[libvirt] [PATCH 00/10] virFork cleanups

Michal Privoznik mprivozn at redhat.com
Fri Feb 28 12:40:45 UTC 2014


On 20.02.2014 06:13, Eric Blake wrote:
> Some of these patches were written while working on CVE-2013-6456;
> we decided to reorder things and fix that problem first.  While
> rebasing these patches to the latest tree, I found other things
> worth fixing.
>
> Eric Blake (10):
>    nwfilter: don't ignore child process failures
>    virFork: give specific status on failure prior to exec
>    util: make it easier to reflect child exit status
>    util: preserve exit status from mount namespace callback
>    util: make it easier to grab only regular process exit
>    util: make it easier to grab only regular command exit
>    virFork: simplify semantics
>    virt-login-shell: use single instead of double fork
>    virt-login-shell: saner exit value
>    virsh: report exit status of failed lxc-enter-namespace
>
>   daemon/libvirtd.c                         |   4 +-
>   daemon/remote.c                           |   7 +-
>   docs/internals/command.html.in            |  17 ++-
>   src/access/viraccessdriverpolkit.c        |   9 +-
>   src/bhyve/bhyve_process.c                 |  19 +---
>   src/fdstream.c                            |   3 +-
>   src/internal.h                            |   7 ++
>   src/libvirt.c                             |   4 +-
>   src/libvirt_private.syms                  |   2 +
>   src/lxc/lxc_container.c                   |   6 +-
>   src/lxc/lxc_process.c                     |  11 +-
>   src/nwfilter/nwfilter_ebiptables_driver.c |  89 ++++++---------
>   src/openvz/openvz_driver.c                |  18 +---
>   src/qemu/qemu_capabilities.c              |   1 +
>   src/qemu/qemu_command.c                   |   3 +-
>   src/storage/storage_backend_iscsi.c       |   7 +-
>   src/util/vircommand.c                     | 173 +++++++++++++++---------------
>   src/util/vircommand.h                     |   4 +-
>   src/util/virebtables.c                    |   5 +-
>   src/util/virfile.c                        |  35 ++----
>   src/util/viriptables.c                    |   7 +-
>   src/util/virnetdevveth.c                  |   4 +-
>   src/util/virprocess.c                     | 121 +++++++++++++++------
>   src/util/virprocess.h                     |   8 +-
>   src/xen/xen_driver.c                      |   9 +-
>   tests/commandtest.c                       | 126 +++++++++++++++++++++-
>   tests/reconnect.c                         |   3 +-
>   tests/statstest.c                         |   3 +-
>   tests/testutils.c                         |   4 +-
>   tools/virsh-domain.c                      |  30 +++---
>   tools/virsh.pod                           |   5 +-
>   tools/virt-login-shell.c                  | 141 ++++++++++--------------
>   tools/virt-login-shell.pod                |  25 ++++-
>   33 files changed, 525 insertions(+), 385 deletions(-)
>

Laine ACKed the first patch in its second version, I'm ACKing the rest 
of the patches. But this has a potential to break some stuff, so I 
suggest pushing after the release.

Michal




More information about the libvir-list mailing list