From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266745; cv=none; d=zohomail.com; s=zohoarc; b=PS336pXzcyTAlC75LErqVk1cc1Vlncla+HtGwHCBWAz7wgJq27NdI+/xEj/4rTi8ybNLT2uD92hj3/+fWW7OJNFNAkDBLiHBU91rr99P15Fg6VRtnVY00HiSI6J6a3WMdhAE8xHJfzNymreMZ5eVZwd1uv71D7zW0dNtZrEc4gM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266745; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=dURZ0LhtRxgSVyvEZk9FC9pOr3aPm1nZI31Bi4ANwCs=; b=YUAFKch4g/xKuZ0F4YewfnJBop+4y52RZ2e57Gu384RyLPpFNs/DxbkAS/503/Dmmsc7WpVWJnUDnTvooMAlcvwftDeticfD4wNqYNwiaUNYWXPEswW8If1XGgn4lcmWjqKds00C/9aJsJNqR4lzY9bcg2LtxHcE9F3225bEKFQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1673266745857905.1250712309796; Mon, 9 Jan 2023 04:19:05 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-3-T927_k9WMRqIVb0gJt5SYw-1; Mon, 09 Jan 2023 07:19:03 -0500 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 88FE7100F902; Mon, 9 Jan 2023 12:19:00 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 74DA3492C1B; Mon, 9 Jan 2023 12:19:00 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 66DF71947B89; Mon, 9 Jan 2023 12:19:00 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id DB9631946586 for ; Mon, 9 Jan 2023 12:18:58 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id BF52E4014CE2; Mon, 9 Jan 2023 12:18:58 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0345F40ED76D for ; Mon, 9 Jan 2023 12:18:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266744; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=dURZ0LhtRxgSVyvEZk9FC9pOr3aPm1nZI31Bi4ANwCs=; b=bpFse6fUPi6HOtyxzn3zMB/jXmDtY91zpEHOnNdc2QIfnVMFLf8/YLt2uYRsq9yrY+LF3t wPDXrqHEilyBCNcFLbLZsOIl43eSNCQFPNeWnZY3CkjZEXnes4jRM1LfREy6HXeIimp/Uw mGlReCAs4wnc1WdvfbSmIV/rRlok0gY= X-MC-Unique: T927_k9WMRqIVb0gJt5SYw-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 01/17] lib: Introduce virDomainFDAssociate API Date: Mon, 9 Jan 2023 13:18:39 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266747090100001 Content-Type: text/plain; charset="utf-8" The API can be used to associate one or more (e.g. a RO and RW fd for a disk backend image) FDs to a VM. They can be then used per definition. The primary use case for now is for complex deployment where libvirtd/virtqemud may be run inside a container and getting the image into the container is complicated. In the future it will also allow passing e.g. vhost FDs and other resources to a VM without the need to have a filesystem representation for it. Passing raw FDs has few intricacies and thus libvirt will by default not restore security labels. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- include/libvirt/libvirt-domain.h | 20 ++++++++ src/driver-hypervisor.h | 8 +++ src/libvirt-domain.c | 80 +++++++++++++++++++++++++++++ src/libvirt_public.syms | 5 ++ src/remote/remote_daemon_dispatch.c | 40 +++++++++++++++ src/remote/remote_driver.c | 27 ++++++++++ src/remote/remote_protocol.x | 14 ++++- src/remote_protocol-structs | 6 +++ 8 files changed, 199 insertions(+), 1 deletion(-) diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-dom= ain.h index 295fd30c93..014cd2a1c4 100644 --- a/include/libvirt/libvirt-domain.h +++ b/include/libvirt/libvirt-domain.h @@ -6457,4 +6457,24 @@ int virDomainStartDirtyRateCalc(virDomainPtr domain, int seconds, unsigned int flags); + +/** + * virDomainFDAssociateFlags: + * + * Since: 9.0.0 + */ +typedef enum { + /* Attempt a best-effort restore of security labels after use (Since: = 9.0.0) */ + VIR_DOMAIN_FD_ASSOCIATE_SECLABEL_RESTORE =3D (1 << 0), + /* Use a seclabel allowing writes for the FD even if usage implies rea= d-only mode (Since: 9.0.0) */ + VIR_DOMAIN_FD_ASSOCIATE_SECLABEL_WRITABLE =3D (1 << 1), +} virDomainFDAssociateFlags; + + +int virDomainFDAssociate(virDomainPtr domain, + const char *name, + unsigned int nfds, + int *fds, + unsigned int flags); + #endif /* LIBVIRT_DOMAIN_H */ diff --git a/src/driver-hypervisor.h b/src/driver-hypervisor.h index 016d5cec7c..5219344b72 100644 --- a/src/driver-hypervisor.h +++ b/src/driver-hypervisor.h @@ -1441,6 +1441,13 @@ typedef int int seconds, unsigned int flags); +typedef int +(*virDrvDomainFDAssociate)(virDomainPtr domain, + const char *name, + unsigned int nfds, + int *fds, + unsigned int flags); + typedef struct _virHypervisorDriver virHypervisorDriver; /** @@ -1712,4 +1719,5 @@ struct _virHypervisorDriver { virDrvDomainAuthorizedSSHKeysSet domainAuthorizedSSHKeysSet; virDrvDomainGetMessages domainGetMessages; virDrvDomainStartDirtyRateCalc domainStartDirtyRateCalc; + virDrvDomainFDAssociate domainFDAssociate; }; diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c index 78c26b2219..3199a27065 100644 --- a/src/libvirt-domain.c +++ b/src/libvirt-domain.c @@ -13972,3 +13972,83 @@ virDomainStartDirtyRateCalc(virDomainPtr domain, virDispatchError(conn); return -1; } + + +/** + * virDomainFDAssociate: + * @domain: a domain object + * @name: name for the file descriptor group + * @nfds: number of fds in @fds + * @fds: file descriptors to associate with domain + * @flags: optional flags; bitwise-OR of supported virDomainFDAssociateFla= gs + * + * Associate the FDs in @fd with @domain under @name. The FDs are associat= ed as + * long as the connection used to associated exists and are disposed of + * afterwards. FD may still be kept open by the hypervisor for as long as = it's + * needed. + * + * Security labelling (e.g. via the selinux) may be applied on the passed = FDs + * when required for usage by the VM. By default libvirt does not restore = the + * seclabels on the FDs afterwards to avoid keeping it open unnecessarily. + * + * Restoring of the security label can be requested by passing either + * VIR_DOMAIN_FD_ASSOCIATE_SECLABEL_RESTORE for a best-effort attempt to r= estore + * the security label after use. + * Requesting the restore of security label will require that the file + * descriptors are kept open for the whole time they are used by the hyper= visor, + * or other additional overhead. + * + * In certain cases usage of the fd group would imply read-only access. Pa= ssing + * VIR_DOMAIN_FD_ASSOCIATE_SECLABEL_WRITABLE in @flags ensures that a writ= able + * security label is picked in case when the file represented by the fds m= ay + * be used in write mode. + * + * Returns 0 on success, -1 on error. + * + * Since: 9.0.0 + */ +int +virDomainFDAssociate(virDomainPtr domain, + const char *name, + unsigned int nfds, + int *fds, + unsigned int flags) +{ + virConnectPtr conn; + int rc; + + VIR_DOMAIN_DEBUG(domain, + "name=3D'%s', nfds=3D%u, fds=3D%p, flags=3D0x%x", + name, nfds, fds, flags); + + virResetLastError(); + + conn =3D domain->conn; + + if ((rc =3D VIR_DRV_SUPPORTS_FEATURE(conn->driver, conn, VIR_DRV_FEATU= RE_FD_PASSING)) < 0) + goto error; + + if (rc =3D=3D 0) { + virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED, "%s", + _("fd passing is not supported by this connection")= ); + goto error; + } + + virCheckNonZeroArgGoto(nfds, error); + virCheckNonNullArgGoto(fds, error); + virCheckReadOnlyGoto(conn->flags, error); + + if (!conn->driver->domainFDAssociate) { + virReportUnsupportedError(); + goto error; + } + + if ((rc =3D conn->driver->domainFDAssociate(domain, name, nfds, fds, f= lags)) < 0) + goto error; + + return rc; + + error: + virDispatchError(conn); + return -1; +} diff --git a/src/libvirt_public.syms b/src/libvirt_public.syms index 297a2c436a..80742f268e 100644 --- a/src/libvirt_public.syms +++ b/src/libvirt_public.syms @@ -927,4 +927,9 @@ LIBVIRT_8.5.0 { virDomainAbortJobFlags; } LIBVIRT_8.4.0; +LIBVIRT_9.0.0 { + global: + virDomainFDAssociate; +} LIBVIRT_8.5.0; + # .... define new API here using predicted next version number .... diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon= _dispatch.c index 7efe58b36b..40c734ce6b 100644 --- a/src/remote/remote_daemon_dispatch.c +++ b/src/remote/remote_daemon_dispatch.c @@ -7443,3 +7443,43 @@ remoteDispatchDomainGetMessages(virNetServer *server= G_GNUC_UNUSED, return rv; } + + +static int +remoteDispatchDomainFdAssociate(virNetServer *server G_GNUC_UNUSED, + virNetServerClient *client, + virNetMessage *msg, + struct virNetMessageError *rerr, + remote_domain_fd_associate_args *args) +{ + virDomainPtr dom =3D NULL; + int *fds =3D NULL; + unsigned int nfds =3D 0; + int rv =3D -1; + virConnectPtr conn =3D remoteGetHypervisorConn(client); + size_t i; + + if (!conn) + goto cleanup; + + if (!(dom =3D get_nonnull_domain(conn, args->dom))) + goto cleanup; + + fds =3D g_new0(int, msg->nfds); + for (i =3D 0; i < msg->nfds; i++) { + if ((fds[i] =3D virNetMessageDupFD(msg, i)) < 0) + goto cleanup; + nfds++; + } + + if (virDomainFDAssociate(dom, args->name, nfds, fds, args->flags) < 0) + goto cleanup; + + rv =3D 0; + + cleanup: + if (rv < 0) + virNetMessageSaveError(rerr); + virObjectUnref(dom); + return rv; +} diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index 8fa9d20593..957635617d 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -8198,6 +8198,32 @@ remoteDomainGetMessages(virDomainPtr domain, return rv; } + +static int +remoteDomainFDAssociate(virDomainPtr domain, + const char *name, + unsigned int nfds, + int *fds, + unsigned int flags) +{ + remote_domain_fd_associate_args args; + struct private_data *priv =3D domain->conn->privateData; + VIR_LOCK_GUARD lock =3D remoteDriverLock(priv); + + make_nonnull_domain(&args.dom, domain); + args.name =3D (char *)name; + args.flags =3D flags; + + if (callFull(domain->conn, priv, 0, fds, nfds, NULL, NULL, + REMOTE_PROC_DOMAIN_FD_ASSOCIATE, + (xdrproc_t) xdr_remote_domain_fd_associate_args, (char *)= &args, + (xdrproc_t) xdr_void, (char *) NULL) =3D=3D -1) + return -1; + + return 0; +} + + /* get_nonnull_domain and get_nonnull_network turn an on-wire * (name, uuid) pair into virDomainPtr or virNetworkPtr object. * These can return NULL if underlying memory allocations fail, @@ -8638,6 +8664,7 @@ static virHypervisorDriver hypervisor_driver =3D { .domainGetMessages =3D remoteDomainGetMessages, /* 7.1.0 */ .domainStartDirtyRateCalc =3D remoteDomainStartDirtyRateCalc, /* 7.2.0= */ .domainSetLaunchSecurityState =3D remoteDomainSetLaunchSecurityState, = /* 8.0.0 */ + .domainFDAssociate =3D remoteDomainFDAssociate, /* 8.9.0 */ }; static virNetworkDriver network_driver =3D { diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x index 7dfb4548f4..c34d6f189d 100644 --- a/src/remote/remote_protocol.x +++ b/src/remote/remote_protocol.x @@ -3929,6 +3929,12 @@ struct remote_domain_event_memory_device_size_change= _msg { unsigned hyper size; }; + +struct remote_domain_fd_associate_args { + remote_nonnull_domain dom; + remote_nonnull_string name; + unsigned int flags; +}; /*----- Protocol. -----*/ /* Define the program number, protocol version and procedure numbers here.= */ @@ -6961,5 +6967,11 @@ enum remote_procedure { * @generate: both * @acl: domain:write */ - REMOTE_PROC_DOMAIN_ABORT_JOB_FLAGS =3D 442 + REMOTE_PROC_DOMAIN_ABORT_JOB_FLAGS =3D 442, + + /** + * @generate: none + * @acl: domain:write + */ + REMOTE_PROC_DOMAIN_FD_ASSOCIATE =3D 443 }; diff --git a/src/remote_protocol-structs b/src/remote_protocol-structs index ca5222439d..3c6c230a16 100644 --- a/src/remote_protocol-structs +++ b/src/remote_protocol-structs @@ -3268,6 +3268,11 @@ struct remote_domain_event_memory_device_size_change= _msg { remote_nonnull_string alias; uint64_t size; }; +struct remote_domain_fd_associate_args { + remote_nonnull_domain dom; + remote_nonnull_string name; + u_int flags; +}; enum remote_procedure { REMOTE_PROC_CONNECT_OPEN =3D 1, REMOTE_PROC_CONNECT_CLOSE =3D 2, @@ -3711,4 +3716,5 @@ enum remote_procedure { REMOTE_PROC_DOMAIN_SAVE_PARAMS =3D 440, REMOTE_PROC_DOMAIN_RESTORE_PARAMS =3D 441, REMOTE_PROC_DOMAIN_ABORT_JOB_FLAGS =3D 442, + REMOTE_PROC_DOMAIN_FD_ASSOCIATE =3D 443, }; --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266749; cv=none; d=zohomail.com; s=zohoarc; b=mMll5oGKrnLzZ/QClkwAE94TWrJzxE6lJwjJ+UetH0ko7IUd3GXgrD6YhbtfjeyhrgKJKMuyoAdjqelvv8qhSb9k8t/rX1j6cfSxgzem6wH4LYdnbkeDvMi9MKR5LreDMEe64/ZezgsRXMFRW+AzdABzVTqZjr0VeZuAVEGIgPQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266749; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=6wsWUSaOWDSeSP9MkydOJPt+4/51b0mS1A6ZIVCDa7s=; b=m0hwbZbvmEOvpxRWdgV7PuwJGWZf7bLY4pCLgJF352frW7aEH5C2Ghu6U/AdR1lzywQpEj8EFLv5aG28QzEG1CngxDVA0RR899sLlfIC6Uu95yTsPPhxtKjk9T12STQiuX7on8mvU/ATG38B/EM1YXhUtOPk1WbhhzYmdprSWCk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 167326674900057.640848860462256; Mon, 9 Jan 2023 04:19:09 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-369-Jr7TGzAXMte0BQl2Mz-Ziw-1; Mon, 09 Jan 2023 07:19:03 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 0E903811E6E; Mon, 9 Jan 2023 12:19:01 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id ED4F940C2064; Mon, 9 Jan 2023 12:19:00 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id D6AA41947B8C; Mon, 9 Jan 2023 12:19:00 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id D29A01946586 for ; Mon, 9 Jan 2023 12:18:59 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id B535440C115E; Mon, 9 Jan 2023 12:18:59 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2CDC240C1141 for ; Mon, 9 Jan 2023 12:18:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266747; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=6wsWUSaOWDSeSP9MkydOJPt+4/51b0mS1A6ZIVCDa7s=; b=RTJbK3Q/cIS12RxccEz5dxas9E1AMLiOOkK3jIFCJShH6Eriv6Hfecx2alxe/69f2nFXWZ 7bya3NUkowRdYzJY5tblIzYFBPwZqdP4bjsQ6uHLvmSbTDnELdCa7PesVow8qSiewz9xzM /UqAh3PbRNpjwfAzkuI9YTCuaO7KZN0= X-MC-Unique: Jr7TGzAXMte0BQl2Mz-Ziw-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 02/17] virsh: Introduce 'dom-fd-associate' for invoking virDomainFDAssociate() Date: Mon, 9 Jan 2023 13:18:40 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266751059100001 Content-Type: text/plain; charset="utf-8" Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- docs/manpages/virsh.rst | 19 +++++++++++ tools/virsh-domain.c | 76 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 95 insertions(+) diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst index c85bc8151d..88b7fa1da8 100644 --- a/docs/manpages/virsh.rst +++ b/docs/manpages/virsh.rst @@ -5225,6 +5225,25 @@ If *--print-xml* is specified, the XML that would be= used to change media is printed instead of changing the media. +dom-fd-associate +---------------- + +**Syntax:** + +:: + + dom-fd-associate domain --name FDGROUPNAME --pass-fds M,N,.... + [--seclabel-writable] [--seclabel-restore] + +Associate one or more fds described via *--pass-fds* argument to *domain* = as +*--name*. The lifetime of the passed fd group is the same as the connectio= n, thus +exitting virsh un-registers them afterwards. + +By default security labels are applied if needed but they are not restored= after +use to avoid keeping them open unnecessarily. Best-effort security label r= estore +may be requested by using the *--seclabel-restore* flag. + + NODEDEV COMMANDS =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index 2d162cf8c0..3751b69e03 100644 --- a/tools/virsh-domain.c +++ b/tools/virsh-domain.c @@ -9816,6 +9816,76 @@ cmdDomSetLaunchSecState(vshControl * ctl, const vshC= md * cmd) return ret; } + +/* + * "dom-fd-associate" command + */ +static const vshCmdInfo info_dom_fd_associate[] =3D { + {.name =3D "help", + .data =3D N_("associate a FD with a domain") + }, + {.name =3D "desc", + .data =3D N_("associate a FD with a domain") + }, + {.name =3D NULL} +}; + +static const vshCmdOptDef opts_dom_fd_associate[] =3D { + VIRSH_COMMON_OPT_DOMAIN_FULL(0), + {.name =3D "name", + .type =3D VSH_OT_DATA, + .flags =3D VSH_OFLAG_REQ, + .completer =3D virshCompleteEmpty, + .help =3D N_("name of the FD group") + }, + {.name =3D "pass-fds", + .type =3D VSH_OT_DATA, + .flags =3D VSH_OFLAG_REQ, + .completer =3D virshCompleteEmpty, + .help =3D N_("file descriptors N,M,... to associate") + }, + {.name =3D "seclabel-writable", + .type =3D VSH_OT_BOOL, + .help =3D N_("use seclabels allowing writes") + }, + {.name =3D "seclabel-restore", + .type =3D VSH_OT_BOOL, + .help =3D N_("try to restore security label after use if possible") + }, + {.name =3D NULL} +}; + +static bool +cmdDomFdAssociate(vshControl *ctl, const vshCmd *cmd) +{ + g_autoptr(virshDomain) dom =3D NULL; + const char *name =3D NULL; + unsigned int flags =3D 0; + g_autofree int *fds =3D NULL; + size_t nfds =3D 0; + + if (vshCommandOptBool(cmd, "seclabel-writable")) + flags |=3D VIR_DOMAIN_FD_ASSOCIATE_SECLABEL_WRITABLE; + + if (vshCommandOptBool(cmd, "seclabel-restore")) + flags |=3D VIR_DOMAIN_FD_ASSOCIATE_SECLABEL_RESTORE; + + if (!(dom =3D virshCommandOptDomain(ctl, cmd, NULL))) + return false; + + if (vshCommandOptStringReq(ctl, cmd, "name", &name) < 0) + return false; + + if (virshFetchPassFdsList(ctl, cmd, &nfds, &fds) < 0) + return false; + + if (virDomainFDAssociate(dom, name, nfds, fds, flags) < 0) + return false; + + return true; +} + + /* * "qemu-monitor-command" command */ @@ -14417,5 +14487,11 @@ const vshCmdDef domManagementCmds[] =3D { .info =3D info_domdirtyrate_calc, .flags =3D 0 }, + {.name =3D "dom-fd-associate", + .handler =3D cmdDomFdAssociate, + .opts =3D opts_dom_fd_associate, + .info =3D info_dom_fd_associate, + .flags =3D 0 + }, {.name =3D NULL} }; --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266749; cv=none; d=zohomail.com; s=zohoarc; b=HzDKRV7FDKEcDNax4UttRMVW7YepFweoagr21WSAUHrDhF/nWd0X0EJI9gEadDyeJvbZ9dFGuRAS/VYL5cFVZ5NOpPaBLP69e224eLfUHMQTXvQPmtTSPG9XMGgleFA5BmnOTfSrOy9UhlL/Sqa7ATHWs6UnR3GdFPPyBM4pB40= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266749; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=/hbg24SzlLEyckRn3gqIUB7o9g20CVxULGP9IdhscOo=; b=LFnHXhIf14HBnFfzgDgkYzscFiqOMSyYSWkIf55Z32213W+qUJ2I58iQrqKxyO1pNBcl4BqSCptsNpNS1VMhH9gSiOQLIVDHp5wr1BfgswHZ1/t4uYOlA6wXap8yIt57fFeXnYOp+LWXH3B1/IeXJYAGIWbn3rZzz4Pf4Ypp4Lw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1673266749476288.5083978687891; Mon, 9 Jan 2023 04:19:09 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-28-cMRWakG5NdGuw_ZIfXXoaA-1; Mon, 09 Jan 2023 07:19:05 -0500 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 021F83803919; Mon, 9 Jan 2023 12:19:03 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id DED0E2026D76; Mon, 9 Jan 2023 12:19:02 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 9EA751947B8B; Mon, 9 Jan 2023 12:19:02 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id CA6391946586 for ; Mon, 9 Jan 2023 12:19:00 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id B08504014CE2; Mon, 9 Jan 2023 12:19:00 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 272B7401530D for ; Mon, 9 Jan 2023 12:18:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266748; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=/hbg24SzlLEyckRn3gqIUB7o9g20CVxULGP9IdhscOo=; b=BJuYjYiCV8Yhw/4TntlTKh58A97gXqNU+LDHQFU38e5cv8L/FnOpKrHw5fZ1d9JudRcn7x J4cPJqEidN6JJpc5EXoJzRTMAPs7txkWOXKRL1Ihos9rPrJ+fqRV9uDG5M+9HBOoAsFQLs Gi9pnaDuQluUxx/uTd5MChUvAbsyD3o= X-MC-Unique: cMRWakG5NdGuw_ZIfXXoaA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 03/17] conf: storage_source: Introduce type for storing FDs associated for storage Date: Mon, 9 Jan 2023 13:18:41 +0100 Message-Id: <9bf73cdb0d81e217bc0cf2083d518d9a9ebe9d46.1673266652.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266751066100002 Content-Type: text/plain; charset="utf-8" For FD-passing of disk sources we'll need to keep the FDs around. Introduce a data type helper based on a g_object so that we get reference counting. One instance will (due to security labelling) will need to be part of the virStorageSource struct thus it's declared in the storage_source_conf module. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/conf/storage_source_conf.c | 41 ++++++++++++++++++++++++++++++++++ src/conf/storage_source_conf.h | 17 ++++++++++++++ src/libvirt_private.syms | 1 + 3 files changed, 59 insertions(+) diff --git a/src/conf/storage_source_conf.c b/src/conf/storage_source_conf.c index 6ab9ed6ac5..8e2a85968d 100644 --- a/src/conf/storage_source_conf.c +++ b/src/conf/storage_source_conf.c @@ -28,6 +28,7 @@ #include "virerror.h" #include "virlog.h" #include "virstring.h" +#include "virfile.h" #define VIR_FROM_THIS VIR_FROM_STORAGE @@ -1361,3 +1362,43 @@ virStorageSourceInitiatorClear(virStorageSourceIniti= atorDef *initiator) { VIR_FREE(initiator->iqn); } + +G_DEFINE_TYPE(virStorageSourceFDTuple, vir_storage_source_fd_tuple, G_TYPE= _OBJECT); + +static void +vir_storage_source_fd_tuple_init(virStorageSourceFDTuple *fdt G_GNUC_UNUSE= D) +{ +} + + +static void +virStorageSourceFDTupleFinalize(GObject *object) +{ + virStorageSourceFDTuple *fdt =3D VIR_STORAGE_SOURCE_FD_TUPLE(object); + size_t i; + + if (!fdt) + return; + + for (i =3D 0; i < fdt->nfds; i++) + VIR_FORCE_CLOSE(fdt->fds[i]); + + g_free(fdt->fds); + G_OBJECT_CLASS(vir_storage_source_fd_tuple_parent_class)->finalize(obj= ect); +} + + +static void +vir_storage_source_fd_tuple_class_init(virStorageSourceFDTupleClass *klass) +{ + GObjectClass *obj =3D G_OBJECT_CLASS(klass); + + obj->finalize =3D virStorageSourceFDTupleFinalize; +} + + +virStorageSourceFDTuple * +virStorageSourceFDTupleNew(void) +{ + return g_object_new(vir_storage_source_fd_tuple_get_type(), NULL); +} diff --git a/src/conf/storage_source_conf.h b/src/conf/storage_source_conf.h index f2440cec6a..9cd1a0c137 100644 --- a/src/conf/storage_source_conf.h +++ b/src/conf/storage_source_conf.h @@ -258,6 +258,23 @@ struct _virStorageSourceSlice { }; +struct _virStorageSourceFDTuple { + GObject parent; + int *fds; + size_t nfds; + + bool writable; + bool tryRestoreLabel; + + /* connection this FD tuple is associated with for auto-closing */ + virConnect *conn; +}; +G_DECLARE_FINAL_TYPE(virStorageSourceFDTuple, vir_storage_source_fd_tuple,= VIR, STORAGE_SOURCE_FD_TUPLE, GObject); + +virStorageSourceFDTuple * +virStorageSourceFDTupleNew(void); + + typedef struct _virStorageSource virStorageSource; /* Stores information related to a host resource. In the case of backing diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index b81c2cc7da..ef88e2b49f 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1117,6 +1117,7 @@ virStorageSourceChainHasManagedPR; virStorageSourceChainHasNVMe; virStorageSourceClear; virStorageSourceCopy; +virStorageSourceFDTupleNew; virStorageSourceGetActualType; virStorageSourceGetSecurityLabelDef; virStorageSourceHasBacking; --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266804; cv=none; d=zohomail.com; s=zohoarc; b=Vfky9a+KTAibdUDvJn3CVjoU4bfUHOVv920kBtsi532FRqzu0BfJoB0iHXbKDQ99UKksxz/EFrQhDteXlm037Pdzr4fZO51QETF29VvcrRxFOkC0Fa0qB1CMnDU/M05YYw+NCwKh7/LjgWtI3IqqtRE0GDYrPTVJ5vv3QzpL6DY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266804; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=IVbYDCKxeiPfMZJ3y98+wtYyHiRbhQtCcK17us/gqHU=; b=LM4/L/oqHMR5kkxwkD6m9cHJgytYbPXobo0ooGJE5JI0LABWMkCGH/G8lUdj1jWuXDBHmEB0N7kqqfigEJPn++q0CapWE55bkwhucR5txob8S6yH+1N5P+k83gWp6tp02WC158sdrcRFW7GS4hatnyd3/h78u6BUh1J+Bb2sZTk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1673266804917248.7316322148123; Mon, 9 Jan 2023 04:20:04 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-541-JKebBadvPeadGkla0uHHXA-1; Mon, 09 Jan 2023 07:19:06 -0500 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 754F1857F49; Mon, 9 Jan 2023 12:19:03 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5BDCD492C14; Mon, 9 Jan 2023 12:19:03 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id D97EE1947B9B; Mon, 9 Jan 2023 12:19:02 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id B69831946586 for ; Mon, 9 Jan 2023 12:19:01 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id A8BD04014CE2; Mon, 9 Jan 2023 12:19:01 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 21FA340C1141 for ; Mon, 9 Jan 2023 12:19:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266804; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=IVbYDCKxeiPfMZJ3y98+wtYyHiRbhQtCcK17us/gqHU=; b=OUnRt4bdzTTIGQ2mWVve01ybuXctg+TAtFBLuLhVln6ubvevmbp4EUflQxoraLtNVO4ciu lXysaTTpMVCKJDQAlshIIlP8K6oHjBeTN5LZsbENfGEoTS1mrUIBlH0PZpiQ1MydFw4R55 oJbrboEhnXMsubojozSIBZmH4AXjjnw= X-MC-Unique: JKebBadvPeadGkla0uHHXA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 04/17] qemu: Implement qemuDomainFDAssociate Date: Mon, 9 Jan 2023 13:18:42 +0100 Message-Id: <38b73e8297e23aa3a913628ce266f16f1e4a8d56.1673266652.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266805336100003 Content-Type: text/plain; charset="utf-8" Implement passing and storage of FDs for the qemu driver. The FD tuples are g_object instances stored in a per-domain hash table and are automatically removed once the connection is closed. In the future we can consider supporting also to not tie the lifetime of the passed FDs bound to the connection. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/qemu/qemu_domain.c | 2 ++ src/qemu/qemu_domain.h | 3 ++ src/qemu/qemu_driver.c | 67 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 72 insertions(+) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 5c05032ce3..33a9145cc9 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1845,6 +1845,7 @@ qemuDomainObjPrivateFree(void *data) qemuDomainMasterKeyFree(priv); g_clear_pointer(&priv->blockjobs, g_hash_table_unref); + g_clear_pointer(&priv->fds, g_hash_table_unref); /* This should never be non-NULL if we get here, but just in case... */ if (priv->eventThread) { @@ -1872,6 +1873,7 @@ qemuDomainObjPrivateAlloc(void *opaque) return NULL; priv->blockjobs =3D virHashNew(virObjectUnref); + priv->fds =3D virHashNew(g_object_unref); /* agent commands block by default, user can choose different behavior= */ priv->agentTimeout =3D VIR_DOMAIN_AGENT_RESPONSE_TIMEOUT_BLOCK; diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 2f027fad87..1cba3fa394 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -253,6 +253,9 @@ struct _qemuDomainObjPrivate { pid_t schedCoreChildFD; GSList *threadContextAliases; /* List of IDs of thread-context objects= */ + + /* named file descriptor groups associated with the VM */ + GHashTable *fds; }; #define QEMU_DOMAIN_PRIVATE(vm) \ diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index f4bd081f3c..e86ebd8330 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -20643,6 +20643,72 @@ qemuDomainStartDirtyRateCalc(virDomainPtr dom, } +static void +qemuDomainFDHashCloseConnect(virDomainObj *vm, + virConnectPtr conn) +{ + qemuDomainObjPrivate *priv =3D QEMU_DOMAIN_PRIVATE(vm); + virStorageSourceFDTuple *data; + GHashTableIter htitr; + + if (!priv->fds) + return; + + g_hash_table_iter_init(&htitr, priv->fds); + + while (g_hash_table_iter_next(&htitr, NULL, (void **) &data)) { + if (data->conn =3D=3D conn) + g_hash_table_iter_remove(&htitr); + } +} + + +static int +qemuDomainFDAssociate(virDomainPtr domain, + const char *name, + unsigned int nfds, + int *fds, + unsigned int flags) +{ + virDomainObj *vm =3D NULL; + qemuDomainObjPrivate *priv; + virStorageSourceFDTuple *new; + int ret =3D -1; + + virCheckFlags(VIR_DOMAIN_FD_ASSOCIATE_SECLABEL_RESTORE | + VIR_DOMAIN_FD_ASSOCIATE_SECLABEL_WRITABLE, -1); + + if (nfds =3D=3D 0) + return 0; + + if (!(vm =3D qemuDomainObjFromDomain(domain))) + return -1; + + if (virDomainFdAssociateEnsureACL(domain->conn, vm->def)) + goto cleanup; + + priv =3D vm->privateData; + + new =3D virStorageSourceFDTupleNew(); + new->fds =3D fds; + new->nfds =3D nfds; + new->conn =3D domain->conn; + + new->writable =3D flags & VIR_DOMAIN_FD_ASSOCIATE_SECLABEL_WRITABLE; + new->tryRestoreLabel =3D flags & VIR_DOMAIN_FD_ASSOCIATE_SECLABEL_REST= ORE; + + virCloseCallbacksDomainAdd(vm, domain->conn, qemuDomainFDHashCloseConn= ect); + + g_hash_table_insert(priv->fds, g_strdup(name), new); + + ret =3D 0; + + cleanup: + virDomainObjEndAPI(&vm); + return ret; +} + + static virHypervisorDriver qemuHypervisorDriver =3D { .name =3D QEMU_DRIVER_NAME, .connectURIProbe =3D qemuConnectURIProbe, @@ -20891,6 +20957,7 @@ static virHypervisorDriver qemuHypervisorDriver =3D= { .domainGetMessages =3D qemuDomainGetMessages, /* 7.1.0 */ .domainStartDirtyRateCalc =3D qemuDomainStartDirtyRateCalc, /* 7.2.0 */ .domainSetLaunchSecurityState =3D qemuDomainSetLaunchSecurityState, /*= 8.0.0 */ + .domainFDAssociate =3D qemuDomainFDAssociate, /* 9.0.0 */ }; --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266752; cv=none; d=zohomail.com; s=zohoarc; b=LLxqEvM8b6EgyVmbGi+I5eNllgsCX0efFZTzLHUW5TthvvSyLWltAfqoT0dm2rNCWom4TrvGcS7QQTxzJRwoqvsWPN82d8ujOHXoMC4QQwGwtQxRaY0ktI09TMQAmXd2MmEKeFBBqyWBk0Ks0exLYgBhvx/STRm+3O4jHy9mAYQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266752; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Eal2wXfT3c1V7pBqTjHH5/VLNlNfRDvtDXlu2ixF1cc=; b=CNdc5L7fGSx++M4rfMtt9Yr+jKpgHFFLixw53rZ6tFd+zamGebJwLUn6llzO4uISdkKc95UWl//+6Q63m7y/7O6m8qjVH24OzeG5TylVDttx+UAFvraEClgw42HHLseRbPpAq59yWotdSWez+PGwYP6Fh+DEm4o6caMfR35aOZI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1673266752240740.8103793376265; Mon, 9 Jan 2023 04:19:12 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-383-7eKbpqNDNm6NY9d66u3D1A-1; Mon, 09 Jan 2023 07:19:06 -0500 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 606D2802C1C; Mon, 9 Jan 2023 12:19:04 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4A8AE2166B26; Mon, 9 Jan 2023 12:19:04 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 346131947B8E; Mon, 9 Jan 2023 12:19:04 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id AABA01947B90 for ; Mon, 9 Jan 2023 12:19:02 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 9A7DC40C115E; Mon, 9 Jan 2023 12:19:02 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 201EF40C1141 for ; Mon, 9 Jan 2023 12:19:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266751; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Eal2wXfT3c1V7pBqTjHH5/VLNlNfRDvtDXlu2ixF1cc=; b=e9ETpOnhxaXoN3lfVn0Re5f4rysFAg10HnmEQX5Ci7iBJbfzdG0UYF3hi0gBN6zLQLIMlJ NQrv/cKBbzOBSCbM2l17a+/igRj7TjbSGZZUlBxSirdW0xKvl+2CMPKR7FShOM3FYMZebv 6n2kt1M9FSBO8Ri6V6VcEyiAahe8m0o= X-MC-Unique: 7eKbpqNDNm6NY9d66u3D1A-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 05/17] qemuxml2argvtest: Add support for populating 'fds' in private data Date: Mon, 9 Jan 2023 13:18:43 +0100 Message-Id: <05162b21ffccb75eb7f8163182f3a5f73e67dc48.1673266652.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266753082100006 Content-Type: text/plain; charset="utf-8" Introduce a new argument type for testQemuInfoSetArgs named ARG_FD_GROUP which allows users to instantiate tests with populated FD passing hash table. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/conf/storage_source_conf.c | 1 + src/conf/storage_source_conf.h | 1 + tests/qemuxml2argvtest.c | 5 +++++ tests/testutilsqemu.c | 33 +++++++++++++++++++++++++++++++++ tests/testutilsqemu.h | 2 ++ 5 files changed, 42 insertions(+) diff --git a/src/conf/storage_source_conf.c b/src/conf/storage_source_conf.c index 8e2a85968d..ad9ff36ff1 100644 --- a/src/conf/storage_source_conf.c +++ b/src/conf/storage_source_conf.c @@ -1384,6 +1384,7 @@ virStorageSourceFDTupleFinalize(GObject *object) VIR_FORCE_CLOSE(fdt->fds[i]); g_free(fdt->fds); + g_free(fdt->testfds); G_OBJECT_CLASS(vir_storage_source_fd_tuple_parent_class)->finalize(obj= ect); } diff --git a/src/conf/storage_source_conf.h b/src/conf/storage_source_conf.h index 9cd1a0c137..7c99ac8976 100644 --- a/src/conf/storage_source_conf.h +++ b/src/conf/storage_source_conf.h @@ -262,6 +262,7 @@ struct _virStorageSourceFDTuple { GObject parent; int *fds; size_t nfds; + int *testfds; /* populated by tests to ensure stable FDs */ bool writable; bool tryRestoreLabel; diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 2db0e90f2b..b4b60a0130 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -705,6 +705,11 @@ testCompareXMLToArgv(const void *data) } priv =3D vm->privateData; + if (info->args.fds) { + g_clear_pointer(&priv->fds, g_hash_table_unref); + priv->fds =3D g_steal_pointer(&info->args.fds); + } + if (virBitmapParse("0-3", &priv->autoNodeset, 4) < 0) goto cleanup; diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c index 6d3decdc16..396803c40b 100644 --- a/tests/testutilsqemu.c +++ b/tests/testutilsqemu.c @@ -932,6 +932,38 @@ testQemuInfoSetArgs(struct testQemuInfo *info, info->args.hostOS =3D va_arg(argptr, int); break; + case ARG_FD_GROUP: { + virStorageSourceFDTuple *new =3D virStorageSourceFDTupleNew(); + const char *fdname =3D va_arg(argptr, char *); + VIR_AUTOCLOSE fakefd =3D open("/dev/zero", O_RDWR); + size_t i; + + new->nfds =3D va_arg(argptr, unsigned int); + new->fds =3D g_new0(int, new->nfds); + new->testfds =3D g_new0(int, new->nfds); + + for (i =3D 0; i < new->nfds; i++) { + new->testfds[i] =3D va_arg(argptr, unsigned int); + + if (fcntl(new->testfds[i], F_GETFD) !=3D -1) { + fprintf(stderr, "fd '%d' is already in use\n", new->fd= s[i]); + abort(); + } + + if ((new->fds[i] =3D dup(fakefd)) < 0) { + fprintf(stderr, "failed to duplicate fake fd: %s", + g_strerror(errno)); + abort(); + } + } + + if (!info->args.fds) + info->args.fds =3D virHashNew(g_object_unref); + + g_hash_table_insert(info->args.fds, g_strdup(fdname), new); + break; + } + case ARG_END: default: info->args.invalidarg =3D true; @@ -1037,6 +1069,7 @@ testQemuInfoClear(struct testQemuInfo *info) VIR_FREE(info->errfile); virObjectUnref(info->qemuCaps); g_clear_pointer(&info->args.fakeCaps, virObjectUnref); + g_clear_pointer(&info->args.fds, g_hash_table_unref); } diff --git a/tests/testutilsqemu.h b/tests/testutilsqemu.h index 943958d02a..51c072cb13 100644 --- a/tests/testutilsqemu.h +++ b/tests/testutilsqemu.h @@ -52,6 +52,7 @@ typedef enum { ARG_CAPS_VER, ARG_CAPS_HOST_CPU_MODEL, ARG_HOST_OS, + ARG_FD_GROUP, /* name, nfds, fd[0], ... fd[n-1] */ ARG_END, } testQemuInfoArgName; @@ -87,6 +88,7 @@ struct testQemuArgs { qemuTestCPUDef capsHostCPUModel; int gic; testQemuHostOS hostOS; + GHashTable *fds; bool invalidarg; }; --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266805; cv=none; d=zohomail.com; s=zohoarc; b=jb0QLfY4Xj0r47tOoJ7Mic+M4QWRXjLX5M0gO4UjiaC11xrmUH4iWswnCJViwdChZK4ptn5dxY7LisJgKa5/6ovovZtbX3CEkgaaXQXzrFI/wnX/sZU/DpI6qWaq2ekfSGkfDB52N9nHHYEIiCTmpz4+blxZyLjJ2pkqzsBMlPs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266805; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=QlVaqv3rUnynDw9YvsR5+sXVJqzfz0Ix+5JEt7VWB0c=; b=HDNTpA0dwhUVzN+TVIasV3secmiLJS5d7LYIQSD0qjBbpK33wJhhItlZDJGZv0z1YtW3Tleapxpvp+OtBgny73Xo+MPdpalx24JWbjjkJfHzZrYVrLJzEhJoJ/DoWtd/ZxJ9PuQa2LjtEMVSJYPiiznZFqlDqJ0rNcA+vXmlk7Q= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 167326680533563.57468348372822; Mon, 9 Jan 2023 04:20:05 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-300-cvxCBNpqPIiXh-SA3kC1Uw-1; Mon, 09 Jan 2023 07:19:07 -0500 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 454942817240; Mon, 9 Jan 2023 12:19:05 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 31CF02026D4B; Mon, 9 Jan 2023 12:19:05 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 1D1301947B8D; Mon, 9 Jan 2023 12:19:05 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 9BF4F1946586 for ; Mon, 9 Jan 2023 12:19:03 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 8F2344014CE2; Mon, 9 Jan 2023 12:19:03 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 05C3540C1141 for ; Mon, 9 Jan 2023 12:19:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266804; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=QlVaqv3rUnynDw9YvsR5+sXVJqzfz0Ix+5JEt7VWB0c=; b=ipoHKVvdw4c/L1HvPh9uYF+Sv1FSVf33/vWm+lhRGmfrb9lQOjs9v+AfD7iX1efilLGfJJ sxuOYwfopcC5KMsIdSopt51annYrIzvI8SynGzVZY747PxmC3JB0E8oGn5dnxM9D5Mp1CC 5I4JcA4EubWXAZ/B/RpxNZD4n2dJsBQ= X-MC-Unique: cvxCBNpqPIiXh-SA3kC1Uw-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 06/17] conf: Add 'fdgroup' attribute for 'file' disks Date: Mon, 9 Jan 2023 13:18:44 +0100 Message-Id: <19c2140bfaf739c042f2195ffd1c7301c21edd76.1673266652.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266807404100009 Content-Type: text/plain; charset="utf-8" The 'fdgroup' will allow users to specify a passed FD (via the 'virDomainFDAssociate()' API) to be used instead of opening a path. This is useful in cases when e.g. the file is not accessible from inside a container. Since this uses the same disk type as when we open files via names this patch also introduces a hypervisor feature which the hypervisor asserts that code paths are ready for this possibility. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- docs/formatdomain.rst | 8 +++++ src/conf/domain_conf.c | 2 ++ src/conf/domain_conf.h | 1 + src/conf/domain_postparse.c | 9 +++++ src/conf/schemas/domaincommon.rng | 3 ++ src/conf/storage_source_conf.c | 2 ++ src/conf/storage_source_conf.h | 1 + src/security/virt-aa-helper.c | 3 +- tests/qemuxml2argvdata/disk-source-fd.xml | 40 +++++++++++++++++++++++ 9 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 tests/qemuxml2argvdata/disk-source-fd.xml diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index d7fffc6e0b..109a2ac45a 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -2701,6 +2701,14 @@ paravirtualized driver is specified via the ``disk``= element. ``file`` The ``file`` attribute specifies the fully-qualified path to the file holding the disk. :since:`Since 0.0.3` + + :since:`Since 9.0.0` a new optional attribute ``fdgroup`` can be add= ed + instructing to access the disk via file descriptiors associated to t= he + domain object via the ``virDomainFDAssociate()`` API rather than ope= ning + the files. The files do not necessarily have to be accessible by lib= virt + via the filesystem. The filename passed via ``file`` can still be us= ed + to generate paths to write into image metadata when doing block oper= ations + but libvirt will not access these natively. ``block`` The ``dev`` attribute specifies the fully-qualified path to the host device to serve as the disk. :since:`Since 0.0.3` diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index d16a247a45..6d27229e99 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -7345,6 +7345,7 @@ virDomainStorageSourceParse(xmlNodePtr node, switch (src->type) { case VIR_STORAGE_TYPE_FILE: src->path =3D virXMLPropString(node, "file"); + src->fdgroup =3D virXMLPropString(node, "fdgroup"); break; case VIR_STORAGE_TYPE_BLOCK: src->path =3D virXMLPropString(node, "dev"); @@ -21877,6 +21878,7 @@ virDomainDiskSourceFormat(virBuffer *buf, switch (src->type) { case VIR_STORAGE_TYPE_FILE: virBufferEscapeString(&attrBuf, " file=3D'%s'", src->path); + virBufferEscapeString(&attrBuf, " fdgroup=3D'%s'", src->fdgroup); break; case VIR_STORAGE_TYPE_BLOCK: diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 9e281692ff..c1f1fccf62 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -3167,6 +3167,7 @@ typedef enum { VIR_DOMAIN_DEF_FEATURE_NO_BOOT_ORDER =3D (1 << 6), VIR_DOMAIN_DEF_FEATURE_FW_AUTOSELECT =3D (1 << 7), VIR_DOMAIN_DEF_FEATURE_NET_MODEL_STRING =3D (1 << 8), + VIR_DOMAIN_DEF_FEATURE_DISK_FD =3D (1 << 9), } virDomainDefFeatures; diff --git a/src/conf/domain_postparse.c b/src/conf/domain_postparse.c index 9a3e8f494c..d1f0b80338 100644 --- a/src/conf/domain_postparse.c +++ b/src/conf/domain_postparse.c @@ -885,6 +885,15 @@ virDomainDeviceDefPostParseCheckFeatures(virDomainDevi= ceDef *dev, return -1; } + if (dev->type =3D=3D VIR_DOMAIN_DEVICE_DISK && + dev->data.disk->src->fdgroup && + UNSUPPORTED(VIR_DOMAIN_DEF_FEATURE_DISK_FD)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("driver does not support FD passing for disk '%s'= "), + dev->data.disk->dst); + return -1; + } + return 0; } #undef UNSUPPORTED diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincom= mon.rng index c588a48fd2..ccc114beff 100644 --- a/src/conf/schemas/domaincommon.rng +++ b/src/conf/schemas/domaincommon.rng @@ -1806,6 +1806,9 @@ + + + diff --git a/src/conf/storage_source_conf.c b/src/conf/storage_source_conf.c index ad9ff36ff1..4b1df19ab4 100644 --- a/src/conf/storage_source_conf.c +++ b/src/conf/storage_source_conf.c @@ -817,6 +817,7 @@ virStorageSourceCopy(const virStorageSource *src, def->drv =3D NULL; def->path =3D g_strdup(src->path); + def->fdgroup =3D g_strdup(src->fdgroup); def->volume =3D g_strdup(src->volume); def->relPath =3D g_strdup(src->relPath); def->backingStoreRaw =3D g_strdup(src->backingStoreRaw); @@ -1123,6 +1124,7 @@ virStorageSourceClear(virStorageSource *def) return; VIR_FREE(def->path); + VIR_FREE(def->fdgroup); VIR_FREE(def->volume); VIR_FREE(def->snapshot); VIR_FREE(def->configFile); diff --git a/src/conf/storage_source_conf.h b/src/conf/storage_source_conf.h index 7c99ac8976..ef82104e6c 100644 --- a/src/conf/storage_source_conf.h +++ b/src/conf/storage_source_conf.h @@ -289,6 +289,7 @@ struct _virStorageSource { unsigned int id; /* backing chain identifier, 0 is unset */ virStorageType type; char *path; + char *fdgroup; /* name of group of file descriptors the user wishes to= use instead of 'path' */ int protocol; /* virStorageNetProtocol */ char *volume; /* volume name for remote storage */ char *snapshot; /* for storage systems supporting internal snapshots */ diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index 53a1cd1048..c8db925094 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -607,7 +607,8 @@ virDomainDefParserConfig virAAHelperDomainDefParserConf= ig =3D { .features =3D VIR_DOMAIN_DEF_FEATURE_MEMORY_HOTPLUG | VIR_DOMAIN_DEF_FEATURE_OFFLINE_VCPUPIN | VIR_DOMAIN_DEF_FEATURE_INDIVIDUAL_VCPUS | - VIR_DOMAIN_DEF_FEATURE_NET_MODEL_STRING, + VIR_DOMAIN_DEF_FEATURE_NET_MODEL_STRING | + VIR_DOMAIN_DEF_FEATURE_DISK_FD, }; static int diff --git a/tests/qemuxml2argvdata/disk-source-fd.xml b/tests/qemuxml2argv= data/disk-source-fd.xml new file mode 100644 index 0000000000..d8c47fa364 --- /dev/null +++ b/tests/qemuxml2argvdata/disk-source-fd.xml @@ -0,0 +1,40 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219136 + 219136 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + + + + + + + + + + + + + + + + + + + + + --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266804; cv=none; d=zohomail.com; s=zohoarc; b=cxp55IZBFiumQKKBs6GTtqbHCALEsApBINrzMcAQIntNQPu8Kd6if6ZYacuU5obtDwDdillylUs9kSTKRdWgw+aEkfxdtB6rgZjheL9pEsJQOKl1hrHWhnium0nc1rpFbgOaDo4UoCQk0H3c+u04UBtVDSRSpvkfEBKDd2MEM+Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266804; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=7jGVE/paBA8rhynSeTeLzMsaFNLRLcx+55udMjK/FtU=; b=lbVfrdymh3bb4oVqG1KYN0VhkV0YrhscacJ1DG5W3eGT1o7Pb7BkleeuxdKG5/sIFsBSdt+n3B1Cr+frgID5cN8QBxSQILVln+2kacevZ5UvctsiTQ9fx/9D+LaSfzYMztJUXYasxChXlZKuAwQActgcMxSIcsIsqnqix9AJ8ek= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1673266804984228.82588056513612; Mon, 9 Jan 2023 04:20:04 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-364-D9_S8ibuPguG4VQounh6Ew-1; Mon, 09 Jan 2023 07:19:10 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 87FC080556A; Mon, 9 Jan 2023 12:19:08 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 727B140C2005; Mon, 9 Jan 2023 12:19:08 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 564271947B91; Mon, 9 Jan 2023 12:19:08 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 9960E1946586 for ; Mon, 9 Jan 2023 12:19:04 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 8DE8940C115E; Mon, 9 Jan 2023 12:19:04 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id E951A4014CE2 for ; Mon, 9 Jan 2023 12:19:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266804; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=7jGVE/paBA8rhynSeTeLzMsaFNLRLcx+55udMjK/FtU=; b=DHPPmkO7x+PH68LlzcxbwCiGjD7gI7dGnb1DyjywjCnEPZ/gfzPINsljMsPipbSWrB0y2B LppizfEssg4BNCd8nlqddexOSjS0rUBPFwPFWj7QEpeA64jO0ntQFhY6c0987XBsgh2LOI /m0kVJSIcGDezlBvIpWsHeH4xjyIz/Q= X-MC-Unique: D9_S8ibuPguG4VQounh6Ew-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 07/17] qemu: domain: Introduce qemuDomainStartupCleanup Date: Mon, 9 Jan 2023 13:18:45 +0100 Message-Id: <2db4bca25f395bba2e888e793fd452ef30af7208.1673266652.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266805310100001 Content-Type: text/plain; charset="utf-8" The new helper qemuDomainStartupCleanup is used to perform cleanup after a startup of a VM (successful or not). The initial implementation just calls qemuDomainSecretDestroy, which can be un-exported. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/qemu/qemu_domain.c | 15 ++++++++++++++- src/qemu/qemu_domain.h | 3 +-- src/qemu/qemu_process.c | 2 +- 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 33a9145cc9..1f288fa0cf 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1552,7 +1552,7 @@ qemuDomainSecretGraphicsPrepare(virQEMUDriverConfig *= cfg, * * Removes all unnecessary data which was needed to generate 'secret' obje= cts. */ -void +static void qemuDomainSecretDestroy(virDomainObj *vm) { size_t i; @@ -12279,3 +12279,16 @@ qemuDomainSchedCoreStop(qemuDomainObjPrivate *priv) priv->schedCoreChildPID =3D -1; } } + + +/** + * qemuDomainStartupCleanup: + * + * Performs a cleanup of data which is not required after a startup of a VM + * (successful or not). + */ +void +qemuDomainStartupCleanup(virDomainObj *vm) +{ + qemuDomainSecretDestroy(vm); +} diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 1cba3fa394..057de1e974 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -932,8 +932,7 @@ int qemuDomainSecretChardevPrepare(virQEMUDriverConfig = *cfg, ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) ATTRIBUTE_NONNULL(4); -void qemuDomainSecretDestroy(virDomainObj *vm) - ATTRIBUTE_NONNULL(1); +void qemuDomainStartupCleanup(virDomainObj *vm); int qemuDomainSecretPrepare(virQEMUDriver *driver, virDomainObj *vm) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 49ae7b688b..d8b1ce3abe 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -7936,7 +7936,7 @@ qemuProcessLaunch(virConnectPtr conn, cleanup: qemuDomainSchedCoreStop(priv); - qemuDomainSecretDestroy(vm); + qemuDomainStartupCleanup(vm); return ret; } --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266805; cv=none; d=zohomail.com; s=zohoarc; b=S87iBtdpECZoRihe5pjHJksm7eG05+76Mw5lqRdBlBOdUUTeWLKPWzEJ/+a6yeA4QwNYs8ROrZGEH+ux1PFDsElunLrpLieFXl3QF29SKnr4LNixT0iUW2pJo90vwW4WtINOBKD4YRoCqRReD/mIZLaE9JoRs5r1Jz0MJRt1q80= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266805; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=/YvTNsYW8Wgm6y+TY+7GO5uLF174hm2J/tfVE21IhN8=; b=iAakLE/e4unFSApOZqRw/IVXbq3ryPKUxZXRjJUEzo5whuDpo49PQouzbEzCP0BU3yQF9XgbH+S+vDgaHdVdHbxmGMldlcQ0PtLCQVBZHYcm0+Ybn9nWRR27X5nD+h+h5wuQxKKlH4EdUTKHc0r8fmisNcYyXSiK34/XZ1UmXhU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1673266805348661.0868998684502; Mon, 9 Jan 2023 04:20:05 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-404-Ra5YXTk7NTumt69ydTMshg-1; Mon, 09 Jan 2023 07:19:09 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 99C421C07542; Mon, 9 Jan 2023 12:19:07 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8620B40C2004; Mon, 9 Jan 2023 12:19:07 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 74C961946586; Mon, 9 Jan 2023 12:19:07 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id A34951947B90 for ; Mon, 9 Jan 2023 12:19:05 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 895814014CE2; Mon, 9 Jan 2023 12:19:05 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 048854085720 for ; Mon, 9 Jan 2023 12:19:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266804; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=/YvTNsYW8Wgm6y+TY+7GO5uLF174hm2J/tfVE21IhN8=; b=Cw7tAKHrgeJihmCUCXdPBhyuOhS6OnjB4Wwy59BD9tAkhWVOhoQyHH+/2cMHxK6/qt41Om zcXP8DRernSoFKxNp9mXHoa4I2P4pRHhENdR9E+5o/UFheW48SKYcsqn/WakDiP2dgFkCP KAfvxoD90UBgIrZOlfoQY/Lctm6jbl0= X-MC-Unique: Ra5YXTk7NTumt69ydTMshg-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 08/17] conf: storage_source: Introduce virStorageSourceIsFD Date: Mon, 9 Jan 2023 13:18:46 +0100 Message-Id: <5e7d2ae009aa7b1646a16e6e26edf3b72f5f2ed0.1673266652.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266807375100008 Content-Type: text/plain; charset="utf-8" The helper will be used in various places that need to check that a disk source struct is using FD passing. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/conf/storage_source_conf.c | 7 +++++++ src/conf/storage_source_conf.h | 3 +++ src/libvirt_private.syms | 1 + 3 files changed, 11 insertions(+) diff --git a/src/conf/storage_source_conf.c b/src/conf/storage_source_conf.c index 4b1df19ab4..8b67e511e2 100644 --- a/src/conf/storage_source_conf.c +++ b/src/conf/storage_source_conf.c @@ -1057,6 +1057,13 @@ virStorageSourceIsLocalStorage(const virStorageSourc= e *src) } +bool +virStorageSourceIsFD(const virStorageSource *src) +{ + return src->fdgroup; +} + + /** * virStorageSourceIsEmpty: * diff --git a/src/conf/storage_source_conf.h b/src/conf/storage_source_conf.h index ef82104e6c..9c07eef200 100644 --- a/src/conf/storage_source_conf.h +++ b/src/conf/storage_source_conf.h @@ -494,6 +494,9 @@ virStorageSourceGetActualType(const virStorageSource *d= ef); bool virStorageSourceIsLocalStorage(const virStorageSource *src); +bool +virStorageSourceIsFD(const virStorageSource *src); + bool virStorageSourceIsEmpty(virStorageSource *src); diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index ef88e2b49f..b4c6e6a09e 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1129,6 +1129,7 @@ virStorageSourceInitiatorParseXML; virStorageSourceIsBacking; virStorageSourceIsBlockLocal; virStorageSourceIsEmpty; +virStorageSourceIsFD; virStorageSourceIsLocalStorage; virStorageSourceIsRelative; virStorageSourceIsSameLocation; --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266810; cv=none; d=zohomail.com; s=zohoarc; b=Mf4z2iwzwEd0S6dtt5OMYwkiSVJuaV0iGFf3TWfs79yRalZMGW/MJCTx/YtPuhSd+zxH0kq9uxk1QriLZYrZInk3Q+8Fqy6uFsMSu7jzOs6/4IdgOh72wnjOedfMTrnFaO1STIAOW+0AlGwVL04Plp5gqzKyIUy/5Ie5oZ8dzAo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266810; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=0xFsFAiBl0cimap6YBFb3ka4j/xjpDa9O/s/3mPvSjs=; b=CI4CoQL0u89n2XLXWEYdv1JbP7d0CBBCCJhWf/Z8IzwNETYR7RF0kq538b5fZEnao702Rp+TY6wx+3e3UW5HtiSWGk+l4pOTaGch9YkIGKE+WCx341whQS0ych5dF0aus1CeU/YEdNxWzzghb9SQ3mSn4vTqdnoiA+aKZtls6/w= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1673266810689677.8841017148338; Mon, 9 Jan 2023 04:20:10 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-324-4C_Ls5PUMieFTXxkRJ23BA-1; Mon, 09 Jan 2023 07:19:10 -0500 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1DDDC857A9F; Mon, 9 Jan 2023 12:19:08 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 073A92166B26; Mon, 9 Jan 2023 12:19:08 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id B30E61947BA0; Mon, 9 Jan 2023 12:19:07 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 9C8621946586 for ; Mon, 9 Jan 2023 12:19:06 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 8ED024014CE2; Mon, 9 Jan 2023 12:19:06 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id E841F401530D for ; Mon, 9 Jan 2023 12:19:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266809; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=0xFsFAiBl0cimap6YBFb3ka4j/xjpDa9O/s/3mPvSjs=; b=EoqPBAhYHGrtuBimYzYjFIzerbVb/JROIAu4Ls5ff7aIr8rQBv8s+6rPm3Vk+wU5Jb/Arn oWH3YX4IyYXrk5wPnprzsP0hGKVFJgly2eO+QM6oPaK5Hwr8T94uP+VLca5cRzpKdtGR3p MqWg7rTHebBXhNkc0u45oX78VPaF528= X-MC-Unique: 4C_Ls5PUMieFTXxkRJ23BA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 09/17] qemu: Prepare data for FD-passed disk image sources Date: Mon, 9 Jan 2023 13:18:47 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266811374100001 Content-Type: text/plain; charset="utf-8" When starting up a VM with FD-passed images we need to look up the corresponding named FD set and associate it with the virStorageSource based on the name. The association is brought into virStorageSource as security labelling code will need to access the FD to perform selinux labelling. Similarly when startup is complete in certain cases we no longer need to keep the copy of FDs and thus can close them. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/conf/storage_source_conf.c | 5 ++ src/conf/storage_source_conf.h | 2 + src/qemu/qemu_domain.c | 86 ++++++++++++++++++++++++++++++++++ src/qemu/qemu_domain.h | 5 ++ src/qemu/qemu_hotplug.c | 1 + 5 files changed, 99 insertions(+) diff --git a/src/conf/storage_source_conf.c b/src/conf/storage_source_conf.c index 8b67e511e2..1c11eacb9d 100644 --- a/src/conf/storage_source_conf.c +++ b/src/conf/storage_source_conf.c @@ -886,6 +886,9 @@ virStorageSourceCopy(const virStorageSource *src, return NULL; } + if (src->fdtuple) + def->fdtuple =3D g_object_ref(src->fdtuple); + /* ssh config passthrough for libguestfs */ def->ssh_host_key_check_disabled =3D src->ssh_host_key_check_disabled; def->ssh_user =3D g_strdup(src->ssh_user); @@ -1170,6 +1173,8 @@ virStorageSourceClear(virStorageSource *def) virStorageSourceInitiatorClear(&def->initiator); + g_clear_pointer(&def->fdtuple, g_object_unref); + /* clear everything except the class header as the object APIs * will break otherwise */ memset((char *) def + sizeof(def->parent), 0, diff --git a/src/conf/storage_source_conf.h b/src/conf/storage_source_conf.h index 9c07eef200..f981261ff4 100644 --- a/src/conf/storage_source_conf.h +++ b/src/conf/storage_source_conf.h @@ -415,6 +415,8 @@ struct _virStorageSource { * registered with a full index (vda[3]) so that we can properly repor= t just * one event for it */ bool thresholdEventWithIndex; + + virStorageSourceFDTuple *fdtuple; }; G_DEFINE_AUTOPTR_CLEANUP_FUNC(virStorageSource, virObjectUnref); diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 1f288fa0cf..7dc4ef4ddb 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -850,6 +850,7 @@ qemuDomainStorageSourcePrivateDispose(void *obj) g_clear_pointer(&priv->encinfo, qemuDomainSecretInfoFree); g_clear_pointer(&priv->httpcookie, qemuDomainSecretInfoFree); g_clear_pointer(&priv->tlsKeySecret, qemuDomainSecretInfoFree); + g_clear_pointer(&priv->fdpass, qemuFDPassFree); } @@ -10892,6 +10893,61 @@ qemuDomainPrepareDiskSourceLegacy(virDomainDiskDef= *disk, } +static int +qemuDomainPrepareStorageSourceFDs(virStorageSource *src, + qemuDomainObjPrivate *priv) +{ + qemuDomainStorageSourcePrivate *srcpriv =3D NULL; + virStorageType actualType =3D virStorageSourceGetActualType(src); + virStorageSourceFDTuple *fdt =3D NULL; + size_t i; + + if (actualType !=3D VIR_STORAGE_TYPE_FILE && + actualType !=3D VIR_STORAGE_TYPE_BLOCK) + return 0; + + if (!virStorageSourceIsFD(src)) + return 0; + + if (!(fdt =3D virHashLookup(priv->fds, src->fdgroup))) { + virReportError(VIR_ERR_INVALID_ARG, + _("file descriptor group '%s' was not associated wi= th the domain"), + src->fdgroup); + return -1; + } + + srcpriv =3D qemuDomainStorageSourcePrivateFetch(src); + + srcpriv->fdpass =3D qemuFDPassNew(src->nodestorage, priv); + + for (i =3D 0; i < fdt->nfds; i++) { + g_autofree char *idx =3D g_strdup_printf("%zu", i); + int tmpfd; + + if (fdt->testfds) { + /* when testing we want to use stable FD numbers provided by t= he test + * case */ + tmpfd =3D dup2(fdt->fds[i], fdt->testfds[i]); + } else { + tmpfd =3D dup(fdt->fds[i]); + } + + if (tmpfd < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("failed to duplicate file descriptor for fd g= roup '%s'"), + src->fdgroup); + return -1; + } + + qemuFDPassAddFD(srcpriv->fdpass, &tmpfd, idx); + } + + src->fdtuple =3D g_object_ref(fdt); + + return 0; +} + + int qemuDomainPrepareStorageSourceBlockdevNodename(virDomainDiskDef *disk, virStorageSource *src, @@ -10929,6 +10985,9 @@ qemuDomainPrepareStorageSourceBlockdevNodename(virD= omainDiskDef *disk, if (qemuDomainPrepareStorageSourceNFS(src) < 0) return -1; + if (qemuDomainPrepareStorageSourceFDs(src, priv) < 0) + return -1; + return 0; } @@ -12281,6 +12340,28 @@ qemuDomainSchedCoreStop(qemuDomainObjPrivate *priv) } +/** + * qemuDomainCleanupStorageSourceFD: + * @src: start of the chain to clear + * + * Cleans up the backing chain starting at @src of FD tuple structures for + * all FD-tuples which didn't request explicit relabelling and thus the st= ruct + * is no longer needed. + */ +void +qemuDomainCleanupStorageSourceFD(virStorageSource *src) +{ + virStorageSource *n; + + for (n =3D src; virStorageSourceIsBacking(n); n =3D n->backingStore) { + if (virStorageSourceIsFD(n) && n->fdtuple) { + if (!n->fdtuple->tryRestoreLabel) + g_clear_pointer(&n->fdtuple, g_object_unref); + } + } +} + + /** * qemuDomainStartupCleanup: * @@ -12290,5 +12371,10 @@ qemuDomainSchedCoreStop(qemuDomainObjPrivate *priv) void qemuDomainStartupCleanup(virDomainObj *vm) { + size_t i; + qemuDomainSecretDestroy(vm); + + for (i =3D 0; i < vm->def->ndisks; i++) + qemuDomainCleanupStorageSourceFD(vm->def->disks[i]->src); } diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 057de1e974..add653d9db 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -305,6 +305,9 @@ struct _qemuDomainStorageSourcePrivate { /* key for decrypting TLS certificate */ qemuDomainSecretInfo *tlsKeySecret; + + /* file descriptors if user asks for FDs to be passed */ + qemuFDPass *fdpass; }; virObject *qemuDomainStorageSourcePrivateNew(void); @@ -932,6 +935,8 @@ int qemuDomainSecretChardevPrepare(virQEMUDriverConfig = *cfg, ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) ATTRIBUTE_NONNULL(4); +void qemuDomainCleanupStorageSourceFD(virStorageSource *src); + void qemuDomainStartupCleanup(virDomainObj *vm); int qemuDomainSecretPrepare(virQEMUDriver *driver, diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index 6e300f547c..dba699a8a8 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -1016,6 +1016,7 @@ qemuDomainAttachDeviceDiskLiveInternal(virQEMUDriver = *driver, ignore_value(qemuHotplugRemoveManagedPR(vm, VIR_ASYNC_JOB_NONE= )); } qemuDomainSecretDiskDestroy(disk); + qemuDomainCleanupStorageSourceFD(disk->src); return ret; } --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266759; cv=none; d=zohomail.com; s=zohoarc; b=ROVIEixx3GDxGaFQk1+V5bYi+CFt6y+ZyvsE1MXWauAgqi5AcCZLB6QsJMHLB0fhj+/BEw1LcM+4sXBRN5zNN9HKOtuFs5cboKVQ+kSx293KwjKpfxFbNeHTCUu3o114xK7huu4HUTjuz5+DcLLuM8Ls9x0ziT34nbfEePrFf10= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266759; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=QPzAeQy3T0GKu/z9VZcStWI8YNRqFBxJf5olw/t5XIg=; b=kVKwJSGuCrEuOssR4QFRaAr6IgZNNeMVe8vqjEpHWd9xdbmLYmXxhiedC1/FvrJvY5ALfE1NnqO1xymWo5EV6IiQPjRUDFegmAgn3IqkwYON9qAgwjWHcYrk6f6u9HRVuryaj9fv/AndydQM94oMl/nZ6M9eJ8vp52ozdlwTww4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1673266759935937.1703991913096; Mon, 9 Jan 2023 04:19:19 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-661-DJMj_G-RMKap-o8nwGrrpA-1; Mon, 09 Jan 2023 07:19:12 -0500 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B37F83C0F245; Mon, 9 Jan 2023 12:19:09 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9FA03C16026; Mon, 9 Jan 2023 12:19:09 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 910C71947B92; Mon, 9 Jan 2023 12:19:09 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id ACB471947B9E for ; Mon, 9 Jan 2023 12:19:07 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 90C9440C115E; Mon, 9 Jan 2023 12:19:07 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 02A3140C1141 for ; Mon, 9 Jan 2023 12:19:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266758; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=QPzAeQy3T0GKu/z9VZcStWI8YNRqFBxJf5olw/t5XIg=; b=Q9aX/m1/iQtRSeeUW5JDBZJsohCwbLYZGdNuAr0xFw/nmkXnDkmUpn+YqA1E4ROPtPV1Yz TXV9vqmjTdW82gA7/hAjjszHJddle+I9dn9zomtKGzFwWFRPGCDyG4B5FQLGL8gu1HF8RL eLY2FtYxGweiHrjpRVTGxjDCtCD1McA= X-MC-Unique: DJMj_G-RMKap-o8nwGrrpA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 10/17] qemu: block: Add support for passing FDs of disk images Date: Mon, 9 Jan 2023 13:18:48 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266761084100001 Content-Type: text/plain; charset="utf-8" Prepare the internal data for passing FDs instead of having qemu open the file internally. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/qemu/qemu_block.c | 31 ++++++++++++++++++++++++++++--- src/qemu/qemu_command.c | 22 ++++++++++++++++++++++ 2 files changed, 50 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index 8a6f601b29..a672ad6f54 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -673,22 +673,47 @@ qemuBlockStorageSourceGetSshProps(virStorageSource *s= rc) static virJSONValue * qemuBlockStorageSourceGetFileProps(virStorageSource *src, - bool onlytarget) + bool onlytarget, + virTristateBool *autoReadOnly, + virTristateBool *readOnly) { + const char *path =3D src->path; const char *iomode =3D NULL; const char *prManagerAlias =3D NULL; virJSONValue *ret =3D NULL; if (!onlytarget) { + qemuDomainStorageSourcePrivate *srcpriv =3D QEMU_DOMAIN_STORAGE_SO= URCE_PRIVATE(src); + if (src->pr) prManagerAlias =3D src->pr->mgralias; if (src->iomode !=3D VIR_DOMAIN_DISK_IO_DEFAULT) iomode =3D virDomainDiskIoTypeToString(src->iomode); + + if (srcpriv && srcpriv->fdpass) { + path =3D qemuFDPassGetPath(srcpriv->fdpass); + + /* when passing a FD to qemu via the /dev/fdset mechanism qemu + * fetches the appropriate FD from the fdset by checking that = it has + * the correct accessmode. Now with 'auto-read-only' in effect= qemu + * wants to use a read-only FD first. If the user didn't pass = multiple + * FDs the feature will not work regardless, so we'll disable = it. */ + if (src->fdtuple->nfds =3D=3D 1) { + *autoReadOnly =3D VIR_TRISTATE_BOOL_ABSENT; + + /* now we setup the normal readonly flag. If user requeste= d write + * access honour it */ + if (src->fdtuple->writable) + *readOnly =3D VIR_TRISTATE_BOOL_NO; + else + *readOnly =3D virTristateBoolFromBool(src->readonly); + } + } } ignore_value(virJSONValueObjectAdd(&ret, - "s:filename", src->path, + "s:filename", path, "S:aio", iomode, "S:pr-manager", prManagerAlias, NULL) < 0); @@ -818,7 +843,7 @@ qemuBlockStorageSourceGetBackendProps(virStorageSource = *src, driver =3D "file"; } - if (!(fileprops =3D qemuBlockStorageSourceGetFileProps(src, onlyta= rget))) + if (!(fileprops =3D qemuBlockStorageSourceGetFileProps(src, onlyta= rget, &aro, &ro))) return NULL; break; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index cd3222feac..9dac57c2f2 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -2146,6 +2146,25 @@ qemuBuildBlockStorageSourceAttachDataCommandline(vir= Command *cmd, } +static int +qemuBuildDiskSourceCommandLineFDs(virCommand *cmd, + virDomainDiskDef *disk) +{ + virStorageSource *n; + + for (n =3D disk->src; virStorageSourceIsBacking(n); n =3D n->backingSt= ore) { + qemuDomainStorageSourcePrivate *srcpriv =3D QEMU_DOMAIN_STORAGE_SO= URCE_PRIVATE(n); + + if (!srcpriv || !srcpriv->fdpass) + continue; + + qemuFDPassTransferCommand(srcpriv->fdpass, cmd); + } + + return 0; +} + + static int qemuBuildDiskSourceCommandLine(virCommand *cmd, virDomainDiskDef *disk, @@ -2163,6 +2182,9 @@ qemuBuildDiskSourceCommandLine(virCommand *cmd, if (virStorageSourceIsEmpty(disk->src)) return 0; + if (qemuBuildDiskSourceCommandLineFDs(cmd, disk) < 0) + return -1; + if (!(data =3D qemuBuildStorageSourceChainAttachPrepareBlockdev(di= sk->src))) return -1; --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266806; cv=none; d=zohomail.com; s=zohoarc; b=itD4uqnkXhcV91bwAlByjIA1y/CXZ0X+ywyNhuLGOe/4ukqQOAYAeOcUo6arrewu0Jzq6cbMlrwRbatlSnfvMfolvJJyC/kkCvb3zMR6XVbjENXIZXrcmP2W+W2BsA6mydr+JwDMIuXGsPVWJvFqliMekSo5+G9+cpb8AzjiJ00= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266806; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=gG9xW03YFX52yFrczEd9/bkBjbtfL/M8TSUCCd06THg=; b=JpOE8mAIZE09qbQH7xFXWmhNvehCcD8G94gNUwVELwWUnW20BkpAiUPwZA/mulMpMxwhJ4K20pgr48Hg4G2IH9Bm1hpR2LJlpJTSgMDeoU4GzDuBzdIjF/QVOW5O8iSy1RvQG+7rRVjyCNykLdjsGQuXBw/AFrlDaJ431eXbzYU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1673266806270890.5833561591484; Mon, 9 Jan 2023 04:20:06 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-196-CgMXnLTPPsacpStNcLUziQ-1; Mon, 09 Jan 2023 07:19:12 -0500 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3BD1F85CBF9; Mon, 9 Jan 2023 12:19:10 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 279D32026D2A; Mon, 9 Jan 2023 12:19:10 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 13CE41947BA3; Mon, 9 Jan 2023 12:19:10 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id BCD781947B90 for ; Mon, 9 Jan 2023 12:19:08 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id B15FE4014CE2; Mon, 9 Jan 2023 12:19:08 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1EE4C401530E for ; Mon, 9 Jan 2023 12:19:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266805; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=gG9xW03YFX52yFrczEd9/bkBjbtfL/M8TSUCCd06THg=; b=CvIZaXHoKANfYM0Qe4Qcv5DVYFkoq1IvOckXta01RN9z4eO8EKkThDsNImKRluvqu1BGVs gS8LIEcFtLP78MQzbgcwKjbDExWFQgA8m1Ah7aYVQUyWpJLYcksSPfk8cOYSE+hlhQHQbL LGfUeNw791K3V0GccMSSl3D8z/aXkVg= X-MC-Unique: CgMXnLTPPsacpStNcLUziQ-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 11/17] secuirity: DAC: Don't relabel FD-passed virStorageSource images Date: Mon, 9 Jan 2023 13:18:49 +0100 Message-Id: <4267be78bb8b7f17ad1bb785982f8d413e25a214.1673266652.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266807369100007 Content-Type: text/plain; charset="utf-8" DAC security label is irrelevant once you have the FD. Disable all labelling for such images. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/security/security_dac.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 917fcf76a3..4036a2c27a 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -881,6 +881,10 @@ virSecurityDACSetImageLabelInternal(virSecurityManager= *mgr, if (!priv->dynamicOwnership) return 0; + /* Images passed via FD don't need DAC seclabel change */ + if (virStorageSourceIsFD(src)) + return 0; + secdef =3D virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME); if (secdef && !secdef->relabel) return 0; @@ -992,6 +996,10 @@ virSecurityDACRestoreImageLabelSingle(virSecurityManag= er *mgr, if (src->readonly || src->shared) return 0; + /* Images passed via FD don't need DAC seclabel change */ + if (virStorageSourceIsFD(src)) + return 0; + secdef =3D virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME); if (secdef && !secdef->relabel) return 0; @@ -1112,10 +1120,14 @@ virSecurityDACMoveImageMetadata(virSecurityManager = *mgr, if (!priv->dynamicOwnership) return 0; - if (src && virStorageSourceIsLocalStorage(src)) + if (src && + virStorageSourceIsLocalStorage(src) && + !virStorageSourceIsFD(src)) data.src =3D src->path; - if (dst && virStorageSourceIsLocalStorage(dst)) + if (dst && + virStorageSourceIsLocalStorage(dst) && + !virStorageSourceIsFD(dst)) data.dst =3D dst->path; if (!data.src) --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266760; cv=none; d=zohomail.com; s=zohoarc; b=aVZCKXZzvTlDYw5ghI/HPWCtJsZCI7fm2V1cc7hx3GY4DIfAIzJlucWD7cXIEHebTQUNgMHCmhtriGWEH1DJbk4zOgcq3vIZBSVcasmB4LeEkp8A1qC1Qo3OE20S/0L12NmVTLwt8RwCHuyyzM6V6OjLuJUCag7+KAeH5q2AWgU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266760; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=FcMisF/7Zx3bTlYczMv6y3pdAMvuejrvjBzeFIoTLSA=; b=inSwIL+z1t09iIXZNsBzlbUMbfOvFrxqINBd6ijEsVEJEtQl1+T+g1zON155rfQecq4dzxw8osLrnqSrVw4ydT8b9odyJEHkFICg4JCGHdMjT0jW6fgV0c/dIfli4Q7tkqfPzlZD72VeJWwi9UiG2BIca1f4J7rTc6txcOiuIg8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1673266760253364.36062186869117; Mon, 9 Jan 2023 04:19:20 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-74-MRJBhiVTPnyUwaVpCmRaWQ-1; Mon, 09 Jan 2023 07:19:13 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E7CCC3C0F420; Mon, 9 Jan 2023 12:19:11 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id D607940C2064; Mon, 9 Jan 2023 12:19:11 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id C77431947B96; Mon, 9 Jan 2023 12:19:11 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id BD52C1947BA1 for ; Mon, 9 Jan 2023 12:19:09 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id A34534014CE2; Mon, 9 Jan 2023 12:19:09 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1CAC0401530D for ; Mon, 9 Jan 2023 12:19:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266759; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=FcMisF/7Zx3bTlYczMv6y3pdAMvuejrvjBzeFIoTLSA=; b=Vmh8Yk9zXfkztOAOI89ale0EmuH4I4no0dpfQrJ86BiVXKgrzdun/3LZGfXnCFaNQtGCBc 2JpVjZ3/mrSDmIULf2/J8r9L3RAWHNEzvBOsp9FBKksAuuF16y2uwKPXsf3ET0u4x/5Yb6 1P4xRgbx6Wz28TQ4CDAtZLeMSXeE+I0= X-MC-Unique: MRJBhiVTPnyUwaVpCmRaWQ-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 12/17] security: selinux: Handle security labelling of FD-passed images Date: Mon, 9 Jan 2023 13:18:50 +0100 Message-Id: <9503f349ab051600af11ed3211d23490d0bc6e85.1673266652.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266761109100002 Content-Type: text/plain; charset="utf-8" Unfortunately unlike with DAC we can't simply ignore labelling for the FD and it also influences the on-disk state. Thus we need to relabel the FD and we also store the existing label in cases when the user will request best-effort label replacement. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/conf/storage_source_conf.c | 1 + src/conf/storage_source_conf.h | 3 +++ src/security/security_selinux.c | 32 +++++++++++++++++++++++++++++++- 3 files changed, 35 insertions(+), 1 deletion(-) diff --git a/src/conf/storage_source_conf.c b/src/conf/storage_source_conf.c index 1c11eacb9d..cecd7e811e 100644 --- a/src/conf/storage_source_conf.c +++ b/src/conf/storage_source_conf.c @@ -1399,6 +1399,7 @@ virStorageSourceFDTupleFinalize(GObject *object) g_free(fdt->fds); g_free(fdt->testfds); + g_free(fdt->selinuxLabel); G_OBJECT_CLASS(vir_storage_source_fd_tuple_parent_class)->finalize(obj= ect); } diff --git a/src/conf/storage_source_conf.h b/src/conf/storage_source_conf.h index f981261ff4..14a6825d54 100644 --- a/src/conf/storage_source_conf.h +++ b/src/conf/storage_source_conf.h @@ -269,6 +269,9 @@ struct _virStorageSourceFDTuple { /* connection this FD tuple is associated with for auto-closing */ virConnect *conn; + + /* original selinux label when we relabel the image */ + char *selinuxLabel; }; G_DECLARE_FINAL_TYPE(virStorageSourceFDTuple, vir_storage_source_fd_tuple,= VIR, STORAGE_SOURCE_FD_TUPLE, GObject); diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index 93cc12407a..a42d86216a 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -1741,6 +1741,19 @@ virSecuritySELinuxRestoreImageLabelSingle(virSecurit= yManager *mgr, if (src->readonly || src->shared) return 0; + if (virStorageSourceIsFD(src)) { + if (migrated) + return 0; + + if (!src->fdtuple || + !src->fdtuple->selinuxLabel || + src->fdtuple->nfds =3D=3D 0) + return 0; + + ignore_value(virSecuritySELinuxFSetFilecon(src->fdtuple->fds[0], + src->fdtuple->selinuxLa= bel)); + return 0; + } /* If we have a shared FS and are doing migration, we must not change * ownership, because that kills access on the destination host which = is @@ -1888,7 +1901,24 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityM= anager *mgr, path =3D vfioGroupDev; } - ret =3D virSecuritySELinuxSetFilecon(mgr, path, use_label, remember); + if (virStorageSourceIsFD(src)) { + /* We can only really do labelling when we have the FD as the path + * may not be accessible for us */ + if (!src->fdtuple || src->fdtuple->nfds =3D=3D 0) + return 0; + + /* force a writable label for the image if requested */ + if (src->fdtuple->writable && secdef->imagelabel) + use_label =3D secdef->imagelabel; + + /* store the existing selinux label for the image */ + if (!src->fdtuple->selinuxLabel) + fgetfilecon_raw(src->fdtuple->fds[0], &src->fdtuple->selinuxLa= bel); + + ret =3D virSecuritySELinuxFSetFilecon(src->fdtuple->fds[0], use_la= bel); + } else { + ret =3D virSecuritySELinuxSetFilecon(mgr, path, use_label, remembe= r); + } if (ret =3D=3D 1 && !disk_seclabel) { /* If we failed to set a label, but virt_use_nfs let us --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266815; cv=none; d=zohomail.com; s=zohoarc; b=Ozq1aDUAvWbuD/AwHXhSWUkWDo2qcS3yNpgnmfMvgUr0vCDdkUAhST3hUs9xSn9pNgph46aRmDcK+WPLdvXv1aa/Q9i0qOeAfnaqY4I98fiey4WjjKeNCKbPz3gZHbm5XqDSBRXMVV09qih29ndEX/WCyS589iSDUFUPYp0hAlo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266815; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=MK32E8qzS/VVHm0xht6RnUtYRdbdMQNc+WpwJfMAulI=; b=WInqPXY3wYu+OicEXmtBpbV4choVxHiaDOJv7i9PNrvYOhpqUADUG2bAjBdZwlUp0x9P3ErQBsuWPFE7tSGLuToYDjRNxzjI3rhE1GdR33iUwnnBza4d9V0pkpoqbRSZvZ0PxurooP5lWw5T43bG4b/0Lg8Vbh5OAUVc433x8K8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1673266815137245.7748487653531; Mon, 9 Jan 2023 04:20:15 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-516-mCsajXMxME-DyK7qDlhKXg-1; Mon, 09 Jan 2023 07:19:15 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id D6DEE100F927; Mon, 9 Jan 2023 12:19:12 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8403E1121319; Mon, 9 Jan 2023 12:19:12 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 5F8881947B90; Mon, 9 Jan 2023 12:19:12 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id B594E1947B94 for ; Mon, 9 Jan 2023 12:19:10 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id A51E440ED76D; Mon, 9 Jan 2023 12:19:10 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1579940ED784 for ; Mon, 9 Jan 2023 12:19:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266814; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=MK32E8qzS/VVHm0xht6RnUtYRdbdMQNc+WpwJfMAulI=; b=LvNvWdC8KvZASLB1Dq9FZU1WPGvG+c6FfFU6CD4HK79AxV8CAYXcH6xreRkPjMbT/UKZW2 SUpR+uxct75JN7PKM49WxEvRIqZnUVcFFz/kC30KXDdo4+s4DbAA/+xYcCVi79qa8j7JHF z0uBmFA+mc6/EH2vT4l3yvSpGpKyvTA= X-MC-Unique: mCsajXMxME-DyK7qDlhKXg-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 13/17] qemu: Prepare storage backing chain traversal code for FD passed images Date: Mon, 9 Jan 2023 13:18:51 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266815397100002 Content-Type: text/plain; charset="utf-8" We assume that FD passed images already exist so all existance checks are skipped. For the case that a FD-passed image is passed without a terminated backing chain (thus forcing us to detect) we attempt to read the header from the FD. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/qemu/qemu_domain.c | 23 ++++++++++++++--------- src/storage_file/storage_source.c | 15 +++++++++++++++ 2 files changed, 29 insertions(+), 9 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 7dc4ef4ddb..38883a57d8 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -7679,16 +7679,20 @@ qemuDomainDetermineDiskChain(virQEMUDriver *driver, disksrc->format > VIR_STORAGE_FILE_NONE && disksrc->format < VIR_STORAGE_FILE_BACKING) { + /* terminate the chain for such images as the code below would do = */ + if (!disksrc->backingStore) + disksrc->backingStore =3D virStorageSourceNew(); + + /* we assume that FD-passed disks always exist */ + if (virStorageSourceIsFD(disksrc)) + return 0; + if (!virFileExists(disksrc->path)) { virStorageSourceReportBrokenChain(errno, disksrc, disksrc); return -1; } - /* terminate the chain for such images as the code below would do = */ - if (!disksrc->backingStore) - disksrc->backingStore =3D virStorageSourceNew(); - /* host cdrom requires special treatment in qemu, so we need to ch= eck * whether a block device is a cdrom */ if (disk->device =3D=3D VIR_DOMAIN_DISK_DEVICE_CDROM && @@ -7700,12 +7704,14 @@ qemuDomainDetermineDiskChain(virQEMUDriver *driver, return 0; } - src =3D disksrc; /* skip to the end of the chain if there is any */ - while (virStorageSourceHasBacking(src)) { - int rv =3D virStorageSourceSupportsAccess(src); + for (src =3D disksrc; virStorageSourceHasBacking(src); src =3D src->ba= ckingStore) { + int rv; + + if (virStorageSourceIsFD(src)) + continue; - if (rv < 0) + if ((rv =3D virStorageSourceSupportsAccess(src)) < 0) return -1; if (rv > 0) { @@ -7720,7 +7726,6 @@ qemuDomainDetermineDiskChain(virQEMUDriver *driver, virStorageSourceDeinit(src); } - src =3D src->backingStore; } /* We skipped to the end of the chain. Skip detection if there's the diff --git a/src/storage_file/storage_source.c b/src/storage_file/storage_s= ource.c index ab0cdf2b12..7954b255a6 100644 --- a/src/storage_file/storage_source.c +++ b/src/storage_file/storage_source.c @@ -1264,6 +1264,21 @@ virStorageSourceGetMetadataRecurseReadHeader(virStor= ageSource *src, int ret =3D -1; ssize_t len; + if (virStorageSourceIsFD(src)) { + if (!src->fdtuple) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("fd passed image source not initialized")); + return -1; + } + + if ((len =3D virFileReadHeaderFD(src->fdtuple->fds[0], + VIR_STORAGE_MAX_HEADER, buf)) < 0) + return -1; + + *headerLen =3D len; + return 0; + } + if (virStorageSourceInitAs(src, uid, gid) < 0) return -1; --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266803; cv=none; d=zohomail.com; s=zohoarc; b=l1Zm2oFI3RRAsstqJs4YxaXJlVwpjrKBxUic1EChN8KWX9/SUMg0+SOIuhx5uw01O5aVerQ3HWcoo8bh9AGATdaUgZ0B0dKTcdBrJbK/oEOkX6MtkbDuJq2seWZfxPij5sVOks7prY8z4huQBrUyZcbKa4kD4TMj4oH1UMz4KyA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266803; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=JdVgXJ0mAkcL+4G0lMZKMQUca9BArq04A+RXcWvmLus=; b=EGFZo6dXw8bMLyehj3FO9mbmaqdoDDntYyhUyXlqxlNG778t69E9PMecZE3MGKM/VU4SErwsnZ7KT6RZwCU17sotLA2YwZRZyBrbK1Y3er7ArcaFlYz6oDTY2ZNhsPav8RmR0cIvrIgEXmhGyOQSwc+ASxptDVdDCM9qwDxI+DM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1673266803256970.9478222361814; Mon, 9 Jan 2023 04:20:03 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-52-0uXOKJJcPt-by_QNL-ii3A-1; Mon, 09 Jan 2023 07:19:14 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id CAFEE8017C3; Mon, 9 Jan 2023 12:19:12 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id AC31E40C2007; Mon, 9 Jan 2023 12:19:12 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 95B7B1947BA6; Mon, 9 Jan 2023 12:19:12 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id BDEEA1947B94 for ; Mon, 9 Jan 2023 12:19:11 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id AF3C94014CE2; Mon, 9 Jan 2023 12:19:11 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 16661401530D for ; Mon, 9 Jan 2023 12:19:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266801; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=JdVgXJ0mAkcL+4G0lMZKMQUca9BArq04A+RXcWvmLus=; b=W2x4kIxP9PNhT7gLP1QPyA7mxZqKygK0IZzM7/kDumhE4YsALswBgDrX31tPtyFDhZhn9c qoF3FJe5R4QyDx0ONkLqV+ZCx19zc9tN41EExkWM85cgWGPLZvKCbSDfWQjZj12mfVMMhS 2xkSlDqfg3HFqbzbFzqe4xwlGqiy8jQ= X-MC-Unique: 0uXOKJJcPt-by_QNL-ii3A-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 14/17] qemu: driver: Don't allow certain operations with FD-passed disks Date: Mon, 9 Jan 2023 13:18:52 +0100 Message-Id: <4d2dc705e3fbb5eae48777c963cea9403bc05cb4.1673266652.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266805315100002 Content-Type: text/plain; charset="utf-8" Probing stats and block copy to a FD passed image is not yet supported. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/qemu/qemu_driver.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index e86ebd8330..218704c0ad 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -10499,6 +10499,13 @@ qemuDomainBlockPeek(virDomainPtr dom, goto cleanup; } + if (virStorageSourceIsFD(disk->src)) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", + _("peeking is not supported for FD passed images")); + goto cleanup; + + } + if (qemuDomainStorageFileInit(driver, vm, disk->src, NULL) < 0) goto cleanup; @@ -10858,6 +10865,12 @@ qemuDomainGetBlockInfo(virDomainPtr dom, goto endjob; } + if (virStorageSourceIsFD(disk->src)) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", + _("block info is not supported for FD passed disk i= mage")); + goto endjob; + } + /* for inactive domains we have to peek into the files */ if (!virDomainObjIsActive(vm)) { if ((qemuStorageLimitsRefresh(driver, cfg, vm, disk->src, false)) = < 0) @@ -14690,6 +14703,12 @@ qemuDomainBlockCopyCommon(virDomainObj *vm, if (!qemuDomainDiskBlockJobIsSupported(disk)) goto endjob; + if (virStorageSourceIsFD(mirror)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("copy to a FD passed disk source is not yet suppo= rted")); + goto endjob; + } + if (disk->device =3D=3D VIR_DOMAIN_DISK_DEVICE_LUN && virDomainDiskDefSourceLUNValidate(mirror) < 0) goto endjob; @@ -17943,6 +17962,9 @@ qemuDomainGetStatsOneBlockFallback(virQEMUDriver *d= river, if (virStorageSourceIsEmpty(src)) return 0; + if (virStorageSourceIsFD(src)) + return 0; + if (qemuStorageLimitsRefresh(driver, cfg, dom, src, true) <=3D 0) { virResetLastError(); return 0; --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266761; cv=none; d=zohomail.com; s=zohoarc; b=V6gVcJqD5qEx2K/b0QFEwNG+twx/RTJk/pFMMAR/MMEsIhkvqiJlFR3KCZd5gBrWd1/ZcAhzvgbZbWZ96fJVsR8FZUy3XYTpIZ9IZNf/+XyJlAn2DTDEwVrKVquLUINwx7AdU9bfhVytOKpI6skLxwzcjO0v/cY3ptvL1vLXkOA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266761; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=7FUwnt/VfNCClA8D6ClxpyBY9koTtZ8Hx75MhfM+YIc=; b=GXafAKug+k7ozZ8lMoXeUgfbHEmTTyPnJDilzfU8Uj9o+491cdp5vp02bmYaFDSyAnVq7sPW7w5xojCkX38fOhoGtg+XuA5MJ4BkwWijFdc3H/ihoWO+jD/F7SJz1olsbXE7tnlaQ+ZwXipjXTvydkrrI66208kBP62KyOpWEJ4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1673266761864540.2130005406123; Mon, 9 Jan 2023 04:19:21 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-248-EIcyPDYAPQGXnDSc9c7x1g-1; Mon, 09 Jan 2023 07:19:16 -0500 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 0106D85CCE1; Mon, 9 Jan 2023 12:19:14 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id E0A6B492C18; Mon, 9 Jan 2023 12:19:13 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id CD1E41947B9E; Mon, 9 Jan 2023 12:19:13 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id C64F01947BAD for ; Mon, 9 Jan 2023 12:19:12 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id AB13F40C1060; Mon, 9 Jan 2023 12:19:12 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1FD4E4014CE2 for ; Mon, 9 Jan 2023 12:19:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266760; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=7FUwnt/VfNCClA8D6ClxpyBY9koTtZ8Hx75MhfM+YIc=; b=N0MSXwiBxa3dlrrbEkKW9oaNd1VsVnhhRSwjtW8LF95SfMZLAHu60TOAh7eP2Iss67d7Yz uuKassdn3siI+I+fEa+1TxTv++P1WcpufioK8scIWu+7scw1VSfBq+A9c6Ra38v94bjHdW 6PpIS0Aoplm/N+2NtaGbZrACypOFKFs= X-MC-Unique: EIcyPDYAPQGXnDSc9c7x1g-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 15/17] qemu: cgroup: Don't setup cgroups for FD-passed images Date: Mon, 9 Jan 2023 13:18:53 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266763118100005 Content-Type: text/plain; charset="utf-8" Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/qemu/qemu_cgroup.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index 9cf2d6474a..aac7c70054 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -206,7 +206,9 @@ qemuSetupImageCgroupInternal(virDomainObj *vm, if (qemuSetupImagePathCgroup(vm, QEMU_DEV_VFIO, false) < 0) return -1; } else { - if (!src->path || !virStorageSourceIsLocalStorage(src)) { + if (!src->path || + !virStorageSourceIsLocalStorage(src) || + virStorageSourceIsFD(src)) { VIR_DEBUG("Not updating cgroups for disk path '%s', type: %s", NULLSTR(src->path), virStorageTypeToString(src->type= )); return 0; --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266814; cv=none; d=zohomail.com; s=zohoarc; b=INwEHLWc/xjRF8CEmaXieO23G6tV0NLWOoIvPbIWi0d9W7/Zo+NZTiwiH2EZrLdz9GP0+ui3SuVqK2JAUMCk1WFlFZ3xBmDPuRqsy10sC46UsNam6Dm83TYblKHj5PhtNFPnW2cS50nzipLsLBn1aHupK4b1rBUfvY3wQ1OBvik= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266814; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=TAHruvm4JKLElPfUfIUf7/LP1yUvRb35y/8bDQB4V5o=; b=CnjDFwfXWhGQjvI+NEx9fAZb5flVzu4j4tTZFMh+9s5QUIF9YysFhbfhv6bXXoyeRPpBEHUeSxSnHaeDY6W26wh0xBR52FwMN3uYmJ35JbgDYuD61ih0vlp75AtsHJh87OysxdGE2ZmktFzFVJsAvNtiZKbjmXVoeIdww6nrsB8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1673266814752408.3575928055866; Mon, 9 Jan 2023 04:20:14 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-245-NtninqNgN1CLTY9K1i1tCg-1; Mon, 09 Jan 2023 07:19:18 -0500 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3085D8030A0; Mon, 9 Jan 2023 12:19:15 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1C845C158BB; Mon, 9 Jan 2023 12:19:15 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 0C08F1947B97; Mon, 9 Jan 2023 12:19:15 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id B85D01947B9E for ; Mon, 9 Jan 2023 12:19:13 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id A4D974014CE2; Mon, 9 Jan 2023 12:19:13 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1C6A240C1141 for ; Mon, 9 Jan 2023 12:19:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266813; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=TAHruvm4JKLElPfUfIUf7/LP1yUvRb35y/8bDQB4V5o=; b=KSMwsCTTS9ZyvWkhcKDENVUsdzDjgzI3HqPYFnLdLXMPghcDQvB2RKnDB6p22K/RpqOB17 nYO7sWOb2GZlq7L1R8gYOvPxZ8cWd0JR+nYP7pS3mSVU5gkATXtqVnl9jsNKFwypIXhmWt /6EwKv00zL4G/qq+Ef+rhrCswkOqJiM= X-MC-Unique: NtninqNgN1CLTY9K1i1tCg-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 16/17] qemu: Enable support for FD passed disk sources Date: Mon, 9 Jan 2023 13:18:54 +0100 Message-Id: <9000af9469bf7568dd54f2068836b1d6fa857534.1673266652.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266815388100001 Content-Type: text/plain; charset="utf-8" Assert support for VIR_DOMAIN_DEF_FEATURE_DISK_FD in the qemu driver now that all code paths are adapted. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/qemu/qemu_domain.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 38883a57d8..b341f43b56 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -6002,7 +6002,8 @@ virDomainDefParserConfig virQEMUDriverDomainDefParser= Config =3D { VIR_DOMAIN_DEF_FEATURE_INDIVIDUAL_VCPUS | VIR_DOMAIN_DEF_FEATURE_USER_ALIAS | VIR_DOMAIN_DEF_FEATURE_FW_AUTOSELECT | - VIR_DOMAIN_DEF_FEATURE_NET_MODEL_STRING, + VIR_DOMAIN_DEF_FEATURE_NET_MODEL_STRING | + VIR_DOMAIN_DEF_FEATURE_DISK_FD, }; --=20 2.38.1 From nobody Sat May 18 11:26:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673266764; cv=none; d=zohomail.com; s=zohoarc; b=P1toTvYg4ok0J6TmsTI1lxbbJpvJwaEzQLUrEXgykWvXUPFY7ZPYCnkMzfHthsSp+Kkbw/UIvLvFy4DlYL3oS7VMPaB1FD/uaAiyx1eR/E+4dWAaqodVCRfXdNrcwdfMgVcLya872TwToxzk/Y6M8BAdHAdL+ZsBfhHPrRW4/CQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673266764; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Oazb/wh5GJOHapXBSUCh/av4ZIPi8KjokfJQFSbPWis=; b=gKBKtIQOX3uVodq3/kLIIivU1U9kJsvmxTurFe5Ze7WwsGIqqdAMgf2KsuqQ4fXH6KHJqOqhIaixWA2fxDHnMJkwurgQACNB+oKuQmglTaRT1DaLOTQ8mzXcB7UBMcKTFSF3oUFohvakWcG1gWLpu2HoX+5sf1wNP9LDzxmuEFs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1673266764746312.94461631194486; Mon, 9 Jan 2023 04:19:24 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-645-U17yL7UNOhm3aRlVjuIMiQ-1; Mon, 09 Jan 2023 07:19:20 -0500 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 75FC78030CC; Mon, 9 Jan 2023 12:19:16 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6206C175AD; Mon, 9 Jan 2023 12:19:16 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 4DF061947BB0; Mon, 9 Jan 2023 12:19:16 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id BB5081947B94 for ; Mon, 9 Jan 2023 12:19:14 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id AD0E040C115E; Mon, 9 Jan 2023 12:19:14 +0000 (UTC) Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1DEE34014CE2 for ; Mon, 9 Jan 2023 12:19:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673266762; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Oazb/wh5GJOHapXBSUCh/av4ZIPi8KjokfJQFSbPWis=; b=KsUb/1b50gSfpkv93/34AnKR0TgD+HVQRurYD9zbLmSxrhUD80Hd6vQG2MhEKffjn+D72M wT9on6L0YvgqOOA+NGWJusCfxisTcT73FEUmoBDPYSxnuoueum/2zxk9nse2AaFiurDAIt zuJbQ+9Cg71Dim7d1zJfonK4JOD2Qco= X-MC-Unique: U17yL7UNOhm3aRlVjuIMiQ-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 17/17] qemuxml2*test: Enable testing of disks with 'fdgroup' Date: Mon, 9 Jan 2023 13:18:55 +0100 Message-Id: <4db3e49d7bd391cbccafcb76ef92936916d7151f.1673266652.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673266765146100007 Content-Type: text/plain; charset="utf-8" Enable the qemuxml2xml variant and add output data for qemuxml2argvtest. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- .../disk-source-fd.x86_64-latest.args | 49 +++++++++++++++++ tests/qemuxml2argvtest.c | 4 ++ .../disk-source-fd.x86_64-latest.xml | 52 +++++++++++++++++++ tests/qemuxml2xmltest.c | 2 + 4 files changed, 107 insertions(+) create mode 100644 tests/qemuxml2argvdata/disk-source-fd.x86_64-latest.args create mode 100644 tests/qemuxml2xmloutdata/disk-source-fd.x86_64-latest.x= ml diff --git a/tests/qemuxml2argvdata/disk-source-fd.x86_64-latest.args b/tes= ts/qemuxml2argvdata/disk-source-fd.x86_64-latest.args new file mode 100644 index 0000000000..b4a81acfc7 --- /dev/null +++ b/tests/qemuxml2argvdata/disk-source-fd.x86_64-latest.args @@ -0,0 +1,49 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/tmp/lib/domain--1-QEMUGuest1 \ +USER=3Dtest \ +LOGNAME=3Dtest \ +XDG_DATA_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.local/share \ +XDG_CACHE_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.cache \ +XDG_CONFIG_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=3DQEMUGuest1,debug-threads=3Don \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/tm= p/lib/domain--1-QEMUGuest1/master-key.aes"}' \ +-machine pc,usb=3Doff,dump-guest-core=3Doff,memory-backend=3Dpc.ram \ +-accel tcg \ +-cpu qemu64 \ +-m 214 \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":224395264}'= \ +-overcommit mem-lock=3Doff \ +-smp 1,sockets=3D1,cores=3D1,threads=3D1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,fd=3D1729,server=3Don,wait=3Doff \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \ +-rtc base=3Dutc \ +-no-shutdown \ +-no-acpi \ +-boot strict=3Don \ +-device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0= x2"}' \ +-add-fd set=3D2,fd=3D700,opaque=3Dlibvirt-4-storage0 \ +-add-fd set=3D2,fd=3D705,opaque=3Dlibvirt-4-storage1 \ +-blockdev '{"driver":"file","filename":"/dev/fdset/2","node-name":"libvirt= -4-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-4-format","read-only":false,"driver":"qco= w2","file":"libvirt-4-storage"}' \ +-device '{"driver":"virtio-blk-pci","bus":"pci.0","addr":"0x2","drive":"li= bvirt-4-format","id":"virtio-disk4","bootindex":1}' \ +-add-fd set=3D0,fd=3D704,opaque=3Dlibvirt-1-storage0 \ +-add-fd set=3D1,fd=3D777,opaque=3Dlibvirt-2-storage0 \ +-add-fd set=3D1,fd=3D778,opaque=3Dlibvirt-2-storage1 \ +-blockdev '{"driver":"file","filename":"/var/lib/libvirt/images/rhel7.1484= 071876","node-name":"libvirt-3-storage","auto-read-only":true,"discard":"un= map"}' \ +-blockdev '{"node-name":"libvirt-3-format","read-only":true,"driver":"qcow= 2","file":"libvirt-3-storage","backing":null}' \ +-blockdev '{"driver":"file","filename":"/dev/fdset/1","node-name":"libvirt= -2-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-2-format","read-only":true,"driver":"qcow= 2","file":"libvirt-2-storage","backing":"libvirt-3-format"}' \ +-blockdev '{"driver":"file","filename":"/dev/fdset/0","node-name":"libvirt= -1-storage","read-only":false,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-1-format","read-only":false,"driver":"qco= w2","file":"libvirt-1-storage","backing":"libvirt-2-format"}' \ +-device '{"driver":"virtio-blk-pci","bus":"pci.0","addr":"0x3","drive":"li= bvirt-1-format","id":"virtio-disk5"}' \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","add= r":"0x4"}' \ +-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,resource= control=3Ddeny \ +-msg timestamp=3Don diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index b4b60a0130..6e027cf0bb 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1344,6 +1344,10 @@ mymain(void) DO_TEST_CAPS_LATEST_PARSE_ERROR("disk-scsi-incompatible-address"); DO_TEST_CAPS_LATEST("disk-backing-chains-index"); DO_TEST_CAPS_LATEST("disk-backing-chains-noindex"); + DO_TEST_CAPS_ARCH_LATEST_FULL("disk-source-fd", "x86_64", + ARG_FD_GROUP, "testgroup2", 2, 700, 705, + ARG_FD_GROUP, "testgroup5", 1, 704, + ARG_FD_GROUP, "testgroup6", 2, 777, 778); DO_TEST_CAPS_LATEST("disk-slices"); DO_TEST_CAPS_LATEST("disk-rotation"); diff --git a/tests/qemuxml2xmloutdata/disk-source-fd.x86_64-latest.xml b/te= sts/qemuxml2xmloutdata/disk-source-fd.x86_64-latest.xml new file mode 100644 index 0000000000..9ab5e9443f --- /dev/null +++ b/tests/qemuxml2xmloutdata/disk-source-fd.x86_64-latest.xml @@ -0,0 +1,52 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219136 + 219136 + 1 + + hvm + + + + qemu64 + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + +
+ + + + + + + + + + + + + + +
+ + +
+ + + + +