From nobody Sun May 19 13:07:52 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.133.124 as permitted sender) client-ip=170.10.133.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1689938045; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Yefj37S+99rDYW9Xjc3jqTcJynlZY2ni6N4+guDC4d3xs1izHRs643RbkMVg6rEIxRRlI6+e0t9+ZLa/8/SlfojtNc1tBaF/gBXbrnm2MAL3hnIxTonSJ1fUmwPQq+qQo5qrhcPF61lWZoc8vTPccVZW9PIOBHpGPSJ3+TFvNnU=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1689938045;
 h=Content-Type:Content-Transfer-Encoding:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To;
	bh=tQDmK7dn8vE3eJviOXcc/ub456Y2EfYOcC7GEM2AZbo=;
	b=EkmreWD9P0E1JjatX7LL1K/sW16OlLxl0e9/2Hfw36hMU3T2Y6OxlSRCCauXXwgU1jHxAuMfMukdp5nHXZkBqvqclsHVQZ0s9Gh9gXvspSY/vs/HriIkcpTonnQbE3AbgnmRJMhE8Qytb5QSuE0trr36TDDCBiTAYJJq+sISLRA=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com
	with SMTPS id 1689938045442801.9781968677038;
 Fri, 21 Jul 2023 04:14:05 -0700 (PDT)
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-646-9SD1aOghPSqh1QFaJkyg7A-1; Fri, 21 Jul 2023 07:14:02 -0400
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com
 [10.11.54.8])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 4191D185A792;
	Fri, 21 Jul 2023 11:14:00 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (unknown [10.30.29.100])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 4DDD3C5796D;
	Fri, 21 Jul 2023 11:13:56 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (localhost [IPv6:::1])
	by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 06E631946A43;
	Fri, 21 Jul 2023 11:13:56 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com
 [10.11.54.1])
 by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id CCC121946586 for <libvir-list@listman.corp.redhat.com>;
 Fri, 21 Jul 2023 11:13:54 +0000 (UTC)
Received: by smtp.corp.redhat.com (Postfix)
 id A973040C2070; Fri, 21 Jul 2023 11:13:54 +0000 (UTC)
Received: from localhost.localdomain (unknown [10.43.2.36])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 5154E40C206F
 for <libvir-list@redhat.com>; Fri, 21 Jul 2023 11:13:54 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1689938044;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=tQDmK7dn8vE3eJviOXcc/ub456Y2EfYOcC7GEM2AZbo=;
	b=W6n4fkqEA8y58d+Hu3leuC8YKcjjB6vIzJ712hIzb15f5B0LjmHfWtqYhDhWN7EZrUudO4
	4s0tCAL22/Np6K1mfeopn4hP0rS2Vl1WQpbG7cF/pDExg5jkwiH1ao5HOwt+xUUYvnXKkp
	WsksSRk+ZbsLMNVMwaxUT2UzCq2Ygyc=
X-MC-Unique: 9SD1aOghPSqh1QFaJkyg7A-1
X-Original-To: libvir-list@listman.corp.redhat.com
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH] qemu_domain: Partially validate memory amounts when
 auto-adding NUMA node
Date: Fri, 21 Jul 2023 13:11:13 +0200
Message-ID: 
 <a47b4f29bfcb1699aa66ba94e34eefed2aebae1b.1689937873.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <http://listman.redhat.com/archives/libvir-list/>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=subscribe>
Errors-To: libvir-list-bounces@redhat.com
Sender: "libvir-list" <libvir-list-bounces@redhat.com>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1689938045870100001
Content-Type: text/plain; charset="utf-8"; x-default="true"

When automatically adding a NUMA node (qemuDomainDefNumaAutoAdd()) the
memory size of the node is computed as:

  total_memory - sum(memory devices)

And we have a nice helper for that: virDomainDefGetMemoryInitial() so
it looks logical to just call it. Except, this code runs in post parse
callback, i.e. memory sizes were not validated and it may happen that
the sum is greater than the total memory. This would be caught by
virDomainDefPostParseMemory() but that runs only after driver specific
callbacks (i.e. after qemuDomainDefNumaAutoAdd()) and because the
domain config was changed and memory was increased to this huge
number no error is caught.

So let's do what virDomainDefGetMemoryInitial() would do, but
with error checking.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=3D2216236
Fixes: f5d4f5c8ee44e9f1939070afcc5381bdd5545e50
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
---
 src/qemu/qemu_domain.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 6eea8a9fa5..fdda001795 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -4821,17 +4821,24 @@ qemuDomainDefNumaAutoAdd(virDomainDef *def,
         return 0;
     }
=20
-    initialMem =3D virDomainDefGetMemoryInitial(def);
+    initialMem =3D virDomainDefGetMemoryTotal(def);
=20
     if (!def->numa)
         def->numa =3D virDomainNumaNew();
=20
     virDomainNumaSetNodeCount(def->numa, 1);
-    virDomainNumaSetNodeMemorySize(def->numa, 0, initialMem);
=20
     for (i =3D 0; i < def->nmems; i++) {
         virDomainMemoryDef *mem =3D def->mems[i];
=20
+        if (mem->size > initialMem) {
+            virReportError(VIR_ERR_XML_ERROR, "%s",
+                           _("Total size of memory devices exceeds the tot=
al memory size"));
+            return -1;
+        }
+
+        initialMem -=3D mem->size;
+
         switch (mem->model) {
         case VIR_DOMAIN_MEMORY_MODEL_DIMM:
         case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
@@ -4848,6 +4855,8 @@ qemuDomainDefNumaAutoAdd(virDomainDef *def,
         }
     }
=20
+    virDomainNumaSetNodeMemorySize(def->numa, 0, initialMem);
+
     return 0;
 }
=20
--=20
2.41.0