From nobody Mon Apr 29 23:15:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1614599422; cv=none; d=zohomail.com; s=zohoarc; b=jwqDgHGCcJhaGPBQC6DQZ5wN4YUKZMs1hC646I/mU/TQWJxG5kK9UUyDcrq0hOCbciT4OS+w0iYnOegV+oT7BZ4yzPAh0EJHSccuS1N6pGQ2q87UsJ5LNuXXmqyITK+F7BZMwL+G4sdnO0M0YWnB9klsiobyNQ5Te+PsG0XxzSg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1614599422; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=fZ1HU54n4AmJ2OV7dbxLaYt6kQ4cv+hRYjJoXTE67yc=; b=IJMnqQnuzgzFp1Oi5IPvscWzlhVUGaWhtNhwr9weuwYhJyZZwC+hKx3CF4WQn6+es69F3rIeTQjgTdVJ58C6+iQUx1MNMvr7JS9G6kJP9mIqEI3m/gwvDq3zmfCj6ho+qof6BDgXkOzUNvNI7JLSJeyBxrrZ1gDdT1V6tIM4YNI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1614599422158283.18888640189664; Mon, 1 Mar 2021 03:50:22 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-557-g7tI71BZNP6lIbKVRLrkrg-1; Mon, 01 Mar 2021 06:50:19 -0500 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B165A801977; Mon, 1 Mar 2021 11:50:13 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8631C5D9DB; Mon, 1 Mar 2021 11:50:13 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 3B0DA4EEF6; Mon, 1 Mar 2021 11:50:13 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 121Bo2gb026530 for ; Mon, 1 Mar 2021 06:50:02 -0500 Received: by smtp.corp.redhat.com (Postfix) id 6A51359443; Mon, 1 Mar 2021 11:50:02 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.194.76]) by smtp.corp.redhat.com (Postfix) with ESMTP id E0EF8197F9 for ; Mon, 1 Mar 2021 11:50:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1614599421; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=fZ1HU54n4AmJ2OV7dbxLaYt6kQ4cv+hRYjJoXTE67yc=; b=e7dMSZf7JykJwTpmWKG8YuVdI8bJNoYD+49f1kE0qVBOPdwP6IcNh5W0JLCf5CwzK18ySv v6eOmCYGTrsrZpi3/z4/uU9ObemKCON7exCbfeeIIZF8OUrF3u8QxTVYzw8JXBf1m5Tejg 6Pqi3ODJIW3NJHqRySLFJT45VNRTp5M= X-MC-Unique: g7tI71BZNP6lIbKVRLrkrg-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 1/4] qemu_shim: Don't hang if failed to start domain Date: Mon, 1 Mar 2021 12:49:55 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" The qemu shim spawns a separate thread in which the event loop is ran. The virEventRunDefaultImpl() call is wrapped in a while() loop, just like it should. There are few lines of code around which try to ensure that domain is destroyed (when quitting) and that the last round of event loop is ran after the virDomainDestroy() call. Only after that the loop is quit from and the thread quits. Well, if creating the domain failed then the thread is stuck inside event loop forever. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=3D1920337 Signed-off-by: Michal Privoznik --- src/qemu/qemu_shim.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_shim.c b/src/qemu/qemu_shim.c index c10598df4b..21a24abade 100644 --- a/src/qemu/qemu_shim.c +++ b/src/qemu/qemu_shim.c @@ -45,9 +45,12 @@ qemuShimEventLoop(void *opaque G_GNUC_UNUSED) while (!quit) { g_mutex_lock(&eventLock); if (eventQuitFlag && !eventPreventQuitFlag) { + quit =3D true; if (dom) { virDomainDestroy(dom); - quit =3D true; + } else { + g_mutex_unlock(&eventLock); + break; } } g_mutex_unlock(&eventLock); --=20 2.26.2 From nobody Mon Apr 29 23:15:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1614599425; cv=none; d=zohomail.com; s=zohoarc; b=dqc+SeyjELQoRUH0xvzeX3qgsqCM3qwrHsJyPrwF9R77ch7+m8Aqi4qidHMjTArAl/xY6oXFODfiKU2B+F2SkmgK2Cm9YV2WgUfY3Jqk13zrOcG7KN/pFPdNNKNVEuf+Aok/FEiWWgx0fM16NF4I7jLGNqQGpjRgiAO9VRZQ5+E= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1614599425; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=FCr7HXB++P46SXnqRJ2AHth0UEurRfZ6jSCo75WXkAk=; b=jZ4Mm0AUg8ry2eVE1pu7qrS7VMFWY3MPulUcn8TmutdIUn1uD+aB2bh06ClWXgTrMeFIHCjdR9k0nzyu+ftdVTooEJ35R9BRkkI3CSNcOh+Lqbkaw2Dsg+nXdyBhWgQHkaM7cMwiaxlydDoTB+0tydQzs0sVhNTsnN0YLSJQ1ck= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1614599425333424.6834967024198; Mon, 1 Mar 2021 03:50:25 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-471-iumtMyI8NVeG6394CGeL4g-1; Mon, 01 Mar 2021 06:50:21 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 0F706835E27; Mon, 1 Mar 2021 11:50:15 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DCD2B50EDF; Mon, 1 Mar 2021 11:50:14 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 96D4F49; Mon, 1 Mar 2021 11:50:14 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 121Bo3DL026545 for ; Mon, 1 Mar 2021 06:50:03 -0500 Received: by smtp.corp.redhat.com (Postfix) id 45937197F9; Mon, 1 Mar 2021 11:50:03 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.194.76]) by smtp.corp.redhat.com (Postfix) with ESMTP id BB90060657 for ; Mon, 1 Mar 2021 11:50:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1614599424; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=FCr7HXB++P46SXnqRJ2AHth0UEurRfZ6jSCo75WXkAk=; b=DU0ogopYx6FDKktLCXjTM0ms5fdaDTZeNIVJ6LyBb+RgT6UgTYZPhA7XjeFN1wqPJ2inGI Gn8kfnZVg/k0O5nVNYcu5B3A65QRo6f2FWpypuU1cbWQtsjqYJCYUIuGC18HX0Q8jKH03v 8RHsv2VBVpbFa2nMDnHX6ryyKIQxi2A= X-MC-Unique: iumtMyI8NVeG6394CGeL4g-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 2/4] docs: Lift restriction on running API from the event loop thread Date: Mon, 1 Mar 2021 12:49:56 +0100 Message-Id: <6c8af292aca61c29f91e1375536206c11e1c62dd.1614599331.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Since v6.2.0-rc1~238 (and friends) QMP processing was moved to a per-domain thread. Therefore, it is now safe to call APIs from the event loop thread (e.g. just like qemu shim is doing in qemuShimEventLoop(). However, it is still important to let the event loop run after each API call (obviously). Signed-off-by: Michal Privoznik Reviewed-by: Andrea Bolognani --- docs/drvqemu.html.in | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/drvqemu.html.in b/docs/drvqemu.html.in index 31d3fee213..3cdd04aa1e 100644 --- a/docs/drvqemu.html.in +++ b/docs/drvqemu.html.in @@ -158,8 +158,10 @@ qemu+ssh://root@example.com/system (remote access, S= SH tunnelled) in mind, applications must NEVER invoke API calls from the event loop thread itself, only other threads. Not following this rule will lead to deadlocks in the API. - This restriction is intended to be lifted in a future release - of libvirt, once QMP processing moves to a dedicated thread. + This restriction was lifted starting from 6.2.0 release, when + QMP processing moved to a dedicated thread. However, it is + important to let the event loop run after each API call, even + the ones made from the vent loop thread itself.

=20

Driver security architecture

--=20 2.26.2 From nobody Mon Apr 29 23:15:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1614599416; cv=none; d=zohomail.com; s=zohoarc; b=TWWjkGrEmhmR4xtZaWgihu+8TwRRnIqShg0aJZ6FiX+C1O/8bL9NghC4I4UWW8hVuLkfTD6D1eBLVOplcrgygxH2e6yZc3YeWXST5GqqXd3Nhfr+riqMCNwlmdGEqXoAK9UK280ZvOs/MlXlglw1dasqpmGpDvnLN7I8pIORkyI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1614599416; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=4nuTm1shf6ZxwttM/2Ggn5OJup8cD0bIZlyGdoJVZMQ=; b=MW2ciB7AlgY0OKvvGX6+AmAQekyHZMnD62Cv5H9G3UG1sWYqEA8RlwAo8YxSs9VQAcZ/BFg8+6LSqb1+j0sHrj/N+8SRnrZoLNpgooeZS/SuGwrsRuaXb1A3fHrFr2h7zW/4xiEP8l/p+tCEkdHB5MJX/5ta5F2qDtuxHmbnAUU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 161459941649198.03853190595453; Mon, 1 Mar 2021 03:50:16 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-483-XRTrAGAmMTGEPUViX2fcXg-1; Mon, 01 Mar 2021 06:50:13 -0500 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A9F2E1966321; Mon, 1 Mar 2021 11:50:07 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5B6F85C1C4; Mon, 1 Mar 2021 11:50:07 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id F36BF18095CC; Mon, 1 Mar 2021 11:50:06 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 121Bo44j026550 for ; Mon, 1 Mar 2021 06:50:04 -0500 Received: by smtp.corp.redhat.com (Postfix) id 2021150C0E; Mon, 1 Mar 2021 11:50:04 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.194.76]) by smtp.corp.redhat.com (Postfix) with ESMTP id 96CF860636 for ; Mon, 1 Mar 2021 11:50:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1614599415; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=4nuTm1shf6ZxwttM/2Ggn5OJup8cD0bIZlyGdoJVZMQ=; b=A8OjrRLVjyZApDg7i/mqr2O3DrgU+pD8qsX+tjl/TlEicPoFXozbBz4kUm+MeqnNSSa55L QeKRlFwIE9Vc7JjrSs9U4zW8JWsAPudmIT5rcPPSH3YWxuRDNURmq6C4aHlKZmK6HsYNC/ ckfvkgHsgLDyQ8CjAq1u/qKEuijrkKA= X-MC-Unique: XRTrAGAmMTGEPUViX2fcXg-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 3/4] virConnectOpen: Require root dir to be absolute path Date: Mon, 1 Mar 2021 12:49:57 +0100 Message-Id: <0111d0c6a6bfe30aac943759afcb63384d36db72.1614599331.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" In theory, users might want to use a relative path as a root directory for embed drivers. But in practice, nothing in driver initialization (specifically QEMU driver since it's the only one that supports embedding now), is prepared for that. Document and enforce absolute paths. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=3D1883725 Signed-off-by: Michal Privoznik Reviewed-by: Andrea Bolognani --- docs/drvqemu.html.in | 2 ++ src/libvirt.c | 6 ++++++ 2 files changed, 8 insertions(+) diff --git a/docs/drvqemu.html.in b/docs/drvqemu.html.in index 3cdd04aa1e..494dda56ef 100644 --- a/docs/drvqemu.html.in +++ b/docs/drvqemu.html.in @@ -73,6 +73,8 @@ qemu+ssh://root@example.com/system (remote access, SSH = tunnelled) registered & be running an instance of the event loop. To open the driver in embedded mode the app use the new URI path and specify a virtual root directory under which the driver will create content. + The path to the root directory must be absolute. Passing a relative + path results in an error.

=20 
diff --git a/src/libvirt.c b/src/libvirt.c
index 5778b5daee..f2f0efa0cb 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -996,6 +996,12 @@ virConnectOpenInternal(const char *name,
             if (!root)
                 goto failed;
=20
+            if (!g_path_is_absolute(root)) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                               _("root path must be absolute"));
+                goto failed;
+            }
+
             if (virEventRequireImpl() < 0)
                 goto failed;
=20
--=20
2.26.2

From nobody Mon Apr 29 23:15:10 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.133.124 as permitted sender) client-ip=170.10.133.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1614599428; cv=none;
	d=zohomail.com; s=zohoarc;
	b=iDNt6mdp1NYQDGuM+Zy8pFKuyf1vi99V/LBVFJfWXg/sAGp+F7ARg1cLstNlieXRLILfos+1k6WeB6mOZoQJEeMiN3Au9IC/QiEeHJ7D5gHz+beDyrOdClSA3RGBjys153WeM+SjvC4xnb049IsRWG40cdUBFZmxzTgM+kWUf8g=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1614599428;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=0BdeP9XXlDwnjEGT3FSI6Xs6Z8cFzgHR/Wr3HqCgcio=;
	b=LmTy8oxJHm5jTIEps1R+4cDc7gIs8XoRQCo06NVGl5GQsZaCWbzMJAa1xXn60I+MhpIyCgaKJjJNkNSAJqGlguw2I3mN6/R/PPbWgyObMNfe/laqOYwxop/OeRTmHOJTKO6K9H1Pue4jwYu3oImxoCyMotpp4UbNyj5aM+byoaQ=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from= (p=none dis=none)
 header.from=
Return-Path: 
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com
	with SMTPS id 1614599428952457.19884405246046;
 Mon, 1 Mar 2021 03:50:28 -0800 (PST)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-98-x4aYW9WoNNCowpJfakZr5g-1; Mon, 01 Mar 2021 06:50:23 -0500
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
 [10.5.11.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id DDF4480197B;
	Mon,  1 Mar 2021 11:50:16 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id B97D2608BA;
	Mon,  1 Mar 2021 11:50:16 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 84E3D57DFA;
	Mon,  1 Mar 2021 11:50:16 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
	[10.5.11.11])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 121Bo464026560 for ;
	Mon, 1 Mar 2021 06:50:04 -0500
Received: by smtp.corp.redhat.com (Postfix)
	id EE17160636; Mon,  1 Mar 2021 11:50:04 +0000 (UTC)
Received: from localhost.localdomain (unknown [10.40.194.76])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 7126650C0E
	for ; Mon,  1 Mar 2021 11:50:04 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1614599425;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=0BdeP9XXlDwnjEGT3FSI6Xs6Z8cFzgHR/Wr3HqCgcio=;
	b=Wy3jp8f+bXNt/Wd7K8q9VktNx1wNGSE9166L4aK0aDojdgGmayYw98c9pzaqICyeN4CgXd
	NGS3wrBo/4J85UZrzLCIM9ELd25/UR8n3cA16fAjtAjX3FAs7QqlpH0ShWCeBj2I44W2rX
	vMYZc20ILx8lfGNju9xnh23muf9cSNM=
X-MC-Unique: x4aYW9WoNNCowpJfakZr5g-1
From: Michal Privoznik 
To: libvir-list@redhat.com
Subject: [PATCH 4/4] qemu_shim: Always pre-create root dir
Date: Mon,  1 Mar 2021 12:49:58 +0100
Message-Id: 
 <20ad8828fb9e314a123d2632fc9060d1f52df9d9.1614599331.git.mprivozn@redhat.com>
In-Reply-To: 
References: 
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-loop: libvir-list@redhat.com
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	
List-Unsubscribe: ,
	
List-Archive: 
List-Post: 
List-Help: 
List-Subscribe: ,
	
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"

This problem is reproducible only with secret driver. When
starting a domain via virt-qemu-run and both secret and
(nonexistent) root directory specified this is what happens:

1) virt-qemu-run opens "secret:///embed?root=3D$rootdir"
   connection, which results in the secret driver initialization
   (done in secretStateInitialize()). During this process, the
   driver creates it's own configDir (derived from $rootdir)
   including those parents which don't exists yet. This is all
   done with the mode S_IRWXU and thus results in the $rootdir
   being created with very restrictive mode (specifically, +x is
   missing for group and others).

2) now, virt-qemu-run-opens "qemu:///embed?root=3D$rootdir" and
   calls virDomainCreateXML(). This results in the master-key.aes
   being written somewhere under the $rootdir and telling qemu
   where to find it.

But because the secret driver created $rootdir with too
restrictive mode, qemu can't access the file (even though it
knows the full path) and fails to start.

It looks like the best solution is to pre-create the root
directory before opening any connection (letting any driver
initialize itself) and set its mode to something less
restrictive.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=3D1859873
Signed-off-by: Michal Privoznik 
---
 src/qemu/qemu_shim.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/qemu/qemu_shim.c b/src/qemu/qemu_shim.c
index 21a24abade..a08bdcac6a 100644
--- a/src/qemu/qemu_shim.c
+++ b/src/qemu/qemu_shim.c
@@ -213,11 +213,16 @@ int main(int argc, char **argv)
         }
         tmproot =3D true;
=20
-        if (chmod(root, 0755) < 0) {
-            g_printerr("%s: cannot chown temporary dir: %s\n",
-                       argv[0], g_strerror(errno));
-            goto cleanup;
-        }
+    } else if (g_mkdir_with_parents(root, 0755) < 0) {
+        g_printerr("%s: cannot create dir: %s\n",
+                   argv[0], g_strerror(errno));
+        goto cleanup;
+    }
+
+    if (chmod(root, 0755) < 0) {
+        g_printerr("%s: cannot chmod temporary dir: %s\n",
+                   argv[0], g_strerror(errno));
+        goto cleanup;
     }
=20
     escaped =3D g_uri_escape_string(root, NULL, true);
--=20
2.26.2