From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411038; cv=none; d=zohomail.com; s=zohoarc; b=CJ+aN7h4UUaFV8CyknHAvDrZ054UnlJPxi0p79vdcX8W4BufbJGF4ln9vBlUKbX6eonDxV2Wd4Et7p6LuPcYSPlQ0NbyJjzPv/Ib8y46Dht8Pg0dAtYzzNG6sx+m5oYeT+0ybQXjWk4p/Iorwz/mN7wlAl0+Q3wNUS2rsmHHlpE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411038; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=/VhzEqzfScA/lDD1KAT9KVj9I3/RAuhL9HoNYUGKl0w=; b=nrLE0c9nztVX47gLgE/hq1xw6nR4B2KLas9wjVOtJZDVoHsituV+Futzbl3jFXjlu6LO2wC6rXkq0wzaLf6VKsMFff2HO/SirgNPj7tZ1ba7lvaUno1OjYKNl+VG5wfMcJzLJzeAz0N1bapBvbo3BWdcGLciymWK+H0ZgD7zhlo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 1595411038866141.37867817996016; Wed, 22 Jul 2020 02:43:58 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-297-Djs8CgI1PgSxTQlpeaezTg-1; Wed, 22 Jul 2020 05:43:54 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 6846B100CCC2; Wed, 22 Jul 2020 09:43:48 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 470E760C05; Wed, 22 Jul 2020 09:43:48 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 14FFB730EE; Wed, 22 Jul 2020 09:43:48 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9ea8J000812 for ; Wed, 22 Jul 2020 05:40:36 -0400 Received: by smtp.corp.redhat.com (Postfix) id 63DED2B6DB; Wed, 22 Jul 2020 09:40:36 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id D6A661A8F7 for ; Wed, 22 Jul 2020 09:40:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411037; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=/VhzEqzfScA/lDD1KAT9KVj9I3/RAuhL9HoNYUGKl0w=; b=Uk28USoMNcituRG9xLNj3TRp8xHNCzYtUP4zLHX0GJ91z2zz46PpHO+uMMtlWoQmOi2Lnh Rd5Op8ZPaMFuLA6DT0hVClD328f5LoQPcXAFzpZf3i7+DBqY0f36+9hHHZd/1DFX+YRhXO pY6l82ljNQFeQjvh7R+2aD+7EJDJAI0= X-MC-Unique: Djs8CgI1PgSxTQlpeaezTg-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 01/34] virDevMapperGetTargetsImpl: Close /dev/mapper/control in the end Date: Wed, 22 Jul 2020 11:39:55 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" When building domain's private /dev in a namespace, libdevmapper is consulted for getting full dependency tree of domain's disks. The reason is that for a multipath devices all dependent devices must be created in the namespace and allowed in CGroups. However, this approach is very fragile as building of namespace happens in the forked off child process, after mass close of FDs and just before dropping privileges and execing QEMU. And it so happens that when calling libdevmapper APIs, one of them opens /dev/mapper/control and saves the FD into a global variable. The FD is kept open until the lib is unlinked or dm_lib_release() is called explicitly. We are doing neither. This is not a problem when calling the function from libvirtd (when setting up CGroups), but it is a problem when called from the pre-exec hook because we leak the FD into QEMU. Fixes: a30078cb832646177defd256e77c632905f1e6d0 Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=3D1858260 Signed-off-by: Michal Privoznik --- src/util/virdevmapper.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/util/virdevmapper.c b/src/util/virdevmapper.c index 40a82285f9..1c216fb6c1 100644 --- a/src/util/virdevmapper.c +++ b/src/util/virdevmapper.c @@ -156,6 +156,7 @@ virDevMapperGetTargetsImpl(const char *path, virStringListFree(recursiveDevPaths); virStringListFree(devPaths); dm_task_destroy(dmt); + dm_lib_release(); return ret; } =20 --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595410854; cv=none; d=zohomail.com; s=zohoarc; b=YHxdpA8QUm8wNp54BEI1YcZdGuxfovSC64CtvhxQbNMoMCsX7GVIcKfhKFV4f4gcgIk5D6fJoTH/U5bcwhF7EMlIH4T8elwqVHVonyqWuMpSY3X6/NC/WUWha5ugeV5HrOAdGTF/4u5CIU1P4O22xxkryXRzhYMK1vik8ptIsNY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595410854; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=DWObagLzx+u+LoGYpk5sq8thoNFdDxBIL9ofbaumzhM=; b=Ej8YkGL9JEkgczA/d/DfTB/pJYfot4R35C7y1seGOdI18kQ0O9buwMV8Q0BOMtv/2HUValNkN/EZXYRqVM0L5vfRuq1zCER+wi5RjmgaHy7DtqqmdfvnxVgKGTiPmec0ROCZ13uS/KlvELc6tWmgXGiB7z2pAURjfp6jkWQ8WwI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1595410854219750.1735070174088; Wed, 22 Jul 2020 02:40:54 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-482-ortt23FXMzqP1nXSr4O3Iw-1; Wed, 22 Jul 2020 05:40:49 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 3B06E800C64; Wed, 22 Jul 2020 09:40:44 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 38EF61001B2C; Wed, 22 Jul 2020 09:40:43 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B97CF1809554; Wed, 22 Jul 2020 09:40:39 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9ebBS000822 for ; Wed, 22 Jul 2020 05:40:37 -0400 Received: by smtp.corp.redhat.com (Postfix) id 444CC1A8F7; Wed, 22 Jul 2020 09:40:37 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id B72372855B for ; Wed, 22 Jul 2020 09:40:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595410853; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=DWObagLzx+u+LoGYpk5sq8thoNFdDxBIL9ofbaumzhM=; b=eJDfiDFLSs1vfB2FdPDh+ojJWrGlh7KayRzNtvYryc7apeaCAvlnou9oiR350O5X9ZBeZT wA8B6ODYG60Nazn6Xmphsx+wesEZStY4TZxmUZZwhQdbDNkuXN7657G+xxNPDfOHr8NRiH y2q+7kGwh6ZBzucIuhOzkXV+S0io8iY= X-MC-Unique: ortt23FXMzqP1nXSr4O3Iw-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 02/34] virDevMapperGetTargets: Don't ignore EBADF Date: Wed, 22 Jul 2020 11:39:56 +0200 Message-Id: <7b7f8a3dd5e2ec476f27729c356841ad520ed468.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" One of the symptoms of the bug [1] is that on the second start of a domain we get EBADF when talking to libdevmapper. The reason is that libdevmapper opens /dev/mapper/control to talk to kernel and saves the FD into a global variable. This works well when starting a domain for the first time: the pre-exec hook (which is a separate process) gets info it needs; then the daemon sets up CGroups (where it will open the file again, because it's a different process). Now, libdevmapper won't close this FD until library is unloaded (in destructor) or dm_lib_release() is called. We were not doing any of that, hence, when starting a domain (any domain, even a different one), we forked off a child process (which will eventually become QEMU), mass close all FDs (including the libdevmapper's one), and run pre-exec hook. Since we closed the FD, libdevmapper will pass closed FD into an ioctl() and thus we got EBADF. After previous patch, this approach is history and thus we should not see EBADF anymore. 1: https://bugzilla.redhat.com/show_bug.cgi?id=3D1858260 Signed-off-by: Michal Privoznik --- src/qemu/qemu_cgroup.c | 2 +- src/qemu/qemu_domain.c | 4 ++-- src/util/virdevmapper.c | 3 --- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index 914bf640ca..e88da02341 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -87,7 +87,7 @@ qemuSetupImagePathCgroup(virDomainObjPtr vm, } =20 if (virDevMapperGetTargets(path, &targetPaths) < 0 && - errno !=3D ENOSYS && errno !=3D EBADF) { + errno !=3D ENOSYS) { virReportSystemError(errno, _("Unable to get devmapper targets for %s"), path); diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 5b22eb2eaa..2058290870 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -10264,7 +10264,7 @@ qemuDomainSetupDisk(virQEMUDriverConfigPtr cfg G_GN= UC_UNUSED, return -1; =20 if (virDevMapperGetTargets(next->path, &targetPaths) < 0 && - errno !=3D ENOSYS && errno !=3D EBADF) { + errno !=3D ENOSYS) { virReportSystemError(errno, _("Unable to get devmapper targets fo= r %s"), next->path); @@ -11328,7 +11328,7 @@ qemuDomainNamespaceSetupDisk(virDomainObjPtr vm, tmpPath =3D g_strdup(next->path); =20 if (virDevMapperGetTargets(next->path, &targetPaths) < 0 && - errno !=3D ENOSYS && errno !=3D EBADF) { + errno !=3D ENOSYS) { virReportSystemError(errno, _("Unable to get devmapper targets fo= r %s"), next->path); diff --git a/src/util/virdevmapper.c b/src/util/virdevmapper.c index 1c216fb6c1..139d70b854 100644 --- a/src/util/virdevmapper.c +++ b/src/util/virdevmapper.c @@ -176,9 +176,6 @@ virDevMapperGetTargetsImpl(const char *path, * If @path consists of yet another devmapper targets these are * consulted recursively. * - * If we don't have permissions to talk to kernel, -1 is returned - * and errno is set to EBADF. - * * Returns 0 on success, * -1 otherwise (with errno set, no libvirt error is * reported) --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411105; cv=none; d=zohomail.com; s=zohoarc; b=lIzBJGccot39n7bhKxxx2ugdDCBCBE3geyU+A7o405zVZykAyvzhilHoI1mmFw5bPnlvSMSZyJYJ1IyuazH5601vNshu/uUOsdWwlI/9K3DgG5DAcdRRkx+BCj5SbmnGdpyDs6Ra7EVr8WxybXQCxdLIrjC2xZrURugu/bimaKI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411105; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=bLGsmEKxZ/mk+5FPC4daasgtj04qIKw2u9PlMaqEfq0=; b=BTx9wCilWL90tFkCb8ZwolVXOFipzFNDaZ9IBYzkdClc8/UpUJHFPvaLOBa788NkAkfpCppYIKeYfJ4iEmN9QBdqNb/soAgajUASwBQOxezLxa2f28yPldHN7EJb3/OXC2xVyYE4el3UTNX7Ep9yTSyrROBUMLD2mEIWLPY/62Y= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 1595411105660185.88570640047828; Wed, 22 Jul 2020 02:45:05 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-47-aKf18HYLPLy8e3E8pF7DZw-1; Wed, 22 Jul 2020 05:43:57 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id E66CE800465; Wed, 22 Jul 2020 09:43:50 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C2F176931F; Wed, 22 Jul 2020 09:43:50 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 81DAB1809557; Wed, 22 Jul 2020 09:43:50 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9eco5000830 for ; Wed, 22 Jul 2020 05:40:38 -0400 Received: by smtp.corp.redhat.com (Postfix) id A69EE1A8F7; Wed, 22 Jul 2020 09:40:38 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9A7082B4DA for ; Wed, 22 Jul 2020 09:40:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411104; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=bLGsmEKxZ/mk+5FPC4daasgtj04qIKw2u9PlMaqEfq0=; b=Lr5R+55IkVUXxpcITlY24m0ctSb+bPCpbKArERa/0ZkCg/zh5h39uPny6dOktr1uJVQGia ohe0wDlG9/PApsFi/Thmr2/+yUCXo2ua6e8nFmSTjAMKbDH1MjZcwF/n0purJQOtWOGx+E 3pv626/seslEJAlPQBSTBgAYHsL973U= X-MC-Unique: aKf18HYLPLy8e3E8pF7DZw-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 03/34] qemu: Separate out namespace handling code Date: Wed, 22 Jul 2020 11:39:57 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" The qemu_domain.c file is big as is and we should split it into separate semantic blocks. Start with code that handles domain namespaces. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- po/POTFILES.in | 1 + src/qemu/Makefile.inc.am | 2 + src/qemu/qemu_conf.c | 1 + src/qemu/qemu_domain.c | 1848 +---------------------------- src/qemu/qemu_domain.h | 57 - src/qemu/qemu_domain_namespace.c | 1885 ++++++++++++++++++++++++++++++ src/qemu/qemu_domain_namespace.h | 86 ++ src/qemu/qemu_driver.c | 1 + src/qemu/qemu_hotplug.c | 1 + src/qemu/qemu_process.c | 1 + src/qemu/qemu_security.c | 1 + 11 files changed, 1980 insertions(+), 1904 deletions(-) create mode 100644 src/qemu/qemu_domain_namespace.c create mode 100644 src/qemu/qemu_domain_namespace.h diff --git a/po/POTFILES.in b/po/POTFILES.in index b10008ae3d..de4fb172d2 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -153,6 +153,7 @@ @SRCDIR@src/qemu/qemu_dbus.c @SRCDIR@src/qemu/qemu_domain.c @SRCDIR@src/qemu/qemu_domain_address.c +@SRCDIR@src/qemu/qemu_domain_namespace.c @SRCDIR@src/qemu/qemu_domainjob.c @SRCDIR@src/qemu/qemu_driver.c @SRCDIR@src/qemu/qemu_extdevice.c diff --git a/src/qemu/Makefile.inc.am b/src/qemu/Makefile.inc.am index 9e1d6192f5..01aa734597 100644 --- a/src/qemu/Makefile.inc.am +++ b/src/qemu/Makefile.inc.am @@ -21,6 +21,8 @@ QEMU_DRIVER_SOURCES =3D \ qemu/qemu_domainjob.h \ qemu/qemu_domain_address.c \ qemu/qemu_domain_address.h \ + qemu/qemu_domain_namespace.c \ + qemu/qemu_domain_namespace.h \ qemu/qemu_cgroup.c \ qemu/qemu_cgroup.h \ qemu/qemu_extdevice.c \ diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index 4762f2a88a..bc418082f7 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -30,6 +30,7 @@ #include "qemu_conf.h" #include "qemu_capabilities.h" #include "qemu_domain.h" +#include "qemu_domain_namespace.h" #include "qemu_firmware.h" #include "qemu_security.h" #include "viruuid.h" diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 2058290870..92dc69ce39 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -37,6 +37,7 @@ #include "qemu_blockjob.h" #include "qemu_checkpoint.h" #include "qemu_validate.h" +#include "qemu_domain_namespace.h" #include "viralloc.h" #include "virlog.h" #include "virerror.h" @@ -65,17 +66,8 @@ #include "virutil.h" #include "virdevmapper.h" =20 -#ifdef __linux__ -# include -#endif #include #include -#if defined(HAVE_SYS_MOUNT_H) -# include -#endif -#ifdef WITH_SELINUX -# include -#endif =20 #define QEMU_QXL_VGAMEM_DEFAULT 16 * 1024 =20 @@ -83,11 +75,6 @@ =20 VIR_LOG_INIT("qemu.qemu_domain"); =20 -VIR_ENUM_IMPL(qemuDomainNamespace, - QEMU_DOMAIN_NS_LAST, - "mount", -); - =20 static void * qemuJobAllocPrivate(void) @@ -239,54 +226,6 @@ qemuDomainLogContextFinalize(GObject *object) G_OBJECT_CLASS(qemu_domain_log_context_parent_class)->finalize(object); } =20 - -bool -qemuDomainNamespaceEnabled(virDomainObjPtr vm, - qemuDomainNamespace ns) -{ - qemuDomainObjPrivatePtr priv =3D vm->privateData; - - return priv->namespaces && - virBitmapIsBitSet(priv->namespaces, ns); -} - - -static int -qemuDomainEnableNamespace(virDomainObjPtr vm, - qemuDomainNamespace ns) -{ - qemuDomainObjPrivatePtr priv =3D vm->privateData; - - if (!priv->namespaces && - !(priv->namespaces =3D virBitmapNew(QEMU_DOMAIN_NS_LAST))) - return -1; - - if (virBitmapSetBit(priv->namespaces, ns) < 0) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("Unable to enable namespace: %s"), - qemuDomainNamespaceTypeToString(ns)); - return -1; - } - - return 0; -} - - -static void -qemuDomainDisableNamespace(virDomainObjPtr vm, - qemuDomainNamespace ns) -{ - qemuDomainObjPrivatePtr priv =3D vm->privateData; - - if (priv->namespaces) { - ignore_value(virBitmapClearBit(priv->namespaces, ns)); - if (virBitmapIsAllClear(priv->namespaces)) { - virBitmapFree(priv->namespaces); - priv->namespaces =3D NULL; - } - } -} - /* qemuDomainGetMasterKeyFilePath: * @libDir: Directory path to domain lib files * @@ -9799,1791 +9738,6 @@ qemuDomainGetHostdevPath(virDomainHostdevDefPtr de= v, } =20 =20 -/** - * qemuDomainGetPreservedMountPath: - * @cfg: driver configuration data - * @vm: domain object - * @mountpoint: mount point path to convert - * - * For given @mountpoint return new path where the mount point - * should be moved temporarily whilst building the namespace. - * - * Returns: allocated string on success which the caller must free, - * NULL on failure. - */ -static char * -qemuDomainGetPreservedMountPath(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, - const char *mountpoint) -{ - char *path =3D NULL; - char *tmp; - const char *suffix =3D mountpoint + strlen(QEMU_DEVPREFIX); - g_autofree char *domname =3D virDomainDefGetShortName(vm->def); - size_t off; - - if (!domname) - return NULL; - - if (STREQ(mountpoint, "/dev")) - suffix =3D "dev"; - - path =3D g_strdup_printf("%s/%s.%s", cfg->stateDir, domname, suffix); - - /* Now consider that @mountpoint is "/dev/blah/blah2". - * @suffix then points to "blah/blah2". However, caller - * expects all the @paths to be the same depth. The - * caller doesn't always do `mkdir -p` but sometimes bare - * `touch`. Therefore fix all the suffixes. */ - off =3D strlen(path) - strlen(suffix); - - tmp =3D path + off; - while (*tmp) { - if (*tmp =3D=3D '/') - *tmp =3D '.'; - tmp++; - } - - return path; -} - - -/** - * qemuDomainGetPreservedMounts: - * - * Process list of mounted filesystems and: - * a) save all FSs mounted under /dev to @devPath - * b) generate backup path for all the entries in a) - * - * Any of the return pointers can be NULL. - * - * Returns 0 on success, -1 otherwise (with error reported) - */ -static int -qemuDomainGetPreservedMounts(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, - char ***devPath, - char ***devSavePath, - size_t *ndevPath) -{ - char **paths =3D NULL, **mounts =3D NULL; - size_t i, j, nmounts; - - if (virFileGetMountSubtree(QEMU_PROC_MOUNTS, "/dev", - &mounts, &nmounts) < 0) - goto error; - - if (!nmounts) { - if (ndevPath) - *ndevPath =3D 0; - return 0; - } - - /* There can be nested mount points. For instance - * /dev/shm/blah can be a mount point and /dev/shm too. It - * doesn't make much sense to return the former path because - * caller preserves the latter (and with that the former - * too). Therefore prune nested mount points. - * NB mounts[0] is "/dev". Should we start the outer loop - * from the beginning of the array all we'd be left with is - * just the first element. Think about it. - */ - for (i =3D 1; i < nmounts; i++) { - j =3D i + 1; - while (j < nmounts) { - char *c =3D STRSKIP(mounts[j], mounts[i]); - - if (c && (*c =3D=3D '/' || *c =3D=3D '\0')) { - VIR_DEBUG("Dropping path %s because of %s", mounts[j], mou= nts[i]); - VIR_DELETE_ELEMENT(mounts, j, nmounts); - } else { - j++; - } - } - } - - if (VIR_ALLOC_N(paths, nmounts) < 0) - goto error; - - for (i =3D 0; i < nmounts; i++) { - if (!(paths[i] =3D qemuDomainGetPreservedMountPath(cfg, vm, mounts= [i]))) - goto error; - } - - if (devPath) - *devPath =3D mounts; - else - virStringListFreeCount(mounts, nmounts); - - if (devSavePath) - *devSavePath =3D paths; - else - virStringListFreeCount(paths, nmounts); - - if (ndevPath) - *ndevPath =3D nmounts; - - return 0; - - error: - virStringListFreeCount(mounts, nmounts); - virStringListFreeCount(paths, nmounts); - return -1; -} - - -struct qemuDomainCreateDeviceData { - const char *path; /* Path to temp new /dev location */ - char * const *devMountsPath; - size_t ndevMountsPath; -}; - - -static int -qemuDomainCreateDeviceRecursive(const char *device, - const struct qemuDomainCreateDeviceData *d= ata, - bool allow_noent, - unsigned int ttl) -{ - g_autofree char *devicePath =3D NULL; - g_autofree char *target =3D NULL; - GStatBuf sb; - int ret =3D -1; - bool isLink =3D false; - bool isDev =3D false; - bool isReg =3D false; - bool isDir =3D false; - bool create =3D false; -#ifdef WITH_SELINUX - char *tcon =3D NULL; -#endif - - if (!ttl) { - virReportSystemError(ELOOP, - _("Too many levels of symbolic links: %s"), - device); - return ret; - } - - if (g_lstat(device, &sb) < 0) { - if (errno =3D=3D ENOENT && allow_noent) { - /* Ignore non-existent device. */ - return 0; - } - virReportSystemError(errno, _("Unable to stat %s"), device); - return ret; - } - - isLink =3D S_ISLNK(sb.st_mode); - isDev =3D S_ISCHR(sb.st_mode) || S_ISBLK(sb.st_mode); - isReg =3D S_ISREG(sb.st_mode) || S_ISFIFO(sb.st_mode) || S_ISSOCK(sb.s= t_mode); - isDir =3D S_ISDIR(sb.st_mode); - - /* Here, @device might be whatever path in the system. We - * should create the path in the namespace iff it's "/dev" - * prefixed. However, if it is a symlink, we need to traverse - * it too (it might point to something in "/dev"). Just - * consider: - * - * /var/sym1 -> /var/sym2 -> /dev/sda (because users can) - * - * This means, "/var/sym1" is not created (it's shared with - * the parent namespace), nor "/var/sym2", but "/dev/sda". - * - * TODO Remove all `.' and `..' from the @device path. - * Otherwise we might get fooled with `/dev/../var/my_image'. - * For now, lets hope callers play nice. - */ - if (STRPREFIX(device, QEMU_DEVPREFIX)) { - size_t i; - - for (i =3D 0; i < data->ndevMountsPath; i++) { - if (STREQ(data->devMountsPath[i], "/dev")) - continue; - if (STRPREFIX(device, data->devMountsPath[i])) - break; - } - - if (i =3D=3D data->ndevMountsPath) { - /* Okay, @device is in /dev but not in any mount point under /= dev. - * Create it. */ - devicePath =3D g_strdup_printf("%s/%s", data->path, - device + strlen(QEMU_DEVPREFIX)); - - if (virFileMakeParentPath(devicePath) < 0) { - virReportSystemError(errno, - _("Unable to create %s"), - devicePath); - goto cleanup; - } - VIR_DEBUG("Creating dev %s", device); - create =3D true; - } else { - VIR_DEBUG("Skipping dev %s because of %s mount point", - device, data->devMountsPath[i]); - } - } - - if (isLink) { - g_autoptr(GError) gerr =3D NULL; - - /* We are dealing with a symlink. Create a dangling symlink and de= scend - * down one level which hopefully creates the symlink's target. */ - if (!(target =3D g_file_read_link(device, &gerr))) { - virReportError(VIR_ERR_SYSTEM_ERROR, - _("failed to resolve symlink %s: %s"), device, = gerr->message); - goto cleanup; - } - - if (create && - symlink(target, devicePath) < 0) { - if (errno =3D=3D EEXIST) { - ret =3D 0; - } else { - virReportSystemError(errno, - _("unable to create symlink %s"), - devicePath); - } - goto cleanup; - } - - /* Tricky part. If the target starts with a slash then we need to = take - * it as it is. Otherwise we need to replace the last component in= the - * original path with the link target: - * /dev/rtc -> rtc0 (want /dev/rtc0) - * /dev/disk/by-id/ata-SanDisk_SDSSDXPS480G_161101402485 -> ../../= sda - * (want /dev/disk/by-id/../../sda) - * /dev/stdout -> /proc/self/fd/1 (no change needed) - */ - if (!g_path_is_absolute(target)) { - g_autofree char *devTmp =3D g_strdup(device); - char *c =3D NULL, *tmp =3D NULL; - - if ((c =3D strrchr(devTmp, '/'))) - *(c + 1) =3D '\0'; - - tmp =3D g_strdup_printf("%s%s", devTmp, target); - VIR_FREE(target); - target =3D g_steal_pointer(&tmp); - } - - if (qemuDomainCreateDeviceRecursive(target, data, - allow_noent, ttl - 1) < 0) - goto cleanup; - } else if (isDev) { - if (create) { - unlink(devicePath); - if (mknod(devicePath, sb.st_mode, sb.st_rdev) < 0) { - virReportSystemError(errno, - _("Failed to make device %s"), - devicePath); - goto cleanup; - } - } - } else if (isReg) { - if (create && - virFileTouch(devicePath, sb.st_mode) < 0) - goto cleanup; - /* Just create the file here so that code below sets - * proper owner and mode. Bind mount only after that. */ - } else if (isDir) { - if (create && - virFileMakePathWithMode(devicePath, sb.st_mode) < 0) { - virReportSystemError(errno, - _("Unable to make dir %s"), - devicePath); - goto cleanup; - } - } else { - virReportError(VIR_ERR_OPERATION_UNSUPPORTED, - _("unsupported device type %s 0%o"), - device, sb.st_mode); - goto cleanup; - } - - if (!create) { - ret =3D 0; - goto cleanup; - } - - if (lchown(devicePath, sb.st_uid, sb.st_gid) < 0) { - virReportSystemError(errno, - _("Failed to chown device %s"), - devicePath); - goto cleanup; - } - - /* Symlinks don't have mode */ - if (!isLink && - chmod(devicePath, sb.st_mode) < 0) { - virReportSystemError(errno, - _("Failed to set permissions for device %s"), - devicePath); - goto cleanup; - } - - /* Symlinks don't have ACLs. */ - if (!isLink && - virFileCopyACLs(device, devicePath) < 0 && - errno !=3D ENOTSUP) { - virReportSystemError(errno, - _("Failed to copy ACLs on device %s"), - devicePath); - goto cleanup; - } - -#ifdef WITH_SELINUX - if (lgetfilecon_raw(device, &tcon) < 0 && - (errno !=3D ENOTSUP && errno !=3D ENODATA)) { - virReportSystemError(errno, - _("Unable to get SELinux label from %s"), - device); - goto cleanup; - } - - if (tcon && - lsetfilecon_raw(devicePath, (const char *)tcon) < 0) { - VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR - if (errno !=3D EOPNOTSUPP && errno !=3D ENOTSUP) { - VIR_WARNINGS_RESET - virReportSystemError(errno, - _("Unable to set SELinux label on %s"), - devicePath); - goto cleanup; - } - } -#endif - - /* Finish mount process started earlier. */ - if ((isReg || isDir) && - virFileBindMountDevice(device, devicePath) < 0) - goto cleanup; - - ret =3D 0; - cleanup: -#ifdef WITH_SELINUX - freecon(tcon); -#endif - return ret; -} - - -static int -qemuDomainCreateDevice(const char *device, - const struct qemuDomainCreateDeviceData *data, - bool allow_noent) -{ - long symloop_max =3D sysconf(_SC_SYMLOOP_MAX); - - return qemuDomainCreateDeviceRecursive(device, data, - allow_noent, symloop_max); -} - - -static int -qemuDomainPopulateDevices(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm G_GNUC_UNUSED, - const struct qemuDomainCreateDeviceData *data) -{ - const char *const *devices =3D (const char *const *) cfg->cgroupDevice= ACL; - size_t i; - - if (!devices) - devices =3D defaultDeviceACL; - - for (i =3D 0; devices[i]; i++) { - if (qemuDomainCreateDevice(devices[i], data, true) < 0) - return -1; - } - - return 0; -} - - -static int -qemuDomainSetupDev(virQEMUDriverConfigPtr cfg, - virSecurityManagerPtr mgr, - virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) -{ - g_autofree char *mount_options =3D NULL; - g_autofree char *opts =3D NULL; - - VIR_DEBUG("Setting up /dev/ for domain %s", vm->def->name); - - mount_options =3D qemuSecurityGetMountOptions(mgr, vm->def); - - if (!mount_options) - mount_options =3D g_strdup(""); - - /* - * tmpfs is limited to 64kb, since we only have device nodes in there - * and don't want to DOS the entire OS RAM usage - */ - opts =3D g_strdup_printf("mode=3D755,size=3D65536%s", mount_options); - - if (virFileSetupDev(data->path, opts) < 0) - return -1; - - if (qemuDomainPopulateDevices(cfg, vm, data) < 0) - return -1; - - return 0; -} - - -static int -qemuDomainSetupDisk(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainDiskDefPtr disk, - const struct qemuDomainCreateDeviceData *data) -{ - virStorageSourcePtr next; - bool hasNVMe =3D false; - - for (next =3D disk->src; virStorageSourceIsBacking(next); next =3D nex= t->backingStore) { - VIR_AUTOSTRINGLIST targetPaths =3D NULL; - size_t i; - - if (next->type =3D=3D VIR_STORAGE_TYPE_NVME) { - g_autofree char *nvmePath =3D NULL; - - hasNVMe =3D true; - - if (!(nvmePath =3D virPCIDeviceAddressGetIOMMUGroupDev(&next->= nvme->pciAddr))) - return -1; - - if (qemuDomainCreateDevice(nvmePath, data, false) < 0) - return -1; - } else { - if (!next->path || !virStorageSourceIsLocalStorage(next)) { - /* Not creating device. Just continue. */ - continue; - } - - if (qemuDomainCreateDevice(next->path, data, false) < 0) - return -1; - - if (virDevMapperGetTargets(next->path, &targetPaths) < 0 && - errno !=3D ENOSYS) { - virReportSystemError(errno, - _("Unable to get devmapper targets fo= r %s"), - next->path); - return -1; - } - - for (i =3D 0; targetPaths && targetPaths[i]; i++) { - if (qemuDomainCreateDevice(targetPaths[i], data, false) < = 0) - return -1; - } - } - } - - /* qemu-pr-helper might require access to /dev/mapper/control. */ - if (disk->src->pr && - qemuDomainCreateDevice(QEMU_DEVICE_MAPPER_CONTROL_PATH, data, true= ) < 0) - return -1; - - if (hasNVMe && - qemuDomainCreateDevice(QEMU_DEV_VFIO, data, false) < 0) - return -1; - - return 0; -} - - -static int -qemuDomainSetupAllDisks(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) -{ - size_t i; - VIR_DEBUG("Setting up disks"); - - for (i =3D 0; i < vm->def->ndisks; i++) { - if (qemuDomainSetupDisk(cfg, - vm->def->disks[i], - data) < 0) - return -1; - } - - VIR_DEBUG("Setup all disks"); - return 0; -} - - -static int -qemuDomainSetupHostdev(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainHostdevDefPtr dev, - const struct qemuDomainCreateDeviceData *data) -{ - g_autofree char *path =3D NULL; - - if (qemuDomainGetHostdevPath(dev, &path, NULL) < 0) - return -1; - - if (path && qemuDomainCreateDevice(path, data, false) < 0) - return -1; - - if (qemuHostdevNeedsVFIO(dev) && - qemuDomainCreateDevice(QEMU_DEV_VFIO, data, false) < 0) - return -1; - - return 0; -} - - -static int -qemuDomainSetupAllHostdevs(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) -{ - size_t i; - - VIR_DEBUG("Setting up hostdevs"); - for (i =3D 0; i < vm->def->nhostdevs; i++) { - if (qemuDomainSetupHostdev(cfg, - vm->def->hostdevs[i], - data) < 0) - return -1; - } - VIR_DEBUG("Setup all hostdevs"); - return 0; -} - - -static int -qemuDomainSetupMemory(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainMemoryDefPtr mem, - const struct qemuDomainCreateDeviceData *data) -{ - if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM) - return 0; - - return qemuDomainCreateDevice(mem->nvdimmPath, data, false); -} - - -static int -qemuDomainSetupAllMemories(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) -{ - size_t i; - - VIR_DEBUG("Setting up memories"); - for (i =3D 0; i < vm->def->nmems; i++) { - if (qemuDomainSetupMemory(cfg, - vm->def->mems[i], - data) < 0) - return -1; - } - VIR_DEBUG("Setup all memories"); - return 0; -} - - -static int -qemuDomainSetupChardev(virDomainDefPtr def G_GNUC_UNUSED, - virDomainChrDefPtr dev, - void *opaque) -{ - const struct qemuDomainCreateDeviceData *data =3D opaque; - const char *path =3D NULL; - - if (!(path =3D virDomainChrSourceDefGetPath(dev->source))) - return 0; - - /* Socket created by qemu. It doesn't exist upfront. */ - if (dev->source->type =3D=3D VIR_DOMAIN_CHR_TYPE_UNIX && - dev->source->data.nix.listen) - return 0; - - return qemuDomainCreateDevice(path, data, true); -} - - -static int -qemuDomainSetupAllChardevs(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) -{ - VIR_DEBUG("Setting up chardevs"); - - if (virDomainChrDefForeach(vm->def, - true, - qemuDomainSetupChardev, - (void *)data) < 0) - return -1; - - VIR_DEBUG("Setup all chardevs"); - return 0; -} - - -static int -qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainTPMDefPtr dev, - const struct qemuDomainCreateDeviceData *data) -{ - switch (dev->type) { - case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: - if (qemuDomainCreateDevice(dev->data.passthrough.source.data.file.= path, - data, false) < 0) - return -1; - break; - - case VIR_DOMAIN_TPM_TYPE_EMULATOR: - case VIR_DOMAIN_TPM_TYPE_LAST: - /* nada */ - break; - } - - return 0; -} - - -static int -qemuDomainSetupAllTPMs(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) -{ - size_t i; - - VIR_DEBUG("Setting up TPMs"); - - for (i =3D 0; i < vm->def->ntpms; i++) { - if (qemuDomainSetupTPM(cfg, vm->def->tpms[i], data) < 0) - return -1; - } - - VIR_DEBUG("Setup all TPMs"); - return 0; -} - - -static int -qemuDomainSetupGraphics(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainGraphicsDefPtr gfx, - const struct qemuDomainCreateDeviceData *data) -{ - const char *rendernode =3D virDomainGraphicsGetRenderNode(gfx); - - if (!rendernode) - return 0; - - return qemuDomainCreateDevice(rendernode, data, false); -} - - -static int -qemuDomainSetupAllGraphics(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) -{ - size_t i; - - VIR_DEBUG("Setting up graphics"); - for (i =3D 0; i < vm->def->ngraphics; i++) { - if (qemuDomainSetupGraphics(cfg, - vm->def->graphics[i], - data) < 0) - return -1; - } - - VIR_DEBUG("Setup all graphics"); - return 0; -} - - -static int -qemuDomainSetupInput(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainInputDefPtr input, - const struct qemuDomainCreateDeviceData *data) -{ - const char *path =3D virDomainInputDefGetPath(input); - - if (path && qemuDomainCreateDevice(path, data, false) < 0) - return -1; - - return 0; -} - - -static int -qemuDomainSetupAllInputs(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) -{ - size_t i; - - VIR_DEBUG("Setting up inputs"); - for (i =3D 0; i < vm->def->ninputs; i++) { - if (qemuDomainSetupInput(cfg, - vm->def->inputs[i], - data) < 0) - return -1; - } - VIR_DEBUG("Setup all inputs"); - return 0; -} - - -static int -qemuDomainSetupRNG(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainRNGDefPtr rng, - const struct qemuDomainCreateDeviceData *data) -{ - switch ((virDomainRNGBackend) rng->backend) { - case VIR_DOMAIN_RNG_BACKEND_RANDOM: - if (qemuDomainCreateDevice(rng->source.file, data, false) < 0) - return -1; - break; - - case VIR_DOMAIN_RNG_BACKEND_EGD: - case VIR_DOMAIN_RNG_BACKEND_BUILTIN: - case VIR_DOMAIN_RNG_BACKEND_LAST: - /* nada */ - break; - } - - return 0; -} - - -static int -qemuDomainSetupAllRNGs(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) -{ - size_t i; - - VIR_DEBUG("Setting up RNGs"); - for (i =3D 0; i < vm->def->nrngs; i++) { - if (qemuDomainSetupRNG(cfg, - vm->def->rngs[i], - data) < 0) - return -1; - } - - VIR_DEBUG("Setup all RNGs"); - return 0; -} - - -static int -qemuDomainSetupLoader(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) -{ - virDomainLoaderDefPtr loader =3D vm->def->os.loader; - - VIR_DEBUG("Setting up loader"); - - if (loader) { - switch ((virDomainLoader) loader->type) { - case VIR_DOMAIN_LOADER_TYPE_ROM: - if (qemuDomainCreateDevice(loader->path, data, false) < 0) - return -1; - break; - - case VIR_DOMAIN_LOADER_TYPE_PFLASH: - if (qemuDomainCreateDevice(loader->path, data, false) < 0) - return -1; - - if (loader->nvram && - qemuDomainCreateDevice(loader->nvram, data, false) < 0) - return -1; - break; - - case VIR_DOMAIN_LOADER_TYPE_NONE: - case VIR_DOMAIN_LOADER_TYPE_LAST: - break; - } - } - - VIR_DEBUG("Setup loader"); - return 0; -} - - -static int -qemuDomainSetupLaunchSecurity(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *dat= a) -{ - virDomainSEVDefPtr sev =3D vm->def->sev; - - if (!sev || sev->sectype !=3D VIR_DOMAIN_LAUNCH_SECURITY_SEV) - return 0; - - VIR_DEBUG("Setting up launch security"); - - if (qemuDomainCreateDevice(QEMU_DEV_SEV, data, false) < 0) - return -1; - - VIR_DEBUG("Set up launch security"); - return 0; -} - - -int -qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, - virSecurityManagerPtr mgr, - virDomainObjPtr vm) -{ - struct qemuDomainCreateDeviceData data; - const char *devPath =3D NULL; - char **devMountsPath =3D NULL, **devMountsSavePath =3D NULL; - size_t ndevMountsPath =3D 0, i; - int ret =3D -1; - - if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) { - ret =3D 0; - goto cleanup; - } - - if (qemuDomainGetPreservedMounts(cfg, vm, - &devMountsPath, &devMountsSavePath, - &ndevMountsPath) < 0) - goto cleanup; - - for (i =3D 0; i < ndevMountsPath; i++) { - if (STREQ(devMountsPath[i], "/dev")) { - devPath =3D devMountsSavePath[i]; - break; - } - } - - if (!devPath) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("Unable to find any /dev mount")); - goto cleanup; - } - - data.path =3D devPath; - data.devMountsPath =3D devMountsPath; - data.ndevMountsPath =3D ndevMountsPath; - - if (virProcessSetupPrivateMountNS() < 0) - goto cleanup; - - if (qemuDomainSetupDev(cfg, mgr, vm, &data) < 0) - goto cleanup; - - if (qemuDomainSetupAllDisks(cfg, vm, &data) < 0) - goto cleanup; - - if (qemuDomainSetupAllHostdevs(cfg, vm, &data) < 0) - goto cleanup; - - if (qemuDomainSetupAllMemories(cfg, vm, &data) < 0) - goto cleanup; - - if (qemuDomainSetupAllChardevs(cfg, vm, &data) < 0) - goto cleanup; - - if (qemuDomainSetupAllTPMs(cfg, vm, &data) < 0) - goto cleanup; - - if (qemuDomainSetupAllGraphics(cfg, vm, &data) < 0) - goto cleanup; - - if (qemuDomainSetupAllInputs(cfg, vm, &data) < 0) - goto cleanup; - - if (qemuDomainSetupAllRNGs(cfg, vm, &data) < 0) - goto cleanup; - - if (qemuDomainSetupLoader(cfg, vm, &data) < 0) - goto cleanup; - - if (qemuDomainSetupLaunchSecurity(cfg, vm, &data) < 0) - goto cleanup; - - /* Save some mount points because we want to share them with the host = */ - for (i =3D 0; i < ndevMountsPath; i++) { - struct stat sb; - - if (devMountsSavePath[i] =3D=3D devPath) - continue; - - if (stat(devMountsPath[i], &sb) < 0) { - virReportSystemError(errno, - _("Unable to stat: %s"), - devMountsPath[i]); - goto cleanup; - } - - /* At this point, devMountsPath is either: - * a file (regular or special), or - * a directory. */ - if ((S_ISDIR(sb.st_mode) && virFileMakePath(devMountsSavePath[i]) = < 0) || - (!S_ISDIR(sb.st_mode) && virFileTouch(devMountsSavePath[i], sb= .st_mode) < 0)) { - virReportSystemError(errno, - _("Failed to create %s"), - devMountsSavePath[i]); - goto cleanup; - } - - if (virFileMoveMount(devMountsPath[i], devMountsSavePath[i]) < 0) - goto cleanup; - } - - if (virFileMoveMount(devPath, "/dev") < 0) - goto cleanup; - - for (i =3D 0; i < ndevMountsPath; i++) { - struct stat sb; - - if (devMountsSavePath[i] =3D=3D devPath) - continue; - - if (stat(devMountsSavePath[i], &sb) < 0) { - virReportSystemError(errno, - _("Unable to stat: %s"), - devMountsSavePath[i]); - goto cleanup; - } - - if (S_ISDIR(sb.st_mode)) { - if (virFileMakePath(devMountsPath[i]) < 0) { - virReportSystemError(errno, _("Cannot create %s"), - devMountsPath[i]); - goto cleanup; - } - } else { - if (virFileMakeParentPath(devMountsPath[i]) < 0 || - virFileTouch(devMountsPath[i], sb.st_mode) < 0) { - virReportSystemError(errno, _("Cannot create %s"), - devMountsPath[i]); - goto cleanup; - } - } - - if (virFileMoveMount(devMountsSavePath[i], devMountsPath[i]) < 0) - goto cleanup; - } - - ret =3D 0; - cleanup: - for (i =3D 0; i < ndevMountsPath; i++) { -#if defined(__linux__) - umount(devMountsSavePath[i]); -#endif /* defined(__linux__) */ - /* The path can be either a regular file or a dir. */ - if (virFileIsDir(devMountsSavePath[i])) - virFileDeleteTree(devMountsSavePath[i]); - else - unlink(devMountsSavePath[i]); - } - virStringListFreeCount(devMountsPath, ndevMountsPath); - virStringListFreeCount(devMountsSavePath, ndevMountsPath); - return ret; -} - - -int -qemuDomainCreateNamespace(virQEMUDriverPtr driver, - virDomainObjPtr vm) -{ - g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); - - if (virBitmapIsBitSet(cfg->namespaces, QEMU_DOMAIN_NS_MOUNT) && - qemuDomainEnableNamespace(vm, QEMU_DOMAIN_NS_MOUNT) < 0) - return -1; - - return 0; -} - - -void -qemuDomainDestroyNamespace(virQEMUDriverPtr driver G_GNUC_UNUSED, - virDomainObjPtr vm) -{ - if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) - qemuDomainDisableNamespace(vm, QEMU_DOMAIN_NS_MOUNT); -} - - -bool -qemuDomainNamespaceAvailable(qemuDomainNamespace ns G_GNUC_UNUSED) -{ -#if !defined(__linux__) - /* Namespaces are Linux specific. */ - return false; - -#else /* defined(__linux__) */ - - switch (ns) { - case QEMU_DOMAIN_NS_MOUNT: -# if !defined(HAVE_SYS_ACL_H) || !defined(WITH_SELINUX) - /* We can't create the exact copy of paths if either of - * these is not available. */ - return false; -# else - if (virProcessNamespaceAvailable(VIR_PROCESS_NAMESPACE_MNT) < 0) - return false; -# endif - break; - case QEMU_DOMAIN_NS_LAST: - break; - } - - return true; -#endif /* defined(__linux__) */ -} - - -struct qemuDomainAttachDeviceMknodData { - virQEMUDriverPtr driver; - virDomainObjPtr vm; - const char *file; - const char *target; - GStatBuf sb; - void *acl; -#ifdef WITH_SELINUX - char *tcon; -#endif -}; - - -/* Our way of creating devices is highly linux specific */ -#if defined(__linux__) -static int -qemuDomainAttachDeviceMknodHelper(pid_t pid G_GNUC_UNUSED, - void *opaque) -{ - struct qemuDomainAttachDeviceMknodData *data =3D opaque; - int ret =3D -1; - bool delDevice =3D false; - bool isLink =3D S_ISLNK(data->sb.st_mode); - bool isDev =3D S_ISCHR(data->sb.st_mode) || S_ISBLK(data->sb.st_mode); - bool isReg =3D S_ISREG(data->sb.st_mode) || S_ISFIFO(data->sb.st_mode)= || S_ISSOCK(data->sb.st_mode); - bool isDir =3D S_ISDIR(data->sb.st_mode); - - qemuSecurityPostFork(data->driver->securityManager); - - if (virFileMakeParentPath(data->file) < 0) { - virReportSystemError(errno, - _("Unable to create %s"), data->file); - goto cleanup; - } - - if (isLink) { - VIR_DEBUG("Creating symlink %s -> %s", data->file, data->target); - - /* First, unlink the symlink target. Symlinks change and - * therefore we have no guarantees that pre-existing - * symlink is still valid. */ - if (unlink(data->file) < 0 && - errno !=3D ENOENT) { - virReportSystemError(errno, - _("Unable to remove symlink %s"), - data->file); - goto cleanup; - } - - if (symlink(data->target, data->file) < 0) { - virReportSystemError(errno, - _("Unable to create symlink %s (pointing = to %s)"), - data->file, data->target); - goto cleanup; - } else { - delDevice =3D true; - } - } else if (isDev) { - VIR_DEBUG("Creating dev %s (%d,%d)", - data->file, major(data->sb.st_rdev), minor(data->sb.st_r= dev)); - unlink(data->file); - if (mknod(data->file, data->sb.st_mode, data->sb.st_rdev) < 0) { - virReportSystemError(errno, - _("Unable to create device %s"), - data->file); - goto cleanup; - } else { - delDevice =3D true; - } - } else if (isReg || isDir) { - /* We are not cleaning up disks on virDomainDetachDevice - * because disk might be still in use by different disk - * as its backing chain. This might however clash here. - * Therefore do the cleanup here. */ - if (umount(data->file) < 0 && - errno !=3D ENOENT && errno !=3D EINVAL) { - virReportSystemError(errno, - _("Unable to umount %s"), - data->file); - goto cleanup; - } - if ((isReg && virFileTouch(data->file, data->sb.st_mode) < 0) || - (isDir && virFileMakePathWithMode(data->file, data->sb.st_mode= ) < 0)) - goto cleanup; - delDevice =3D true; - /* Just create the file here so that code below sets - * proper owner and mode. Move the mount only after that. */ - } else { - virReportError(VIR_ERR_OPERATION_UNSUPPORTED, - _("unsupported device type %s 0%o"), - data->file, data->sb.st_mode); - goto cleanup; - } - - if (lchown(data->file, data->sb.st_uid, data->sb.st_gid) < 0) { - virReportSystemError(errno, - _("Failed to chown device %s"), - data->file); - goto cleanup; - } - - /* Symlinks don't have mode */ - if (!isLink && - chmod(data->file, data->sb.st_mode) < 0) { - virReportSystemError(errno, - _("Failed to set permissions for device %s"), - data->file); - goto cleanup; - } - - /* Symlinks don't have ACLs. */ - if (!isLink && - virFileSetACLs(data->file, data->acl) < 0 && - errno !=3D ENOTSUP) { - virReportSystemError(errno, - _("Unable to set ACLs on %s"), data->file); - goto cleanup; - } - -# ifdef WITH_SELINUX - if (data->tcon && - lsetfilecon_raw(data->file, (const char *)data->tcon) < 0) { - VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR - if (errno !=3D EOPNOTSUPP && errno !=3D ENOTSUP) { - VIR_WARNINGS_RESET - virReportSystemError(errno, - _("Unable to set SELinux label on %s"), - data->file); - goto cleanup; - } - } -# endif - - /* Finish mount process started earlier. */ - if ((isReg || isDir) && - virFileMoveMount(data->target, data->file) < 0) - goto cleanup; - - ret =3D 0; - cleanup: - if (ret < 0 && delDevice) { - if (isDir) - virFileDeleteTree(data->file); - else - unlink(data->file); - } -# ifdef WITH_SELINUX - freecon(data->tcon); -# endif - virFileFreeACLs(&data->acl); - return ret; -} - - -static int -qemuDomainAttachDeviceMknodRecursive(virQEMUDriverPtr driver, - virDomainObjPtr vm, - const char *file, - char * const *devMountsPath, - size_t ndevMountsPath, - unsigned int ttl) -{ - g_autoptr(virQEMUDriverConfig) cfg =3D NULL; - struct qemuDomainAttachDeviceMknodData data; - int ret =3D -1; - g_autofree char *target =3D NULL; - bool isLink; - bool isReg; - bool isDir; - - if (!ttl) { - virReportSystemError(ELOOP, - _("Too many levels of symbolic links: %s"), - file); - return ret; - } - - memset(&data, 0, sizeof(data)); - - data.driver =3D driver; - data.vm =3D vm; - data.file =3D file; - - if (g_lstat(file, &data.sb) < 0) { - virReportSystemError(errno, - _("Unable to access %s"), file); - return ret; - } - - isLink =3D S_ISLNK(data.sb.st_mode); - isReg =3D S_ISREG(data.sb.st_mode) || S_ISFIFO(data.sb.st_mode) || S_I= SSOCK(data.sb.st_mode); - isDir =3D S_ISDIR(data.sb.st_mode); - - if ((isReg || isDir) && STRPREFIX(file, QEMU_DEVPREFIX)) { - cfg =3D virQEMUDriverGetConfig(driver); - if (!(target =3D qemuDomainGetPreservedMountPath(cfg, vm, file))) - goto cleanup; - - if (virFileBindMountDevice(file, target) < 0) - goto cleanup; - - data.target =3D target; - } else if (isLink) { - g_autoptr(GError) gerr =3D NULL; - - if (!(target =3D g_file_read_link(file, &gerr))) { - virReportError(VIR_ERR_SYSTEM_ERROR, - _("failed to resolve symlink %s: %s"), file, ge= rr->message); - return ret; - } - - if (!g_path_is_absolute(target)) { - g_autofree char *fileTmp =3D g_strdup(file); - char *c =3D NULL, *tmp =3D NULL; - - if ((c =3D strrchr(fileTmp, '/'))) - *(c + 1) =3D '\0'; - - tmp =3D g_strdup_printf("%s%s", fileTmp, target); - VIR_FREE(target); - target =3D g_steal_pointer(&tmp); - } - - data.target =3D target; - } - - /* Symlinks don't have ACLs. */ - if (!isLink && - virFileGetACLs(file, &data.acl) < 0 && - errno !=3D ENOTSUP) { - virReportSystemError(errno, - _("Unable to get ACLs on %s"), file); - goto cleanup; - } - -# ifdef WITH_SELINUX - if (lgetfilecon_raw(file, &data.tcon) < 0 && - (errno !=3D ENOTSUP && errno !=3D ENODATA)) { - virReportSystemError(errno, - _("Unable to get SELinux label from %s"), fil= e); - goto cleanup; - } -# endif - - if (STRPREFIX(file, QEMU_DEVPREFIX)) { - size_t i; - - for (i =3D 0; i < ndevMountsPath; i++) { - if (STREQ(devMountsPath[i], "/dev")) - continue; - if (STRPREFIX(file, devMountsPath[i])) - break; - } - - if (i =3D=3D ndevMountsPath) { - if (qemuSecurityPreFork(driver->securityManager) < 0) - goto cleanup; - - if (virProcessRunInMountNamespace(vm->pid, - qemuDomainAttachDeviceMknodH= elper, - &data) < 0) { - qemuSecurityPostFork(driver->securityManager); - goto cleanup; - } - qemuSecurityPostFork(driver->securityManager); - } else { - VIR_DEBUG("Skipping dev %s because of %s mount point", - file, devMountsPath[i]); - } - } - - if (isLink && - qemuDomainAttachDeviceMknodRecursive(driver, vm, target, - devMountsPath, ndevMountsPath, - ttl -1) < 0) - goto cleanup; - - ret =3D 0; - cleanup: -# ifdef WITH_SELINUX - freecon(data.tcon); -# endif - virFileFreeACLs(&data.acl); - if (isReg && target) - umount(target); - return ret; -} - - -#else /* !defined(__linux__) */ - - -static int -qemuDomainAttachDeviceMknodRecursive(virQEMUDriverPtr driver G_GNUC_UNUSED, - virDomainObjPtr vm G_GNUC_UNUSED, - const char *file G_GNUC_UNUSED, - char * const *devMountsPath G_GNUC_UN= USED, - size_t ndevMountsPath G_GNUC_UNUSED, - unsigned int ttl G_GNUC_UNUSED) -{ - virReportSystemError(ENOSYS, "%s", - _("Namespaces are not supported on this platform.= ")); - return -1; -} - - -#endif /* !defined(__linux__) */ - - -static int -qemuDomainAttachDeviceMknod(virQEMUDriverPtr driver, - virDomainObjPtr vm, - const char *file, - char * const *devMountsPath, - size_t ndevMountsPath) -{ - long symloop_max =3D sysconf(_SC_SYMLOOP_MAX); - - return qemuDomainAttachDeviceMknodRecursive(driver, vm, file, - devMountsPath, ndevMountsP= ath, - symloop_max); -} - - -static int -qemuDomainDetachDeviceUnlinkHelper(pid_t pid G_GNUC_UNUSED, - void *opaque) -{ - const char *path =3D opaque; - - VIR_DEBUG("Unlinking %s", path); - if (unlink(path) < 0 && errno !=3D ENOENT) { - virReportSystemError(errno, - _("Unable to remove device %s"), path); - return -1; - } - - return 0; -} - - -static int -qemuDomainDetachDeviceUnlink(virQEMUDriverPtr driver G_GNUC_UNUSED, - virDomainObjPtr vm, - const char *file, - char * const *devMountsPath, - size_t ndevMountsPath) -{ - size_t i; - - if (STRPREFIX(file, QEMU_DEVPREFIX)) { - for (i =3D 0; i < ndevMountsPath; i++) { - if (STREQ(devMountsPath[i], "/dev")) - continue; - if (STRPREFIX(file, devMountsPath[i])) - break; - } - - if (i =3D=3D ndevMountsPath) { - if (virProcessRunInMountNamespace(vm->pid, - qemuDomainDetachDeviceUnlink= Helper, - (void *)file) < 0) - return -1; - } - } - - return 0; -} - - -static int -qemuDomainNamespaceMknodPaths(virDomainObjPtr vm, - const char **paths, - size_t npaths) -{ - qemuDomainObjPrivatePtr priv =3D vm->privateData; - virQEMUDriverPtr driver =3D priv->driver; - g_autoptr(virQEMUDriverConfig) cfg =3D NULL; - char **devMountsPath =3D NULL; - size_t ndevMountsPath =3D 0; - int ret =3D -1; - size_t i; - - if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT) || - !npaths) - return 0; - - cfg =3D virQEMUDriverGetConfig(driver); - if (qemuDomainGetPreservedMounts(cfg, vm, - &devMountsPath, NULL, - &ndevMountsPath) < 0) - goto cleanup; - - for (i =3D 0; i < npaths; i++) { - if (qemuDomainAttachDeviceMknod(driver, - vm, - paths[i], - devMountsPath, ndevMountsPath) < 0) - goto cleanup; - } - - ret =3D 0; - cleanup: - virStringListFreeCount(devMountsPath, ndevMountsPath); - return ret; -} - - -static int -qemuDomainNamespaceMknodPath(virDomainObjPtr vm, - const char *path) -{ - const char *paths[] =3D { path }; - - return qemuDomainNamespaceMknodPaths(vm, paths, 1); -} - - -static int -qemuDomainNamespaceUnlinkPaths(virDomainObjPtr vm, - const char **paths, - size_t npaths) -{ - qemuDomainObjPrivatePtr priv =3D vm->privateData; - virQEMUDriverPtr driver =3D priv->driver; - g_autoptr(virQEMUDriverConfig) cfg =3D NULL; - char **devMountsPath =3D NULL; - size_t ndevMountsPath =3D 0; - size_t i; - int ret =3D -1; - - if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT) || - !npaths) - return 0; - - cfg =3D virQEMUDriverGetConfig(driver); - - if (qemuDomainGetPreservedMounts(cfg, vm, - &devMountsPath, NULL, - &ndevMountsPath) < 0) - goto cleanup; - - for (i =3D 0; i < npaths; i++) { - if (qemuDomainDetachDeviceUnlink(driver, vm, paths[i], - devMountsPath, ndevMountsPath) < = 0) - goto cleanup; - } - - ret =3D 0; - cleanup: - virStringListFreeCount(devMountsPath, ndevMountsPath); - return ret; -} - - -static int -qemuDomainNamespaceUnlinkPath(virDomainObjPtr vm, - const char *path) -{ - const char *paths[] =3D { path }; - - return qemuDomainNamespaceUnlinkPaths(vm, paths, 1); -} - - -int -qemuDomainNamespaceSetupDisk(virDomainObjPtr vm, - virStorageSourcePtr src) -{ - virStorageSourcePtr next; - VIR_AUTOSTRINGLIST paths =3D NULL; - size_t npaths =3D 0; - bool hasNVMe =3D false; - - for (next =3D src; virStorageSourceIsBacking(next); next =3D next->bac= kingStore) { - g_autofree char *tmpPath =3D NULL; - - if (next->type =3D=3D VIR_STORAGE_TYPE_NVME) { - hasNVMe =3D true; - - if (!(tmpPath =3D virPCIDeviceAddressGetIOMMUGroupDev(&next->n= vme->pciAddr))) - return -1; - } else { - VIR_AUTOSTRINGLIST targetPaths =3D NULL; - - if (virStorageSourceIsEmpty(next) || - !virStorageSourceIsLocalStorage(next)) { - /* Not creating device. Just continue. */ - continue; - } - - tmpPath =3D g_strdup(next->path); - - if (virDevMapperGetTargets(next->path, &targetPaths) < 0 && - errno !=3D ENOSYS) { - virReportSystemError(errno, - _("Unable to get devmapper targets fo= r %s"), - next->path); - return -1; - } - - if (virStringListMerge(&paths, &targetPaths) < 0) - return -1; - } - - if (virStringListAdd(&paths, tmpPath) < 0) - return -1; - } - - /* qemu-pr-helper might require access to /dev/mapper/control. */ - if (src->pr && - virStringListAdd(&paths, QEMU_DEVICE_MAPPER_CONTROL_PATH) < 0) - return -1; - - if (hasNVMe && - virStringListAdd(&paths, QEMU_DEV_VFIO) < 0) - return -1; - - npaths =3D virStringListLength((const char **) paths); - if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths, npaths) <= 0) - return -1; - - return 0; -} - - -int -qemuDomainNamespaceTeardownDisk(virDomainObjPtr vm G_GNUC_UNUSED, - virStorageSourcePtr src G_GNUC_UNUSED) -{ - /* While in hotplug case we create the whole backing chain, - * here we must limit ourselves. The disk we want to remove - * might be a part of backing chain of another disk. - * If you are reading these lines and have some spare time - * you can come up with and algorithm that checks for that. - * I don't, therefore: */ - return 0; -} - - -/** - * qemuDomainNamespaceSetupHostdev: - * @vm: domain object - * @hostdev: hostdev to create in @vm's namespace - * - * For given @hostdev, create its devfs representation (if it has one) in - * domain namespace. Note, @hostdev must not be in @vm's definition. - * - * Returns: 0 on success, - * -1 otherwise. - */ -int -qemuDomainNamespaceSetupHostdev(virDomainObjPtr vm, - virDomainHostdevDefPtr hostdev) -{ - g_autofree char *path =3D NULL; - - if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) - return -1; - - if (path && qemuDomainNamespaceMknodPath(vm, path) < 0) - return -1; - - if (qemuHostdevNeedsVFIO(hostdev) && - !qemuDomainNeedsVFIO(vm->def) && - qemuDomainNamespaceMknodPath(vm, QEMU_DEV_VFIO) < 0) - return -1; - - return 0; -} - - -/** - * qemuDomainNamespaceTeardownHostdev: - * @vm: domain object - * @hostdev: hostdev to remove in @vm's namespace - * - * For given @hostdev, remove its devfs representation (if it has one) in - * domain namespace. Note, @hostdev must not be in @vm's definition. - * - * Returns: 0 on success, - * -1 otherwise. - */ -int -qemuDomainNamespaceTeardownHostdev(virDomainObjPtr vm, - virDomainHostdevDefPtr hostdev) -{ - g_autofree char *path =3D NULL; - - if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) - return -1; - - if (path && qemuDomainNamespaceUnlinkPath(vm, path) < 0) - return -1; - - if (qemuHostdevNeedsVFIO(hostdev) && - !qemuDomainNeedsVFIO(vm->def) && - qemuDomainNamespaceUnlinkPath(vm, QEMU_DEV_VFIO) < 0) - return -1; - - return 0; -} - - -int -qemuDomainNamespaceSetupMemory(virDomainObjPtr vm, - virDomainMemoryDefPtr mem) -{ - if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM) - return 0; - - if (qemuDomainNamespaceMknodPath(vm, mem->nvdimmPath) < 0) - return -1; - - return 0; -} - - -int -qemuDomainNamespaceTeardownMemory(virDomainObjPtr vm, - virDomainMemoryDefPtr mem) -{ - if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM) - return 0; - - if (qemuDomainNamespaceUnlinkPath(vm, mem->nvdimmPath) < 0) - return -1; - - return 0; -} - - -int -qemuDomainNamespaceSetupChardev(virDomainObjPtr vm, - virDomainChrDefPtr chr) -{ - const char *path; - - if (!(path =3D virDomainChrSourceDefGetPath(chr->source))) - return 0; - - /* Socket created by qemu. It doesn't exist upfront. */ - if (chr->source->type =3D=3D VIR_DOMAIN_CHR_TYPE_UNIX && - chr->source->data.nix.listen) - return 0; - - if (qemuDomainNamespaceMknodPath(vm, path) < 0) - return -1; - - return 0; -} - - -int -qemuDomainNamespaceTeardownChardev(virDomainObjPtr vm, - virDomainChrDefPtr chr) -{ - const char *path =3D NULL; - - if (chr->source->type !=3D VIR_DOMAIN_CHR_TYPE_DEV) - return 0; - - path =3D chr->source->data.file.path; - - if (qemuDomainNamespaceUnlinkPath(vm, path) < 0) - return -1; - - return 0; -} - - -int -qemuDomainNamespaceSetupRNG(virDomainObjPtr vm, - virDomainRNGDefPtr rng) -{ - const char *path =3D NULL; - - switch ((virDomainRNGBackend) rng->backend) { - case VIR_DOMAIN_RNG_BACKEND_RANDOM: - path =3D rng->source.file; - break; - - case VIR_DOMAIN_RNG_BACKEND_EGD: - case VIR_DOMAIN_RNG_BACKEND_BUILTIN: - case VIR_DOMAIN_RNG_BACKEND_LAST: - break; - } - - if (path && qemuDomainNamespaceMknodPath(vm, path) < 0) - return -1; - - return 0; -} - - -int -qemuDomainNamespaceTeardownRNG(virDomainObjPtr vm, - virDomainRNGDefPtr rng) -{ - const char *path =3D NULL; - - switch ((virDomainRNGBackend) rng->backend) { - case VIR_DOMAIN_RNG_BACKEND_RANDOM: - path =3D rng->source.file; - break; - - case VIR_DOMAIN_RNG_BACKEND_EGD: - case VIR_DOMAIN_RNG_BACKEND_BUILTIN: - case VIR_DOMAIN_RNG_BACKEND_LAST: - break; - } - - if (path && qemuDomainNamespaceUnlinkPath(vm, path) < 0) - return -1; - - return 0; -} - - -int -qemuDomainNamespaceSetupInput(virDomainObjPtr vm, - virDomainInputDefPtr input) -{ - const char *path =3D NULL; - - if (!(path =3D virDomainInputDefGetPath(input))) - return 0; - - if (path && qemuDomainNamespaceMknodPath(vm, path) < 0) - return -1; - return 0; -} - - -int -qemuDomainNamespaceTeardownInput(virDomainObjPtr vm, - virDomainInputDefPtr input) -{ - const char *path =3D NULL; - - if (!(path =3D virDomainInputDefGetPath(input))) - return 0; - - if (path && qemuDomainNamespaceUnlinkPath(vm, path) < 0) - return -1; - - return 0; -} - - /** * qemuDomainDiskLookupByNodename: * @def: domain definition to look for the disk diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 29849a7313..3a1bcbbfa3 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -91,15 +91,6 @@ struct _qemuDomainUnpluggingDevice { #define QEMU_DEVICE_MAPPER_CONTROL_PATH "/dev/mapper/control" =20 =20 -typedef enum { - QEMU_DOMAIN_NS_MOUNT =3D 0, - QEMU_DOMAIN_NS_LAST -} qemuDomainNamespace; -VIR_ENUM_DECL(qemuDomainNamespace); - -bool qemuDomainNamespaceEnabled(virDomainObjPtr vm, - qemuDomainNamespace ns); - /* Type of domain secret */ typedef enum { VIR_DOMAIN_SECRET_INFO_TYPE_PLAIN =3D 0, @@ -919,54 +910,6 @@ int qemuDomainGetHostdevPath(virDomainHostdevDefPtr de= v, char **path, int *perms); =20 -int qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, - virSecurityManagerPtr mgr, - virDomainObjPtr vm); - -int qemuDomainCreateNamespace(virQEMUDriverPtr driver, - virDomainObjPtr vm); - -void qemuDomainDestroyNamespace(virQEMUDriverPtr driver, - virDomainObjPtr vm); - -bool qemuDomainNamespaceAvailable(qemuDomainNamespace ns); - -int qemuDomainNamespaceSetupDisk(virDomainObjPtr vm, - virStorageSourcePtr src); - -int qemuDomainNamespaceTeardownDisk(virDomainObjPtr vm, - virStorageSourcePtr src); - -int qemuDomainNamespaceSetupHostdev(virDomainObjPtr vm, - virDomainHostdevDefPtr hostdev); - -int qemuDomainNamespaceTeardownHostdev(virDomainObjPtr vm, - virDomainHostdevDefPtr hostdev); - -int qemuDomainNamespaceSetupMemory(virDomainObjPtr vm, - virDomainMemoryDefPtr memory); - -int qemuDomainNamespaceTeardownMemory(virDomainObjPtr vm, - virDomainMemoryDefPtr memory); - -int qemuDomainNamespaceSetupChardev(virDomainObjPtr vm, - virDomainChrDefPtr chr); - -int qemuDomainNamespaceTeardownChardev(virDomainObjPtr vm, - virDomainChrDefPtr chr); - -int qemuDomainNamespaceSetupRNG(virDomainObjPtr vm, - virDomainRNGDefPtr rng); - -int qemuDomainNamespaceTeardownRNG(virDomainObjPtr vm, - virDomainRNGDefPtr rng); - -int qemuDomainNamespaceSetupInput(virDomainObjPtr vm, - virDomainInputDefPtr input); - -int qemuDomainNamespaceTeardownInput(virDomainObjPtr vm, - virDomainInputDefPtr input); - virDomainDiskDefPtr qemuDomainDiskLookupByNodename(virDomainDefPtr def, const char *nodename, virStorageSourcePtr *sr= c); diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c new file mode 100644 index 0000000000..1e54cb2153 --- /dev/null +++ b/src/qemu/qemu_domain_namespace.c @@ -0,0 +1,1885 @@ +/* + * qemu_domain_namespace.c: QEMU domain namespace helpers + * + * Copyright (C) 2006-2019 Red Hat, Inc. + * Copyright (C) 2006 Daniel P. Berrange + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + */ + +#include + +#ifdef __linux__ +# include +#endif +#if defined(HAVE_SYS_MOUNT_H) +# include +#endif +#ifdef WITH_SELINUX +# include +#endif + +#include "qemu_domain_namespace.h" +#include "qemu_domain.h" +#include "qemu_cgroup.h" +#include "qemu_security.h" +#include "qemu_hostdev.h" +#include "viralloc.h" +#include "virlog.h" +#include "virstring.h" +#include "virdevmapper.h" + +#define VIR_FROM_THIS VIR_FROM_QEMU + +VIR_LOG_INIT("qemu.qemu_domain"); + + +VIR_ENUM_IMPL(qemuDomainNamespace, + QEMU_DOMAIN_NS_LAST, + "mount", +); + + +/** + * qemuDomainGetPreservedMountPath: + * @cfg: driver configuration data + * @vm: domain object + * @mountpoint: mount point path to convert + * + * For given @mountpoint return new path where the mount point + * should be moved temporarily whilst building the namespace. + * + * Returns: allocated string on success which the caller must free, + * NULL on failure. + */ +static char * +qemuDomainGetPreservedMountPath(virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm, + const char *mountpoint) +{ + char *path =3D NULL; + char *tmp; + const char *suffix =3D mountpoint + strlen(QEMU_DEVPREFIX); + g_autofree char *domname =3D virDomainDefGetShortName(vm->def); + size_t off; + + if (!domname) + return NULL; + + if (STREQ(mountpoint, "/dev")) + suffix =3D "dev"; + + path =3D g_strdup_printf("%s/%s.%s", cfg->stateDir, domname, suffix); + + /* Now consider that @mountpoint is "/dev/blah/blah2". + * @suffix then points to "blah/blah2". However, caller + * expects all the @paths to be the same depth. The + * caller doesn't always do `mkdir -p` but sometimes bare + * `touch`. Therefore fix all the suffixes. */ + off =3D strlen(path) - strlen(suffix); + + tmp =3D path + off; + while (*tmp) { + if (*tmp =3D=3D '/') + *tmp =3D '.'; + tmp++; + } + + return path; +} + + +/** + * qemuDomainGetPreservedMounts: + * + * Process list of mounted filesystems and: + * a) save all FSs mounted under /dev to @devPath + * b) generate backup path for all the entries in a) + * + * Any of the return pointers can be NULL. + * + * Returns 0 on success, -1 otherwise (with error reported) + */ +static int +qemuDomainGetPreservedMounts(virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm, + char ***devPath, + char ***devSavePath, + size_t *ndevPath) +{ + char **paths =3D NULL, **mounts =3D NULL; + size_t i, j, nmounts; + + if (virFileGetMountSubtree(QEMU_PROC_MOUNTS, "/dev", + &mounts, &nmounts) < 0) + goto error; + + if (!nmounts) { + if (ndevPath) + *ndevPath =3D 0; + return 0; + } + + /* There can be nested mount points. For instance + * /dev/shm/blah can be a mount point and /dev/shm too. It + * doesn't make much sense to return the former path because + * caller preserves the latter (and with that the former + * too). Therefore prune nested mount points. + * NB mounts[0] is "/dev". Should we start the outer loop + * from the beginning of the array all we'd be left with is + * just the first element. Think about it. + */ + for (i =3D 1; i < nmounts; i++) { + j =3D i + 1; + while (j < nmounts) { + char *c =3D STRSKIP(mounts[j], mounts[i]); + + if (c && (*c =3D=3D '/' || *c =3D=3D '\0')) { + VIR_DEBUG("Dropping path %s because of %s", mounts[j], mou= nts[i]); + VIR_DELETE_ELEMENT(mounts, j, nmounts); + } else { + j++; + } + } + } + + if (VIR_ALLOC_N(paths, nmounts) < 0) + goto error; + + for (i =3D 0; i < nmounts; i++) { + if (!(paths[i] =3D qemuDomainGetPreservedMountPath(cfg, vm, mounts= [i]))) + goto error; + } + + if (devPath) + *devPath =3D mounts; + else + virStringListFreeCount(mounts, nmounts); + + if (devSavePath) + *devSavePath =3D paths; + else + virStringListFreeCount(paths, nmounts); + + if (ndevPath) + *ndevPath =3D nmounts; + + return 0; + + error: + virStringListFreeCount(mounts, nmounts); + virStringListFreeCount(paths, nmounts); + return -1; +} + + +struct qemuDomainCreateDeviceData { + const char *path; /* Path to temp new /dev location */ + char * const *devMountsPath; + size_t ndevMountsPath; +}; + + +static int +qemuDomainCreateDeviceRecursive(const char *device, + const struct qemuDomainCreateDeviceData *d= ata, + bool allow_noent, + unsigned int ttl) +{ + g_autofree char *devicePath =3D NULL; + g_autofree char *target =3D NULL; + GStatBuf sb; + int ret =3D -1; + bool isLink =3D false; + bool isDev =3D false; + bool isReg =3D false; + bool isDir =3D false; + bool create =3D false; +#ifdef WITH_SELINUX + char *tcon =3D NULL; +#endif + + if (!ttl) { + virReportSystemError(ELOOP, + _("Too many levels of symbolic links: %s"), + device); + return ret; + } + + if (g_lstat(device, &sb) < 0) { + if (errno =3D=3D ENOENT && allow_noent) { + /* Ignore non-existent device. */ + return 0; + } + virReportSystemError(errno, _("Unable to stat %s"), device); + return ret; + } + + isLink =3D S_ISLNK(sb.st_mode); + isDev =3D S_ISCHR(sb.st_mode) || S_ISBLK(sb.st_mode); + isReg =3D S_ISREG(sb.st_mode) || S_ISFIFO(sb.st_mode) || S_ISSOCK(sb.s= t_mode); + isDir =3D S_ISDIR(sb.st_mode); + + /* Here, @device might be whatever path in the system. We + * should create the path in the namespace iff it's "/dev" + * prefixed. However, if it is a symlink, we need to traverse + * it too (it might point to something in "/dev"). Just + * consider: + * + * /var/sym1 -> /var/sym2 -> /dev/sda (because users can) + * + * This means, "/var/sym1" is not created (it's shared with + * the parent namespace), nor "/var/sym2", but "/dev/sda". + * + * TODO Remove all `.' and `..' from the @device path. + * Otherwise we might get fooled with `/dev/../var/my_image'. + * For now, lets hope callers play nice. + */ + if (STRPREFIX(device, QEMU_DEVPREFIX)) { + size_t i; + + for (i =3D 0; i < data->ndevMountsPath; i++) { + if (STREQ(data->devMountsPath[i], "/dev")) + continue; + if (STRPREFIX(device, data->devMountsPath[i])) + break; + } + + if (i =3D=3D data->ndevMountsPath) { + /* Okay, @device is in /dev but not in any mount point under /= dev. + * Create it. */ + devicePath =3D g_strdup_printf("%s/%s", data->path, + device + strlen(QEMU_DEVPREFIX)); + + if (virFileMakeParentPath(devicePath) < 0) { + virReportSystemError(errno, + _("Unable to create %s"), + devicePath); + goto cleanup; + } + VIR_DEBUG("Creating dev %s", device); + create =3D true; + } else { + VIR_DEBUG("Skipping dev %s because of %s mount point", + device, data->devMountsPath[i]); + } + } + + if (isLink) { + g_autoptr(GError) gerr =3D NULL; + + /* We are dealing with a symlink. Create a dangling symlink and de= scend + * down one level which hopefully creates the symlink's target. */ + if (!(target =3D g_file_read_link(device, &gerr))) { + virReportError(VIR_ERR_SYSTEM_ERROR, + _("failed to resolve symlink %s: %s"), device, = gerr->message); + goto cleanup; + } + + if (create && + symlink(target, devicePath) < 0) { + if (errno =3D=3D EEXIST) { + ret =3D 0; + } else { + virReportSystemError(errno, + _("unable to create symlink %s"), + devicePath); + } + goto cleanup; + } + + /* Tricky part. If the target starts with a slash then we need to = take + * it as it is. Otherwise we need to replace the last component in= the + * original path with the link target: + * /dev/rtc -> rtc0 (want /dev/rtc0) + * /dev/disk/by-id/ata-SanDisk_SDSSDXPS480G_161101402485 -> ../../= sda + * (want /dev/disk/by-id/../../sda) + * /dev/stdout -> /proc/self/fd/1 (no change needed) + */ + if (!g_path_is_absolute(target)) { + g_autofree char *devTmp =3D g_strdup(device); + char *c =3D NULL, *tmp =3D NULL; + + if ((c =3D strrchr(devTmp, '/'))) + *(c + 1) =3D '\0'; + + tmp =3D g_strdup_printf("%s%s", devTmp, target); + VIR_FREE(target); + target =3D g_steal_pointer(&tmp); + } + + if (qemuDomainCreateDeviceRecursive(target, data, + allow_noent, ttl - 1) < 0) + goto cleanup; + } else if (isDev) { + if (create) { + unlink(devicePath); + if (mknod(devicePath, sb.st_mode, sb.st_rdev) < 0) { + virReportSystemError(errno, + _("Failed to make device %s"), + devicePath); + goto cleanup; + } + } + } else if (isReg) { + if (create && + virFileTouch(devicePath, sb.st_mode) < 0) + goto cleanup; + /* Just create the file here so that code below sets + * proper owner and mode. Bind mount only after that. */ + } else if (isDir) { + if (create && + virFileMakePathWithMode(devicePath, sb.st_mode) < 0) { + virReportSystemError(errno, + _("Unable to make dir %s"), + devicePath); + goto cleanup; + } + } else { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, + _("unsupported device type %s 0%o"), + device, sb.st_mode); + goto cleanup; + } + + if (!create) { + ret =3D 0; + goto cleanup; + } + + if (lchown(devicePath, sb.st_uid, sb.st_gid) < 0) { + virReportSystemError(errno, + _("Failed to chown device %s"), + devicePath); + goto cleanup; + } + + /* Symlinks don't have mode */ + if (!isLink && + chmod(devicePath, sb.st_mode) < 0) { + virReportSystemError(errno, + _("Failed to set permissions for device %s"), + devicePath); + goto cleanup; + } + + /* Symlinks don't have ACLs. */ + if (!isLink && + virFileCopyACLs(device, devicePath) < 0 && + errno !=3D ENOTSUP) { + virReportSystemError(errno, + _("Failed to copy ACLs on device %s"), + devicePath); + goto cleanup; + } + +#ifdef WITH_SELINUX + if (lgetfilecon_raw(device, &tcon) < 0 && + (errno !=3D ENOTSUP && errno !=3D ENODATA)) { + virReportSystemError(errno, + _("Unable to get SELinux label from %s"), + device); + goto cleanup; + } + + if (tcon && + lsetfilecon_raw(devicePath, (const char *)tcon) < 0) { + VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR + if (errno !=3D EOPNOTSUPP && errno !=3D ENOTSUP) { + VIR_WARNINGS_RESET + virReportSystemError(errno, + _("Unable to set SELinux label on %s"), + devicePath); + goto cleanup; + } + } +#endif + + /* Finish mount process started earlier. */ + if ((isReg || isDir) && + virFileBindMountDevice(device, devicePath) < 0) + goto cleanup; + + ret =3D 0; + cleanup: +#ifdef WITH_SELINUX + freecon(tcon); +#endif + return ret; +} + + +static int +qemuDomainCreateDevice(const char *device, + const struct qemuDomainCreateDeviceData *data, + bool allow_noent) +{ + long symloop_max =3D sysconf(_SC_SYMLOOP_MAX); + + return qemuDomainCreateDeviceRecursive(device, data, + allow_noent, symloop_max); +} + + +static int +qemuDomainPopulateDevices(virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm G_GNUC_UNUSED, + const struct qemuDomainCreateDeviceData *data) +{ + const char *const *devices =3D (const char *const *) cfg->cgroupDevice= ACL; + size_t i; + + if (!devices) + devices =3D defaultDeviceACL; + + for (i =3D 0; devices[i]; i++) { + if (qemuDomainCreateDevice(devices[i], data, true) < 0) + return -1; + } + + return 0; +} + + +static int +qemuDomainSetupDev(virQEMUDriverConfigPtr cfg, + virSecurityManagerPtr mgr, + virDomainObjPtr vm, + const struct qemuDomainCreateDeviceData *data) +{ + g_autofree char *mount_options =3D NULL; + g_autofree char *opts =3D NULL; + + VIR_DEBUG("Setting up /dev/ for domain %s", vm->def->name); + + mount_options =3D qemuSecurityGetMountOptions(mgr, vm->def); + + if (!mount_options) + mount_options =3D g_strdup(""); + + /* + * tmpfs is limited to 64kb, since we only have device nodes in there + * and don't want to DOS the entire OS RAM usage + */ + opts =3D g_strdup_printf("mode=3D755,size=3D65536%s", mount_options); + + if (virFileSetupDev(data->path, opts) < 0) + return -1; + + if (qemuDomainPopulateDevices(cfg, vm, data) < 0) + return -1; + + return 0; +} + + +static int +qemuDomainSetupDisk(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, + virDomainDiskDefPtr disk, + const struct qemuDomainCreateDeviceData *data) +{ + virStorageSourcePtr next; + bool hasNVMe =3D false; + + for (next =3D disk->src; virStorageSourceIsBacking(next); next =3D nex= t->backingStore) { + VIR_AUTOSTRINGLIST targetPaths =3D NULL; + size_t i; + + if (next->type =3D=3D VIR_STORAGE_TYPE_NVME) { + g_autofree char *nvmePath =3D NULL; + + hasNVMe =3D true; + + if (!(nvmePath =3D virPCIDeviceAddressGetIOMMUGroupDev(&next->= nvme->pciAddr))) + return -1; + + if (qemuDomainCreateDevice(nvmePath, data, false) < 0) + return -1; + } else { + if (!next->path || !virStorageSourceIsLocalStorage(next)) { + /* Not creating device. Just continue. */ + continue; + } + + if (qemuDomainCreateDevice(next->path, data, false) < 0) + return -1; + + if (virDevMapperGetTargets(next->path, &targetPaths) < 0 && + errno !=3D ENOSYS) { + virReportSystemError(errno, + _("Unable to get devmapper targets fo= r %s"), + next->path); + return -1; + } + + for (i =3D 0; targetPaths && targetPaths[i]; i++) { + if (qemuDomainCreateDevice(targetPaths[i], data, false) < = 0) + return -1; + } + } + } + + /* qemu-pr-helper might require access to /dev/mapper/control. */ + if (disk->src->pr && + qemuDomainCreateDevice(QEMU_DEVICE_MAPPER_CONTROL_PATH, data, true= ) < 0) + return -1; + + if (hasNVMe && + qemuDomainCreateDevice(QEMU_DEV_VFIO, data, false) < 0) + return -1; + + return 0; +} + + +static int +qemuDomainSetupAllDisks(virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm, + const struct qemuDomainCreateDeviceData *data) +{ + size_t i; + VIR_DEBUG("Setting up disks"); + + for (i =3D 0; i < vm->def->ndisks; i++) { + if (qemuDomainSetupDisk(cfg, + vm->def->disks[i], + data) < 0) + return -1; + } + + VIR_DEBUG("Setup all disks"); + return 0; +} + + +static int +qemuDomainSetupHostdev(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, + virDomainHostdevDefPtr dev, + const struct qemuDomainCreateDeviceData *data) +{ + g_autofree char *path =3D NULL; + + if (qemuDomainGetHostdevPath(dev, &path, NULL) < 0) + return -1; + + if (path && qemuDomainCreateDevice(path, data, false) < 0) + return -1; + + if (qemuHostdevNeedsVFIO(dev) && + qemuDomainCreateDevice(QEMU_DEV_VFIO, data, false) < 0) + return -1; + + return 0; +} + + +static int +qemuDomainSetupAllHostdevs(virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm, + const struct qemuDomainCreateDeviceData *data) +{ + size_t i; + + VIR_DEBUG("Setting up hostdevs"); + for (i =3D 0; i < vm->def->nhostdevs; i++) { + if (qemuDomainSetupHostdev(cfg, + vm->def->hostdevs[i], + data) < 0) + return -1; + } + VIR_DEBUG("Setup all hostdevs"); + return 0; +} + + +static int +qemuDomainSetupMemory(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, + virDomainMemoryDefPtr mem, + const struct qemuDomainCreateDeviceData *data) +{ + if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM) + return 0; + + return qemuDomainCreateDevice(mem->nvdimmPath, data, false); +} + + +static int +qemuDomainSetupAllMemories(virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm, + const struct qemuDomainCreateDeviceData *data) +{ + size_t i; + + VIR_DEBUG("Setting up memories"); + for (i =3D 0; i < vm->def->nmems; i++) { + if (qemuDomainSetupMemory(cfg, + vm->def->mems[i], + data) < 0) + return -1; + } + VIR_DEBUG("Setup all memories"); + return 0; +} + + +static int +qemuDomainSetupChardev(virDomainDefPtr def G_GNUC_UNUSED, + virDomainChrDefPtr dev, + void *opaque) +{ + const struct qemuDomainCreateDeviceData *data =3D opaque; + const char *path =3D NULL; + + if (!(path =3D virDomainChrSourceDefGetPath(dev->source))) + return 0; + + /* Socket created by qemu. It doesn't exist upfront. */ + if (dev->source->type =3D=3D VIR_DOMAIN_CHR_TYPE_UNIX && + dev->source->data.nix.listen) + return 0; + + return qemuDomainCreateDevice(path, data, true); +} + + +static int +qemuDomainSetupAllChardevs(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, + virDomainObjPtr vm, + const struct qemuDomainCreateDeviceData *data) +{ + VIR_DEBUG("Setting up chardevs"); + + if (virDomainChrDefForeach(vm->def, + true, + qemuDomainSetupChardev, + (void *)data) < 0) + return -1; + + VIR_DEBUG("Setup all chardevs"); + return 0; +} + + +static int +qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, + virDomainTPMDefPtr dev, + const struct qemuDomainCreateDeviceData *data) +{ + switch (dev->type) { + case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: + if (qemuDomainCreateDevice(dev->data.passthrough.source.data.file.= path, + data, false) < 0) + return -1; + break; + + case VIR_DOMAIN_TPM_TYPE_EMULATOR: + case VIR_DOMAIN_TPM_TYPE_LAST: + /* nada */ + break; + } + + return 0; +} + + +static int +qemuDomainSetupAllTPMs(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, + virDomainObjPtr vm, + const struct qemuDomainCreateDeviceData *data) +{ + size_t i; + + VIR_DEBUG("Setting up TPMs"); + + for (i =3D 0; i < vm->def->ntpms; i++) { + if (qemuDomainSetupTPM(cfg, vm->def->tpms[i], data) < 0) + return -1; + } + + VIR_DEBUG("Setup all TPMs"); + return 0; +} + + +static int +qemuDomainSetupGraphics(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, + virDomainGraphicsDefPtr gfx, + const struct qemuDomainCreateDeviceData *data) +{ + const char *rendernode =3D virDomainGraphicsGetRenderNode(gfx); + + if (!rendernode) + return 0; + + return qemuDomainCreateDevice(rendernode, data, false); +} + + +static int +qemuDomainSetupAllGraphics(virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm, + const struct qemuDomainCreateDeviceData *data) +{ + size_t i; + + VIR_DEBUG("Setting up graphics"); + for (i =3D 0; i < vm->def->ngraphics; i++) { + if (qemuDomainSetupGraphics(cfg, + vm->def->graphics[i], + data) < 0) + return -1; + } + + VIR_DEBUG("Setup all graphics"); + return 0; +} + + +static int +qemuDomainSetupInput(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, + virDomainInputDefPtr input, + const struct qemuDomainCreateDeviceData *data) +{ + const char *path =3D virDomainInputDefGetPath(input); + + if (path && qemuDomainCreateDevice(path, data, false) < 0) + return -1; + + return 0; +} + + +static int +qemuDomainSetupAllInputs(virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm, + const struct qemuDomainCreateDeviceData *data) +{ + size_t i; + + VIR_DEBUG("Setting up inputs"); + for (i =3D 0; i < vm->def->ninputs; i++) { + if (qemuDomainSetupInput(cfg, + vm->def->inputs[i], + data) < 0) + return -1; + } + VIR_DEBUG("Setup all inputs"); + return 0; +} + + +static int +qemuDomainSetupRNG(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, + virDomainRNGDefPtr rng, + const struct qemuDomainCreateDeviceData *data) +{ + switch ((virDomainRNGBackend) rng->backend) { + case VIR_DOMAIN_RNG_BACKEND_RANDOM: + if (qemuDomainCreateDevice(rng->source.file, data, false) < 0) + return -1; + break; + + case VIR_DOMAIN_RNG_BACKEND_EGD: + case VIR_DOMAIN_RNG_BACKEND_BUILTIN: + case VIR_DOMAIN_RNG_BACKEND_LAST: + /* nada */ + break; + } + + return 0; +} + + +static int +qemuDomainSetupAllRNGs(virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm, + const struct qemuDomainCreateDeviceData *data) +{ + size_t i; + + VIR_DEBUG("Setting up RNGs"); + for (i =3D 0; i < vm->def->nrngs; i++) { + if (qemuDomainSetupRNG(cfg, + vm->def->rngs[i], + data) < 0) + return -1; + } + + VIR_DEBUG("Setup all RNGs"); + return 0; +} + + +static int +qemuDomainSetupLoader(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, + virDomainObjPtr vm, + const struct qemuDomainCreateDeviceData *data) +{ + virDomainLoaderDefPtr loader =3D vm->def->os.loader; + + VIR_DEBUG("Setting up loader"); + + if (loader) { + switch ((virDomainLoader) loader->type) { + case VIR_DOMAIN_LOADER_TYPE_ROM: + if (qemuDomainCreateDevice(loader->path, data, false) < 0) + return -1; + break; + + case VIR_DOMAIN_LOADER_TYPE_PFLASH: + if (qemuDomainCreateDevice(loader->path, data, false) < 0) + return -1; + + if (loader->nvram && + qemuDomainCreateDevice(loader->nvram, data, false) < 0) + return -1; + break; + + case VIR_DOMAIN_LOADER_TYPE_NONE: + case VIR_DOMAIN_LOADER_TYPE_LAST: + break; + } + } + + VIR_DEBUG("Setup loader"); + return 0; +} + + +static int +qemuDomainSetupLaunchSecurity(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, + virDomainObjPtr vm, + const struct qemuDomainCreateDeviceData *dat= a) +{ + virDomainSEVDefPtr sev =3D vm->def->sev; + + if (!sev || sev->sectype !=3D VIR_DOMAIN_LAUNCH_SECURITY_SEV) + return 0; + + VIR_DEBUG("Setting up launch security"); + + if (qemuDomainCreateDevice(QEMU_DEV_SEV, data, false) < 0) + return -1; + + VIR_DEBUG("Set up launch security"); + return 0; +} + + +int +qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, + virSecurityManagerPtr mgr, + virDomainObjPtr vm) +{ + struct qemuDomainCreateDeviceData data; + const char *devPath =3D NULL; + char **devMountsPath =3D NULL, **devMountsSavePath =3D NULL; + size_t ndevMountsPath =3D 0, i; + int ret =3D -1; + + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) { + ret =3D 0; + goto cleanup; + } + + if (qemuDomainGetPreservedMounts(cfg, vm, + &devMountsPath, &devMountsSavePath, + &ndevMountsPath) < 0) + goto cleanup; + + for (i =3D 0; i < ndevMountsPath; i++) { + if (STREQ(devMountsPath[i], "/dev")) { + devPath =3D devMountsSavePath[i]; + break; + } + } + + if (!devPath) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("Unable to find any /dev mount")); + goto cleanup; + } + + data.path =3D devPath; + data.devMountsPath =3D devMountsPath; + data.ndevMountsPath =3D ndevMountsPath; + + if (virProcessSetupPrivateMountNS() < 0) + goto cleanup; + + if (qemuDomainSetupDev(cfg, mgr, vm, &data) < 0) + goto cleanup; + + if (qemuDomainSetupAllDisks(cfg, vm, &data) < 0) + goto cleanup; + + if (qemuDomainSetupAllHostdevs(cfg, vm, &data) < 0) + goto cleanup; + + if (qemuDomainSetupAllMemories(cfg, vm, &data) < 0) + goto cleanup; + + if (qemuDomainSetupAllChardevs(cfg, vm, &data) < 0) + goto cleanup; + + if (qemuDomainSetupAllTPMs(cfg, vm, &data) < 0) + goto cleanup; + + if (qemuDomainSetupAllGraphics(cfg, vm, &data) < 0) + goto cleanup; + + if (qemuDomainSetupAllInputs(cfg, vm, &data) < 0) + goto cleanup; + + if (qemuDomainSetupAllRNGs(cfg, vm, &data) < 0) + goto cleanup; + + if (qemuDomainSetupLoader(cfg, vm, &data) < 0) + goto cleanup; + + if (qemuDomainSetupLaunchSecurity(cfg, vm, &data) < 0) + goto cleanup; + + /* Save some mount points because we want to share them with the host = */ + for (i =3D 0; i < ndevMountsPath; i++) { + struct stat sb; + + if (devMountsSavePath[i] =3D=3D devPath) + continue; + + if (stat(devMountsPath[i], &sb) < 0) { + virReportSystemError(errno, + _("Unable to stat: %s"), + devMountsPath[i]); + goto cleanup; + } + + /* At this point, devMountsPath is either: + * a file (regular or special), or + * a directory. */ + if ((S_ISDIR(sb.st_mode) && virFileMakePath(devMountsSavePath[i]) = < 0) || + (!S_ISDIR(sb.st_mode) && virFileTouch(devMountsSavePath[i], sb= .st_mode) < 0)) { + virReportSystemError(errno, + _("Failed to create %s"), + devMountsSavePath[i]); + goto cleanup; + } + + if (virFileMoveMount(devMountsPath[i], devMountsSavePath[i]) < 0) + goto cleanup; + } + + if (virFileMoveMount(devPath, "/dev") < 0) + goto cleanup; + + for (i =3D 0; i < ndevMountsPath; i++) { + struct stat sb; + + if (devMountsSavePath[i] =3D=3D devPath) + continue; + + if (stat(devMountsSavePath[i], &sb) < 0) { + virReportSystemError(errno, + _("Unable to stat: %s"), + devMountsSavePath[i]); + goto cleanup; + } + + if (S_ISDIR(sb.st_mode)) { + if (virFileMakePath(devMountsPath[i]) < 0) { + virReportSystemError(errno, _("Cannot create %s"), + devMountsPath[i]); + goto cleanup; + } + } else { + if (virFileMakeParentPath(devMountsPath[i]) < 0 || + virFileTouch(devMountsPath[i], sb.st_mode) < 0) { + virReportSystemError(errno, _("Cannot create %s"), + devMountsPath[i]); + goto cleanup; + } + } + + if (virFileMoveMount(devMountsSavePath[i], devMountsPath[i]) < 0) + goto cleanup; + } + + ret =3D 0; + cleanup: + for (i =3D 0; i < ndevMountsPath; i++) { +#if defined(__linux__) + umount(devMountsSavePath[i]); +#endif /* defined(__linux__) */ + /* The path can be either a regular file or a dir. */ + if (virFileIsDir(devMountsSavePath[i])) + virFileDeleteTree(devMountsSavePath[i]); + else + unlink(devMountsSavePath[i]); + } + virStringListFreeCount(devMountsPath, ndevMountsPath); + virStringListFreeCount(devMountsSavePath, ndevMountsPath); + return ret; +} + + +int +qemuDomainCreateNamespace(virQEMUDriverPtr driver, + virDomainObjPtr vm) +{ + g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); + + if (virBitmapIsBitSet(cfg->namespaces, QEMU_DOMAIN_NS_MOUNT) && + qemuDomainEnableNamespace(vm, QEMU_DOMAIN_NS_MOUNT) < 0) + return -1; + + return 0; +} + + +bool +qemuDomainNamespaceEnabled(virDomainObjPtr vm, + qemuDomainNamespace ns) +{ + qemuDomainObjPrivatePtr priv =3D vm->privateData; + + return priv->namespaces && + virBitmapIsBitSet(priv->namespaces, ns); +} + + +int +qemuDomainEnableNamespace(virDomainObjPtr vm, + qemuDomainNamespace ns) +{ + qemuDomainObjPrivatePtr priv =3D vm->privateData; + + if (!priv->namespaces && + !(priv->namespaces =3D virBitmapNew(QEMU_DOMAIN_NS_LAST))) + return -1; + + if (virBitmapSetBit(priv->namespaces, ns) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unable to enable namespace: %s"), + qemuDomainNamespaceTypeToString(ns)); + return -1; + } + + return 0; +} + + +static void +qemuDomainDisableNamespace(virDomainObjPtr vm, + qemuDomainNamespace ns) +{ + qemuDomainObjPrivatePtr priv =3D vm->privateData; + + if (priv->namespaces) { + ignore_value(virBitmapClearBit(priv->namespaces, ns)); + if (virBitmapIsAllClear(priv->namespaces)) { + virBitmapFree(priv->namespaces); + priv->namespaces =3D NULL; + } + } +} + + +void +qemuDomainDestroyNamespace(virQEMUDriverPtr driver G_GNUC_UNUSED, + virDomainObjPtr vm) +{ + if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) + qemuDomainDisableNamespace(vm, QEMU_DOMAIN_NS_MOUNT); +} + + +bool +qemuDomainNamespaceAvailable(qemuDomainNamespace ns G_GNUC_UNUSED) +{ +#if !defined(__linux__) + /* Namespaces are Linux specific. */ + return false; + +#else /* defined(__linux__) */ + + switch (ns) { + case QEMU_DOMAIN_NS_MOUNT: +# if !defined(HAVE_SYS_ACL_H) || !defined(WITH_SELINUX) + /* We can't create the exact copy of paths if either of + * these is not available. */ + return false; +# else + if (virProcessNamespaceAvailable(VIR_PROCESS_NAMESPACE_MNT) < 0) + return false; +# endif + break; + case QEMU_DOMAIN_NS_LAST: + break; + } + + return true; +#endif /* defined(__linux__) */ +} + + +struct qemuDomainAttachDeviceMknodData { + virQEMUDriverPtr driver; + virDomainObjPtr vm; + const char *file; + const char *target; + GStatBuf sb; + void *acl; +#ifdef WITH_SELINUX + char *tcon; +#endif +}; + + +/* Our way of creating devices is highly linux specific */ +#if defined(__linux__) +static int +qemuDomainAttachDeviceMknodHelper(pid_t pid G_GNUC_UNUSED, + void *opaque) +{ + struct qemuDomainAttachDeviceMknodData *data =3D opaque; + int ret =3D -1; + bool delDevice =3D false; + bool isLink =3D S_ISLNK(data->sb.st_mode); + bool isDev =3D S_ISCHR(data->sb.st_mode) || S_ISBLK(data->sb.st_mode); + bool isReg =3D S_ISREG(data->sb.st_mode) || S_ISFIFO(data->sb.st_mode)= || S_ISSOCK(data->sb.st_mode); + bool isDir =3D S_ISDIR(data->sb.st_mode); + + qemuSecurityPostFork(data->driver->securityManager); + + if (virFileMakeParentPath(data->file) < 0) { + virReportSystemError(errno, + _("Unable to create %s"), data->file); + goto cleanup; + } + + if (isLink) { + VIR_DEBUG("Creating symlink %s -> %s", data->file, data->target); + + /* First, unlink the symlink target. Symlinks change and + * therefore we have no guarantees that pre-existing + * symlink is still valid. */ + if (unlink(data->file) < 0 && + errno !=3D ENOENT) { + virReportSystemError(errno, + _("Unable to remove symlink %s"), + data->file); + goto cleanup; + } + + if (symlink(data->target, data->file) < 0) { + virReportSystemError(errno, + _("Unable to create symlink %s (pointing = to %s)"), + data->file, data->target); + goto cleanup; + } else { + delDevice =3D true; + } + } else if (isDev) { + VIR_DEBUG("Creating dev %s (%d,%d)", + data->file, major(data->sb.st_rdev), minor(data->sb.st_r= dev)); + unlink(data->file); + if (mknod(data->file, data->sb.st_mode, data->sb.st_rdev) < 0) { + virReportSystemError(errno, + _("Unable to create device %s"), + data->file); + goto cleanup; + } else { + delDevice =3D true; + } + } else if (isReg || isDir) { + /* We are not cleaning up disks on virDomainDetachDevice + * because disk might be still in use by different disk + * as its backing chain. This might however clash here. + * Therefore do the cleanup here. */ + if (umount(data->file) < 0 && + errno !=3D ENOENT && errno !=3D EINVAL) { + virReportSystemError(errno, + _("Unable to umount %s"), + data->file); + goto cleanup; + } + if ((isReg && virFileTouch(data->file, data->sb.st_mode) < 0) || + (isDir && virFileMakePathWithMode(data->file, data->sb.st_mode= ) < 0)) + goto cleanup; + delDevice =3D true; + /* Just create the file here so that code below sets + * proper owner and mode. Move the mount only after that. */ + } else { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, + _("unsupported device type %s 0%o"), + data->file, data->sb.st_mode); + goto cleanup; + } + + if (lchown(data->file, data->sb.st_uid, data->sb.st_gid) < 0) { + virReportSystemError(errno, + _("Failed to chown device %s"), + data->file); + goto cleanup; + } + + /* Symlinks don't have mode */ + if (!isLink && + chmod(data->file, data->sb.st_mode) < 0) { + virReportSystemError(errno, + _("Failed to set permissions for device %s"), + data->file); + goto cleanup; + } + + /* Symlinks don't have ACLs. */ + if (!isLink && + virFileSetACLs(data->file, data->acl) < 0 && + errno !=3D ENOTSUP) { + virReportSystemError(errno, + _("Unable to set ACLs on %s"), data->file); + goto cleanup; + } + +# ifdef WITH_SELINUX + if (data->tcon && + lsetfilecon_raw(data->file, (const char *)data->tcon) < 0) { + VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR + if (errno !=3D EOPNOTSUPP && errno !=3D ENOTSUP) { + VIR_WARNINGS_RESET + virReportSystemError(errno, + _("Unable to set SELinux label on %s"), + data->file); + goto cleanup; + } + } +# endif + + /* Finish mount process started earlier. */ + if ((isReg || isDir) && + virFileMoveMount(data->target, data->file) < 0) + goto cleanup; + + ret =3D 0; + cleanup: + if (ret < 0 && delDevice) { + if (isDir) + virFileDeleteTree(data->file); + else + unlink(data->file); + } +# ifdef WITH_SELINUX + freecon(data->tcon); +# endif + virFileFreeACLs(&data->acl); + return ret; +} + + +static int +qemuDomainAttachDeviceMknodRecursive(virQEMUDriverPtr driver, + virDomainObjPtr vm, + const char *file, + char * const *devMountsPath, + size_t ndevMountsPath, + unsigned int ttl) +{ + g_autoptr(virQEMUDriverConfig) cfg =3D NULL; + struct qemuDomainAttachDeviceMknodData data; + int ret =3D -1; + g_autofree char *target =3D NULL; + bool isLink; + bool isReg; + bool isDir; + + if (!ttl) { + virReportSystemError(ELOOP, + _("Too many levels of symbolic links: %s"), + file); + return ret; + } + + memset(&data, 0, sizeof(data)); + + data.driver =3D driver; + data.vm =3D vm; + data.file =3D file; + + if (g_lstat(file, &data.sb) < 0) { + virReportSystemError(errno, + _("Unable to access %s"), file); + return ret; + } + + isLink =3D S_ISLNK(data.sb.st_mode); + isReg =3D S_ISREG(data.sb.st_mode) || S_ISFIFO(data.sb.st_mode) || S_I= SSOCK(data.sb.st_mode); + isDir =3D S_ISDIR(data.sb.st_mode); + + if ((isReg || isDir) && STRPREFIX(file, QEMU_DEVPREFIX)) { + cfg =3D virQEMUDriverGetConfig(driver); + if (!(target =3D qemuDomainGetPreservedMountPath(cfg, vm, file))) + goto cleanup; + + if (virFileBindMountDevice(file, target) < 0) + goto cleanup; + + data.target =3D target; + } else if (isLink) { + g_autoptr(GError) gerr =3D NULL; + + if (!(target =3D g_file_read_link(file, &gerr))) { + virReportError(VIR_ERR_SYSTEM_ERROR, + _("failed to resolve symlink %s: %s"), file, ge= rr->message); + return ret; + } + + if (!g_path_is_absolute(target)) { + g_autofree char *fileTmp =3D g_strdup(file); + char *c =3D NULL, *tmp =3D NULL; + + if ((c =3D strrchr(fileTmp, '/'))) + *(c + 1) =3D '\0'; + + tmp =3D g_strdup_printf("%s%s", fileTmp, target); + VIR_FREE(target); + target =3D g_steal_pointer(&tmp); + } + + data.target =3D target; + } + + /* Symlinks don't have ACLs. */ + if (!isLink && + virFileGetACLs(file, &data.acl) < 0 && + errno !=3D ENOTSUP) { + virReportSystemError(errno, + _("Unable to get ACLs on %s"), file); + goto cleanup; + } + +# ifdef WITH_SELINUX + if (lgetfilecon_raw(file, &data.tcon) < 0 && + (errno !=3D ENOTSUP && errno !=3D ENODATA)) { + virReportSystemError(errno, + _("Unable to get SELinux label from %s"), fil= e); + goto cleanup; + } +# endif + + if (STRPREFIX(file, QEMU_DEVPREFIX)) { + size_t i; + + for (i =3D 0; i < ndevMountsPath; i++) { + if (STREQ(devMountsPath[i], "/dev")) + continue; + if (STRPREFIX(file, devMountsPath[i])) + break; + } + + if (i =3D=3D ndevMountsPath) { + if (qemuSecurityPreFork(driver->securityManager) < 0) + goto cleanup; + + if (virProcessRunInMountNamespace(vm->pid, + qemuDomainAttachDeviceMknodH= elper, + &data) < 0) { + qemuSecurityPostFork(driver->securityManager); + goto cleanup; + } + qemuSecurityPostFork(driver->securityManager); + } else { + VIR_DEBUG("Skipping dev %s because of %s mount point", + file, devMountsPath[i]); + } + } + + if (isLink && + qemuDomainAttachDeviceMknodRecursive(driver, vm, target, + devMountsPath, ndevMountsPath, + ttl -1) < 0) + goto cleanup; + + ret =3D 0; + cleanup: +# ifdef WITH_SELINUX + freecon(data.tcon); +# endif + virFileFreeACLs(&data.acl); + if (isReg && target) + umount(target); + return ret; +} + + +#else /* !defined(__linux__) */ + + +static int +qemuDomainAttachDeviceMknodRecursive(virQEMUDriverPtr driver G_GNUC_UNUSED, + virDomainObjPtr vm G_GNUC_UNUSED, + const char *file G_GNUC_UNUSED, + char * const *devMountsPath G_GNUC_UN= USED, + size_t ndevMountsPath G_GNUC_UNUSED, + unsigned int ttl G_GNUC_UNUSED) +{ + virReportSystemError(ENOSYS, "%s", + _("Namespaces are not supported on this platform.= ")); + return -1; +} + + +#endif /* !defined(__linux__) */ + + +static int +qemuDomainAttachDeviceMknod(virQEMUDriverPtr driver, + virDomainObjPtr vm, + const char *file, + char * const *devMountsPath, + size_t ndevMountsPath) +{ + long symloop_max =3D sysconf(_SC_SYMLOOP_MAX); + + return qemuDomainAttachDeviceMknodRecursive(driver, vm, file, + devMountsPath, ndevMountsP= ath, + symloop_max); +} + + +static int +qemuDomainDetachDeviceUnlinkHelper(pid_t pid G_GNUC_UNUSED, + void *opaque) +{ + const char *path =3D opaque; + + VIR_DEBUG("Unlinking %s", path); + if (unlink(path) < 0 && errno !=3D ENOENT) { + virReportSystemError(errno, + _("Unable to remove device %s"), path); + return -1; + } + + return 0; +} + + +static int +qemuDomainDetachDeviceUnlink(virQEMUDriverPtr driver G_GNUC_UNUSED, + virDomainObjPtr vm, + const char *file, + char * const *devMountsPath, + size_t ndevMountsPath) +{ + size_t i; + + if (STRPREFIX(file, QEMU_DEVPREFIX)) { + for (i =3D 0; i < ndevMountsPath; i++) { + if (STREQ(devMountsPath[i], "/dev")) + continue; + if (STRPREFIX(file, devMountsPath[i])) + break; + } + + if (i =3D=3D ndevMountsPath) { + if (virProcessRunInMountNamespace(vm->pid, + qemuDomainDetachDeviceUnlink= Helper, + (void *)file) < 0) + return -1; + } + } + + return 0; +} + + +static int +qemuDomainNamespaceMknodPaths(virDomainObjPtr vm, + const char **paths, + size_t npaths) +{ + qemuDomainObjPrivatePtr priv =3D vm->privateData; + virQEMUDriverPtr driver =3D priv->driver; + g_autoptr(virQEMUDriverConfig) cfg =3D NULL; + char **devMountsPath =3D NULL; + size_t ndevMountsPath =3D 0; + int ret =3D -1; + size_t i; + + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT) || + !npaths) + return 0; + + cfg =3D virQEMUDriverGetConfig(driver); + if (qemuDomainGetPreservedMounts(cfg, vm, + &devMountsPath, NULL, + &ndevMountsPath) < 0) + goto cleanup; + + for (i =3D 0; i < npaths; i++) { + if (qemuDomainAttachDeviceMknod(driver, + vm, + paths[i], + devMountsPath, ndevMountsPath) < 0) + goto cleanup; + } + + ret =3D 0; + cleanup: + virStringListFreeCount(devMountsPath, ndevMountsPath); + return ret; +} + + +static int +qemuDomainNamespaceMknodPath(virDomainObjPtr vm, + const char *path) +{ + const char *paths[] =3D { path }; + + return qemuDomainNamespaceMknodPaths(vm, paths, 1); +} + + +static int +qemuDomainNamespaceUnlinkPaths(virDomainObjPtr vm, + const char **paths, + size_t npaths) +{ + qemuDomainObjPrivatePtr priv =3D vm->privateData; + virQEMUDriverPtr driver =3D priv->driver; + g_autoptr(virQEMUDriverConfig) cfg =3D NULL; + char **devMountsPath =3D NULL; + size_t ndevMountsPath =3D 0; + size_t i; + int ret =3D -1; + + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT) || + !npaths) + return 0; + + cfg =3D virQEMUDriverGetConfig(driver); + + if (qemuDomainGetPreservedMounts(cfg, vm, + &devMountsPath, NULL, + &ndevMountsPath) < 0) + goto cleanup; + + for (i =3D 0; i < npaths; i++) { + if (qemuDomainDetachDeviceUnlink(driver, vm, paths[i], + devMountsPath, ndevMountsPath) < = 0) + goto cleanup; + } + + ret =3D 0; + cleanup: + virStringListFreeCount(devMountsPath, ndevMountsPath); + return ret; +} + + +static int +qemuDomainNamespaceUnlinkPath(virDomainObjPtr vm, + const char *path) +{ + const char *paths[] =3D { path }; + + return qemuDomainNamespaceUnlinkPaths(vm, paths, 1); +} + + +int +qemuDomainNamespaceSetupDisk(virDomainObjPtr vm, + virStorageSourcePtr src) +{ + virStorageSourcePtr next; + VIR_AUTOSTRINGLIST paths =3D NULL; + size_t npaths =3D 0; + bool hasNVMe =3D false; + + for (next =3D src; virStorageSourceIsBacking(next); next =3D next->bac= kingStore) { + g_autofree char *tmpPath =3D NULL; + + if (next->type =3D=3D VIR_STORAGE_TYPE_NVME) { + hasNVMe =3D true; + + if (!(tmpPath =3D virPCIDeviceAddressGetIOMMUGroupDev(&next->n= vme->pciAddr))) + return -1; + } else { + VIR_AUTOSTRINGLIST targetPaths =3D NULL; + + if (virStorageSourceIsEmpty(next) || + !virStorageSourceIsLocalStorage(next)) { + /* Not creating device. Just continue. */ + continue; + } + + tmpPath =3D g_strdup(next->path); + + if (virDevMapperGetTargets(next->path, &targetPaths) < 0 && + errno !=3D ENOSYS) { + virReportSystemError(errno, + _("Unable to get devmapper targets fo= r %s"), + next->path); + return -1; + } + + if (virStringListMerge(&paths, &targetPaths) < 0) + return -1; + } + + if (virStringListAdd(&paths, tmpPath) < 0) + return -1; + } + + /* qemu-pr-helper might require access to /dev/mapper/control. */ + if (src->pr && + virStringListAdd(&paths, QEMU_DEVICE_MAPPER_CONTROL_PATH) < 0) + return -1; + + if (hasNVMe && + virStringListAdd(&paths, QEMU_DEV_VFIO) < 0) + return -1; + + npaths =3D virStringListLength((const char **) paths); + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths, npaths) <= 0) + return -1; + + return 0; +} + + +int +qemuDomainNamespaceTeardownDisk(virDomainObjPtr vm G_GNUC_UNUSED, + virStorageSourcePtr src G_GNUC_UNUSED) +{ + /* While in hotplug case we create the whole backing chain, + * here we must limit ourselves. The disk we want to remove + * might be a part of backing chain of another disk. + * If you are reading these lines and have some spare time + * you can come up with and algorithm that checks for that. + * I don't, therefore: */ + return 0; +} + + +/** + * qemuDomainNamespaceSetupHostdev: + * @vm: domain object + * @hostdev: hostdev to create in @vm's namespace + * + * For given @hostdev, create its devfs representation (if it has one) in + * domain namespace. Note, @hostdev must not be in @vm's definition. + * + * Returns: 0 on success, + * -1 otherwise. + */ +int +qemuDomainNamespaceSetupHostdev(virDomainObjPtr vm, + virDomainHostdevDefPtr hostdev) +{ + g_autofree char *path =3D NULL; + + if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) + return -1; + + if (path && qemuDomainNamespaceMknodPath(vm, path) < 0) + return -1; + + if (qemuHostdevNeedsVFIO(hostdev) && + !qemuDomainNeedsVFIO(vm->def) && + qemuDomainNamespaceMknodPath(vm, QEMU_DEV_VFIO) < 0) + return -1; + + return 0; +} + + +/** + * qemuDomainNamespaceTeardownHostdev: + * @vm: domain object + * @hostdev: hostdev to remove in @vm's namespace + * + * For given @hostdev, remove its devfs representation (if it has one) in + * domain namespace. Note, @hostdev must not be in @vm's definition. + * + * Returns: 0 on success, + * -1 otherwise. + */ +int +qemuDomainNamespaceTeardownHostdev(virDomainObjPtr vm, + virDomainHostdevDefPtr hostdev) +{ + g_autofree char *path =3D NULL; + + if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) + return -1; + + if (path && qemuDomainNamespaceUnlinkPath(vm, path) < 0) + return -1; + + if (qemuHostdevNeedsVFIO(hostdev) && + !qemuDomainNeedsVFIO(vm->def) && + qemuDomainNamespaceUnlinkPath(vm, QEMU_DEV_VFIO) < 0) + return -1; + + return 0; +} + + +int +qemuDomainNamespaceSetupMemory(virDomainObjPtr vm, + virDomainMemoryDefPtr mem) +{ + if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM) + return 0; + + if (qemuDomainNamespaceMknodPath(vm, mem->nvdimmPath) < 0) + return -1; + + return 0; +} + + +int +qemuDomainNamespaceTeardownMemory(virDomainObjPtr vm, + virDomainMemoryDefPtr mem) +{ + if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM) + return 0; + + if (qemuDomainNamespaceUnlinkPath(vm, mem->nvdimmPath) < 0) + return -1; + + return 0; +} + + +int +qemuDomainNamespaceSetupChardev(virDomainObjPtr vm, + virDomainChrDefPtr chr) +{ + const char *path; + + if (!(path =3D virDomainChrSourceDefGetPath(chr->source))) + return 0; + + /* Socket created by qemu. It doesn't exist upfront. */ + if (chr->source->type =3D=3D VIR_DOMAIN_CHR_TYPE_UNIX && + chr->source->data.nix.listen) + return 0; + + if (qemuDomainNamespaceMknodPath(vm, path) < 0) + return -1; + + return 0; +} + + +int +qemuDomainNamespaceTeardownChardev(virDomainObjPtr vm, + virDomainChrDefPtr chr) +{ + const char *path =3D NULL; + + if (chr->source->type !=3D VIR_DOMAIN_CHR_TYPE_DEV) + return 0; + + path =3D chr->source->data.file.path; + + if (qemuDomainNamespaceUnlinkPath(vm, path) < 0) + return -1; + + return 0; +} + + +int +qemuDomainNamespaceSetupRNG(virDomainObjPtr vm, + virDomainRNGDefPtr rng) +{ + const char *path =3D NULL; + + switch ((virDomainRNGBackend) rng->backend) { + case VIR_DOMAIN_RNG_BACKEND_RANDOM: + path =3D rng->source.file; + break; + + case VIR_DOMAIN_RNG_BACKEND_EGD: + case VIR_DOMAIN_RNG_BACKEND_BUILTIN: + case VIR_DOMAIN_RNG_BACKEND_LAST: + break; + } + + if (path && qemuDomainNamespaceMknodPath(vm, path) < 0) + return -1; + + return 0; +} + + +int +qemuDomainNamespaceTeardownRNG(virDomainObjPtr vm, + virDomainRNGDefPtr rng) +{ + const char *path =3D NULL; + + switch ((virDomainRNGBackend) rng->backend) { + case VIR_DOMAIN_RNG_BACKEND_RANDOM: + path =3D rng->source.file; + break; + + case VIR_DOMAIN_RNG_BACKEND_EGD: + case VIR_DOMAIN_RNG_BACKEND_BUILTIN: + case VIR_DOMAIN_RNG_BACKEND_LAST: + break; + } + + if (path && qemuDomainNamespaceUnlinkPath(vm, path) < 0) + return -1; + + return 0; +} + + +int +qemuDomainNamespaceSetupInput(virDomainObjPtr vm, + virDomainInputDefPtr input) +{ + const char *path =3D NULL; + + if (!(path =3D virDomainInputDefGetPath(input))) + return 0; + + if (path && qemuDomainNamespaceMknodPath(vm, path) < 0) + return -1; + return 0; +} + + +int +qemuDomainNamespaceTeardownInput(virDomainObjPtr vm, + virDomainInputDefPtr input) +{ + const char *path =3D NULL; + + if (!(path =3D virDomainInputDefGetPath(input))) + return 0; + + if (path && qemuDomainNamespaceUnlinkPath(vm, path) < 0) + return -1; + + return 0; +} diff --git a/src/qemu/qemu_domain_namespace.h b/src/qemu/qemu_domain_namesp= ace.h new file mode 100644 index 0000000000..df58462414 --- /dev/null +++ b/src/qemu/qemu_domain_namespace.h @@ -0,0 +1,86 @@ +/* + * qemu_domain_namespace.h: QEMU domain namespace helpers + * + * Copyright (C) 2006-2019 Red Hat, Inc. + * Copyright (C) 2006 Daniel P. Berrange + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + */ + +#pragma once + +#include "virenum.h" +#include "qemu_conf.h" +#include "virconf.h" + +typedef enum { + QEMU_DOMAIN_NS_MOUNT =3D 0, + QEMU_DOMAIN_NS_LAST +} qemuDomainNamespace; +VIR_ENUM_DECL(qemuDomainNamespace); + +int qemuDomainEnableNamespace(virDomainObjPtr vm, + qemuDomainNamespace ns); + +bool qemuDomainNamespaceEnabled(virDomainObjPtr vm, + qemuDomainNamespace ns); + +int qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, + virSecurityManagerPtr mgr, + virDomainObjPtr vm); + +int qemuDomainCreateNamespace(virQEMUDriverPtr driver, + virDomainObjPtr vm); + +void qemuDomainDestroyNamespace(virQEMUDriverPtr driver, + virDomainObjPtr vm); + +bool qemuDomainNamespaceAvailable(qemuDomainNamespace ns); + +int qemuDomainNamespaceSetupDisk(virDomainObjPtr vm, + virStorageSourcePtr src); + +int qemuDomainNamespaceTeardownDisk(virDomainObjPtr vm, + virStorageSourcePtr src); + +int qemuDomainNamespaceSetupHostdev(virDomainObjPtr vm, + virDomainHostdevDefPtr hostdev); + +int qemuDomainNamespaceTeardownHostdev(virDomainObjPtr vm, + virDomainHostdevDefPtr hostdev); + +int qemuDomainNamespaceSetupMemory(virDomainObjPtr vm, + virDomainMemoryDefPtr memory); + +int qemuDomainNamespaceTeardownMemory(virDomainObjPtr vm, + virDomainMemoryDefPtr memory); + +int qemuDomainNamespaceSetupChardev(virDomainObjPtr vm, + virDomainChrDefPtr chr); + +int qemuDomainNamespaceTeardownChardev(virDomainObjPtr vm, + virDomainChrDefPtr chr); + +int qemuDomainNamespaceSetupRNG(virDomainObjPtr vm, + virDomainRNGDefPtr rng); + +int qemuDomainNamespaceTeardownRNG(virDomainObjPtr vm, + virDomainRNGDefPtr rng); + +int qemuDomainNamespaceSetupInput(virDomainObjPtr vm, + virDomainInputDefPtr input); + +int qemuDomainNamespaceTeardownInput(virDomainObjPtr vm, + virDomainInputDefPtr input); diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 53980d4d78..62fa38cd55 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -50,6 +50,7 @@ #include "qemu_security.h" #include "qemu_checkpoint.h" #include "qemu_backup.h" +#include "qemu_domain_namespace.h" =20 #include "virerror.h" #include "virlog.h" diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index 26912334d2..3c72d07f32 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -27,6 +27,7 @@ #include "qemu_capabilities.h" #include "qemu_domain.h" #include "qemu_domain_address.h" +#include "qemu_domain_namespace.h" #include "qemu_command.h" #include "qemu_hostdev.h" #include "qemu_interface.h" diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 1006f41614..e368f59b8c 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -45,6 +45,7 @@ #include "qemu_block.h" #include "qemu_domain.h" #include "qemu_domain_address.h" +#include "qemu_domain_namespace.h" #include "qemu_cgroup.h" #include "qemu_capabilities.h" #include "qemu_monitor.h" diff --git a/src/qemu/qemu_security.c b/src/qemu/qemu_security.c index b9e2470b58..78fd9892a9 100644 --- a/src/qemu/qemu_security.c +++ b/src/qemu/qemu_security.c @@ -21,6 +21,7 @@ #include =20 #include "qemu_domain.h" +#include "qemu_domain_namespace.h" #include "qemu_security.h" #include "virlog.h" =20 --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595410861; cv=none; d=zohomail.com; s=zohoarc; b=k8M8Q1pEaVh9i8ScTb1FpS8NXK8bG6qaD1PzPzyOuY3Iym8jsoIItuai1gXtjtsTCczEv2gUP0NNeMuII6DAm8uaIboNmtUYbIoe8fu/n2ZGWDdPCgnfM6/fGoCQj/V2otn9myq9w5VUxQXIg+CT/bHyOr2pKQEvbAoi19nMY+I= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595410861; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=j97pAJNPkFyAh0RMcSwy0wtJMQDep0/WjMshOxGBIFI=; b=RUgbuoyPfslrvtlf7JV1+1rcdO2unB8eH2gJvNNQDtCA9eF+gLmPjpLsCCTKOTMAKAlpbLp/nz6XhK0hj46ZsjUkx7wRpPOP7/3PlVxnVr0hdKjZpyv/RPAHcY9kbeTXuq43y7tVBEHwVkIki02YXPd/aHd81picfJKN/4MVS/g= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1595410861099155.77944892728385; Wed, 22 Jul 2020 02:41:01 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-71-wXOBQvOGOJmO79xfqr8bbg-1; Wed, 22 Jul 2020 05:40:54 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 50DBE80046A; Wed, 22 Jul 2020 09:40:48 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 1426B2B4DA; Wed, 22 Jul 2020 09:40:48 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D62921800B72; Wed, 22 Jul 2020 09:40:47 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9edwo000836 for ; Wed, 22 Jul 2020 05:40:39 -0400 Received: by smtp.corp.redhat.com (Postfix) id 8783E1A90F; Wed, 22 Jul 2020 09:40:39 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 06C2B1A8F7 for ; Wed, 22 Jul 2020 09:40:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595410859; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=j97pAJNPkFyAh0RMcSwy0wtJMQDep0/WjMshOxGBIFI=; b=LUIC3/dwE3bOb6IIzAru5sSuL3A+nykN/9hqs4wzozD+768elT4DliyFnlmszDLoX5swzS Z80/ChxtNrAf0hbLptp8M7A19z0Z1zvsUfN/1P+cKKHYPrb4Yloctk1MSByt4LbPpfAy8+ rjg4SAuBKyGdd7kwyNqOCX5JNbv7hxY= X-MC-Unique: wXOBQvOGOJmO79xfqr8bbg-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 04/34] qemu_domain_namespace: Rename qemuDomainCreateNamespace() Date: Wed, 22 Jul 2020 11:39:58 +0200 Message-Id: <3a9e4760d99cf8b5275d1c8b93c3517c1de3ff75.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" The name of this function is not very helpful, because it doesn't create anything, it just flips a bit in a bitmask when domain is starting up. Move the function internals into qemu_process.c and forget the function ever existed. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 14 -------------- src/qemu/qemu_domain_namespace.h | 3 --- src/qemu/qemu_process.c | 16 +++++++++++++++- 3 files changed, 15 insertions(+), 18 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 1e54cb2153..ec417edb60 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1035,20 +1035,6 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, } =20 =20 -int -qemuDomainCreateNamespace(virQEMUDriverPtr driver, - virDomainObjPtr vm) -{ - g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); - - if (virBitmapIsBitSet(cfg->namespaces, QEMU_DOMAIN_NS_MOUNT) && - qemuDomainEnableNamespace(vm, QEMU_DOMAIN_NS_MOUNT) < 0) - return -1; - - return 0; -} - - bool qemuDomainNamespaceEnabled(virDomainObjPtr vm, qemuDomainNamespace ns) diff --git a/src/qemu/qemu_domain_namespace.h b/src/qemu/qemu_domain_namesp= ace.h index df58462414..0182ce50a2 100644 --- a/src/qemu/qemu_domain_namespace.h +++ b/src/qemu/qemu_domain_namespace.h @@ -41,9 +41,6 @@ int qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, virSecurityManagerPtr mgr, virDomainObjPtr vm); =20 -int qemuDomainCreateNamespace(virQEMUDriverPtr driver, - virDomainObjPtr vm); - void qemuDomainDestroyNamespace(virQEMUDriverPtr driver, virDomainObjPtr vm); =20 diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index e368f59b8c..c076dcac3a 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -6640,6 +6640,20 @@ qemuProcessSetupDiskThrottlingBlockdev(virQEMUDriver= Ptr driver, } =20 =20 +static int +qemuProcessEnableDomainNamespaces(virQEMUDriverPtr driver, + virDomainObjPtr vm) +{ + g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); + + if (virBitmapIsBitSet(cfg->namespaces, QEMU_DOMAIN_NS_MOUNT) && + qemuDomainEnableNamespace(vm, QEMU_DOMAIN_NS_MOUNT) < 0) + return -1; + + return 0; +} + + /** * qemuProcessLaunch: * @@ -6759,7 +6773,7 @@ qemuProcessLaunch(virConnectPtr conn, =20 VIR_DEBUG("Building mount namespace"); =20 - if (qemuDomainCreateNamespace(driver, vm) < 0) + if (qemuProcessEnableDomainNamespaces(driver, vm) < 0) goto cleanup; =20 VIR_DEBUG("Setting up raw IO"); --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595410859; cv=none; d=zohomail.com; s=zohoarc; b=RTIvCMwIB7pFDjnewSxBXcUyKZAdXJk3yvKIN9K77bPkj30GYnXPQDWRztT0BoYGW44bIWiKJJM68WGwYnsASezKNVRc8ShCUPfuSQfSMzll6uzYiKAUavgIaDJPzJMhka5z1p3btDA6AkYpGShuAmq/y4jh1YYqEoeawUR/pYI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595410859; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=loSFmoDlmmth72+fu9VlpRKGOCfIw047tBUhVVEktCY=; b=oB5+kW75UWnR0DYzHhipFCyU/nn3BqTj1Qa+zn9fnrmDw0+wJ9zSTUt0KQHTWO/esuoLXJxIArQ2V+odms89VgH0Olmd0ubm4YBNS7YF/kFmebugkxj7o0Pm/1bZ5OLVRR8YAIoMtS9ZaFp9gTRcUgDNEhXkMPyRbnDij39qZs0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 1595410859478774.313328656199; Wed, 22 Jul 2020 02:40:59 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-385-AIVZKsW6ORiTuBpGDJzrEw-1; Wed, 22 Jul 2020 05:40:56 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A8AE68015FB; Wed, 22 Jul 2020 09:40:50 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8A32B5C3F8; Wed, 22 Jul 2020 09:40:50 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 5BDAC1800BB2; Wed, 22 Jul 2020 09:40:50 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9eegV000846 for ; Wed, 22 Jul 2020 05:40:40 -0400 Received: by smtp.corp.redhat.com (Postfix) id 69AE61A90F; Wed, 22 Jul 2020 09:40:40 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id DC1611A8F7 for ; Wed, 22 Jul 2020 09:40:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595410858; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=loSFmoDlmmth72+fu9VlpRKGOCfIw047tBUhVVEktCY=; b=i+Z7cqruclOz2giOFRZ5eIQ+tOUzHgJEUzRNaR9cJ8Sfja3OHswyMzkIEg2zxPtqbcaTJ6 rFiWxYO8vX+BDEIcYEDO2njaUaRNuri49OasvB8fz/tfj1TIqUItd04IXNNP8dLqjHf+qH jn/OR1nVROuGI6V4Et21R6EHfL1pxko= X-MC-Unique: AIVZKsW6ORiTuBpGDJzrEw-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 05/34] qemu_domain_namespace: Drop unused @cfg argument Date: Wed, 22 Jul 2020 11:39:59 +0200 Message-Id: <7566c333737ba3da836865c3c1795efc0eee6028.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" There is a lot of functions called from qemuDomainBuildNamespace() that accept @cfg (virQEMUDriverConfigPtr) as an argument and don't use it. Historically, it was done so that all qemuDomainSetupAll*() functions look the same. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 91 ++++++++++++-------------------- 1 file changed, 34 insertions(+), 57 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index ec417edb60..6d8faa79fb 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -486,8 +486,7 @@ qemuDomainSetupDev(virQEMUDriverConfigPtr cfg, =20 =20 static int -qemuDomainSetupDisk(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainDiskDefPtr disk, +qemuDomainSetupDisk(virDomainDiskDefPtr disk, const struct qemuDomainCreateDeviceData *data) { virStorageSourcePtr next; @@ -545,16 +544,14 @@ qemuDomainSetupDisk(virQEMUDriverConfigPtr cfg G_GNUC= _UNUSED, =20 =20 static int -qemuDomainSetupAllDisks(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, +qemuDomainSetupAllDisks(virDomainObjPtr vm, const struct qemuDomainCreateDeviceData *data) { size_t i; VIR_DEBUG("Setting up disks"); =20 for (i =3D 0; i < vm->def->ndisks; i++) { - if (qemuDomainSetupDisk(cfg, - vm->def->disks[i], + if (qemuDomainSetupDisk(vm->def->disks[i], data) < 0) return -1; } @@ -565,8 +562,7 @@ qemuDomainSetupAllDisks(virQEMUDriverConfigPtr cfg, =20 =20 static int -qemuDomainSetupHostdev(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainHostdevDefPtr dev, +qemuDomainSetupHostdev(virDomainHostdevDefPtr dev, const struct qemuDomainCreateDeviceData *data) { g_autofree char *path =3D NULL; @@ -586,16 +582,14 @@ qemuDomainSetupHostdev(virQEMUDriverConfigPtr cfg G_G= NUC_UNUSED, =20 =20 static int -qemuDomainSetupAllHostdevs(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, +qemuDomainSetupAllHostdevs(virDomainObjPtr vm, const struct qemuDomainCreateDeviceData *data) { size_t i; =20 VIR_DEBUG("Setting up hostdevs"); for (i =3D 0; i < vm->def->nhostdevs; i++) { - if (qemuDomainSetupHostdev(cfg, - vm->def->hostdevs[i], + if (qemuDomainSetupHostdev(vm->def->hostdevs[i], data) < 0) return -1; } @@ -605,8 +599,7 @@ qemuDomainSetupAllHostdevs(virQEMUDriverConfigPtr cfg, =20 =20 static int -qemuDomainSetupMemory(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainMemoryDefPtr mem, +qemuDomainSetupMemory(virDomainMemoryDefPtr mem, const struct qemuDomainCreateDeviceData *data) { if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM) @@ -617,16 +610,14 @@ qemuDomainSetupMemory(virQEMUDriverConfigPtr cfg G_GN= UC_UNUSED, =20 =20 static int -qemuDomainSetupAllMemories(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, +qemuDomainSetupAllMemories(virDomainObjPtr vm, const struct qemuDomainCreateDeviceData *data) { size_t i; =20 VIR_DEBUG("Setting up memories"); for (i =3D 0; i < vm->def->nmems; i++) { - if (qemuDomainSetupMemory(cfg, - vm->def->mems[i], + if (qemuDomainSetupMemory(vm->def->mems[i], data) < 0) return -1; } @@ -656,8 +647,7 @@ qemuDomainSetupChardev(virDomainDefPtr def G_GNUC_UNUSE= D, =20 =20 static int -qemuDomainSetupAllChardevs(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainObjPtr vm, +qemuDomainSetupAllChardevs(virDomainObjPtr vm, const struct qemuDomainCreateDeviceData *data) { VIR_DEBUG("Setting up chardevs"); @@ -674,8 +664,7 @@ qemuDomainSetupAllChardevs(virQEMUDriverConfigPtr cfg G= _GNUC_UNUSED, =20 =20 static int -qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainTPMDefPtr dev, +qemuDomainSetupTPM(virDomainTPMDefPtr dev, const struct qemuDomainCreateDeviceData *data) { switch (dev->type) { @@ -696,8 +685,7 @@ qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg G_GNUC_UN= USED, =20 =20 static int -qemuDomainSetupAllTPMs(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainObjPtr vm, +qemuDomainSetupAllTPMs(virDomainObjPtr vm, const struct qemuDomainCreateDeviceData *data) { size_t i; @@ -705,7 +693,7 @@ qemuDomainSetupAllTPMs(virQEMUDriverConfigPtr cfg G_GNU= C_UNUSED, VIR_DEBUG("Setting up TPMs"); =20 for (i =3D 0; i < vm->def->ntpms; i++) { - if (qemuDomainSetupTPM(cfg, vm->def->tpms[i], data) < 0) + if (qemuDomainSetupTPM(vm->def->tpms[i], data) < 0) return -1; } =20 @@ -715,8 +703,7 @@ qemuDomainSetupAllTPMs(virQEMUDriverConfigPtr cfg G_GNU= C_UNUSED, =20 =20 static int -qemuDomainSetupGraphics(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainGraphicsDefPtr gfx, +qemuDomainSetupGraphics(virDomainGraphicsDefPtr gfx, const struct qemuDomainCreateDeviceData *data) { const char *rendernode =3D virDomainGraphicsGetRenderNode(gfx); @@ -729,16 +716,14 @@ qemuDomainSetupGraphics(virQEMUDriverConfigPtr cfg G_= GNUC_UNUSED, =20 =20 static int -qemuDomainSetupAllGraphics(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, +qemuDomainSetupAllGraphics(virDomainObjPtr vm, const struct qemuDomainCreateDeviceData *data) { size_t i; =20 VIR_DEBUG("Setting up graphics"); for (i =3D 0; i < vm->def->ngraphics; i++) { - if (qemuDomainSetupGraphics(cfg, - vm->def->graphics[i], + if (qemuDomainSetupGraphics(vm->def->graphics[i], data) < 0) return -1; } @@ -749,8 +734,7 @@ qemuDomainSetupAllGraphics(virQEMUDriverConfigPtr cfg, =20 =20 static int -qemuDomainSetupInput(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainInputDefPtr input, +qemuDomainSetupInput(virDomainInputDefPtr input, const struct qemuDomainCreateDeviceData *data) { const char *path =3D virDomainInputDefGetPath(input); @@ -763,16 +747,14 @@ qemuDomainSetupInput(virQEMUDriverConfigPtr cfg G_GNU= C_UNUSED, =20 =20 static int -qemuDomainSetupAllInputs(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, +qemuDomainSetupAllInputs(virDomainObjPtr vm, const struct qemuDomainCreateDeviceData *data) { size_t i; =20 VIR_DEBUG("Setting up inputs"); for (i =3D 0; i < vm->def->ninputs; i++) { - if (qemuDomainSetupInput(cfg, - vm->def->inputs[i], + if (qemuDomainSetupInput(vm->def->inputs[i], data) < 0) return -1; } @@ -782,8 +764,7 @@ qemuDomainSetupAllInputs(virQEMUDriverConfigPtr cfg, =20 =20 static int -qemuDomainSetupRNG(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainRNGDefPtr rng, +qemuDomainSetupRNG(virDomainRNGDefPtr rng, const struct qemuDomainCreateDeviceData *data) { switch ((virDomainRNGBackend) rng->backend) { @@ -804,16 +785,14 @@ qemuDomainSetupRNG(virQEMUDriverConfigPtr cfg G_GNUC_= UNUSED, =20 =20 static int -qemuDomainSetupAllRNGs(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, +qemuDomainSetupAllRNGs(virDomainObjPtr vm, const struct qemuDomainCreateDeviceData *data) { size_t i; =20 VIR_DEBUG("Setting up RNGs"); for (i =3D 0; i < vm->def->nrngs; i++) { - if (qemuDomainSetupRNG(cfg, - vm->def->rngs[i], + if (qemuDomainSetupRNG(vm->def->rngs[i], data) < 0) return -1; } @@ -824,8 +803,7 @@ qemuDomainSetupAllRNGs(virQEMUDriverConfigPtr cfg, =20 =20 static int -qemuDomainSetupLoader(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainObjPtr vm, +qemuDomainSetupLoader(virDomainObjPtr vm, const struct qemuDomainCreateDeviceData *data) { virDomainLoaderDefPtr loader =3D vm->def->os.loader; @@ -860,8 +838,7 @@ qemuDomainSetupLoader(virQEMUDriverConfigPtr cfg G_GNUC= _UNUSED, =20 =20 static int -qemuDomainSetupLaunchSecurity(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainObjPtr vm, +qemuDomainSetupLaunchSecurity(virDomainObjPtr vm, const struct qemuDomainCreateDeviceData *dat= a) { virDomainSEVDefPtr sev =3D vm->def->sev; @@ -923,34 +900,34 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupDev(cfg, mgr, vm, &data) < 0) goto cleanup; =20 - if (qemuDomainSetupAllDisks(cfg, vm, &data) < 0) + if (qemuDomainSetupAllDisks(vm, &data) < 0) goto cleanup; =20 - if (qemuDomainSetupAllHostdevs(cfg, vm, &data) < 0) + if (qemuDomainSetupAllHostdevs(vm, &data) < 0) goto cleanup; =20 - if (qemuDomainSetupAllMemories(cfg, vm, &data) < 0) + if (qemuDomainSetupAllMemories(vm, &data) < 0) goto cleanup; =20 - if (qemuDomainSetupAllChardevs(cfg, vm, &data) < 0) + if (qemuDomainSetupAllChardevs(vm, &data) < 0) goto cleanup; =20 - if (qemuDomainSetupAllTPMs(cfg, vm, &data) < 0) + if (qemuDomainSetupAllTPMs(vm, &data) < 0) goto cleanup; =20 - if (qemuDomainSetupAllGraphics(cfg, vm, &data) < 0) + if (qemuDomainSetupAllGraphics(vm, &data) < 0) goto cleanup; =20 - if (qemuDomainSetupAllInputs(cfg, vm, &data) < 0) + if (qemuDomainSetupAllInputs(vm, &data) < 0) goto cleanup; =20 - if (qemuDomainSetupAllRNGs(cfg, vm, &data) < 0) + if (qemuDomainSetupAllRNGs(vm, &data) < 0) goto cleanup; =20 - if (qemuDomainSetupLoader(cfg, vm, &data) < 0) + if (qemuDomainSetupLoader(vm, &data) < 0) goto cleanup; =20 - if (qemuDomainSetupLaunchSecurity(cfg, vm, &data) < 0) + if (qemuDomainSetupLaunchSecurity(vm, &data) < 0) goto cleanup; =20 /* Save some mount points because we want to share them with the host = */ --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411043; cv=none; d=zohomail.com; s=zohoarc; b=irIILyBsjckhSX6E/UplQWuSd7X1gGx14c7TPgNWgacJkwB0jAQNIFgJxWZzyMm5mXI2H8Urda5R6oEOvi4q53md2k3/okXb9hog4zNSJBq5pqaZwsI2kJWcnUACc2o/lLqJsRzOYyEYC3DBHjE1ARLjcATUyqGgT+YPWI6+cng= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411043; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=FIlmuw8h6RvLmTYPAbmyM2PE74rvOFowbpiW1Nnyk5s=; b=WRwjDkOYi3eA1hoKsBfEiWRMLcKZazo7cVts0+EkWiuIyDqnAYoP7p147O8o9vYED8cNMJx5htjV0RhtENhxZ/mlu/GMymazUPnWey1DiXXno8dMiIKfsktgKwHUlb8BmkZN1R+pg/qEdXAioQ0+f32tcKGAqiUIJP3/ZcaLx0c= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1595411043516510.0242531784778; Wed, 22 Jul 2020 02:44:03 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-160-gl23h0EuP-G-PudxAY8I5g-1; Wed, 22 Jul 2020 05:44:00 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id EB5028015F7; Wed, 22 Jul 2020 09:43:53 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C355D1001B2C; Wed, 22 Jul 2020 09:43:53 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 31F511800B72; Wed, 22 Jul 2020 09:43:53 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9efrd000856 for ; Wed, 22 Jul 2020 05:40:41 -0400 Received: by smtp.corp.redhat.com (Postfix) id 4A82A1A8F7; Wed, 22 Jul 2020 09:40:41 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id BD5F12B4DA for ; Wed, 22 Jul 2020 09:40:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411042; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=FIlmuw8h6RvLmTYPAbmyM2PE74rvOFowbpiW1Nnyk5s=; b=F+lkgjw7nC0yrQx3xNIJMLqiFlCQ3Lcn7VhIKhPOif7RHDodxYsK+Z/dEJy+R0acdSt7H8 EcKuBCxrH0ES2OZMZHg6A2L1J1gR0Q4DfVD8e9A1brI5mShL+ikaRf2vzJVkEYMCRf3AK2 qx1rmYLb8TycMIMGtmmV/UoRdQjfMnc= X-MC-Unique: gl23h0EuP-G-PudxAY8I5g-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 06/34] qemu_domain_namespace: Check for namespace enablement earlier Date: Wed, 22 Jul 2020 11:40:00 +0200 Message-Id: <52411a3bb51f646f8ba7026921ff4a38c4496176.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Functions that create a device node after domain startup (used from hotplug) will get a list of paths they want to create and eventually call qemuDomainNamespaceMknodPaths() which then checks whether domain mount namespace is enabled in the first place. Alternatively, on device hotunplug, we might want to delete a path inside domain namespace in which case qemuDomainNamespaceUnlinkPaths() checks whether the namespace is enabled. While this is not dangerous, it certainly burns a couple of CPU cycles needlessly. Check whether mount namespace is enabled upfront. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 39 ++++++++++++++++++++++++++++---- 1 file changed, 35 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 6d8faa79fb..41451bec9f 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1481,8 +1481,7 @@ qemuDomainNamespaceMknodPaths(virDomainObjPtr vm, int ret =3D -1; size_t i; =20 - if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT) || - !npaths) + if (!npaths) return 0; =20 cfg =3D virQEMUDriverGetConfig(driver); @@ -1529,8 +1528,7 @@ qemuDomainNamespaceUnlinkPaths(virDomainObjPtr vm, size_t i; int ret =3D -1; =20 - if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT) || - !npaths) + if (!npaths) return 0; =20 cfg =3D virQEMUDriverGetConfig(driver); @@ -1572,6 +1570,9 @@ qemuDomainNamespaceSetupDisk(virDomainObjPtr vm, size_t npaths =3D 0; bool hasNVMe =3D false; =20 + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) + return 0; + for (next =3D src; virStorageSourceIsBacking(next); next =3D next->bac= kingStore) { g_autofree char *tmpPath =3D NULL; =20 @@ -1655,6 +1656,9 @@ qemuDomainNamespaceSetupHostdev(virDomainObjPtr vm, { g_autofree char *path =3D NULL; =20 + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) + return 0; + if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) return -1; =20 @@ -1687,6 +1691,9 @@ qemuDomainNamespaceTeardownHostdev(virDomainObjPtr vm, { g_autofree char *path =3D NULL; =20 + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) + return 0; + if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) return -1; =20 @@ -1706,6 +1713,9 @@ int qemuDomainNamespaceSetupMemory(virDomainObjPtr vm, virDomainMemoryDefPtr mem) { + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) + return 0; + if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM) return 0; =20 @@ -1720,6 +1730,9 @@ int qemuDomainNamespaceTeardownMemory(virDomainObjPtr vm, virDomainMemoryDefPtr mem) { + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) + return 0; + if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM) return 0; =20 @@ -1736,6 +1749,9 @@ qemuDomainNamespaceSetupChardev(virDomainObjPtr vm, { const char *path; =20 + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) + return 0; + if (!(path =3D virDomainChrSourceDefGetPath(chr->source))) return 0; =20 @@ -1757,6 +1773,9 @@ qemuDomainNamespaceTeardownChardev(virDomainObjPtr vm, { const char *path =3D NULL; =20 + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) + return 0; + if (chr->source->type !=3D VIR_DOMAIN_CHR_TYPE_DEV) return 0; =20 @@ -1775,6 +1794,9 @@ qemuDomainNamespaceSetupRNG(virDomainObjPtr vm, { const char *path =3D NULL; =20 + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) + return 0; + switch ((virDomainRNGBackend) rng->backend) { case VIR_DOMAIN_RNG_BACKEND_RANDOM: path =3D rng->source.file; @@ -1799,6 +1821,9 @@ qemuDomainNamespaceTeardownRNG(virDomainObjPtr vm, { const char *path =3D NULL; =20 + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) + return 0; + switch ((virDomainRNGBackend) rng->backend) { case VIR_DOMAIN_RNG_BACKEND_RANDOM: path =3D rng->source.file; @@ -1823,6 +1848,9 @@ qemuDomainNamespaceSetupInput(virDomainObjPtr vm, { const char *path =3D NULL; =20 + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) + return 0; + if (!(path =3D virDomainInputDefGetPath(input))) return 0; =20 @@ -1838,6 +1866,9 @@ qemuDomainNamespaceTeardownInput(virDomainObjPtr vm, { const char *path =3D NULL; =20 + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) + return 0; + if (!(path =3D virDomainInputDefGetPath(input))) return 0; =20 --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595410862; cv=none; d=zohomail.com; s=zohoarc; b=LKOVCa/i8U5XGHMk58ZIMgzlf8RlHvdYoHkFS8qVPf5rTVHzY46hdIda01uH5pmTtkTacAl2rjtF76aCf5s3i3ropV7R/rTvYcYu2ZIR3T7xBlcpMxiaynpB63ucl31o4khclEe8z8JiRg4i/Nve+AR8apMolAXoa+CHQAknNyc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595410862; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=NTDYsdb8VX5yZaSQX8Q9bgwCNWv2IGZ6wXNfxGbXxJ4=; b=ZvJxQVTnEaiHcvvu2YHsNbRFgIw9PWphuHvpnyv1YSvb2bZj93zl7huicpYBjCG7fCBXsWZhErcmfRSP7DuCYCMWuYr/MocOpLx+E0YQOZaQ3hAWH4TaWTknxpcwl0G77nC/wam9By+W6Z9LxQR5NZWdLiSq0NAuqmgL9Pli6tw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1595410862972601.9061865973068; Wed, 22 Jul 2020 02:41:02 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-178-MgfmasCEOuyN3YN92NUOVw-1; Wed, 22 Jul 2020 05:40:59 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 07AED100AA22; Wed, 22 Jul 2020 09:40:53 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DCADF710A0; Wed, 22 Jul 2020 09:40:52 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id ACA391806B0D; Wed, 22 Jul 2020 09:40:52 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9eiui000878 for ; Wed, 22 Jul 2020 05:40:44 -0400 Received: by smtp.corp.redhat.com (Postfix) id 28DD928559; Wed, 22 Jul 2020 09:40:44 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9B9CE1A90F for ; Wed, 22 Jul 2020 09:40:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595410861; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=NTDYsdb8VX5yZaSQX8Q9bgwCNWv2IGZ6wXNfxGbXxJ4=; b=dZqezt7tkYAIQgIVYfAdLiTZgylPaOWWAKhCxur/BQ5K78svq20okFlOny9U3ytf5LT0w/ klgNikCllsE5XrW8YEgEuAqwhH+IFU+r7mnD38NUJRXxYmeydnJh9pQFF9bcdGD8/udbXT hg5orBjqiwRmekhxWiNYt6sNI0pE2XA= X-MC-Unique: MgfmasCEOuyN3YN92NUOVw-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 07/34] qemuDomainNamespaceSetupHostdev: Create paths in one go Date: Wed, 22 Jul 2020 11:40:01 +0200 Message-Id: <0d1ada7c93f48451d7429a375ff38c28aa921162.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" While qemuDomainNamespaceMknodPaths() doesn't actually creates files in the namespace in one go (it forks for each path), it a few commits time it will. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 41451bec9f..6bd1fb30cf 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1655,6 +1655,8 @@ qemuDomainNamespaceSetupHostdev(virDomainObjPtr vm, virDomainHostdevDefPtr hostdev) { g_autofree char *path =3D NULL; + VIR_AUTOSTRINGLIST paths =3D NULL; + size_t npaths =3D 0; =20 if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) return 0; @@ -1662,12 +1664,16 @@ qemuDomainNamespaceSetupHostdev(virDomainObjPtr vm, if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) return -1; =20 - if (path && qemuDomainNamespaceMknodPath(vm, path) < 0) + if (path && virStringListAdd(&paths, path) < 0) return -1; =20 if (qemuHostdevNeedsVFIO(hostdev) && !qemuDomainNeedsVFIO(vm->def) && - qemuDomainNamespaceMknodPath(vm, QEMU_DEV_VFIO) < 0) + virStringListAdd(&paths, QEMU_DEV_VFIO) < 0) + return -1; + + npaths =3D virStringListLength((const char **) paths); + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths, npaths) <= 0) return -1; =20 return 0; --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595413682; cv=none; d=zohomail.com; s=zohoarc; b=NjSY/za5CpX7NP8dxAdSPjFDdOv23Xu7Vp6wHYM1O2s0hA0vENyynHpP6ASb8EM1B76Hvnb5mF8sWenYNQH4N5pM4Zb7h7KjuMyLbVSODmcukC55fb3RFs3gnZ+B6lxmxhENOC8tEeh3qZ+P7bRiyWRHE2NypAnYGKvB9bjlGOc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595413682; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=RIbIqbx9Uk47qFV9Hqc8MLpj2eVlhzkIg47I7xl2F5E=; b=eaTaTKmzHNJK8IjIbND0dVQ4JgAMfZUh/xRy6ItukgMViXdPEBQDWLRzzqtNARxsXwlio61a0VslSS/lzE0cST6MaEGKECxnELWFK3Gvl8EH8nnpXMz7Y8yKZHkIdqEohwNY6whpHhp8WmT0pDgDX1cIoG44tocMi7mk9IAAQVY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1595413682693997.8849880697528; Wed, 22 Jul 2020 03:28:02 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-363-q4l4WM3qOki6mLla9VIIMg-1; Wed, 22 Jul 2020 06:27:59 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 782C318C63C2; Wed, 22 Jul 2020 10:27:53 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 51FAC610AF; Wed, 22 Jul 2020 10:27:53 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D41841809554; Wed, 22 Jul 2020 10:27:52 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9ejt7000883 for ; Wed, 22 Jul 2020 05:40:45 -0400 Received: by smtp.corp.redhat.com (Postfix) id 0A0951A8F7; Wed, 22 Jul 2020 09:40:45 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7CEFF2B4DA for ; Wed, 22 Jul 2020 09:40:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595413681; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=RIbIqbx9Uk47qFV9Hqc8MLpj2eVlhzkIg47I7xl2F5E=; b=RT13wxWauRwOMBPq58pWXkeG0PFxJtLOtR3q7kLsH1jfmyBfDiFYsJ3tElFXOVuZl6vstv 0FLq1BQzi8Zkx6nS8t5zYgJlC5h3HM7+Tg2dBQdKKPsFNnU+wHjpVvkYsDGSB8pQwaqgqD rbWc8tyCRkodrQXKoiFXPeTiDYCdg6I= X-MC-Unique: q4l4WM3qOki6mLla9VIIMg-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 08/34] qemuDomainAttachDeviceMknodHelper: Don't leak data->target Date: Wed, 22 Jul 2020 11:40:02 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" It's not really a problem since this is a helper process that dies as soon as the helper function returns, but the cleanup code will be replaced with a function soon and this change prepares the code for that. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 6bd1fb30cf..e385cda64a 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1102,7 +1102,7 @@ struct qemuDomainAttachDeviceMknodData { virQEMUDriverPtr driver; virDomainObjPtr vm; const char *file; - const char *target; + char *target; GStatBuf sb; void *acl; #ifdef WITH_SELINUX @@ -1248,6 +1248,7 @@ qemuDomainAttachDeviceMknodHelper(pid_t pid G_GNUC_UN= USED, freecon(data->tcon); # endif virFileFreeACLs(&data->acl); + VIR_FREE(data->target); return ret; } =20 --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595410924; cv=none; d=zohomail.com; s=zohoarc; b=SjVh+tNbW8TGse+UIEGk05dgjLwKWyhUjad8ikDF5GVqYCcQsOfijCKB0lgDn0z55m/0+zG8IoU+KAldM1cVspXX/4xDMs4wx2zs9Cha7VNkznGfQ6MPJjsN+u33KLpFe4uCygzqlFCYw/l2FuJGliQvlzdky/QjR/Qc1wNfX5g= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595410924; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=8kumj1L2+yb5Fxh0SWG9Oh59ibpSctm54S9IXQxv7D8=; b=YphIVUSZnRX37NQfvtYW7Dw8AoP2mIHrw3aAxbkneuhGOfDECMWiD+BznDg0YiFNyu7ABYjGki1H0159wcLLQcO/puSn/m+fPFJEGoU5C6+uAU3MEyh2+aDSalFtk1tLovh2WkAuhaEfBjPe0DmGaB3TU4xRgJ9naHyqiEjD/jo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1595410924197396.94876132114257; Wed, 22 Jul 2020 02:42:04 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-510-wojYOTFzPTuVTdTNRzx2JQ-1; Wed, 22 Jul 2020 05:41:00 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 5B0C091276; Wed, 22 Jul 2020 09:40:55 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3BE1978540; Wed, 22 Jul 2020 09:40:55 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0B548180597C; Wed, 22 Jul 2020 09:40:55 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9ejUF000893 for ; Wed, 22 Jul 2020 05:40:45 -0400 Received: by smtp.corp.redhat.com (Postfix) id DEF1C1A90F; Wed, 22 Jul 2020 09:40:45 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5E2E41A8F7 for ; Wed, 22 Jul 2020 09:40:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595410922; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=8kumj1L2+yb5Fxh0SWG9Oh59ibpSctm54S9IXQxv7D8=; b=CAh6JGBak2Z82Tt3rRA9H9Hclej18Wj1hXxQW0Ws7PzNt/pOa5nBSnU8OfmzXKWL4jntMP 5tIhfbPcGwBj6eKMYntjsYJCZPE2SyyW34sQEQPcoV8DFmVC92jesr3qHL5323o9Iyxre/ UtvKXPMFg41wWxwxkkqmjcGpTxVUXyg= X-MC-Unique: wojYOTFzPTuVTdTNRzx2JQ-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 09/34] qemu_domain_namespace.c: Rename qemuDomainAttachDeviceMknodData Date: Wed, 22 Jul 2020 11:40:03 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" This structure is going to be used from not only device attach code, but also when building the namespace. Moreover, the code lives in a separate file so the chances of clashing with another name are minimal. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index e385cda64a..40c4fb36cb 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1098,7 +1098,7 @@ qemuDomainNamespaceAvailable(qemuDomainNamespace ns G= _GNUC_UNUSED) } =20 =20 -struct qemuDomainAttachDeviceMknodData { +struct qemuDomainMknodData { virQEMUDriverPtr driver; virDomainObjPtr vm; const char *file; @@ -1117,7 +1117,7 @@ static int qemuDomainAttachDeviceMknodHelper(pid_t pid G_GNUC_UNUSED, void *opaque) { - struct qemuDomainAttachDeviceMknodData *data =3D opaque; + struct qemuDomainMknodData *data =3D opaque; int ret =3D -1; bool delDevice =3D false; bool isLink =3D S_ISLNK(data->sb.st_mode); @@ -1262,7 +1262,7 @@ qemuDomainAttachDeviceMknodRecursive(virQEMUDriverPtr= driver, unsigned int ttl) { g_autoptr(virQEMUDriverConfig) cfg =3D NULL; - struct qemuDomainAttachDeviceMknodData data; + struct qemuDomainMknodData data; int ret =3D -1; g_autofree char *target =3D NULL; bool isLink; --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595410869; cv=none; d=zohomail.com; s=zohoarc; b=VrRtOK6dgocQTxVKXAbGu5yzC0DzA9126L4/4eBUtzZn+tMru7+pNXkDWzFsLa+aqEkGgyP2LJKE90VSmOLZ+gpn+W9QEY2dGq4z7seu7uWElmCK14ufTmyQY8iSccou5fc3S3wccSTWHB4VctkMtviGqsnMUK4FVk+CMnnUfwk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595410869; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=eNF5lQEiby5yDwkwYPdlYmV5xNF/slHP9tE3+jUXOIc=; b=FsSiN7JZ0pCkhu4R3l+cOe6z/EI9QQfH1+SnzkY42kC+kfOHPg1j16Jp9cd2uHCArrK85DcEBjCOPYwAnEiOVpyvw/mL3BWuYFc4Hj+xlro4w2bJgg4QymtNWs2Rlqw5BybVgxUOECNDbs6qB/wpcCSZQcoOXi4mSse4xMhGv5o= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1595410869001403.42965171115225; Wed, 22 Jul 2020 02:41:09 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-343-pyL17SEXNYi6kFjxVUa5DQ-1; Wed, 22 Jul 2020 05:41:05 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A9E2118C63D2; Wed, 22 Jul 2020 09:40:57 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8A41878540; Wed, 22 Jul 2020 09:40:57 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 59AB7730E7; Wed, 22 Jul 2020 09:40:57 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9ek1H000904 for ; Wed, 22 Jul 2020 05:40:46 -0400 Received: by smtp.corp.redhat.com (Postfix) id BFE231A8F7; Wed, 22 Jul 2020 09:40:46 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3ED531A90F for ; Wed, 22 Jul 2020 09:40:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595410867; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=eNF5lQEiby5yDwkwYPdlYmV5xNF/slHP9tE3+jUXOIc=; b=MlnRFjuBN/jeCJwcdkAlVjtMUhoO/m0m3dS6JswcFzCOZeifNdNgKVqYNa8Zg50SDNx1+7 JveKLMfSj/G3kCQkEvUDI9dISQw/dcIDuhDs9j/Ew0WHscEegLHxOTr5+mkHIj8m19jgTn Xd9Av5YurfZlDHWT1awiWQloD7OGnbc= X-MC-Unique: pyL17SEXNYi6kFjxVUa5DQ-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 10/34] qemuDomainAttachDeviceMknodRecursive: Isolate bind mounted devices condition Date: Wed, 22 Jul 2020 11:40:04 +0200 Message-Id: <630689607eb47b42d0944b8602e51d2d46d44af3.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" When attaching a device into a domain, the corresponding /dev node might need to be created in the domain's namespace. For some types of files we call mknod(), for symlinks we call symlink(), but for others - which exist in the host namespace - we need to so called 'bind mount' them (which is a way of passing a file/directory between mount namespaces). There is this condition in qemuDomainAttachDeviceMknodRecursive() which decides whether a bind mount will be used, move it into a separate function so that it can be reused later. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 40c4fb36cb..0c40118938 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1253,6 +1253,17 @@ qemuDomainAttachDeviceMknodHelper(pid_t pid G_GNUC_U= NUSED, } =20 =20 +static bool +qemuDomainMknodItemIsBindMounted(mode_t st_mode) +{ + /* A block device S_ISBLK() or a chardev S_ISCHR() is intentionally not + * handled. We want to mknod() it instead of passing in through bind + * mounting. */ + return S_ISREG(st_mode) || S_ISFIFO(st_mode) || + S_ISSOCK(st_mode) || S_ISDIR(st_mode); +} + + static int qemuDomainAttachDeviceMknodRecursive(virQEMUDriverPtr driver, virDomainObjPtr vm, @@ -1267,7 +1278,6 @@ qemuDomainAttachDeviceMknodRecursive(virQEMUDriverPtr= driver, g_autofree char *target =3D NULL; bool isLink; bool isReg; - bool isDir; =20 if (!ttl) { virReportSystemError(ELOOP, @@ -1289,10 +1299,9 @@ qemuDomainAttachDeviceMknodRecursive(virQEMUDriverPt= r driver, } =20 isLink =3D S_ISLNK(data.sb.st_mode); - isReg =3D S_ISREG(data.sb.st_mode) || S_ISFIFO(data.sb.st_mode) || S_I= SSOCK(data.sb.st_mode); - isDir =3D S_ISDIR(data.sb.st_mode); + isReg =3D qemuDomainMknodItemIsBindMounted(data.sb.st_mode); =20 - if ((isReg || isDir) && STRPREFIX(file, QEMU_DEVPREFIX)) { + if (isReg && STRPREFIX(file, QEMU_DEVPREFIX)) { cfg =3D virQEMUDriverGetConfig(driver); if (!(target =3D qemuDomainGetPreservedMountPath(cfg, vm, file))) goto cleanup; --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595413686; cv=none; d=zohomail.com; s=zohoarc; b=Bx3C8rA06nI/8hrNCENdptERNSs05XVZLqqJxblwftnN3Vo+vwzX3g3JcI+lEMWOBQBGOzUZVq6Jb33a+Wj+F+El2WKfh0vq1GtqvCQmkNTKXHrf7s1gS/alnMBnjere2CbTqy3reBRXYC/dfP0pd2U1/hF0WySwM5oxZILSD2A= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595413686; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=lpPZH6yAOLXetC8Qp+IxVIJd6/F5qdbyQymce5saeRc=; b=UHvqjhsf9G1w+h/naSJ8AijqMlw0Jtksygi6gjeBCMrDEQXy/bEoewKo8Pb4Rws4RlwqtKk9OimNegfHADr+P4dyVkfx007QZmSY9f23rUh2nryc/ZQkeIeeBWfVp3tPShZSg3mJwkijUNhCNpzlOiTj91lLtLll44y3SLfOQTc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1595413686158389.8019610918192; Wed, 22 Jul 2020 03:28:06 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-114-u4yTvmJ-Ni6FvYhItps5Ag-1; Wed, 22 Jul 2020 06:28:02 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 397CA1005510; Wed, 22 Jul 2020 10:27:56 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 19C978BEC4; Wed, 22 Jul 2020 10:27:56 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id DE498730D1; Wed, 22 Jul 2020 10:27:55 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9enVi000921 for ; Wed, 22 Jul 2020 05:40:49 -0400 Received: by smtp.corp.redhat.com (Postfix) id C6BC01A8F7; Wed, 22 Jul 2020 09:40:49 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 457012B4DD for ; Wed, 22 Jul 2020 09:40:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595413684; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=lpPZH6yAOLXetC8Qp+IxVIJd6/F5qdbyQymce5saeRc=; b=a8oX50iJ39vUpgdrMB4fHsESGcjCimokLePCN7m1N5F7+InbZWAXeFFOgfOHypu/xl7MCj 7XG/YYBak4OgcFNWMij9/f+DKU04OZqpGovg4gBXi1QvnmqxRIr3SuAuWzJpsM2fodv3Vq 1NtgWLbzqBzkEooPZ6KRGIVG1647MCc= X-MC-Unique: u4yTvmJ-Ni6FvYhItps5Ag-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 11/34] qemuDomainAttachDeviceMknodHelper: Create more files in a single go Date: Wed, 22 Jul 2020 11:40:05 +0200 Message-Id: <56f2b9fd0b85f5c3d617247800b5819ba163f58b.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" So far, when attaching a device needs two or more /dev nodes created into a domain, we fork off and run the helper for every node separately. For majority of devices this is okay, because they need no or one node created anyway. But the idea is to use this attach code to build the namespace when starting a domain, in which case there will be way more nodes than one. To achieve this, the recursive approach for handling symlinks has to be turned into an iterative one. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 298 +++++++++++++++++++------------ 1 file changed, 185 insertions(+), 113 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 0c40118938..31acf2bde6 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1098,26 +1098,58 @@ qemuDomainNamespaceAvailable(qemuDomainNamespace ns= G_GNUC_UNUSED) } =20 =20 -struct qemuDomainMknodData { - virQEMUDriverPtr driver; - virDomainObjPtr vm; +typedef struct _qemuDomainMknodItem qemuDomainMknodItem; +typedef qemuDomainMknodItem *qemuDomainMknodItemPtr; +struct _qemuDomainMknodItem { const char *file; char *target; + bool bindmounted; GStatBuf sb; void *acl; -#ifdef WITH_SELINUX char *tcon; +}; + +typedef struct _qemuDomainMknodData qemuDomainMknodData; +typedef qemuDomainMknodData *qemuDomainMknodDataPtr; +struct _qemuDomainMknodData { + virQEMUDriverPtr driver; + virDomainObjPtr vm; + qemuDomainMknodItemPtr items; + size_t nitems; +}; + + +static void +qemuDomainMknodItemClear(qemuDomainMknodItemPtr item) +{ + VIR_FREE(item->target); + virFileFreeACLs(&item->acl); +#ifdef WITH_SELINUX + freecon(item->tcon); #endif -}; +} + + +static void +qemuDomainMknodDataClear(qemuDomainMknodDataPtr data) +{ + size_t i; + + for (i =3D 0; i < data->nitems; i++) { + qemuDomainMknodItemPtr item =3D &data->items[i]; + + qemuDomainMknodItemClear(item); + } + + VIR_FREE(data->items); +} =20 =20 /* Our way of creating devices is highly linux specific */ #if defined(__linux__) static int -qemuDomainAttachDeviceMknodHelper(pid_t pid G_GNUC_UNUSED, - void *opaque) +qemuDomainMknodOne(qemuDomainMknodItemPtr data) { - struct qemuDomainMknodData *data =3D opaque; int ret =3D -1; bool delDevice =3D false; bool isLink =3D S_ISLNK(data->sb.st_mode); @@ -1125,8 +1157,6 @@ qemuDomainAttachDeviceMknodHelper(pid_t pid G_GNUC_UN= USED, bool isReg =3D S_ISREG(data->sb.st_mode) || S_ISFIFO(data->sb.st_mode)= || S_ISSOCK(data->sb.st_mode); bool isDir =3D S_ISDIR(data->sb.st_mode); =20 - qemuSecurityPostFork(data->driver->securityManager); - if (virFileMakeParentPath(data->file) < 0) { virReportSystemError(errno, _("Unable to create %s"), data->file); @@ -1244,11 +1274,6 @@ qemuDomainAttachDeviceMknodHelper(pid_t pid G_GNUC_U= NUSED, else unlink(data->file); } -# ifdef WITH_SELINUX - freecon(data->tcon); -# endif - virFileFreeACLs(&data->acl); - VIR_FREE(data->target); return ret; } =20 @@ -1265,63 +1290,66 @@ qemuDomainMknodItemIsBindMounted(mode_t st_mode) =20 =20 static int -qemuDomainAttachDeviceMknodRecursive(virQEMUDriverPtr driver, - virDomainObjPtr vm, - const char *file, - char * const *devMountsPath, - size_t ndevMountsPath, - unsigned int ttl) +qemuDomainMknodHelper(pid_t pid G_GNUC_UNUSED, + void *opaque) { - g_autoptr(virQEMUDriverConfig) cfg =3D NULL; - struct qemuDomainMknodData data; + qemuDomainMknodDataPtr data =3D opaque; + size_t i; int ret =3D -1; + + qemuSecurityPostFork(data->driver->securityManager); + + for (i =3D 0; i < data->nitems; i++) { + if (qemuDomainMknodOne(&data->items[i]) < 0) + goto cleanup; + } + + ret =3D 0; + cleanup: + qemuDomainMknodDataClear(data); + return ret; +} + + +static int +qemuDomainMknodItemInit(qemuDomainMknodItemPtr item, + virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm, + const char *file) +{ g_autofree char *target =3D NULL; bool isLink; bool isReg; =20 - if (!ttl) { - virReportSystemError(ELOOP, - _("Too many levels of symbolic links: %s"), - file); - return ret; - } + item->file =3D file; =20 - memset(&data, 0, sizeof(data)); - - data.driver =3D driver; - data.vm =3D vm; - data.file =3D file; - - if (g_lstat(file, &data.sb) < 0) { + if (g_lstat(file, &item->sb) < 0) { virReportSystemError(errno, _("Unable to access %s"), file); - return ret; + return -1; } =20 - isLink =3D S_ISLNK(data.sb.st_mode); - isReg =3D qemuDomainMknodItemIsBindMounted(data.sb.st_mode); + isLink =3D S_ISLNK(item->sb.st_mode); + isReg =3D qemuDomainMknodItemIsBindMounted(item->sb.st_mode); =20 if (isReg && STRPREFIX(file, QEMU_DEVPREFIX)) { - cfg =3D virQEMUDriverGetConfig(driver); if (!(target =3D qemuDomainGetPreservedMountPath(cfg, vm, file))) - goto cleanup; + return -1; =20 - if (virFileBindMountDevice(file, target) < 0) - goto cleanup; - - data.target =3D target; + item->target =3D g_steal_pointer(&target); } else if (isLink) { g_autoptr(GError) gerr =3D NULL; =20 if (!(target =3D g_file_read_link(file, &gerr))) { virReportError(VIR_ERR_SYSTEM_ERROR, _("failed to resolve symlink %s: %s"), file, ge= rr->message); - return ret; + return -1; } =20 if (!g_path_is_absolute(target)) { g_autofree char *fileTmp =3D g_strdup(file); - char *c =3D NULL, *tmp =3D NULL; + char *c =3D NULL; + char *tmp =3D NULL; =20 if ((c =3D strrchr(fileTmp, '/'))) *(c + 1) =3D '\0'; @@ -1331,92 +1359,79 @@ qemuDomainAttachDeviceMknodRecursive(virQEMUDriverP= tr driver, target =3D g_steal_pointer(&tmp); } =20 - data.target =3D target; + item->target =3D g_steal_pointer(&target); } =20 /* Symlinks don't have ACLs. */ if (!isLink && - virFileGetACLs(file, &data.acl) < 0 && + virFileGetACLs(file, &item->acl) < 0 && errno !=3D ENOTSUP) { virReportSystemError(errno, _("Unable to get ACLs on %s"), file); - goto cleanup; + return -1; } =20 # ifdef WITH_SELINUX - if (lgetfilecon_raw(file, &data.tcon) < 0 && + if (lgetfilecon_raw(file, &item->tcon) < 0 && (errno !=3D ENOTSUP && errno !=3D ENODATA)) { virReportSystemError(errno, _("Unable to get SELinux label from %s"), fil= e); - goto cleanup; + return -1; } # endif =20 - if (STRPREFIX(file, QEMU_DEVPREFIX)) { - size_t i; - - for (i =3D 0; i < ndevMountsPath; i++) { - if (STREQ(devMountsPath[i], "/dev")) - continue; - if (STRPREFIX(file, devMountsPath[i])) - break; - } - - if (i =3D=3D ndevMountsPath) { - if (qemuSecurityPreFork(driver->securityManager) < 0) - goto cleanup; - - if (virProcessRunInMountNamespace(vm->pid, - qemuDomainAttachDeviceMknodH= elper, - &data) < 0) { - qemuSecurityPostFork(driver->securityManager); - goto cleanup; - } - qemuSecurityPostFork(driver->securityManager); - } else { - VIR_DEBUG("Skipping dev %s because of %s mount point", - file, devMountsPath[i]); - } - } - - if (isLink && - qemuDomainAttachDeviceMknodRecursive(driver, vm, target, - devMountsPath, ndevMountsPath, - ttl -1) < 0) - goto cleanup; - - ret =3D 0; - cleanup: -# ifdef WITH_SELINUX - freecon(data.tcon); -# endif - virFileFreeACLs(&data.acl); - if (isReg && target) - umount(target); - return ret; + return 0; } =20 =20 -#else /* !defined(__linux__) */ - - static int -qemuDomainAttachDeviceMknodRecursive(virQEMUDriverPtr driver G_GNUC_UNUSED, - virDomainObjPtr vm G_GNUC_UNUSED, - const char *file G_GNUC_UNUSED, - char * const *devMountsPath G_GNUC_UN= USED, - size_t ndevMountsPath G_GNUC_UNUSED, - unsigned int ttl G_GNUC_UNUSED) +qemuDomainAttachDeviceMknodOne(qemuDomainMknodDataPtr data, + virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm, + const char *file, + char * const *devMountsPath, + size_t ndevMountsPath) { - virReportSystemError(ENOSYS, "%s", - _("Namespaces are not supported on this platform.= ")); - return -1; + long ttl =3D sysconf(_SC_SYMLOOP_MAX); + const char *next =3D file; + size_t i; + + while (1) { + qemuDomainMknodItem item =3D { 0 }; + + if (qemuDomainMknodItemInit(&item, cfg, vm, next) < 0) + return -1; + + if (STRPREFIX(next, QEMU_DEVPREFIX)) { + for (i =3D 0; i < ndevMountsPath; i++) { + if (STREQ(devMountsPath[i], "/dev")) + continue; + if (STRPREFIX(next, devMountsPath[i])) + break; + } + + if (i =3D=3D ndevMountsPath && + VIR_APPEND_ELEMENT_COPY(data->items, data->nitems, item) <= 0) + return -1; + } + + if (!S_ISLNK(item.sb.st_mode)) + break; + + if (ttl-- =3D=3D 0) { + virReportSystemError(ELOOP, + _("Too many levels of symbolic links: %s"= ), + next); + return -1; + } + + next =3D item.target; + } + + return 0; } =20 =20 -#endif /* !defined(__linux__) */ - - static int qemuDomainAttachDeviceMknod(virQEMUDriverPtr driver, virDomainObjPtr vm, @@ -1424,14 +1439,71 @@ qemuDomainAttachDeviceMknod(virQEMUDriverPtr driver, char * const *devMountsPath, size_t ndevMountsPath) { - long symloop_max =3D sysconf(_SC_SYMLOOP_MAX); + g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); + qemuDomainMknodData data =3D { 0 }; + size_t i; + int ret =3D -1; =20 - return qemuDomainAttachDeviceMknodRecursive(driver, vm, file, - devMountsPath, ndevMountsP= ath, - symloop_max); + data.driver =3D driver; + data.vm =3D vm; + + if (qemuDomainAttachDeviceMknodOne(&data, cfg, vm, file, + devMountsPath, ndevMountsPath) < 0) + return -1; + + for (i =3D 0; i < data.nitems; i++) { + qemuDomainMknodItemPtr item =3D &data.items[i]; + if (item->target && + qemuDomainMknodItemIsBindMounted(item->sb.st_mode)) { + if (virFileBindMountDevice(item->file, item->target) < 0) + goto cleanup; + item->bindmounted =3D true; + } + } + + if (qemuSecurityPreFork(driver->securityManager) < 0) + goto cleanup; + + if (virProcessRunInMountNamespace(vm->pid, + qemuDomainMknodHelper, + &data) < 0) { + qemuSecurityPostFork(driver->securityManager); + goto cleanup; + } + qemuSecurityPostFork(driver->securityManager); + + ret =3D 0; + cleanup: + for (i =3D 0; i < data.nitems; i++) { + if (data.items[i].bindmounted && + umount(data.items[i].target) < 0) { + VIR_WARN("Unable to unmount %s", data.items[i].target); + } + } + qemuDomainMknodDataClear(&data); + return ret; +} + + +#else /* !defined(__linux__) */ + + +static int +qemuDomainAttachDeviceMknod(virQEMUDriverPtr driver G_GNUC_UNUSED, + virDomainObjPtr vm G_GNUC_UNUSED, + const char *file G_GNUC_UNUSED, + char * const *devMountsPath G_GNUC_UNUSED, + size_t ndevMountsPath G_GNUC_UNUSED) +{ + virReportSystemError(ENOSYS, "%s", + _("Namespaces are not supported on this platform.= ")); + return -1; } =20 =20 +#endif /* !defined(__linux__) */ + + static int qemuDomainDetachDeviceUnlinkHelper(pid_t pid G_GNUC_UNUSED, void *opaque) --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595413688; cv=none; d=zohomail.com; s=zohoarc; b=INbuRzRPYxV10r0JXLKV2Il19FPrOL3VjzQWtHcpblFDCv2m3J+V+0XeTPRXi4CgGNiggYnFb6S1ZVkPs/ipNN5TF60p4C57YazkU1GcNZWl0HtS5k4mD0cfg5qdKwctGWbQNgkW455OsveAw+sWD4qwCE0nr/6pOBsSJSs8vuA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595413688; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=YvhTh6o+Na2b59xZyM/1f7MuWf9h4DA35C3WOQlMPyw=; b=mKMT6JsV5jtunJJ23Plhi+drv4iz6ilEWKn8Li8uvRz+9Htgexb7LKC3Y8RGePRLHDauOxMNq82O8/fUMYmIo/1CTOe34S6LkOe1lk6i4ZagcN0SnmlB5OmPKCEMzFJgml/aAuvCJujpgY5cDhs1s5BkZow8CFpeXpfF9RQ3y90= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1595413688026409.9521067294345; Wed, 22 Jul 2020 03:28:08 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-268-7tJVGzeRNY6LujHrFLHqQA-1; Wed, 22 Jul 2020 06:28:04 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 8E883102C7F2; Wed, 22 Jul 2020 10:27:58 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 664A6100EBB3; Wed, 22 Jul 2020 10:27:58 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 3630F730D6; Wed, 22 Jul 2020 10:27:58 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9ethh000947 for ; Wed, 22 Jul 2020 05:40:55 -0400 Received: by smtp.corp.redhat.com (Postfix) id 6D6431A8F7; Wed, 22 Jul 2020 09:40:55 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id DCFDE1A90F for ; Wed, 22 Jul 2020 09:40:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595413686; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=YvhTh6o+Na2b59xZyM/1f7MuWf9h4DA35C3WOQlMPyw=; b=PLXKJWUrM4IW+I6CozEcTB7dItFSgncI3QbOBq0hdzHaFc211fpDffUSKx5/sa/b4Nx04k uKTIdDtDHXDW7HLiSSfqnzd8youTDHPEEIie75nLjMDh1ewmFF2Lup6RfsDvYEOFAw1ays gxTWq2cykzgh+Hzd4XrHSFiSelVr6tY= X-MC-Unique: 7tJVGzeRNY6LujHrFLHqQA-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 12/34] qemuDomainNamespaceMknodPaths: Create more files in one go Date: Wed, 22 Jul 2020 11:40:06 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" While the previous commit prepared the helper function run in a forked off helper (with corresponding struct), this commit modifies the caller, which now create all files requested in a single process and does not fork off for every single path. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 89 ++++++++++++-------------------- 1 file changed, 32 insertions(+), 57 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 31acf2bde6..b9f8c32770 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1385,12 +1385,12 @@ qemuDomainMknodItemInit(qemuDomainMknodItemPtr item, =20 =20 static int -qemuDomainAttachDeviceMknodOne(qemuDomainMknodDataPtr data, - virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, - const char *file, - char * const *devMountsPath, - size_t ndevMountsPath) +qemuDomainNamespacePrepareOne(qemuDomainMknodDataPtr data, + virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm, + const char *file, + char * const *devMountsPath, + size_t ndevMountsPath) { long ttl =3D sysconf(_SC_SYMLOOP_MAX); const char *next =3D file; @@ -1433,23 +1433,36 @@ qemuDomainAttachDeviceMknodOne(qemuDomainMknodDataP= tr data, =20 =20 static int -qemuDomainAttachDeviceMknod(virQEMUDriverPtr driver, - virDomainObjPtr vm, - const char *file, - char * const *devMountsPath, - size_t ndevMountsPath) +qemuDomainNamespaceMknodPaths(virDomainObjPtr vm, + const char **paths, + size_t npaths) { - g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); + qemuDomainObjPrivatePtr priv =3D vm->privateData; + virQEMUDriverPtr driver =3D priv->driver; + g_autoptr(virQEMUDriverConfig) cfg =3D NULL; + char **devMountsPath =3D NULL; + size_t ndevMountsPath =3D 0; qemuDomainMknodData data =3D { 0 }; size_t i; int ret =3D -1; =20 + if (npaths =3D=3D 0) + return 0; + + cfg =3D virQEMUDriverGetConfig(driver); + if (qemuDomainGetPreservedMounts(cfg, vm, + &devMountsPath, NULL, + &ndevMountsPath) < 0) + return -1; + data.driver =3D driver; data.vm =3D vm; =20 - if (qemuDomainAttachDeviceMknodOne(&data, cfg, vm, file, - devMountsPath, ndevMountsPath) < 0) - return -1; + for (i =3D 0; i < npaths; i++) { + if (qemuDomainNamespacePrepareOne(&data, cfg, vm, paths[i], + devMountsPath, ndevMountsPath) <= 0) + goto cleanup; + } =20 for (i =3D 0; i < data.nitems; i++) { qemuDomainMknodItemPtr item =3D &data.items[i]; @@ -1481,6 +1494,7 @@ qemuDomainAttachDeviceMknod(virQEMUDriverPtr driver, } } qemuDomainMknodDataClear(&data); + virStringListFreeCount(devMountsPath, ndevMountsPath); return ret; } =20 @@ -1489,11 +1503,9 @@ qemuDomainAttachDeviceMknod(virQEMUDriverPtr driver, =20 =20 static int -qemuDomainAttachDeviceMknod(virQEMUDriverPtr driver G_GNUC_UNUSED, - virDomainObjPtr vm G_GNUC_UNUSED, - const char *file G_GNUC_UNUSED, - char * const *devMountsPath G_GNUC_UNUSED, - size_t ndevMountsPath G_GNUC_UNUSED) +qemuDomainNamespaceMknodPaths(virDomainObjPtr vm G_GNUC_UNUSED, + const char **paths G_GNUC_UNUSED, + size_t npaths G_GNUC_UNUSED) { virReportSystemError(ENOSYS, "%s", _("Namespaces are not supported on this platform.= ")); @@ -1550,43 +1562,6 @@ qemuDomainDetachDeviceUnlink(virQEMUDriverPtr driver= G_GNUC_UNUSED, } =20 =20 -static int -qemuDomainNamespaceMknodPaths(virDomainObjPtr vm, - const char **paths, - size_t npaths) -{ - qemuDomainObjPrivatePtr priv =3D vm->privateData; - virQEMUDriverPtr driver =3D priv->driver; - g_autoptr(virQEMUDriverConfig) cfg =3D NULL; - char **devMountsPath =3D NULL; - size_t ndevMountsPath =3D 0; - int ret =3D -1; - size_t i; - - if (!npaths) - return 0; - - cfg =3D virQEMUDriverGetConfig(driver); - if (qemuDomainGetPreservedMounts(cfg, vm, - &devMountsPath, NULL, - &ndevMountsPath) < 0) - goto cleanup; - - for (i =3D 0; i < npaths; i++) { - if (qemuDomainAttachDeviceMknod(driver, - vm, - paths[i], - devMountsPath, ndevMountsPath) < 0) - goto cleanup; - } - - ret =3D 0; - cleanup: - virStringListFreeCount(devMountsPath, ndevMountsPath); - return ret; -} - - static int qemuDomainNamespaceMknodPath(virDomainObjPtr vm, const char *path) --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595410872; cv=none; d=zohomail.com; s=zohoarc; b=XJDwGDoCE1RMe4upQ01N92DRGbEoTyxZnbJTZzhnMK8qW+dd5et7BBeR2i2g+GWFHeH6PJY3cPXDUX2T37bzjwVibxEkNU5LlKl5QzghLCrLV8x6EhrI0hYlk/PPlGqeTFf9aWA9k5bYnhFZ1FCAl7G4/Is24snqituNJhpRxQ8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595410872; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=5UST0wBPLG5Y/PuXK5OBHxIRE1h5dPdwldVE8eVl09k=; b=K7tNKd+VdPtUyAdIThfuNcn0qJ5bcPJUPmgjyzMForHWYVDGZLo5dyj3uu/+J3sWuGsekRVD6pjBR86TIJETORU5pIc8JkI8bBHckF6OsGHmYF5TwkyjiiP5LwmBiYGu/RrdZ/fEdwy3rEEdHJT/i5tOADsLwpIAoFMkH4rpOqk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1595410872253649.187769771467; Wed, 22 Jul 2020 02:41:12 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-482-4b2q7Bs7OI6p3AjIo73dtA-1; Wed, 22 Jul 2020 05:41:08 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C1F4091272; Wed, 22 Jul 2020 09:41:00 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A244F78540; Wed, 22 Jul 2020 09:41:00 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6F00D1800C9A; Wed, 22 Jul 2020 09:41:00 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9euMJ000952 for ; Wed, 22 Jul 2020 05:40:56 -0400 Received: by smtp.corp.redhat.com (Postfix) id 4D9242B4DD; Wed, 22 Jul 2020 09:40:56 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id C11FE1A8F7 for ; Wed, 22 Jul 2020 09:40:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595410871; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=5UST0wBPLG5Y/PuXK5OBHxIRE1h5dPdwldVE8eVl09k=; b=BaGLbN9FNUoWnlDh9kfaliV4sQqfojTKEocP0yd+1xHwbPdY+3JLDILHVHgrgts0XTc/N1 +p4VqamaZF6m4uNl9i5RinYO4831+GnxPv/xiv9n5CFVkmnxQfElaR0S6/74Huf08u3v5x 0p7GWwg3QJoFQ/Ii1whZdBslChdT4y8= X-MC-Unique: 4b2q7Bs7OI6p3AjIo73dtA-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 13/34] qemuDomainNamespaceMknodPaths: Turn @paths into string list Date: Wed, 22 Jul 2020 11:40:07 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Every caller does the same - counts the number of items in a string list they have, only to pass the number to qemuDomainNamespaceMknodPaths(). This is needless - the function can accept the string list and count the items itself. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index b9f8c32770..1803943fbc 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1434,18 +1434,19 @@ qemuDomainNamespacePrepareOne(qemuDomainMknodDataPt= r data, =20 static int qemuDomainNamespaceMknodPaths(virDomainObjPtr vm, - const char **paths, - size_t npaths) + const char **paths) { qemuDomainObjPrivatePtr priv =3D vm->privateData; virQEMUDriverPtr driver =3D priv->driver; g_autoptr(virQEMUDriverConfig) cfg =3D NULL; char **devMountsPath =3D NULL; size_t ndevMountsPath =3D 0; + size_t npaths =3D 0; qemuDomainMknodData data =3D { 0 }; size_t i; int ret =3D -1; =20 + npaths =3D virStringListLength(paths); if (npaths =3D=3D 0) return 0; =20 @@ -1566,9 +1567,9 @@ static int qemuDomainNamespaceMknodPath(virDomainObjPtr vm, const char *path) { - const char *paths[] =3D { path }; + const char *paths[] =3D { path, NULL }; =20 - return qemuDomainNamespaceMknodPaths(vm, paths, 1); + return qemuDomainNamespaceMknodPaths(vm, paths); } =20 =20 @@ -1624,7 +1625,6 @@ qemuDomainNamespaceSetupDisk(virDomainObjPtr vm, { virStorageSourcePtr next; VIR_AUTOSTRINGLIST paths =3D NULL; - size_t npaths =3D 0; bool hasNVMe =3D false; =20 if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) @@ -1674,8 +1674,7 @@ qemuDomainNamespaceSetupDisk(virDomainObjPtr vm, virStringListAdd(&paths, QEMU_DEV_VFIO) < 0) return -1; =20 - npaths =3D virStringListLength((const char **) paths); - if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths, npaths) <= 0) + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 return 0; @@ -1713,7 +1712,6 @@ qemuDomainNamespaceSetupHostdev(virDomainObjPtr vm, { g_autofree char *path =3D NULL; VIR_AUTOSTRINGLIST paths =3D NULL; - size_t npaths =3D 0; =20 if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) return 0; @@ -1729,8 +1727,7 @@ qemuDomainNamespaceSetupHostdev(virDomainObjPtr vm, virStringListAdd(&paths, QEMU_DEV_VFIO) < 0) return -1; =20 - npaths =3D virStringListLength((const char **) paths); - if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths, npaths) <= 0) + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 return 0; --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595410926; cv=none; d=zohomail.com; s=zohoarc; b=AvyxCZMxJy5cl5YugoYqpfXNja9xaXcItZm7x2imSbG2D3DO6tB7EjekEaQAoz02iFA6s5bwJrvChmSeQd+PTed17+KOdDtJxifBNP7q5v+cE6jeTGEAr549y+4zZ9T6BQGWEMSx4Jy2ioEn2NUbyF5tQJhrNjWen8RjY3cJtWI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595410926; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=yhbFLmfxLDoHX5gTgo/jxjoSya602JXZlUyRPUA8yEA=; b=KgpzL3DNPYaG5aqmRfkY1VUm6FA6r85V64SWbJd5BlqS/8B6wtS140pNjbJENlw79SQy8xIfJaXukwQ88M/VwBbXgbeAOz+en+7feQuPJlsLZEMshDyqX8DNmTFRL5TOFcfmW0/DnfchMh1fpYgN+SKSMssHQJUSkJneZzHxda8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1595410926527708.0657515555796; Wed, 22 Jul 2020 02:42:06 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-470-cQ4vKA0ZPwyEtybB-N0TDg-1; Wed, 22 Jul 2020 05:41:08 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 39608801A03; Wed, 22 Jul 2020 09:41:03 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 19B895C1C3; Wed, 22 Jul 2020 09:41:03 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id DAFAC1800FDD; Wed, 22 Jul 2020 09:41:02 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9evYF000958 for ; Wed, 22 Jul 2020 05:40:57 -0400 Received: by smtp.corp.redhat.com (Postfix) id 2F2F62DE6B; Wed, 22 Jul 2020 09:40:57 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id A24871A8F7 for ; Wed, 22 Jul 2020 09:40:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595410925; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=yhbFLmfxLDoHX5gTgo/jxjoSya602JXZlUyRPUA8yEA=; b=ZLv+v1U7njxZxEYHvPfiUgxXO9sk5pGqo7+VdXMasaMxcprhsaYzKU4+Y+h39fTUpZtiIY qCANzCBoieF8lpRNv3VbUtxxeJFdiw7+j4d094c+ivhV/jdMnJWFnQznyVk+IeR8Tc74zN zAL4jcTPYEbHXTcb7sPah84qyqlr2C4= X-MC-Unique: cQ4vKA0ZPwyEtybB-N0TDg-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 14/34] qemuDomainSetupDisk: Accept @src Date: Wed, 22 Jul 2020 11:40:08 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" The aim to make it look as close to qemuDomainNamespaceSetupDisk() as possible. The latter will call the former and this change makes that diff easier to read. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 1803943fbc..18ec86816c 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -486,13 +486,13 @@ qemuDomainSetupDev(virQEMUDriverConfigPtr cfg, =20 =20 static int -qemuDomainSetupDisk(virDomainDiskDefPtr disk, +qemuDomainSetupDisk(virStorageSourcePtr src, const struct qemuDomainCreateDeviceData *data) { virStorageSourcePtr next; bool hasNVMe =3D false; =20 - for (next =3D disk->src; virStorageSourceIsBacking(next); next =3D nex= t->backingStore) { + for (next =3D src; virStorageSourceIsBacking(next); next =3D next->bac= kingStore) { VIR_AUTOSTRINGLIST targetPaths =3D NULL; size_t i; =20 @@ -531,7 +531,7 @@ qemuDomainSetupDisk(virDomainDiskDefPtr disk, } =20 /* qemu-pr-helper might require access to /dev/mapper/control. */ - if (disk->src->pr && + if (src->pr && qemuDomainCreateDevice(QEMU_DEVICE_MAPPER_CONTROL_PATH, data, true= ) < 0) return -1; =20 @@ -551,7 +551,7 @@ qemuDomainSetupAllDisks(virDomainObjPtr vm, VIR_DEBUG("Setting up disks"); =20 for (i =3D 0; i < vm->def->ndisks; i++) { - if (qemuDomainSetupDisk(vm->def->disks[i], + if (qemuDomainSetupDisk(vm->def->disks[i]->src, data) < 0) return -1; } --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411047; cv=none; d=zohomail.com; s=zohoarc; b=b+xKZEe+56fPnl4DCqxHQEU+zcIawlGwEdpH45V2D0rBKuniMDmoni2IPu4nru0dnP34huItjsE6BA1bPvstp4kwS+xxeFY2gXBNGSK2qb8YvuBeTjVi0gEsu78iNeCttGncF+R2Mwn4zD7aUKsEpm3GSx3nMGRaiY3W7iYCYM8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411047; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=7Mxx7X/TVNNLqkkNsxfrJFGhUFZCSmc5YGJBZB4Eywo=; b=M8N7LXmEH23K/XFSKzPL9gIhXjlvhuBjkEGCF6cmXFwRt0fAuH1nQOr81C2T99liozWYCQql00O48DUXyCYrP6xEDHZT+1oRJ9WyVcM9rf23aY2c0OpRg7+U4JPNiJLG2B4oEpJzEp6DzAUbVZpIfi5tq6ZnlGhTrszkYKaels8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1595411047357508.2359423928158; Wed, 22 Jul 2020 02:44:07 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-125-5U6pymc0M9iEUHSyTXAf_Q-1; Wed, 22 Jul 2020 05:44:01 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7284D18C63C3; Wed, 22 Jul 2020 09:43:56 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 4E9008BEC3; Wed, 22 Jul 2020 09:43:56 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 1E79D730E6; Wed, 22 Jul 2020 09:43:56 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9ewhr000966 for ; Wed, 22 Jul 2020 05:40:58 -0400 Received: by smtp.corp.redhat.com (Postfix) id 102191A8F7; Wed, 22 Jul 2020 09:40:58 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 83A2A2B6DB for ; Wed, 22 Jul 2020 09:40:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411046; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=7Mxx7X/TVNNLqkkNsxfrJFGhUFZCSmc5YGJBZB4Eywo=; b=ZhRju75Ti7smcKH7FI+p6lqhpfUa+qxCh7V3gLLQmlWHoh6rq8qD1xMk/TMyBZdr5J1E0W ro6/SwO1vCkN31ZNU2v2wKLPzDx2Qf5mxfn6YhMQ5aHtYulApOCOt3zwUXlPB4trSDYlMz gdTCJjulFxvtWm6h3Y5umbegHr7u5To= X-MC-Unique: 5U6pymc0M9iEUHSyTXAf_Q-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 15/34] qemu_domain_namespace: Repurpose qemuDomainBuildNamespace() Date: Wed, 22 Jul 2020 11:40:09 +0200 Message-Id: <46fcdcfd750c4726af6b2eb084f48bd635b0920b.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Okay, here is the deal. Currently, the way we build namespace is very fragile. It is done from pre-exec hook when starting a domain, after we mass closed all FDs and before we drop privileges and exec() QEMU. This fact poses some limitations onto the namespace build code, e.g. it has to make sure not to keep any FD opened (not even through a library call), because it would be leaked to QEMU. Also, it has to call only async signal safe functions. These requirements are hard to meet - in fact as of my commit v6.2.0-rc1~235 we are leaking a FD into QEMU by calling libdevmapper functions. To solve this issue and avoid similar problems in the future, we should change our paradigm. We already have functions which can populate domain's namespace with nodes from the daemon context. If we use them to populate the namespace and keep only the bare minimum in the pre-exec hook, we've mitigated the risk. Therefore, the old qemuDomainBuildNamespace() is renamed to qemuDomainUnshareNamespace() and new qemuDomainBuildNamespace() function is introduced. So far, the new function is basically a NOP and domain's namespace is still populated from the pre-exec hook - next patches will fix it. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 23 ++++++++++++++++++++--- src/qemu/qemu_domain_namespace.h | 8 +++++--- src/qemu/qemu_process.c | 6 +++++- 3 files changed, 30 insertions(+), 7 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 18ec86816c..38abed56c8 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -856,10 +856,27 @@ qemuDomainSetupLaunchSecurity(virDomainObjPtr vm, } =20 =20 +static int +qemuDomainNamespaceMknodPaths(virDomainObjPtr vm, + const char **paths); + + int -qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, - virSecurityManagerPtr mgr, - virDomainObjPtr vm) +qemuDomainBuildNamespace(virDomainObjPtr vm) +{ + VIR_AUTOSTRINGLIST paths =3D NULL; + + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) + return -1; + + return 0; +} + + +int +qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, + virSecurityManagerPtr mgr, + virDomainObjPtr vm) { struct qemuDomainCreateDeviceData data; const char *devPath =3D NULL; diff --git a/src/qemu/qemu_domain_namespace.h b/src/qemu/qemu_domain_namesp= ace.h index 0182ce50a2..70eebf4dc4 100644 --- a/src/qemu/qemu_domain_namespace.h +++ b/src/qemu/qemu_domain_namespace.h @@ -37,9 +37,11 @@ int qemuDomainEnableNamespace(virDomainObjPtr vm, bool qemuDomainNamespaceEnabled(virDomainObjPtr vm, qemuDomainNamespace ns); =20 -int qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, - virSecurityManagerPtr mgr, - virDomainObjPtr vm); +int qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, + virSecurityManagerPtr mgr, + virDomainObjPtr vm); + +int qemuDomainBuildNamespace(virDomainObjPtr vm); =20 void qemuDomainDestroyNamespace(virQEMUDriverPtr driver, virDomainObjPtr vm); diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index c076dcac3a..bee0fd031b 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -3164,7 +3164,7 @@ static int qemuProcessHook(void *data) if (qemuSecurityClearSocketLabel(h->driver->securityManager, h->vm->de= f) < 0) goto cleanup; =20 - if (qemuDomainBuildNamespace(h->cfg, h->driver->securityManager, h->vm= ) < 0) + if (qemuDomainUnshareNamespace(h->cfg, h->driver->securityManager, h->= vm) < 0) goto cleanup; =20 if (virDomainNumatuneGetMode(h->vm->def->numa, -1, &mode) =3D=3D 0) { @@ -6831,6 +6831,10 @@ qemuProcessLaunch(virConnectPtr conn, goto cleanup; } =20 + VIR_DEBUG("Building domain mount namespace (if required)"); + if (qemuDomainBuildNamespace(vm) < 0) + goto cleanup; + VIR_DEBUG("Setting up domain cgroup (if required)"); if (qemuSetupCgroup(vm, nnicindexes, nicindexes) < 0) goto cleanup; --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411047; cv=none; d=zohomail.com; s=zohoarc; b=Sx85WY/O0vXhXWpxKqmKRYN71+beqOPrqnh8HS60OLhXfeuMzqe8C09udXhqRAWh9nWZC3bv4tKNRsuM4ndBZkKN9/yZu+GVsEIerUWDWCtu5j8L1fKwf461kKMTnJkDBfS91EbPAY4PP8W/K5vo48+sMaX/EzqeKlKI1Kn0Z7M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411047; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=q6qJ4hLt1obd+8ZXnq/+dM1dcOyrstmlheMUSaKoWo8=; b=OHhZuQf59puNscsoDfgsrb4U3P38lxLKfEPUBtRPnA3AGH/ED8GxoW7JbzhPsCBslqoP/XyE+YUjVz2ix9eSyMyZg9BYXQeTdfri57GdD3vQAHp9nthnphALp/QT3WH7JI9UyhfY+456AxrAridqG8O/ULu9eU6iKZhTOy08Ifc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 1595411047845155.87474260524243; Wed, 22 Jul 2020 02:44:07 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-385-TArasBhDORKKAPuWu53yww-1; Wed, 22 Jul 2020 05:44:04 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B36C218C63CB; Wed, 22 Jul 2020 09:43:58 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8E512726A9; Wed, 22 Jul 2020 09:43:58 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 5EE7F730F1; Wed, 22 Jul 2020 09:43:58 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9ewpM000976 for ; Wed, 22 Jul 2020 05:40:58 -0400 Received: by smtp.corp.redhat.com (Postfix) id E614C1A90F; Wed, 22 Jul 2020 09:40:58 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 64AD21A8F7 for ; Wed, 22 Jul 2020 09:40:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411046; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=q6qJ4hLt1obd+8ZXnq/+dM1dcOyrstmlheMUSaKoWo8=; b=fDlaib9eed1Ptcx3zLQxn9iMNFDPQcSBqzT3xV1GnKcWE+8b0j6oRdPWFXLM9IvYYVgIr/ cgFNLX2NJII8GpgDXOL1j6oBEqugl55UZhOBYUra+K7Nu9cHjJlBJLKSbdHpk7FH6R/KI3 mGnnzLbJ9zwtOtV2qx8faDpPXSy7XxI= X-MC-Unique: TArasBhDORKKAPuWu53yww-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 16/34] qemuDomainBuildNamespace: Populate basic /dev from daemon's namespace Date: Wed, 22 Jul 2020 11:40:10 +0200 Message-Id: <01d3fe158addf38995eab2f4d647639938b08715.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" As mentioned in previous commit, populating domain's namespace from pre-exec() hook is dangerous. This commit moves population of the namespace with basic /dev nodes (e.g. /dev/null, /dev/kvm, etc.) into daemon's namespace. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 23 +++++++++++------------ src/qemu/qemu_domain_namespace.h | 3 ++- src/qemu/qemu_process.c | 2 +- 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 38abed56c8..17c804dfca 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -435,8 +435,7 @@ qemuDomainCreateDevice(const char *device, =20 static int qemuDomainPopulateDevices(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm G_GNUC_UNUSED, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { const char *const *devices =3D (const char *const *) cfg->cgroupDevice= ACL; size_t i; @@ -445,7 +444,7 @@ qemuDomainPopulateDevices(virQEMUDriverConfigPtr cfg, devices =3D defaultDeviceACL; =20 for (i =3D 0; devices[i]; i++) { - if (qemuDomainCreateDevice(devices[i], data, true) < 0) + if (virStringListAdd(paths, devices[i]) < 0) return -1; } =20 @@ -454,10 +453,9 @@ qemuDomainPopulateDevices(virQEMUDriverConfigPtr cfg, =20 =20 static int -qemuDomainSetupDev(virQEMUDriverConfigPtr cfg, - virSecurityManagerPtr mgr, +qemuDomainSetupDev(virSecurityManagerPtr mgr, virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) + const char *path) { g_autofree char *mount_options =3D NULL; g_autofree char *opts =3D NULL; @@ -475,10 +473,7 @@ qemuDomainSetupDev(virQEMUDriverConfigPtr cfg, */ opts =3D g_strdup_printf("mode=3D755,size=3D65536%s", mount_options); =20 - if (virFileSetupDev(data->path, opts) < 0) - return -1; - - if (qemuDomainPopulateDevices(cfg, vm, data) < 0) + if (virFileSetupDev(path, opts) < 0) return -1; =20 return 0; @@ -862,10 +857,14 @@ qemuDomainNamespaceMknodPaths(virDomainObjPtr vm, =20 =20 int -qemuDomainBuildNamespace(virDomainObjPtr vm) +qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm) { VIR_AUTOSTRINGLIST paths =3D NULL; =20 + if (qemuDomainPopulateDevices(cfg, &paths) < 0) + return -1; + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 @@ -914,7 +913,7 @@ qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, if (virProcessSetupPrivateMountNS() < 0) goto cleanup; =20 - if (qemuDomainSetupDev(cfg, mgr, vm, &data) < 0) + if (qemuDomainSetupDev(mgr, vm, devPath) < 0) goto cleanup; =20 if (qemuDomainSetupAllDisks(vm, &data) < 0) diff --git a/src/qemu/qemu_domain_namespace.h b/src/qemu/qemu_domain_namesp= ace.h index 70eebf4dc4..644f2adef3 100644 --- a/src/qemu/qemu_domain_namespace.h +++ b/src/qemu/qemu_domain_namespace.h @@ -41,7 +41,8 @@ int qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, virSecurityManagerPtr mgr, virDomainObjPtr vm); =20 -int qemuDomainBuildNamespace(virDomainObjPtr vm); +int qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm); =20 void qemuDomainDestroyNamespace(virQEMUDriverPtr driver, virDomainObjPtr vm); diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index bee0fd031b..e2f32dc25a 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -6832,7 +6832,7 @@ qemuProcessLaunch(virConnectPtr conn, } =20 VIR_DEBUG("Building domain mount namespace (if required)"); - if (qemuDomainBuildNamespace(vm) < 0) + if (qemuDomainBuildNamespace(cfg, vm) < 0) goto cleanup; =20 VIR_DEBUG("Setting up domain cgroup (if required)"); --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595413691; cv=none; d=zohomail.com; s=zohoarc; b=MXZhS7LcGesifqhIJ9w+8tauvfLi4rjlyjJpXwM7O3cAiQ6kc3gmQ/eKwmpQ4D6VyM/aP3Wu1TFT0mcuf+fZA0WFP31d9K6nW455ashorATByhvEofbso/YA7TNof/FqFY43e6wQekkFc6NSIetrbhlGMn6GBKHgoipckCYQZMQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595413691; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=LoTAClexmsCxErIToyqLK1jP3aXOqaF1/3IjQas56aI=; b=XMxHcs0ynO6QxdIntcP0INsOqDaHutsg4fohAVC/OHiq99I3D51h2N+RzJANEqVrUNCZCIGeBkGEFGApF4FZUab4urovtvjKwSdJheDlsbK+PhAjQfGuVz7uWieCUt58nyjx6EltFIS/tCv13Qybo8tZ3KU49hB4Eb+vxkq5HNs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1595413691396902.9882529500588; Wed, 22 Jul 2020 03:28:11 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-386-tEPl4cxDMXSsa-eTKOfDVg-1; Wed, 22 Jul 2020 06:28:07 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 193C58015F3; Wed, 22 Jul 2020 10:28:02 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E71AB61176; Wed, 22 Jul 2020 10:28:01 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B7CBB730E9; Wed, 22 Jul 2020 10:28:01 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9exBr000983 for ; Wed, 22 Jul 2020 05:40:59 -0400 Received: by smtp.corp.redhat.com (Postfix) id C9B0F1A90F; Wed, 22 Jul 2020 09:40:59 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4807E1A8F7 for ; Wed, 22 Jul 2020 09:40:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595413690; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=LoTAClexmsCxErIToyqLK1jP3aXOqaF1/3IjQas56aI=; b=IvanDj8NaZWab/VNmtyf1hnc3fg0a/FQs6+Sl7PYSbKMSjL/8zweA/qxb0tYoUkU2U5PxR tCuUlxJe8orucc82s5zD239ACMdZ94JxbIM5CELFOtZQQ44JHj+aI+0+byEqxhjxJmXm+k HL4IqTf0PebU3F2P8l7WJVUXnPbdPS4= X-MC-Unique: tEPl4cxDMXSsa-eTKOfDVg-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 17/34] qemuDomainBuildNamespace: Populate disks from daemon's namespace Date: Wed, 22 Jul 2020 11:40:11 +0200 Message-Id: <5256d044ea9d2efa1f774b37ac24019b7a49113d.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" As mentioned in one of previous commits, populating domain's namespace from pre-exec() hook is dangerous. This commit moves population of the namespace with domain disks into daemon's namespace. Fixes: a30078cb832646177defd256e77c632905f1e6d0 Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=3D1858260 Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 89 ++++++++------------------------ 1 file changed, 22 insertions(+), 67 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 17c804dfca..61f7846009 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -482,33 +482,29 @@ qemuDomainSetupDev(virSecurityManagerPtr mgr, =20 static int qemuDomainSetupDisk(virStorageSourcePtr src, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { virStorageSourcePtr next; bool hasNVMe =3D false; =20 for (next =3D src; virStorageSourceIsBacking(next); next =3D next->bac= kingStore) { - VIR_AUTOSTRINGLIST targetPaths =3D NULL; - size_t i; + g_autofree char *tmpPath =3D NULL; =20 if (next->type =3D=3D VIR_STORAGE_TYPE_NVME) { - g_autofree char *nvmePath =3D NULL; - hasNVMe =3D true; =20 - if (!(nvmePath =3D virPCIDeviceAddressGetIOMMUGroupDev(&next->= nvme->pciAddr))) - return -1; - - if (qemuDomainCreateDevice(nvmePath, data, false) < 0) + if (!(tmpPath =3D virPCIDeviceAddressGetIOMMUGroupDev(&next->n= vme->pciAddr))) return -1; } else { - if (!next->path || !virStorageSourceIsLocalStorage(next)) { + VIR_AUTOSTRINGLIST targetPaths =3D NULL; + + if (virStorageSourceIsEmpty(next) || + !virStorageSourceIsLocalStorage(next)) { /* Not creating device. Just continue. */ continue; } =20 - if (qemuDomainCreateDevice(next->path, data, false) < 0) - return -1; + tmpPath =3D g_strdup(next->path); =20 if (virDevMapperGetTargets(next->path, &targetPaths) < 0 && errno !=3D ENOSYS) { @@ -518,20 +514,21 @@ qemuDomainSetupDisk(virStorageSourcePtr src, return -1; } =20 - for (i =3D 0; targetPaths && targetPaths[i]; i++) { - if (qemuDomainCreateDevice(targetPaths[i], data, false) < = 0) - return -1; - } + if (virStringListMerge(paths, &targetPaths) < 0) + return -1; } + + if (virStringListAdd(paths, tmpPath) < 0) + return -1; } =20 /* qemu-pr-helper might require access to /dev/mapper/control. */ if (src->pr && - qemuDomainCreateDevice(QEMU_DEVICE_MAPPER_CONTROL_PATH, data, true= ) < 0) + virStringListAdd(paths, QEMU_DEVICE_MAPPER_CONTROL_PATH) < 0) return -1; =20 if (hasNVMe && - qemuDomainCreateDevice(QEMU_DEV_VFIO, data, false) < 0) + virStringListAdd(paths, QEMU_DEV_VFIO) < 0) return -1; =20 return 0; @@ -540,14 +537,15 @@ qemuDomainSetupDisk(virStorageSourcePtr src, =20 static int qemuDomainSetupAllDisks(virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { size_t i; + VIR_DEBUG("Setting up disks"); =20 for (i =3D 0; i < vm->def->ndisks; i++) { if (qemuDomainSetupDisk(vm->def->disks[i]->src, - data) < 0) + paths) < 0) return -1; } =20 @@ -865,6 +863,9 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainPopulateDevices(cfg, &paths) < 0) return -1; =20 + if (qemuDomainSetupAllDisks(vm, &paths) < 0) + return -1; + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 @@ -916,9 +917,6 @@ qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupDev(mgr, vm, devPath) < 0) goto cleanup; =20 - if (qemuDomainSetupAllDisks(vm, &data) < 0) - goto cleanup; - if (qemuDomainSetupAllHostdevs(vm, &data) < 0) goto cleanup; =20 @@ -1639,55 +1637,12 @@ int qemuDomainNamespaceSetupDisk(virDomainObjPtr vm, virStorageSourcePtr src) { - virStorageSourcePtr next; VIR_AUTOSTRINGLIST paths =3D NULL; - bool hasNVMe =3D false; =20 if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) return 0; =20 - for (next =3D src; virStorageSourceIsBacking(next); next =3D next->bac= kingStore) { - g_autofree char *tmpPath =3D NULL; - - if (next->type =3D=3D VIR_STORAGE_TYPE_NVME) { - hasNVMe =3D true; - - if (!(tmpPath =3D virPCIDeviceAddressGetIOMMUGroupDev(&next->n= vme->pciAddr))) - return -1; - } else { - VIR_AUTOSTRINGLIST targetPaths =3D NULL; - - if (virStorageSourceIsEmpty(next) || - !virStorageSourceIsLocalStorage(next)) { - /* Not creating device. Just continue. */ - continue; - } - - tmpPath =3D g_strdup(next->path); - - if (virDevMapperGetTargets(next->path, &targetPaths) < 0 && - errno !=3D ENOSYS) { - virReportSystemError(errno, - _("Unable to get devmapper targets fo= r %s"), - next->path); - return -1; - } - - if (virStringListMerge(&paths, &targetPaths) < 0) - return -1; - } - - if (virStringListAdd(&paths, tmpPath) < 0) - return -1; - } - - /* qemu-pr-helper might require access to /dev/mapper/control. */ - if (src->pr && - virStringListAdd(&paths, QEMU_DEVICE_MAPPER_CONTROL_PATH) < 0) - return -1; - - if (hasNVMe && - virStringListAdd(&paths, QEMU_DEV_VFIO) < 0) + if (qemuDomainSetupDisk(src, &paths) < 0) return -1; =20 if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595413692; cv=none; d=zohomail.com; s=zohoarc; b=bIq7R6/2zZ97Qqs6PpN9ViYQxJ7EBpVrNFQ0EBOlfdAcYUrbaMtBacDNwybrUtyDS4+0t2AbyZJdG6u6msI2Q/1MWbstCAOajUIfuWbM4NY6VsozTUJ0F7EBwGh/3nmpqKAE2I0xFIh3oA02vOZasig/RPEXVuid/ovAKztIPY0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595413692; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=RdK7lgl7i8FZsKCBhuK0bdttg2MVH7gjy1+jQf+Vr1Y=; b=fF+OU19d/TQ46Wtcyy4bS0UvGUKAC8/oPxg0dQ8RZU9MOsrBuZYVsCCjvtg7niZgZMgiuHXFHFZ+zZfgpD2zyPVptdcsaXCBL++sM5SA38pOvy4LlGTybu4DlUwd4QTw8teGuvj1UU/fMmrddCmlMSCTL9e3j506DLema+IS79o= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1595413692978164.46202833244536; Wed, 22 Jul 2020 03:28:12 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-137-7Y6TfcVsNZSSU4XlqZ4PQA-1; Wed, 22 Jul 2020 06:28:09 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 5B31C189CF10; Wed, 22 Jul 2020 10:28:04 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3B3118BECE; Wed, 22 Jul 2020 10:28:04 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0B9A6730F1; Wed, 22 Jul 2020 10:28:04 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9f0EO000992 for ; Wed, 22 Jul 2020 05:41:00 -0400 Received: by smtp.corp.redhat.com (Postfix) id AAF121A90F; Wed, 22 Jul 2020 09:41:00 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 29D0E1A8F7 for ; Wed, 22 Jul 2020 09:40:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595413691; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=RdK7lgl7i8FZsKCBhuK0bdttg2MVH7gjy1+jQf+Vr1Y=; b=WKKIWm7J8g7zPPx41brpZ767AayATHcumme0Rgy1neoZTbSC9GIikX5w5JEb7x4q4HPp6e vrpETpj6G6K/23fRTYzUNRj+w/lof2kDDWX0+z7DhScQHZ3yILrWWA95JIQsvipx2mc8XQ ct1oYvRzRCK/fhEfJKld9hRSWlGwx3I= X-MC-Unique: 7Y6TfcVsNZSSU4XlqZ4PQA-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 18/34] qemuDomainBuildNamespace: Populate hostdevs from daemon's namespace Date: Wed, 22 Jul 2020 11:40:12 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" As mentioned in one of previous commits, populating domain's namespace from pre-exec() hook is dangerous. This commit moves population of the namespace with domain hostdevs into daemon's namespace. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 43 ++++++++++++++++---------------- 1 file changed, 21 insertions(+), 22 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 61f7846009..2517832a8d 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -555,19 +555,22 @@ qemuDomainSetupAllDisks(virDomainObjPtr vm, =20 =20 static int -qemuDomainSetupHostdev(virDomainHostdevDefPtr dev, - const struct qemuDomainCreateDeviceData *data) +qemuDomainSetupHostdev(virDomainObjPtr vm, + virDomainHostdevDefPtr hostdev, + bool hotplug, + char ***paths) { g_autofree char *path =3D NULL; =20 - if (qemuDomainGetHostdevPath(dev, &path, NULL) < 0) + if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) return -1; =20 - if (path && qemuDomainCreateDevice(path, data, false) < 0) + if (path && virStringListAdd(paths, path) < 0) return -1; =20 - if (qemuHostdevNeedsVFIO(dev) && - qemuDomainCreateDevice(QEMU_DEV_VFIO, data, false) < 0) + if (qemuHostdevNeedsVFIO(hostdev) && + (!hotplug || !qemuDomainNeedsVFIO(vm->def)) && + virStringListAdd(paths, QEMU_DEV_VFIO) < 0) return -1; =20 return 0; @@ -576,14 +579,16 @@ qemuDomainSetupHostdev(virDomainHostdevDefPtr dev, =20 static int qemuDomainSetupAllHostdevs(virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { size_t i; =20 VIR_DEBUG("Setting up hostdevs"); for (i =3D 0; i < vm->def->nhostdevs; i++) { - if (qemuDomainSetupHostdev(vm->def->hostdevs[i], - data) < 0) + if (qemuDomainSetupHostdev(vm, + vm->def->hostdevs[i], + false, + paths) < 0) return -1; } VIR_DEBUG("Setup all hostdevs"); @@ -866,6 +871,9 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupAllDisks(vm, &paths) < 0) return -1; =20 + if (qemuDomainSetupAllHostdevs(vm, &paths) < 0) + return -1; + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 @@ -917,9 +925,6 @@ qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupDev(mgr, vm, devPath) < 0) goto cleanup; =20 - if (qemuDomainSetupAllHostdevs(vm, &data) < 0) - goto cleanup; - if (qemuDomainSetupAllMemories(vm, &data) < 0) goto cleanup; =20 @@ -1681,21 +1686,15 @@ int qemuDomainNamespaceSetupHostdev(virDomainObjPtr vm, virDomainHostdevDefPtr hostdev) { - g_autofree char *path =3D NULL; VIR_AUTOSTRINGLIST paths =3D NULL; =20 if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) return 0; =20 - if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) - return -1; - - if (path && virStringListAdd(&paths, path) < 0) - return -1; - - if (qemuHostdevNeedsVFIO(hostdev) && - !qemuDomainNeedsVFIO(vm->def) && - virStringListAdd(&paths, QEMU_DEV_VFIO) < 0) + if (qemuDomainSetupHostdev(vm, + hostdev, + true, + &paths) < 0) return -1; =20 if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595410926; cv=none; d=zohomail.com; s=zohoarc; b=k77anbJmGeUlrXuuGUrB4GksCPnseSXsMKtsjsDF9GF0vgiJW2OCCaXoHKtP/Bei55Q8WR3KUHFnrzTaUcSUet7RdwwLJFhdF7lK+6IFOf0kFR9zKJcqbf7RHyALJ4vzZX+1rePlA9SzfQTXJivXzMQm07pQ1jz4H1P/nYPbOtU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595410926; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Q1Eg5koXy/J3nskKnZ3dEqpvqbCL2+3rSF/ut/dPQtI=; b=aS9yDPJvRf8S6AV3gGYFkQkCRSF2tFN6FCyEAW1BBwIgwX/1Tx4REnH/PvAZDRpryW9orENcgKi5UeJt1gwmQSzCWvv9DejLAmhodu3FRtVdHKKWFT+0dcW+a99i5iUnqInlSYUqKbne3Z6dJxX2q1qWH0l7mjCCKqEF4ieHfXE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1595410926627378.980603859951; Wed, 22 Jul 2020 02:42:06 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-344-VvZgND4SOSShSrRVU4ueaQ-1; Wed, 22 Jul 2020 05:41:11 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A09D391279; Wed, 22 Jul 2020 09:41:05 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 82B00726A7; Wed, 22 Jul 2020 09:41:05 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 51BC01800FEE; Wed, 22 Jul 2020 09:41:05 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9f1Lv000997 for ; Wed, 22 Jul 2020 05:41:01 -0400 Received: by smtp.corp.redhat.com (Postfix) id 8BCFE1A8F7; Wed, 22 Jul 2020 09:41:01 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0B0602855B for ; Wed, 22 Jul 2020 09:41:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595410925; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Q1Eg5koXy/J3nskKnZ3dEqpvqbCL2+3rSF/ut/dPQtI=; b=LNU2sax+0CPoLPVTx2bLeucvbEa2BtpBpuS6CYlFspH78l8GVPf0rZJ29SyGqu5Mbr/p/R 1wcHn6n0AQlDYuhmgnNFOFurXpJzeTsaEFG2ZAEO7R0QH3VelEcYVHAMy8dzH3XpRpiimK EaHRXSygHOaKbZv4CVyqvWPkpnoAEvg= X-MC-Unique: VvZgND4SOSShSrRVU4ueaQ-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 19/34] qemuDomainBuildNamespace: Populate memory from daemon's namespace Date: Wed, 22 Jul 2020 11:40:13 +0200 Message-Id: <04f984a3abb8c9f7079cad38cb50fb0f1fbd8250.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" As mentioned in one of previous commits, populating domain's namespace from pre-exec() hook is dangerous. This commit moves population of the namespace with domain memory (nvdimms) into daemon's namespace. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 2517832a8d..bafb08fac8 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -598,25 +598,25 @@ qemuDomainSetupAllHostdevs(virDomainObjPtr vm, =20 static int qemuDomainSetupMemory(virDomainMemoryDefPtr mem, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM) return 0; =20 - return qemuDomainCreateDevice(mem->nvdimmPath, data, false); + return virStringListAdd(paths, mem->nvdimmPath); } =20 =20 static int qemuDomainSetupAllMemories(virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { size_t i; =20 VIR_DEBUG("Setting up memories"); for (i =3D 0; i < vm->def->nmems; i++) { if (qemuDomainSetupMemory(vm->def->mems[i], - data) < 0) + paths) < 0) return -1; } VIR_DEBUG("Setup all memories"); @@ -874,6 +874,9 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupAllHostdevs(vm, &paths) < 0) return -1; =20 + if (qemuDomainSetupAllMemories(vm, &paths) < 0) + return -1; + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 @@ -925,9 +928,6 @@ qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupDev(mgr, vm, devPath) < 0) goto cleanup; =20 - if (qemuDomainSetupAllMemories(vm, &data) < 0) - goto cleanup; - if (qemuDomainSetupAllChardevs(vm, &data) < 0) goto cleanup; =20 @@ -1743,13 +1743,15 @@ int qemuDomainNamespaceSetupMemory(virDomainObjPtr vm, virDomainMemoryDefPtr mem) { + VIR_AUTOSTRINGLIST paths =3D NULL; + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) return 0; =20 - if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM) - return 0; + if (qemuDomainSetupMemory(mem, &paths) < 0) + return -1; =20 - if (qemuDomainNamespaceMknodPath(vm, mem->nvdimmPath) < 0) + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 return 0; --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411104; cv=none; d=zohomail.com; s=zohoarc; b=UtcLR6jyUrm/WLYH0lfKwXNrIplrecwzB29Kyi2oMVoH1wolk+DBAlm8kunAeRz3kfqEQvHjDWSTO/mAVsDh0xoIWzFV0H/fq48fV7nkU7aSKSUI1O+yozP+QWva8gtMfrDOdmPlb7BbhQsZzPoL+5SAGrj9mumc8Q5FJ/Y+0kQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411104; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=sa3lJ0C27SIbvAZ77/Z0aPYN2GciI9jiHakpndiEhlA=; b=YNDis0x3fluWzvZB3OuaQOkrdY8DvDSNctyV10V1sGeTGqsnM7l7S4XITU2XTr62juiz4v/Hqg18d5W6YFHlv6c4Tc+hdLfhOdo0PpSczlHp7XDjY8ADSAtAwITK2rcWw5OoPzueUToWfRiBT/t8qyYxO7zC8XdzSvFQH/TaxSk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1595411104943965.5305184303421; Wed, 22 Jul 2020 02:45:04 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-108-TzciLSD_N0u4DwIse7VTDA-1; Wed, 22 Jul 2020 05:44:06 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 19A8618C63D1; Wed, 22 Jul 2020 09:44:01 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E2F69726AE; Wed, 22 Jul 2020 09:44:00 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B2886730F1; Wed, 22 Jul 2020 09:44:00 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9f2V8001009 for ; Wed, 22 Jul 2020 05:41:02 -0400 Received: by smtp.corp.redhat.com (Postfix) id 712941A8F7; Wed, 22 Jul 2020 09:41:02 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id E08AD2855B for ; Wed, 22 Jul 2020 09:41:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411103; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=sa3lJ0C27SIbvAZ77/Z0aPYN2GciI9jiHakpndiEhlA=; b=TT52+7ry24hFVEuQziBFYjrSkov/RQnQZ3psyGpmp3RMLvwXCX6lCssdw+M6GuOzmy+5M1 aNCXQId/Pxphsj8RplJ6icX09mtHJzNWTKGp+NFEfDf/gRjBiMuyWlyTh3H4nNKKkFJCyu 7ja6hNeouqTrojZywRN8X0+dcFS+sYo= X-MC-Unique: TzciLSD_N0u4DwIse7VTDA-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 20/34] qemuDomainBuildNamespace: Populate chardevs from daemon's namespace Date: Wed, 22 Jul 2020 11:40:14 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" As mentioned in one of previous commits, populating domain's namespace from pre-exec() hook is dangerous. This commit moves population of the namespace with domain chardevs into daemon's namespace. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 27 +++++++++++---------------- 1 file changed, 11 insertions(+), 16 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index bafb08fac8..36d22b42f2 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -629,7 +629,7 @@ qemuDomainSetupChardev(virDomainDefPtr def G_GNUC_UNUSE= D, virDomainChrDefPtr dev, void *opaque) { - const struct qemuDomainCreateDeviceData *data =3D opaque; + char ***paths =3D opaque; const char *path =3D NULL; =20 if (!(path =3D virDomainChrSourceDefGetPath(dev->source))) @@ -640,20 +640,20 @@ qemuDomainSetupChardev(virDomainDefPtr def G_GNUC_UNU= SED, dev->source->data.nix.listen) return 0; =20 - return qemuDomainCreateDevice(path, data, true); + return virStringListAdd(paths, path); } =20 =20 static int qemuDomainSetupAllChardevs(virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { VIR_DEBUG("Setting up chardevs"); =20 if (virDomainChrDefForeach(vm->def, true, qemuDomainSetupChardev, - (void *)data) < 0) + paths) < 0) return -1; =20 VIR_DEBUG("Setup all chardevs"); @@ -877,6 +877,9 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupAllMemories(vm, &paths) < 0) return -1; =20 + if (qemuDomainSetupAllChardevs(vm, &paths) < 0) + return -1; + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 @@ -928,9 +931,6 @@ qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupDev(mgr, vm, devPath) < 0) goto cleanup; =20 - if (qemuDomainSetupAllChardevs(vm, &data) < 0) - goto cleanup; - if (qemuDomainSetupAllTPMs(vm, &data) < 0) goto cleanup; =20 @@ -1779,20 +1779,15 @@ int qemuDomainNamespaceSetupChardev(virDomainObjPtr vm, virDomainChrDefPtr chr) { - const char *path; + VIR_AUTOSTRINGLIST paths =3D NULL; =20 if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) return 0; =20 - if (!(path =3D virDomainChrSourceDefGetPath(chr->source))) - return 0; + if (qemuDomainSetupChardev(vm->def, chr, &paths) < 0) + return -1; =20 - /* Socket created by qemu. It doesn't exist upfront. */ - if (chr->source->type =3D=3D VIR_DOMAIN_CHR_TYPE_UNIX && - chr->source->data.nix.listen) - return 0; - - if (qemuDomainNamespaceMknodPath(vm, path) < 0) + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 return 0; --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411052; cv=none; d=zohomail.com; s=zohoarc; b=WI3GhzjEw/OYpU3+NkfLSgxcshg5U0LpovLQ67poBdp0ZsL+bhBRYWs9WyOKV6bHHmg7smEG5c3bhiOPomL+lluaxAxFyCTmeyzTzmDFtCj8qwZ6aQzySK3qe5FKUjeddLzTfDS1qGrVE+huWIsNaOmLsaQDv1XLx4tL73Z1Kfs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411052; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=S0QvnSnQF/NiqQPDoCXIuX0dpAgzaU3KhU6g2NlBaNg=; b=I0uLJtpJJ3F1AFY8a9azwBVDDCbGSeZaDxATemfzEYJU1HC7yXxGZGR0K+pIMbStAB2dPLqX1Ssq+uziMNRrRKD2LhP121tqzd3oFtzdLEYC2p7LIsvWnat4vUXXS57m6vK2EGpPj6TWb2R9W37siWDv1PKBbBHdOaByJJK3m/A= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1595411052419208.8520616162765; Wed, 22 Jul 2020 02:44:12 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-328-7i-PqzKsN0mdq294WzEZrQ-1; Wed, 22 Jul 2020 05:44:08 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 686758015FB; Wed, 22 Jul 2020 09:44:03 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 46F4F8AD1C; Wed, 22 Jul 2020 09:44:03 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 16E67730F4; Wed, 22 Jul 2020 09:44:03 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9f3rh001021 for ; Wed, 22 Jul 2020 05:41:03 -0400 Received: by smtp.corp.redhat.com (Postfix) id 524892B5BF; Wed, 22 Jul 2020 09:41:03 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id C54F72B6DB for ; Wed, 22 Jul 2020 09:41:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411051; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=S0QvnSnQF/NiqQPDoCXIuX0dpAgzaU3KhU6g2NlBaNg=; b=YMVet0b5+58lHDlpauC8SVblAwttsgoL6z67gK2GqNIwj8ys7H20RE+RaxbWOG4p+5NykE SCjgjDBHdYr0Yz4IKlpOtLhZdP4o4hUHNKAWLY3XQk+Yg8M5xqitODBSePiR55MtxITG2O u/2o0hZ2MPl3nNlL4IA9YGwIpIxmGZA= X-MC-Unique: 7i-PqzKsN0mdq294WzEZrQ-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 21/34] qemuDomainBuildNamespace: Populate TPM from daemon's namespace Date: Wed, 22 Jul 2020 11:40:15 +0200 Message-Id: <879763a9b37c5f628a6364c08a5efa9f9d6a1875.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" As mentioned in one of previous commits, populating domain's namespace from pre-exec() hook is dangerous. This commit moves population of the namespace with domain TPM into daemon's namespace. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 36d22b42f2..138dc63489 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -663,12 +663,11 @@ qemuDomainSetupAllChardevs(virDomainObjPtr vm, =20 static int qemuDomainSetupTPM(virDomainTPMDefPtr dev, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { switch (dev->type) { case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: - if (qemuDomainCreateDevice(dev->data.passthrough.source.data.file.= path, - data, false) < 0) + if (virStringListAdd(paths, dev->data.passthrough.source.data.file= .path) < 0) return -1; break; =20 @@ -684,14 +683,14 @@ qemuDomainSetupTPM(virDomainTPMDefPtr dev, =20 static int qemuDomainSetupAllTPMs(virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { size_t i; =20 VIR_DEBUG("Setting up TPMs"); =20 for (i =3D 0; i < vm->def->ntpms; i++) { - if (qemuDomainSetupTPM(vm->def->tpms[i], data) < 0) + if (qemuDomainSetupTPM(vm->def->tpms[i], paths) < 0) return -1; } =20 @@ -880,6 +879,9 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupAllChardevs(vm, &paths) < 0) return -1; =20 + if (qemuDomainSetupAllTPMs(vm, &paths) < 0) + return -1; + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 @@ -931,9 +933,6 @@ qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupDev(mgr, vm, devPath) < 0) goto cleanup; =20 - if (qemuDomainSetupAllTPMs(vm, &data) < 0) - goto cleanup; - if (qemuDomainSetupAllGraphics(vm, &data) < 0) goto cleanup; =20 --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411057; cv=none; d=zohomail.com; s=zohoarc; b=AIjVTHkm2ohFsVZRiTI6caWwQCnZdpRS4LVpbQkcR9V0OMBEKMPg6V1p1JCbdSGIsC7iDc5wXyyJIk4nVzQUfKqksM5d3Bzyimgm1670vayhaYqmJzxWloAqTLG7APkJ65gMdjrm2HsNZomw0JJbmFuSvRstgjXEDR1IpsrGAnQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411057; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=xTvXu85woPqnOyfO+7EIw4/+wLEW4mwfwCIE5HHA4yg=; b=jhVxV7nc2sWXk/witxCh4cq/51OGbnelS8utmUr7+JeS2w/ltLeU3n1zUEeIk1vN4J+8W5Z5z1pMDiXg6uf/lm6yca7CRP36Qfl9WY8DJS2FQ0Ij4BAoyBQjEkSKQrbYVxT6LaRUQfhbpho0RwuYJYPc+1oum+CewMpNx4xw7DA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1595411057176372.7411596023642; Wed, 22 Jul 2020 02:44:17 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-322-DRiqy9aJOE-XoV9qqGjIBA-1; Wed, 22 Jul 2020 05:44:13 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B6F93100CCC7; Wed, 22 Jul 2020 09:44:06 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 943C96FEFE; Wed, 22 Jul 2020 09:44:06 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 62313730F7; Wed, 22 Jul 2020 09:44:06 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9f4kh001029 for ; Wed, 22 Jul 2020 05:41:04 -0400 Received: by smtp.corp.redhat.com (Postfix) id 34AD22B6DB; Wed, 22 Jul 2020 09:41:04 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id A69822B5BF for ; Wed, 22 Jul 2020 09:41:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411055; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=xTvXu85woPqnOyfO+7EIw4/+wLEW4mwfwCIE5HHA4yg=; b=KxEj/6eOU6qYcw7knSkRvWk1mwCLUiGSocLO5uj3wxIqsxrTbE/sftrrrgpF0uM9jds42k UJ5nwIvua7AWj8zZ9ladVflkTWIg6S7iz/uzbg039b6KHrNuw1pnfdn5qJBWkC3h1++ASw UcIUC1IjYN3ml7qj0WHpEe0ODEc3IzA= X-MC-Unique: DRiqy9aJOE-XoV9qqGjIBA-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 22/34] qemuDomainBuildNamespace: Populate graphics from daemon's namespace Date: Wed, 22 Jul 2020 11:40:16 +0200 Message-Id: <11f939f231915325db4b5d36c26b60e2ce1e9b18.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" As mentioned in one of previous commits, populating domain's namespace from pre-exec() hook is dangerous. This commit moves population of the namespace with domain graphics (render node) into daemon's namespace. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 138dc63489..8a77c067c8 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -701,27 +701,27 @@ qemuDomainSetupAllTPMs(virDomainObjPtr vm, =20 static int qemuDomainSetupGraphics(virDomainGraphicsDefPtr gfx, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { const char *rendernode =3D virDomainGraphicsGetRenderNode(gfx); =20 if (!rendernode) return 0; =20 - return qemuDomainCreateDevice(rendernode, data, false); + return virStringListAdd(paths, rendernode); } =20 =20 static int qemuDomainSetupAllGraphics(virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { size_t i; =20 VIR_DEBUG("Setting up graphics"); for (i =3D 0; i < vm->def->ngraphics; i++) { if (qemuDomainSetupGraphics(vm->def->graphics[i], - data) < 0) + paths) < 0) return -1; } =20 @@ -882,6 +882,9 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupAllTPMs(vm, &paths) < 0) return -1; =20 + if (qemuDomainSetupAllGraphics(vm, &paths) < 0) + return -1; + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 @@ -933,9 +936,6 @@ qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupDev(mgr, vm, devPath) < 0) goto cleanup; =20 - if (qemuDomainSetupAllGraphics(vm, &data) < 0) - goto cleanup; - if (qemuDomainSetupAllInputs(vm, &data) < 0) goto cleanup; =20 --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595413744; cv=none; d=zohomail.com; s=zohoarc; b=BMYyYuXR9X9lsO7EATHsKl4Itkvh6XAUYTfPmyrZakCVw0vUufvGSQ96VG2cNaySoNlpXTMObVF2CS/0iWhxa8PoCIphkrFC9VoFQGJSEFqkgzUUiCvpf1hucC+jId117vXuQDY1yuQKI6rFE1kC2aH7OOlyQhRc2bOgwaVA7s8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595413744; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Aft7NoS1BDnmt18OBaPwb384UPZhd8Lscm1QQaiVOiE=; b=F7grmbq+LZvoRckXeLARq9MyqPjvpNX++J4NvIcjGy5oPQB8UNxDFuxtDqICWX/ykX9TOjO+eIzSax11FLkCEmoYwE7uyfQzzUIzmTldeU5GjCi6eie3Mx4XB3VHTbyNE3JqWczRtk8TQFsZGIsKxuyyAzQnoM6knJUevDf48Jc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 1595413744237461.9756572113786; Wed, 22 Jul 2020 03:29:04 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-488-zKh2_kLoM1aYzWssvpGoCg-1; Wed, 22 Jul 2020 06:28:12 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B1A65805721; Wed, 22 Jul 2020 10:28:06 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 92B141B46C; Wed, 22 Jul 2020 10:28:06 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 61B311809554; Wed, 22 Jul 2020 10:28:06 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9f5E4001040 for ; Wed, 22 Jul 2020 05:41:05 -0400 Received: by smtp.corp.redhat.com (Postfix) id 15D222B6DB; Wed, 22 Jul 2020 09:41:05 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 893C52B5BF for ; Wed, 22 Jul 2020 09:41:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595413743; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Aft7NoS1BDnmt18OBaPwb384UPZhd8Lscm1QQaiVOiE=; b=MZ/FMb+qUwMXEBRH99iyqDrL93VszrJOUGwh54+1T72WoU0Zkx4O6drOUflUlwg/FCrDgM 8SJHYaz6IJLMgRyEGdCjL19+1d6KBYkDWSidGSsMD9dQzrxAsPfh4lB2se7PZCPJNo3uyX kmu4xyq+GnPzpaoJg9P+/j6T6gmipgU= X-MC-Unique: zKh2_kLoM1aYzWssvpGoCg-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 23/34] qemuDomainBuildNamespace: Populate inputs from daemon's namespace Date: Wed, 22 Jul 2020 11:40:17 +0200 Message-Id: <5bfb21ef48f5365223494f63c28c16f0fd67deb1.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" As mentioned in one of previous commits, populating domain's namespace from pre-exec() hook is dangerous. This commit moves population of the namespace with domain inputs into daemon's namespace. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 8a77c067c8..f709fbb616 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -732,11 +732,11 @@ qemuDomainSetupAllGraphics(virDomainObjPtr vm, =20 static int qemuDomainSetupInput(virDomainInputDefPtr input, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { const char *path =3D virDomainInputDefGetPath(input); =20 - if (path && qemuDomainCreateDevice(path, data, false) < 0) + if (path && virStringListAdd(paths, path) < 0) return -1; =20 return 0; @@ -745,14 +745,14 @@ qemuDomainSetupInput(virDomainInputDefPtr input, =20 static int qemuDomainSetupAllInputs(virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { size_t i; =20 VIR_DEBUG("Setting up inputs"); for (i =3D 0; i < vm->def->ninputs; i++) { if (qemuDomainSetupInput(vm->def->inputs[i], - data) < 0) + paths) < 0) return -1; } VIR_DEBUG("Setup all inputs"); @@ -885,6 +885,9 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupAllGraphics(vm, &paths) < 0) return -1; =20 + if (qemuDomainSetupAllInputs(vm, &paths) < 0) + return -1; + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 @@ -936,9 +939,6 @@ qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupDev(mgr, vm, devPath) < 0) goto cleanup; =20 - if (qemuDomainSetupAllInputs(vm, &data) < 0) - goto cleanup; - if (qemuDomainSetupAllRNGs(vm, &data) < 0) goto cleanup; =20 @@ -1872,15 +1872,15 @@ int qemuDomainNamespaceSetupInput(virDomainObjPtr vm, virDomainInputDefPtr input) { - const char *path =3D NULL; + VIR_AUTOSTRINGLIST paths =3D NULL; =20 if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) return 0; =20 - if (!(path =3D virDomainInputDefGetPath(input))) - return 0; + if (qemuDomainSetupInput(input, &paths) < 0) + return -1; =20 - if (path && qemuDomainNamespaceMknodPath(vm, path) < 0) + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; return 0; } --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411058; cv=none; d=zohomail.com; s=zohoarc; b=FVoXiyd780z4vK8hAWk4S7vo81OZH0eGW0Vblx3Ro/GyKpzldLayHX79IRr/ozYwm/uWCu95+BIfnS0uOsvGKPagOfxDVwaqdaVM+oaaxtQtZKGSZC1AAbWGFaZCG0V8MPCUHeTTSM2muueOLNOeTvvkNq8eNGnDLs5oy9Q5Oz8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411058; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=x2Y35sOdEPCfFmUiWn8vi0DPtEAU6krW1ZmGfUHmgV0=; b=P9ywbKI4qaHIHYGXj01g04b30gWq3vMMZDP3RtRcdvWyR4EA4QRYZHtRuy3jOQoYC/ZtJJzVZ2/gt+Gjv99X8UFXDXFPB9o6dSHOU78eh0WjZ+YiUIOlQj49e4JUnyC1pQLKpPNbZA4jgfLb+xeimRna6ninSfLWOxHPlkk1APU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1595411058155919.0953618316448; Wed, 22 Jul 2020 02:44:18 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-93-84f25NY3OqKUQZN0nrisHw-1; Wed, 22 Jul 2020 05:44:14 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 026F5100CCC2; Wed, 22 Jul 2020 09:44:09 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D449A2B6DB; Wed, 22 Jul 2020 09:44:08 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id A61EB730FB; Wed, 22 Jul 2020 09:44:08 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9f5ZC001048 for ; Wed, 22 Jul 2020 05:41:05 -0400 Received: by smtp.corp.redhat.com (Postfix) id EB78B2B5BF; Wed, 22 Jul 2020 09:41:05 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6ABD22B6DB for ; Wed, 22 Jul 2020 09:41:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411057; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=x2Y35sOdEPCfFmUiWn8vi0DPtEAU6krW1ZmGfUHmgV0=; b=bp0n1gyiYT0nGfvE3fUFEbGtKDoGgkUo+1/Ybo7n57J9Oe0CTJ8/FMbTaZCWRYhibSUWTh 0q1s1/dNmjfJ/Nzu+hfen0eipa2hDu6wxTYdwi8j2U/LVhzmMKXEW8DY88hYasbQf3Eq9R PO/3A/TwX/JMzVRv1T7rw4Fce+GW12g= X-MC-Unique: 84f25NY3OqKUQZN0nrisHw-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 24/34] qemuDomainBuildNamespace: Populate RNGs from daemon's namespace Date: Wed, 22 Jul 2020 11:40:18 +0200 Message-Id: <7dd494c43a2d96839fc4b03c15fa1ce90665bf04.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" As mentioned in one of previous commits, populating domain's namespace from pre-exec() hook is dangerous. This commit moves population of the namespace with domain RNGs into daemon's namespace. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 40 +++++++++----------------------- 1 file changed, 11 insertions(+), 29 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index f709fbb616..2ab10cb9f0 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -762,11 +762,11 @@ qemuDomainSetupAllInputs(virDomainObjPtr vm, =20 static int qemuDomainSetupRNG(virDomainRNGDefPtr rng, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { switch ((virDomainRNGBackend) rng->backend) { case VIR_DOMAIN_RNG_BACKEND_RANDOM: - if (qemuDomainCreateDevice(rng->source.file, data, false) < 0) + if (virStringListAdd(paths, rng->source.file) < 0) return -1; break; =20 @@ -783,14 +783,14 @@ qemuDomainSetupRNG(virDomainRNGDefPtr rng, =20 static int qemuDomainSetupAllRNGs(virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { size_t i; =20 VIR_DEBUG("Setting up RNGs"); for (i =3D 0; i < vm->def->nrngs; i++) { if (qemuDomainSetupRNG(vm->def->rngs[i], - data) < 0) + paths) < 0) return -1; } =20 @@ -888,6 +888,9 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupAllInputs(vm, &paths) < 0) return -1; =20 + if (qemuDomainSetupAllRNGs(vm, &paths) < 0) + return -1; + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 @@ -939,9 +942,6 @@ qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupDev(mgr, vm, devPath) < 0) goto cleanup; =20 - if (qemuDomainSetupAllRNGs(vm, &data) < 0) - goto cleanup; - if (qemuDomainSetupLoader(vm, &data) < 0) goto cleanup; =20 @@ -1581,16 +1581,6 @@ qemuDomainDetachDeviceUnlink(virQEMUDriverPtr driver= G_GNUC_UNUSED, } =20 =20 -static int -qemuDomainNamespaceMknodPath(virDomainObjPtr vm, - const char *path) -{ - const char *paths[] =3D { path, NULL }; - - return qemuDomainNamespaceMknodPaths(vm, paths); -} - - static int qemuDomainNamespaceUnlinkPaths(virDomainObjPtr vm, const char **paths, @@ -1818,23 +1808,15 @@ int qemuDomainNamespaceSetupRNG(virDomainObjPtr vm, virDomainRNGDefPtr rng) { - const char *path =3D NULL; + VIR_AUTOSTRINGLIST paths =3D NULL; =20 if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) return 0; =20 - switch ((virDomainRNGBackend) rng->backend) { - case VIR_DOMAIN_RNG_BACKEND_RANDOM: - path =3D rng->source.file; - break; + if (qemuDomainSetupRNG(rng, &paths) < 0) + return -1; =20 - case VIR_DOMAIN_RNG_BACKEND_EGD: - case VIR_DOMAIN_RNG_BACKEND_BUILTIN: - case VIR_DOMAIN_RNG_BACKEND_LAST: - break; - } - - if (path && qemuDomainNamespaceMknodPath(vm, path) < 0) + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 return 0; --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595410879; cv=none; d=zohomail.com; s=zohoarc; b=Q8nf8m1YTzykKZHXfm9LbPwVwl0BfehOI27APRmGq+9qO7lCGVERJ9FxO6JElmPfbQYlE9NWu7U2ADtxtCoLwi06A3izd9U8jUlfeO2u55uNWHYRg7XCmpUEUyOSanNUNjifhkpjJr2MMvutn6dR0T6V2iAfroslXqCFg8QhX1g= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595410879; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=jbbZHnlOf8fxjIWNaQAW22PXfp3Aqi0pxagpzY0t2lM=; b=dln/7UojsHq83xU7bNdA2oAm/ROUqYM9n9yT3EJKGens4TCpSCRiH89VtbUPgDgam9dFAKT3srv6LXH8ZLzSn9QaqJ9DCdKew2H91xXWiGS6egud3O0By+0nEM06YyGirpVXFZ7pXLAP4d32FSZVI2iuUhEvKMPGN8A7fC+1XsI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 1595410879730131.0751794763538; Wed, 22 Jul 2020 02:41:19 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-215-wBm110sJNEWIkmYcZXyy2w-1; Wed, 22 Jul 2020 05:41:16 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7B2B291276; Wed, 22 Jul 2020 09:41:11 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5B6995D9CA; Wed, 22 Jul 2020 09:41:11 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2C009730E9; Wed, 22 Jul 2020 09:41:11 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9f6gX001056 for ; Wed, 22 Jul 2020 05:41:06 -0400 Received: by smtp.corp.redhat.com (Postfix) id CC59C2B6DB; Wed, 22 Jul 2020 09:41:06 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4BA762B5BF for ; Wed, 22 Jul 2020 09:41:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595410878; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=jbbZHnlOf8fxjIWNaQAW22PXfp3Aqi0pxagpzY0t2lM=; b=d1MfN7mTVsRLFWuLea9yiOSTaJm6RfUfJK1lKlbL/ILIys5BRuhJJaXcjLIBQU+HGWT5RQ JzlqANgJWbEgg8ec97BdThBDUQuLi4K0winrXoBTgHo15U+ynjU1XV7HfhXvau8/TllRXq mlWmhJj9/RuZUE1A1FGgjmApF6rTxsY= X-MC-Unique: wBm110sJNEWIkmYcZXyy2w-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 25/34] qemuDomainBuildNamespace: Populate loader from daemon's namespace Date: Wed, 22 Jul 2020 11:40:19 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" As mentioned in one of previous commits, populating domain's namespace from pre-exec() hook is dangerous. This commit moves population of the namespace with domain loader into daemon's namespace. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 2ab10cb9f0..66c6cedadf 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -801,7 +801,7 @@ qemuDomainSetupAllRNGs(virDomainObjPtr vm, =20 static int qemuDomainSetupLoader(virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { virDomainLoaderDefPtr loader =3D vm->def->os.loader; =20 @@ -810,16 +810,16 @@ qemuDomainSetupLoader(virDomainObjPtr vm, if (loader) { switch ((virDomainLoader) loader->type) { case VIR_DOMAIN_LOADER_TYPE_ROM: - if (qemuDomainCreateDevice(loader->path, data, false) < 0) + if (virStringListAdd(paths, loader->path) < 0) return -1; break; =20 case VIR_DOMAIN_LOADER_TYPE_PFLASH: - if (qemuDomainCreateDevice(loader->path, data, false) < 0) + if (virStringListAdd(paths, loader->path) < 0) return -1; =20 if (loader->nvram && - qemuDomainCreateDevice(loader->nvram, data, false) < 0) + virStringListAdd(paths, loader->nvram) < 0) return -1; break; =20 @@ -891,6 +891,9 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupAllRNGs(vm, &paths) < 0) return -1; =20 + if (qemuDomainSetupLoader(vm, &paths) < 0) + return -1; + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 @@ -942,9 +945,6 @@ qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupDev(mgr, vm, devPath) < 0) goto cleanup; =20 - if (qemuDomainSetupLoader(vm, &data) < 0) - goto cleanup; - if (qemuDomainSetupLaunchSecurity(vm, &data) < 0) goto cleanup; =20 --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595413746; cv=none; d=zohomail.com; s=zohoarc; b=Sxuq6hXzKz06/diL9nysGvoltZRxG+w5D4//iP6ZbBtpusxgib8iwnYNBF4EhlxqWBPvVP4j+TWg+I+HIer7TxkEdsnEcwAz21vzRUR8mmsVwdDLpMu/pZ/zV8vlIhHQ/R3iggUJCGKqNxC/916pUCK06mmAi7D1LBWklReYyPE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595413746; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=++m4ULfHpSqasOd5SG89C73JmAv47/az21wO6A1y4Mw=; b=KKUYYvmOdySwr1vari7MZgPqGBKoz75JZMfXPJ6Jyc6c/ZHfAV7f5ZdAMpNskuT3RVdUse9ViFlj4k8ibDq17hkdQPunRvYQbMsJTM0oPOJu7xfcJQQMfRagMNIYTOJ1gbY//YT0DkL19YuanYRaXGgdmASUCMfQCl61nqqHb80= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1595413746967378.2386928945507; Wed, 22 Jul 2020 03:29:06 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-374-NgqfpCQnPyqslFSlOATXsQ-1; Wed, 22 Jul 2020 06:28:14 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 1C4C280046D; Wed, 22 Jul 2020 10:28:09 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id EDE6128559; Wed, 22 Jul 2020 10:28:08 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id C0805730EE; Wed, 22 Jul 2020 10:28:08 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9f7fw001069 for ; Wed, 22 Jul 2020 05:41:07 -0400 Received: by smtp.corp.redhat.com (Postfix) id ADA2A2B6DB; Wed, 22 Jul 2020 09:41:07 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2CA782DE68 for ; Wed, 22 Jul 2020 09:41:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595413745; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=++m4ULfHpSqasOd5SG89C73JmAv47/az21wO6A1y4Mw=; b=Fhv4XKYpjKtiSMulZV+bHOlGlPrB4rqIXkuPvNHsj6HkHOOzTE11BnnF+kFqWVqp0XmThK HL0Te4CB9sbAzdNjDiWqRbz7hdJa2qZkm1F5JeiN5L0DGHhUxXipDMV7oOruDqZZ7HoxjP oYq1W09V9PyZ7OXe7u6BcGqQnlR1WAE= X-MC-Unique: NgqfpCQnPyqslFSlOATXsQ-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 26/34] qemuDomainBuildNamespace: Populate SEV from daemon's namespace Date: Wed, 22 Jul 2020 11:40:20 +0200 Message-Id: <57ebb6e76ce38db7475886a3080972aa11f73c99.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" As mentioned in one of previous commits, populating domain's namespace from pre-exec() hook is dangerous. This commit moves population of the namespace with domain SEV into daemon's namespace. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 66c6cedadf..e569b1dbe1 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -421,7 +421,7 @@ qemuDomainCreateDeviceRecursive(const char *device, } =20 =20 -static int +static int G_GNUC_UNUSED qemuDomainCreateDevice(const char *device, const struct qemuDomainCreateDeviceData *data, bool allow_noent) @@ -836,7 +836,7 @@ qemuDomainSetupLoader(virDomainObjPtr vm, =20 static int qemuDomainSetupLaunchSecurity(virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *dat= a) + char ***paths) { virDomainSEVDefPtr sev =3D vm->def->sev; =20 @@ -845,7 +845,7 @@ qemuDomainSetupLaunchSecurity(virDomainObjPtr vm, =20 VIR_DEBUG("Setting up launch security"); =20 - if (qemuDomainCreateDevice(QEMU_DEV_SEV, data, false) < 0) + if (virStringListAdd(paths, QEMU_DEV_SEV) < 0) return -1; =20 VIR_DEBUG("Set up launch security"); @@ -894,6 +894,9 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupLoader(vm, &paths) < 0) return -1; =20 + if (qemuDomainSetupLaunchSecurity(vm, &paths) < 0) + return -1; + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; =20 @@ -906,7 +909,6 @@ qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, virSecurityManagerPtr mgr, virDomainObjPtr vm) { - struct qemuDomainCreateDeviceData data; const char *devPath =3D NULL; char **devMountsPath =3D NULL, **devMountsSavePath =3D NULL; size_t ndevMountsPath =3D 0, i; @@ -935,19 +937,12 @@ qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, goto cleanup; } =20 - data.path =3D devPath; - data.devMountsPath =3D devMountsPath; - data.ndevMountsPath =3D ndevMountsPath; - if (virProcessSetupPrivateMountNS() < 0) goto cleanup; =20 if (qemuDomainSetupDev(mgr, vm, devPath) < 0) goto cleanup; =20 - if (qemuDomainSetupLaunchSecurity(vm, &data) < 0) - goto cleanup; - /* Save some mount points because we want to share them with the host = */ for (i =3D 0; i < ndevMountsPath; i++) { struct stat sb; --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595413699; cv=none; d=zohomail.com; s=zohoarc; b=l4JdarGpn+zCkFdvpi7nc2W0TsdFUJuB8MICnoO3ghTVADgYd1VtQJF5UuPWVCIg3w1MnvMiGQSP5pFvw7uHWAQZRCcqFpDttkU0zevL1oXjODv87Px2RTj/mCTT4AxFTZouoWdPn+alk9cBBlUTf15bOg7Vka/+XaXKsxmyTao= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595413699; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=pIImdNrb59c5Io7+9w6fHzsXqcliuaaGNw6f6lawMRc=; b=HChkvsPVet7aPhjDAGlj/S2Ivm+ykbJpsGNpxWeDHUFCHdZV/Oon72FBF1iRovWV2cGcunKIC3euETgDclI/kpVQSlLI9//zriMM6O4rgxOjDrMGj34kt9z1+UDiEZ0Q+9D5UK6bVuqglaTC62myIwcE5mEb1z8ZJdkyip6jNNE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1595413699921329.8267554850661; Wed, 22 Jul 2020 03:28:19 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-513-i0x1UYGmMV2DqsQpiIx8PQ-1; Wed, 22 Jul 2020 06:28:16 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 5BAE980BCA5; Wed, 22 Jul 2020 10:28:11 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 377E461176; Wed, 22 Jul 2020 10:28:11 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 07CF6730F5; Wed, 22 Jul 2020 10:28:11 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9f87v001083 for ; Wed, 22 Jul 2020 05:41:08 -0400 Received: by smtp.corp.redhat.com (Postfix) id 8FBA92B6DB; Wed, 22 Jul 2020 09:41:08 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0E6A62B5BF for ; Wed, 22 Jul 2020 09:41:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595413698; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=pIImdNrb59c5Io7+9w6fHzsXqcliuaaGNw6f6lawMRc=; b=V5KEj/ee/e6U356mrQsi0mbncr+QwRf6STVAAC1p0QFIXr+Cp4/twBrGeqCkZQL/TBwFVk 3qRwO233rPZemawK8pTPR3CwcNv8/nzuyIH4DS5jNvFLuL2b0lVB/x85tHgzKHZ05BMc/y +DbFym0TGwbspDGvq4o/5AUHI6D9kb4= X-MC-Unique: i0x1UYGmMV2DqsQpiIx8PQ-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 27/34] qemu_domain_namespace: Drop unused functions Date: Wed, 22 Jul 2020 11:40:21 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" After previous cleanup, creating /dev nodes from pre-exec hook is no longer needed and thus can be removed. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 248 ------------------------------- 1 file changed, 248 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index e569b1dbe1..41d79559f9 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -185,254 +185,6 @@ qemuDomainGetPreservedMounts(virQEMUDriverConfigPtr c= fg, } =20 =20 -struct qemuDomainCreateDeviceData { - const char *path; /* Path to temp new /dev location */ - char * const *devMountsPath; - size_t ndevMountsPath; -}; - - -static int -qemuDomainCreateDeviceRecursive(const char *device, - const struct qemuDomainCreateDeviceData *d= ata, - bool allow_noent, - unsigned int ttl) -{ - g_autofree char *devicePath =3D NULL; - g_autofree char *target =3D NULL; - GStatBuf sb; - int ret =3D -1; - bool isLink =3D false; - bool isDev =3D false; - bool isReg =3D false; - bool isDir =3D false; - bool create =3D false; -#ifdef WITH_SELINUX - char *tcon =3D NULL; -#endif - - if (!ttl) { - virReportSystemError(ELOOP, - _("Too many levels of symbolic links: %s"), - device); - return ret; - } - - if (g_lstat(device, &sb) < 0) { - if (errno =3D=3D ENOENT && allow_noent) { - /* Ignore non-existent device. */ - return 0; - } - virReportSystemError(errno, _("Unable to stat %s"), device); - return ret; - } - - isLink =3D S_ISLNK(sb.st_mode); - isDev =3D S_ISCHR(sb.st_mode) || S_ISBLK(sb.st_mode); - isReg =3D S_ISREG(sb.st_mode) || S_ISFIFO(sb.st_mode) || S_ISSOCK(sb.s= t_mode); - isDir =3D S_ISDIR(sb.st_mode); - - /* Here, @device might be whatever path in the system. We - * should create the path in the namespace iff it's "/dev" - * prefixed. However, if it is a symlink, we need to traverse - * it too (it might point to something in "/dev"). Just - * consider: - * - * /var/sym1 -> /var/sym2 -> /dev/sda (because users can) - * - * This means, "/var/sym1" is not created (it's shared with - * the parent namespace), nor "/var/sym2", but "/dev/sda". - * - * TODO Remove all `.' and `..' from the @device path. - * Otherwise we might get fooled with `/dev/../var/my_image'. - * For now, lets hope callers play nice. - */ - if (STRPREFIX(device, QEMU_DEVPREFIX)) { - size_t i; - - for (i =3D 0; i < data->ndevMountsPath; i++) { - if (STREQ(data->devMountsPath[i], "/dev")) - continue; - if (STRPREFIX(device, data->devMountsPath[i])) - break; - } - - if (i =3D=3D data->ndevMountsPath) { - /* Okay, @device is in /dev but not in any mount point under /= dev. - * Create it. */ - devicePath =3D g_strdup_printf("%s/%s", data->path, - device + strlen(QEMU_DEVPREFIX)); - - if (virFileMakeParentPath(devicePath) < 0) { - virReportSystemError(errno, - _("Unable to create %s"), - devicePath); - goto cleanup; - } - VIR_DEBUG("Creating dev %s", device); - create =3D true; - } else { - VIR_DEBUG("Skipping dev %s because of %s mount point", - device, data->devMountsPath[i]); - } - } - - if (isLink) { - g_autoptr(GError) gerr =3D NULL; - - /* We are dealing with a symlink. Create a dangling symlink and de= scend - * down one level which hopefully creates the symlink's target. */ - if (!(target =3D g_file_read_link(device, &gerr))) { - virReportError(VIR_ERR_SYSTEM_ERROR, - _("failed to resolve symlink %s: %s"), device, = gerr->message); - goto cleanup; - } - - if (create && - symlink(target, devicePath) < 0) { - if (errno =3D=3D EEXIST) { - ret =3D 0; - } else { - virReportSystemError(errno, - _("unable to create symlink %s"), - devicePath); - } - goto cleanup; - } - - /* Tricky part. If the target starts with a slash then we need to = take - * it as it is. Otherwise we need to replace the last component in= the - * original path with the link target: - * /dev/rtc -> rtc0 (want /dev/rtc0) - * /dev/disk/by-id/ata-SanDisk_SDSSDXPS480G_161101402485 -> ../../= sda - * (want /dev/disk/by-id/../../sda) - * /dev/stdout -> /proc/self/fd/1 (no change needed) - */ - if (!g_path_is_absolute(target)) { - g_autofree char *devTmp =3D g_strdup(device); - char *c =3D NULL, *tmp =3D NULL; - - if ((c =3D strrchr(devTmp, '/'))) - *(c + 1) =3D '\0'; - - tmp =3D g_strdup_printf("%s%s", devTmp, target); - VIR_FREE(target); - target =3D g_steal_pointer(&tmp); - } - - if (qemuDomainCreateDeviceRecursive(target, data, - allow_noent, ttl - 1) < 0) - goto cleanup; - } else if (isDev) { - if (create) { - unlink(devicePath); - if (mknod(devicePath, sb.st_mode, sb.st_rdev) < 0) { - virReportSystemError(errno, - _("Failed to make device %s"), - devicePath); - goto cleanup; - } - } - } else if (isReg) { - if (create && - virFileTouch(devicePath, sb.st_mode) < 0) - goto cleanup; - /* Just create the file here so that code below sets - * proper owner and mode. Bind mount only after that. */ - } else if (isDir) { - if (create && - virFileMakePathWithMode(devicePath, sb.st_mode) < 0) { - virReportSystemError(errno, - _("Unable to make dir %s"), - devicePath); - goto cleanup; - } - } else { - virReportError(VIR_ERR_OPERATION_UNSUPPORTED, - _("unsupported device type %s 0%o"), - device, sb.st_mode); - goto cleanup; - } - - if (!create) { - ret =3D 0; - goto cleanup; - } - - if (lchown(devicePath, sb.st_uid, sb.st_gid) < 0) { - virReportSystemError(errno, - _("Failed to chown device %s"), - devicePath); - goto cleanup; - } - - /* Symlinks don't have mode */ - if (!isLink && - chmod(devicePath, sb.st_mode) < 0) { - virReportSystemError(errno, - _("Failed to set permissions for device %s"), - devicePath); - goto cleanup; - } - - /* Symlinks don't have ACLs. */ - if (!isLink && - virFileCopyACLs(device, devicePath) < 0 && - errno !=3D ENOTSUP) { - virReportSystemError(errno, - _("Failed to copy ACLs on device %s"), - devicePath); - goto cleanup; - } - -#ifdef WITH_SELINUX - if (lgetfilecon_raw(device, &tcon) < 0 && - (errno !=3D ENOTSUP && errno !=3D ENODATA)) { - virReportSystemError(errno, - _("Unable to get SELinux label from %s"), - device); - goto cleanup; - } - - if (tcon && - lsetfilecon_raw(devicePath, (const char *)tcon) < 0) { - VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR - if (errno !=3D EOPNOTSUPP && errno !=3D ENOTSUP) { - VIR_WARNINGS_RESET - virReportSystemError(errno, - _("Unable to set SELinux label on %s"), - devicePath); - goto cleanup; - } - } -#endif - - /* Finish mount process started earlier. */ - if ((isReg || isDir) && - virFileBindMountDevice(device, devicePath) < 0) - goto cleanup; - - ret =3D 0; - cleanup: -#ifdef WITH_SELINUX - freecon(tcon); -#endif - return ret; -} - - -static int G_GNUC_UNUSED -qemuDomainCreateDevice(const char *device, - const struct qemuDomainCreateDeviceData *data, - bool allow_noent) -{ - long symloop_max =3D sysconf(_SC_SYMLOOP_MAX); - - return qemuDomainCreateDeviceRecursive(device, data, - allow_noent, symloop_max); -} - - static int qemuDomainPopulateDevices(virQEMUDriverConfigPtr cfg, char ***paths) --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411061; cv=none; d=zohomail.com; s=zohoarc; b=NyB4f2znVuDXxSmXUayIhM7nFAUFfYwfO/kVk1cH8zZfvxf6uEB08vWltGRO35NBbebE+wlL7JMbszTZ4EcYV68eFhyl2P746+p8WLd93WPYn2NoLFpNVZKqfhmKcl4D67ubbQPOJ0hw8pQX+7EAtaPiQLRxGCHo2PjrLF5+fLM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411061; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=jaUwJfbDSbVMelau9iv1CfB+WMUntJ3RKiOwDazw7Co=; b=hBTC7woV+pX4LX406l8e44avfHBztTIk+YcyjKWsAFVjzvP1bupQU7RMdYP2OA8Nvvzh9HqnV7RYoF96y9ZmVQm8M+ksFLI7MP4GxEffkECE4Rx+EMmHVKvY3BvQQG3uJCL3vpw+NlL+qdp9eTHR0g29dtyVBWb1ZOTrl3tgspg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1595411061234596.5119609513094; Wed, 22 Jul 2020 02:44:21 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-38-TtKcJCwBNaW-NG3UnQjNtA-1; Wed, 22 Jul 2020 05:44:17 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B774218C63C1; Wed, 22 Jul 2020 09:44:11 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 9D74169321; Wed, 22 Jul 2020 09:44:11 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 1AF3A1809561; Wed, 22 Jul 2020 09:44:11 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9f9rQ001093 for ; Wed, 22 Jul 2020 05:41:09 -0400 Received: by smtp.corp.redhat.com (Postfix) id 70AC02B5BF; Wed, 22 Jul 2020 09:41:09 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id E31762DE68 for ; Wed, 22 Jul 2020 09:41:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411059; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=jaUwJfbDSbVMelau9iv1CfB+WMUntJ3RKiOwDazw7Co=; b=P1w8x6V8uDMpHMg47GnLNm+F+FMOqMMlDSaU54ho7hhsccHUWpQ7LRTKVM8BPaF8g/uaIU XuMwXWAYZyqd97Pp8JJU9XiRiozo+36qxDQYniEbrl1k/zby6ce7zTyOHNYmjmwpvmXqYa R+Dj5OOY3lGFvy68kg/bwzdlweL69P0= X-MC-Unique: TtKcJCwBNaW-NG3UnQjNtA-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 28/34] qemuDomainDetachDeviceUnlink: Unlink paths in one go Date: Wed, 22 Jul 2020 11:40:22 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Simirarly to qemuDomainAttachDeviceMknodHelper() which was modified just a couple of commits ago, modify the unlink helper which is called on device detach so that it can unlink multiple files in one go instead of forking off for every single one of them. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 65 +++++++++++++++----------------- 1 file changed, 30 insertions(+), 35 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 41d79559f9..4e0b50d885 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1286,44 +1286,21 @@ static int qemuDomainDetachDeviceUnlinkHelper(pid_t pid G_GNUC_UNUSED, void *opaque) { - const char *path =3D opaque; - - VIR_DEBUG("Unlinking %s", path); - if (unlink(path) < 0 && errno !=3D ENOENT) { - virReportSystemError(errno, - _("Unable to remove device %s"), path); - return -1; - } - - return 0; -} - - -static int -qemuDomainDetachDeviceUnlink(virQEMUDriverPtr driver G_GNUC_UNUSED, - virDomainObjPtr vm, - const char *file, - char * const *devMountsPath, - size_t ndevMountsPath) -{ + char **paths =3D opaque; size_t i; =20 - if (STRPREFIX(file, QEMU_DEVPREFIX)) { - for (i =3D 0; i < ndevMountsPath; i++) { - if (STREQ(devMountsPath[i], "/dev")) - continue; - if (STRPREFIX(file, devMountsPath[i])) - break; - } + for (i =3D 0; paths[i]; i++) { + const char *path =3D paths[i]; =20 - if (i =3D=3D ndevMountsPath) { - if (virProcessRunInMountNamespace(vm->pid, - qemuDomainDetachDeviceUnlink= Helper, - (void *)file) < 0) - return -1; + VIR_DEBUG("Unlinking %s", path); + if (unlink(path) < 0 && errno !=3D ENOENT) { + virReportSystemError(errno, + _("Unable to remove device %s"), path); + return -1; } } =20 + virStringListFree(paths); return 0; } =20 @@ -1336,6 +1313,7 @@ qemuDomainNamespaceUnlinkPaths(virDomainObjPtr vm, qemuDomainObjPrivatePtr priv =3D vm->privateData; virQEMUDriverPtr driver =3D priv->driver; g_autoptr(virQEMUDriverConfig) cfg =3D NULL; + VIR_AUTOSTRINGLIST unlinkPaths =3D NULL; char **devMountsPath =3D NULL; size_t ndevMountsPath =3D 0; size_t i; @@ -1352,11 +1330,28 @@ qemuDomainNamespaceUnlinkPaths(virDomainObjPtr vm, goto cleanup; =20 for (i =3D 0; i < npaths; i++) { - if (qemuDomainDetachDeviceUnlink(driver, vm, paths[i], - devMountsPath, ndevMountsPath) < = 0) - goto cleanup; + const char *file =3D paths[i]; + + if (STRPREFIX(file, QEMU_DEVPREFIX)) { + for (i =3D 0; i < ndevMountsPath; i++) { + if (STREQ(devMountsPath[i], "/dev")) + continue; + if (STRPREFIX(file, devMountsPath[i])) + break; + } + + if (i =3D=3D ndevMountsPath && + virStringListAdd(&unlinkPaths, file) < 0) + return -1; + } } =20 + if (unlinkPaths && + virProcessRunInMountNamespace(vm->pid, + qemuDomainDetachDeviceUnlinkHelper, + unlinkPaths) < 0) + return -1; + ret =3D 0; cleanup: virStringListFreeCount(devMountsPath, ndevMountsPath); --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595413746; cv=none; d=zohomail.com; s=zohoarc; b=ltRV2T/RjB67xldNdDgJoXdmpmarn4XehmmWRFj/i9xOnpVh41KS/PtsWDgi61mJoNhHC6KNDRqTjN6gnMhCjRtWvr4vjy+f2GW3Xlr99HZWVSWoEmYxHK6evTIygaBzXUHjhprS/JiD+1wgbD9E3169+mtzdzIXlzXLLgse1ak= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595413746; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=whKeQ84qtT7DRd+UJvIhz5skqqfQJ7VvGSTa7JKwPC4=; b=BU7DDOZDNe0T1ccksxXFDWsGNUmkA+2TLlvRFUwwf3pOF/klR2ZsOKKGZ7iUxEFqifdJQkZua56+TqW9wHBd+68VZuCyhEJhnNfKHx8bMW+x7rjNrvrcQHUO6hmEg7qbnZ94DKglFkXtm+GpvESiIY0QwqCjU7u/MTB6BdaQLEg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1595413746501851.0399543367079; Wed, 22 Jul 2020 03:29:06 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-227-dkvZvo0jPCu3qvzBwNceBA-1; Wed, 22 Jul 2020 06:28:18 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 98308100CCC3; Wed, 22 Jul 2020 10:28:13 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 777FD69320; Wed, 22 Jul 2020 10:28:13 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 4714D1800FDD; Wed, 22 Jul 2020 10:28:13 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9fAjg001107 for ; Wed, 22 Jul 2020 05:41:10 -0400 Received: by smtp.corp.redhat.com (Postfix) id 51BB92B6DB; Wed, 22 Jul 2020 09:41:10 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id C4F7B2B5BF for ; Wed, 22 Jul 2020 09:41:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595413745; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=whKeQ84qtT7DRd+UJvIhz5skqqfQJ7VvGSTa7JKwPC4=; b=Ce7tb2hq2A5QdRLGTeaPBQ/ZszO+8mF/Dzrc6CLPDuctYLw6ie1UFGP56oFJ7c51LwUwDU cKpxcjDcsLPIjHgwK/zaIciC5gbBeT0pH7nvwd0QniHlC2x2g1d516wpRhVXy2Y1imaceE Pa8Ac1jBE9J85GMVxwlaZ6Wd3WOu/1U= X-MC-Unique: dkvZvo0jPCu3qvzBwNceBA-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 29/34] qemuDomainNamespaceUnlinkPaths: Turn @paths into string list Date: Wed, 22 Jul 2020 11:40:23 +0200 Message-Id: <26e87594efc3515bc8d229b55bb661968b831877.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" So far, the only caller qemuDomainNamespaceUnlinkPath() will always pass a single path to unlink, but similarly to qemuDomainNamespaceMknodPaths() - there are a few callers that would like to pass two or more files to unlink at once (held in a string list). Make the @paths argument a string list then. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 4e0b50d885..135842e212 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1307,8 +1307,7 @@ qemuDomainDetachDeviceUnlinkHelper(pid_t pid G_GNUC_U= NUSED, =20 static int qemuDomainNamespaceUnlinkPaths(virDomainObjPtr vm, - const char **paths, - size_t npaths) + const char **paths) { qemuDomainObjPrivatePtr priv =3D vm->privateData; virQEMUDriverPtr driver =3D priv->driver; @@ -1316,9 +1315,11 @@ qemuDomainNamespaceUnlinkPaths(virDomainObjPtr vm, VIR_AUTOSTRINGLIST unlinkPaths =3D NULL; char **devMountsPath =3D NULL; size_t ndevMountsPath =3D 0; + size_t npaths; size_t i; int ret =3D -1; =20 + npaths =3D virStringListLength(paths); if (!npaths) return 0; =20 @@ -1363,9 +1364,9 @@ static int qemuDomainNamespaceUnlinkPath(virDomainObjPtr vm, const char *path) { - const char *paths[] =3D { path }; + const char *paths[] =3D { path, NULL }; =20 - return qemuDomainNamespaceUnlinkPaths(vm, paths, 1); + return qemuDomainNamespaceUnlinkPaths(vm, paths); } =20 =20 --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411104; cv=none; d=zohomail.com; s=zohoarc; b=Ohz1LBBdw+8pPjNOSwNq/+CWZrXQTIwH5ROd5s8NwYjZo7ZArnfMzHWBNiVjeachgZyu2jg3MFrXU9SWkIBV0/dzrxGqE4Hne8V62e+GK4xA8bQtuJaScuhNcMVz9iFvMWpeifzo7ecK6gXwgAFqkWyCdFL74ez5HTxLTkmKXcg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411104; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=qJ4z+zjRK1voU+HL1qGjSLnvXfdv5TyTPRWjJaMcgtY=; b=hHi60LsnZgrl+3uUlPE6KsfCvS6DuRzOiJJHzI1NgWGZiKfyWPNnFCaXqNC7+vgT7FvOhB9oZ1WZUteztd4s0I3H5/WsZiFqIfQxaDFYaJ1J0TavdO8V/5lw/Mke9Alfr518/YMaWTSi5P0GnFGoR/jhKEISjY/7s13oIZB+hu4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 159541110480727.141880977023106; Wed, 22 Jul 2020 02:45:04 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-321-_a6_8RvzOYaD9szzc1AV6Q-1; Wed, 22 Jul 2020 05:44:19 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4CCB318C63C9; Wed, 22 Jul 2020 09:44:14 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2FE5469327; Wed, 22 Jul 2020 09:44:14 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id F2661730EB; Wed, 22 Jul 2020 09:44:13 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9fEQf001140 for ; Wed, 22 Jul 2020 05:41:14 -0400 Received: by smtp.corp.redhat.com (Postfix) id C88512DE7F; Wed, 22 Jul 2020 09:41:14 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 481822DE81 for ; Wed, 22 Jul 2020 09:41:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411103; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=qJ4z+zjRK1voU+HL1qGjSLnvXfdv5TyTPRWjJaMcgtY=; b=T6DHXG9110p60cnQZiz7Ezwj0ZqrGNvqxvtnOTj0NO6chXgm56ke3x9GRuB9ErZ7c9prNp sLx6X4vffwSF6iHbV5RsvrksZUzj9M+Sb2ijzQ8MSsSusfSR2tZlUtV0GATRUE/VbWIbPg JCZPxq4bcf3ix28jaWueO+nGO0afvSo= X-MC-Unique: _a6_8RvzOYaD9szzc1AV6Q-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 30/34] qemuDomainNamespaceTeardownHostdev: Unlink paths in one go Date: Wed, 22 Jul 2020 11:40:24 +0200 Message-Id: <07c4b024d25b1cfd4dc32289e45e657f81a29b03.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" In my attempt to deduplicate the code, we can use qemuDomainSetupHostdev() to obtain the list of paths to unlink and then pass it to qemuDomainNamespaceUnlinkPaths() to unlink them in a single fork. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 135842e212..8251554e73 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1451,20 +1451,18 @@ int qemuDomainNamespaceTeardownHostdev(virDomainObjPtr vm, virDomainHostdevDefPtr hostdev) { - g_autofree char *path =3D NULL; + VIR_AUTOSTRINGLIST paths =3D NULL; =20 if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) return 0; =20 - if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) + if (qemuDomainSetupHostdev(vm, + hostdev, + true, + &paths) < 0) return -1; =20 - if (path && qemuDomainNamespaceUnlinkPath(vm, path) < 0) - return -1; - - if (qemuHostdevNeedsVFIO(hostdev) && - !qemuDomainNeedsVFIO(vm->def) && - qemuDomainNamespaceUnlinkPath(vm, QEMU_DEV_VFIO) < 0) + if (qemuDomainNamespaceUnlinkPaths(vm, (const char **) paths) < 0) return -1; =20 return 0; --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411118; cv=none; d=zohomail.com; s=zohoarc; b=eN1vh95A6viAsb1E1T3a4im6SZCm3WP6ehYYN1Pw+9cNihlANGOOEnEGIqcZGxFFhP9Zjbrev2E06l/YgMM8uNLwzXzK56Tn/qL91jeEibXSXxMSR73xL5ddONmz1Kz8fxUhZCwOHNW5S4gwDtXPToe6R2f8cvObuFvKOGVasww= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411118; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=tL/a2ua5B3GdPK65BeOqhzV4D9NZK1POSoToHDXZ15Q=; b=PEsZCiW5v6JyNXWt56LRxE2BSfLuEAx5k/o4ljm4XJ0TwGmmtpm4fX95R7kQaC4QftGTzyuUHIIe/cquNMWvuMpcg/r8S3v5DHatxmFBU3YsHtwagnil8UKKfkTRBh1utRnFVc+iOdUg/5kv4bUOG0Yii7vk3hwqvC4gvoGeG1k= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1595411118931923.7553112457182; Wed, 22 Jul 2020 02:45:18 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-208-3ub6rQaNNymysPIsD7trjQ-1; Wed, 22 Jul 2020 05:44:21 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 9D6F759; Wed, 22 Jul 2020 09:44:16 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 791A61001B0B; Wed, 22 Jul 2020 09:44:16 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 482901800B72; Wed, 22 Jul 2020 09:44:16 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9fF5h001150 for ; Wed, 22 Jul 2020 05:41:15 -0400 Received: by smtp.corp.redhat.com (Postfix) id A9EBC2DE81; Wed, 22 Jul 2020 09:41:15 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 28AC22DE80 for ; Wed, 22 Jul 2020 09:41:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411117; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=tL/a2ua5B3GdPK65BeOqhzV4D9NZK1POSoToHDXZ15Q=; b=bcrZVsVYNiOKvx29eBpRLP42pOISqXTZQD/hv+EyiGO4FFAIVxnLaDpXUeOzLUxWgcum/g tOGvrzISu9keJQxwkmstNyhAxKxPXhQxW9WHWg0wkTnEUg3Wkk1ojOD41llUJ69tt7esQP XoVhKX0gOzJseaciNLEr08vbufQXMVQ= X-MC-Unique: 3ub6rQaNNymysPIsD7trjQ-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 31/34] qemuDomainNamespaceTeardownMemory: Deduplicate code Date: Wed, 22 Jul 2020 11:40:25 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" We can use qemuDomainSetupMemory() to obtain the path that we need to unlink() from within domain's namespace. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 8251554e73..aaf45859d3 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1492,13 +1492,15 @@ int qemuDomainNamespaceTeardownMemory(virDomainObjPtr vm, virDomainMemoryDefPtr mem) { + VIR_AUTOSTRINGLIST paths =3D NULL; + if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) return 0; =20 - if (mem->model !=3D VIR_DOMAIN_MEMORY_MODEL_NVDIMM) - return 0; + if (qemuDomainSetupMemory(mem, &paths) < 0) + return -1; =20 - if (qemuDomainNamespaceUnlinkPath(vm, mem->nvdimmPath) < 0) + if (qemuDomainNamespaceUnlinkPaths(vm, (const char **) paths) < 0) return -1; =20 return 0; --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411107; cv=none; d=zohomail.com; s=zohoarc; b=gtfU7nBDDxxBf31oZQF9Mbg1WhiAAdM28PduBLK6KIFW3UDFi90BqbPUj0ZqHdg6qrvyT+4UkSzO5Ijypehn3BwPOIrSp+0r/7/eSRTm1i6gqYxGRbrkCkWg0Kk0hJIMqPtsDv8GjCsIpYoONTdWPeAaVp565NqtsTGm0xfiHvQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411107; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=VjFZxkLx2CumwzKMv/iHk/1tNVDiWQ2PXEtGzLuMYF4=; b=FYJXRVL7wgEWs/vRiP9GEnVuzBtYVvuW+JQnvQvKMHyIBM+/gYztqYlEKc9WGc+zi7oH0GAr4cqAuPSX4N5rpNg3ywstMzledqDSauBnCkzxLXh+AosAfmbOwXCdHVCPTaOYCFXKM3D4BNSEsyJwgY2cYVPvGVopPjvf8ctQvIM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1595411107430914.6313834683905; Wed, 22 Jul 2020 02:45:07 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-47-phPuYv45PruciXly__gX3w-1; Wed, 22 Jul 2020 05:44:24 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 00B431DE7; Wed, 22 Jul 2020 09:44:19 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D57115D9DD; Wed, 22 Jul 2020 09:44:18 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 9FA731800CAF; Wed, 22 Jul 2020 09:44:18 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9fGwQ001160 for ; Wed, 22 Jul 2020 05:41:16 -0400 Received: by smtp.corp.redhat.com (Postfix) id 8AAF42DE81; Wed, 22 Jul 2020 09:41:16 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id 09FE92DE80 for ; Wed, 22 Jul 2020 09:41:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411106; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=VjFZxkLx2CumwzKMv/iHk/1tNVDiWQ2PXEtGzLuMYF4=; b=IPRhJYuPfVXjOlXVVj4xWxXQAq3WUchTyVqy0v4Uz5kvuhGoP4cE5nJJ5cgADaZEWbvPJU 6CnKuAwk9EA/UEj1r9QOiqo2Ir4eXJpowmh9S7SOO7g1aIFLNPtG8yDLeCDECEZE8xFiiX A5BZKl1bOvZtfMk9fNS60CJJqip3cy4= X-MC-Unique: phPuYv45PruciXly__gX3w-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 32/34] qemuDomainNamespaceTeardownChardev: Deduplicate code Date: Wed, 22 Jul 2020 11:40:26 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" We can use qemuDomainSetupChardev() to obtain the path that we need to unlink() from within domain's namespace. Note, while previously we unlinked only VIR_DOMAIN_CHR_TYPE_DEV chardevs, with this change we unlink some other types too - exactly those types we created when plugging the device in. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index aaf45859d3..7a329c0c4a 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1530,17 +1530,15 @@ int qemuDomainNamespaceTeardownChardev(virDomainObjPtr vm, virDomainChrDefPtr chr) { - const char *path =3D NULL; + VIR_AUTOSTRINGLIST paths =3D NULL; =20 if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) return 0; =20 - if (chr->source->type !=3D VIR_DOMAIN_CHR_TYPE_DEV) - return 0; + if (qemuDomainSetupChardev(vm->def, chr, &paths) < 0) + return -1; =20 - path =3D chr->source->data.file.path; - - if (qemuDomainNamespaceUnlinkPath(vm, path) < 0) + if (qemuDomainNamespaceUnlinkPaths(vm, (const char **) paths) < 0) return -1; =20 return 0; --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411072; cv=none; d=zohomail.com; s=zohoarc; b=Q9nCSoMtYdikOPKZBdj/9K2+JeCp6EW1sf7aHGOACOvXUJowEd6F+jBREapII5EDiCYKOHwM1z9JH4ESKoUYqIYZh60eNRghTOryLPfIJx72o95h5+qcO/cBI3D9IIcIDSPEJ4ehX1T3FxaXxbvhISFGqFkt6CWUzbu1rvcD6FU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411072; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=uFad8el2oMtj5ZJ3JZeL9qV92IRFAVPHrONoLZjttoc=; b=mEi5WOxSIoD7qnUOrKtKlW+5/bjYKJwrbT1uBc0PVhfYuv84slN4nmh8uJIAAMHK9KMfd47/+01Qu6/5IRI1jMKL3iwQCS7Gn1ro2KwPj+tILMtAnYxFvrtsLaeZBmW5v6fwgBCpRtsg/JOlrqWIYT4OiXw2xhKceNK0k/7HC+M= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1595411072218482.74756377537346; Wed, 22 Jul 2020 02:44:32 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-325-wUIgb26WPcO7AhpZD3kflw-1; Wed, 22 Jul 2020 05:44:29 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id D1A58100CCD1; Wed, 22 Jul 2020 09:44:21 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 82BBF2DE7F; Wed, 22 Jul 2020 09:44:21 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 44AA01806B0D; Wed, 22 Jul 2020 09:44:21 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9fHDs001173 for ; Wed, 22 Jul 2020 05:41:17 -0400 Received: by smtp.corp.redhat.com (Postfix) id 6BB8D2DE81; Wed, 22 Jul 2020 09:41:17 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id DEFBB2DE80 for ; Wed, 22 Jul 2020 09:41:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411071; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=uFad8el2oMtj5ZJ3JZeL9qV92IRFAVPHrONoLZjttoc=; b=XdoLfa3+XkN2ZsmfERyEMRtQUyOBl9V4cxAbOa46prUDC2EvwaQQUIBFk0QL0N/0P0m0TG nUUaAJhMrvVZPhoXrolqpUdcV1no08mdbh77Cz0DD79/CUB+ei6ARQTHZbLPlbuHLz+a12 DvHlfTKxN+XI0ZsQPy+6sJVcBM2Yyjs= X-MC-Unique: wUIgb26WPcO7AhpZD3kflw-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 33/34] qemuDomainNamespaceTeardownRNG: Deduplicate code Date: Wed, 22 Jul 2020 11:40:27 +0200 Message-Id: <9a4ea8c8d613d87abcaac5336adf0b61883635f5.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" We can use qemuDomainSetupRNG() to obtain the path that we need to unlink() from within domain's namespace. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 7a329c0c4a..89d73b26ef 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1568,23 +1568,15 @@ int qemuDomainNamespaceTeardownRNG(virDomainObjPtr vm, virDomainRNGDefPtr rng) { - const char *path =3D NULL; + VIR_AUTOSTRINGLIST paths =3D NULL; =20 if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) return 0; =20 - switch ((virDomainRNGBackend) rng->backend) { - case VIR_DOMAIN_RNG_BACKEND_RANDOM: - path =3D rng->source.file; - break; + if (qemuDomainSetupRNG(rng, &paths) < 0) + return -1; =20 - case VIR_DOMAIN_RNG_BACKEND_EGD: - case VIR_DOMAIN_RNG_BACKEND_BUILTIN: - case VIR_DOMAIN_RNG_BACKEND_LAST: - break; - } - - if (path && qemuDomainNamespaceUnlinkPath(vm, path) < 0) + if (qemuDomainNamespaceUnlinkPaths(vm, (const char **) paths) < 0) return -1; =20 return 0; --=20 2.26.2 From nobody Fri May 3 11:44:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595413746; cv=none; d=zohomail.com; s=zohoarc; b=XKgiOhP0TFceVolG/4u727eVOwTk5gnuhvlOWcJ1d33TClj4QDdx+vUdtMQP50g9Jevd4Du6ufvtSCyyuWFQwnEv38kcqlLFI4FW0b0rBat36ti9W/sw1zRpdSAU1v9TUZV+9skxUBE8p5Vpy/NP35mDMVPPg/Y9XprD/0pRLcs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595413746; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=NVaGItYKOX8LfuIPZszdfKHrccRwMt//THbWZ4mfumE=; b=WHaekec7aJS28ANwZ8ABZlvxO82hgZZAnW/T+PWfQLuPTmguFxqAYc5uCiYg/LdSjWTS1Qixnp86/X85LMH2ljIcZBuVX2quAeohehYKZYTwKUVA8UEj4ZNi48OLIi4ieJ7rtzrg9601iwAyIuxd6X1EIgQokdUDe/WdqYlTtFw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 1595413746678329.19066156314886; Wed, 22 Jul 2020 03:29:06 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-204-Y9w-FrWpOiqq6opEshk2fg-1; Wed, 22 Jul 2020 06:28:21 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id EC71C102C7EE; Wed, 22 Jul 2020 10:28:15 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id CC4FC872FB; Wed, 22 Jul 2020 10:28:15 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 969BE1806B0C; Wed, 22 Jul 2020 10:28:15 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9fIfD001189 for ; Wed, 22 Jul 2020 05:41:18 -0400 Received: by smtp.corp.redhat.com (Postfix) id 51A841A90F; Wed, 22 Jul 2020 09:41:18 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id C05852DE80 for ; Wed, 22 Jul 2020 09:41:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595413745; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=NVaGItYKOX8LfuIPZszdfKHrccRwMt//THbWZ4mfumE=; b=BxbSwYwaziGpZdIQKDSjsgj17Wm+Bg1it4FcSr8DO8cLOEylnlCE6vq9ed95MWlHWvI8rd aCCGtQo8jEnTZdfmxdcKlDEOVqFd+DuPe0LDXhtoYGdjRAqm0lCBXHKKQnDxRGv5DDDcvB oUFwlD4IMDdNVpHQ8djLFHZl9x/L4Gc= X-MC-Unique: Y9w-FrWpOiqq6opEshk2fg-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 34/34] qemuDomainNamespaceTeardownInput: Deduplicate code Date: Wed, 22 Jul 2020 11:40:28 +0200 Message-Id: <80659a585fe0dc8e13662122f99128197ad2cf63.1595410402.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" We can use qemuDomainSetupInput() to obtain the path that we need to unlink() from within domain's namespace. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain_namespace.c | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namesp= ace.c index 89d73b26ef..51d3497670 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -1360,16 +1360,6 @@ qemuDomainNamespaceUnlinkPaths(virDomainObjPtr vm, } =20 =20 -static int -qemuDomainNamespaceUnlinkPath(virDomainObjPtr vm, - const char *path) -{ - const char *paths[] =3D { path, NULL }; - - return qemuDomainNamespaceUnlinkPaths(vm, paths); -} - - int qemuDomainNamespaceSetupDisk(virDomainObjPtr vm, virStorageSourcePtr src) @@ -1605,15 +1595,15 @@ int qemuDomainNamespaceTeardownInput(virDomainObjPtr vm, virDomainInputDefPtr input) { - const char *path =3D NULL; + VIR_AUTOSTRINGLIST paths =3D NULL; =20 if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) return 0; =20 - if (!(path =3D virDomainInputDefGetPath(input))) - return 0; + if (qemuDomainSetupInput(input, &paths) < 0) + return -1; =20 - if (path && qemuDomainNamespaceUnlinkPath(vm, path) < 0) + if (qemuDomainNamespaceUnlinkPaths(vm, (const char **) paths) < 0) return -1; =20 return 0; --=20 2.26.2