Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1354253 - virtlogd should fail to start when set max_clients larger than the maximum value of int type
Summary: virtlogd should fail to start when set max_clients larger than the maximum va...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: libvirt
Version: 7.3
Hardware: x86_64
OS: Linux
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Erik Skultety
QA Contact: Fangge Jin
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-07-11 04:51 UTC by yafu
Modified: 2017-08-01 23:53 UTC (History)
9 users (show)

Fixed In Version: libvirt-2.5.0-1.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-08-01 17:11:42 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2017:1846 normal SHIPPED_LIVE libvirt bug fix and enhancement update 2017-08-01 18:02:50 UTC

Description yafu 2016-07-11 04:51:05 UTC
Description of problem:
Set max_clients larger than the max value of int type(2147483647) in the virtlogd.conf, it is translated to a large positive value. And when set the max_clients to very large, it works as max_clients=0. 

Version-Release number of selected component (if applicable):
libvirt-2.0.0-2.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
1.Set max_clients in virtlogd.conf to value 2147483649 and restart virtlogd service:
  #cat /etc/libvirt/virtlogd.conf
   ...
    max_clients=2147483649
  
  #service virtlogd restart

2.Start a guest:
  #virsh start rhel7.3

3.Check the log in the virtlogd.log
2016-07-05 08:55:39.711+0000: 12975: debug : virNetServerCheckLimits:759 : Considering re-enabling services: nclients=0 nclients_max=***18446744071562067969*** nclients_unauth=0 nclients_unauth_max=***18446744071562067969***


4.Set max_clients to a very large value and restart virtlogd service:
#cat /etc/libvirt/virtlogd.conf
  ...
  max_clients=1024000000000000000000000000000
  ...

5.Start a guest:
  #virsh start rhel7.3-2
  error: Failed to start domain mig1
  error: Cannot recv data: Connection reset by peer

6.Check the virtlogd.log:
  2016-07-05 09:02:37.907+0000: 15307: error : virNetServerAddClient:246 : Too many active clients (0), dropping connection from 127.0.0.1:0
  2016-07-05 09:02:37.912+0000: 15307: error : virNetServerAddClient:246 : Too many active clients (0), dropping connection from 127.0.0.1:0

Actual results:
virtlogd start correctly when set max_clients larger than the maximum value of int type, but it is out of memory.

Expected results:
virtlogd should fail to start when set max_clients larger than the maximum value of int type.


Additional info:

Comment 1 Daniel Berrange 2016-07-11 09:53:10 UTC
Actually, we should be treating max_clients as an unsigned int, not an int, which means the limit should be 4294967295. Even then though, we should do bounds-checking

This series fixes the data type and does bounds checking

https://www.redhat.com/archives/libvir-list/2016-July/msg00312.html

With that series applied we'd get this:

$ cat ~/.config/libvirt/virtlogd.conf
max_clients=4294967296

$ virtlogd 
2016-07-11 09:51:07.598+0000: 15956: info : libvirt version: 2.1.0
2016-07-11 09:51:07.598+0000: 15956: info : hostname: t530wlan.home.berrange.com
2016-07-11 09:51:07.598+0000: 15956: error : main:1033 : Can't load config file: internal error: /home/berrange/.config/libvirt/virtlogd.conf: value for 'max_clients' parameter must be in range 0:4294967295: /home/berrange/.config/libvirt/virtlogd.conf

Comment 2 Peter Krempa 2016-09-13 12:03:57 UTC
Upstream fixes this as:

commit 46dbc97e657b347076552fdebefd6874bc35bb4a
Author: Daniel P. Berrange <berrange@redhat.com>
Date:   Fri Jul 8 13:51:22 2016 +0100

    virtlogd: convert to typedef virConf accessors

Comment 4 Fangge Jin 2017-03-09 06:22:23 UTC
I can reproduce step 1~3 with build libvirt-2.0.0-10.el7_3.5.x86_64

Verify PASS with build libvirt-3.1.0-2.el7.x86_64

Test Steps:
1)Set max_clients = 4294967295 in /etc/libvirt/virtlogd.conf
  Also config logging for virtlogd: 
	log_level = 1
	log_outputs="1:file:/var/log/libvirt/virtlogd.log"

2)Start virtlogd:
# systemctl start virtlogd

# systemctl status virtlogd
● virtlogd.service - Virtual machine log manager
   Loaded: loaded (/usr/lib/systemd/system/virtlogd.service; indirect; vendor preset: disabled)
   Active: active (running) since Wed 2017-03-08 19:52:05 EST; 2s ago

3)Start a guest
# virsh start guest1
Domain guest1 started

4)Check virtlogd.log, clients_max=4294967295:
2017-03-09 00:53:52.631+0000: 6108: debug : virNetServerCheckLimits:253 : Checking client-related limits to re-enable or temporarily suspend services: nclients=0 nclients_max=4294967295 nclients_unauth=0 nclients_unauth_max=4294967295

5)Set max_clients = 4294967296 (max of uint + 1) in /etc/libvirt/virtlogd.conf

6)Start virtlogd:
# virtlogd
2017-03-09 00:45:17.530+0000: 28396: info : libvirt version: 3.1.0, package: 2.el7 (Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>, 2017-03-08-08:04:09, x86-037.build.eng.bos.redhat.com)
2017-03-09 00:45:17.530+0000: 28396: info : hostname: bogon
2017-03-09 00:45:17.530+0000: 28396: error : main:969 : Can't load config file: internal error: /etc/libvirt/virtlogd.conf: value for 'max_clients' parameter must be in range 0:4294967295: /etc/libvirt/virtlogd.conf

7)Retest with max_clients = 1024000000000000000000000000000, got same result with step 6)

Comment 5 errata-xmlrpc 2017-08-01 17:11:42 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1846

Comment 6 errata-xmlrpc 2017-08-01 23:53:19 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1846


Note You need to log in before you can comment on or make changes to this bug.