[PATCH] Security: Mitigate possible privilege escalation via SG_IO ioctl (CVE-2011-4127, RHBZ#757071)
by Richard W.M. Jones
From: "Richard W.M. Jones" <rjones(a)redhat.com>
CVE-2011-4127 is a serious qemu & kernel privilege escalation bug
found by Paolo Bonzini.
http://seclists.org/oss-sec/2011/q4/536
An untrusted guest kernel is able to issue special SG_IO ioctls on
virtio devices which qemu passes through to the host kernel without
filtering or sanitizing. These ioctls allow raw sectors from the
underlying host device to be read and written. Significantly, neither
qemu nor the host kernel checks that the range of sectors is within
the partition / LV assigned to the guest. For example, if the guest
is assigned host partition /dev/sda3, it would be able to read or
write any part of /dev/sda including other partitions and the boot
sector. Exploits through LVs passed to the guest are also possible,
with some limitations. File-backed virtual block devices are not
vulnerable. Non-virtio block devices are not vulnerable.
This patch mitigates the problem by disabling the SG_IO ioctl
passthrough in qemu. Thus if libguestfs is examining an untrusted
guest and the libguestfs appliance/daemon is compromised (eg. by
executing guest commands, or through some other compromise), then the
compromised appliance will not be able to issue the above SG_IO ioctls
and exploit the host.
Note that this is just mitigation for libguestfs. Users will still
want to fully update their host kernel, qemu/KVM and libvirt, in order
to prevent other (non-libguestfs) routes to compromise.
The following versions of libguestfs (will/have) this patch applied.
libguestfs >= 1.15.13
libguestfs >= 1.14.8
libguestfs >= 1.12.11
libguestfs >= 1.10.12
libguestfs >= 1.8.16
Earlier versions may be vulnerable unless a downstream packager has
applied this patch.
Cc: Hilko Bengen <bengen(a)hilluzination.de>
---
src/launch.c | 10 ++++++++++
1 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/src/launch.c b/src/launch.c
index 7b3372c..9add092 100644
--- a/src/launch.c
+++ b/src/launch.c
@@ -564,6 +564,16 @@ launch_appliance (guestfs_h *g)
alloc_cmdline (g);
g->cmdline[0] = g->qemu;
+ /* CVE-2011-4127 mitigation: Disable SCSI ioctls on virtio-blk
+ * devices. The -global option must exist, but you can pass any
+ * strings to it so we don't need to check for the specific virtio
+ * feature.
+ */
+ if (qemu_supports (g, "-global")) {
+ add_cmdline (g, "-global");
+ add_cmdline (g, "virtio-blk-pci.scsi=off");
+ }
+
/* Add drives */
struct drive *drv = g->drives;
while (drv != NULL) {
--
1.7.6
12 years, 5 months
FYI: Changes to test directory names
by Richard W.M. Jones
I'm going to rename some test directories to make the names more
logical:
* caution -> tests/qemu
This directory contains tests of qemu (safety and liveness).
'make check' will be changed so that this directory is tested first.
At present, 'make check' happens to build images/ first which makes
it harder to track down qemu breakage.
* capitests -> tests/c-api
Tests of the C API. Arguably these tests could be moved into src/
but that directory has lots of files in it already.
* regressions -> tests/regressions
+ tests/protocol
+ tests/luks
+ tests/...
Split this directory into true regression tests, and tests of
other things.
guestfish-specific tests will be placed in the fish/ directory
instead of being in a separate directory. This makes it consistent
with other C tools such as virt-df, virt-edit where tests are
located in the same directory as the tool.
* extratests -> tests/extra
Complex tests that require valgrind, local guests, etc. Just as
now, these are not part of 'make check'.
* images -> tests/data + tests/guests
Split into test data, and the (phony) guest images.
tests/data (as now) doesn't contain any TESTS (just data required by
other tests). It is built early during the 'make' phase.
tests/guests: Because other tests rely on these guests, we will
build it early (after tests/qemu, before tests/c-api). The guests
are check_DATA, meaning they get created during 'make check'.
* test-tool (no change)
These changes will first be done on master (development) so we can
shake out bugs. I plan to backport them to the 1.14 branch at a later
date.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming blog: http://rwmj.wordpress.com
Fedora now supports 80 OCaml packages (the OPEN alternative to F#)
http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora
12 years, 5 months
[PATCH] Fixed checks for libpython features
by Hilko Bengen
The python3.1 package shipped with Debian/squeeze does not have the
'mu' suffix that was assumed before.
---
configure.ac | 23 ++++++++++++-----------
1 files changed, 12 insertions(+), 11 deletions(-)
diff --git a/configure.ac b/configure.ac
index 28243a2..c2b684b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -738,19 +738,20 @@ AS_IF([test "x$enable_python" != "xno"],
AC_MSG_RESULT([$PYTHON_INSTALLDIR])
fi
- dnl Look for libpython and some optional symbols in it.
+ dnl Look for some optional symbols in libpython.
old_LIBS="$LIBS"
- if test "x$PYTHON_VERSION_MAJOR" = "x3"; then
- dnl libpython3 is called "libpython3.Xmu.so"
- LIBPYTHON="python${PYTHON_VERSION}mu"
- else
- LIBPYTHON="python$PYTHON_VERSION"
- fi
- AC_CHECK_LIB([$LIBPYTHON], [PyList_Size], [],
- [AC_MSG_FAILURE([$LIBPYTHON is not installed])])
- AC_CHECK_FUNCS([PyCapsule_New \
- PyString_AsString])
+ PYTHON_BLDLIBRARY=`$PYTHON -c "import distutils.sysconfig; \
+ print (distutils.sysconfig.get_config_var('BLDLIBRARY'))"`
+ AC_CHECK_LIB([c],[PyCapsule_New],
+ [AC_DEFINE([HAVE_PYCAPSULE_NEW],1,
+ [Found PyCapsule_New in libpython])],
+ [],[$PYTHON_BLDLIBRARY])
+ AC_CHECK_LIB([c],[PyString_AsString],
+ [AC_DEFINE([HAVE_PYSTRING_ASSTRING],1,
+ [Found PyString_AsString in libpython])],
+ [],[$PYTHON_BLDLIBRARY])
+
LIBS="$old_LIBS"
fi
--
1.7.7.3
12 years, 5 months
febootstrap error ?
by Evaggelos Balaskas
hi,
i am not quite sure about the below error:
[ 1320.506848] INFO: task init:1 blocked for more than 120 seconds.
[ 1320.510069] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs"
disables this message.
The below commands
guestmount,
virt-*
either hangs or taking a gazillion time to finish (not correctly).
I've attached a file with two cases
In both cases, in tmp folder there are:
[ebal@mylaptop tmp]€ tree libguestfsj5tGtJ/
libguestfsj5tGtJ/
└── guestfsd.sock
0 directories, 1 file
[ebal@mylaptop tmp]€ tree libguestfsMRArh2
libguestfsMRArh2
└── guestfsd.sock
0 directories, 1 file
after the processes are hanged
libguestfs 1.14.7
febootstrap 3.12
qemu-kvm 1.0
augeas 0.10.0
hivex 1.3.3
libvirt 0.9.8
[root@mylaptop ~]# uname -r
3.1.4-1-ARCH
any ideas ?
Evaggelos Balaskas
Unix System Engineer - http://ebalaskas.gr.
12 years, 5 months
Proposed changes for OpenStack
by Richard W.M. Jones
[These two patches are for discussion only]
Allow FUSE support to be used directly through the API.
This is the second commit.
In order to make this usable from guestfish, we have to
also bind the events API in guestfish. This is the first
commit.
Rich.
12 years, 5 months
Help loading a corrupt vdi file
by op 157
Hello everyone, I have a corrupt .vdi file from a virtualbox installation (XP host, Mint 11 guest) which I recently broke. I wanted to allocate more space to it, so I ran this command:VBoxManage.exe modifyhd /path/to/YOUR_HARD_DISK.vdi --resize 17179869184
It only took a second to actually complete, so I think a header somewhere is broken.
I need to get access to some files I had on there using libguestfs on a Mint Virtualbox I have, and I'm trying to mount the bad vdi file to get access to everything, but that isn't working. I have this output from libguestfs-test-tool, can anyone help?:Thanks!
libguestfs: new guestfs handle 0x10242d0libguestfs: [00000ms] febootstrap-supermin-helper --verbose -f checksum '/usr/lib/guestfs/supermin.d' x86_64supermin helper [00000ms] whitelist = (not specified), host_cpu = x86_64, kernel = (null), initrd = (null), appliance = (null)supermin helper [00001ms] inputs[0] = /usr/lib/guestfs/supermin.dchecking modpath /lib/modules/2.6.38-8-generic is a directorypicked vmlinuz-2.6.38-8-generic because modpath /lib/modules/2.6.38-8-generic existssupermin helper [00001ms] finished creating kernelsupermin helper [00002ms] visiting /usr/lib/guestfs/supermin.dsupermin helper [00002ms] visiting /usr/lib/guestfs/supermin.d/base.imgsupermin helper [00007ms] visiting /usr/lib/guestfs/supermin.d/daemon.imgsupermin helper [00007ms] visiting /usr/lib/guestfs/supermin.d/hostfilessupermin helper [00142ms] visiting /usr/lib/guestfs/supermin.d/init.imgsupermin helper [00142ms] adding kernel modulessupermin helper [00341ms] finished creating appliancelibguestfs: [00373ms] begin testing qemu featureslibguestfs: [00551ms] finished testing qemu featureslibguestfs: accept_from_daemon: 0x10242d0 g->state = 1libguestfs: is_openable: /dev/kvm: No such file or directory[00563ms] /usr/bin/kvm \ -drive file=/tmp/libguestfs-test-tool-sda-rZ97hB,cache=off,format=raw,if=virtio \ -nodefconfig \ -nodefaults \ -nographic \ -m 500 \ -no-reboot \ -no-hpet \ -device virtio-serial \ -serial stdio \ -chardev socket,path=/tmp/libguestfsEjpY0b/guestfsd.sock,id=channel0 \ -device virtserialport,chardev=channel0,name=org.libguestfs.channel.0 \ -kernel /var/tmp/.guestfs-0/kernel.2125 \ -initrd /var/tmp/.guestfs-0/initrd.2125 \ -append 'panic=1 console=ttyS0 udevtimeout=300 no_timer_check acpi=off printk.time=1 cgroup_disable=memory selinux=0 guestfs_verbose=1 TERM=xterm ' \ -drive file=/var/tmp/.guestfs-0/root.2125,snapshot=on,if=virtio,cache=unsafeopen /dev/kvm: No such file or directoryCould not initialize KVM, will disable KVM support[ 0.000000] Initializing cgroup subsys cpuset[ 0.000000] Initializing cgroup subsys cpu[ 0.000000] Linux version 2.6.38-8-generic (buildd@allspice) (gcc version 4.5.2 (Ubuntu/Linaro 4.5.2-8ubuntu3) ) #42-Ubuntu SMP Mon Apr 11 03:31:24 UTC 2011 (Ubuntu 2.6.38-8.42-generic 2.6.38.2)[ 0.000000] Command line: panic=1 console=ttyS0 udevtimeout=300 no_timer_check acpi=off printk.time=1 cgroup_disable=memory selinux=0 guestfs_verbose=1 TERM=xterm [ 0.000000] BIOS-provided physical RAM map:[ 0.000000] BIOS-e820: 0000000000000000 - 000000000009bc00 (usable)[ 0.000000] BIOS-e820: 000000000009bc00 - 00000000000a0000 (reserved)[ 0.000000] BIOS-e820: 00000000000f0000 - 0000000000100000 (reserved)[ 0.000000] BIOS-e820: 0000000000100000 - 000000001f3fd000 (usable)[ 0.000000] BIOS-e820: 000000001f3fd000 - 000000001f400000 (reserved)[ 0.000000] BIOS-e820: 00000000fffc0000 - 0000000100000000 (reserved)[ 0.000000] NX (Execute Disable) protection: active[ 0.000000] DMI 2.4 present.[ 0.000000] No AGP bridge found[ 0.000000] last_pfn = 0x1f3fd max_arch_pfn = 0x400000000[ 0.000000] x86 PAT enabled: cpu 0, old 0x0, new 0x7010600070106[ 0.000000] found SMP MP-table at [ffff8800000fd790] fd790[ 0.000000] init_memory_mapping: 0000000000000000-000000001f3fd000[ 0.000000] RAMDISK: 1f2c8000 - 1f3f0000[ 0.000000] No NUMA configuration found[ 0.000000] Faking a node at 0000000000000000-000000001f3fd000[ 0.000000] Initmem setup node 0 0000000000000000-000000001f3fd000[ 0.000000] NODE_DATA [000000001f3f5000 - 000000001f3f9fff][ 0.000000] Zone PFN ranges:[ 0.000000] DMA 0x00000010 -> 0x00001000[ 0.000000] DMA32 0x00001000 -> 0x00100000[ 0.000000] Normal empty[ 0.000000] Movable zone start PFN for each node[ 0.000000] early_node_map[2] active PFN ranges[ 0.000000] 0: 0x00000010 -> 0x0000009b[ 0.000000] 0: 0x00000100 -> 0x0001f3fd[ 0.000000] SFI: Simple Firmware Interface v0.81 http://simplefirmware.org[ 0.000000] Intel MultiProcessor Specification v1.4[ 0.000000] MPTABLE: OEM ID: BOCHSCPU[ 0.000000] MPTABLE: Product ID: 0.1 [ 0.000000] MPTABLE: APIC at: 0xFEE00000[ 0.000000] Processor #0 (Bootup-CPU)[ 0.000000] IOAPIC[0]: apic_id 1, version 17, address 0xfec00000, GSI 0-23[ 0.000000] Processors: 1[ 0.000000] SMP: Allowing 1 CPUs, 0 hotplug CPUs[ 0.000000] PM: Registered nosave memory: 000000000009b000 - 000000000009c000[ 0.000000] PM: Registered nosave memory: 000000000009c000 - 00000000000a0000[ 0.000000] PM: Registered nosave memory: 00000000000a0000 - 00000000000f0000[ 0.000000] PM: Registered nosave memory: 00000000000f0000 - 0000000000100000[ 0.000000] Allocating PCI resources starting at 1f400000 (gap: 1f400000:e0bc0000)[ 0.000000] Booting paravirtualized kernel on bare hardware[ 0.000000] setup_percpu: NR_CPUS:256 nr_cpumask_bits:256 nr_cpu_ids:1 nr_node_ids:1[ 0.000000] PERCPU: Embedded 28 pages/cpu @ffff88001f000000 s84416 r8192 d22080 u2097152[ 0.000000] Built 1 zonelists in Node order, mobility grouping on. Total pages: 126124[ 0.000000] Policy zone: DMA32[ 0.000000] Kernel command line: panic=1 console=ttyS0 udevtimeout=300 no_timer_check acpi=off printk.time=1 cgroup_disable=memory selinux=0 guestfs_verbose=1 TERM=xterm [ 0.000000] Disabling memory control group subsystem[ 0.000000] PID hash table entries: 2048 (order: 2, 16384 bytes)[ 0.000000] Checking aperture...[ 0.000000] No AGP bridge found[ 0.000000] Memory: 488624k/511988k available (5940k kernel code, 468k absent, 22896k reserved, 5017k data, 956k init)[ 0.000000] SLUB: Genslabs=15, HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1[ 0.000000] Hierarchical RCU implementation.[ 0.000000] \tRCU dyntick-idle grace-period acceleration is enabled.[ 0.000000] \tRCU-based detection of stalled CPUs is disabled.[ 0.000000] NR_IRQS:16640 nr_irqs:256 16[ 0.000000] Console: colour dummy device 80x25[ 0.000000] console [ttyS0] enabled[ 0.000000] Fast TSC calibration failed[ 0.000000] TSC: Unable to calibrate against PIT[ 0.000000] TSC: No reference (HPET/PMTIMER) available[ 0.000000] Marking TSC unstable due to could not calculate TSC khz[ 0.080000] Calibrating delay loop... 52.32 BogoMIPS (lpj=261632)[ 0.220000] pid_max: default: 32768 minimum: 301[ 0.220000] Security Framework initialized[ 0.240000] AppArmor: AppArmor initialized[ 0.240000] Yama: becoming mindful.[ 0.260000] Dentry cache hash table entries: 65536 (order: 7, 524288 bytes)[ 0.280000] Inode-cache hash table entries: 32768 (order: 6, 262144 bytes)[ 0.280000] Mount-cache hash table entries: 256[ 0.320000] Initializing cgroup subsys ns[ 0.330000] ns_cgroup deprecated: consider using the 'clone_children' flag without the ns_cgroup.[ 0.330000] Initializing cgroup subsys cpuacct[ 0.330000] Initializing cgroup subsys memory[ 0.350000] Initializing cgroup subsys devices[ 0.350000] Initializing cgroup subsys freezer[ 0.360000] Initializing cgroup subsys net_cls[ 0.360000] Initializing cgroup subsys blkio[ 0.370000] mce: CPU supports 10 MCE banks[ 0.380000] SMP alternatives: switching to UP code[ 0.770000] Freeing SMP alternatives: 20k freed[ 0.780000] ftrace: allocating 24314 entries in 96 pages[ 0.810000] Setting APIC routing to flat[ 0.820000] ------------[ cut here ]------------[ 0.820000] WARNING: at /build/buildd/linux-2.6.38/arch/x86/kernel/apic/apic.c:1284 setup_local_APIC+0x171/0x22a()[ 0.820000] Hardware name: Bochs[ 0.820000] Modules linked in:[ 0.830000] Pid: 1, comm: swapper Not tainted 2.6.38-8-generic #42-Ubuntu[ 0.830000] Call Trace:[ 0.840000] [<ffffffff81065cef>] ? warn_slowpath_common+0x7f/0xc0[ 0.840000] [<ffffffff81065d4a>] ? warn_slowpath_null+0x1a/0x20[ 0.840000] [<ffffffff815bce50>] ? setup_local_APIC+0x171/0x22a[ 0.840000] [<ffffffff81ad9303>] ? verify_local_APIC+0x16a/0x194[ 0.840000] [<ffffffff81ad74d5>] ? native_smp_prepare_cpus+0x17f/0x20e[ 0.850000] [<ffffffff81acad14>] ? kernel_init+0x7e/0x1f3[ 0.860000] [<ffffffff8100ce24>] ? kernel_thread_helper+0x4/0x10[ 0.860000] [<ffffffff81acac96>] ? kernel_init+0x0/0x1f3[ 0.860000] [<ffffffff8100ce20>] ? kernel_thread_helper+0x0/0x10[ 0.860000] ---[ end trace a7919e7f17c0a725 ]---[ 0.890000] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1[ 0.890000] CPU0: AMD QEMU Virtual CPU version 0.14.0 stepping 03[ 1.020000] Performance Events: Broken PMU hardware detected, using software events only.[ 1.050000] Brought up 1 CPUs[ 1.050000] Total of 1 processors activated (52.32 BogoMIPS).[ 1.080000] devtmpfs: initialized[ 1.160000] print_constraints: dummy: [ 1.170000] Time: 1:30:17 Date: 12/14/11[ 1.170000] NET: Registered protocol family 16[ 1.210000] PCI: Using configuration type 1 for base access[ 1.260000] bio: create slab <bio-0> at 0[ 1.260000] ACPI: Interpreter disabled.[ 1.280000] vgaarb: loaded[ 1.300000] SCSI subsystem initialized[ 1.320000] usbcore: registered new interface driver usbfs[ 1.320000] usbcore: registered new interface driver hub[ 1.330000] usbcore: registered new device driver usb[ 1.340000] PCI: Probing PCI hardware[ 1.370000] pci 0000:00:01.3: quirk: [io 0xb000-0xb03f] claimed by PIIX4 ACPI[ 1.380000] pci 0000:00:01.3: quirk: [io 0xb100-0xb10f] claimed by PIIX4 SMB[ 1.400000] pci 0000:00:01.0: PIIX/ICH IRQ router [8086:7000][ 1.430000] NetLabel: Initializing[ 1.430000] NetLabel: domain hash size = 128[ 1.430000] NetLabel: protocols = UNLABELED CIPSOv4[ 1.430000] NetLabel: unlabeled traffic allowed by default[ 1.740000] AppArmor: AppArmor Filesystem Enabled[ 1.740000] pnp: PnP ACPI: disabled[ 1.830000] NET: Registered protocol family 2[ 1.840000] IP route cache hash table entries: 4096 (order: 3, 32768 bytes)[ 1.860000] TCP established hash table entries: 16384 (order: 6, 262144 bytes)[ 1.860000] TCP bind hash table entries: 16384 (order: 6, 262144 bytes)[ 1.860000] TCP: Hash tables configured (established 16384 bind 16384)[ 1.860000] TCP reno registered[ 1.860000] UDP hash table entries: 256 (order: 1, 8192 bytes)[ 1.870000] UDP-Lite hash table entries: 256 (order: 1, 8192 bytes)[ 1.880000] NET: Registered protocol family 1[ 1.890000] pci 0000:00:00.0: Limiting direct PCI/PCI transfers[ 1.900000] pci 0000:00:01.0: PIIX3: Enabling Passive Release[ 1.900000] pci 0000:00:01.0: Activating ISA DMA hang workarounds[ 1.920000] Trying to unpack rootfs image as initramfs...[ 1.930000] platform rtc_cmos: registered platform RTC device (no PNP device found)[ 1.990000] audit: initializing netlink socket (disabled)[ 2.010000] type=2000 audit(1323826217.010:1): initialized[ 2.160000] Freeing initrd memory: 1184k freed[ 2.180000] HugeTLB registered 2 MB page size, pre-allocated 0 pages[ 2.250000] VFS: Disk quotas dquot_6.5.2[ 2.260000] Dquot-cache hash table entries: 512 (order 0, 4096 bytes)[ 2.280000] fuse init (API version 7.16)[ 2.290000] msgmni has been set to 956[ 2.310000] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 253)[ 2.310000] io scheduler noop registered[ 2.310000] io scheduler deadline registered[ 2.320000] io scheduler cfq registered (default)[ 2.320000] pci_hotplug: PCI Hot Plug PCI Core version: 0.5[ 2.330000] pciehp: PCI Express Hot Plug Controller Driver version: 0.4[ 2.340000] Serial: 8250/16550 driver, 32 ports, IRQ sharing enabled[ 2.350000] serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A[ 2.430000] Linux agpgart interface v0.103[ 2.470000] brd: module loaded[ 2.500000] loop: module loaded[ 2.510000] i2c-core: driver [adp5520] using legacy suspend method[ 2.510000] i2c-core: driver [adp5520] using legacy resume method[ 2.530000] scsi0 : ata_piix[ 2.540000] scsi1 : ata_piix[ 2.540000] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc000 irq 14[ 2.550000] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc008 irq 15[ 2.590000] Fixed MDIO Bus: probed[ 2.590000] PPP generic driver version 2.4.2[ 2.600000] tun: Universal TUN/TAP device driver, 1.6[ 2.600000] tun: (C) 1999-2004 Max Krasnyansky <maxk(a)qualcomm.com>[ 2.610000] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver[ 2.610000] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver[ 2.620000] uhci_hcd: USB Universal Host Controller Interface driver[ 2.630000] i8042: PNP: No PS/2 controller found. Probing ports directly.[ 2.650000] serio: i8042 KBD port at 0x60,0x64 irq 1[ 2.660000] serio: i8042 AUX port at 0x60,0x64 irq 12[ 2.680000] mousedev: PS/2 mouse device common for all mice[ 2.690000] rtc_cmos rtc_cmos: rtc core: registered rtc_cmos as rtc0[ 2.690000] rtc0: alarms up to one day, 114 bytes nvram[ 2.700000] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input0[ 2.710000] device-mapper: uevent: version 1.0.3[ 2.710000] device-mapper: ioctl: 4.19.1-ioctl (2011-01-07) initialised: dm-devel(a)redhat.com[ 2.740000] device-mapper: multipath: version 1.2.0 loaded[ 2.740000] device-mapper: multipath round-robin: version 1.0.0 loaded[ 2.750000] cpuidle: using governor ladder[ 2.750000] cpuidle: using governor menu[ 2.770000] TCP cubic registered[ 2.770000] NET: Registered protocol family 10[ 2.810000] NET: Registered protocol family 17[ 2.820000] Registering the dns_resolver key type[ 2.820000] powernow-k8: Processor cpuid 623 not supported[ 2.830000] registered taskstats version 1[ 2.830000] Magic number: 7:668:508[ 2.830000] pci 0000:00:01.0: hash matches[ 2.830000] rtc_cmos rtc_cmos: setting system clock to 2011-12-14 01:30:19 UTC (1323826219)[ 2.840000] BIOS EDD facility v0.16 2004-Jun-25, 0 devices found[ 2.850000] EDD information not available.[ 2.910000] Freeing unused kernel memory: 956k freed[ 2.970000] Write protecting the kernel read-only data: 10240k[ 2.990000] Freeing unused kernel memory: 184k freed[ 3.130000] Freeing unused kernel memory: 1444k freedfebootstrap: mounting /procfebootstrap: uptime: 3.28 0.79febootstrap: ext2 mini initrd starting up: 3.12 zlibfebootstrap: mounting /sysfebootstrap: internal insmod libcrc32c.kofebootstrap: internal insmod crc-itu-t.kofebootstrap: internal insmod crc-ccitt.kofebootstrap: internal insmod crc7.kofebootstrap: internal insmod scsi_transport_spi.kofebootstrap: internal insmod sym53c8xx.kofebootstrap: internal insmod sparse-keymap.kofebootstrap: internal insmod ideapad-laptop.koinsmod: init_module: ideapad-laptop.ko: No such devicefebootstrap: internal insmod virtio_ring.kofebootstrap: internal insmod virtio.kofebootstrap: internal insmod virtio-rng.kofebootstrap: internal insmod virtio_console.kofebootstrap: internal insmod virtio_blk.kofebootstrap: internal insmod virtio_net.kofebootstrap: internal insmod virtio_pci.ko[ 4.420000] virtio-pci 0000:00:02.0: PCI->APIC IRQ transform: INT A -> IRQ 34[ 4.470000] virtio-pci 0000:00:03.0: PCI->APIC IRQ transform: INT A -> IRQ 35[ 4.570000] vda: unknown partition table[ 4.580000] virtio-pci 0000:00:04.0: PCI->APIC IRQ transform: INT A -> IRQ 35[ 4.590000] vdb: unknown partition tablefebootstrap: internal insmod virtio_balloon.kofebootstrap: picked /sys/block/vdb/dev as root devicefebootstrap: creating /dev/root as block special 251:16febootstrap: mounting new root on /rootfebootstrap: chroot/proc/uptime: No such file or directoryStarting /init script ...rm: cannot remove `/proc': Is a directorymkdir: cannot create directory `/proc': File existsmount: error while loading shared libraries: libsepol.so.1: cannot open shared object file: No such file or directoryrm: cannot remove `/sys': Is a directorymkdir: cannot create directory `/sys': File existsmount: error while loading shared libraries: libsepol.so.1: cannot open shared object file: No such file or directory/init: 59: cannot create /proc/sys/kernel/hotplug: Directory nonexistentcannot open /dev/nullCannot access the Hardware Clock via any known method.Use the --debug option to see the details of our search for an access method.[ 7.170000] NET: Registered protocol family 4[ 7.390000] NET: Registered protocol family 5SIOCSIFADDR: No such deviceeth0: ERROR while getting interface flags: No such deviceSIOCADDRT: No such process /proc/mounts: _get_sysfs_dir: fopen %s failed: No such file or directory /proc/devices: fopen failed: No such file or directory Failed to create lvm type filter /proc/mounts: _get_sysfs_dir: fopen %s failed: No such file or directory /proc/devices: fopen failed: No such file or directory Failed to create lvm type filter/init: 80: cannot create /sys/block/vd*/queue/rotational: Directory nonexistent/proc/cmdline: No such file or directory
Failed to connect to virtio-serial channel.
This is a fatal error and the appliance will now exit.
Usually this error is caused by either QEMU or the appliancekernel not supporting the vmchannel method that thelibguestfs library chose to use. Please run'libguestfs-test-tool' and provide the complete, uneditedoutput to the libguestfs developers, either in a bug reportor on the libguestfs redhat com mailing list.
/dev/virtio-ports/org.libguestfs.channel.0: No such file or directory[ 9.730000] md: stopping all md devices.[ 9.970000] Restarting system.[ 9.970000] machine restartlibguestfs: error: unexpected end of file when reading from daemon.See earlier debug messages.Or you can run 'libguestfs-test-tool' and post the complete output intoa bug report or message to the libguestfs mailing list.libguestfs: child_cleanup: 0x10242d0: child process diedlibguestfs-test-tool: failed to launch appliancelibguestfs: closing guestfs handle 0x10242d0 (state 0)
12 years, 5 months
[hivex][PATCH] Increase filetime printing resolution to sub-second
by Alex Nelson
Signed-off-by: Alex Nelson <ajnelson(a)cs.ucsc.edu>
---
xml/hivexml.c | 20 +++++++++++++++++---
1 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/xml/hivexml.c b/xml/hivexml.c
index 5030c24..98b90c5 100644
--- a/xml/hivexml.c
+++ b/xml/hivexml.c
@@ -185,6 +185,8 @@ filetime_to_8601 (int64_t windows_ticks)
char *ret;
time_t t;
struct tm *tm;
+ int64_t sub_seconds;
+ size_t ftd; /* # chars formatted so far. */
if (windows_ticks == 0LL)
return NULL;
@@ -194,16 +196,28 @@ filetime_to_8601 (int64_t windows_ticks)
if (tm == NULL)
return NULL;
- ret = malloc (TIMESTAMP_BUF_LEN);
+ sub_seconds = windows_ticks % WINDOWS_TICK;
+ /* Trim trailing zeroes from fractional part. */
+ while (sub_seconds % 10 == 0 && sub_seconds > 0) {
+ sub_seconds /= 10;
+ }
+
+ ret = calloc (TIMESTAMP_BUF_LEN, sizeof (char));
if (ret == NULL) {
- perror ("malloc");
+ perror ("calloc");
exit (EXIT_FAILURE);
}
- if (strftime (ret, TIMESTAMP_BUF_LEN, "%FT%TZ", tm) == 0) {
+ if (strftime (ret, TIMESTAMP_BUF_LEN, "%FT%T", tm) == 0) {
perror ("strftime");
exit (EXIT_FAILURE);
}
+ ftd = strlen (ret);
+
+ if (snprintf (ret + ftd, TIMESTAMP_BUF_LEN - ftd, ".%" PRIi64 "Z", sub_seconds) == 0) {
+ perror ("snprintf");
+ exit (EXIT_FAILURE);
+ }
return ret;
}
--
1.7.6.4
12 years, 5 months
A few errors with virt-p2v-image-builder
by Greg Scott
I just now ran into some traceback messages and other errors running
virt-p2v-image-builder 0.8.5.1. Anything to worry about?
.
.
.
Installing: passwd #####################
[305/307]
Installing: syslinux #####################
[306/307]
Installing: vim-minimal #####################
[307/307]
Note: Forwarding request to 'systemctl enable NetworkManager.service'.
error reading information on service auditd: No such file or directory
Starting Kickstart Post
Creating shadow files
Forcing C locale
[Errno 2] No such file or directory:
'/var/tmp/imgcreate-vC5xTf/install_root/usr/share/locale'
ignoring %post failure (code 1)
Removing python source files
Customizing boot menu
Creating manifest....done
Traceback (most recent call last):
File "/usr/lib/python2.7/site.py", line 563, in <module>
File "/usr/lib/python2.7/site.py", line 545, in main
File "/usr/lib/python2.7/site.py", line 278, in addusersitepackages
File "/usr/lib/python2.7/site.py", line 253, in getusersitepackages
File "/usr/lib/python2.7/site.py", line 243, in getuserbase
File "/usr/lib/python2.7/sysconfig.py", line 520, in get_config_var
File "/usr/lib/python2.7/sysconfig.py", line 419, in get_config_vars
File "/usr/lib/python2.7/sysconfig.py", line 298, in _init_posix
IOError: invalid Python installation: unable to open
/usr/include/python2.7/pyconfig-32.h (No such file or directory)
I: -input-charset not specified, using utf-8 (detected in locale
settings)
Using MANIF000.TXT;1 for /manifest-srpm.txt (manifest-license.txt)
Using MANIF001.TXT;1 for /manifest-license.txt (manifest-rpm.txt)
Using MANIF000.BZ2;1 for /manifest-owns.txt.bz2 (manifest-deps.txt.bz2)
Using MANIF001.BZ2;1 for /manifest-deps.txt.bz2 (manifest-dir.txt.bz2)
Using MANIF002.BZ2;1 for /manifest-dir.txt.bz2 (manifest-file.txt.bz2)
Using LIVEC000.;1 for
/var/tmp/imgcreate-vC5xTf/iso-FsojFr/LiveOS/livecd-iso-to-pxeboot
(livecd-iso-to-disk)
Size of boot image is 4 sectors -> No emulation
9.95% done, estimate finish Fri Dec 9 21:58:54 2011
19.86% done, estimate finish Fri Dec 9 21:58:54 2011
29.80% done, estimate finish Fri Dec 9 21:58:54 2011
39.72% done, estimate finish Fri Dec 9 21:58:54 2011
49.66% done, estimate finish Fri Dec 9 21:58:56 2011
59.57% done, estimate finish Fri Dec 9 21:58:55 2011
69.51% done, estimate finish Fri Dec 9 21:58:55 2011
79.43% done, estimate finish Fri Dec 9 21:58:55 2011
89.36% done, estimate finish Fri Dec 9 21:58:55 2011
99.29% done, estimate finish Fri Dec 9 21:58:55 2011
Total translation table size: 2048
Total rockridge attributes bytes: 2239
Total directory bytes: 4096
Path table size(bytes): 40
Max brk space used 1b000
50365 extents written (98 MB)
Inserting md5sum into iso image...
md5 = 846fe73d65f185cc939262f022874f02
Inserting fragment md5sums into iso image...
fragmd5 = 24359bb7fa6345fb8826d2b789a326cbcaff94b4d7c221e3b8d99f8ea23d
frags = 20
Setting supported flag to 0
umount: /var/tmp/imgcreate-vC5xTf/install_root/sys/fs/selinux/load: not
found
[root@Fedora16P2V gregs]#
[root@Fedora16P2V gregs]#
[root@Fedora16P2V gregs]# ls -al | grep iso
-rw-r--r--. 1 root root 103809024 Dec 9 21:58 Virt-P2V.iso
[root@Fedora16P2V gregs]#
Thanks
- Greg
12 years, 5 months
[hivex] [PATCH 0/2] Report hive header data
by Alex Nelson
This patch series exposes hive header data through additions to the ABI,
and reports the information with hivexml.
Alex Nelson (2):
hivex: Expose hive major and minor version
hivex: Expose embedded hive file name
generator/generator.ml | 16 ++++++++++++++++
lib/hivex.c | 38 +++++++++++++++++++++++++++++++++-----
xml/hivexml.c | 33 +++++++++++++++++++++++++++++++++
3 files changed, 82 insertions(+), 5 deletions(-)
--
1.7.6.4
12 years, 5 months
Re: [Libguestfs] P2Vs seem to require a very robust Ethernet
by Greg Scott
> Trying a P2V again, this time using a physical Fedora system for
> the NFS RHEV Export domain instead of the Storagetek NFS server.
> Everything else is the same. Same source server, same conversion
> server, same v2v and p2v versions for now. The only variable
> different is the RHEV Export NFS server.
This time, the P2V finished at 10:36 PM. Start time was 8:38 PM. Total size was 74 GB over roughly 2 hours of elapsed time. I just started a RHEV import and that should finish a couple of hours from now.
- Greg
12 years, 5 months
