Masami Watanabe
2006-Oct-25 22:07 UTC
[Xen-devel] [PATCH][VNC Auth] Fix qemu-dm becomes defunct when rebooting hvm domain
Hi, Sorry, I should not have removed infomation on xend. image.py, line 399, in configVNC config.remove([''vncpasswd'', vncpasswd_vmconfig]) When vncpasswd is removed, qemu-dm cannot be started in reboot of hvm domain. Because necessary information disappears. It cannot be helped though information in config list remains in xenstore. This patch corrects above. Regards, Masami ------------------------------------ diff -r a661566745ae tools/python/xen/xend/image.py --- a/tools/python/xen/xend/image.py Tue Oct 24 16:46:02 2006 +0100 +++ b/tools/python/xen/xend/image.py Wed Oct 25 16:55:52 2006 +0900 @@ -395,9 +395,6 @@ class HVMImageHandler(ImageHandler): if vncpasswd != '''': self.vm.storeVm("vncpasswd", vncpasswd) - # remove password - config.remove([''vncpasswd'', vncpasswd_vmconfig]) - return ret def createDeviceModel(self): ------------------------------------ On Wed, 25 Oct 2006 21:43:11 +0100, Keir Fraser wrote:> The patch has been in for nearly a week, c/s 11840:02506a744315. Did you > check before asking? > > -- Keir > > On 25/10/06 7:00 pm, "Daniel P. Berrange" <berrange@redhat.com> wrote: > > > Hi Kier / Ewan, > > > > Can we get Masami''s VNC password patch into xen-unstable. > > > > Regards, > > Dan > > > > On Tue, Oct 10, 2006 at 09:04:09AM -0500, Anthony Liguori wrote: > >> Daniel P. Berrange wrote: > >>> On Thu, Oct 05, 2006 at 10:28:15AM +0900, Masami Watanabe wrote: > >>> > >>>> Hi all, > >>>> > >>>> This is take 4 on VNC authentification. > >>>> > >>>> The specification is as mentioned at > >>>> http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00666.html > >>>> (However, password came to describe plain text) > >>>> > >>>> The difference is follows. > >>>> - protocol_authtype() without the necessity was deleted. > >>>> - The check on the protocol version was added. > >>>> - And, some small modification. > >>>> > >>> > >>> The patch loooks good to me - unless Anthony spots any further issues in > >>> the VNC auth code, I''d say this is worth commiting to xen-unstable.hg > >>> whe 3.0.4 development opens up. > >>> > >> > >> Looks good to me too. Thanks Masami! > > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xensource.com > http://lists.xensource.com/xen-devel_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Keir Fraser
2006-Oct-27 16:16 UTC
[Xen-devel] Re: [PATCH][VNC Auth] Fix qemu-dm becomes defunct when rebooting hvm domain
On 25/10/06 11:07 pm, "Masami Watanabe" <masami.watanabe@jp.fujitsu.com> wrote:> Sorry, I should not have removed infomation on xend. > > image.py, line 399, in configVNC > config.remove([''vncpasswd'', vncpasswd_vmconfig]) > > When vncpasswd is removed, qemu-dm cannot be started in reboot of hvm domain. > Because necessary information disappears. > It cannot be helped though information in config list remains in xenstore. > > This patch corrects above.That would mean that you¹d fall back to the default VNC password though, right? Why would it cause qemu to fail to restart and become a defunct process? -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Daniel P. Berrange
2006-Oct-27 16:39 UTC
[Xen-devel] Re: [PATCH][VNC Auth] Fix qemu-dm becomes defunct when rebooting hvm domain
On Fri, Oct 27, 2006 at 05:16:57PM +0100, Keir Fraser wrote:> On 25/10/06 11:07 pm, "Masami Watanabe" <masami.watanabe@jp.fujitsu.com> > wrote: > > > Sorry, I should not have removed infomation on xend. > > > > image.py, line 399, in configVNC > > config.remove([''vncpasswd'', vncpasswd_vmconfig]) > > > > When vncpasswd is removed, qemu-dm cannot be started in reboot of hvm domain. > > Because necessary information disappears. > > It cannot be helped though information in config list remains in xenstore. > > > > This patch corrects above. > > That would mean that you¹d fall back to the default VNC password though, > right? Why would it cause qemu to fail to restart and become a defunct > process?No, it looks correct to me - we were scrubbing the vncpassword from the guest config after using it, so that it didn''t appear in the SXPR data with doing ''xm list --long'' etc. But turns out we do need the password later on after all, so we can''t scrub it completely. Perhaps we just need to scrub it out on the fly when talking to XM & other apps instead - i''ve already been working on a patch to scrub it out when loggin the guest data to /var/log/xen/xend.log. This ''config.remove'' thing also impacted my equivalent vncpassword patches for the paravirt framebuffer, because it meant when you do a save/restore or a migrate, and started the VNC daemon it no longer found a password. Not sure why qemu would do defunct though - if the vncpasswd is not set in xenstore, it ought to have just fallen back to no-password auth. Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=| _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Masami Watanabe
2006-Oct-30 12:29 UTC
[Xen-devel] Re: [PATCH][VNC Auth] Fix qemu-dm becomes defunct when rebooting hvm domain
Hi all, I am sorry for the delayed response. On Fri, 27 Oct 2006 17:39:42 +0100, Daniel P. Berrange wrote:> Not sure why qemu would do defunct though - if the vncpasswd is not set > in xenstore, it ought to have just fallen back to no-password auth.Yes. Thanks Dan. On Fri, Oct 27, 2006 at 05:16:57PM +0100, Keir Fraser wrote:> That would mean that you¹d fall back to the default VNC password though, > right? Why would it cause qemu to fail to restart and become a defunct > process?Thanks Keir, for your correction. Please refer to the following for accurate processing. - When qemu-dm start, qemu-dm is sure to need vncpasswd in xenstore. main()@vl.c -> xenstore_read_vncpasswd()@xenstore.c Null string vncpasswd is allowed. but non vncpasswd is not allowed. - If config.remove() in image.py, vncpasswd is not preserved in xend. When rebooting guest domain, xend cannot pass qemu-dm vncpasswd. - When vncpasswd cannot be read from xenstore, qemu-dm is exit(1). As a result, qemu-dm becomes defunct process. Best regards, Masami On Fri, 27 Oct 2006 17:39:42 +0100, Daniel P. Berrange wrote:> On Fri, Oct 27, 2006 at 05:16:57PM +0100, Keir Fraser wrote: > > On 25/10/06 11:07 pm, "Masami Watanabe" <masami.watanabe@jp.fujitsu.com> > > wrote: > > > > > Sorry, I should not have removed infomation on xend. > > > > > > image.py, line 399, in configVNC > > > config.remove([''vncpasswd'', vncpasswd_vmconfig]) > > > > > > When vncpasswd is removed, qemu-dm cannot be started in reboot of hvm domain. > > > Because necessary information disappears. > > > It cannot be helped though information in config list remains in xenstore. > > > > > > This patch corrects above. > > > > That would mean that you¹d fall back to the default VNC password though, > > right? Why would it cause qemu to fail to restart and become a defunct > > process? > > No, it looks correct to me - we were scrubbing the vncpassword from the > guest config after using it, so that it didn''t appear in the SXPR data > with doing ''xm list --long'' etc. But turns out we do need the password > later on after all, so we can''t scrub it completely. Perhaps we just need > to scrub it out on the fly when talking to XM & other apps instead - i''ve > already been working on a patch to scrub it out when loggin the guest > data to /var/log/xen/xend.log. > > This ''config.remove'' thing also impacted my equivalent vncpassword patches > for the paravirt framebuffer, because it meant when you do a save/restore > or a migrate, and started the VNC daemon it no longer found a password. > > Not sure why qemu would do defunct though - if the vncpasswd is not set > in xenstore, it ought to have just fallen back to no-password auth. > > Dan. > -- > |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| > |=- Perl modules: http://search.cpan.org/~danberr/ -=| > |=- Projects: http://freshmeat.net/~danielpb/ -=| > |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Keir Fraser
2006-Oct-30 13:35 UTC
[Xen-devel] Re: [PATCH][VNC Auth] Fix qemu-dm becomes defunct when rebooting hvm domain
On 30/10/06 12:29, "Masami Watanabe" <masami.watanabe@jp.fujitsu.com> wrote:> - When vncpasswd cannot be read from xenstore, qemu-dm is exit(1). > As a result, qemu-dm becomes defunct process.No, xenstore_read_vncpasswd() bails but returns 0, so the caller does not exit(). Otherwise we could not run with authentication disabled (xend does not write empty passwd strings to xenstore). -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Possibly Parallel Threads
- RE: Individual passwords for guest VNC servers ?
- [PATCH]configuration files(sched-credit)
- virt-install complains about vnc-password not being set
- [PATCH -tip v3 00/23] kprobes: introduce NOKPROBE_SYMBOL() and general cleaning of kprobe blacklist
- [PATCH -tip v3 00/23] kprobes: introduce NOKPROBE_SYMBOL() and general cleaning of kprobe blacklist