External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-02-22 11:22:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

qemu: support use of virtlogd with file based chardevs

Browse Source 
Currently the file based character devices let QEMU write
directly to a file on disk. This allows a malicious QEMU
to inflict a denial of service by consuming all free space.

Switch QEMU to use a pipe to virtlogd, which will enforce
file rollover.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrange 2016-02-23 13:41:57 +00:00
parent 3e12ec4a1e
commit fcd3fa385f
1 changed files with 11 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/qemu/qemu_command.c
View File

@ -3992,18 +3992,19 @@ qemuBuildChrChardevStr(virLogManagerPtr logManager,
break;
case VIR_DOMAIN_CHR_TYPE_FILE:
virBufferAsprintf(&buf, "file,id=char%s,path=%s", alias,
dev->data.file.path);
if (dev->data.file.append != VIR_TRISTATE_SWITCH_ABSENT) {
if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_CHARDEV_FILE_APPEND)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("append not supported in this QEMU binary"));
goto error;
}
virBufferAsprintf(&buf, "file,id=char%s", alias);
virBufferAsprintf(&buf, ",append=%s",
virTristateSwitchTypeToString(dev->data.file.append));
if (dev->data.file.append != VIR_TRISTATE_SWITCH_ABSENT &&
!virQEMUCapsGet(qemuCaps, QEMU_CAPS_CHARDEV_FILE_APPEND)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("append not supported in this QEMU binary"));
goto error;
}
if (qemuBuildChrChardevFileStr(virQEMUCapsGet(qemuCaps, QEMU_CAPS_CHARDEV_FILE_APPEND) ?
logManager : NULL, cmd, def, &buf,
"path", dev->data.file.path,
"append", dev->data.file.append) < 0)
goto error;
break;
case VIR_DOMAIN_CHR_TYPE_PIPE: