Local socket connections were outright disabled because there was no "server"
part in the URI. However, given how requirements and usage scenarios are
evolving, some management apps might need the source libvirt daemon to connect
to the destination daemon over a UNIX socket for peer2peer migration. Since we
cannot know where the socket leads (whether the same daemon or not) let's decide
that based on whether the socket path is non-standard, or rather explicitly
specified in the URI. Checking non-standard path would require to ask the
daemon for configuration and the only misuse that it would prevent would be a
pretty weird one. And that's not worth it. The assumption is that whenever
someone uses explicit UNIX socket paths in the URI for migration they better
know what they are doing.
Partially resolves: https://bugzilla.redhat.com/
1638889
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
* peer2peer migration: the *desturi* is an address of the target host as seen from the source machine.
+In a special circumstance where you require a complete control of the connection
+and/or libvirt does not have network access to the remote side you can use a
+UNIX transport in the URI and specify a socket path in the query, for example
+with the qemu driver you could use this:
+
+.. code-block::
+
+ qemu+unix:///system?socket=/path/to/socket
+
When *migrateuri* is not specified, libvirt will automatically determine the
hypervisor specific URI. Some hypervisors, including QEMU, have an optional
"migration_host" configuration parameter (useful when the host has multiple
if (!(tempuri = virURIParse(dconnuri)))
return -1;
- if (!tempuri->server || STRPREFIX(tempuri->server, "localhost")) {
+
+ /*
+ * If someone migrates explicitly to a unix socket, then they have to know
+ * what they are doing and it most probably was not a mistake.
+ */
+ if ((tempuri->server && STRPREFIX(tempuri->server, "localhost")) ||
+ (!tempuri->server && !virURICheckUnixSocket(tempuri))) {
virReportInvalidArg(dconnuri, "%s",
_("Attempt to migrate guest to the same host"));
return -1;
/* If there's a driver registered we must defer to that.
* If there isn't a driver, we must connect in "direct"
- * mode - see doRemoteOpen */
+ * mode - see doRemoteOpen.
+ * One exception is if we are trying to connect to an
+ * unknown socket path as that might be proxied to remote
+ * host */
if (!conn->uri->server &&
- virHasDriverForURIScheme(driver)) {
+ virHasDriverForURIScheme(driver) &&
+ !virURICheckUnixSocket(conn->uri)) {
ret = VIR_DRV_OPEN_DECLINED;
goto cleanup;
}
_("Missing URI parameter '%s'"), name);
return NULL;
}
+
+
+/**
+ * virURICheckUnixSocket:
+ * @uri: URI to check
+ *
+ * Check if the URI looks like it refers to a non-standard socket path. In such
+ * scenario the socket might be proxied to a remote server even though the URI
+ * looks like it is only local.
+ *
+ * Returns: true if the URI might be proxied to a remote server
+ */
+bool
+virURICheckUnixSocket(virURIPtr uri)
+{
+ size_t i = 0;
+
+ if (!uri->scheme)
+ return false;
+
+ if (STRNEQ_NULLABLE(strchr(uri->scheme, '+'), "+unix"))
+ return false;
+
+ for (i = 0; i < uri->paramsCount; i++) {
+ if (STREQ(uri->params[i].name, "socket"))
+ return true;
+ }
+
+ return false;
+}
const char *virURIGetParam(virURIPtr uri, const char *name);
+bool virURICheckUnixSocket(virURIPtr uri);
+
#define VIR_URI_SERVER(uri) ((uri) && (uri)->server ? (uri)->server : "localhost")
TEST("scheme://some.cryptorandom.fqdn.tld");
- TEST_FAIL("hehe+unix:///?socket=/path/to/some-sock");
+ TEST("hehe+unix:///?socket=/path/to/some-sock");
return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
}
projects / thirdparty / libvirt.git / commitdiff
