On Tue, Sep 29, 2015 at 05:27:58PM -0400, John Ferlan wrote:
On 09/29/2015 11:03 AM, Michal Privoznik wrote:On 25.09.2015 14:45, Martin Kletzander wrote:On Fri, Sep 25, 2015 at 06:41:44AM -0400, John Ferlan wrote:On 09/25/2015 05:38 AM, Michal Privoznik wrote:On 25.09.2015 11:36, Martin Kletzander wrote:On Thu, Sep 24, 2015 at 05:43:08PM +0200, Michal Privoznik wrote:https://bugzilla.redhat.com/show_bug.cgi?id=1257844 Imagine an user who is trying to attach a disk to a domain with the following XML: <disk type='block' device='disk'> <driver name='qemu' type='raw'/> <source dev='/dev/sr0'/> <target dev='vde' bus='virtio'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> The XML is obviously wrong. It's trying to attach a virtio disk onto non-PCI bus. We should forbid that. Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx> --- src/qemu/qemu_hotplug.c | 7 +++++++ 1 file changed, 7 insertions(+)How come this is not handled in qemuDomainAssignAddresses(), it doesn't get called? There's a check for exactly that in qemuAssignDevicePCISlots().Exactly! qemuAssignDevicePCISlots() is called only in case of --config.Seems to me this may be more of a generic problem - a user providing the wrong address type for the type of device. I have a recollection ofYes, and since we have checks for those, it's confusing to me why would qemuAssignDevicePCISlots() be called only with --config. Can we use that code which checks for more things already? For example, the here-missing virtio-mmio.Yes and no. qemuDomainAssignAddresses() expects to see vm->def which already has the device attached. Moreover, it not only works over all devices in the domain (filling in all the missing addresses), but possibly creating new controllers too (e.g. plugging new pci bridges if running out of addresses on a bus). Does anybody have a bright idea how this can be fixed apart from obvious one - breaking whole address assignment code into parts and reassembling it back together again?From the v4 from Ruifeng Beng: http://www.redhat.com/archives/libvir-list/2015-September/msg00524.html which has some validity w/r/t using qemuCheckDiskConfig; however, I'm wondering now if that's far too late in processing. Is it agreeable that the checks in virDomainDeviceAddressTypeIsValid will cover the cases when the incoming device has an address in the XML? Why not use the power of virDomainDeviceDefPostParseInternal? There's a check in that code: if (disk->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE && virDomainDiskDefAssignAddress(xmlopt, disk, def) < 0) return -1; why not make an "else" which says, let's be sure the disk->info.type provided is valid? I've attached a patch which works for the cases shown in the bz (both no params and --config). This would solve attach, update, and detach since each would call the virDomainDeviceDefParse which calls the PostParse code. John NOTE: The change to the test is because the failure now occurs during parse rather than at run (e.g. earlier, where I think it should).
I agree, and this sounds good, I'd have just two minor additions, see below.
From a03a8aa073eb410d6b713e6f77572edcf0631263 Mon Sep 17 00:00:00 2001 From: John Ferlan <jferlan@xxxxxxxxxx> Date: Tue, 29 Sep 2015 17:04:11 -0400 Subject: [PATCH] bug 1257844 Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx> --- src/conf/domain_conf.c | 43 +++++++++++++++++++++++++++++++++++++++++++ tests/qemuxml2argvtest.c | 2 +- 2 files changed, 44 insertions(+), 1 deletion(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 393ece7..21439c7 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -3962,6 +3962,41 @@ virDomainDefPostParseInternal(virDomainDefPtr def, } +/* Check if a provided address is valid */ +static bool +virDomainDeviceAddressTypeIsValid(virDomainDiskDefPtr disk)
1) The name suggests it checks the address type of any device, I'd somehow add a "Disk" in the name =) 2) Until anything similar to my proposal [1] is added, this would make daemon lose such domain on reload. Martin [1] https://www.redhat.com/archives/libvir-list/2015-September/msg00698.html
+{ + if (disk->info.type) { + switch (disk->bus) { + case VIR_DOMAIN_DISK_BUS_IDE: + case VIR_DOMAIN_DISK_BUS_SCSI: + case VIR_DOMAIN_DISK_BUS_SATA: + case VIR_DOMAIN_DISK_BUS_FDC: + if (disk->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_DRIVE) + return false; + break; + case VIR_DOMAIN_DISK_BUS_USB: + if (disk->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_USB) + return false; + break; + case VIR_DOMAIN_DISK_BUS_VIRTIO: + if (disk->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_CCW && + disk->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_VIRTIO_S390 && + disk->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_VIRTIO_MMIO && + disk->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI) + return false; + break; + case VIR_DOMAIN_DISK_BUS_XEN: + case VIR_DOMAIN_DISK_BUS_UML: + case VIR_DOMAIN_DISK_BUS_SD: + /* no address type currently, return false if address provided */ + return false; + } + } + return true; +} + + /* Check if a drive type address $controller:$bus:$target:$unit is already * taken by a disk or not. */ @@ -4207,6 +4242,14 @@ virDomainDeviceDefPostParseInternal(virDomainDeviceDefPtr dev, if (disk->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE && virDomainDiskDefAssignAddress(xmlopt, disk, def) < 0) return -1; + else if (!virDomainDeviceAddressTypeIsValid(disk)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("disk target '%s' using bus '%s' cannot have " + "an address of type '%s'"), + disk->dst, virDomainDiskBusTypeToString(disk->bus), + virDomainDeviceAddressTypeToString(disk->info.type)); + return -1; + } } if (dev->type == VIR_DOMAIN_DEVICE_VIDEO) { diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index ae67779..5c0186a 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -843,7 +843,7 @@ mymain(void) DO_TEST("disk-usb-device-removable", QEMU_CAPS_DRIVE, QEMU_CAPS_DEVICE, QEMU_CAPS_DEVICE_USB_STORAGE, QEMU_CAPS_USB_STORAGE_REMOVABLE, QEMU_CAPS_NODEFCONFIG); - DO_TEST_FAILURE("disk-usb-pci", + DO_TEST_PARSE_ERROR("disk-usb-pci", QEMU_CAPS_DRIVE, QEMU_CAPS_DEVICE, QEMU_CAPS_DEVICE_USB_STORAGE, QEMU_CAPS_NODEFCONFIG); DO_TEST("disk-scsi-device", -- 2.1.0
Attachment:
signature.asc
Description: PGP signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list