[libvirt] [PATCH 3/8] qemu: don't hold both jobs for suspend
Michal Privoznik
mprivozn at redhat.com
Thu Dec 12 14:47:19 UTC 2019
On 12/5/19 5:08 PM, Jonathon Jongsma wrote:
> We have to assume that the guest agent may be malicious so we don't want
> to allow any agent queries to block any other libvirt API. By holding a
> monitor job while we're querying the agent, we open ourselves up to a
> DoS.
>
> So split the function up a bit to only hold the monitor job while
> querying qemu for whether the domain supports suspend. Then acquire only
> an agent job while issuing the agent suspend command.
>
> Signed-off-by: Jonathon Jongsma <jjongsma at redhat.com>
> ---
> src/qemu/qemu_driver.c | 93 ++++++++++++++++++++++++++----------------
> 1 file changed, 58 insertions(+), 35 deletions(-)
>
> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> index edd36f4a89..e39ee2acc9 100644
> --- a/src/qemu/qemu_driver.c
> +++ b/src/qemu/qemu_driver.c
> @@ -19713,6 +19713,58 @@ qemuDomainProbeQMPCurrentMachine(virQEMUDriverPtr driver,
> }
>
>
> +/* returns -1 on error, or if query is not supported, 0 if query was successful */
> +static int
> +qemuDomainQueryWakeupSuspendSupport(virQEMUDriverPtr driver,
> + virDomainObjPtr vm,
> + bool *wakeupSupported)
> +{
> + int ret = -1;
> + qemuDomainObjPrivatePtr priv = vm->privateData;
Usually, I put @ret last as it's shorter line compared to @priv.
> +
> + if (!virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_QUERY_CURRENT_MACHINE))
> + return ret;
s/ret/-1/
> +
> + if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
> + return ret;
> +
Michal
More information about the libvir-list
mailing list