forgot patch ... Daniel

fix missing read-only access checks, fixes CVE-2008-5086
Daniel
2008-12-17 16:39:57 +00:00 · 2008-12-17 16:38:07 +00:00 · 2008-12-12 07:37:59 +00:00 · 2008-12-05 05:41:33 +00:00 · 2008-11-26 09:07:34 +00:00 · 2008-11-07 04:56:41 +00:00
7 changed files with 412 additions and 745 deletions
--- a/.cvsignore
+++ b/.cvsignore
@@ -3,12 +3,4 @@
 i686
 x86_64
 libvirt-*.tar.gz
-libvirt-0.6.0.tar.gz
-libvirt-0.6.1.tar.gz
-libvirt-0.6.2.tar.gz
-libvirt-0.6.3.tar.gz
-libvirt-0.6.4.tar.gz
-libvirt-0.6.5.tar.gz
-libvirt-0.7.0.tar.gz
-libvirt-0.7.1.tar.gz
-libvirt-0.7.2.tar.gz
+libvirt-0.4.6.tar.gz
--- a/1
+++ b/1
@@ -0,0 +1 @@
+F-10
--- a/libvirt-0.5.1-read-only-checks.patch
+++ b/libvirt-0.5.1-read-only-checks.patch
@@ -0,0 +1,152 @@
+diff --git a/src/libvirt.c b/src/libvirt.c
+--- a/src/libvirt.c
+++ b/src/libvirt.c
+@@ -2296,6 +2296,16 @@ virDomainMigrate (virDomainPtr domain,
+     conn = domain->conn;        /* Source connection. */
+     if (!VIR_IS_CONNECT (dconn)) {
+         virLibConnError (conn, VIR_ERR_INVALID_CONN, __FUNCTION__);
+        return NULL;
+    }
+
+    if (domain->conn->flags & VIR_CONNECT_RO) {
+        virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        return NULL;
+    }
+    if (dconn->flags & VIR_CONNECT_RO) {
+        /* NB, delibrately report error against source object, not dest here */
+        virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+         return NULL;
+     }
+ 
+@@ -2426,6 +2436,11 @@ virDomainMigratePrepare (virConnectPtr d
+         return -1;
+     }
+ 
+    if (dconn->flags & VIR_CONNECT_RO) {
+        virLibConnError(dconn, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        return -1;
+    }
+
+     if (dconn->driver->domainMigratePrepare)
+         return dconn->driver->domainMigratePrepare (dconn, cookie, cookielen,
+                                                     uri_in, uri_out,
+@@ -2457,6 +2472,11 @@ virDomainMigratePerform (virDomainPtr do
+     }
+     conn = domain->conn;
+ 
+    if (domain->conn->flags & VIR_CONNECT_RO) {
+        virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        return -1;
+    }
+
+     if (conn->driver->domainMigratePerform)
+         return conn->driver->domainMigratePerform (domain, cookie, cookielen,
+                                                    uri,
+@@ -2482,6 +2502,11 @@ virDomainMigrateFinish (virConnectPtr dc
+ 
+     if (!VIR_IS_CONNECT (dconn)) {
+         virLibConnError (NULL, VIR_ERR_INVALID_CONN, __FUNCTION__);
+        return NULL;
+    }
+
+    if (dconn->flags & VIR_CONNECT_RO) {
+        virLibConnError(dconn, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+         return NULL;
+     }
+ 
+@@ -2517,6 +2542,11 @@ virDomainMigratePrepare2 (virConnectPtr 
+         return -1;
+     }
+ 
+    if (dconn->flags & VIR_CONNECT_RO) {
+        virLibConnError(dconn, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        return -1;
+    }
+
+     if (dconn->driver->domainMigratePrepare2)
+         return dconn->driver->domainMigratePrepare2 (dconn, cookie, cookielen,
+                                                      uri_in, uri_out,
+@@ -2547,6 +2577,11 @@ virDomainMigrateFinish2 (virConnectPtr d
+         return NULL;
+     }
+ 
+    if (dconn->flags & VIR_CONNECT_RO) {
+        virLibConnError(dconn, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        return NULL;
+    }
+
+     if (dconn->driver->domainMigrateFinish2)
+         return dconn->driver->domainMigrateFinish2 (dconn, dname,
+                                                     cookie, cookielen,
+@@ -2905,6 +2940,11 @@ virDomainBlockPeek (virDomainPtr dom,
+     }
+     conn = dom->conn;
+ 
+    if (dom->conn->flags & VIR_CONNECT_RO) {
+        virLibDomainError(dom, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        return (-1);
+    }
+
+     if (!path) {
+         virLibDomainError (dom, VIR_ERR_INVALID_ARG,
+                            _("path is NULL"));
+@@ -2980,6 +3020,11 @@ virDomainMemoryPeek (virDomainPtr dom,
+     }
+     conn = dom->conn;
+ 
+    if (dom->conn->flags & VIR_CONNECT_RO) {
+        virLibDomainError(dom, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        return (-1);
+    }
+
+     /* Flags must be VIR_MEMORY_VIRTUAL at the moment.
+      *
+      * Note on access to physical memory: A VIR_MEMORY_PHYSICAL flag is
+@@ -3246,6 +3291,11 @@ virDomainSetAutostart(virDomainPtr domai
+     }
+ 
+     conn = domain->conn;
+
+    if (domain->conn->flags & VIR_CONNECT_RO) {
+        virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        return (-1);
+    }
+ 
+     if (conn->driver->domainSetAutostart)
+         return conn->driver->domainSetAutostart (domain, autostart);
+@@ -4197,6 +4247,11 @@ virNetworkSetAutostart(virNetworkPtr net
+         return (-1);
+     }
+ 
+    if (network->conn->flags & VIR_CONNECT_RO) {
+        virLibNetworkError(network, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        return (-1);
+    }
+
+     conn = network->conn;
+ 
+     if (conn->networkDriver && conn->networkDriver->networkSetAutostart)
+@@ -4395,6 +4450,11 @@ virConnectFindStoragePoolSources(virConn
+         return NULL;
+     }
+ 
+    if (conn->flags & VIR_CONNECT_RO) {
+        virLibConnError(conn, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        return NULL;
+    }
+
+     if (conn->storageDriver && conn->storageDriver->findPoolSources)
+         return conn->storageDriver->findPoolSources(conn, type, srcSpec, flags);
+ 
+@@ -5068,6 +5128,11 @@ virStoragePoolSetAutostart(virStoragePoo
+         return (-1);
+     }
+ 
+    if (pool->conn->flags & VIR_CONNECT_RO) {
+        virLibStoragePoolError(pool, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        return (-1);
+    }
+
+     conn = pool->conn;
+ 
+     if (conn->storageDriver && conn->storageDriver->poolSetAutostart)
--- a/libvirt-logrotate-avoid-compressing-small-logs.patch
+++ b/libvirt-logrotate-avoid-compressing-small-logs.patch
@@ -1,31 +0,0 @@
-From d7cca87f6c5ad2316934af8ecb95829b95b662c6 Mon Sep 17 00:00:00 2001
-From: Dan Kenigsberg <danken@redhat.com>
-Date: Wed, 21 Oct 2009 13:56:04 +0200
-Subject: [PATCH] Do not log rotate very small logs
-
-Without this, after few weeks without use, each defined domain grows a
-tail of empty gzipped logs, instead of keeping just the last log of
-interest.
-
-* daemon/libvirtd.logrotate.in: only rotate when the log is over 100 KBytes
-
-(cherry picked from commit b03fe2d0aefb57a096a102bf23375f0a167ca189)
-
-Fedora-patch: libvirt-logrotate-avoid-compressing-small-logs.patch
---
- daemon/libvirtd.logrotate.in |    1 +
- 1 files changed, 1 insertions(+), 0 deletions(-)
-
-diff --git a/daemon/libvirtd.logrotate.in b/daemon/libvirtd.logrotate.in
-index 093651c..0c51fd3 100644
--- a/daemon/libvirtd.logrotate.in
-+++ b/daemon/libvirtd.logrotate.in
-@@ -5,4 +5,5 @@
-         compress
-         delaycompress
-         copytruncate
-+        minsize 100k
- }
-- 
-1.6.2.5
-
--- a/libvirt-qemu-machine-type-fixes2.patch
+++ b/libvirt-qemu-machine-type-fixes2.patch
@@ -1,42 +0,0 @@
-From b7b6a28eb9eae641762de9408a90971d849ce92e Mon Sep 17 00:00:00 2001
-From: Mark McLoughlin <markmc@redhat.com>
-Date: Thu, 15 Oct 2009 12:09:17 +0100
-Subject: [PATCH] Don't copy old machines from a domain which has none
-
-If the the qemu and kvm binaries are the same, we don't include machine
-types in the kvm domain info.
-
-However, the code which refreshes the machine types info from the
-previous capabilities structure first looks at the kvm domain's info,
-finds it matches and then copies the empty machine types list over
-for the top-level qemu domain.
-
-That doesn't make sense, we shouldn't copy an empty machin types list.
-
-* src/qemu/qemu_conf.c: qemudGetOldMachinesFromInfo(): don't copy an
-  empty machine types list.
-
-(cherry picked from commit 2210f8a3a8e2774ca4fb8b42e21899e5b85ca913)
-
-Fedora-patch: libvirt-qemu-machine-type-fixes2.patch
---
- src/qemu/qemu_conf.c |    3 +++
- 1 files changed, 3 insertions(+), 0 deletions(-)
-
-diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
-index ac63570..b881f1e 100644
--- a/src/qemu/qemu_conf.c
-+++ b/src/qemu/qemu_conf.c
-@@ -505,6 +505,9 @@ qemudGetOldMachinesFromInfo(virCapsGuestDomainInfoPtr info,
-     virCapsGuestMachinePtr *list;
-     int i;
- 
-+    if (!info->nmachines)
-+        return 0;
-+
-     if (!info->emulator || !STREQ(emulator, info->emulator))
-         return 0;
- 
-- 
-1.6.2.5
-
--- a/libvirt.spec
+++ b/libvirt.spec
--- a/2
+++ b/2
@@ -1 +1 @@
-133aead8c46c0601b6b37e024c6aa86a  libvirt-0.7.2.tar.gz
+abc697978e9c66cbc8d8db4fa3f1c1b6  libvirt-0.5.1.tar.gz
Author	SHA1	Message	Date
Daniel Veillard	257e13d238	forgot patch ... Daniel	2008-12-17 16:39:57 +00:00
Daniel Veillard	016a6dcd0e	fix missing read-only access checks, fixes CVE-2008-5086 Daniel	2008-12-17 16:38:07 +00:00
Daniel Veillard	b610e1c718	fixing #460510	2008-12-12 07:37:59 +00:00
Daniel Veillard	caa81cd8d7	Upstream 0.5.1 release, Daniel	2008-12-05 05:41:33 +00:00
Daniel Veillard	eca45f4a3f	libvirt-0.5.0 upstream release, Daniel	2008-11-26 09:07:34 +00:00
Jesse Keating	d475deef60	Initialize branch F-10 for libvirt	2008-11-07 04:56:41 +00:00