Libvirt provides a portable, long term stable C API for managing the virtualization technologies provided by many operating systems. It includes support for QEMU, KVM, Xen, LXC, bhyve, Virtuozzo, VMware vCenter and ESX, VMware Desktop, Hyper-V, VirtualBox and the POWER Hypervisor.
Go to file
Michal Privoznik 10736cb41c nwfilter: Partly initialize driver even for non-privileged users
https://bugzilla.redhat.com/show_bug.cgi?id=1211436

This reverts commit b7829f959b.

The previous fix was not correct. Like everywhere else, a driver is a
global variable allocated in stateInitialize function (or something
similar for stateless drivers). Later, when a driver API is called,
it's possible that the global variable is accessed and dereferenced.
Now, some drivers require root privileges because they undertake some
actions reserved only for the system admin (e.g. manipulating host
firewall). And here's the trouble, the NWFilter state initializer
exited too early when finding out it's running unprivileged, leaving
the global NWFilter driver variable uninitialized. Any subsequent
API call that tried to lock the driver resulted in dereferencing the
driver and thus crash.

On the other hand, in order to not resurrect the bug the original
commit was fixing, Let's forbid the nwfilter define in session mode.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

Conflicts:
	src/nwfilter/nwfilter_driver.c: Context. Code changed a bit
        since 2013.

(cherry picked from commit 77d92e2e77)
2015-04-28 11:26:07 -04:00
.gnulib@c27f1a356f maint: update to latest gnulib 2015-01-05 16:38:50 -07:00
build-aux bracket-spacing: Add syntax-check for unnecessary curly brackets 2014-11-14 17:13:36 +01:00
daemon daemon: Clear fake domain def object that is used to check ACL prior to use 2015-04-27 19:54:54 -04:00
docs relaxng: allow : in /dev/disk/by-path names 2015-04-28 11:06:43 -04:00
examples Grant access to helpers 2015-01-23 11:12:44 +01:00
gnulib maint: fix date in local gnulib patch 2015-01-05 16:44:10 +00:00
include storage: add a flag to clone files on btrfs 2015-01-27 13:41:14 +01:00
m4 Conditionalize use of -Wno-suggest-attribute=format pragma 2015-01-16 17:12:27 +00:00
po Release of libvirt-1.2.13 2015-03-02 11:40:05 +08:00
src nwfilter: Partly initialize driver even for non-privileged users 2015-04-28 11:26:07 -04:00
tests relaxng: allow : in /dev/disk/by-path names 2015-04-28 11:06:43 -04:00
tools virsh: blockCopy: Add missing jump on error path 2015-04-28 11:07:03 -04:00
.ctags maint: Make ctags work out of the box 2013-07-18 08:47:21 +02:00
.dir-locals.el build: avoid tabs that failed syntax-check 2012-09-06 09:43:46 -06:00
.gitignore Revert "src/xenconfig: Xen-xl parser" 2015-01-12 10:15:13 -07:00
.gitmodules make .gnulib a submodule 2009-07-08 16:17:51 +02:00
.mailmap maint: update .mailmap 2014-12-21 00:21:34 +01:00
AUTHORS.in Update my email address in AUTHORS.in 2014-12-19 22:30:31 +01:00
autobuild.sh Disable libvirtd by default when building on Win32 2014-04-29 11:30:32 +01:00
autogen.sh maint: improve usage of autogen's --no-git 2015-02-06 11:35:29 -07:00
bootstrap maint: update to latest gnulib 2015-01-05 16:05:12 +00:00
bootstrap.conf Revert "bootstrap.conf: add check for flex" 2015-01-12 10:14:30 -07:00
cfg.mk Make tests independant of system page size 2015-02-02 20:27:43 +00:00
ChangeLog-old Fix typos in src/* 2014-04-21 16:49:08 -06:00
config-post.h build: fix build of virt-login-shell on systems with older gnutls 2013-10-22 09:41:50 -06:00
configure.ac configure: Report --with-loader-nvram value in summary 2015-04-27 20:22:57 -04:00
COPYING maint: follow recommended practice for using LGPL 2013-05-20 14:15:21 -06:00
COPYING.LESSER maint: follow recommended practice for using LGPL 2013-05-20 14:15:21 -06:00
HACKING docs: Fix missing curly braces 2014-12-10 11:21:31 +01:00
libvirt-lxc.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt-qemu.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt.spec.in spec: Point fedora --with-loader-nvram at nightly firmware repo 2015-04-27 20:23:02 -04:00
Makefile.am examples: Introduce domtop 2014-07-18 16:39:54 +02:00
Makefile.nonreentrant maint: use LGPL correctly 2013-05-20 14:03:48 -06:00
mingw-libvirt.spec.in Move virConnect related APIs out of libvirt.h.in 2014-10-24 17:23:51 +01:00
README Correct typos in the documentation (Atsushi SAKAI) 2008-01-24 10:15:13 +00:00
README-hacking docs: update README-hacking 2014-05-06 16:20:24 -06:00
run.in Add PKG_CONFIG_PATH to run.in script. 2014-06-26 14:32:35 +01:00
TODO Update todo list file to point at bugzilla/website 2010-10-13 16:45:26 +01:00

         LibVirt : simple API for virtualization

  Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). It is free software
available under the GNU Lesser General Public License. Virtualization of
the Linux Operating System means the ability to run multiple instances of
Operating Systems concurrently on a single hardware system where the basic
resources are driven by a Linux instance. The library aim at providing
long term stable C API initially for the Xen paravirtualization but
should be able to integrate other virtualization mechanisms if needed.

Daniel Veillard <veillard@redhat.com>