From nobody Wed May  8 19:10:04 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 216.205.24.124 as permitted sender) client-ip=216.205.24.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1616776485; cv=none;
	d=zohomail.com; s=zohoarc;
	b=FiLJp6jllUScLTnZqHJpwbb8KNHmJx3ZsuCfvyegMDgyj+KgbwEIuiyT0WOVKZFyEZEhkG9t1vCwApvRdHZUXk5qGzHGkMCVRttDN1HtCTPS6Kn9/CBmfRW7yjIivlZUK+Ndasa5Fpq5ywsdZJ/0XP9idaTGlPwZVc/q36PTy0Q=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1616776485;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To;
	bh=9+2kXFLgKe36xkRtzXCPZjHMPra6bby+Y9vYr2GDAOs=;
	b=MTLL7CdV3E8ajiU90rOpv3CqWM3kiuixhoHcupnEJk0DBv9BkNL/bczLI36w7hRLP5KAKQqU+yXeuKBQaXQS9V07P6vzhxoLE6I/XA9RtGqANdsndkQ18vR2gxwUL47M9IzQO4rxYSvhDl6aOYyBJkt0ahmv5VU+DXq55RFqMh0=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<crobinso@redhat.com> (p=none dis=none)
 header.from=<crobinso@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com
	with SMTPS id 1616776485793472.62455771581926;
 Fri, 26 Mar 2021 09:34:45 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-389-br64AFaDOAGzvOQLOISRQg-1; Fri, 26 Mar 2021 12:34:42 -0400
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4344F80086;
	Fri, 26 Mar 2021 16:34:27 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id DDBCA5D6DC;
	Fri, 26 Mar 2021 16:34:26 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id CC0671809C83;
	Fri, 26 Mar 2021 16:34:25 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
	[10.5.11.14])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 12QGYOtY001133 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 26 Mar 2021 12:34:24 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id EFD9018E3E; Fri, 26 Mar 2021 16:34:23 +0000 (UTC)
Received: from worklaptop.home (ovpn-117-183.rdu2.redhat.com [10.10.117.183])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 636544EF67;
	Fri, 26 Mar 2021 16:34:23 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1616776484;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=9+2kXFLgKe36xkRtzXCPZjHMPra6bby+Y9vYr2GDAOs=;
	b=L9AV1v+U8z5NaDq9f6eBp6VYp4btJAP6mgirKlZrPNMCu7oBs4Sz9DPq6Jf/Z+VaszBBl4
	2pYEuVSxEooxzNiiHasUQSgWp7F5cvTNO1sgbyQ5Kj0VFlhGwRvSDqmnsrLPhD1rF9o2cg
	oUvpim01YwB9lFMhII+D8pRdKX93x9A=
X-MC-Unique: br64AFaDOAGzvOQLOISRQg-1
From: Cole Robinson <crobinso@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH] qemu: don't reject virtiofs for qemu:///session
Date: Fri, 26 Mar 2021 12:34:21 -0400
Message-Id: 
 <632ce101c4a83a61a80ddbecb64e48d8e8d9d87c.1616776100.git.crobinso@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-loop: libvir-list@redhat.com
Cc: Cole Robinson <crobinso@redhat.com>
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://listman.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"

Currently libvirt rejects attempts to use virtiofs with
qemu:///session. Indeed virtiofs does not have a chance of working
with typical session usage, because virtiofsd needs multiple linux
capabilities to perform its job. The only way to do this with out
of the box qemu packaging is to run virtiofsd as root, so libvirtd
must run as root, so qemu:///system is required.

But it's possible that a custom environment could setuid or set
file capabilities on the virtiofsd binary. In this case qemu:///session
would work fine. This may be an option for kubevirt to help them
transition to using qemu:///session everywhere

Drop the two pieces that block virtiofs for qemu:///session. Attempts
to use virtiofs for stock qemu:///session will fail at qemu startup,
though it's a bit opaque:

error: Failed to start domain 'f32'
error: internal error: qemu unexpectedly closed the monitor: 2021-03-26T16:=
26:12.459293Z qemu-system-x86_64: -device vhost-user-fs-pci,chardev=3Dchr-v=
u-fs0,tag=3D/foovirtiofs,bus=3Dpci.10,addr=3D0x0: Failed to write msg. Wrot=
e -1 instead of 12.
2021-03-26T16:26:12.459317Z qemu-system-x86_64: -device vhost-user-fs-pci,c=
hardev=3Dchr-vu-fs0,tag=3D/foovirtiofs,bus=3Dpci.10,addr=3D0x0: vhost_dev_i=
nit failed: Operation not permitted

Signed-off-by: Cole Robinson <crobinso@redhat.com>
---
The SetUID/SetGID bits don't seem to be necessary for qemu:///system
usage AFAICT, but it's a bit tough to decode virSetUIDGIDWithCaps.
virtiofsd is meticulous about managing its capability set though

 src/qemu/qemu_validate.c | 7 +------
 src/qemu/qemu_virtiofs.c | 4 ----
 2 files changed, 1 insertion(+), 10 deletions(-)

diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 6043f974ce..d4079f6b67 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -4053,7 +4053,7 @@ qemuValidateDomainDeviceDefGraphics(const virDomainGr=
aphicsDef *graphics,
 static int
 qemuValidateDomainDeviceDefFS(virDomainFSDefPtr fs,
                               const virDomainDef *def,
-                              virQEMUDriverPtr driver,
+                              virQEMUDriverPtr driver G_GNUC_UNUSED,
                               virQEMUCapsPtr qemuCaps)
 {
     if (fs->type !=3D VIR_DOMAIN_FS_TYPE_MOUNT) {
@@ -4107,11 +4107,6 @@ qemuValidateDomainDeviceDefFS(virDomainFSDefPtr fs,
                            _("virtiofs does not yet support read-only mode=
"));
             return -1;
         }
-        if (!driver->privileged) {
-            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                           _("virtiofs is not yet supported in session mod=
e"));
-            return -1;
-        }
         if (fs->accessmode !=3D VIR_DOMAIN_FS_ACCESSMODE_PASSTHROUGH) {
             virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
                            _("virtiofs only supports passthrough accessmod=
e"));
diff --git a/src/qemu/qemu_virtiofs.c b/src/qemu/qemu_virtiofs.c
index 2e239cad66..0bb4e3c0d1 100644
--- a/src/qemu/qemu_virtiofs.c
+++ b/src/qemu/qemu_virtiofs.c
@@ -214,10 +214,6 @@ qemuVirtioFSStart(virLogManagerPtr logManager,
     if (!(cmd =3D qemuVirtioFSBuildCommandLine(cfg, fs, &fd)))
         goto cleanup;
=20
-    /* so far only running as root is supported */
-    virCommandSetUID(cmd, 0);
-    virCommandSetGID(cmd, 0);
-
     virCommandSetPidFile(cmd, pidfile);
     virCommandSetOutputFD(cmd, &logfd);
     virCommandSetErrorFD(cmd, &logfd);
--=20
2.30.2