External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-12 21:05:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
abd1e08c42
libvirt/tests/virnetdaemondata/output-data-admin-server-names.json

149 lines
3.2 KiB
JSON
Raw Normal View History

virnetdaemon: Store servers in a hash table Since the daemon can manage and add (at fresh start) multiple servers, we also should be able to add them from a JSON state file in case of a daemon restart, so post exec restart support for multiple servers is also provided. Patch also updates virnetdaemontest accordingly. Signed-off-by: Erik Skultety <eskultet@redhat.com> Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-08-10 11:01:44 +00:00
{
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
"servers": {
"testServer0": {
"min_workers": 10,
"max_workers": 50,
"priority_workers": 5,
"max_clients": 100,
"max_anonymous_clients": 100,
"keepaliveInterval": 120,
"keepaliveCount": 5,
"next_client_id": 3,
"services": [
{
"auth": 0,
"readonly": true,
"nrequests_client_max": 2,
"socks": [
{
"fd": 100,
"errfd": -1,
"pid": 0,
rpc: avoid unlinking sockets passed in from systemd Currently the socket code will unlink any UNIX socket path which is associated with a server socket. This is not fine grained enough, as we need to avoid unlinking server sockets we were passed by systemd. To deal with this we must explicitly track whether each socket needs to be unlinked when closed, separately of the client vs server state. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-06-25 19:17:27 +00:00
"isClient": false,
"unlinkUNIX": true
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
}
]
virnetdaemon: Store servers in a hash table Since the daemon can manage and add (at fresh start) multiple servers, we also should be able to add them from a JSON state file in case of a daemon restart, so post exec restart support for multiple servers is also provided. Patch also updates virnetdaemontest accordingly. Signed-off-by: Erik Skultety <eskultet@redhat.com> Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-08-10 11:01:44 +00:00
},
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
{
"auth": 2,
"readonly": false,
"nrequests_client_max": 5,
"socks": [
{
"fd": 101,
"errfd": -1,
"pid": 0,
rpc: avoid unlinking sockets passed in from systemd Currently the socket code will unlink any UNIX socket path which is associated with a server socket. This is not fine grained enough, as we need to avoid unlinking server sockets we were passed by systemd. To deal with this we must explicitly track whether each socket needs to be unlinked when closed, separately of the client vs server state. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-06-25 19:17:27 +00:00
"isClient": false,
"unlinkUNIX": true
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
}
]
virnetdaemon: Store servers in a hash table Since the daemon can manage and add (at fresh start) multiple servers, we also should be able to add them from a JSON state file in case of a daemon restart, so post exec restart support for multiple servers is also provided. Patch also updates virnetdaemontest accordingly. Signed-off-by: Erik Skultety <eskultet@redhat.com> Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-08-10 11:01:44 +00:00
}
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
],
"clients": [
{
"id": 1,
"auth": 1,
rpc: virnetserver: Fix race on srv->nclients_unauth There is a race between virNetServerProcessClients (main thread) and remoteDispatchAuthList/remoteDispatchAuthPolkit/remoteSASLFinish (worker thread) that can lead to decrementing srv->nclients_unauth when it's zero. Since virNetServerCheckLimits relies on the value srv->nclients_unauth the underrun causes libvirtd to stop accepting new connections forever. Example race scenario (assuming libvirtd is using policykit and the client is privileged): 1. The client calls the RPC remoteDispatchAuthList => remoteDispatchAuthList is executed on a worker thread (Thread T1). We're assuming now the execution stops for some time before the line 'virNetServerClientSetAuth(client, 0)' 2. The client closes the connection irregularly. This causes the event loop to wake up and virNetServerProcessClient to be called (on the main thread T0). During the virNetServerProcessClients the srv lock is hold. The condition virNetServerClientNeedAuth(client) will be checked and as the authentication is not finished right now virNetServerTrackCompletedAuthLocked(srv) will be called => --srv->nclients_unauth => 0 3. The Thread T1 continues, marks the client as authenticated, and calls virNetServerTrackCompletedAuthLocked(srv) => --srv->nclients_unauth => --0 => wrap around as nclient_unauth is unsigned 4. virNetServerCheckLimits(srv) will disable the services forever To fix it, add an auth_pending field to the client struct so that it is now possible to determine if the authentication process has already been handled for this client. Setting the authentication method to none for the client in virNetServerProcessClients is not a proper way to indicate that the counter has been decremented, as this would imply that the client is authenticated. Additionally, adjust the existing test cases for this new field. Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
2017-12-21 14:29:05 +00:00
"auth_pending": true,
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
"readonly": true,
"nrequests_max": 15,
"sock": {
"fd": 102,
"errfd": -1,
"pid": -1,
rpc: avoid unlinking sockets passed in from systemd Currently the socket code will unlink any UNIX socket path which is associated with a server socket. This is not fine grained enough, as we need to avoid unlinking server sockets we were passed by systemd. To deal with this we must explicitly track whether each socket needs to be unlinked when closed, separately of the client vs server state. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-06-25 19:17:27 +00:00
"isClient": true,
"unlinkUNIX": false
tests: validate private data / pre / post exec hooks for RPC APIs Validate that the virNetServer(Client) RPC APIs are processing the private data callbacks correctly by passing in non-NULL pointers. Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-02-01 15:32:49 +00:00
},
"privateData": 1729
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
},
{
"id": 2,
"auth": 2,
rpc: virnetserver: Fix race on srv->nclients_unauth There is a race between virNetServerProcessClients (main thread) and remoteDispatchAuthList/remoteDispatchAuthPolkit/remoteSASLFinish (worker thread) that can lead to decrementing srv->nclients_unauth when it's zero. Since virNetServerCheckLimits relies on the value srv->nclients_unauth the underrun causes libvirtd to stop accepting new connections forever. Example race scenario (assuming libvirtd is using policykit and the client is privileged): 1. The client calls the RPC remoteDispatchAuthList => remoteDispatchAuthList is executed on a worker thread (Thread T1). We're assuming now the execution stops for some time before the line 'virNetServerClientSetAuth(client, 0)' 2. The client closes the connection irregularly. This causes the event loop to wake up and virNetServerProcessClient to be called (on the main thread T0). During the virNetServerProcessClients the srv lock is hold. The condition virNetServerClientNeedAuth(client) will be checked and as the authentication is not finished right now virNetServerTrackCompletedAuthLocked(srv) will be called => --srv->nclients_unauth => 0 3. The Thread T1 continues, marks the client as authenticated, and calls virNetServerTrackCompletedAuthLocked(srv) => --srv->nclients_unauth => --0 => wrap around as nclient_unauth is unsigned 4. virNetServerCheckLimits(srv) will disable the services forever To fix it, add an auth_pending field to the client struct so that it is now possible to determine if the authentication process has already been handled for this client. Setting the authentication method to none for the client in virNetServerProcessClients is not a proper way to indicate that the counter has been decremented, as this would imply that the client is authenticated. Additionally, adjust the existing test cases for this new field. Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
2017-12-21 14:29:05 +00:00
"auth_pending": true,
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
"readonly": true,
"nrequests_max": 66,
"sock": {
"fd": 103,
"errfd": -1,
"pid": -1,
rpc: avoid unlinking sockets passed in from systemd Currently the socket code will unlink any UNIX socket path which is associated with a server socket. This is not fine grained enough, as we need to avoid unlinking server sockets we were passed by systemd. To deal with this we must explicitly track whether each socket needs to be unlinked when closed, separately of the client vs server state. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-06-25 19:17:27 +00:00
"isClient": true,
"unlinkUNIX": false
tests: validate private data / pre / post exec hooks for RPC APIs Validate that the virNetServer(Client) RPC APIs are processing the private data callbacks correctly by passing in non-NULL pointers. Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-02-01 15:32:49 +00:00
},
"privateData": 1729
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
}
]
},
"testServer1": {
"min_workers": 2,
"max_workers": 50,
"priority_workers": 5,
"max_clients": 100,
"max_anonymous_clients": 100,
"keepaliveInterval": 120,
"keepaliveCount": 5,
"next_client_id": 3,
"services": [
{
"auth": 0,
"readonly": true,
"nrequests_client_max": 2,
"socks": [
{
"fd": 100,
"errfd": -1,
"pid": 0,
rpc: avoid unlinking sockets passed in from systemd Currently the socket code will unlink any UNIX socket path which is associated with a server socket. This is not fine grained enough, as we need to avoid unlinking server sockets we were passed by systemd. To deal with this we must explicitly track whether each socket needs to be unlinked when closed, separately of the client vs server state. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-06-25 19:17:27 +00:00
"isClient": false,
"unlinkUNIX": true
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
}
]
},
{
"auth": 2,
"readonly": false,
"nrequests_client_max": 5,
"socks": [
{
"fd": 101,
"errfd": -1,
"pid": 0,
rpc: avoid unlinking sockets passed in from systemd Currently the socket code will unlink any UNIX socket path which is associated with a server socket. This is not fine grained enough, as we need to avoid unlinking server sockets we were passed by systemd. To deal with this we must explicitly track whether each socket needs to be unlinked when closed, separately of the client vs server state. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-06-25 19:17:27 +00:00
"isClient": false,
"unlinkUNIX": true
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
}
]
}
],
"clients": [
{
"id": 1,
"auth": 1,
rpc: virnetserver: Fix race on srv->nclients_unauth There is a race between virNetServerProcessClients (main thread) and remoteDispatchAuthList/remoteDispatchAuthPolkit/remoteSASLFinish (worker thread) that can lead to decrementing srv->nclients_unauth when it's zero. Since virNetServerCheckLimits relies on the value srv->nclients_unauth the underrun causes libvirtd to stop accepting new connections forever. Example race scenario (assuming libvirtd is using policykit and the client is privileged): 1. The client calls the RPC remoteDispatchAuthList => remoteDispatchAuthList is executed on a worker thread (Thread T1). We're assuming now the execution stops for some time before the line 'virNetServerClientSetAuth(client, 0)' 2. The client closes the connection irregularly. This causes the event loop to wake up and virNetServerProcessClient to be called (on the main thread T0). During the virNetServerProcessClients the srv lock is hold. The condition virNetServerClientNeedAuth(client) will be checked and as the authentication is not finished right now virNetServerTrackCompletedAuthLocked(srv) will be called => --srv->nclients_unauth => 0 3. The Thread T1 continues, marks the client as authenticated, and calls virNetServerTrackCompletedAuthLocked(srv) => --srv->nclients_unauth => --0 => wrap around as nclient_unauth is unsigned 4. virNetServerCheckLimits(srv) will disable the services forever To fix it, add an auth_pending field to the client struct so that it is now possible to determine if the authentication process has already been handled for this client. Setting the authentication method to none for the client in virNetServerProcessClients is not a proper way to indicate that the counter has been decremented, as this would imply that the client is authenticated. Additionally, adjust the existing test cases for this new field. Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
2017-12-21 14:29:05 +00:00
"auth_pending": true,
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
"readonly": true,
"nrequests_max": 15,
"sock": {
"fd": 102,
"errfd": -1,
"pid": -1,
rpc: avoid unlinking sockets passed in from systemd Currently the socket code will unlink any UNIX socket path which is associated with a server socket. This is not fine grained enough, as we need to avoid unlinking server sockets we were passed by systemd. To deal with this we must explicitly track whether each socket needs to be unlinked when closed, separately of the client vs server state. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-06-25 19:17:27 +00:00
"isClient": true,
"unlinkUNIX": false
tests: validate private data / pre / post exec hooks for RPC APIs Validate that the virNetServer(Client) RPC APIs are processing the private data callbacks correctly by passing in non-NULL pointers. Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-02-01 15:32:49 +00:00
},
"privateData": 1729
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
},
{
"id": 2,
"auth": 2,
rpc: virnetserver: Fix race on srv->nclients_unauth There is a race between virNetServerProcessClients (main thread) and remoteDispatchAuthList/remoteDispatchAuthPolkit/remoteSASLFinish (worker thread) that can lead to decrementing srv->nclients_unauth when it's zero. Since virNetServerCheckLimits relies on the value srv->nclients_unauth the underrun causes libvirtd to stop accepting new connections forever. Example race scenario (assuming libvirtd is using policykit and the client is privileged): 1. The client calls the RPC remoteDispatchAuthList => remoteDispatchAuthList is executed on a worker thread (Thread T1). We're assuming now the execution stops for some time before the line 'virNetServerClientSetAuth(client, 0)' 2. The client closes the connection irregularly. This causes the event loop to wake up and virNetServerProcessClient to be called (on the main thread T0). During the virNetServerProcessClients the srv lock is hold. The condition virNetServerClientNeedAuth(client) will be checked and as the authentication is not finished right now virNetServerTrackCompletedAuthLocked(srv) will be called => --srv->nclients_unauth => 0 3. The Thread T1 continues, marks the client as authenticated, and calls virNetServerTrackCompletedAuthLocked(srv) => --srv->nclients_unauth => --0 => wrap around as nclient_unauth is unsigned 4. virNetServerCheckLimits(srv) will disable the services forever To fix it, add an auth_pending field to the client struct so that it is now possible to determine if the authentication process has already been handled for this client. Setting the authentication method to none for the client in virNetServerProcessClients is not a proper way to indicate that the counter has been decremented, as this would imply that the client is authenticated. Additionally, adjust the existing test cases for this new field. Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
2017-12-21 14:29:05 +00:00
"auth_pending": true,
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
"readonly": true,
"nrequests_max": 66,
"sock": {
"fd": 103,
"errfd": -1,
"pid": -1,
rpc: avoid unlinking sockets passed in from systemd Currently the socket code will unlink any UNIX socket path which is associated with a server socket. This is not fine grained enough, as we need to avoid unlinking server sockets we were passed by systemd. To deal with this we must explicitly track whether each socket needs to be unlinked when closed, separately of the client vs server state. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-06-25 19:17:27 +00:00
"isClient": true,
"unlinkUNIX": false
tests: validate private data / pre / post exec hooks for RPC APIs Validate that the virNetServer(Client) RPC APIs are processing the private data callbacks correctly by passing in non-NULL pointers. Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-02-01 15:32:49 +00:00
},
"privateData": 1729
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
}
]
virnetdaemon: Store servers in a hash table Since the daemon can manage and add (at fresh start) multiple servers, we also should be able to add them from a JSON state file in case of a daemon restart, so post exec restart support for multiple servers is also provided. Patch also updates virnetdaemontest accordingly. Signed-off-by: Erik Skultety <eskultet@redhat.com> Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-08-10 11:01:44 +00:00
}
virjson: Make pretty format more compact json_reformat uses two spaces for when indenting nested objects, let's do the same. The result of virJSONValueToString will be exactly the same as json_reformat would produce. Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-04-27 14:49:25 +00:00
}
virnetdaemon: Store servers in a hash table Since the daemon can manage and add (at fresh start) multiple servers, we also should be able to add them from a JSON state file in case of a daemon restart, so post exec restart support for multiple servers is also provided. Patch also updates virnetdaemontest accordingly. Signed-off-by: Erik Skultety <eskultet@redhat.com> Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-08-10 11:01:44 +00:00
}
Reference in New Issue Copy Permalink