From nobody Sat May 11 19:12:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1646420266; cv=none; d=zohomail.com; s=zohoarc; b=TQqWSaXY4wPUyFqMjc1fuFov7LfP7hWyfh4bN/1GdncZcX525m+1dK6nGIcQC4Zys6aajBKQndRNY8pkxz/ezvmH+z8YHFUPG/swApHQ/9YTO1U9Nr2ookPEnJpTYwTqmOSbuqCzZou1gw/WiR05LQw7kf9DlE9FJYhJjp2tWDM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1646420266; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=lP8xSnXkqVDGP0+qLvTBsVs1fEaXU/b/yhmGwxWQ2xM=; b=fhF2yLgB1pEDicsC9fhaMPjLOStWwmtesDKgkl268FpY0P5MRUxKIFISDe2KULQJlQhBDKRrvGyFT+lrOmqfnV3oTSJ3/fuu27VD+ho9kDVuo3gzgMKM4fB7NYlV0C/LhHkSDHfdczLCsSoCSCJTX8U9Nr3GPKPiLzb9BHmUUSY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1646420266943807.5614017089249; Fri, 4 Mar 2022 10:57:46 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-347-mLnVpgKSMMiL7HoMaESg2Q-1; Fri, 04 Mar 2022 13:57:43 -0500 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 37C4D180A08D; Fri, 4 Mar 2022 18:57:38 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A468C83586; Fri, 4 Mar 2022 18:57:37 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 255FF4A701; Fri, 4 Mar 2022 18:57:37 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 224IvZBs031662 for ; Fri, 4 Mar 2022 13:57:35 -0500 Received: by smtp.corp.redhat.com (Postfix) id 3B49287B96; Fri, 4 Mar 2022 18:57:35 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.39.194.222]) by smtp.corp.redhat.com (Postfix) with ESMTP id E433187B87; Fri, 4 Mar 2022 18:56:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1646420266; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=lP8xSnXkqVDGP0+qLvTBsVs1fEaXU/b/yhmGwxWQ2xM=; b=Uhv5CzWHpIFyndyQ0oQiYCAzBm1GL4DtmS+NN2usk5yxat8Yv493lTyI+hJiVn64ejyall i13X/9qlXQ3fJLNtXwJzZDLqEuGwjvGuB0Ksbxy8C2PLkT/7Krs/jN7qh05gawnLZFM6b/ BDLHNND9IA/op6pBiD5WZzaiLf1XPhY= X-MC-Unique: mLnVpgKSMMiL7HoMaESg2Q-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH v2 1/8] softmmu: remove deprecated --enable-fips option Date: Fri, 4 Mar 2022 18:56:13 +0000 Message-Id: <20220304185620.3272401-2-berrange@redhat.com> In-Reply-To: <20220304185620.3272401-1-berrange@redhat.com> References: <20220304185620.3272401-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Cc: Kevin Wolf , libvir-list@redhat.com, Stefan Weil , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Hanna Reitz , Gerd Hoffmann , Paolo Bonzini , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Eric Blake X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1646420293179100001 Users requiring FIPS support must build QEMU with either the libgcrypt or gnutls libraries as the crytography backend. Reviewed-by: Philippe Mathieu-Daud=C3=A9 Signed-off-by: Daniel P. Berrang=C3=A9 --- docs/about/deprecated.rst | 12 ------------ docs/about/removed-features.rst | 11 +++++++++++ include/qemu/osdep.h | 3 --- os-posix.c | 8 -------- qemu-options.hx | 10 ---------- ui/vnc.c | 7 ------- util/osdep.c | 28 ---------------------------- 7 files changed, 11 insertions(+), 68 deletions(-) diff --git a/docs/about/deprecated.rst b/docs/about/deprecated.rst index 26d00812ba..a458dd453c 100644 --- a/docs/about/deprecated.rst +++ b/docs/about/deprecated.rst @@ -67,18 +67,6 @@ and will cause a warning. The replacement for the ``nodelay`` short-form boolean option is ``nodelay= =3Don`` rather than ``delay=3Doff``. =20 -``--enable-fips`` (since 6.0) -''''''''''''''''''''''''''''' - -This option restricts usage of certain cryptographic algorithms when -the host is operating in FIPS mode. - -If FIPS compliance is required, QEMU should be built with the ``libgcrypt`` -library enabled as a cryptography provider. - -Neither the ``nettle`` library, or the built-in cryptography provider are -supported on FIPS enabled hosts. - ``-writeconfig`` (since 6.0) ''''''''''''''''''''''''''''' =20 diff --git a/docs/about/removed-features.rst b/docs/about/removed-features.= rst index cb0575fd49..6ca66f658d 100644 --- a/docs/about/removed-features.rst +++ b/docs/about/removed-features.rst @@ -336,6 +336,17 @@ for the RISC-V ``virt`` machine and ``sifive_u`` machi= ne. The ``-no-quit`` was a synonym for ``-display ...,window-close=3Doff`` whi= ch should be used instead. =20 +``--enable-fips`` (removed in 7.0) +'''''''''''''''''''''''''''''''''' + +This option restricted usage of certain cryptographic algorithms when +the host is operating in FIPS mode. + +If FIPS compliance is required, QEMU should be built with the ``libgcrypt`` +or ``gnutls`` library enabled as a cryptography provider. + +Neither the ``nettle`` library, or the built-in cryptography provider are +supported on FIPS enabled hosts. =20 QEMU Machine Protocol (QMP) commands ------------------------------------ diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h index 7bcce3bceb..66e70e24ff 100644 --- a/include/qemu/osdep.h +++ b/include/qemu/osdep.h @@ -534,9 +534,6 @@ static inline void qemu_timersub(const struct timeval *= val1, =20 void qemu_set_cloexec(int fd); =20 -void fips_set_state(bool requested); -bool fips_get_state(void); - /* Return a dynamically allocated pathname denoting a file or directory th= at is * appropriate for storing local state. * diff --git a/os-posix.c b/os-posix.c index ae6c9f2a5e..7cd662098e 100644 --- a/os-posix.c +++ b/os-posix.c @@ -151,14 +151,6 @@ int os_parse_cmd_args(int index, const char *optarg) case QEMU_OPTION_daemonize: daemonize =3D 1; break; -#if defined(CONFIG_LINUX) - case QEMU_OPTION_enablefips: - warn_report("-enable-fips is deprecated, please build QEMU with " - "the `libgcrypt` library as the cryptography provider " - "to enable FIPS compliance"); - fips_set_state(true); - break; -#endif default: return -1; } diff --git a/qemu-options.hx b/qemu-options.hx index 094a6c1d7c..cb0c58904b 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -4655,16 +4655,6 @@ HXCOMM Internal use DEF("qtest", HAS_ARG, QEMU_OPTION_qtest, "", QEMU_ARCH_ALL) DEF("qtest-log", HAS_ARG, QEMU_OPTION_qtest_log, "", QEMU_ARCH_ALL) =20 -#ifdef __linux__ -DEF("enable-fips", 0, QEMU_OPTION_enablefips, - "-enable-fips enable FIPS 140-2 compliance\n", - QEMU_ARCH_ALL) -#endif -SRST -``-enable-fips`` - Enable FIPS 140-2 compliance mode. -ERST - DEF("msg", HAS_ARG, QEMU_OPTION_msg, "-msg [timestamp[=3Don|off]][,guest-name=3D[on|off]]\n" " control error message format\n" diff --git a/ui/vnc.c b/ui/vnc.c index 3ccd33dedc..82b28aec95 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -4051,13 +4051,6 @@ void vnc_display_open(const char *id, Error **errp) password =3D qemu_opt_get_bool(opts, "password", false); } if (password) { - if (fips_get_state()) { - error_setg(errp, - "VNC password auth disabled due to FIPS mode, " - "consider using the VeNCrypt or SASL authentication= " - "methods as an alternative"); - goto fail; - } if (!qcrypto_cipher_supports( QCRYPTO_CIPHER_ALG_DES, QCRYPTO_CIPHER_MODE_ECB)) { error_setg(errp, diff --git a/util/osdep.c b/util/osdep.c index 723cdcb004..456df9e81a 100644 --- a/util/osdep.c +++ b/util/osdep.c @@ -43,8 +43,6 @@ extern int madvise(char *, size_t, int); #include "qemu/hw-version.h" #include "monitor/monitor.h" =20 -static bool fips_enabled =3D false; - static const char *hw_version =3D QEMU_HW_VERSION; =20 int socket_set_cork(int fd, int v) @@ -526,32 +524,6 @@ const char *qemu_hw_version(void) return hw_version; } =20 -void fips_set_state(bool requested) -{ -#ifdef __linux__ - if (requested) { - FILE *fds =3D fopen("/proc/sys/crypto/fips_enabled", "r"); - if (fds !=3D NULL) { - fips_enabled =3D (fgetc(fds) =3D=3D '1'); - fclose(fds); - } - } -#else - fips_enabled =3D false; -#endif /* __linux__ */ - -#ifdef _FIPS_DEBUG - fprintf(stderr, "FIPS mode %s (requested %s)\n", - (fips_enabled ? "enabled" : "disabled"), - (requested ? "enabled" : "disabled")); -#endif -} - -bool fips_get_state(void) -{ - return fips_enabled; -} - #ifdef _WIN32 static void socket_cleanup(void) { --=20 2.34.1 From nobody Sat May 11 19:12:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1646420350; cv=none; d=zohomail.com; s=zohoarc; b=kSCyD5L5iNcRWdWqElRtTn9hyvi2czXOY+ySp1xHs9XnSDNBvP3lsqaZcvkvTYHPcz75M4xOPbC0PTUltgL5SLEau3ydBfNRSI9v6XDCzbUCRIcVSsZPlJ7W8AgdXO2Hksyps0G8f093wcY6xJC10/eRzcJLa/yzOg584G5aPwc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1646420350; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=gPvFWCKXMBPsfZIqyM+P/NLAeYAgxvVXGpPRUB48jL4=; b=PFb95JIXJreeZduK1iLpMKhDqRqFhHAlEFTOUf5Ps9yCkVRypuw3xU6c8NcgUonlZSWFbCWuYR82avC1iElFyndjTtDOSnYhhnZcNUgg18ebK2+1iW6gVFMw/AQs3bFvb0ZZO0C4eYgvuYosOn8+9wKvwgNIZdeSyS0VeCLXguI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1646420350335645.9583709280118; Fri, 4 Mar 2022 10:59:10 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-115-heo02UGzMn6c_o1FeOm84w-1; Fri, 04 Mar 2022 13:59:05 -0500 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 8BB5D180FD71; Fri, 4 Mar 2022 18:58:59 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 35F479231D; Fri, 4 Mar 2022 18:58:59 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 06EBD1809C98; Fri, 4 Mar 2022 18:58:59 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 224IwEip031741 for ; Fri, 4 Mar 2022 13:58:14 -0500 Received: by smtp.corp.redhat.com (Postfix) id 3592587B8F; Fri, 4 Mar 2022 18:58:14 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.39.194.222]) by smtp.corp.redhat.com (Postfix) with ESMTP id A909687B87; Fri, 4 Mar 2022 18:57:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1646420349; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=gPvFWCKXMBPsfZIqyM+P/NLAeYAgxvVXGpPRUB48jL4=; b=QaHr/UkK/EJxZoX5qMMWfn9TNjzD4erH8wyYnba7rcFiDKrDfl9gNScoLvBEfV4uDCO3K3 0p+eunYZD+H9yQxnOpSeRnwtQlP6O9lhBS0LZ/ajwpsDWINWV0WtaBUZn7Xt5ksC5z7LVU A6GkMYEqHSV6CxQsPlXwrBuu/lAU9TY= X-MC-Unique: heo02UGzMn6c_o1FeOm84w-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH v2 2/8] os-posix: refactor code handling the -runas argument Date: Fri, 4 Mar 2022 18:56:14 +0000 Message-Id: <20220304185620.3272401-3-berrange@redhat.com> In-Reply-To: <20220304185620.3272401-1-berrange@redhat.com> References: <20220304185620.3272401-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Cc: Kevin Wolf , libvir-list@redhat.com, Stefan Weil , Hanna Reitz , Gerd Hoffmann , Paolo Bonzini , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Eric Blake X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1646420352170100001 Change the change_process_uid() function so that it takes its input as parameters instead of relying on static global variables. Reviewed-by: Eric Blake Signed-off-by: Daniel P. Berrang=C3=A9 --- os-posix.c | 83 +++++++++++++++++++++++++----------------------------- 1 file changed, 39 insertions(+), 44 deletions(-) diff --git a/os-posix.c b/os-posix.c index 7cd662098e..5a127feee2 100644 --- a/os-posix.c +++ b/os-posix.c @@ -42,13 +42,9 @@ #include #endif =20 -/* - * Must set all three of these at once. - * Legal combinations are unset by name by uid - */ -static struct passwd *user_pwd; /* NULL non-NULL NULL */ -static uid_t user_uid =3D (uid_t)-1; /* -1 -1 >=3D0 */ -static gid_t user_gid =3D (gid_t)-1; /* -1 -1 >=3D0 */ +static char *user_name; +static uid_t user_uid =3D (uid_t)-1; +static gid_t user_gid =3D (gid_t)-1; =20 static const char *chroot_dir; static int daemonize; @@ -100,7 +96,8 @@ void os_set_proc_name(const char *s) } =20 =20 -static bool os_parse_runas_uid_gid(const char *optarg) +static bool os_parse_runas_uid_gid(const char *optarg, + uid_t *runas_uid, gid_t *runas_gid) { unsigned long lv; const char *ep; @@ -120,9 +117,8 @@ static bool os_parse_runas_uid_gid(const char *optarg) return false; } =20 - user_pwd =3D NULL; - user_uid =3D got_uid; - user_gid =3D got_gid; + *runas_uid =3D got_uid; + *runas_gid =3D got_gid; return true; } =20 @@ -132,13 +128,18 @@ static bool os_parse_runas_uid_gid(const char *optarg) */ int os_parse_cmd_args(int index, const char *optarg) { + struct passwd *user_pwd; + switch (index) { case QEMU_OPTION_runas: user_pwd =3D getpwnam(optarg); if (user_pwd) { - user_uid =3D -1; - user_gid =3D -1; - } else if (!os_parse_runas_uid_gid(optarg)) { + user_uid =3D user_pwd->pw_uid; + user_gid =3D user_pwd->pw_gid; + user_name =3D g_strdup(user_pwd->pw_name); + } else if (!os_parse_runas_uid_gid(optarg, + &user_uid, + &user_gid)) { error_report("User \"%s\" doesn't exist" " (and is not :)", optarg); @@ -158,41 +159,33 @@ int os_parse_cmd_args(int index, const char *optarg) return 0; } =20 -static void change_process_uid(void) +static void change_process_uid(uid_t uid, gid_t gid, const char *name) { - assert((user_uid =3D=3D (uid_t)-1) || user_pwd =3D=3D NULL); - assert((user_uid =3D=3D (uid_t)-1) =3D=3D - (user_gid =3D=3D (gid_t)-1)); - - if (user_pwd || user_uid !=3D (uid_t)-1) { - gid_t intended_gid =3D user_pwd ? user_pwd->pw_gid : user_gid; - uid_t intended_uid =3D user_pwd ? user_pwd->pw_uid : user_uid; - if (setgid(intended_gid) < 0) { - error_report("Failed to setgid(%d)", intended_gid); - exit(1); - } - if (user_pwd) { - if (initgroups(user_pwd->pw_name, user_pwd->pw_gid) < 0) { - error_report("Failed to initgroups(\"%s\", %d)", - user_pwd->pw_name, user_pwd->pw_gid); - exit(1); - } - } else { - if (setgroups(1, &user_gid) < 0) { - error_report("Failed to setgroups(1, [%d])", - user_gid); - exit(1); - } - } - if (setuid(intended_uid) < 0) { - error_report("Failed to setuid(%d)", intended_uid); + if (setgid(gid) < 0) { + error_report("Failed to setgid(%d)", gid); + exit(1); + } + if (name) { + if (initgroups(name, gid) < 0) { + error_report("Failed to initgroups(\"%s\", %d)", + name, gid); exit(1); } - if (setuid(0) !=3D -1) { - error_report("Dropping privileges failed"); + } else { + if (setgroups(1, &gid) < 0) { + error_report("Failed to setgroups(1, [%d])", + gid); exit(1); } } + if (setuid(uid) < 0) { + error_report("Failed to setuid(%d)", uid); + exit(1); + } + if (setuid(0) !=3D -1) { + error_report("Dropping privileges failed"); + exit(1); + } } =20 static void change_root(void) @@ -275,7 +268,9 @@ void os_setup_post(void) } =20 change_root(); - change_process_uid(); + if (user_uid !=3D -1 && user_gid !=3D -1) { + change_process_uid(user_uid, user_gid, user_name); + } =20 if (daemonize) { uint8_t status =3D 0; --=20 2.34.1 From nobody Sat May 11 19:12:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1646420529; cv=none; d=zohomail.com; s=zohoarc; b=IBqNnULU6khzOgyrdSXtNbDIRFN0EaLC1Y5Q16wMo2ZNnLO04vH1nSMmzTW8s2amLpIjB0gQkFJ6kkDOf/RAzI1yBNotiSE7BqOmsVrZj9sYpsafCVk/UyTHRaGK0KQVA9JSEmoyrVYer9vdo4419/+SJjRNo/Li4d1xdFk9r24= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1646420529; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=t86bccOVtEpw6MmKbqJmKinH/oQE3vItiuLzBh8t+Uw=; b=dpZn98wfyFw394Ev8nvmKk1DnT6X5NSW+ruokVo/gD+FBjavg+y/HgwhKXhSMt9YrkAgZK/RGmTfSdP9vAKt0zG38MGAUrPkWAxc0pxABaULvFaGQmEDnLqEMwkRaeb8+Y9I3HTZxWOfFjW20mQzbomyY+1xmzzB9RbaC+uPY9I= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1646420529099157.45194387969093; Fri, 4 Mar 2022 11:02:09 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-67-yI-FSZy5PcmZO16mmF4QyA-1; Fri, 04 Mar 2022 14:02:06 -0500 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 2D9A41006AA8; Fri, 4 Mar 2022 19:02:01 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D9AFD60BF3; Fri, 4 Mar 2022 19:02:00 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 8CA494ED66; Fri, 4 Mar 2022 19:02:00 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 224Iwn8N031757 for ; Fri, 4 Mar 2022 13:58:49 -0500 Received: by smtp.corp.redhat.com (Postfix) id 31E6187B92; Fri, 4 Mar 2022 18:58:49 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.39.194.222]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8E85287B87; Fri, 4 Mar 2022 18:58:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1646420528; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=t86bccOVtEpw6MmKbqJmKinH/oQE3vItiuLzBh8t+Uw=; b=CdPMVVzDTe4f+Jj5tIFu+TE7hJL3/kd0M/T9UcZmoExHikuDW/IZQFQJJQvxF0GyWfG9YN WFDD8tJ/JyNyKmd91Go8q5jrlPnmEFnsr2Igh9IGX4HS3aT9AWCI+pfwF4yGJ7t+IP2dBj kTlet6XhWWsrA9aP1X4PTw3C1Ki0R9c= X-MC-Unique: yI-FSZy5PcmZO16mmF4QyA-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH v2 3/8] os-posix: refactor code handling the -chroot argument Date: Fri, 4 Mar 2022 18:56:15 +0000 Message-Id: <20220304185620.3272401-4-berrange@redhat.com> In-Reply-To: <20220304185620.3272401-1-berrange@redhat.com> References: <20220304185620.3272401-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Cc: Kevin Wolf , libvir-list@redhat.com, Stefan Weil , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Hanna Reitz , Gerd Hoffmann , Paolo Bonzini , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Eric Blake X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1646420529782100001 Change the change_root() function so that it takes its input as parameters instead of relying on static global variables. Reviewed-by: Philippe Mathieu-Daud=C3=A9 Signed-off-by: Daniel P. Berrang=C3=A9 --- os-posix.c | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/os-posix.c b/os-posix.c index 5a127feee2..30da1a1491 100644 --- a/os-posix.c +++ b/os-posix.c @@ -188,19 +188,16 @@ static void change_process_uid(uid_t uid, gid_t gid, = const char *name) } } =20 -static void change_root(void) +static void change_root(const char *root) { - if (chroot_dir) { - if (chroot(chroot_dir) < 0) { - error_report("chroot failed"); - exit(1); - } - if (chdir("/")) { - error_report("not able to chdir to /: %s", strerror(errno)); - exit(1); - } + if (chroot(root) < 0) { + error_report("chroot failed"); + exit(1); + } + if (chdir("/")) { + error_report("not able to chdir to /: %s", strerror(errno)); + exit(1); } - } =20 void os_daemonize(void) @@ -267,7 +264,9 @@ void os_setup_post(void) } } =20 - change_root(); + if (chroot_dir) { + change_root(chroot_dir); + } if (user_uid !=3D -1 && user_gid !=3D -1) { change_process_uid(user_uid, user_gid, user_name); } --=20 2.34.1 From nobody Sat May 11 19:12:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1646420378; cv=none; d=zohomail.com; s=zohoarc; b=Hr02e4zjdhqrLnEye73oQVM3GU0MhoXPtIl1JCg/Nko02htvTG3J4XtHezH5OYyoSoAHfvXQB3IYZfk/Qkz364tp/pJmbL0/Mc+kG6balkVgP9BVBMtB6/5g3Ko+zMlI7fWWqn/TZm1iM0KSdTu3gNhmhw2Rz105ZB7T+BF3aYo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1646420378; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Dr7TgERg2M+5Wx15veC+gXsvWxwtL5g/gm+1KkXlVBQ=; b=hX7r07l25YmZQNejiSe6DBIWVPChT3UnxfSorityVETXdK+HQoR6YlobS0Fw0LX+xKdcOqvw6b4EMfwNpsQaNVrbOHbaxPq7GlE7WQBvchv53f8h5DkeBtAUTU9SU8KpSK2Jw62W0cxwPdZGG45R9ohw42XDDngInTEZfFPnB1A= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1646420378770574.1514594582275; Fri, 4 Mar 2022 10:59:38 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-563-XIUKEQVDNMqGBI6xtB6S9w-1; Fri, 04 Mar 2022 13:59:34 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A9B061006AA7; Fri, 4 Mar 2022 18:59:29 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8B676106F975; Fri, 4 Mar 2022 18:59:29 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 3247A1809CB4; Fri, 4 Mar 2022 18:59:29 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 224IxSI4031831 for ; Fri, 4 Mar 2022 13:59:28 -0500 Received: by smtp.corp.redhat.com (Postfix) id 4F10087B90; Fri, 4 Mar 2022 18:59:28 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.39.194.222]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8AB5787B87; Fri, 4 Mar 2022 18:58:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1646420378; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Dr7TgERg2M+5Wx15veC+gXsvWxwtL5g/gm+1KkXlVBQ=; b=aXezxgZpvi58VQeRjC9XkSTBIjFFsJKSAfGLh57XZrOxpe7UhKQeGYeKPdMUlSaNL+jBAT oze4OwRJFWOBKRVE5Fpk5coekrSG2hVSfcS6AiBSfFe5Rqmns5xx8aLkW2V6zM3l1oC++m yeRhPe33jhkC3kYGcCa//T+8BIKOlaY= X-MC-Unique: XIUKEQVDNMqGBI6xtB6S9w-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH v2 4/8] util: remove use of is_daemonized flag from logging code Date: Fri, 4 Mar 2022 18:56:16 +0000 Message-Id: <20220304185620.3272401-5-berrange@redhat.com> In-Reply-To: <20220304185620.3272401-1-berrange@redhat.com> References: <20220304185620.3272401-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Cc: Kevin Wolf , libvir-list@redhat.com, Stefan Weil , Hanna Reitz , Gerd Hoffmann , Paolo Bonzini , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Eric Blake X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1646420380492100001 We want to decouple knowledge of daemonization from other code. What the logging code really wants to know is whether it can use stdio or not. Add an API to let the logging code be informed of this fact explicitly. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Eric Blake --- include/qemu/log.h | 1 + softmmu/vl.c | 3 +++ util/log.c | 12 +++++++++--- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/include/qemu/log.h b/include/qemu/log.h index 9b80660207..a35e11a788 100644 --- a/include/qemu/log.h +++ b/include/qemu/log.h @@ -147,6 +147,7 @@ typedef struct QEMULogItem { =20 extern const QEMULogItem qemu_log_items[]; =20 +void qemu_log_stdio_disable(void); void qemu_set_log(int log_flags); void qemu_log_needs_buffers(void); void qemu_set_log_filename(const char *filename, Error **errp); diff --git a/softmmu/vl.c b/softmmu/vl.c index 1fe028800f..f6f33e15e4 100644 --- a/softmmu/vl.c +++ b/softmmu/vl.c @@ -3664,6 +3664,9 @@ void qemu_init(int argc, char **argv, char **envp) error_report("Option not supported in this build"); exit(1); } + if (is_daemonized()) { + qemu_log_stdio_disable(); + } } } } diff --git a/util/log.c b/util/log.c index 2ee1500bee..a123622ee3 100644 --- a/util/log.c +++ b/util/log.c @@ -33,6 +33,12 @@ QemuLogFile *qemu_logfile; int qemu_loglevel; static int log_append =3D 0; static GArray *debug_regions; +static bool stdio_disabled; + +void qemu_log_stdio_disable(void) +{ + stdio_disabled =3D true; +} =20 /* Return the number of characters emitted. */ int qemu_log(const char *fmt, ...) @@ -92,7 +98,7 @@ void qemu_set_log(int log_flags) * If we are daemonized, * we will only log if there is a logfilename. */ - if (qemu_loglevel && (!is_daemonized() || logfilename)) { + if (qemu_loglevel && (!stdio_disabled || logfilename)) { need_to_open_file =3D true; } QEMU_LOCK_GUARD(&qemu_logfile_mutex); @@ -110,7 +116,7 @@ void qemu_set_log(int log_flags) _exit(1); } /* In case we are a daemon redirect stderr to logfile */ - if (is_daemonized()) { + if (stdio_disabled) { dup2(fileno(logfile->fd), STDERR_FILENO); fclose(logfile->fd); /* This will skip closing logfile in qemu_log_close() */ @@ -118,7 +124,7 @@ void qemu_set_log(int log_flags) } } else { /* Default to stderr if no log file specified */ - assert(!is_daemonized()); + assert(!stdio_disabled); logfile->fd =3D stderr; } /* must avoid mmap() usage of glibc by setting a buffer "by hand" = */ --=20 2.34.1 From nobody Sat May 11 19:12:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1646420449; cv=none; d=zohomail.com; s=zohoarc; b=HGq+AwEjP/Vu/P9smWYlyiuq7iVMh0xqClkeRV5kXSL7NZpH6ksWXOd2X4aqKX0LyxiTc7t+2ULT/96QSBY4yQsdefVkWZITBqEKBrysb2nu2TlzS1DtjCpWWepDFPp+ZzSkPKmx3Lm8zxpsRsw+GbXoe7nSpkP2MVtj5UkBb70= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1646420449; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=J+4zVysEcH5X9wYmMvh9Z1fHPc+GKyI+QDU8VO1cPfw=; b=PJDjW88bjd2SttXRk8+rbdPbR+cDdNmTqtXB8L9REiiKgnNU7AVnsI7bt/VpinXZrOLKuOYs54p+pAMJGbZIMtxrCcMsKHqgQWDAgLRnq4Jor/r0blBtzs1kEoVWnMYRZcziM+68Zp629uZAZDCnOa5oOul7KVxInljcPlv7fLg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 164642044958666.65720895442973; Fri, 4 Mar 2022 11:00:49 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-443-D5zzt7WEMWC_eDAfe-CTJQ-1; Fri, 04 Mar 2022 14:00:47 -0500 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B1C171091DA0; Fri, 4 Mar 2022 19:00:41 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8BEEE5C22B; Fri, 4 Mar 2022 19:00:41 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 5EEE54BB40; Fri, 4 Mar 2022 19:00:41 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 224J0eqL032007 for ; Fri, 4 Mar 2022 14:00:40 -0500 Received: by smtp.corp.redhat.com (Postfix) id 3B5ED60C04; Fri, 4 Mar 2022 19:00:40 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.39.194.222]) by smtp.corp.redhat.com (Postfix) with ESMTP id A735987B90; Fri, 4 Mar 2022 18:59:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1646420449; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=J+4zVysEcH5X9wYmMvh9Z1fHPc+GKyI+QDU8VO1cPfw=; b=M6y4eGdfDrqGLBidGWaKCvjAjefZ/dvGTwJoiXINcKr860EL+96GuWfZfhhfzCbdKpALLw C0HYLSr1ldRiCIvVbMx2BmGSboS2y8eFjKlT5QroUVs27o4oDgdBVj1cC9UjnkF1vn3eBN Ij0DPbKuC0xcaHDCzRsA/63EP+iTQVI= X-MC-Unique: D5zzt7WEMWC_eDAfe-CTJQ-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH v2 5/8] softmmu: refactor use of is_daemonized() method Date: Fri, 4 Mar 2022 18:56:17 +0000 Message-Id: <20220304185620.3272401-6-berrange@redhat.com> In-Reply-To: <20220304185620.3272401-1-berrange@redhat.com> References: <20220304185620.3272401-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Cc: Kevin Wolf , libvir-list@redhat.com, Stefan Weil , Hanna Reitz , Gerd Hoffmann , Paolo Bonzini , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Eric Blake X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1646420451368100001 Use of the is_daemonized() method is isolated to allow it to be more easily eliminated in a future change. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Eric Blake --- softmmu/vl.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/softmmu/vl.c b/softmmu/vl.c index f6f33e15e4..30342b9df2 100644 --- a/softmmu/vl.c +++ b/softmmu/vl.c @@ -1371,11 +1371,11 @@ static void qemu_disable_default_devices(void) } } =20 -static void qemu_create_default_devices(void) +static void qemu_create_default_devices(bool daemonize) { MachineClass *machine_class =3D MACHINE_GET_CLASS(current_machine); =20 - if (is_daemonized()) { + if (daemonize) { /* According to documentation and historically, -nographic redirec= ts * serial port, parallel port and monitor to stdio, which does not= work * with -daemonize. We can redirect these to null instead, but si= nce @@ -2455,7 +2455,8 @@ static void create_default_memdev(MachineState *ms, c= onst char *path) &error_fatal); } =20 -static void qemu_validate_options(const QDict *machine_opts) +static void qemu_validate_options(const QDict *machine_opts, + bool daemonize) { const char *kernel_filename =3D qdict_get_try_str(machine_opts, "kerne= l"); const char *initrd_filename =3D qdict_get_try_str(machine_opts, "initr= d"); @@ -2484,7 +2485,7 @@ static void qemu_validate_options(const QDict *machin= e_opts) } =20 #ifdef CONFIG_CURSES - if (is_daemonized() && dpy.type =3D=3D DISPLAY_TYPE_CURSES) { + if (daemonize && dpy.type =3D=3D DISPLAY_TYPE_CURSES) { error_report("curses display cannot be used with -daemonize"); exit(1); } @@ -3676,7 +3677,7 @@ void qemu_init(int argc, char **argv, char **envp) */ loc_set_none(); =20 - qemu_validate_options(machine_opts_dict); + qemu_validate_options(machine_opts_dict, is_daemonized()); qemu_process_sugar_options(); =20 /* @@ -3714,7 +3715,7 @@ void qemu_init(int argc, char **argv, char **envp) suspend_mux_open(); =20 qemu_disable_default_devices(); - qemu_create_default_devices(); + qemu_create_default_devices(is_daemonized()); qemu_create_early_backends(); =20 qemu_apply_legacy_machine_options(machine_opts_dict); --=20 2.34.1 From nobody Sat May 11 19:12:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1646420490; cv=none; d=zohomail.com; s=zohoarc; b=UQpfjXm9mRi4P4PzHW0vG5uCY3pLp/qFw+xvyLYGkI5JFglNIBBdTIdTODUbQcu/xzAfBBrGeBqpPZfZMDl0OHR0QLRE5zEqdVnFCBv8DsoiL+7ZmR/6rP0Ddvi1U6aKJJPjt5Y9zZzRBKVPH9nwAbMU8ig8TtFVV9Ri4qzygQI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1646420490; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=YPLLuTRTyOTntH+3PhTuadV8ba4sTU1iWiZPc25GVYk=; b=lzHMY5ad45oevUGqn3UUDN+2aGsYOjwXIGJpnpzym+HbWd0aevbMHZmP89u7+Xx64P3L0CPtzoDVY8sL2sig/T+tE00JxN4QxBQJWFDdUU2Bv9SgvaxqaNlG3zhTgKxlOOVrL8s/OhsTnHeCTLQHA0Pf1LJNn02iHt6TykSYzDY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1646420490959999.6890439398883; Fri, 4 Mar 2022 11:01:30 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-274-tZFoCelUPByFGUPNHLAClA-1; Fri, 04 Mar 2022 14:01:27 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id AF15F8031E1; Fri, 4 Mar 2022 19:01:22 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8C09960853; Fri, 4 Mar 2022 19:01:22 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 5E8231809CB5; Fri, 4 Mar 2022 19:01:22 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 224J1LwR032116 for ; Fri, 4 Mar 2022 14:01:21 -0500 Received: by smtp.corp.redhat.com (Postfix) id 4F33160BF3; Fri, 4 Mar 2022 19:01:21 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.39.194.222]) by smtp.corp.redhat.com (Postfix) with ESMTP id 966B860BF1; Fri, 4 Mar 2022 19:00:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1646420489; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=YPLLuTRTyOTntH+3PhTuadV8ba4sTU1iWiZPc25GVYk=; b=UWFjf3V9YlH/2tdeoP5TUY49Kp6z+Wb4SiMsjIhnJue9OfevLLNQuvPtyaqlGEM/cVEVr4 kgBzN21/x767ceEkIWK16PnfA739EqaPqDKYDtdgHOnzkyXLFOT69worlZdeoai6htHTr6 I7P2DKW8SOotPezlRDNN4nBEtySN4as= X-MC-Unique: tZFoCelUPByFGUPNHLAClA-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH v2 6/8] chardev: add API to block use of the stdio implementation Date: Fri, 4 Mar 2022 18:56:18 +0000 Message-Id: <20220304185620.3272401-7-berrange@redhat.com> In-Reply-To: <20220304185620.3272401-1-berrange@redhat.com> References: <20220304185620.3272401-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Cc: Kevin Wolf , libvir-list@redhat.com, Stefan Weil , Hanna Reitz , Gerd Hoffmann , Paolo Bonzini , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Eric Blake X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1646420491473100001 When daemonizing QEMU it is not possible to use the stdio chardev backend because the file descriptors are connected to /dev/null. Currently the chardev checks for this scenario directly, but to decouple it from the system emulator daemonizing code, we reverse the relationship. Now the system emulator calls a helper to explicitly disable use of the stdio backend. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Eric Blake --- chardev/char-stdio.c | 12 ++++++++++-- include/chardev/char-stdio.h | 29 +++++++++++++++++++++++++++++ softmmu/vl.c | 2 ++ 3 files changed, 41 insertions(+), 2 deletions(-) create mode 100644 include/chardev/char-stdio.h diff --git a/chardev/char-stdio.c b/chardev/char-stdio.c index 403da308c9..bab0f5ade1 100644 --- a/chardev/char-stdio.c +++ b/chardev/char-stdio.c @@ -28,6 +28,7 @@ #include "qemu/sockets.h" #include "qapi/error.h" #include "chardev/char.h" +#include "chardev/char-stdio.h" =20 #ifdef _WIN32 #include "chardev/char-win.h" @@ -37,6 +38,13 @@ #include "chardev/char-fd.h" #endif =20 +static bool stdio_disabled; + +void qemu_chr_stdio_disable(void) +{ + stdio_disabled =3D true; +} + #ifndef _WIN32 /* init terminal so that we can grab keys */ static struct termios oldtty; @@ -90,8 +98,8 @@ static void qemu_chr_open_stdio(Chardev *chr, ChardevStdio *opts =3D backend->u.stdio.data; struct sigaction act; =20 - if (is_daemonized()) { - error_setg(errp, "cannot use stdio with -daemonize"); + if (stdio_disabled) { + error_setg(errp, "cannot use stdio with this configuration"); return; } =20 diff --git a/include/chardev/char-stdio.h b/include/chardev/char-stdio.h new file mode 100644 index 0000000000..eae93a2900 --- /dev/null +++ b/include/chardev/char-stdio.h @@ -0,0 +1,29 @@ +/* + * QEMU System Emulator + * + * Copyright (c) 2003-2008 Fabrice Bellard + * + * Permission is hereby granted, free of charge, to any person obtaining a= copy + * of this software and associated documentation files (the "Software"), t= o deal + * in the Software without restriction, including without limitation the r= ights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or se= ll + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included= in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS= OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OT= HER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING= FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS = IN + * THE SOFTWARE. + */ +#ifndef CHAR_STDIO_H +#define CHAR_STDIO_H + +void qemu_chr_stdio_disable(void); + +#endif /* CHAR_STDIO_H */ diff --git a/softmmu/vl.c b/softmmu/vl.c index 30342b9df2..12b714795d 100644 --- a/softmmu/vl.c +++ b/softmmu/vl.c @@ -69,6 +69,7 @@ #include "exec/gdbstub.h" #include "qemu/timer.h" #include "chardev/char.h" +#include "chardev/char-stdio.h" #include "qemu/bitmap.h" #include "qemu/log.h" #include "sysemu/blockdev.h" @@ -3667,6 +3668,7 @@ void qemu_init(int argc, char **argv, char **envp) } if (is_daemonized()) { qemu_log_stdio_disable(); + qemu_chr_stdio_disable(); } } } --=20 2.34.1 From nobody Sat May 11 19:12:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1646420531; cv=none; d=zohomail.com; s=zohoarc; b=hSmU36rp2/PbdHgSxtxYe2qj9ahdYTpWvce8lVO5BeNomn9ToxJr7rZ0EgnxSCkz/9waOY9TMBbX3VHzEj7QkkwATVPAcLVUrWU4nuHTVKnR3Xe+55crHRTcB25moQdxpstGpdwugiHB65Smk832T2qVj6FEa3m5B9WxZkshqHU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1646420531; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=P8/CWiGiz0hdh+r6TmdIstp6r3DIyAuz85HXNoJ0imE=; b=WQ58fI4LXRhhaMYitXAr16vxgm/tr5lL7vzWAflJwwwIpLgaJZaD7vwh4iq8Fxfw6NwOQI3KBa1xbsw5Rb031FCPOuX5iZSIJYB5d/wmn/xZAxJ2t6DuFrqnJTKcxBbr92QEY9h0a+HvZxdGV92EGpDEbyooPtOE7azWpAWimng= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1646420531406304.8876991543069; Fri, 4 Mar 2022 11:02:11 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-649-gz_c2GABPUazKczJ0IST3g-1; Fri, 04 Mar 2022 14:02:06 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 50DC11091DA0; Fri, 4 Mar 2022 19:02:01 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2FC48604CC; Fri, 4 Mar 2022 19:02:01 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id EDC5B4EE45; Fri, 4 Mar 2022 19:02:00 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 224J1xXb032289 for ; Fri, 4 Mar 2022 14:01:59 -0500 Received: by smtp.corp.redhat.com (Postfix) id 9AF1A60C0F; Fri, 4 Mar 2022 19:01:59 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.39.194.222]) by smtp.corp.redhat.com (Postfix) with ESMTP id B92F960BF1; Fri, 4 Mar 2022 19:01:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1646420530; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=P8/CWiGiz0hdh+r6TmdIstp6r3DIyAuz85HXNoJ0imE=; b=ZrwunmvMroKQl0t6WyEBbCMTnU3GRW3/sd1n3L/AlvCUdY50f7RRM/RdxVonsw1YZEoyzf QrLAsyR7M3m69rSczUGO/K6Ohy2MAyS86HxTtLjK22GynA4DpTi+x0lw15Uz9CtgD7g9hn eFG+r/xYbfjKcOPytq2fO9jhjp18Cbg= X-MC-Unique: gz_c2GABPUazKczJ0IST3g-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH v2 7/8] softmmu: move parsing of -runas, -chroot and -daemonize code Date: Fri, 4 Mar 2022 18:56:19 +0000 Message-Id: <20220304185620.3272401-8-berrange@redhat.com> In-Reply-To: <20220304185620.3272401-1-berrange@redhat.com> References: <20220304185620.3272401-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Cc: Kevin Wolf , libvir-list@redhat.com, Stefan Weil , Hanna Reitz , Gerd Hoffmann , Paolo Bonzini , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Eric Blake X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1646420531876100001 With the future intent to try to move to a fully QAPI driven configuration system, we want to have any current command parsing well isolated from logic that applies the resulting configuration. We also don't want os-posix.c to contain code that is specific to the system emulators, as this file is linked to other binaries too. To satisfy these goals, we move parsing of the -runas, -chroot and -daemonize code out of the os-posix.c helper code, and pass the parsed data into APIs in os-posix.c. As a side benefit the 'os_daemonize()' function now lives up to its name and will always daemonize, instead of using global state to decide to be a no-op sometimes. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Eric Blake --- include/sysemu/os-posix.h | 4 +- include/sysemu/os-win32.h | 1 - os-posix.c | 148 +++++++++++--------------------------- os-win32.c | 9 --- softmmu/vl.c | 86 ++++++++++++++++++---- 5 files changed, 117 insertions(+), 131 deletions(-) diff --git a/include/sysemu/os-posix.h b/include/sysemu/os-posix.h index 2edf33658a..390f3f8396 100644 --- a/include/sysemu/os-posix.h +++ b/include/sysemu/os-posix.h @@ -46,7 +46,9 @@ void os_set_line_buffering(void); void os_set_proc_name(const char *s); void os_setup_signal_handling(void); void os_daemonize(void); -void os_setup_post(void); +void os_setup_post(const char *chroot_dir, + uid_t uid, gid_t gid, + const char *username); int os_mlock(void); =20 #define closesocket(s) close(s) diff --git a/include/sysemu/os-win32.h b/include/sysemu/os-win32.h index 43f569b5c2..4879f8731d 100644 --- a/include/sysemu/os-win32.h +++ b/include/sysemu/os-win32.h @@ -61,7 +61,6 @@ struct tm *localtime_r(const time_t *timep, struct tm *re= sult); =20 static inline void os_setup_signal_handling(void) {} static inline void os_daemonize(void) {} -static inline void os_setup_post(void) {} void os_set_line_buffering(void); static inline void os_set_proc_name(const char *dummy) {} =20 diff --git a/os-posix.c b/os-posix.c index 30da1a1491..f598a52a4f 100644 --- a/os-posix.c +++ b/os-posix.c @@ -42,11 +42,6 @@ #include #endif =20 -static char *user_name; -static uid_t user_uid =3D (uid_t)-1; -static gid_t user_gid =3D (gid_t)-1; - -static const char *chroot_dir; static int daemonize; static int daemon_pipe; =20 @@ -96,69 +91,6 @@ void os_set_proc_name(const char *s) } =20 =20 -static bool os_parse_runas_uid_gid(const char *optarg, - uid_t *runas_uid, gid_t *runas_gid) -{ - unsigned long lv; - const char *ep; - uid_t got_uid; - gid_t got_gid; - int rc; - - rc =3D qemu_strtoul(optarg, &ep, 0, &lv); - got_uid =3D lv; /* overflow here is ID in C99 */ - if (rc || *ep !=3D ':' || got_uid !=3D lv || got_uid =3D=3D (uid_t)-1)= { - return false; - } - - rc =3D qemu_strtoul(ep + 1, 0, 0, &lv); - got_gid =3D lv; /* overflow here is ID in C99 */ - if (rc || got_gid !=3D lv || got_gid =3D=3D (gid_t)-1) { - return false; - } - - *runas_uid =3D got_uid; - *runas_gid =3D got_gid; - return true; -} - -/* - * Parse OS specific command line options. - * return 0 if option handled, -1 otherwise - */ -int os_parse_cmd_args(int index, const char *optarg) -{ - struct passwd *user_pwd; - - switch (index) { - case QEMU_OPTION_runas: - user_pwd =3D getpwnam(optarg); - if (user_pwd) { - user_uid =3D user_pwd->pw_uid; - user_gid =3D user_pwd->pw_gid; - user_name =3D g_strdup(user_pwd->pw_name); - } else if (!os_parse_runas_uid_gid(optarg, - &user_uid, - &user_gid)) { - error_report("User \"%s\" doesn't exist" - " (and is not :)", - optarg); - exit(1); - } - break; - case QEMU_OPTION_chroot: - chroot_dir =3D optarg; - break; - case QEMU_OPTION_daemonize: - daemonize =3D 1; - break; - default: - return -1; - } - - return 0; -} - static void change_process_uid(uid_t uid, gid_t gid, const char *name) { if (setgid(gid) < 0) { @@ -202,54 +134,56 @@ static void change_root(const char *root) =20 void os_daemonize(void) { - if (daemonize) { - pid_t pid; - int fds[2]; + pid_t pid; + int fds[2]; =20 - if (pipe(fds) =3D=3D -1) { - exit(1); - } + if (pipe(fds) =3D=3D -1) { + exit(1); + } =20 - pid =3D fork(); - if (pid > 0) { - uint8_t status; - ssize_t len; + pid =3D fork(); + if (pid > 0) { + uint8_t status; + ssize_t len; =20 - close(fds[1]); + close(fds[1]); =20 - do { - len =3D read(fds[0], &status, 1); - } while (len < 0 && errno =3D=3D EINTR); + do { + len =3D read(fds[0], &status, 1); + } while (len < 0 && errno =3D=3D EINTR); =20 - /* only exit successfully if our child actually wrote - * a one-byte zero to our pipe, upon successful init */ - exit(len =3D=3D 1 && status =3D=3D 0 ? 0 : 1); + /* only exit successfully if our child actually wrote + * a one-byte zero to our pipe, upon successful init */ + exit(len =3D=3D 1 && status =3D=3D 0 ? 0 : 1); =20 - } else if (pid < 0) { - exit(1); - } + } else if (pid < 0) { + exit(1); + } =20 - close(fds[0]); - daemon_pipe =3D fds[1]; - qemu_set_cloexec(daemon_pipe); + close(fds[0]); + daemon_pipe =3D fds[1]; + qemu_set_cloexec(daemon_pipe); =20 - setsid(); + setsid(); =20 - pid =3D fork(); - if (pid > 0) { + pid =3D fork(); + if (pid > 0) { exit(0); - } else if (pid < 0) { - exit(1); - } - umask(027); - - signal(SIGTSTP, SIG_IGN); - signal(SIGTTOU, SIG_IGN); - signal(SIGTTIN, SIG_IGN); + } else if (pid < 0) { + exit(1); } + umask(027); + + signal(SIGTSTP, SIG_IGN); + signal(SIGTTOU, SIG_IGN); + signal(SIGTTIN, SIG_IGN); + + daemonize =3D true; } =20 -void os_setup_post(void) +void os_setup_post(const char *root_dir, + uid_t runas_uid, gid_t runas_gid, + const char *runas_name) { int fd =3D 0; =20 @@ -264,11 +198,11 @@ void os_setup_post(void) } } =20 - if (chroot_dir) { - change_root(chroot_dir); + if (root_dir !=3D NULL) { + change_root(root_dir); } - if (user_uid !=3D -1 && user_gid !=3D -1) { - change_process_uid(user_uid, user_gid, user_name); + if (runas_uid !=3D -1 && runas_gid !=3D -1) { + change_process_uid(runas_uid, runas_gid, runas_name); } =20 if (daemonize) { diff --git a/os-win32.c b/os-win32.c index e31c921983..6f21b57841 100644 --- a/os-win32.c +++ b/os-win32.c @@ -61,12 +61,3 @@ void os_set_line_buffering(void) setbuf(stdout, NULL); setbuf(stderr, NULL); } - -/* - * Parse OS specific command line options. - * return 0 if option handled, -1 otherwise - */ -int os_parse_cmd_args(int index, const char *optarg) -{ - return -1; -} diff --git a/softmmu/vl.c b/softmmu/vl.c index 12b714795d..0bdd064451 100644 --- a/softmmu/vl.c +++ b/softmmu/vl.c @@ -2604,11 +2604,13 @@ static void qemu_process_help_options(void) } } =20 -static void qemu_maybe_daemonize(const char *pid_file) +static void qemu_maybe_daemonize(bool daemonize, const char *pid_file) { Error *err =3D NULL; =20 - os_daemonize(); + if (daemonize) { + os_daemonize(); + } rcu_disable_atfork(); =20 if (pid_file && !qemu_write_pidfile(pid_file, &err)) { @@ -2770,6 +2772,35 @@ void qmp_x_exit_preconfig(Error **errp) } } =20 +#ifndef WIN32 +static bool os_parse_runas_uid_gid(const char *optarg, + uid_t *runas_uid, + gid_t *runas_gid) +{ + unsigned long lv; + const char *ep; + uid_t got_uid; + gid_t got_gid; + int rc; + + rc =3D qemu_strtoul(optarg, &ep, 0, &lv); + got_uid =3D lv; /* overflow here is ID in C99 */ + if (rc || *ep !=3D ':' || got_uid !=3D lv || got_uid =3D=3D (uid_t)-1)= { + return false; + } + + rc =3D qemu_strtoul(ep + 1, 0, 0, &lv); + got_gid =3D lv; /* overflow here is ID in C99 */ + if (rc || got_gid !=3D lv || got_gid =3D=3D (gid_t)-1) { + return false; + } + + *runas_gid =3D got_gid; + *runas_uid =3D got_uid; + return true; +} +#endif /* !WIN32 */ + void qemu_init(int argc, char **argv, char **envp) { QemuOpts *opts; @@ -2780,6 +2811,14 @@ void qemu_init(int argc, char **argv, char **envp) MachineClass *machine_class; bool userconfig =3D true; FILE *vmstate_dump_file =3D NULL; + bool daemonize =3D false; +#ifndef WIN32 + struct passwd *pwd; + uid_t runas_uid =3D -1; + gid_t runas_gid =3D -1; + g_autofree char *runas_name =3D NULL; + const char *chroot_dir =3D NULL; +#endif /* !WIN32 */ =20 qemu_add_opts(&qemu_drive_opts); qemu_add_drive_opts(&qemu_legacy_drive_opts); @@ -3661,15 +3700,34 @@ void qemu_init(int argc, char **argv, char **envp) case QEMU_OPTION_nouserconfig: /* Nothing to be parsed here. Especially, do not error out= below. */ break; - default: - if (os_parse_cmd_args(popt->index, optarg)) { - error_report("Option not supported in this build"); +#ifndef WIN32 + case QEMU_OPTION_runas: + pwd =3D getpwnam(optarg); + if (pwd) { + runas_uid =3D pwd->pw_uid; + runas_gid =3D pwd->pw_gid; + runas_name =3D g_strdup(pwd->pw_name); + } else if (!os_parse_runas_uid_gid(optarg, + &runas_uid, + &runas_gid)) { + error_report("User \"%s\" doesn't exist" + " (and is not :)", + optarg); exit(1); } - if (is_daemonized()) { - qemu_log_stdio_disable(); - qemu_chr_stdio_disable(); - } + break; + case QEMU_OPTION_chroot: + chroot_dir =3D optarg; + break; + case QEMU_OPTION_daemonize: + daemonize =3D 1; + qemu_log_stdio_disable(); + qemu_chr_stdio_disable(); + break; +#endif /* !WIN32 */ + default: + error_report("Option not supported in this build"); + exit(1); } } } @@ -3679,7 +3737,7 @@ void qemu_init(int argc, char **argv, char **envp) */ loc_set_none(); =20 - qemu_validate_options(machine_opts_dict, is_daemonized()); + qemu_validate_options(machine_opts_dict, daemonize); qemu_process_sugar_options(); =20 /* @@ -3689,7 +3747,7 @@ void qemu_init(int argc, char **argv, char **envp) qemu_process_early_options(); =20 qemu_process_help_options(); - qemu_maybe_daemonize(pid_file); + qemu_maybe_daemonize(daemonize, pid_file); =20 /* * The trace backend must be initialized after daemonizing. @@ -3717,7 +3775,7 @@ void qemu_init(int argc, char **argv, char **envp) suspend_mux_open(); =20 qemu_disable_default_devices(); - qemu_create_default_devices(is_daemonized()); + qemu_create_default_devices(daemonize); qemu_create_early_backends(); =20 qemu_apply_legacy_machine_options(machine_opts_dict); @@ -3784,6 +3842,8 @@ void qemu_init(int argc, char **argv, char **envp) } qemu_init_displays(); accel_setup_post(current_machine); - os_setup_post(); +#ifndef WIN32 + os_setup_post(chroot_dir, runas_uid, runas_gid, runas_name); +#endif /* !WIN32 */ resume_mux_open(); } --=20 2.34.1 From nobody Sat May 11 19:12:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1646420585; cv=none; d=zohomail.com; s=zohoarc; b=IRCMhYC10WvVk/ZM/AS+NueG30qYsJvmx0wfg5vaHnforFZVfNtDa46L9zqDhd97/IctLc6pW71k5HQXJ2gS7al6XggsUvQWdNZ2/Dw07hG/wtXR1VMnMN70/QIxCrvaKAgD6VkLMBKtBRTxTx2AXppgBoM6h626mwH9yiQX1H0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1646420585; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=sDyMCL+WNqokqeRg1184B87VJ2cSo0YlCiIByD/SOjg=; b=Gqz7rFJKOQQuHHkgr9A5ThP75O7PFlD4xfTvUlCeofIVNU9kLocJm/Ty4NYwCmWR/aXkKDeSMejuhyns3JT42wB0f9HNbrBqQC/HqD7l5ilTpLvGb5gl91T91k4ghXEoUikq6hcVtYZFP48dXH6RzqIKL1bcjH83xF1pQWkpwT4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1646420585320558.2979664778087; Fri, 4 Mar 2022 11:03:05 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-253-s3rAJMb8PuGBmN6W4QqqVw-1; Fri, 04 Mar 2022 14:03:03 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id AAA631091DA0; Fri, 4 Mar 2022 19:02:57 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8973010013C1; Fri, 4 Mar 2022 19:02:57 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 072331809CB3; Fri, 4 Mar 2022 19:02:57 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 224J2tQK000401 for ; Fri, 4 Mar 2022 14:02:55 -0500 Received: by smtp.corp.redhat.com (Postfix) id 3C1E860C13; Fri, 4 Mar 2022 19:02:55 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.39.194.222]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2076860BF1; Fri, 4 Mar 2022 19:01:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1646420585; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=sDyMCL+WNqokqeRg1184B87VJ2cSo0YlCiIByD/SOjg=; b=If1yO7oGWCjbSaYTldrXkCDuWBiKuoIoelM3YmSg7wrlL31ywWPHAjjX9naboD3wH/fP3U oYchwKl2pQZUaWDl3AqHKuChOabwG+VOnLn0wkQliZbiHvfcRBqrzSb8JNMAyrrUvljcdp 4qEdyy84m+TWXqYDt0QzSEBl69DTg8k= X-MC-Unique: s3rAJMb8PuGBmN6W4QqqVw-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH v2 8/8] softmmu: remove is_daemonized() method Date: Fri, 4 Mar 2022 18:56:20 +0000 Message-Id: <20220304185620.3272401-9-berrange@redhat.com> In-Reply-To: <20220304185620.3272401-1-berrange@redhat.com> References: <20220304185620.3272401-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Cc: Kevin Wolf , libvir-list@redhat.com, Stefan Weil , Hanna Reitz , Gerd Hoffmann , Paolo Bonzini , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Eric Blake X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1646420595165100001 There are no longer any users of this method, so it can be removed to prevent future accidental (mis)use. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Eric Blake --- include/sysemu/os-posix.h | 2 -- include/sysemu/os-win32.h | 5 ----- os-posix.c | 5 ----- stubs/is-daemonized.c | 9 --------- stubs/meson.build | 1 - 5 files changed, 22 deletions(-) delete mode 100644 stubs/is-daemonized.c diff --git a/include/sysemu/os-posix.h b/include/sysemu/os-posix.h index 390f3f8396..2c375f5b49 100644 --- a/include/sysemu/os-posix.h +++ b/include/sysemu/os-posix.h @@ -57,8 +57,6 @@ int os_mlock(void); typedef struct timeval qemu_timeval; #define qemu_gettimeofday(tp) gettimeofday(tp, NULL) =20 -bool is_daemonized(void); - /** * qemu_alloc_stack: * @sz: pointer to a size_t holding the requested usable stack size diff --git a/include/sysemu/os-win32.h b/include/sysemu/os-win32.h index 4879f8731d..a81f4fa9c1 100644 --- a/include/sysemu/os-win32.h +++ b/include/sysemu/os-win32.h @@ -76,11 +76,6 @@ typedef struct { } qemu_timeval; int qemu_gettimeofday(qemu_timeval *tp); =20 -static inline bool is_daemonized(void) -{ - return false; -} - static inline int os_mlock(void) { return -ENOSYS; diff --git a/os-posix.c b/os-posix.c index f598a52a4f..bd1140ab22 100644 --- a/os-posix.c +++ b/os-posix.c @@ -232,11 +232,6 @@ void os_set_line_buffering(void) setvbuf(stdout, NULL, _IOLBF, 0); } =20 -bool is_daemonized(void) -{ - return daemonize; -} - int os_mlock(void) { #ifdef HAVE_MLOCKALL diff --git a/stubs/is-daemonized.c b/stubs/is-daemonized.c deleted file mode 100644 index 8f63325bb2..0000000000 --- a/stubs/is-daemonized.c +++ /dev/null @@ -1,9 +0,0 @@ -#include "qemu/osdep.h" - -/* Win32 has its own inline stub */ -#ifndef _WIN32 -bool is_daemonized(void) -{ - return false; -} -#endif diff --git a/stubs/meson.build b/stubs/meson.build index d359cbe1ad..3d092b808e 100644 --- a/stubs/meson.build +++ b/stubs/meson.build @@ -18,7 +18,6 @@ if linux_io_uring.found() endif stub_ss.add(files('iothread-lock.c')) stub_ss.add(files('isa-bus.c')) -stub_ss.add(files('is-daemonized.c')) if libaio.found() stub_ss.add(files('linux-aio.c')) endif --=20 2.34.1