponding hypervisor's driver callback is called.
|
||||
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit 94741bc53e9b9a405fae8f2e96b780c2891b2ff0)
|
||||
|
||||
Conflicts:
|
||||
- src/network/bridge_driver.c: Well, context. The code in
|
||||
RHEL-8.5.0 is very old and this commit is very new. It's
|
||||
nothing unexpected.
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2038812
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Message-Id: <9f53a76a7bdeac4e4d85aace8f8dcbe008bc25df.1641812574.git.mprivozn@redhat.com>
|
||||
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
src/network/bridge_driver.c | 29 +++++++++++++++++++++++++++++
|
||||
1 file changed, 29 insertions(+)
|
||||
|
||||
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
|
||||
index b8118067d1..703348888a 100644
|
||||
--- a/src/network/bridge_driver.c
|
||||
+++ b/src/network/bridge_driver.c
|
||||
@@ -961,6 +961,34 @@ static int networkConnectIsAlive(virConnectPtr conn G_GNUC_UNUSED)
|
||||
}
|
||||
|
||||
|
||||
+static int
|
||||
+networkConnectSupportsFeature(virConnectPtr conn, int feature)
|
||||
+{
|
||||
+ if (virConnectSupportsFeatureEnsureACL(conn) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
+ switch ((virDrvFeature) feature) {
|
||||
+ case VIR_DRV_FEATURE_MIGRATION_V2:
|
||||
+ case VIR_DRV_FEATURE_MIGRATION_V3:
|
||||
+ case VIR_DRV_FEATURE_MIGRATION_P2P:
|
||||
+ case VIR_DRV_FEATURE_MIGRATE_CHANGE_PROTECTION:
|
||||
+ case VIR_DRV_FEATURE_FD_PASSING:
|
||||
+ case VIR_DRV_FEATURE_TYPED_PARAM_STRING:
|
||||
+ case VIR_DRV_FEATURE_XML_MIGRATABLE:
|
||||
+ case VIR_DRV_FEATURE_MIGRATION_OFFLINE:
|
||||
+ case VIR_DRV_FEATURE_MIGRATION_PARAMS:
|
||||
+ case VIR_DRV_FEATURE_MIGRATION_DIRECT:
|
||||
+ case VIR_DRV_FEATURE_MIGRATION_V1:
|
||||
+ case VIR_DRV_FEATURE_PROGRAM_KEEPALIVE:
|
||||
+ case VIR_DRV_FEATURE_REMOTE:
|
||||
+ case VIR_DRV_FEATURE_REMOTE_CLOSE_CALLBACK:
|
||||
+ case VIR_DRV_FEATURE_REMOTE_EVENT_CALLBACK:
|
||||
+ default:
|
||||
+ return 0;
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+
|
||||
/* networkKillDaemon:
|
||||
*
|
||||
* kill the specified pid/name, and wait a bit to make sure it's dead.
|
||||
@@ -5824,6 +5852,7 @@ static virHypervisorDriver networkHypervisorDriver = {
|
||||
.connectIsEncrypted = networkConnectIsEncrypted, /* 4.1.0 */
|
||||
.connectIsSecure = networkConnectIsSecure, /* 4.1.0 */
|
||||
.connectIsAlive = networkConnectIsAlive, /* 4.1.0 */
|
||||
+ .connectSupportsFeature = networkConnectSupportsFeature, /* 7.2.0 */
|
||||
};
|
||||
|
||||
|
||||
--
|
||||
2.34.1
|
||||
|
@ -219,7 +219,7 @@
|
||||
Summary: Library providing a simple virtualization API
|
||||
Name: libvirt
|
||||
Version: 6.0.0
|
||||
Release: 37%{?dist}%{?extra_release}
|
||||
Release: 37.1%{?dist}%{?extra_release}
|
||||
License: LGPLv2+
|
||||
URL: https://libvirt.org/
|
||||
|
||||
@ -772,6 +772,8 @@ Patch540: libvirt-domain_conf-Don-t-leak-def-os.firmwareFeatures.patch
|
||||
Patch541: libvirt-conf-remove-duplicated-firmware-type-attribute.patch
|
||||
Patch542: libvirt-security-fix-SELinux-label-generation-logic.patch
|
||||
Patch543: libvirt-storage_driver-Unlock-object-on-ACL-fail-in-storagePoolLookupByTargetPath.patch
|
||||
Patch544: libvirt-network-Implement-virConnectSupportsFeature.patch
|
||||
Patch545: libvirt-lib-Fix-calling-of-virNetworkUpdate-driver-callback.patch
|
||||
|
||||
Requires: libvirt-daemon = %{version}-%{release}
|
||||
Requires: libvirt-daemon-config-network = %{version}-%{release}
|
||||
@ -2548,6 +2550,10 @@ exit 0
|
||||
|
||||
|
||||
%changelog
|
||||
* Thu Jan 13 2022 Jiri Denemark <jdenemar@redhat.com> - 6.0.0-37.1.el8
|
||||
- network: Implement virConnectSupportsFeature() (rhbz#2038812)
|
||||
- lib: Fix calling of virNetworkUpdate() driver callback (rhbz#2038812)
|
||||
|
||||
* Fri Aug 6 2021 Jiri Denemark <jdenemar@redhat.com> - 6.0.0-37
|
||||
- security: fix SELinux label generation logic (CVE-2021-3631)
|
||||
- storage_driver: Unlock object on ACL fail in storagePoolLookupByTargetPath (CVE-2021-3667)
|
||||
|
Loading…
Reference in New Issue
Block a user