]> xenbits.xensource.com Git - libvirt.git/commitdiff
projects / libvirt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3e12ec4)
qemu: support use of virtlogd with file based chardevs
authorDaniel P. Berrange <berrange@redhat.com>
Tue, 23 Feb 2016 13:41:57 +0000 (13:41 +0000)
committerDaniel P. Berrange <berrange@redhat.com>
Thu, 10 Mar 2016 15:43:19 +0000 (15:43 +0000)
Currently the file based character devices let QEMU write
directly to a file on disk. This allows a malicious QEMU
to inflict a denial of service by consuming all free space.

Switch QEMU to use a pipe to virtlogd, which will enforce
file rollover.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
src/qemu/qemu_command.c patch | blob | blame | history

diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 3ce708f5230487f8bdd3897cbd5b0ec4c06166cf..ee064794ca0ccca0d13bb12f45737c64f4ba9ee2 100644 (file)
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -3992,18 +3992,19 @@ qemuBuildChrChardevStr(virLogManagerPtr logManager,
         break;
 
     case VIR_DOMAIN_CHR_TYPE_FILE:
-        virBufferAsprintf(&buf, "file,id=char%s,path=%s", alias,
-                          dev->data.file.path);
-        if (dev->data.file.append != VIR_TRISTATE_SWITCH_ABSENT) {
-            if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_CHARDEV_FILE_APPEND)) {
-                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                               _("append not supported in this QEMU binary"));
-                goto error;
-            }
+        virBufferAsprintf(&buf, "file,id=char%s", alias);
 
-            virBufferAsprintf(&buf, ",append=%s",
-                              virTristateSwitchTypeToString(dev->data.file.append));
+        if (dev->data.file.append != VIR_TRISTATE_SWITCH_ABSENT &&
+            !virQEMUCapsGet(qemuCaps, QEMU_CAPS_CHARDEV_FILE_APPEND)) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                           _("append not supported in this QEMU binary"));
+            goto error;
         }
+        if (qemuBuildChrChardevFileStr(virQEMUCapsGet(qemuCaps, QEMU_CAPS_CHARDEV_FILE_APPEND) ?
+                                       logManager : NULL, cmd, def, &buf,
+                                       "path", dev->data.file.path,
+                                       "append", dev->data.file.append) < 0)
+            goto error;
         break;
 
     case VIR_DOMAIN_CHR_TYPE_PIPE:
Unnamed repository; edit this file 'description' to name the repository.