openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity
49,848 Commits 7 Branches 581 Tags 800 MiB
C 96.1%
Python 1.4%
Meson 0.9%
Perl 0.6%
Shell 0.5%
Other 0.4%
Go to file
Peter Krempa c697aff8a1 remoteDispatchAuthPolkit: Fix lock ordering deadlock if client closes connection during auth 
Locks in following text:
A: virNetServer
B: virNetServerClient
C: daemonClientPrivate

'virNetServerSetClientAuthenticated' locks A then B

'remoteDispatchAuthPolkit' calls 'virNetServerSetClientAuthenticated'
while holding C.

If a client closes its connection 'virNetServerProcessClients' with the
lock A and B locked will call 'virNetServerClientCloseLocked' which will
try to dispose of the 'client' private data by:

  ref(b);
  unlock(b);
  remoteClientFreePrivateCallbacks();
  lock(b);
  unref(b);

Unfortunately remoteClientFreePrivateCallbacks() tries lock C.

Thus the locks are held in the following order:

 polkit auth: C -> A
 connection close: A -> C

causing a textbook-example deadlock. To resolve it we can simply drop
lock 'C' before calling 'virNetServerSetClientAuthenticated' as the lock
is not needed any more.

Resolves: https://issues.redhat.com/browse/RHEL-20337
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
 		2024-01-31 15:25:53 +01:00
.ctags.d maint: Add support for .ctags.d 2019-05-31 17:54:28 +02:00
.github/workflows Switch to new GitHub repo-lockdown configuration 2021-10-20 14:27:20 +01:00
.gitlab/issue_templates gitlab: issue_template: Remove labelling commands 2022-06-01 12:27:10 +02:00
build-aux syntax-check: Forbid use of qsort() 2023-11-24 09:53:14 +01:00
ci ci: Regenerate with latest 'lcitool' and fix manual job definitions 2024-01-19 14:48:21 +01:00
docs conf: Introduce dynamicMemslots attribute for virtio-mem 2024-01-30 10:44:36 +01:00
examples Explicitly convert type to double to avoid losing precision 2024-01-24 10:21:23 +01:00
include virDomainBlockResize: Introduce VIR_DOMAIN_BLOCK_RESIZE_CAPACITY 2023-12-14 16:09:05 +01:00
po Translated using Weblate (Swedish) 2024-01-31 08:36:49 +01:00
scripts scripts: Make check-symfile.py work on alpha 2024-01-30 18:05:15 +01:00
src remoteDispatchAuthPolkit: Fix lock ordering deadlock if client closes connection during auth 2024-01-31 15:25:53 +01:00
subprojects Move src/keycodemapdb -> subprojects/keycodemapdb 2023-04-17 15:02:38 +02:00
tests tests: Add default-models cases for many architectures 2024-01-30 10:58:13 +01:00
tools vshAdmCatchDisconnect: Don't probe connection URI 2024-01-15 14:05:20 +01:00
.ctags ctags: Generate tags for headers, i.e. function prototypes 2018-09-18 14:21:33 +02:00
.dir-locals.el build: avoid tabs that failed syntax-check 2012-09-06 09:43:46 -06:00
.editorconfig Add .editorconfig 2019-09-06 12:47:46 +02:00
.gitattributes Add .gitattributes file 2022-03-17 14:33:12 +01:00
.gitignore Revert ".gitignore: Ignore cscope and other *tags files" 2023-02-08 17:24:31 +01:00
.gitlab-ci.yml docs: Add redirects configuration for gitlab pages 2024-01-19 15:51:47 +01:00
.gitlab_pages_redirects docs: Add redirects configuration for gitlab pages 2024-01-19 15:51:47 +01:00
.gitmodules Move src/keycodemapdb -> subprojects/keycodemapdb 2023-04-17 15:02:38 +02:00
.gitpublish gitpublish: Tweak prefix 2023-12-05 11:48:28 +01:00
.mailmap mailmap: consolidate my email addresses 2020-10-06 12:05:09 +02:00
AUTHORS.rst.in AUTHORS: change my (Nikolay Shirokovskiy) email 2022-04-06 11:00:53 +03:00
CONTRIBUTING.rst meson: adjust our documentation to mention meson instead of autoconf 2020-08-03 09:27:09 +02:00
COPYING maint: follow recommended practice for using LGPL 2013-05-20 14:15:21 -06:00
COPYING.LESSER maint: Remove control characters from LGPL license file 2015-09-25 09:16:24 +02:00
NEWS.rst NEWS: Document recent rx-filter bugfix 2024-01-25 15:55:48 +01:00
README.rst docs: update docs pointing to old mailing list addrs 2023-10-31 10:04:27 +00:00
config.h configure: bump min required CLang to 6.0 / XCode 10.0 2022-01-17 10:44:29 +00:00
configmake.h.in meson: generate configmake.h 2020-08-03 09:26:48 +02:00
gitdm.config gitdm: add 'ibm' file 2019-10-18 17:32:52 +02:00
libvirt-admin.pc.in Add libvirt-admin library 2015-06-16 13:46:20 +02:00
libvirt-lxc.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt-qemu.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt.spec.in libvirt.spec: Fix nbdkit selection logic on mingw and old rhel 2024-01-05 11:08:41 +01:00
meson.build meson: Adjust -fstack-protector use 2024-01-31 11:25:32 +01:00
meson_options.txt qemu: add runtime config option for nbdkit 2024-01-04 14:34:40 -06:00
run.in run: add ability to set selinux context 2023-08-23 14:22:36 -05:00

README.rst 

.. image:: https://gitlab.com/libvirt/libvirt/badges/master/pipeline.svg
     :target: https://gitlab.com/libvirt/libvirt/pipelines
     :alt: GitLab CI Build Status
.. image:: https://bestpractices.coreinfrastructure.org/projects/355/badge
     :target: https://bestpractices.coreinfrastructure.org/projects/355
     :alt: CII Best Practices
.. image:: https://translate.fedoraproject.org/widgets/libvirt/-/libvirt/svg-badge.svg
     :target: https://translate.fedoraproject.org/engage/libvirt/
     :alt: Translation status

==============================
Libvirt API for virtualization
==============================

Libvirt provides a portable, long term stable C API for managing the
virtualization technologies provided by many operating systems. It
includes support for QEMU, KVM, Xen, LXC, bhyve, Virtuozzo, VMware
vCenter and ESX, VMware Desktop, Hyper-V, VirtualBox and the POWER
Hypervisor.

For some of these hypervisors, it provides a stateful management
daemon which runs on the virtualization host allowing access to the
API both by non-privileged local users and remote users.

Layered packages provide bindings of the libvirt C API into other
languages including Python, Perl, PHP, Go, Java, OCaml, as well as
mappings into object systems such as GObject, CIM and SNMP.

Further information about the libvirt project can be found on the
website:

https://libvirt.org


License
=======

The libvirt C API is distributed under the terms of GNU Lesser General
Public License, version 2.1 (or later). Some parts of the code that are
not part of the C library may have the more restrictive GNU General
Public License, version 2.0 (or later). See the files ``COPYING.LESSER``
and ``COPYING`` for full license terms & conditions.


Installation
============

Instructions on building and installing libvirt can be found on the website:

https://libvirt.org/compiling.html

Contributing
============

The libvirt project welcomes contributions in many ways. For most components
the best way to contribute is to send patches to the primary development
mailing list. Further guidance on this can be found on the website:

https://libvirt.org/contribute.html


Contact
=======

The libvirt project has two primary mailing lists:

* users@lists.libvirt.org (**for user discussions**)
* devel@lists.libvirt.org (**for development only**)

Further details on contacting the project are available on the website:

https://libvirt.org/contact.html