From nobody Tue Oct 28 08:17:00 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1760974946; cv=none; d=zohomail.com; s=zohoarc; b=QIuRuFftW3sigUU0soqRcRfbIxPQX8lGT+Wa1WptBGVT98j7YruOk3oB+9+8obVGHy7sjbDhGE8s7mI9UhwZ9/0Iaa3m5SBCbxQcHeqq5SDkrYLCCXy21jm8QX3t5KMmin8B23hRnSlu7J6imCKdeNJFG7f8mMdLxoZI6iNuBK8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1760974946; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Subject:Subject:To:To:Message-Id:Reply-To; bh=RBRrwd010dDIPMZ+G5JIwlLg9FK8tL7mFJeEOxmScPI=; b=J3+iOrHAJGRL1F3FCWip0jN/pkJvspww4ZWt6S0qxFUEWgY5X+lrqioz5hAvyv8MmuG7AuBE27xUE/AwUruaXL/henINpiap8aL5DWD/QHPEVSpjDzop4Mh0zXkShhj4E8KzcwrLEbxS0Yu5pVrGM9pQFiAwb1Vb43AAJJq7PRI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1760974946030489.72649077572487; Mon, 20 Oct 2025 08:42:26 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 1E7863F86A; Mon, 20 Oct 2025 11:42:23 -0400 (EDT) Received: from [172.19.199.20] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 557A143E16; Mon, 20 Oct 2025 11:41:08 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 993) id CAE713F326; Mon, 20 Oct 2025 11:41:00 -0400 (EDT) Received: from mail-oo1-f52.google.com (mail-oo1-f52.google.com [209.85.161.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id EF0B93F342 for ; Mon, 20 Oct 2025 11:40:59 -0400 (EDT) Received: by mail-oo1-f52.google.com with SMTP id 006d021491bc7-651c646b857so2194518eaf.0 for ; Mon, 20 Oct 2025 08:40:59 -0700 (PDT) Received: from home ([2603:8081:c640:1::1003]) by smtp.gmail.com with ESMTPSA id 5614622812f47-443dd002e30sm1925501b6e.11.2025.10.20.08.40.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 20 Oct 2025 08:40:56 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1760974859; x=1761579659; darn=lists.libvirt.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=RBRrwd010dDIPMZ+G5JIwlLg9FK8tL7mFJeEOxmScPI=; b=Mp8ek3DbhKRi3LheTvm71mxj3WsZ3CIRu1Kg+NSAJgvdt6soE/aSsklVHX1w7Wiz4H wIt/mFzSnO3RHX4KsdNqdJnZp63/xO6FvQYk9eGd7UdlDfrdw8Z0noolupeQMp0huZl/ 9bzDER8TSmCJ6fr6SbtxdDoViBHr6fTlnpD8+IYGE0CxXFLrlXM8YcIisoJxvqqm+w3Z nR6RKIJlntk3J5M3CXSxg1/pD7WBA4chOlNWpAG8LaDkln6kZesipSUbe0E3QL3rg0fs EjVL5NzsN04vN2koh5Ac1C8meGq848zb83nBx9I5ciA+OYQ6heGAPMlBz70W+oZeMvf6 szoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1760974859; x=1761579659; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=RBRrwd010dDIPMZ+G5JIwlLg9FK8tL7mFJeEOxmScPI=; b=FnDP7ZaGUllOFmVT79TwC8wIk/f++P0c0vskpI+29iEPnVrvomwwQi8t9A7h3p0XP1 7HBAbdeZqSTy6hUdAH1Z7c0FFrygQ76glETrjFhFQfrISU4LkBlRSM1dW49keCUO25rv 3Oq9S+uZ/VM2WtOO3Ht2PRo+sF3ZFPgYemcshPnHs8oOz1661eduTXC3bxmkePIjm2+n mBWt7BsbYcK1AERbS5ULAS1HhS6Wu1e4mHEt3ilamneIfvxvEFcKaa2pJf7whBkZSh5D ZUccsSWiicZ2FW2PbLGAXb7D33DpnyJU9YGOMuo8fMyinxlvsX5dWUJcfmZc7VPdqcK8 Xuhg== X-Gm-Message-State: AOJu0YzlPqmOgBwvPz3nr//CdOODQ1gGM2PZZsIzTkx4DM8PLKstOyJo x5ifTPIHyiPY7N099CQkaySKbeztEEPlNLrcwP3bpXNB+4Qd+CHdHeS3A+/C+6h0 X-Gm-Gg: ASbGncva2LuU++Qb4/kqUwThN6VjIWKv0tJ3DfCurHempQi0G4qkpmAs9aHt8v68JPy AKsFGXyavh5FS9G8BKEjZEuVgu2hCfQKTNjNew6PzBiEZjg6cBF+bIdcb5MLvlDAMEGuy/UtOe/ 4KZg+Mwju/YAOOwiqjKZDTd9TCd8YSGs5wC7dJD/HhsV9mz4QbM8vGKjNWnR0B/OAmpO0e4spUR n0EnLZHm2SgjUguIIxrGjT22fgjHzfAqg9q84BuaRJDuRNkR3+T6pzr9XAtHMnWt2xVw8BYkBmT JHkxHGIg0+of0drCt+swn0+4pIshWmzDBfV4BOwTl+rsUOvm2Jx+WOuxKGp5hY/tkZurk7AH31S vDTtU+8MtNpSdIpfCiCqqXuYxbwsiaiZJa6tdC9E3FNaJ9bElHsqnejdOAQ== X-Google-Smtp-Source: AGHT+IGWWQbdZ0hmMoluvx6eZuEHfG9M0rFf7NttOBL4B7rwjQcwgTV2iJjU+5XTA/jd4AH6pRThGw== X-Received: by 2002:a05:6808:8953:b0:437:f364:8361 with SMTP id 5614622812f47-443a2ed6f74mr5935614b6e.11.1760974858913; Mon, 20 Oct 2025 08:40:58 -0700 (PDT) From: Praveen K Paladugu To: devel@lists.libvirt.org Subject: [PATCH v2] qemu: Drop /dev/kvm from default device ACL Date: Mon, 20 Oct 2025 10:40:50 -0500 Message-ID: <20251020154050.27667-1-praveenkpaladugu@gmail.com> X-Mailer: git-send-email 2.51.0 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-ID-Hash: 6DY55UORE3NYSVBEVEUJPVFUSSJI76WX X-Message-ID-Hash: 6DY55UORE3NYSVBEVEUJPVFUSSJI76WX X-MailFrom: praveenkpaladugu@gmail.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: liuwe@microsoft.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: pass (identity @gmail.com) X-ZM-MESSAGEID: 1760974946562158500 Content-Type: text/plain; charset="utf-8" From: Praveen K Paladugu A domain that runs with TCG emulation does not need kvm device, so drop it from default device ACL. Dynamically grant access to /dev/kvm based on domain type. Signed-off-by: Praveen K Paladugu --- src/qemu/qemu.conf.in | 3 +-- src/qemu/qemu_cgroup.c | 9 +++++++-- src/qemu/qemu_domain.h | 1 + src/qemu/qemu_namespace.c | 9 +++++++-- src/qemu/test_libvirtd_qemu.aug.in | 3 +-- 5 files changed, 17 insertions(+), 8 deletions(-) diff --git a/src/qemu/qemu.conf.in b/src/qemu/qemu.conf.in index fc91ba8f08..0a8abd9544 100644 --- a/src/qemu/qemu.conf.in +++ b/src/qemu/qemu.conf.in @@ -618,8 +618,7 @@ #cgroup_device_acl =3D [ # "/dev/null", "/dev/full", "/dev/zero", # "/dev/random", "/dev/urandom", -# "/dev/ptmx", "/dev/kvm", -# "/dev/userfaultfd" +# "/dev/ptmx", "/dev/userfaultfd" #] # # RDMA migration requires the following extra files to be added to the lis= t: diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index f10976c2b0..100604fae5 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -41,8 +41,7 @@ VIR_LOG_INIT("qemu.qemu_cgroup"); const char *const defaultDeviceACL[] =3D { "/dev/null", "/dev/full", "/dev/zero", "/dev/random", "/dev/urandom", - "/dev/ptmx", "/dev/kvm", - "/dev/userfaultfd", + "/dev/ptmx", "/dev/userfaultfd", NULL, }; #define DEVICE_PTY_MAJOR 136 @@ -86,6 +85,12 @@ qemuCgroupAllowDevicesPaths(virDomainObj *vm, if (qemuCgroupAllowDevicePath(vm, deviceACL[i], perms, ignoreEacce= s) < 0) return -1; } + if (vm->def->virtType =3D=3D VIR_DOMAIN_VIRT_KVM) { + /* KVM requires access to /dev/kvm */ + if (qemuCgroupAllowDevicePath(vm, QEMU_DEV_KVM, VIR_CGROUP_DEVICE_= RW, + ignoreEacces) < 0) + return -1; + } =20 return 0; } diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index f4945f598a..fe4ba4fa15 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -89,6 +89,7 @@ struct _qemuDomainUnpluggingDevice { #define QEMU_DEV_SGX_PROVISION "/dev/sgx_provision" #define QEMU_DEVICE_MAPPER_CONTROL_PATH "/dev/mapper/control" #define QEMU_DEV_UDMABUF "/dev/udmabuf" +#define QEMU_DEV_KVM "/dev/kvm" =20 =20 #define QEMU_DOMAIN_AES_IV_LEN 16 /* 16 bytes for 128 bit random */ diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c index f72da83929..ca12fcf587 100644 --- a/src/qemu/qemu_namespace.c +++ b/src/qemu/qemu_namespace.c @@ -210,13 +210,18 @@ qemuDomainGetPreservedMounts(virQEMUDriverConfig *cfg, =20 static int qemuDomainPopulateDevices(virQEMUDriverConfig *cfg, + virDomainObj *vm, GSList **paths) { const char *const *devices =3D (const char *const *) cfg->cgroupDevice= ACL; size_t i; =20 - if (!devices) + if (!devices) { devices =3D defaultDeviceACL; + if (vm->def->virtType =3D=3D VIR_DOMAIN_VIRT_KVM) { + *paths =3D g_slist_prepend(*paths, g_strdup(QEMU_DEV_KVM)); + } + } =20 for (i =3D 0; devices[i]; i++) { *paths =3D g_slist_prepend(*paths, g_strdup(devices[i])); @@ -694,7 +699,7 @@ qemuDomainBuildNamespace(virQEMUDriverConfig *cfg, return 0; } =20 - if (qemuDomainPopulateDevices(cfg, &paths) < 0) + if (qemuDomainPopulateDevices(cfg, vm, &paths) < 0) return -1; =20 if (qemuDomainSetupAllDisks(vm, &paths) < 0) diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qe= mu.aug.in index 90012b3f52..82cfec3b4b 100644 --- a/src/qemu/test_libvirtd_qemu.aug.in +++ b/src/qemu/test_libvirtd_qemu.aug.in @@ -76,8 +76,7 @@ module Test_libvirtd_qemu =3D { "4" =3D "/dev/random" } { "5" =3D "/dev/urandom" } { "6" =3D "/dev/ptmx" } - { "7" =3D "/dev/kvm" } - { "8" =3D "/dev/userfaultfd" } + { "7" =3D "/dev/userfaultfd" } } { "save_image_format" =3D "raw" } { "dump_image_format" =3D "raw" } --=20 2.51.0