November 2023 - Libguestfs - Libguestfs List Archives

apply add kylinsecos to supermin support

by Ken Lee

Dear all: apply add kylinsecos to supermin support. Modify the code as follows, diff --git a/src/ph_rpm.ml b/src/ph_rpm.ml index 783d1bb..5061d32 100644 --- a/src/ph_rpm.ml +++ b/src/ph_rpm.ml @@ -32,12 +32,13 @@ let stringset_of_list pkgs = let fedora_detect () = Config.rpm <> "no" && Config.rpm2cpio <> "no" && rpm_is_available () && (Config.yumdownloader <> "no" || Config.dnf <> "no") && - (List.mem (Os_release.get_id ()) [ "fedora"; "rhel"; "centos"; "openEuler"; "anolis" ] || + (List.mem (Os_release.get_id ()) [ "fedora"; "rhel"; "centos"; "openEuler"; "anolis"; "KylinSecOS" ] || try (stat "/etc/redhat-release").st_kind = S_REG || (stat "/etc/fedora-release").st_kind = S_REG || (stat "/etc/openEuler-release").st_kind = S_REG || - (stat "/etc/anolis-release").st_kind = S_REG + (stat "/etc/anolis-release").st_kind = S_REG || + (stat "/etc/kylin-release").st_kind = S_REG with Unix_error _ -> false) let opensuse_detect () =

10 months, 2 weeks

2
2
0 / 0

[libnbd PATCH] docs: Mention CVE-2023-5871

by Eric Blake

Point to the list archives for more details about the recent fix in commit 177308adb1. The issue is deemed low risk, but every security bug should be mentioned. Signed-off-by: Eric Blake <eblake(a)redhat.com> --- The URL may change as a result of getting the list migration stable (doing another re-import to get more than 2 years of list history may impact things); I'm also trying to figure out if mailman3/hyperkitty has a way to get a shorter permalink URL under 80 columns that will point to a given message. So for now, I'll hold off on pushing this patch until we know we are ready for it. --- docs/libnbd-security.pod | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/libnbd-security.pod b/docs/libnbd-security.pod index 216efa43..6bbd6bd8 100644 --- a/docs/libnbd-security.pod +++ b/docs/libnbd-security.pod @@ -45,6 +45,12 @@ negative size result from nbd_get_size(3) See the full announcement here: L<https://listman.redhat.com/archives/libguestfs/2023-September/032711.html> +=head2 CVE-2023-5871 +assertion failure for 64-bit flags passed to nbd_block_status(3) + +See the full announcement here: +L<https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/t...> + =head1 SEE ALSO L<libnbd(3)>. -- 2.41.0

10 months, 4 weeks

2
2
0 / 0

New libguestfs mailing list is live

by Richard W.M. Jones

As you can see we have a new libguestfs mailing list. The old one (libguestfs(a)redhat.com) had to be decommissioned when Red Hat decided to get out of the mailing list hosting business. The new one is provided on a self-administered VPS. The archives are here: https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/ The mailing list address is guestfs(a)lists.libguestfs.org. You can use it for all discussion of libguestfs, guestfs tools, virt-v2v and nbdkit, and related projects. libnbd too, but for general NBD topics there is also the usual NBD mailing list hosted by Debian. I have updated the website and projects to point to the new mailing list, where possible. Thanks to Marc Dequènes for doing most of the heavy lifting for this one. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into KVM guests. http://libguestfs.org/virt-v2v

10 months, 4 weeks

1
0
0 / 0

Re: [Libguestfs] libguestfs failure "mkdir: command not found ..."

by Richard W.M. Jones

On Mon, Oct 23, 2023 at 03:53:37PM +0000, Maximilian Kirschner wrote: > Is it possible that this error occcurs because my root partition is encryped > with LUKS. If the virtual file system tries to mount the /root of my host > system, this will not work. > Is this the case? Does libguestfs mount the /root of the host system? > And if so, do you know a workaround for systems with encrypted disks? It's not to do with LUKS. Just about everyone uses LUKS and libguestfs works fine. It's a bug in the Ubuntu package, try: > > I'm afraid looks like however libguestfs was built, it is > severly broken. You might want to file an Ubuntu bug if it's > the official package, or else try rebuilding the dpkg from > source and see if that works. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into KVM guests. http://libguestfs.org/virt-v2v

11 months

2
5
0 / 0

libnbd | Failed pipeline for master | 574ae08f

by GitLab

Pipeline #1080578316 has failed! Project: libnbd ( https://gitlab.com/nbdkit/libnbd ) Branch: master ( https://gitlab.com/nbdkit/libnbd/-/commits/master ) Commit: 574ae08f ( https://gitlab.com/nbdkit/libnbd/-/commit/574ae08f8be89e850193adde0f13588... ) Commit Message: docs: Tighten up description of nbd_connect_uri... Commit Author: Richard W_M_ Jones ( https://gitlab.com/rwmjones ) Pipeline #1080578316 ( https://gitlab.com/nbdkit/libnbd/-/pipelines/1080578316 ) triggered by Richard W_M_ Jones ( https://gitlab.com/rwmjones ) had 2 failed jobs. Job #5589004581 ( https://gitlab.com/nbdkit/libnbd/-/jobs/5589004581/raw ) Stage: builds Name: x86_64-freebsd-current Job #5589004574 ( https://gitlab.com/nbdkit/libnbd/-/jobs/5589004574/raw ) Stage: builds Name: x86_64-freebsd-12 -- You're receiving this email because of your account on gitlab.com.

11 months

1
0
0 / 0

Re: libnbd | Failed pipeline for master | 54d44263

by Eric Blake

On Fri, Nov 10, 2023 at 03:38:12AM +0000, GitLab wrote: Gitlab tried to send this to the old list, but I'm replying to the new one (yes, I know we need to announce the new list once we are happy that the archives are ready - that's still an ongoing task at the moment). If I did things right, future gitlab emails will directly target the new address. > > > Pipeline #1067529654 has failed! > > Project: libnbd ( https://gitlab.com/nbdkit/libnbd ) > Branch: master ( https://gitlab.com/nbdkit/libnbd/-/commits/master ) > > Commit: 54d44263 ( https://gitlab.com/nbdkit/libnbd/-/commit/54d4426394c372413f55f648d4ad1d2... ) > Commit Message: tests: Check behavior of nbd_set_strict_mode(ST... > Commit Author: Eric Blake ( https://gitlab.com/ebblake ) > > > Pipeline #1067529654 ( https://gitlab.com/nbdkit/libnbd/-/pipelines/1067529654 ) triggered by Eric Blake ( https://gitlab.com/ebblake ) > had 1 failed job. > > Job #5504447391 ( https://gitlab.com/nbdkit/libnbd/-/jobs/5504447391/raw ) > > Stage: builds > Name: x86_64-fedora-rawhide-clang-prebuilt-env This was a timeout in building the rust bindings on rawhide; unrelated to my patch (which was merely adding a new unit test). Not sure why rust timed out; it looks like timing out eats the log file that would have let us see what the rust build was doing. -- Eric Blake, Principal Software Engineer Red Hat, Inc. Virtualization: qemu.org | libguestfs.org

11 months, 2 weeks

4
5
0 / 0

[PATCH nbdkit 0/3] server: Add magic values to important structs

by Richard W.M. Jones

Try to catch inconsistency within nbdkit better by adding a little dynamic validation of the three important structs that we use most often (backend, connection, context). This passes the full test suite, including valgrind, so there are no actual issues at the moment. Rich.

11 months, 2 weeks

2
5
0 / 0

[PATCH nbdkit v2] pattern: Accurately update b & offset in loop

by Richard W.M. Jones

It's better to update the 'b' pointer and the 'offset' using the calculated increment 'n', rather than using '8-o' which might be larger than the remainder of the buffer. Previously we could create a dangling pointer beyond the end of the output buffer, and this should not matter, but it's best not to do this if we can easily avoid it. Also improve the test by replacing qemu-io with nbdsh. It is able to make non-aligned requests so we can now test those. --- plugins/pattern/pattern.c | 4 +- tests/test-pattern.sh | 129 ++++++++++++++++++++++---------------- 2 files changed, 77 insertions(+), 56 deletions(-) diff --git a/plugins/pattern/pattern.c b/plugins/pattern/pattern.c index 3d2bb6040..3db1a21eb 100644 --- a/plugins/pattern/pattern.c +++ b/plugins/pattern/pattern.c @@ -119,8 +119,8 @@ pattern_pread (void *handle, void *buf, uint32_t count, uint64_t offset, o = offset & 7; n = MIN (count, 8-o); memcpy (b, (char *)&d + o, n); - b += 8-o; - offset += 8-o; + b += n; + offset += n; count -= n; } diff --git a/tests/test-pattern.sh b/tests/test-pattern.sh index 1b1bd56fb..79c42bc29 100755 --- a/tests/test-pattern.sh +++ b/tests/test-pattern.sh @@ -31,61 +31,82 @@ # SUCH DAMAGE. # Test the pattern plugin. -# -# Note we don't have any client which can issue misaligned NBD -# requests. qemu-io will issue 512-byte aligned requests no matter -# what read parameters we give it. Hence these tests are rather -# limited. (XXX) source ./functions.sh set -e -requires qemu-io --version - -sock=$(mktemp -u /tmp/nbdkit-test-sock.XXXXXX) -files="pattern.out pattern.pid $sock" -rm -f $files -cleanup_fn rm -f $files - -# Run nbdkit with pattern plugin. -start_nbdkit -P pattern.pid -U $sock pattern 1G - -qemu-io -r -f raw "nbd+unix://?socket=$sock" \ - -c 'r -v 0 512' | grep -E '^[[:xdigit:]]+:' > pattern.out -if [ "$(cat pattern.out)" != "00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 ................ -00000010: 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 18 ................ -00000020: 00 00 00 00 00 00 00 20 00 00 00 00 00 00 00 28 ................ -00000030: 00 00 00 00 00 00 00 30 00 00 00 00 00 00 00 38 .......0.......8 -00000040: 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 48 ...............H -00000050: 00 00 00 00 00 00 00 50 00 00 00 00 00 00 00 58 .......P.......X -00000060: 00 00 00 00 00 00 00 60 00 00 00 00 00 00 00 68 ...............h -00000070: 00 00 00 00 00 00 00 70 00 00 00 00 00 00 00 78 .......p.......x -00000080: 00 00 00 00 00 00 00 80 00 00 00 00 00 00 00 88 ................ -00000090: 00 00 00 00 00 00 00 90 00 00 00 00 00 00 00 98 ................ -000000a0: 00 00 00 00 00 00 00 a0 00 00 00 00 00 00 00 a8 ................ -000000b0: 00 00 00 00 00 00 00 b0 00 00 00 00 00 00 00 b8 ................ -000000c0: 00 00 00 00 00 00 00 c0 00 00 00 00 00 00 00 c8 ................ -000000d0: 00 00 00 00 00 00 00 d0 00 00 00 00 00 00 00 d8 ................ -000000e0: 00 00 00 00 00 00 00 e0 00 00 00 00 00 00 00 e8 ................ -000000f0: 00 00 00 00 00 00 00 f0 00 00 00 00 00 00 00 f8 ................ -00000100: 00 00 00 00 00 00 01 00 00 00 00 00 00 00 01 08 ................ -00000110: 00 00 00 00 00 00 01 10 00 00 00 00 00 00 01 18 ................ -00000120: 00 00 00 00 00 00 01 20 00 00 00 00 00 00 01 28 ................ -00000130: 00 00 00 00 00 00 01 30 00 00 00 00 00 00 01 38 .......0.......8 -00000140: 00 00 00 00 00 00 01 40 00 00 00 00 00 00 01 48 ...............H -00000150: 00 00 00 00 00 00 01 50 00 00 00 00 00 00 01 58 .......P.......X -00000160: 00 00 00 00 00 00 01 60 00 00 00 00 00 00 01 68 ...............h -00000170: 00 00 00 00 00 00 01 70 00 00 00 00 00 00 01 78 .......p.......x -00000180: 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 88 ................ -00000190: 00 00 00 00 00 00 01 90 00 00 00 00 00 00 01 98 ................ -000001a0: 00 00 00 00 00 00 01 a0 00 00 00 00 00 00 01 a8 ................ -000001b0: 00 00 00 00 00 00 01 b0 00 00 00 00 00 00 01 b8 ................ -000001c0: 00 00 00 00 00 00 01 c0 00 00 00 00 00 00 01 c8 ................ -000001d0: 00 00 00 00 00 00 01 d0 00 00 00 00 00 00 01 d8 ................ -000001e0: 00 00 00 00 00 00 01 e0 00 00 00 00 00 00 01 e8 ................ -000001f0: 00 00 00 00 00 00 01 f0 00 00 00 00 00 00 01 f8 ................" ] -then - echo "$0: unexpected pattern:" - cat pattern.out - exit 1 -fi +requires_run +requires_nbdsh_uri + +# Run nbdkit-pattern-plugin. Use a disk > 4G so we can test 2G and 4G +# boundaries. +nbdkit pattern 5G --run 'nbdsh -u "$uri" -c -' <<EOF + +# Generate the expected pattern in the given range. +# This only works for 8-byte aligned ranges. +def generated_expected(start,end): + assert start % 8 == 0 + assert end % 8 == 0 + expected = bytearray() + for i in range(start,end,8): + expected = expected + i.to_bytes(8, 'big') + return expected + +# Check actual == expected, with printing +def check_same(actual, expected): + if actual == expected: + print("check_same: passed", flush=True) + else: + print("actual = %r" % actual, flush=True) + print("expected = %r" % expected, flush=True) + assert False + +# Read an aligned range at the beginning of the disk. +expected = generated_expected(0, 64) +actual = h.pread(64, 0) +check_same(actual, expected) + +# Read starting from an unaligned offset. +actual = h.pread(60, 4) +check_same(actual, expected[4:]) + +# Read ending at an unaligned offset. +actual = h.pread(60, 0) +check_same(actual, expected[:60]) + +# Same as above, but around offset 1,000,000. +expected = generated_expected(1000000,1000000+64) +actual = h.pread(64, 1000000) +check_same(actual, expected) +actual = h.pread(61, 1000003) +check_same(actual, expected[3:]) +actual = h.pread(60, 1000000) +check_same(actual, expected[:60]) + +# Same as above, but around offset 2G. +offset = 2*1024*1024*1024 - 32 +expected = generated_expected(offset, offset+64) +actual = h.pread(64, offset) +check_same(actual, expected) +actual = h.pread(59, offset+5) +check_same(actual, expected[5:]) +actual = h.pread(60, offset) +check_same(actual, expected[:60]) + +# Same as above, but around offset 4G. +offset = 4*1024*1024*1024 - 32 +expected = generated_expected(offset, offset+64) +actual = h.pread(64, offset) +check_same(actual, expected) +actual = h.pread(59, offset+5) +check_same(actual, expected[5:]) +actual = h.pread(63, offset) +check_same(actual, expected[:63]) + +# Finish at the end of the disk. +offset = 5*1024*1024*1024 - 64 +expected = generated_expected(offset, offset+64) +actual = h.pread(64, offset) +check_same(actual, expected) + +'EOF' -- 2.42.0

11 months, 3 weeks

3
5
0 / 0

[PATCH nbdkit] pattern: Accurately update b & offset in loop

by Richard W.M. Jones

It's better to update the 'b' pointer and the 'offset' using the calculated increment 'n', rather than using '8-o' which might be larger than the remainder of the buffer. Previously we could create a dangling pointer beyond the end of the output buffer, and this should not matter, but it's best not to do this if we can easily avoid it. Also improve the test by replacing qemu-io with nbdsh. It is able to make non-aligned requests so we can now test those. --- plugins/pattern/pattern.c | 4 +- tests/test-pattern.sh | 98 ++++++++++++++++++--------------------- 2 files changed, 46 insertions(+), 56 deletions(-) diff --git a/plugins/pattern/pattern.c b/plugins/pattern/pattern.c index 3d2bb6040..3db1a21eb 100644 --- a/plugins/pattern/pattern.c +++ b/plugins/pattern/pattern.c @@ -119,8 +119,8 @@ pattern_pread (void *handle, void *buf, uint32_t count, uint64_t offset, o = offset & 7; n = MIN (count, 8-o); memcpy (b, (char *)&d + o, n); - b += 8-o; - offset += 8-o; + b += n; + offset += n; count -= n; } diff --git a/tests/test-pattern.sh b/tests/test-pattern.sh index 1b1bd56fb..6025aea78 100755 --- a/tests/test-pattern.sh +++ b/tests/test-pattern.sh @@ -31,61 +31,51 @@ # SUCH DAMAGE. # Test the pattern plugin. -# -# Note we don't have any client which can issue misaligned NBD -# requests. qemu-io will issue 512-byte aligned requests no matter -# what read parameters we give it. Hence these tests are rather -# limited. (XXX) source ./functions.sh set -e -requires qemu-io --version - -sock=$(mktemp -u /tmp/nbdkit-test-sock.XXXXXX) -files="pattern.out pattern.pid $sock" -rm -f $files -cleanup_fn rm -f $files - -# Run nbdkit with pattern plugin. -start_nbdkit -P pattern.pid -U $sock pattern 1G - -qemu-io -r -f raw "nbd+unix://?socket=$sock" \ - -c 'r -v 0 512' | grep -E '^[[:xdigit:]]+:' > pattern.out -if [ "$(cat pattern.out)" != "00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 ................ -00000010: 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 18 ................ -00000020: 00 00 00 00 00 00 00 20 00 00 00 00 00 00 00 28 ................ -00000030: 00 00 00 00 00 00 00 30 00 00 00 00 00 00 00 38 .......0.......8 -00000040: 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 48 ...............H -00000050: 00 00 00 00 00 00 00 50 00 00 00 00 00 00 00 58 .......P.......X -00000060: 00 00 00 00 00 00 00 60 00 00 00 00 00 00 00 68 ...............h -00000070: 00 00 00 00 00 00 00 70 00 00 00 00 00 00 00 78 .......p.......x -00000080: 00 00 00 00 00 00 00 80 00 00 00 00 00 00 00 88 ................ -00000090: 00 00 00 00 00 00 00 90 00 00 00 00 00 00 00 98 ................ -000000a0: 00 00 00 00 00 00 00 a0 00 00 00 00 00 00 00 a8 ................ -000000b0: 00 00 00 00 00 00 00 b0 00 00 00 00 00 00 00 b8 ................ -000000c0: 00 00 00 00 00 00 00 c0 00 00 00 00 00 00 00 c8 ................ -000000d0: 00 00 00 00 00 00 00 d0 00 00 00 00 00 00 00 d8 ................ -000000e0: 00 00 00 00 00 00 00 e0 00 00 00 00 00 00 00 e8 ................ -000000f0: 00 00 00 00 00 00 00 f0 00 00 00 00 00 00 00 f8 ................ -00000100: 00 00 00 00 00 00 01 00 00 00 00 00 00 00 01 08 ................ -00000110: 00 00 00 00 00 00 01 10 00 00 00 00 00 00 01 18 ................ -00000120: 00 00 00 00 00 00 01 20 00 00 00 00 00 00 01 28 ................ -00000130: 00 00 00 00 00 00 01 30 00 00 00 00 00 00 01 38 .......0.......8 -00000140: 00 00 00 00 00 00 01 40 00 00 00 00 00 00 01 48 ...............H -00000150: 00 00 00 00 00 00 01 50 00 00 00 00 00 00 01 58 .......P.......X -00000160: 00 00 00 00 00 00 01 60 00 00 00 00 00 00 01 68 ...............h -00000170: 00 00 00 00 00 00 01 70 00 00 00 00 00 00 01 78 .......p.......x -00000180: 00 00 00 00 00 00 01 80 00 00 00 00 00 00 01 88 ................ -00000190: 00 00 00 00 00 00 01 90 00 00 00 00 00 00 01 98 ................ -000001a0: 00 00 00 00 00 00 01 a0 00 00 00 00 00 00 01 a8 ................ -000001b0: 00 00 00 00 00 00 01 b0 00 00 00 00 00 00 01 b8 ................ -000001c0: 00 00 00 00 00 00 01 c0 00 00 00 00 00 00 01 c8 ................ -000001d0: 00 00 00 00 00 00 01 d0 00 00 00 00 00 00 01 d8 ................ -000001e0: 00 00 00 00 00 00 01 e0 00 00 00 00 00 00 01 e8 ................ -000001f0: 00 00 00 00 00 00 01 f0 00 00 00 00 00 00 01 f8 ................" ] -then - echo "$0: unexpected pattern:" - cat pattern.out - exit 1 -fi +requires_run +requires_nbdsh_uri + +nbdkit pattern 2M --run 'nbdsh -u "$uri" -c -' <<EOF + +# Read from an aligned offset at the beginning of the disk. +expected = bytearray() +for i in range(0,64,8): + expected = expected + i.to_bytes(8, "big") +print("expected = %r" % expected) +actual = h.pread(64, 0) +print("actual = %r" % actual) +assert actual == expected + +# Read from an unaligned offset. +actual = bytearray(4) + h.pread(60, 4) +print("actual = %r" % actual) +assert actual == expected + +# Read to an unaligned offset. +actual = h.pread(60, 0) +print("actual = %r" % actual) +assert actual == expected[:60] + +# Read from an aligned offset further in the disk. +expected = bytearray() +for i in range(1000000,1000064,8): + expected = expected + i.to_bytes(8, "big") +print("expected = %r" % expected) +actual = h.pread(64, 1000000) +print("actual = %r" % actual) +assert actual == expected + +# Read from an unaligned offset. +actual = bytearray(3) + h.pread(61, 1000003) +print("actual = %r" % actual) +assert actual == expected + +# Read to an unaligned offset. +actual = h.pread(60, 1000000) +print("actual = %r" % actual) +assert actual == expected[:60] + +'EOF' -- 2.42.0

11 months, 3 weeks

2
2
0 / 0

[COMMON PATCH v2] mldrivers: look for bootloader config in /boot/grub/grub.cfg in case of UEFI

by Andrey Drobyshev

On some older Debian-based distros (in particular, this is true for Debian 8) GRUB config file doesn't reside on EFI partition, but rather at /boot/grub/grub.cfg even if UEFI firmware is being used. As a result, in the UEFI case we get "error: no bootloader detected". Let's just append this path to the end of the corresponding list as a workaround when dealing with UEFI guests. Signed-off-by: Andrey Drobyshev <andrey.drobyshev(a)virtuozzo.com> --- mldrivers/linux_bootloaders.ml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/mldrivers/linux_bootloaders.ml b/mldrivers/linux_bootloaders.ml index 6f8857e..91c5ab9 100644 --- a/mldrivers/linux_bootloaders.ml +++ b/mldrivers/linux_bootloaders.ml @@ -375,6 +375,18 @@ let detect_bootloader (g : G.guestfs) root i_firmware = with G.Error msg -> error (f_"could not find bootloader mount point (%s): %s") mp msg in + (* + * Workaround for older UEFI-based Debian which may not have + * /boot/efi/EFI/debian/grub.cfg. + *) + let paths = + if g#exists "/boot/grub/grub.cfg" then + match i_firmware with + | Firmware.I_BIOS -> paths + | I_UEFI _ -> paths @ ["/boot/grub/grub.cfg"] + else paths + in + (* We can determine if the bootloader config file is grub 1 or * grub 2 just by looking at the filename. *) -- 2.39.3

11 months, 3 weeks

3
5
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

Libguestfs November 2023