From nobody Tue Feb 10 07:40:26 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.129.124 as permitted sender) client-ip=170.10.129.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1671203058; cv=none;
	d=zohomail.com; s=zohoarc;
	b=n1z/NjKWgMv7ZF2stt7lU6RReUfbfATaxJQOxXDe4aGuJVRrsUbPp9i5GMYLl+6WVNz5rb7f4J+h5qLs/WGlENyT1XuBKwxtvzojeTBSLivxiaMDSERLjjlrD/5lDPNFJ8keEKE/a0qKuayJ5ch2n1yRQLVIjg5rzRKzvDIHrKw=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1671203058;
 h=Content-Type:Content-Transfer-Encoding:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To;
	bh=X2vhcyu8ZC6aR89gkMPwnNgjJIKpjidD4h/LoqHleHs=;
	b=aiD/xZFooGINezw7iBGXZ2kNk0mqn197vDA0NJNldcjwUbiLQlqd3nxNP+re7WJMu8cj6gIJcKyW3cSKPQ5ak73VQxvnJRj8xNF85I1G4u3MAuJMSycqNJgpGQNtJ53dSOb0i/+M5h4mcGls35mPINNrurC0xdV9U45GV2VqE9E=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com
	with SMTPS id 1671203058388945.9350326895334;
 Fri, 16 Dec 2022 07:04:18 -0800 (PST)
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-149-xaFQYi9rMuywgICCp9hxtg-1; Fri, 16 Dec 2022 10:04:13 -0500
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com
 [10.11.54.5])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 2BFC92801E4F;
	Fri, 16 Dec 2022 15:04:09 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (unknown [10.30.29.100])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 11FF753A0;
	Fri, 16 Dec 2022 15:04:07 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (localhost [IPv6:::1])
	by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id BA63A19465B2;
	Fri, 16 Dec 2022 15:04:06 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com
 [10.11.54.9])
 by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id BE7131946594 for <libvir-list@listman.corp.redhat.com>;
 Fri, 16 Dec 2022 15:04:05 +0000 (UTC)
Received: by smtp.corp.redhat.com (Postfix)
 id A1337492C18; Fri, 16 Dec 2022 15:04:05 +0000 (UTC)
Received: from maggie.redhat.com (unknown [10.43.2.39])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 483ED492C14
 for <libvir-list@redhat.com>; Fri, 16 Dec 2022 15:04:05 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1671203057;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=X2vhcyu8ZC6aR89gkMPwnNgjJIKpjidD4h/LoqHleHs=;
	b=GAbyldsL7J8vYg6ctjQzInrdMzTpixW0FegdnYGS2CA2Cew1vfeKWKTuwHzXEegjn2aDYW
	DpF3Ne9RfPUNmpQh26E7cF4NtqmtAZBhC/TrzAxmFoguTKx0/HTH7tb8tKq1J4vQapuxe5
	bd/zDSeII6PYmrDbJA5BYIR9IGDYqSQ=
X-MC-Unique: xaFQYi9rMuywgICCp9hxtg-1
X-Original-To: libvir-list@listman.corp.redhat.com
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH] qemu_namespace: Umount the original /dev before replacing it
 with tmpfs
Date: Fri, 16 Dec 2022 16:04:01 +0100
Message-Id: 
 <04e35f40cf9e26944d23001e2577bf813d63d756.1671203041.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <http://listman.redhat.com/archives/libvir-list/>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=subscribe>
Errors-To: libvir-list-bounces@redhat.com
Sender: "libvir-list" <libvir-list-bounces@redhat.com>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1671203059468100001
Content-Type: text/plain; charset="utf-8"; x-default="true"

Our code relies on mount events propagating into the namespace we
create for a domain. However, there's one caveat. In v8.8.0-rc1~8
I've tried to make us detect differences in mount tables between
the namespace in which libvirtd runs and the domain namespace.
This is crucial for any mounts that happen after the domain was
started (for instance new hugetlbfs can be mounted on say
/dev/hugepages1G).

Therefore, we take a look into /proc/$(pgrep qemu)/mounts to see
what filesystems are mounted under /dev. Now, since we don't
umount the original /dev, just mount a tmpfs over it, we get all
the events (e.g. aforementioned hugetlbfs mount on
/dev/hugepages1G), but we are not really able to access it
because of the tmpfs that's placed on top. This then confuses our
algorithm for detecting which filesystems are mounted (the
algorithm is implemented in qemuDomainGetPreservedMounts()).

To break the link between host's and guest's /dev we just need to
umount() the original /dev in the namespace. Just before our
artificially created tmpfs is moved into its place.

Fixes: 46b03819ae8d833b11c2aaccb2c2a0361727f51b
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=3D2151869#c6
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
---
 src/qemu/qemu_namespace.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c
index 90c0b90024..a6b9af1307 100644
--- a/src/qemu/qemu_namespace.c
+++ b/src/qemu/qemu_namespace.c
@@ -775,6 +775,11 @@ qemuDomainUnshareNamespace(virQEMUDriverConfig *cfg,
             goto cleanup;
     }
=20
+    if (umount("/dev") < 0) {
+        virReportSystemError(errno, "%s", _("failed to umount devfs on /de=
v"));
+        return -1;
+    }
+
     if (virFileMoveMount(devPath, "/dev") < 0)
         goto cleanup;
=20
--=20
2.37.4