External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-10-08 07:15:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

qemu: drop unused arguments for dump-guest-memory

Browse Source 
Upstream qemu has raised a concern about whether dumping guest
memory by reading guest paging tables is a security hole:
https://lists.gnu.org/archive/html/qemu-devel/2012-09/msg02607.html

While auditing libvirt to see if we would be impacted, I noticed
that we had some dead code.  It is simpler to nuke the dead code
and limit our monitor code to just the subset we make use of.

* src/qemu/qemu_monitor.h (QEMU_MONITOR_DUMP): Drop poorly named
and mostly-unused enum.
* src/qemu/qemu_monitor.c (qemuMonitorDumpToFd): Drop arguments.
* src/qemu/qemu_monitor_json.h (qemuMonitorJSONDump): Likewise.
* src/qemu/qemu_monitor_json.c (qemuMonitorJSONDump): Likewise.
* src/qemu/qemu_driver.c (qemuDumpToFd): Update caller.
This commit is contained in:
Eric Blake 2012-09-17 13:05:29 -06:00
parent 22acfdc7fc
commit d239085e95
5 changed files with 14 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/qemu/qemu_driver.c
View File

@ -3132,7 +3132,7 @@ static int qemuDumpToFd(struct qemud_driver *driver, virDomainObjPtr vm,
if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0) if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0)
return -1; return -1;
ret = qemuMonitorDumpToFd(priv->mon, 0, fd, 0, 0); ret = qemuMonitorDumpToFd(priv->mon, fd);
qemuDomainObjExitMonitorWithDriver(driver, vm); qemuDomainObjExitMonitorWithDriver(driver, vm);
return ret; return ret;

12
src/qemu/qemu_monitor.c
View File

@ -2045,15 +2045,11 @@ int qemuMonitorMigrateCancel(qemuMonitorPtr mon)
return ret; return ret;
} }
int qemuMonitorDumpToFd(qemuMonitorPtr mon, int
unsigned int flags, qemuMonitorDumpToFd(qemuMonitorPtr mon, int fd)
int fd,
unsigned long long begin,
unsigned long long length)
{ {
int ret; int ret;
VIR_DEBUG("mon=%p fd=%d flags=%x begin=%llx length=%llx", VIR_DEBUG("mon=%p fd=%d", mon, fd);
mon, fd, flags, begin, length);
if (!mon) { if (!mon) {
virReportError(VIR_ERR_INVALID_ARG, "%s", virReportError(VIR_ERR_INVALID_ARG, "%s",
@ -2073,7 +2069,7 @@ int qemuMonitorDumpToFd(qemuMonitorPtr mon,
if (qemuMonitorSendFileHandle(mon, "dump", fd) < 0) if (qemuMonitorSendFileHandle(mon, "dump", fd) < 0)
return -1; return -1;
ret = qemuMonitorJSONDump(mon, flags, "fd:dump", begin, length); ret = qemuMonitorJSONDump(mon, "fd:dump");
if (ret < 0) { if (ret < 0) {
if (qemuMonitorCloseFileHandle(mon, "dump") < 0) if (qemuMonitorCloseFileHandle(mon, "dump") < 0)

11
src/qemu/qemu_monitor.h
View File

@ -387,17 +387,8 @@ int qemuMonitorMigrateToUnix(qemuMonitorPtr mon,
int qemuMonitorMigrateCancel(qemuMonitorPtr mon); int qemuMonitorMigrateCancel(qemuMonitorPtr mon);
typedef enum {
QEMU_MONITOR_DUMP_HAVE_FILTER = 1 << 0,
QEMU_MONITOR_DUMP_PAGING = 1 << 1,
QEMU_MONITOR_DUMP_FLAGS_LAST
} QEMU_MONITOR_DUMP;
int qemuMonitorDumpToFd(qemuMonitorPtr mon, int qemuMonitorDumpToFd(qemuMonitorPtr mon,
unsigned int flags, int fd);
int fd,
unsigned long long begin,
unsigned long long length);
int qemuMonitorGraphicsRelocate(qemuMonitorPtr mon, int qemuMonitorGraphicsRelocate(qemuMonitorPtr mon,
int type, int type,

24
src/qemu/qemu_monitor_json.c
View File

@ -2535,28 +2535,18 @@ int qemuMonitorJSONMigrateCancel(qemuMonitorPtr mon)
return ret; return ret;
} }
int qemuMonitorJSONDump(qemuMonitorPtr mon, int
unsigned int flags, qemuMonitorJSONDump(qemuMonitorPtr mon,
const char *protocol, const char *protocol)
unsigned long long begin,
unsigned long long length)
{ {
int ret; int ret;
virJSONValuePtr cmd = NULL; virJSONValuePtr cmd = NULL;
virJSONValuePtr reply = NULL; virJSONValuePtr reply = NULL;
if (flags & QEMU_MONITOR_DUMP_HAVE_FILTER) cmd = qemuMonitorJSONMakeCommand("dump-guest-memory",
cmd = qemuMonitorJSONMakeCommand("dump-guest-memory", "b:paging", false,
"b:paging", flags & QEMU_MONITOR_DUMP_PAGING ? 1 : 0, "s:protocol", protocol,
"s:protocol", protocol, NULL);
"U:begin", begin,
"U:length", length,
NULL);
else
cmd = qemuMonitorJSONMakeCommand("dump-guest-memory",
"b:paging", flags & QEMU_MONITOR_DUMP_PAGING ? 1 : 0,
"s:protocol", protocol,
NULL);
if (!cmd) if (!cmd)
return -1; return -1;

5
src/qemu/qemu_monitor_json.h
View File

@ -138,10 +138,7 @@ int qemuMonitorJSONMigrate(qemuMonitorPtr mon,
int qemuMonitorJSONMigrateCancel(qemuMonitorPtr mon); int qemuMonitorJSONMigrateCancel(qemuMonitorPtr mon);
int qemuMonitorJSONDump(qemuMonitorPtr mon, int qemuMonitorJSONDump(qemuMonitorPtr mon,
unsigned int flags, const char *protocol);
const char *protocol,
unsigned long long begin,
unsigned long long length);
int qemuMonitorJSONGraphicsRelocate(qemuMonitorPtr mon, int qemuMonitorJSONGraphicsRelocate(qemuMonitorPtr mon,
int type, int type,