From nobody Sat Feb 7 14:39:27 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1686557721; cv=none; d=zohomail.com; s=zohoarc; b=TmPGyM3BzICjY9HRMujyD5cBoDvpydE6nTjovKYcqJas6Qy6qRx+97xtFraEGolVMDn0QrUQJwgWE2FjY1K2Spg4PDzlCXpdjgG1goWsaezvYs9y0z++jskfc0VuxdgduTnBUEY0q6HsXGU1biwHAWp7Mer+l8LJxcHCyf7HpYQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686557721; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=GhLmrCOotWUtxqXh5pw6rHN7H/KqhoLB6BTfOEvlOBo=; b=VlsS4Y04WDGYESB25XvwY8ebkrNWWXqRamm/guLtxh144/o+OMNuOa2ZUahEpAiuPLFzY8gjJ/QoJ4DCayN1cTe9/ctpukQjgjFSKjqZhHR03SUaQ5iJs1fd6+z2QSPcfdH6h0d0nBn42iwj+CmQOT1zt/cbMNtsz+Zyx6rSqV8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 168655772119478.92956716079902; Mon, 12 Jun 2023 01:15:21 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-470-JY-YTjDxPaOQWyfgcV_Jwg-1; Mon, 12 Jun 2023 04:15:16 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 7E9F6811E9F; Mon, 12 Jun 2023 08:15:13 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3527040D1B61; Mon, 12 Jun 2023 08:15:13 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 0B10E19465A8; Mon, 12 Jun 2023 08:15:13 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 95AC3194658C for ; Mon, 12 Jun 2023 08:15:11 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 753FC492CAD; Mon, 12 Jun 2023 08:15:11 +0000 (UTC) Received: from localhost.localdomain (unknown [10.43.2.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1B63A492CA6 for ; Mon, 12 Jun 2023 08:15:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1686557719; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=GhLmrCOotWUtxqXh5pw6rHN7H/KqhoLB6BTfOEvlOBo=; b=XWdvuuN8oM3Am5cIWjjTVePm6FGEYHaYcst9o3FQEFaHItr/4tYLvg9hgax5J97Ro+f3vs vLpOB21VXSoEuPqAxHHUahELNfcp7GGUKE/l0tTqoG5HzbYIKFowHnuG3vXHDmsbXnHHfu l0W9eYDM2avNSMluNJs/GkHzrhCOYgM= X-MC-Unique: JY-YTjDxPaOQWyfgcV_Jwg-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 1/2] qemu_passt: Precreate passt logfile Date: Mon, 12 Jun 2023 10:15:08 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1686557729512100003 Content-Type: text/plain; charset="utf-8"; x-default="true" There are a few situations where passt itself is unable to create a file because it runs under QEMU user (e.g. just like our example from formatdomain.rst suggests: /var/log/passt.log). If libvirtd runs with sufficient permissions (e.g. as root) it can create the file and set seclabels on it so that passt can then open it. Ideally, we would just pass pre-opened FD, but this wasn't viewed as secure enough [1]. So lets just create the file and set seclabels. For the case when both libvirtd and passt have the same permissions, well then we fail before even needing to fork() and exec(). 1: https://archives.passt.top/passt-dev/20230606225836.63aecebe@elisabeth/ Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=3D2209191 Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_passt.c | 40 +++++++++++++++++++++++++++++++++++----- 1 file changed, 35 insertions(+), 5 deletions(-) diff --git a/src/qemu/qemu_passt.c b/src/qemu/qemu_passt.c index 99636a3a49..25b22d8ad9 100644 --- a/src/qemu/qemu_passt.c +++ b/src/qemu/qemu_passt.c @@ -20,6 +20,8 @@ =20 #include =20 +#include + #include "qemu_dbus.h" #include "qemu_extdevice.h" #include "qemu_security.h" @@ -136,9 +138,13 @@ void qemuPasstStop(virDomainObj *vm, virDomainNetDef *net) { + qemuDomainObjPrivate *priv =3D vm->privateData; + virQEMUDriver *driver =3D priv->driver; g_autofree char *pidfile =3D qemuPasstCreatePidFilename(vm, net); g_autofree char *passtSocketName =3D qemuPasstCreateSocketPath(vm, net= ); =20 + qemuSecurityDomainRestorePathLabel(driver, vm, net->backend.logFile); + qemuPasstKill(pidfile, passtSocketName); } =20 @@ -166,10 +172,12 @@ qemuPasstStart(virDomainObj *vm, { qemuDomainObjPrivate *priv =3D vm->privateData; virQEMUDriver *driver =3D priv->driver; + g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); g_autofree char *passtSocketName =3D qemuPasstCreateSocketPath(vm, net= ); g_autoptr(virCommand) cmd =3D NULL; g_autofree char *pidfile =3D qemuPasstCreatePidFilename(vm, net); char macaddr[VIR_MAC_STRING_BUFLEN]; + bool needUnlink =3D false; size_t i; =20 cmd =3D virCommandNew(PASST); @@ -191,8 +199,25 @@ qemuPasstStart(virDomainObj *vm, if (net->sourceDev) virCommandAddArgList(cmd, "--interface", net->sourceDev, NULL); =20 - if (net->backend.logFile) + if (net->backend.logFile) { + VIR_AUTOCLOSE logfd =3D -1; + /* The logFile location is not restricted to a per-domain director= y. It + * can be anywhere. Pre-create it as passt may not have enough per= ms to + * do so. */ + if (qemuDomainOpenFile(cfg, vm->def, net->backend.logFile, + O_CREAT | O_TRUNC | O_APPEND | O_RDWR, + &needUnlink) < 0) { + return -1; + } + + if (qemuSecurityDomainSetPathLabel(driver, vm, + net->backend.logFile, false) < = 0) { + goto error; + } + + /* Worse, passt deliberately doesn't support FD passing. */ virCommandAddArgList(cmd, "--log-file", net->backend.logFile, NULL= ); + } =20 /* Add IP address info */ for (i =3D 0; i < net->guestIP.nips; i++) { @@ -203,7 +228,7 @@ qemuPasstStart(virDomainObj *vm, * a single IPv4 and single IPv6 address */ if (!(addr =3D virSocketAddrFormat(&ip->address))) - return -1; + goto error; =20 virCommandAddArgList(cmd, "--address", addr, NULL); =20 @@ -231,14 +256,14 @@ qemuPasstStart(virDomainObj *vm, /* validation guarantees this will never happen */ virReportError(VIR_ERR_INTERNAL_ERROR, _("Invalid portForward proto value %1$u"), pf->= proto); - return -1; + goto error; } =20 if (VIR_SOCKET_ADDR_VALID(&pf->address)) { g_autofree char *addr =3D NULL; =20 if (!(addr =3D virSocketAddrFormat(&pf->address))) - return -1; + goto error; =20 virBufferAddStr(&buf, addr); emitsep =3D true; @@ -284,7 +309,7 @@ qemuPasstStart(virDomainObj *vm, =20 =20 if (qemuExtDeviceLogCommand(driver, vm, cmd, "passt") < 0) - return -1; + goto error; =20 if (qemuSecurityCommandRun(driver, vm, cmd, -1, -1, true, NULL) < 0) goto error; @@ -292,6 +317,11 @@ qemuPasstStart(virDomainObj *vm, return 0; =20 error: + if (needUnlink && unlink(net->backend.logFile) < 0) { + VIR_WARN("Unable to unlink '%s': %s", + net->backend.logFile, g_strerror(errno)); + } + qemuPasstKill(pidfile, passtSocketName); return -1; } --=20 2.39.3 From nobody Sat Feb 7 14:39:27 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1686557722; cv=none; d=zohomail.com; s=zohoarc; b=aESCg59o39qLUietkZDAbUuEIw16iZD0JVgt3E9w4KhJQOKVwqv0Rgqecd0vInHN8lEPJKHWDaDD424Bcr0L0nB8L7avDotATOTe8L95zx1QQRY7Pq5/sJdSr8vopFjaUwBePTlwwAjEy38RihnOZFPgtlBcU9vvf56G81kUhgY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686557722; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=eqhry8J2EVLKmniwyfgYkv6fv3G9sVC+yha4L4qD0y8=; b=AmhobcVDC5+i0D1fIqSN6MS9Rwlc0Q+yDS/eYJhGjOJlfQZQhwmUcYvwFRnfON6n+bj7joG9gHnYRlM8UgAPo9r8blwvUELoq1TwpNe6tgNHRN7hGmLcImyxlha0lzLQyKMXQ1JiCchv9s5tQ79x5VvM4lGray9ElEUE0xcP0dY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1686557722144586.8635856861382; Mon, 12 Jun 2023 01:15:22 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-59-g8F7REWfNu-FeyPHGt7eVA-1; Mon, 12 Jun 2023 04:15:16 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B022B1C00B8E; Mon, 12 Jun 2023 08:15:13 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8B5792166B2A; Mon, 12 Jun 2023 08:15:13 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 433091946A44; Mon, 12 Jun 2023 08:15:13 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 3BF6D19465B1 for ; Mon, 12 Jun 2023 08:15:12 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 101E6492CAD; Mon, 12 Jun 2023 08:15:12 +0000 (UTC) Received: from localhost.localdomain (unknown [10.43.2.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id AB634492CA6 for ; Mon, 12 Jun 2023 08:15:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1686557720; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=eqhry8J2EVLKmniwyfgYkv6fv3G9sVC+yha4L4qD0y8=; b=OL1K//l0ykkI1BgUy3/NSYKb9W/BDetFocbgn4svwPdcEIYwQtnt7RQx5+ikueQ3bW2aIG I8p3TByXRfDqIC7XifMsLoIGvmdCyS57AX9RUOC45JXSb7QR2qlMYSb4dxtG0/AxCqgyZm nTF5Vsjyq4E23gYHEQUVVkr16XDYFRA= X-MC-Unique: g8F7REWfNu-FeyPHGt7eVA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 2/2] docs: Move passt log file in our example XML Date: Mon, 12 Jun 2023 10:15:09 +0200 Message-Id: <9175387a6e751f32e9c9c3debb1f4d356e2c63f0.1686557664.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1686557732765100001 Content-Type: text/plain; charset="utf-8"; x-default="true" In our passt example XML we use /var/log/passt.log as path to the log file. This is not optimal, because in case of unprivileged daemon, neither libvirt nor passt has enough permissions to create the file. Let's move the file under /tmp. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- docs/formatdomain.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index c3526439bf..ec154605fc 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -4896,7 +4896,7 @@ ports **with the exception of some subset**. ... - + --=20 2.39.3