On Thu, Nov 05, 2015 at 10:39:59AM +0000, Daniel P. Berrange wrote:
> On Wed, Nov 04, 2015 at 09:17:00AM +0100, Peter Krempa wrote:
> > On Tue, Nov 03, 2015 at 16:04:24 +0000, Daniel Berrange wrote:
> > > Currently the QEMU stdout/stderr streams are written directly to
> > > a regular file (eg /var/log/libvirt/qemu/$GUEST.log). While those
> > > can be rotated by logrotate (using copytruncate option) this is
> > > not very efficient. It also leaves open a window of opportunity
> > > for a compromised/broken QEMU to DOS the host filesystem by
> > > writing lots of text to stdout/stderr.
> > >
> > > This makes it possible to connect the stdout/stderr file handles
> > > to a pipe that is provided by virtlogd. The virtlogd daemon will
> > > read from this pipe and write data to the log file, performing
> > > file rotation whenever a pre-determined size limit is reached.
> > >
> > > Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
> > > ---
> > > cfg.mk | 2 +-
> > > src/qemu/libvirtd_qemu.aug | 1 +
> > > src/qemu/qemu.conf | 15 +++++++++++++
> > > src/qemu/qemu_conf.c | 18 ++++++++++++++++
> > > src/qemu/qemu_conf.h | 1 +
> > > src/qemu/qemu_domain.c | 43 +++++++++++++++++++++++++++++++-------
> > > src/qemu/qemu_process.c | 42 +++++++++++++++++++++----------------
> > > src/qemu/test_libvirtd_qemu.aug.in | 1 +
> > > 8 files changed, 96 insertions(+), 27 deletions(-)
> > >
> >
> > [...]
> >
> > > diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
> > > index f744419..e72ca20 100644
> > > --- a/src/qemu/qemu_process.c
> > > +++ b/src/qemu/qemu_process.c
> > > @@ -4774,7 +4774,10 @@ int qemuProcessStart(virConnectPtr conn,
> > >
> > > qemuDomainObjCheckTaint(driver, vm, logfile);
> > >
> > > - if ((pos = lseek(logfile, 0, SEEK_END)) < 0)
> > > + /* When using logd, the logfile FD is a pipe which is
> > > + * not seekable... */
> > > + if (!cfg->stdioLogD &&
> > > + (pos = lseek(logfile, 0, SEEK_END)) < 0)
> > > VIR_WARN("Unable to seek to end of logfile: %s",
> > > virStrerror(errno, ebuf, sizeof(ebuf)));
> >
> > This will break the code that is in place to read the qemu log file in
> > case of a early qemu startup failure so that we can report a semi-useful
> > error message.
>
> Ohh, yes, I should have known this was useful for something really :-)
>
> > Additionally in case where you don't use QMP and qemu does not support
> > chardev info retrieval, this will also break the lookup of the PTYs for
> > serials/parallels/channels. As a solution here I'd rather see that we
> > drop support for such old qemus finally and not have to care about it
> > any more.
>
> So this relies on the 'info chardev' command which was added in:
>
> commit 5ccfae10a79e52654c9edc68da6d05f29466b4f9
> Author: aliguori <aliguori@c046a42c-6fe2-441c-8c8c-71466251a162>
> Date: Fri Oct 31 17:31:29 2008 +0000
>
> Implement "info chardev" command. (Gerd Hoffmann)
>
> This is QEMU v1.0 or later. Given that it is 7 years old, I think we
> are justified in raising our min QEMU version to 1.0. There's probably
> a fair bit of other cruft we'll kill by doing this.
Opps, that should be 0.11 or later, *not* 1.0 or later.
We don't want to raise min version beyond 0.12.0 as that's vintage
that's still used in RHEL-6 era distros, which are reasonable to
want to continue to support.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list