From nobody Thu May  2 01:19:55 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 149337854702513.890244784225843;
 Fri, 28 Apr 2017 04:22:27 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
 [10.5.11.11])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 68C9561D05;
	Fri, 28 Apr 2017 11:22:25 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 1CFE18FBEE;
	Fri, 28 Apr 2017 11:22:25 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id CF65B18523D1;
	Fri, 28 Apr 2017 11:22:23 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
	[10.5.11.11])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v3SBMLlh006919 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 28 Apr 2017 07:22:21 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 14FAF8FBEE; Fri, 28 Apr 2017 11:22:21 +0000 (UTC)
Received: from moe.brq.redhat.com (dhcp129-131.brq.redhat.com [10.34.129.131])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 6F8298FBF2;
	Fri, 28 Apr 2017 11:22:20 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 68C9561D05
Authentication-Results: ext-mx10.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx10.extmail.prod.ext.phx2.redhat.com;
 spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com
DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 68C9561D05
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 28 Apr 2017 13:22:10 +0200
Message-Id: 
 <eb985795f27724ac32f4e0ece6d2ed55a53d0064.1493378419.git.mprivozn@redhat.com>
In-Reply-To: <cover.1493378419.git.mprivozn@redhat.com>
References: <cover.1493378419.git.mprivozn@redhat.com>
In-Reply-To: <cover.1493378419.git.mprivozn@redhat.com>
References: <cover.1493378419.git.mprivozn@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-loop: libvir-list@redhat.com
Cc: cbosdonnat@suse.com
Subject: [libvirt] [PATCH 1/5] qemuDomainBuildNamespace: Move /dev/*
	mountpoints later
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]);
 Fri, 28 Apr 2017 11:22:26 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

When setting up mount namespace for a qemu domain the following
steps are executed:

1) get list of mountpoints under /dev/
2) move them to /var/run/libvirt/qemu/$domName.ext
3) start constructing new device tree under /var/run/libvirt/qemu/$domName.=
dev
4) move the mountpoint of the new device tree to /dev
5) restore original mountpoints from step 2)

Not the problem with this approach is that if some device in step
3) requires access to a mountpoint from step 2) it will fail as
the mountpoint is not there anymore. For instance consider the
following domain disk configuration:

    <disk type=3D'file' device=3D'disk'>
      <driver name=3D'qemu' type=3D'raw'/>
      <source file=3D'/dev/shm/vhostmd0'/>
      <target dev=3D'vdb' bus=3D'virtio'/>
      <address type=3D'pci' domain=3D'0x0000' bus=3D'0x00' slot=3D'0x0a' fu=
nction=3D'0x0'/>
    </disk>

In this case operation fails as we are unable to create vhostmd0
in the new device tree because after step 2) there is no /dev/shm
anymore. Leave aside fact that we shouldn't try to create devices
living in other mountpoints. That's a separate bug that will be
addressed later.

Currently, the order described above is rearranged to:

1) get list of mountpoints under /dev/
2) start constructing new device tree under /var/run/libvirt/qemu/$domName.=
dev
3) move them to /var/run/libvirt/qemu/$domName.ext
4) move the mountpoint of the new device tree to /dev
5) restore original mountpoints from step 3)

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/qemu/qemu_domain.c | 54 +++++++++++++++++++++++++---------------------=
----
 1 file changed, 27 insertions(+), 27 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 00b0b4a..be02d54 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -7950,33 +7950,6 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg,
     if (qemuDomainSetupDev(cfg, mgr, vm, devPath) < 0)
         goto cleanup;
=20
-    /* Save some mount points because we want to share them with the host =
*/
-    for (i =3D 0; i < ndevMountsPath; i++) {
-        struct stat sb;
-
-        if (devMountsSavePath[i] =3D=3D devPath)
-            continue;
-
-        if (stat(devMountsPath[i], &sb) < 0) {
-            virReportSystemError(errno,
-                                 _("Unable to stat: %s"),
-                                 devMountsPath[i]);
-            goto cleanup;
-        }
-
-        /* At this point, devMountsPath is either a regular file or a dire=
ctory. */
-        if ((S_ISDIR(sb.st_mode) && virFileMakePath(devMountsSavePath[i]) =
< 0) ||
-            (S_ISREG(sb.st_mode) && virFileTouch(devMountsSavePath[i], sb.=
st_mode) < 0)) {
-            virReportSystemError(errno,
-                                 _("Failed to create %s"),
-                                 devMountsSavePath[i]);
-            goto cleanup;
-        }
-
-        if (virFileMoveMount(devMountsPath[i], devMountsSavePath[i]) < 0)
-            goto cleanup;
-    }
-
     if (qemuDomainSetupAllDisks(cfg, vm, devPath) < 0)
         goto cleanup;
=20
@@ -8001,6 +7974,33 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg,
     if (qemuDomainSetupAllRNGs(cfg, vm, devPath) < 0)
         goto cleanup;
=20
+    /* Save some mount points because we want to share them with the host =
*/
+    for (i =3D 0; i < ndevMountsPath; i++) {
+        struct stat sb;
+
+        if (devMountsSavePath[i] =3D=3D devPath)
+            continue;
+
+        if (stat(devMountsPath[i], &sb) < 0) {
+            virReportSystemError(errno,
+                                 _("Unable to stat: %s"),
+                                 devMountsPath[i]);
+            goto cleanup;
+        }
+
+        /* At this point, devMountsPath is either a regular file or a dire=
ctory. */
+        if ((S_ISDIR(sb.st_mode) && virFileMakePath(devMountsSavePath[i]) =
< 0) ||
+            (S_ISREG(sb.st_mode) && virFileTouch(devMountsSavePath[i], sb.=
st_mode) < 0)) {
+            virReportSystemError(errno,
+                                 _("Failed to create %s"),
+                                 devMountsSavePath[i]);
+            goto cleanup;
+        }
+
+        if (virFileMoveMount(devMountsPath[i], devMountsSavePath[i]) < 0)
+            goto cleanup;
+    }
+
     if (virFileMoveMount(devPath, "/dev") < 0)
         goto cleanup;
=20
--=20
2.10.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Thu May  2 01:19:55 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1493378557629959.6993563053225;
 Fri, 28 Apr 2017 04:22:37 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id B528180059;
	Fri, 28 Apr 2017 11:22:35 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 8A6E88BC25;
	Fri, 28 Apr 2017 11:22:35 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 3F22A18523D5;
	Fri, 28 Apr 2017 11:22:35 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
	[10.5.11.11])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v3SBMMpl006927 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 28 Apr 2017 07:22:22 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 2BEAB8EE5C; Fri, 28 Apr 2017 11:22:22 +0000 (UTC)
Received: from moe.brq.redhat.com (dhcp129-131.brq.redhat.com [10.34.129.131])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 5F7F68FBEE;
	Fri, 28 Apr 2017 11:22:21 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com B528180059
Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com;
 spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com
DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com B528180059
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 28 Apr 2017 13:22:11 +0200
Message-Id: 
 <0d93e1c0efb5aae83e9efabbe0f87e651f4ea5da.1493378419.git.mprivozn@redhat.com>
In-Reply-To: <cover.1493378419.git.mprivozn@redhat.com>
References: <cover.1493378419.git.mprivozn@redhat.com>
In-Reply-To: <cover.1493378419.git.mprivozn@redhat.com>
References: <cover.1493378419.git.mprivozn@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-loop: libvir-list@redhat.com
Cc: cbosdonnat@suse.com
Subject: [libvirt] [PATCH 2/5] qemuDomainCreateDeviceRecursive: pass a
	structure instead of bare path
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]);
 Fri, 28 Apr 2017 11:22:36 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Currently, all we need to do in qemuDomainCreateDeviceRecursive() is to
take given @device, get all kinds of info on it (major & minor numbers,
owner, seclabels) and create its copy at a temporary location @path
(usually /var/run/libvirt/qemu/$domName.dev), if @device live under
/dev. This is, however, very loose condition, as it also means
/dev/shm/* is created too. Therefor, we will need to pass more arguments
into the function for better decision making (e.g. list of mount points
under /dev). Instead of adding more arguments to all the functions (not
easily reachable because some functions are callback with strictly
defined type), lets just turn this one 'const char *' into a 'struct *'.
New "arguments" can be then added at no cost.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/qemu/qemu_domain.c | 106 ++++++++++++++++++++++++++-------------------=
----
 1 file changed, 57 insertions(+), 49 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index be02d54..9e18f7e 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -7337,9 +7337,14 @@ qemuDomainGetPreservedMounts(virQEMUDriverConfigPtr =
cfg,
 }
=20
=20
+struct qemuDomainCreateDeviceData {
+    const char *path;     /* Path to temp new /dev location */
+};
+
+
 static int
 qemuDomainCreateDeviceRecursive(const char *device,
-                                const char *path,
+                                const struct qemuDomainCreateDeviceData *d=
ata,
                                 bool allow_noent,
                                 unsigned int ttl)
 {
@@ -7388,7 +7393,7 @@ qemuDomainCreateDeviceRecursive(const char *device,
      */
     if (STRPREFIX(device, DEVPREFIX)) {
         if (virAsprintf(&devicePath, "%s/%s",
-                        path, device + strlen(DEVPREFIX)) < 0)
+                        data->path, device + strlen(DEVPREFIX)) < 0)
             goto cleanup;
=20
         if (virFileMakeParentPath(devicePath) < 0) {
@@ -7449,7 +7454,7 @@ qemuDomainCreateDeviceRecursive(const char *device,
             tmp =3D NULL;
         }
=20
-        if (qemuDomainCreateDeviceRecursive(target, path,
+        if (qemuDomainCreateDeviceRecursive(target, data,
                                             allow_noent, ttl - 1) < 0)
             goto cleanup;
     } else {
@@ -7533,12 +7538,12 @@ qemuDomainCreateDeviceRecursive(const char *device,
=20
 static int
 qemuDomainCreateDevice(const char *device,
-                       const char *path,
+                       const struct qemuDomainCreateDeviceData *data,
                        bool allow_noent)
 {
     long symloop_max =3D sysconf(_SC_SYMLOOP_MAX);
=20
-    return qemuDomainCreateDeviceRecursive(device, path,
+    return qemuDomainCreateDeviceRecursive(device, data,
                                            allow_noent, symloop_max);
 }
=20
@@ -7546,7 +7551,7 @@ qemuDomainCreateDevice(const char *device,
 static int
 qemuDomainPopulateDevices(virQEMUDriverConfigPtr cfg,
                           virDomainObjPtr vm ATTRIBUTE_UNUSED,
-                          const char *path)
+                          const struct qemuDomainCreateDeviceData *data)
 {
     const char *const *devices =3D (const char *const *) cfg->cgroupDevice=
ACL;
     size_t i;
@@ -7556,7 +7561,7 @@ qemuDomainPopulateDevices(virQEMUDriverConfigPtr cfg,
         devices =3D defaultDeviceACL;
=20
     for (i =3D 0; devices[i]; i++) {
-        if (qemuDomainCreateDevice(devices[i], path, true) < 0)
+        if (qemuDomainCreateDevice(devices[i], data, true) < 0)
             goto cleanup;
     }
=20
@@ -7570,7 +7575,7 @@ static int
 qemuDomainSetupDev(virQEMUDriverConfigPtr cfg,
                    virSecurityManagerPtr mgr,
                    virDomainObjPtr vm,
-                   const char *path)
+                   const struct qemuDomainCreateDeviceData *data)
 {
     char *mount_options =3D NULL;
     char *opts =3D NULL;
@@ -7592,10 +7597,10 @@ qemuDomainSetupDev(virQEMUDriverConfigPtr cfg,
                     "mode=3D755,size=3D65536%s", mount_options) < 0)
         goto cleanup;
=20
-    if (virFileSetupDev(path, opts) < 0)
+    if (virFileSetupDev(data->path, opts) < 0)
         goto cleanup;
=20
-    if (qemuDomainPopulateDevices(cfg, vm, path) < 0)
+    if (qemuDomainPopulateDevices(cfg, vm, data) < 0)
         goto cleanup;
=20
     ret =3D 0;
@@ -7609,7 +7614,7 @@ qemuDomainSetupDev(virQEMUDriverConfigPtr cfg,
 static int
 qemuDomainSetupDisk(virQEMUDriverConfigPtr cfg ATTRIBUTE_UNUSED,
                     virDomainDiskDefPtr disk,
-                    const char *devPath)
+                    const struct qemuDomainCreateDeviceData *data)
 {
     virStorageSourcePtr next;
     char *dst =3D NULL;
@@ -7621,7 +7626,7 @@ qemuDomainSetupDisk(virQEMUDriverConfigPtr cfg ATTRIB=
UTE_UNUSED,
             continue;
         }
=20
-        if (qemuDomainCreateDevice(next->path, devPath, false) < 0)
+        if (qemuDomainCreateDevice(next->path, data, false) < 0)
             goto cleanup;
     }
=20
@@ -7635,7 +7640,7 @@ qemuDomainSetupDisk(virQEMUDriverConfigPtr cfg ATTRIB=
UTE_UNUSED,
 static int
 qemuDomainSetupAllDisks(virQEMUDriverConfigPtr cfg,
                         virDomainObjPtr vm,
-                        const char *devPath)
+                        const struct qemuDomainCreateDeviceData *data)
 {
     size_t i;
     VIR_DEBUG("Setting up disks");
@@ -7643,7 +7648,7 @@ qemuDomainSetupAllDisks(virQEMUDriverConfigPtr cfg,
     for (i =3D 0; i < vm->def->ndisks; i++) {
         if (qemuDomainSetupDisk(cfg,
                                 vm->def->disks[i],
-                                devPath) < 0)
+                                data) < 0)
             return -1;
     }
=20
@@ -7655,7 +7660,7 @@ qemuDomainSetupAllDisks(virQEMUDriverConfigPtr cfg,
 static int
 qemuDomainSetupHostdev(virQEMUDriverConfigPtr cfg ATTRIBUTE_UNUSED,
                        virDomainHostdevDefPtr dev,
-                       const char *devPath)
+                       const struct qemuDomainCreateDeviceData *data)
 {
     int ret =3D -1;
     char **path =3D NULL;
@@ -7665,7 +7670,7 @@ qemuDomainSetupHostdev(virQEMUDriverConfigPtr cfg ATT=
RIBUTE_UNUSED,
         goto cleanup;
=20
     for (i =3D 0; i < npaths; i++) {
-        if (qemuDomainCreateDevice(path[i], devPath, false) < 0)
+        if (qemuDomainCreateDevice(path[i], data, false) < 0)
             goto cleanup;
     }
=20
@@ -7681,7 +7686,7 @@ qemuDomainSetupHostdev(virQEMUDriverConfigPtr cfg ATT=
RIBUTE_UNUSED,
 static int
 qemuDomainSetupAllHostdevs(virQEMUDriverConfigPtr cfg,
                            virDomainObjPtr vm,
-                           const char *devPath)
+                           const struct qemuDomainCreateDeviceData *data)
 {
     size_t i;
=20
@@ -7689,7 +7694,7 @@ qemuDomainSetupAllHostdevs(virQEMUDriverConfigPtr cfg,
     for (i =3D 0; i < vm->def->nhostdevs; i++) {
         if (qemuDomainSetupHostdev(cfg,
                                    vm->def->hostdevs[i],
-                                   devPath) < 0)
+                                   data) < 0)
             return -1;
     }
     VIR_DEBUG("Setup all hostdevs");
@@ -7700,19 +7705,19 @@ qemuDomainSetupAllHostdevs(virQEMUDriverConfigPtr c=
fg,
 static int
 qemuDomainSetupMemory(virQEMUDriverConfigPtr cfg ATTRIBUTE_UNUSED,
                       virDomainMemoryDefPtr mem,
-                      const char *devPath)
+                      const struct qemuDomainCreateDeviceData *data)
 {
     if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM)
         return 0;
=20
-    return qemuDomainCreateDevice(mem->nvdimmPath, devPath, false);
+    return qemuDomainCreateDevice(mem->nvdimmPath, data, false);
 }
=20
=20
 static int
 qemuDomainSetupAllMemories(virQEMUDriverConfigPtr cfg,
                            virDomainObjPtr vm,
-                           const char *devPath)
+                           const struct qemuDomainCreateDeviceData *data)
 {
     size_t i;
=20
@@ -7720,7 +7725,7 @@ qemuDomainSetupAllMemories(virQEMUDriverConfigPtr cfg,
     for (i =3D 0; i < vm->def->nmems; i++) {
         if (qemuDomainSetupMemory(cfg,
                                   vm->def->mems[i],
-                                  devPath) < 0)
+                                  data) < 0)
             return -1;
     }
     VIR_DEBUG("Setup all memories");
@@ -7733,26 +7738,26 @@ qemuDomainSetupChardev(virDomainDefPtr def ATTRIBUT=
E_UNUSED,
                        virDomainChrDefPtr dev,
                        void *opaque)
 {
-    const char *devPath =3D opaque;
+    const struct qemuDomainCreateDeviceData *data =3D opaque;
=20
     if (dev->source->type !=3D VIR_DOMAIN_CHR_TYPE_DEV)
         return 0;
=20
-    return qemuDomainCreateDevice(dev->source->data.file.path, devPath, fa=
lse);
+    return qemuDomainCreateDevice(dev->source->data.file.path, data, false=
);
 }
=20
=20
 static int
 qemuDomainSetupAllChardevs(virQEMUDriverConfigPtr cfg ATTRIBUTE_UNUSED,
                            virDomainObjPtr vm,
-                           const char *devPath)
+                           const struct qemuDomainCreateDeviceData *data)
 {
     VIR_DEBUG("Setting up chardevs");
=20
     if (virDomainChrDefForeach(vm->def,
                                true,
                                qemuDomainSetupChardev,
-                               (void *) devPath) < 0)
+                               (void *) data) < 0)
         return -1;
=20
     VIR_DEBUG("Setup all chardevs");
@@ -7763,7 +7768,7 @@ qemuDomainSetupAllChardevs(virQEMUDriverConfigPtr cfg=
 ATTRIBUTE_UNUSED,
 static int
 qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg ATTRIBUTE_UNUSED,
                    virDomainObjPtr vm,
-                   const char *devPath)
+                   const struct qemuDomainCreateDeviceData *data)
 {
     virDomainTPMDefPtr dev =3D vm->def->tpm;
=20
@@ -7775,7 +7780,7 @@ qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg ATTRIBU=
TE_UNUSED,
     switch (dev->type) {
     case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
         if (qemuDomainCreateDevice(dev->data.passthrough.source.data.file.=
path,
-                                   devPath, false) < 0)
+                                   data, false) < 0)
             return -1;
         break;
=20
@@ -7792,7 +7797,7 @@ qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg ATTRIBU=
TE_UNUSED,
 static int
 qemuDomainSetupGraphics(virQEMUDriverConfigPtr cfg ATTRIBUTE_UNUSED,
                         virDomainGraphicsDefPtr gfx,
-                        const char *devPath)
+                        const struct qemuDomainCreateDeviceData *data)
 {
     const char *rendernode =3D gfx->data.spice.rendernode;
=20
@@ -7801,14 +7806,14 @@ qemuDomainSetupGraphics(virQEMUDriverConfigPtr cfg =
ATTRIBUTE_UNUSED,
         !rendernode)
         return 0;
=20
-    return qemuDomainCreateDevice(rendernode, devPath, false);
+    return qemuDomainCreateDevice(rendernode, data, false);
 }
=20
=20
 static int
 qemuDomainSetupAllGraphics(virQEMUDriverConfigPtr cfg,
                            virDomainObjPtr vm,
-                           const char *devPath)
+                           const struct qemuDomainCreateDeviceData *data)
 {
     size_t i;
=20
@@ -7816,7 +7821,7 @@ qemuDomainSetupAllGraphics(virQEMUDriverConfigPtr cfg,
     for (i =3D 0; i < vm->def->ngraphics; i++) {
         if (qemuDomainSetupGraphics(cfg,
                                     vm->def->graphics[i],
-                                    devPath) < 0)
+                                    data) < 0)
             return -1;
     }
=20
@@ -7828,13 +7833,13 @@ qemuDomainSetupAllGraphics(virQEMUDriverConfigPtr c=
fg,
 static int
 qemuDomainSetupInput(virQEMUDriverConfigPtr cfg ATTRIBUTE_UNUSED,
                      virDomainInputDefPtr input,
-                     const char *devPath)
+                     const struct qemuDomainCreateDeviceData *data)
 {
     int ret =3D -1;
=20
     switch ((virDomainInputType) input->type) {
     case VIR_DOMAIN_INPUT_TYPE_PASSTHROUGH:
-        if (qemuDomainCreateDevice(input->source.evdev, devPath, false) < =
0)
+        if (qemuDomainCreateDevice(input->source.evdev, data, false) < 0)
             goto cleanup;
         break;
=20
@@ -7855,7 +7860,7 @@ qemuDomainSetupInput(virQEMUDriverConfigPtr cfg ATTRI=
BUTE_UNUSED,
 static int
 qemuDomainSetupAllInputs(virQEMUDriverConfigPtr cfg,
                          virDomainObjPtr vm,
-                         const char *devPath)
+                         const struct qemuDomainCreateDeviceData *data)
 {
     size_t i;
=20
@@ -7863,7 +7868,7 @@ qemuDomainSetupAllInputs(virQEMUDriverConfigPtr cfg,
     for (i =3D 0; i < vm->def->ninputs; i++) {
         if (qemuDomainSetupInput(cfg,
                                  vm->def->inputs[i],
-                                 devPath) < 0)
+                                 data) < 0)
             return -1;
     }
     VIR_DEBUG("Setup all inputs");
@@ -7874,11 +7879,11 @@ qemuDomainSetupAllInputs(virQEMUDriverConfigPtr cfg,
 static int
 qemuDomainSetupRNG(virQEMUDriverConfigPtr cfg ATTRIBUTE_UNUSED,
                    virDomainRNGDefPtr rng,
-                   const char *devPath)
+                   const struct qemuDomainCreateDeviceData *data)
 {
     switch ((virDomainRNGBackend) rng->backend) {
     case VIR_DOMAIN_RNG_BACKEND_RANDOM:
-        if (qemuDomainCreateDevice(rng->source.file, devPath, false) < 0)
+        if (qemuDomainCreateDevice(rng->source.file, data, false) < 0)
             return -1;
=20
     case VIR_DOMAIN_RNG_BACKEND_EGD:
@@ -7894,7 +7899,7 @@ qemuDomainSetupRNG(virQEMUDriverConfigPtr cfg ATTRIBU=
TE_UNUSED,
 static int
 qemuDomainSetupAllRNGs(virQEMUDriverConfigPtr cfg,
                        virDomainObjPtr vm,
-                       const char *devPath)
+                       const struct qemuDomainCreateDeviceData *data)
 {
     size_t i;
=20
@@ -7902,7 +7907,7 @@ qemuDomainSetupAllRNGs(virQEMUDriverConfigPtr cfg,
     for (i =3D 0; i < vm->def->nrngs; i++) {
         if (qemuDomainSetupRNG(cfg,
                                vm->def->rngs[i],
-                               devPath) < 0)
+                               data) < 0)
             return -1;
     }
=20
@@ -7916,6 +7921,7 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg,
                          virSecurityManagerPtr mgr,
                          virDomainObjPtr vm)
 {
+    struct qemuDomainCreateDeviceData data;
     char *devPath =3D NULL;
     char **devMountsPath =3D NULL, **devMountsSavePath =3D NULL;
     size_t ndevMountsPath =3D 0, i;
@@ -7944,34 +7950,36 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg,
         goto cleanup;
     }
=20
+    data.path =3D devPath;
+
     if (virProcessSetupPrivateMountNS() < 0)
         goto cleanup;
=20
-    if (qemuDomainSetupDev(cfg, mgr, vm, devPath) < 0)
+    if (qemuDomainSetupDev(cfg, mgr, vm, &data) < 0)
         goto cleanup;
=20
-    if (qemuDomainSetupAllDisks(cfg, vm, devPath) < 0)
+    if (qemuDomainSetupAllDisks(cfg, vm, &data) < 0)
         goto cleanup;
=20
-    if (qemuDomainSetupAllHostdevs(cfg, vm, devPath) < 0)
+    if (qemuDomainSetupAllHostdevs(cfg, vm, &data) < 0)
         goto cleanup;
=20
-    if (qemuDomainSetupAllMemories(cfg, vm, devPath) < 0)
+    if (qemuDomainSetupAllMemories(cfg, vm, &data) < 0)
         goto cleanup;
=20
-    if (qemuDomainSetupAllChardevs(cfg, vm, devPath) < 0)
+    if (qemuDomainSetupAllChardevs(cfg, vm, &data) < 0)
         goto cleanup;
=20
-    if (qemuDomainSetupTPM(cfg, vm, devPath) < 0)
+    if (qemuDomainSetupTPM(cfg, vm, &data) < 0)
         goto cleanup;
=20
-    if (qemuDomainSetupAllGraphics(cfg, vm, devPath) < 0)
+    if (qemuDomainSetupAllGraphics(cfg, vm, &data) < 0)
         goto cleanup;
=20
-    if (qemuDomainSetupAllInputs(cfg, vm, devPath) < 0)
+    if (qemuDomainSetupAllInputs(cfg, vm, &data) < 0)
         goto cleanup;
=20
-    if (qemuDomainSetupAllRNGs(cfg, vm, devPath) < 0)
+    if (qemuDomainSetupAllRNGs(cfg, vm, &data) < 0)
         goto cleanup;
=20
     /* Save some mount points because we want to share them with the host =
*/
--=20
2.10.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Thu May  2 01:19:55 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1493378557321332.3216014604287;
 Fri, 28 Apr 2017 04:22:37 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
 [10.5.11.14])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id B063564D94;
	Fri, 28 Apr 2017 11:22:35 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 8CFBA8BE51;
	Fri, 28 Apr 2017 11:22:35 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 3F85F18523D6;
	Fri, 28 Apr 2017 11:22:35 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
	[10.5.11.11])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v3SBMN0s006934 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 28 Apr 2017 07:22:23 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 609048EE5C; Fri, 28 Apr 2017 11:22:23 +0000 (UTC)
Received: from moe.brq.redhat.com (dhcp129-131.brq.redhat.com [10.34.129.131])
	by smtp.corp.redhat.com (Postfix) with ESMTP id B3F9F8FBEE;
	Fri, 28 Apr 2017 11:22:22 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com B063564D94
Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com;
 spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com
DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com B063564D94
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 28 Apr 2017 13:22:12 +0200
Message-Id: 
 <3e0f9400d8de1b31eed158da43210b88e0102bfe.1493378419.git.mprivozn@redhat.com>
In-Reply-To: <cover.1493378419.git.mprivozn@redhat.com>
References: <cover.1493378419.git.mprivozn@redhat.com>
In-Reply-To: <cover.1493378419.git.mprivozn@redhat.com>
References: <cover.1493378419.git.mprivozn@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-loop: libvir-list@redhat.com
Cc: cbosdonnat@suse.com
Subject: [libvirt] [PATCH 3/5] qemuDomainCreateDeviceRecursive: Don't try to
	create devices under preserved mount points
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]);
 Fri, 28 Apr 2017 11:22:36 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

While the code allows devices to already be there (by some
miracle), we shouldn't try to create devices that don't belong to
us. For instance, we shouldn't try to create /dev/shm/file
because /dev/shm is a mount point that is preserved. Therefore if
a file is created there from an outside (e.g. by mgmt application
or some other daemon running on the system like vhostmd), it
exists in the qemu namespace too as the mount point is the same.
It's only /dev and /dev only that is different. The same
reasoning applies to all other preserved mount points.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/qemu/qemu_domain.c | 39 ++++++++++++++++++++++++++++++---------
 1 file changed, 30 insertions(+), 9 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 9e18f7e..5840c57 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -7339,6 +7339,8 @@ qemuDomainGetPreservedMounts(virQEMUDriverConfigPtr c=
fg,
=20
 struct qemuDomainCreateDeviceData {
     const char *path;     /* Path to temp new /dev location */
+    char * const *devMountsPath;
+    size_t ndevMountsPath;
 };
=20
=20
@@ -7392,17 +7394,34 @@ qemuDomainCreateDeviceRecursive(const char *device,
      * For now, lets hope callers play nice.
      */
     if (STRPREFIX(device, DEVPREFIX)) {
-        if (virAsprintf(&devicePath, "%s/%s",
-                        data->path, device + strlen(DEVPREFIX)) < 0)
-            goto cleanup;
+        size_t i;
=20
-        if (virFileMakeParentPath(devicePath) < 0) {
-            virReportSystemError(errno,
-                                 _("Unable to create %s"),
-                                 devicePath);
-            goto cleanup;
+        for (i =3D 0; i < data->ndevMountsPath; i++) {
+            if (STREQ(data->devMountsPath[i], "/dev"))
+                continue;
+            if (STRPREFIX(device, data->devMountsPath[i]))
+                break;
+        }
+
+        if (i =3D=3D data->ndevMountsPath) {
+            /* Okay, @device is in /dev but not in any mount point under /=
dev.
+             * Create it. */
+            if (virAsprintf(&devicePath, "%s/%s",
+                            data->path, device + strlen(DEVPREFIX)) < 0)
+                goto cleanup;
+
+            if (virFileMakeParentPath(devicePath) < 0) {
+                virReportSystemError(errno,
+                                     _("Unable to create %s"),
+                                     devicePath);
+                goto cleanup;
+            }
+            VIR_DEBUG("Creating dev %s", device);
+            create =3D true;
+        } else {
+            VIR_DEBUG("Skipping dev %s because of %s mount point",
+                      device, data->devMountsPath[i]);
         }
-        create =3D true;
     }
=20
     if (isLink) {
@@ -7951,6 +7970,8 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg,
     }
=20
     data.path =3D devPath;
+    data.devMountsPath =3D devMountsPath;
+    data.ndevMountsPath =3D ndevMountsPath;
=20
     if (virProcessSetupPrivateMountNS() < 0)
         goto cleanup;
--=20
2.10.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Thu May  2 01:19:55 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1493378551564482.89221132401894;
 Fri, 28 Apr 2017 04:22:31 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 0B3C761D38;
	Fri, 28 Apr 2017 11:22:30 +0000 (UTC)
Received: from colo-mx.corp.redhat.com (unknown [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id D9BA18BC25;
	Fri, 28 Apr 2017 11:22:29 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 7A0FF4EBD7;
	Fri, 28 Apr 2017 11:22:29 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
	[10.5.11.11])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v3SBMOah006942 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 28 Apr 2017 07:22:24 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 49B398FBF0; Fri, 28 Apr 2017 11:22:24 +0000 (UTC)
Received: from moe.brq.redhat.com (dhcp129-131.brq.redhat.com [10.34.129.131])
	by smtp.corp.redhat.com (Postfix) with ESMTP id A49A28EE5C;
	Fri, 28 Apr 2017 11:22:23 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 0B3C761D38
Authentication-Results: ext-mx10.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx10.extmail.prod.ext.phx2.redhat.com;
 spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com
DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 0B3C761D38
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 28 Apr 2017 13:22:13 +0200
Message-Id: 
 <c1a9ad2c83f03ca372a29097129551e1c4c125c3.1493378419.git.mprivozn@redhat.com>
In-Reply-To: <cover.1493378419.git.mprivozn@redhat.com>
References: <cover.1493378419.git.mprivozn@redhat.com>
In-Reply-To: <cover.1493378419.git.mprivozn@redhat.com>
References: <cover.1493378419.git.mprivozn@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-loop: libvir-list@redhat.com
Cc: cbosdonnat@suse.com
Subject: [libvirt] [PATCH 4/5] qemuDomainAttachDeviceMknodRecursive: Don't
	try to create devices under preserved mount points
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]);
 Fri, 28 Apr 2017 11:22:30 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Just like in previous commit, this fixes the same issue for
hotplug.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/qemu/qemu_domain.c | 112 ++++++++++++++++++++++++++++++++++++++++++---=
----
 1 file changed, 97 insertions(+), 15 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 5840c57..60f8f01 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -8238,6 +8238,8 @@ static int
 qemuDomainAttachDeviceMknodRecursive(virQEMUDriverPtr driver,
                                      virDomainObjPtr vm,
                                      const char *file,
+                                     char * const *devMountsPath,
+                                     size_t ndevMountsPath,
                                      unsigned int ttl)
 {
     struct qemuDomainAttachDeviceMknodData data;
@@ -8315,20 +8317,36 @@ qemuDomainAttachDeviceMknodRecursive(virQEMUDriverP=
tr driver,
 #endif
=20
     if (STRPREFIX(file, DEVPREFIX)) {
-        if (qemuSecurityPreFork(driver->securityManager) < 0)
-            goto cleanup;
+        size_t i;
=20
-        if (virProcessRunInMountNamespace(vm->pid,
-                                          qemuDomainAttachDeviceMknodHelpe=
r,
-                                          &data) < 0) {
+        for (i =3D 0; i < ndevMountsPath; i++) {
+            if (STREQ(devMountsPath[i], "/dev"))
+                continue;
+            if (STRPREFIX(file, devMountsPath[i]))
+                break;
+        }
+
+        if (i =3D=3D ndevMountsPath) {
+            if (qemuSecurityPreFork(driver->securityManager) < 0)
+                goto cleanup;
+
+            if (virProcessRunInMountNamespace(vm->pid,
+                                              qemuDomainAttachDeviceMknodH=
elper,
+                                              &data) < 0) {
+                qemuSecurityPostFork(driver->securityManager);
+                goto cleanup;
+            }
             qemuSecurityPostFork(driver->securityManager);
-            goto cleanup;
+        } else {
+            VIR_DEBUG("Skipping dev %s because of %s mount point",
+                      file, devMountsPath[i]);
         }
-        qemuSecurityPostFork(driver->securityManager);
     }
=20
     if (isLink &&
-        qemuDomainAttachDeviceMknodRecursive(driver, vm, target, ttl -1) <=
 0)
+        qemuDomainAttachDeviceMknodRecursive(driver, vm, target,
+                                             devMountsPath, ndevMountsPath,
+                                             ttl -1) < 0)
         goto cleanup;
=20
     ret =3D 0;
@@ -8345,11 +8363,15 @@ qemuDomainAttachDeviceMknodRecursive(virQEMUDriverP=
tr driver,
 static int
 qemuDomainAttachDeviceMknod(virQEMUDriverPtr driver,
                             virDomainObjPtr vm,
-                            const char *file)
+                            const char *file,
+                            char * const *devMountsPath,
+                            size_t ndevMountsPath)
 {
     long symloop_max =3D sysconf(_SC_SYMLOOP_MAX);
=20
-    return qemuDomainAttachDeviceMknodRecursive(driver, vm, file, symloop_=
max);
+    return qemuDomainAttachDeviceMknodRecursive(driver, vm, file,
+                                                devMountsPath, ndevMountsP=
ath,
+                                                symloop_max);
 }
=20
=20
@@ -8389,6 +8411,9 @@ qemuDomainNamespaceSetupDisk(virQEMUDriverPtr driver,
                              virDomainObjPtr vm,
                              virStorageSourcePtr src)
 {
+    virQEMUDriverConfigPtr cfg =3D NULL;
+    char **devMountsPath =3D NULL;
+    size_t ndevMountsPath =3D 0;
     virStorageSourcePtr next;
     struct stat sb;
     int ret =3D -1;
@@ -8396,6 +8421,12 @@ qemuDomainNamespaceSetupDisk(virQEMUDriverPtr driver,
     if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
         return 0;
=20
+    cfg =3D virQEMUDriverGetConfig(driver);
+    if (qemuDomainGetPreservedMounts(cfg, vm,
+                                     &devMountsPath, NULL,
+                                     &ndevMountsPath) < 0)
+        goto cleanup;
+
     for (next =3D src; next; next =3D next->backingStore) {
         if (virStorageSourceIsEmpty(next) ||
             !virStorageSourceIsLocalStorage(next)) {
@@ -8414,12 +8445,15 @@ qemuDomainNamespaceSetupDisk(virQEMUDriverPtr drive=
r,
=20
         if (qemuDomainAttachDeviceMknod(driver,
                                         vm,
-                                        next->path) < 0)
+                                        next->path,
+                                        devMountsPath, ndevMountsPath) < 0)
             goto cleanup;
     }
=20
     ret =3D 0;
  cleanup:
+    virStringListFreeCount(devMountsPath, ndevMountsPath);
+    virObjectUnref(cfg);
     return ret;
 }
=20
@@ -8444,6 +8478,9 @@ qemuDomainNamespaceSetupHostdev(virQEMUDriverPtr driv=
er,
                                 virDomainObjPtr vm,
                                 virDomainHostdevDefPtr hostdev)
 {
+    virQEMUDriverConfigPtr cfg =3D NULL;
+    char **devMountsPath =3D NULL;
+    size_t ndevMountsPath =3D 0;
     int ret =3D -1;
     char **path =3D NULL;
     size_t i, npaths =3D 0;
@@ -8454,10 +8491,17 @@ qemuDomainNamespaceSetupHostdev(virQEMUDriverPtr dr=
iver,
     if (qemuDomainGetHostdevPath(NULL, hostdev, false, &npaths, &path, NUL=
L) < 0)
         goto cleanup;
=20
+    cfg =3D virQEMUDriverGetConfig(driver);
+    if (qemuDomainGetPreservedMounts(cfg, vm,
+                                     &devMountsPath, NULL,
+                                     &ndevMountsPath) < 0)
+        goto cleanup;
+
     for (i =3D 0; i < npaths; i++) {
         if (qemuDomainAttachDeviceMknod(driver,
                                         vm,
-                                        path[i]) < 0)
+                                        path[i],
+                                        devMountsPath, ndevMountsPath) < 0)
         goto cleanup;
     }
=20
@@ -8466,6 +8510,8 @@ qemuDomainNamespaceSetupHostdev(virQEMUDriverPtr driv=
er,
     for (i =3D 0; i < npaths; i++)
         VIR_FREE(path[i]);
     VIR_FREE(path);
+    virStringListFreeCount(devMountsPath, ndevMountsPath);
+    virObjectUnref(cfg);
     return ret;
 }
=20
@@ -8505,6 +8551,9 @@ qemuDomainNamespaceSetupMemory(virQEMUDriverPtr drive=
r,
                                virDomainObjPtr vm,
                                virDomainMemoryDefPtr mem)
 {
+    virQEMUDriverConfigPtr cfg =3D NULL;
+    char **devMountsPath =3D NULL;
+    size_t ndevMountsPath =3D 0;
     int ret =3D -1;
=20
     if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM)
@@ -8513,10 +8562,19 @@ qemuDomainNamespaceSetupMemory(virQEMUDriverPtr dri=
ver,
     if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
         return 0;
=20
-    if (qemuDomainAttachDeviceMknod(driver, vm, mem->nvdimmPath) < 0)
+    cfg =3D virQEMUDriverGetConfig(driver);
+    if (qemuDomainGetPreservedMounts(cfg, vm,
+                                     &devMountsPath, NULL,
+                                     &ndevMountsPath) < 0)
+        goto cleanup;
+
+    if (qemuDomainAttachDeviceMknod(driver, vm, mem->nvdimmPath,
+                                    devMountsPath, ndevMountsPath) < 0)
         goto cleanup;
     ret =3D 0;
  cleanup:
+    virStringListFreeCount(devMountsPath, ndevMountsPath);
+    virObjectUnref(cfg);
     return ret;
 }
=20
@@ -8547,6 +8605,9 @@ qemuDomainNamespaceSetupChardev(virQEMUDriverPtr driv=
er,
                                 virDomainObjPtr vm,
                                 virDomainChrDefPtr chr)
 {
+    virQEMUDriverConfigPtr cfg =3D NULL;
+    char **devMountsPath =3D NULL;
+    size_t ndevMountsPath =3D 0;
     const char *path;
     int ret =3D -1;
=20
@@ -8558,12 +8619,21 @@ qemuDomainNamespaceSetupChardev(virQEMUDriverPtr dr=
iver,
=20
     path =3D chr->source->data.file.path;
=20
+    cfg =3D virQEMUDriverGetConfig(driver);
+    if (qemuDomainGetPreservedMounts(cfg, vm,
+                                     &devMountsPath, NULL,
+                                     &ndevMountsPath) < 0)
+        goto cleanup;
+
     if (qemuDomainAttachDeviceMknod(driver,
                                     vm,
-                                    path) < 0)
+                                    path,
+                                    devMountsPath, ndevMountsPath) < 0)
         goto cleanup;
     ret =3D 0;
  cleanup:
+    virStringListFreeCount(devMountsPath, ndevMountsPath);
+    virObjectUnref(cfg);
     return ret;
 }
=20
@@ -8598,6 +8668,9 @@ qemuDomainNamespaceSetupRNG(virQEMUDriverPtr driver,
                             virDomainObjPtr vm,
                             virDomainRNGDefPtr rng)
 {
+    virQEMUDriverConfigPtr cfg =3D NULL;
+    char **devMountsPath =3D NULL;
+    size_t ndevMountsPath =3D 0;
     const char *path =3D NULL;
     int ret =3D -1;
=20
@@ -8615,12 +8688,21 @@ qemuDomainNamespaceSetupRNG(virQEMUDriverPtr driver,
         goto cleanup;
     }
=20
+    cfg =3D virQEMUDriverGetConfig(driver);
+    if (qemuDomainGetPreservedMounts(cfg, vm,
+                                     &devMountsPath, NULL,
+                                     &ndevMountsPath) < 0)
+        goto cleanup;
+
     if (qemuDomainAttachDeviceMknod(driver,
                                     vm,
-                                    path) < 0)
+                                    path,
+                                    devMountsPath, ndevMountsPath) < 0)
         goto cleanup;
     ret =3D 0;
  cleanup:
+    virStringListFreeCount(devMountsPath, ndevMountsPath);
+    virObjectUnref(cfg);
     return ret;
 }
=20
--=20
2.10.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Thu May  2 01:19:55 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 149337856228750.73803454875883;
 Fri, 28 Apr 2017 04:22:42 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id C432C63336;
	Fri, 28 Apr 2017 11:22:40 +0000 (UTC)
Received: from colo-mx.corp.redhat.com (unknown [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id A002D8BC25;
	Fri, 28 Apr 2017 11:22:40 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id D46084E9BD;
	Fri, 28 Apr 2017 11:22:39 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
	[10.5.11.11])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v3SBMPUV006947 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 28 Apr 2017 07:22:25 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 3B1248FBF0; Fri, 28 Apr 2017 11:22:25 +0000 (UTC)
Received: from moe.brq.redhat.com (dhcp129-131.brq.redhat.com [10.34.129.131])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 94BEF8EE5C;
	Fri, 28 Apr 2017 11:22:24 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com C432C63336
Authentication-Results: ext-mx10.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx10.extmail.prod.ext.phx2.redhat.com;
 spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com
DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com C432C63336
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 28 Apr 2017 13:22:14 +0200
Message-Id: 
 <b47bf71e3e470cee9669d1f2cd90a18455209960.1493378419.git.mprivozn@redhat.com>
In-Reply-To: <cover.1493378419.git.mprivozn@redhat.com>
References: <cover.1493378419.git.mprivozn@redhat.com>
In-Reply-To: <cover.1493378419.git.mprivozn@redhat.com>
References: <cover.1493378419.git.mprivozn@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-loop: libvir-list@redhat.com
Cc: cbosdonnat@suse.com
Subject: [libvirt] [PATCH 5/5] qemuDomainDetachDeviceUnlink: Don't unlink
	files we haven't created
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]);
 Fri, 28 Apr 2017 11:22:41 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Even though there are several checks before calling this function
and for some scenarios we don't call it at all (e.g. on disk hot
unplug), it may be possible to sneak in some weird files (e.g. if
domain would have RNG with /dev/shm/some_file as its backend). No
matter how improbable, we shouldn't unlink it as we would be
unlinking a file from the host which we haven't created in the
first place.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/qemu/qemu_domain.c | 86 ++++++++++++++++++++++++++++++++++++++++++++--=
----
 1 file changed, 76 insertions(+), 10 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 60f8f01..c393d5e 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -8395,14 +8395,32 @@ qemuDomainDetachDeviceUnlinkHelper(pid_t pid ATTRIB=
UTE_UNUSED,
 static int
 qemuDomainDetachDeviceUnlink(virQEMUDriverPtr driver ATTRIBUTE_UNUSED,
                              virDomainObjPtr vm,
-                             const char *file)
+                             const char *file,
+                             char * const *devMountsPath,
+                             size_t ndevMountsPath)
 {
-    if (virProcessRunInMountNamespace(vm->pid,
-                                      qemuDomainDetachDeviceUnlinkHelper,
-                                      (void *)file) < 0)
-        return -1;
+    int ret =3D -1;
+    size_t i;
=20
-    return 0;
+    if (STRPREFIX(file, DEVPREFIX)) {
+        for (i =3D 0; i < ndevMountsPath; i++) {
+            if (STREQ(devMountsPath[i], "/dev"))
+                continue;
+            if (STRPREFIX(file, devMountsPath[i]))
+                break;
+        }
+
+        if (i =3D=3D ndevMountsPath) {
+            if (virProcessRunInMountNamespace(vm->pid,
+                                              qemuDomainDetachDeviceUnlink=
Helper,
+                                              (void *)file) < 0)
+                goto cleanup;
+        }
+    }
+
+    ret =3D 0;
+ cleanup:
+    return ret;
 }
=20
=20
@@ -8521,6 +8539,9 @@ qemuDomainNamespaceTeardownHostdev(virQEMUDriverPtr d=
river,
                                    virDomainObjPtr vm,
                                    virDomainHostdevDefPtr hostdev)
 {
+    virQEMUDriverConfigPtr cfg =3D NULL;
+    char **devMountsPath =3D NULL;
+    size_t ndevMountsPath =3D 0;
     int ret =3D -1;
     char **path =3D NULL;
     size_t i, npaths =3D 0;
@@ -8532,8 +8553,15 @@ qemuDomainNamespaceTeardownHostdev(virQEMUDriverPtr =
driver,
                                  &npaths, &path, NULL) < 0)
         goto cleanup;
=20
+    cfg =3D virQEMUDriverGetConfig(driver);
+    if (qemuDomainGetPreservedMounts(cfg, vm,
+                                     &devMountsPath, NULL,
+                                     &ndevMountsPath) < 0)
+        goto cleanup;
+
     for (i =3D 0; i < npaths; i++) {
-        if (qemuDomainDetachDeviceUnlink(driver, vm, path[i]) < 0)
+        if (qemuDomainDetachDeviceUnlink(driver, vm, path[i],
+                                         devMountsPath, ndevMountsPath) < =
0)
             goto cleanup;
     }
=20
@@ -8542,6 +8570,8 @@ qemuDomainNamespaceTeardownHostdev(virQEMUDriverPtr d=
river,
     for (i =3D 0; i < npaths; i++)
         VIR_FREE(path[i]);
     VIR_FREE(path);
+    virStringListFreeCount(devMountsPath, ndevMountsPath);
+    virObjectUnref(cfg);
     return ret;
 }
=20
@@ -8584,6 +8614,9 @@ qemuDomainNamespaceTeardownMemory(virQEMUDriverPtr dr=
iver,
                                   virDomainObjPtr vm,
                                   virDomainMemoryDefPtr mem)
 {
+    virQEMUDriverConfigPtr cfg =3D NULL;
+    char **devMountsPath =3D NULL;
+    size_t ndevMountsPath =3D 0;
     int ret =3D -1;
=20
     if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM)
@@ -8592,10 +8625,19 @@ qemuDomainNamespaceTeardownMemory(virQEMUDriverPtr =
driver,
     if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
         return 0;
=20
-    if (qemuDomainDetachDeviceUnlink(driver, vm, mem->nvdimmPath) < 0)
+    cfg =3D virQEMUDriverGetConfig(driver);
+    if (qemuDomainGetPreservedMounts(cfg, vm,
+                                     &devMountsPath, NULL,
+                                     &ndevMountsPath) < 0)
+        goto cleanup;
+
+    if (qemuDomainDetachDeviceUnlink(driver, vm, mem->nvdimmPath,
+                                     devMountsPath, ndevMountsPath) < 0)
         goto cleanup;
     ret =3D 0;
  cleanup:
+    virStringListFreeCount(devMountsPath, ndevMountsPath);
+    virObjectUnref(cfg);
     return ret;
 }
=20
@@ -8643,6 +8685,9 @@ qemuDomainNamespaceTeardownChardev(virQEMUDriverPtr d=
river,
                                    virDomainObjPtr vm,
                                    virDomainChrDefPtr chr)
 {
+    virQEMUDriverConfigPtr cfg =3D NULL;
+    char **devMountsPath =3D NULL;
+    size_t ndevMountsPath =3D 0;
     int ret =3D -1;
     const char *path =3D NULL;
=20
@@ -8654,11 +8699,20 @@ qemuDomainNamespaceTeardownChardev(virQEMUDriverPtr=
 driver,
=20
     path =3D chr->source->data.file.path;
=20
-    if (qemuDomainDetachDeviceUnlink(driver, vm, path) < 0)
+    cfg =3D virQEMUDriverGetConfig(driver);
+    if (qemuDomainGetPreservedMounts(cfg, vm,
+                                     &devMountsPath, NULL,
+                                     &ndevMountsPath) < 0)
+        goto cleanup;
+
+    if (qemuDomainDetachDeviceUnlink(driver, vm, path,
+                                     devMountsPath, ndevMountsPath) < 0)
         goto cleanup;
=20
     ret =3D 0;
  cleanup:
+    virStringListFreeCount(devMountsPath, ndevMountsPath);
+    virObjectUnref(cfg);
     return ret;
 }
=20
@@ -8712,6 +8766,9 @@ qemuDomainNamespaceTeardownRNG(virQEMUDriverPtr drive=
r,
                                virDomainObjPtr vm,
                                virDomainRNGDefPtr rng)
 {
+    virQEMUDriverConfigPtr cfg =3D NULL;
+    char **devMountsPath =3D NULL;
+    size_t ndevMountsPath =3D 0;
     int ret =3D -1;
     const char *path =3D NULL;
=20
@@ -8729,11 +8786,20 @@ qemuDomainNamespaceTeardownRNG(virQEMUDriverPtr dri=
ver,
         goto cleanup;
     }
=20
-    if (qemuDomainDetachDeviceUnlink(driver, vm, path) < 0)
+    cfg =3D virQEMUDriverGetConfig(driver);
+    if (qemuDomainGetPreservedMounts(cfg, vm,
+                                     &devMountsPath, NULL,
+                                     &ndevMountsPath) < 0)
+        goto cleanup;
+
+    if (qemuDomainDetachDeviceUnlink(driver, vm, path,
+                                     devMountsPath, ndevMountsPath) < 0)
         goto cleanup;
=20
     ret =3D 0;
  cleanup:
+    virStringListFreeCount(devMountsPath, ndevMountsPath);
+    virObjectUnref(cfg);
     return ret;
 }
=20
--=20
2.10.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list