From nobody Sun Feb  8 21:12:32 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.133.124 as permitted sender) client-ip=170.10.133.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1658155819; cv=none;
	d=zohomail.com; s=zohoarc;
	b=ObS/YDwJGm13O/ynNNQtKrc0xWKx0L+C6ibsfRjtsZDoqzhfjKnJaptBbhFLyCTab1hDzmK6o5BwDHEgNlXJnErfwkRzD4gYOKw5QltqGcpJ+ratk7E6xqIYyDcGKsoZ038ZqNqfPEOoWwUEdlf2w7/uwA+yb2fihfItkvUupPg=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1658155819;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=iKP5Zw8CU1UPDhbIEbcZ4xaKc81sqNvQIglu3klnecc=;
	b=mFGPTzgyB50CE48XS/LHUYoQS/2mHDmzOfGUbuVy3BiOP1uk2nkpIkbJ1vcob0odZZ/Hv1LtnjjbKTf2dsOL+MTIpT2nxN5iB8dHdYQZlhgwrDJUMU+CwnatYkyxnf1LysGuY29tVptDSsBV5IZUErEmAc91OQbIfp643HXrR/4=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com
	with SMTPS id 165815581991115.59379565385882;
 Mon, 18 Jul 2022 07:50:19 -0700 (PDT)
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-164--Qw2aZc8OaqY18dE21Rb5w-1; Mon, 18 Jul 2022 10:50:13 -0400
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com
 [10.11.54.2])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 4ED8E3C0D1B1;
	Mon, 18 Jul 2022 14:50:07 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (unknown [10.30.29.100])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 3B1E640E80E1;
	Mon, 18 Jul 2022 14:50:07 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (localhost [IPv6:::1])
	by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 0671B1923C87;
	Mon, 18 Jul 2022 14:50:06 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com
 [10.11.54.10])
 by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id D84DD1945D94 for <libvir-list@listman.corp.redhat.com>;
 Mon, 18 Jul 2022 14:50:04 +0000 (UTC)
Received: by smtp.corp.redhat.com (Postfix)
 id B2096492C3B; Mon, 18 Jul 2022 14:50:04 +0000 (UTC)
Received: from maggie.redhat.com (unknown [10.43.2.88])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 5D7BA401E7B
 for <libvir-list@redhat.com>; Mon, 18 Jul 2022 14:50:04 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1658155818;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=iKP5Zw8CU1UPDhbIEbcZ4xaKc81sqNvQIglu3klnecc=;
	b=PylLe9Ysym9EnGfd6LD2QhJx3X6Y45VxulwK+sw6anFa9X3M3+4O48+ybkfPHlJ/X8kSDt
	/ZVK4tJwLUjmR9yg8NQXIC8ydV6V7KmmFon8LsaevTWcnfpaCVbbMVJLp7LkQREDww+yZC
	oUVdGrhziv6qKeNqMEbw+II360sIL1w=
X-MC-Unique: -Qw2aZc8OaqY18dE21Rb5w-1
X-Original-To: libvir-list@listman.corp.redhat.com
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH 2/2] qemu_hotplug: Create chardev files before attempting to
 relabel them
Date: Mon, 18 Jul 2022 16:50:02 +0200
Message-Id: 
 <37d992ee496f3e63639d575d6530d24dc20e2ca1.1658155738.git.mprivozn@redhat.com>
In-Reply-To: <cover.1658155738.git.mprivozn@redhat.com>
References: <cover.1658155738.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <http://listman.redhat.com/archives/libvir-list/>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=subscribe>
Errors-To: libvir-list-bounces@redhat.com
Sender: "libvir-list" <libvir-list-bounces@redhat.com>
X-Scanned-By: MIMEDefang 2.84 on 10.11.54.2
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1658155821070100001
Content-Type: text/plain; charset="utf-8"; x-default="true"

When hotplugging a chardev, Libvirt opens corresponding
file/binds to a socket/does whatever necessary to obtain an FD
that is later passed to QEMU. However, due to wrong placement of
the function that does all of this
(qemuProcessPrepareHostBackendChardevHotplug()) it may happen
that a file is set seclabel on, only to be unlink()-ed and
created again (the former is done by
qemuSecuritySetChardevLabel(), the latter by aforementioned
function). The unlink()-ing is done for UNIX sockets with
mode=3D'bind' and happens inside qemuOpenChrChardevUNIXSocket().
However, these steps can be swapped simply.

Fixes: ad81aa8ad07e52c9bd4840de84d2ed59998b4d2a
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
---
 src/qemu/qemu_hotplug.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index fac893c80e..38a010423f 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -2115,6 +2115,9 @@ qemuDomainAttachChrDevice(virQEMUDriver *driver,
     if (qemuDomainAttachChrDeviceAssignAddr(vm, chr, &need_release) < 0)
         goto cleanup;
=20
+    if (qemuProcessPrepareHostBackendChardevHotplug(vm, dev) < 0)
+        goto cleanup;
+
     if (qemuDomainNamespaceSetupChardev(vm, chr, &teardowndevice) < 0)
         goto cleanup;
=20
@@ -2126,9 +2129,6 @@ qemuDomainAttachChrDevice(virQEMUDriver *driver,
         goto cleanup;
     teardowncgroup =3D true;
=20
-    if (qemuProcessPrepareHostBackendChardevHotplug(vm, dev) < 0)
-        goto cleanup;
-
     if (guestfwd) {
         if (!(netdevprops =3D qemuBuildChannelGuestfwdNetdevProps(chr)))
             goto cleanup;
--=20
2.35.1