[Pkg-libvirt-maintainers] Bug#966097: inadequate domain name validation

Trent W. Buck trentbuck at gmail.com
Thu Jul 23 01:32:04 BST 2020 

Package: libvirt-daemon
Version: 5.0.0-4+deb10u1
Severity: minor

When using virt-manager=1:2.0.0-3 to create a qemu/kvm domain named (including the quotes):

    "ℵ₀"

I get this error on the virt-daemon server:

    Jul 23 10:11:06 not-omega libvirtd[1606866]:
        internal error: Child process (LIBVIRT_LOG_OUTPUTS=3:stderr /usr/lib/libvirt/virt-aa-helper -r -u libvirt-639ca602-9cb2-4d93-89c9-918d56a7149c) unexpected exit status 1: virt-aa-helper: error: bad name
        virt-aa-helper: error: could not get VM definition
    Jul 23 10:11:06 not-omega libvirtd[1606866]:
        internal error: cannot load AppArmor profile 'libvirt-639ca602-9cb2-4d93-89c9-918d56a7149c'

When doing the same thing WITHOUT the quotes,
I get a simpler error from virt-manager *AFTER* virtd tries to create the domain:

    Jul 23 10:12:19 not-omega libvirtd[1606866]: Invalid machine name

When including a space in the domain name (i.e. "ℵ₀ " without the quotes),
virt-manager gives an error *BEFORE* virtd tries to create the domain:

    Invalid guest name
    Guest name 'ℵ₀ ' can not contain ' ' character.

I think this inconsistency arises because the domain XML specification
1) says a "should" instead of an RFC 2119 "MUST", and 2) isn't clear
whether "alpha-numeric characters" means Unicode "L" (letter) and "N"
(number) categories, or merely ASCII A-Za-z0-9.

    This name should consist only of alpha-numeric characters and is
    required to be unique within the scope of a single host.

    https://libvirt.org/formatdomain.html#elementsMetadata

Can you please convince upstream(s) to have an explicit and consistent
definition of what is and isn't a valid domain name?
(As well as a specific set of codepoints, you might want to impose an upper length.)

I suspect they'll come back and say something like "hey libvirt is just middleware.  We accept any old byte stream; it's the backends that have the problem".
If so, can you at least get them to document (in formatdomain.html) what each backend (qemu, xen, &c) accepts?



-- System Information:
Debian Release: 10.4
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.6.0-0.bpo.2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

More information about the Pkg-libvirt-maintainers mailing list