From nobody Sun Feb  8 23:36:59 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1567171175; cv=none;
	d=zoho.com; s=zohoarc;
	b=dHZDpsgPF2O/7aPJDVF/aLcuv+U5RSB/lW7Ld1lSm1p7WeVF7k62oIs18MOdk7CUZ4x6OMupVHCKhvjcLn9k/Ai6eFxVjFKMn1qzi+LYMThy82kssXC5T1BW+IXSVN51o8oq3WsDKlZ6uA7Saih1F7exiG5+p1Y/ngxdjHcXhaQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1567171175;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=x/H3pLTOJ4KFuaSRhUFaG4oeLQDIg+6kC4F14gvXlBc=;
	b=FGYCN0/r1VmMxdmQxVDiNUake0M5MrIv0agWNzqSio8wJlY8J9MVsDtOwG76sRdKGlgt4bQ31E8MaSJMP+Tns1Jqz6eysmR4v11hLOIjdS7JhkwW/+c4JuS/E6SRWAHAQu5+hjZYBmsbhlBi8z8zaXJYS1YjkISik8wZCQDzodI=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1567171175861924.3245068196562;
 Fri, 30 Aug 2019 06:19:35 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com
 [10.5.11.23])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id A9373300413C;
	Fri, 30 Aug 2019 13:19:34 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 83DBC19D7A;
	Fri, 30 Aug 2019 13:19:34 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 477F8180221F;
	Fri, 30 Aug 2019 13:19:34 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x7UDJGMm020640 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 30 Aug 2019 09:19:16 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 25AEF5B681; Fri, 30 Aug 2019 13:19:16 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id A40365EE1D
	for <libvir-list@redhat.com>; Fri, 30 Aug 2019 13:19:15 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 30 Aug 2019 15:19:08 +0200
Message-Id: 
 <32223ef67ddd151271bf5cfeaf89138fe031544f.1567171015.git.mprivozn@redhat.com>
In-Reply-To: <cover.1567171015.git.mprivozn@redhat.com>
References: <cover.1567171015.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH for 5.7.0 3/3] qemu_blockjob: Restore seclabels
	more frequently on job events
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.46]);
 Fri, 30 Aug 2019 13:19:35 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

If a block job reaches failed/cancelled state, or is completed
without pivot then qemu no longer uses the mirror image. Since
we've set its seclabels we must restore them back to avoid
leaking perms/XATTRs.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=3D1741456

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/qemu/qemu_blockjob.c | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

diff --git a/src/qemu/qemu_blockjob.c b/src/qemu/qemu_blockjob.c
index 80302fb139..8411d8e223 100644
--- a/src/qemu/qemu_blockjob.c
+++ b/src/qemu/qemu_blockjob.c
@@ -656,6 +656,13 @@ qemuBlockJobEventProcessLegacyCompleted(virQEMUDriverP=
tr driver,
     } else {
         if (disk->mirror) {
             virDomainLockImageDetach(driver->lockManager, vm, disk->mirror=
);
+
+            /* QEMU no longer uses the image, so we can restore its label.=
 */
+            if (qemuSecurityRestoreImageLabel(driver, vm, disk->mirror, tr=
ue) < 0) {
+                VIR_WARN("Unable to restore security labels on vm %s disk =
%s",
+                         vm->def->name, NULLSTR(disk->mirror->path));
+            }
+
             virObjectUnref(disk->mirror);
         }
     }
@@ -725,6 +732,13 @@ qemuBlockJobEventProcessLegacy(virQEMUDriverPtr driver,
     case VIR_DOMAIN_BLOCK_JOB_CANCELED:
         if (disk->mirror) {
             virDomainLockImageDetach(driver->lockManager, vm, disk->mirror=
);
+
+            /* QEMU no longer uses the image, so we can restore its label.=
 */
+            if (qemuSecurityRestoreImageLabel(driver, vm, disk->mirror, tr=
ue) < 0) {
+                VIR_WARN("Unable to restore security labels on vm %s disk =
%s",
+                         vm->def->name, NULLSTR(disk->mirror->path));
+            }
+
             virObjectUnref(disk->mirror);
             disk->mirror =3D NULL;
         }
@@ -1124,7 +1138,8 @@ qemuBlockJobProcessEventConcludedCopyAbort(virQEMUDri=
verPtr driver,
=20
=20
 static void
-qemuBlockJobProcessEventFailedActiveCommit(virDomainObjPtr vm,
+qemuBlockJobProcessEventFailedActiveCommit(virQEMUDriverPtr driver,
+                                           virDomainObjPtr vm,
                                            qemuBlockJobDataPtr job)
 {
     VIR_DEBUG("active commit job '%s' on VM '%s' failed", job->name, vm->d=
ef->name);
@@ -1132,6 +1147,12 @@ qemuBlockJobProcessEventFailedActiveCommit(virDomain=
ObjPtr vm,
     if (!job->disk)
         return;
=20
+    /* QEMU no longer uses the image, so we can restore its label. */
+    if (qemuSecurityRestoreImageLabel(driver, vm, job->disk->mirror, true)=
 < 0) {
+        VIR_WARN("Unable to restore security labels on vm %s disk %s",
+                 vm->def->name, NULLSTR(job->disk->mirror->path));
+    }
+
     virObjectUnref(job->disk->mirror);
     job->disk->mirror =3D NULL;
 }
@@ -1227,7 +1248,7 @@ qemuBlockJobEventProcessConcludedTransition(qemuBlock=
JobDataPtr job,
             break;
=20
         case QEMU_BLOCKJOB_TYPE_ACTIVE_COMMIT:
-            qemuBlockJobProcessEventFailedActiveCommit(vm, job);
+            qemuBlockJobProcessEventFailedActiveCommit(driver, vm, job);
             break;
=20
         case QEMU_BLOCKJOB_TYPE_CREATE:
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list