From nobody Tue Feb 10 04:15:59 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 207.211.31.81 as permitted sender) client-ip=207.211.31.81;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1582624558; cv=none;
	d=zohomail.com; s=zohoarc;
	b=i5Y7EpK2LiJBRaE1ldYsqgAvryQTyDyTlU3/Adu4/+oh89xCqrav59AHff+rJrgGqwb7Cczd3obbzjXVA+mDpdSx7hI+7aX1tvUpiA+NAN3jjoHk0e7weQlk+O8uq09lfb/4Qfrq8o8NcieqkEeMujKzqH6hL0MkQ66LRUp+f5s=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1582624558;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=8axCXoUIbIJkjQOIQT3F7WgpHzGzI5nzGHgs4bluQI4=;
	b=BbluB4fcAOYpTNnw5rwJW0zlg8ZKvgc0joLqpmrkKZOCD07u+b16bI9ofFHzRYzgFfHjbLyl9Ai/OPoxOqU2RWSRuDEkfbVcSvgPFz+9QFAqrFB79aHTBmYkxd+WDuayqYW0833wyPRsvuxwJ7TjPp8PXtQ8fU+7VqF9eja02AI=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<marcandre.lureau@redhat.com> (p=none dis=none)
 header.from=<marcandre.lureau@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com
 [207.211.31.81]) by mx.zohomail.com
	with SMTPS id 1582624558074718.403607731924;
 Tue, 25 Feb 2020 01:55:58 -0800 (PST)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-401-6vXUKhQrNHSri8rKPcI_Cw-1; Tue, 25 Feb 2020 04:55:54 -0500
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
 [10.5.11.11])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id D42B4DBA8;
	Tue, 25 Feb 2020 09:55:48 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id A80C18C069;
	Tue, 25 Feb 2020 09:55:48 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 65530860DC;
	Tue, 25 Feb 2020 09:55:48 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
	[10.5.11.14])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 01P9tlYT027948 for <libvir-list@listman.util.phx.redhat.com>;
	Tue, 25 Feb 2020 04:55:47 -0500
Received: by smtp.corp.redhat.com (Postfix)
	id 61ACA5DA7E; Tue, 25 Feb 2020 09:55:47 +0000 (UTC)
Received: from localhost (unknown [10.48.0.127])
	by smtp.corp.redhat.com (Postfix) with ESMTP id E3B135DA76;
	Tue, 25 Feb 2020 09:55:39 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1582624556;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=8axCXoUIbIJkjQOIQT3F7WgpHzGzI5nzGHgs4bluQI4=;
	b=eMjadoTzFSGXOaHrDVelGA/1Iyj759yB3rddbSc+CrCUB5nbnz5DmsSjX8pSrxjbSUwID3
	g9zupk+Yk3KrZCe04pdV/wVDQRB+iIbJxijn76cAaFP+lcxuB8PnEztGax1bKB1dCARcxN
	Jq+TZzdG3d4gGMnQ4qIlB9nB0cvZw64=
X-MC-Unique: 6vXUKhQrNHSri8rKPcI_Cw-1
From: marcandre.lureau@redhat.com
To: libvir-list@redhat.com
Subject: [libvirt PATCH v2 4/9] qemu: add a DBus daemon helper unit
Date: Tue, 25 Feb 2020 10:55:08 +0100
Message-Id: <20200225095513.969053-5-marcandre.lureau@redhat.com>
In-Reply-To: <20200225095513.969053-1-marcandre.lureau@redhat.com>
References: <20200225095513.969053-1-marcandre.lureau@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-loop: libvir-list@redhat.com
Cc: =?UTF-8?q?Michal=20Pr=C3=ADvozn=C3=ADk?= <mprivozn@redhat.com>,
	=?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"

From: Marc-Andr=C3=A9 Lureau <marcandre.lureau@redhat.com>

Add a unit to start & stop a private dbus-daemon.

The daemon is meant to be started on demand, and associated with a
QEMU process. It should be stopped when the QEMU process is stopped.

The current policy is permissive like a session bus. Stricter
policies can be added later, following recommendations from:
https://git.qemu.org/?p=3Dqemu.git;a=3Dblob;f=3Ddocs/interop/dbus.rst

Signed-off-by: Marc-Andr=C3=A9 Lureau <marcandre.lureau@redhat.com>
---
 po/POTFILES.in           |   1 +
 src/qemu/Makefile.inc.am |   2 +
 src/qemu/qemu_dbus.c     | 282 +++++++++++++++++++++++++++++++++++++++
 src/qemu/qemu_dbus.h     |  33 +++++
 src/qemu/qemu_domain.h   |   2 +
 5 files changed, 320 insertions(+)
 create mode 100644 src/qemu/qemu_dbus.c
 create mode 100644 src/qemu/qemu_dbus.h

diff --git a/po/POTFILES.in b/po/POTFILES.in
index 2d54623dc7..fe361204bb 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -150,6 +150,7 @@
 @SRCDIR@/src/qemu/qemu_checkpoint.c
 @SRCDIR@/src/qemu/qemu_command.c
 @SRCDIR@/src/qemu/qemu_conf.c
+@SRCDIR@/src/qemu/qemu_dbus.c
 @SRCDIR@/src/qemu/qemu_domain.c
 @SRCDIR@/src/qemu/qemu_domain_address.c
 @SRCDIR@/src/qemu/qemu_driver.c
diff --git a/src/qemu/Makefile.inc.am b/src/qemu/Makefile.inc.am
index 2b8517ecff..94a333f855 100644
--- a/src/qemu/Makefile.inc.am
+++ b/src/qemu/Makefile.inc.am
@@ -13,6 +13,8 @@ QEMU_DRIVER_SOURCES =3D \
 	qemu/qemu_capabilities.h \
 	qemu/qemu_command.c \
 	qemu/qemu_command.h \
+	qemu/qemu_dbus.c \
+	qemu/qemu_dbus.h \
 	qemu/qemu_domain.c \
 	qemu/qemu_domain.h \
 	qemu/qemu_domain_address.c \
diff --git a/src/qemu/qemu_dbus.c b/src/qemu/qemu_dbus.c
new file mode 100644
index 0000000000..383efa0209
--- /dev/null
+++ b/src/qemu/qemu_dbus.c
@@ -0,0 +1,282 @@
+/*
+ * qemu_dbus.c: QEMU dbus daemon
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library.  If not, see
+ * <http://www.gnu.org/licenses/>.
+ */
+
+#include <config.h>
+
+#include "qemu_extdevice.h"
+#include "qemu_dbus.h"
+#include "qemu_security.h"
+
+#include "viralloc.h"
+#include "virlog.h"
+#include "virstring.h"
+#include "virtime.h"
+#include "virpidfile.h"
+
+#define VIR_FROM_THIS VIR_FROM_NONE
+
+VIR_LOG_INIT("qemu.dbus");
+
+
+int
+qemuDBusPrepareHost(virQEMUDriverPtr driver)
+{
+    g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver);
+
+    return virDirCreate(cfg->dbusStateDir, 0770, cfg->user, cfg->group,
+                        VIR_DIR_CREATE_ALLOW_EXIST);
+}
+
+
+static char *
+qemuDBusCreatePidFilename(virQEMUDriverConfigPtr cfg,
+                          const char *shortName)
+{
+    g_autofree char *name =3D g_strdup_printf("%s-dbus", shortName);
+
+    return virPidFileBuildPath(cfg->dbusStateDir, name);
+}
+
+
+static char *
+qemuDBusCreateFilename(const char *stateDir,
+                       const char *shortName,
+                       const char *ext)
+{
+    g_autofree char *name =3D g_strdup_printf("%s-dbus", shortName);
+
+    return virFileBuildPath(stateDir, name,  ext);
+}
+
+
+static char *
+qemuDBusCreateSocketPath(virQEMUDriverConfigPtr cfg,
+                         const char *shortName)
+{
+    return qemuDBusCreateFilename(cfg->dbusStateDir, shortName, ".sock");
+}
+
+
+static char *
+qemuDBusCreateConfPath(virQEMUDriverConfigPtr cfg,
+                       const char *shortName)
+{
+    return qemuDBusCreateFilename(cfg->dbusStateDir, shortName, ".conf");
+}
+
+
+char *
+qemuDBusGetAddress(virQEMUDriverPtr driver,
+                   virDomainObjPtr vm)
+{
+    g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver);
+    g_autofree char *shortName =3D virDomainDefGetShortName(vm->def);
+    g_autofree char *path =3D NULL;
+
+    if (!shortName)
+        return NULL;
+
+    path =3D qemuDBusCreateSocketPath(cfg, shortName);
+
+    return g_strdup_printf("unix:path=3D%s", path);
+}
+
+
+static int
+qemuDBusWriteConfig(const char *filename, const char *path)
+{
+    virBuffer buf =3D VIR_BUFFER_INITIALIZER;
+    g_autofree char *config =3D NULL;
+
+    virBufferAddLit(&buf, "<!DOCTYPE busconfig PUBLIC \"-//freedesktop//DT=
D D-Bus Bus Configuration 1.0//EN\"\n");
+    virBufferAddLit(&buf, "  \"http://www.freedesktop.org/standards/dbus/1=
.0/busconfig.dtd\">\n");
+    virBufferAddLit(&buf, "<busconfig>\n");
+    virBufferAdjustIndent(&buf, 2);
+
+    virBufferAddLit(&buf, "<type>org.libvirt.qemu</type>\n");
+    virBufferAsprintf(&buf, "<listen>unix:path=3D%s</listen>\n", path);
+    virBufferAddLit(&buf, "<auth>EXTERNAL</auth>\n");
+
+    virBufferAddLit(&buf, "<policy context=3D'default'>\n");
+    virBufferAdjustIndent(&buf, 2);
+    virBufferAddLit(&buf, "<!-- Allow everything to be sent -->\n");
+    virBufferAddLit(&buf, "<allow send_destination=3D'*' eavesdrop=3D'true=
'/>\n");
+    virBufferAddLit(&buf, "<!-- Allow everything to be received -->\n");
+    virBufferAddLit(&buf, "<allow eavesdrop=3D'true'/>\n");
+    virBufferAddLit(&buf, "<!-- Allow anyone to own anything -->\n");
+    virBufferAddLit(&buf, "<allow own=3D'*'/>\n");
+    virBufferAdjustIndent(&buf, -2);
+    virBufferAddLit(&buf, "</policy>\n");
+
+    virBufferAddLit(&buf, "<include if_selinux_enabled=3D'yes' selinux_roo=
t_relative=3D'yes'>contexts/dbus_contexts</include>\n");
+
+    virBufferAdjustIndent(&buf, -2);
+    virBufferAddLit(&buf, "</busconfig>\n");
+
+    config =3D virBufferContentAndReset(&buf);
+
+    return virFileWriteStr(filename, config, 0600);
+}
+
+
+void
+qemuDBusStop(virQEMUDriverPtr driver,
+             virDomainObjPtr vm)
+{
+    g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver);
+    qemuDomainObjPrivatePtr priv =3D vm->privateData;
+    g_autofree char *shortName =3D NULL;
+    g_autofree char *pidfile =3D NULL;
+    g_autofree char *configfile =3D NULL;
+
+    if (!(shortName =3D virDomainDefGetShortName(vm->def)))
+        return;
+
+    pidfile =3D qemuDBusCreatePidFilename(cfg, shortName);
+    configfile =3D qemuDBusCreateConfPath(cfg, shortName);
+
+    if (virPidFileForceCleanupPath(pidfile) < 0) {
+        VIR_WARN("Unable to kill dbus-daemon process");
+    } else {
+        if (unlink(configfile) < 0 &&
+            errno !=3D ENOENT) {
+            virReportSystemError(errno,
+                                 _("Unable to remove stale configfile %s"),
+                                 pidfile);
+
+        }
+        priv->dbusDaemonRunning =3D false;
+    }
+}
+
+
+int
+qemuDBusStart(virQEMUDriverPtr driver,
+              virDomainObjPtr vm)
+{
+    g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver);
+    qemuDomainObjPrivatePtr priv =3D vm->privateData;
+    g_autoptr(virCommand) cmd =3D NULL;
+    g_autofree char *shortName =3D NULL;
+    g_autofree char *pidfile =3D NULL;
+    g_autofree char *configfile =3D NULL;
+    g_autofree char *sockpath =3D NULL;
+    virTimeBackOffVar timebackoff;
+    const unsigned long long timeout =3D 500 * 1000; /* ms */
+    VIR_AUTOCLOSE errfd =3D -1;
+    int cmdret =3D 0;
+    int exitstatus =3D 0;
+    pid_t cpid =3D -1;
+    int ret =3D -1;
+
+    if (!virFileIsExecutable(cfg->dbusDaemonName)) {
+        virReportSystemError(errno,
+                             _("'%s' is not a suitable dbus-daemon"),
+                             cfg->dbusDaemonName);
+        return -1;
+    }
+
+    if (!(shortName =3D virDomainDefGetShortName(vm->def)))
+        return -1;
+
+    pidfile =3D qemuDBusCreatePidFilename(cfg, shortName);
+    configfile =3D qemuDBusCreateConfPath(cfg, shortName);
+    sockpath =3D qemuDBusCreateSocketPath(cfg, shortName);
+
+    if (qemuDBusWriteConfig(configfile, sockpath) < 0) {
+        virReportSystemError(errno, _("Failed to write '%s'"), configfile);
+        return -1;
+    }
+
+    if (qemuSecurityDomainSetPathLabel(driver, vm, configfile, false) < 0)
+        goto cleanup;
+
+    cmd =3D virCommandNew(cfg->dbusDaemonName);
+    virCommandClearCaps(cmd);
+    virCommandSetPidFile(cmd, pidfile);
+    virCommandSetErrorFD(cmd, &errfd);
+    virCommandDaemonize(cmd);
+    virCommandAddArgFormat(cmd, "--config-file=3D%s", configfile);
+
+    if (qemuSecurityCommandRun(driver, vm, cmd, -1, -1,
+                               &exitstatus, &cmdret) < 0)
+        goto cleanup;
+
+    if (cmdret < 0 || exitstatus !=3D 0) {
+        virReportError(VIR_ERR_INTERNAL_ERROR,
+                       _("Could not start dbus-daemon. exitstatus: %d"), e=
xitstatus);
+        goto cleanup;
+    }
+
+    if (virPidFileReadPath(pidfile, &cpid) < 0) {
+        virReportError(VIR_ERR_INTERNAL_ERROR,
+                       _("dbus-daemon %s didn't show up"),
+                       cfg->dbusDaemonName);
+        goto cleanup;
+    }
+
+    if (virTimeBackOffStart(&timebackoff, 1, timeout) < 0)
+        goto cleanup;
+    while (virTimeBackOffWait(&timebackoff)) {
+        char errbuf[1024] =3D { 0 };
+
+        if (virFileExists(sockpath))
+            break;
+
+        if (virProcessKill(cpid, 0) =3D=3D 0)
+            continue;
+
+        if (saferead(errfd, errbuf, sizeof(errbuf) - 1) < 0) {
+            virReportSystemError(errno,
+                                 _("dbus-daemon %s died unexpectedly"),
+                                 cfg->dbusDaemonName);
+        } else {
+            virReportError(VIR_ERR_OPERATION_FAILED,
+                           _("dbus-daemon died and reported: %s"), errbuf);
+        }
+
+        goto cleanup;
+    }
+
+    if (!virFileExists(sockpath)) {
+        virReportError(VIR_ERR_OPERATION_TIMEOUT,
+                       _("DBus daemon %s didn't show up"),
+                       cfg->dbusDaemonName);
+        goto cleanup;
+    }
+
+    if (priv->cgroup &&
+        virCgroupAddProcess(priv->cgroup, cpid) < 0)
+        goto cleanup;
+
+    if (qemuSecurityDomainSetPathLabel(driver, vm, sockpath, false) < 0)
+        goto cleanup;
+
+    priv->dbusDaemonRunning =3D true;
+    ret =3D 0;
+ cleanup:
+    if (ret < 0) {
+        virCommandAbort(cmd);
+        if (cpid >=3D 0)
+            virProcessKillPainfully(cpid, true);
+        unlink(pidfile);
+        unlink(configfile);
+        unlink(sockpath);
+    }
+    return ret;
+}
diff --git a/src/qemu/qemu_dbus.h b/src/qemu/qemu_dbus.h
new file mode 100644
index 0000000000..d6cb1bc84a
--- /dev/null
+++ b/src/qemu/qemu_dbus.h
@@ -0,0 +1,33 @@
+/*
+ * qemu_dbus.h: QEMU dbus daemon
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library.  If not, see
+ * <http://www.gnu.org/licenses/>.
+ */
+
+#pragma once
+
+#include "qemu_conf.h"
+#include "qemu_domain.h"
+
+int qemuDBusPrepareHost(virQEMUDriverPtr driver);
+
+char *qemuDBusGetAddress(virQEMUDriverPtr driver,
+                         virDomainObjPtr vm);
+
+int qemuDBusStart(virQEMUDriverPtr driver,
+                  virDomainObjPtr vm);
+
+void qemuDBusStop(virQEMUDriverPtr driver,
+                  virDomainObjPtr vm);
diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index c4fd7ac302..97e52b7a81 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -417,6 +417,8 @@ struct _qemuDomainObjPrivate {
=20
     /* running backup job */
     virDomainBackupDefPtr backup;
+
+    bool dbusDaemonRunning;
 };
=20
 #define QEMU_DOMAIN_PRIVATE(vm) \
--=20
2.25.0.rc2.1.g09a9a1a997