From: Daniel P. Berrange Date: Tue, 23 Feb 2016 13:41:57 +0000 (+0000) Subject: qemu: support use of virtlogd with file based chardevs X-Git-Tag: v1.3.3-rc1~235 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fcd3fa385fd8eb775c16a362358bece9657debd7;p=thirdparty%2Flibvirt.git qemu: support use of virtlogd with file based chardevs Currently the file based character devices let QEMU write directly to a file on disk. This allows a malicious QEMU to inflict a denial of service by consuming all free space. Switch QEMU to use a pipe to virtlogd, which will enforce file rollover. Signed-off-by: Daniel P. Berrange --- diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 3ce708f523..ee064794ca 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -3992,18 +3992,19 @@ qemuBuildChrChardevStr(virLogManagerPtr logManager, break; case VIR_DOMAIN_CHR_TYPE_FILE: - virBufferAsprintf(&buf, "file,id=char%s,path=%s", alias, - dev->data.file.path); - if (dev->data.file.append != VIR_TRISTATE_SWITCH_ABSENT) { - if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_CHARDEV_FILE_APPEND)) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("append not supported in this QEMU binary")); - goto error; - } + virBufferAsprintf(&buf, "file,id=char%s", alias); - virBufferAsprintf(&buf, ",append=%s", - virTristateSwitchTypeToString(dev->data.file.append)); + if (dev->data.file.append != VIR_TRISTATE_SWITCH_ABSENT && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_CHARDEV_FILE_APPEND)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("append not supported in this QEMU binary")); + goto error; } + if (qemuBuildChrChardevFileStr(virQEMUCapsGet(qemuCaps, QEMU_CAPS_CHARDEV_FILE_APPEND) ? + logManager : NULL, cmd, def, &buf, + "path", dev->data.file.path, + "append", dev->data.file.append) < 0) + goto error; break; case VIR_DOMAIN_CHR_TYPE_PIPE: