From nobody Sun May 19 20:02:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1690900813; cv=none; d=zohomail.com; s=zohoarc; b=QMbqJPLtPwXxfcaq5wNbyrczXVgomOro6AHsJWIevBK/XVef0jdG5R56ljua5H/I97cyRAkasabQL8lHhskl4pcqZNsLQfdQyAM522YkRnsGKxFshlO2KScYJTYPUhDqsYuRfLd1ShYwFbIz8YPRgxmikqNquN3Qaaw8cviLKx4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1690900813; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=DEin028tRU5JTxsHBb27Z1cGpxwY2ONMJ49tqbE4AbA=; b=iimHuYTrBgf/9ThI4IP/tNidDIwmgIy6/kW44CPhMBvuNSyfVNkqnixhPqxWGQ4Yu7veVg5sm2ll9RFEQwY3Pq7ZDiBgDz3Uwa8t2w5X9K5apRWB5F/epqBJnuIR1gpBTcJxAynjopT/xvG4Y5twF6LRndGDiDaQ4mQ5g2KCnwE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 16909008134814.073523727351358; Tue, 1 Aug 2023 07:40:13 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-3-NpsQejMmNYWJE0pid78KwQ-1; Tue, 01 Aug 2023 10:40:01 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 73EA2856F67; Tue, 1 Aug 2023 14:39:51 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 054F3C57965; Tue, 1 Aug 2023 14:39:51 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id CA6321946A79; Tue, 1 Aug 2023 14:39:50 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 21F7B1946A41 for ; Tue, 1 Aug 2023 14:33:48 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 047012017DC6; Tue, 1 Aug 2023 14:33:48 +0000 (UTC) Received: from localhost.localdomain (unknown [10.43.2.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9FC1D200A7CA for ; Tue, 1 Aug 2023 14:33:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1690900812; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=DEin028tRU5JTxsHBb27Z1cGpxwY2ONMJ49tqbE4AbA=; b=Ur0oxll5Po0sYKDSemmxWxDnfRjToyB9DAbpYhklHKqdqFFvdGAVAjjc10Vrolwh0BZoZ9 AEareFKyqqTf3OAA3V6ZX9aDjrCeIixAM98eWODwdJJdJSR71C4ykblEVN0tvDGeTdH3Ig wbIX2cNTUBOzHsn2RbgWDXidyIkb8iw= X-MC-Unique: NpsQejMmNYWJE0pid78KwQ-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 1/2] Revert "qemu_passt: Actually use @logfd" Date: Tue, 1 Aug 2023 16:33:42 +0200 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1690900814117100001 Content-Type: text/plain; charset="utf-8"; x-default="true" This reverts commit 83686f1eea1a001a37a92f2c054ffb2689c43a40. This is needed only so that the next revert is clean. Signed-off-by: Michal Privoznik Reviewed-by: Martin Kletzander --- src/qemu/qemu_passt.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_passt.c b/src/qemu/qemu_passt.c index 3679bf75fc..25b22d8ad9 100644 --- a/src/qemu/qemu_passt.c +++ b/src/qemu/qemu_passt.c @@ -204,9 +204,9 @@ qemuPasstStart(virDomainObj *vm, /* The logFile location is not restricted to a per-domain director= y. It * can be anywhere. Pre-create it as passt may not have enough per= ms to * do so. */ - if ((logfd =3D qemuDomainOpenFile(cfg, vm->def, net->backend.logFi= le, - O_CREAT | O_TRUNC | O_APPEND | O_R= DWR, - &needUnlink)) < 0) { + if (qemuDomainOpenFile(cfg, vm->def, net->backend.logFile, + O_CREAT | O_TRUNC | O_APPEND | O_RDWR, + &needUnlink) < 0) { return -1; } =20 --=20 2.41.0 From nobody Sun May 19 20:02:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1690901137; cv=none; d=zohomail.com; s=zohoarc; b=gCcLYpdQBIhsOHEzVRWRowQsQxth6DG8/b6uE12nIlKntrcCD779b+IMNgjsHso9lmO5Z9WC+MkdoVXwmmtJJBtWlq6HJjnToPH5f2xzIhhIRd8fE4/YGfOgbUh43LflLhW9643b0KPf50ZQVJFwp9azbCgBQXhSzpoKp9t/3x8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1690901137; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=rAa8V+YpwBYzdQGe1u8DWg93tsV0sUhfucmImHput1o=; b=SVAy74iaC9TD6suuWQSBwYuPGpPsZ3QtqLXc5RaSPebA5aLCLmz//0+QSRNcUZDAo00Sc0IJXEHFngkm/pVjNKjwg8sEdrzpANozq7uPFJ2Y+oazY7v+Xa6VKj+Z9BP1ouWY9KbtfUAf18L/43BwuJREdjyEh3GsNSzBTXrIpLw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1690901137959507.6227409276786; Tue, 1 Aug 2023 07:45:37 -0700 (PDT) Received: from mimecast-mx02.redhat.com (66.187.233.73 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-342-lL5RpLOyPs6KzhR9Ca5JIw-1; Tue, 01 Aug 2023 10:45:31 -0400 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B98A61C31C62; Tue, 1 Aug 2023 14:45:28 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 35B064A9004; Tue, 1 Aug 2023 14:45:28 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 3B5381946A79; Tue, 1 Aug 2023 14:45:18 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id B096C1946A41 for ; Tue, 1 Aug 2023 14:33:48 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 93BCC200A7CA; Tue, 1 Aug 2023 14:33:48 +0000 (UTC) Received: from localhost.localdomain (unknown [10.43.2.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3B6A32017DC6 for ; Tue, 1 Aug 2023 14:33:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1690901137; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=rAa8V+YpwBYzdQGe1u8DWg93tsV0sUhfucmImHput1o=; b=gEUnG2+UxbG0sxv6HAYhQQHwyvU04Cv4V7ak+xBZFL6Rm7nspVPRgQUGFidUVGQ9evdNej JUa2v0Sl8tE1MbnxGd2Y4eXHuGH+UIzM7aRki0Tyo+BADVqQW/t99/H6lxGnpDWp3oHZBt dq5GQxiv4T+CgJxr5mq/1xKPwyggWCs= X-MC-Unique: lL5RpLOyPs6KzhR9Ca5JIw-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 2/2] Revert "qemu_passt: Precreate passt logfile" Date: Tue, 1 Aug 2023 16:33:43 +0200 Message-ID: <627ff9c869ed1c5fc66f69f2c6ac64c5195a34da.1690900388.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.10 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1690901139179100003 Content-Type: text/plain; charset="utf-8"; x-default="true" This reverts commit 8511b96a319836700b4829816cdae27c3630060d. Turns out, we need to do a bit more than just plain qemuSecurityDomainSetPathLabel() which sets svirt_image_t. Passt has its own SELinux policy and as a part of that they invent passt_log_t for log files. Right now, I don't know how libvirt could query that and even if I did, passt SELinux policy would need to permit relabelling from svirt_t to passt_log_t, which it doesn't [1]. Until these problems are addressed we shouldn't be pre-creating the file as it puts users into way worse position - even scenarios that used to work don't work. But then again - using log file for passt is usually valuable for developers only and not regular users. 1: https://bugzilla.redhat.com/show_bug.cgi?id=3D2209191#c10 Signed-off-by: Michal Privoznik Reviewed-by: Martin Kletzander --- src/qemu/qemu_passt.c | 40 +++++----------------------------------- 1 file changed, 5 insertions(+), 35 deletions(-) diff --git a/src/qemu/qemu_passt.c b/src/qemu/qemu_passt.c index 25b22d8ad9..99636a3a49 100644 --- a/src/qemu/qemu_passt.c +++ b/src/qemu/qemu_passt.c @@ -20,8 +20,6 @@ =20 #include =20 -#include - #include "qemu_dbus.h" #include "qemu_extdevice.h" #include "qemu_security.h" @@ -138,13 +136,9 @@ void qemuPasstStop(virDomainObj *vm, virDomainNetDef *net) { - qemuDomainObjPrivate *priv =3D vm->privateData; - virQEMUDriver *driver =3D priv->driver; g_autofree char *pidfile =3D qemuPasstCreatePidFilename(vm, net); g_autofree char *passtSocketName =3D qemuPasstCreateSocketPath(vm, net= ); =20 - qemuSecurityDomainRestorePathLabel(driver, vm, net->backend.logFile); - qemuPasstKill(pidfile, passtSocketName); } =20 @@ -172,12 +166,10 @@ qemuPasstStart(virDomainObj *vm, { qemuDomainObjPrivate *priv =3D vm->privateData; virQEMUDriver *driver =3D priv->driver; - g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); g_autofree char *passtSocketName =3D qemuPasstCreateSocketPath(vm, net= ); g_autoptr(virCommand) cmd =3D NULL; g_autofree char *pidfile =3D qemuPasstCreatePidFilename(vm, net); char macaddr[VIR_MAC_STRING_BUFLEN]; - bool needUnlink =3D false; size_t i; =20 cmd =3D virCommandNew(PASST); @@ -199,25 +191,8 @@ qemuPasstStart(virDomainObj *vm, if (net->sourceDev) virCommandAddArgList(cmd, "--interface", net->sourceDev, NULL); =20 - if (net->backend.logFile) { - VIR_AUTOCLOSE logfd =3D -1; - /* The logFile location is not restricted to a per-domain director= y. It - * can be anywhere. Pre-create it as passt may not have enough per= ms to - * do so. */ - if (qemuDomainOpenFile(cfg, vm->def, net->backend.logFile, - O_CREAT | O_TRUNC | O_APPEND | O_RDWR, - &needUnlink) < 0) { - return -1; - } - - if (qemuSecurityDomainSetPathLabel(driver, vm, - net->backend.logFile, false) < = 0) { - goto error; - } - - /* Worse, passt deliberately doesn't support FD passing. */ + if (net->backend.logFile) virCommandAddArgList(cmd, "--log-file", net->backend.logFile, NULL= ); - } =20 /* Add IP address info */ for (i =3D 0; i < net->guestIP.nips; i++) { @@ -228,7 +203,7 @@ qemuPasstStart(virDomainObj *vm, * a single IPv4 and single IPv6 address */ if (!(addr =3D virSocketAddrFormat(&ip->address))) - goto error; + return -1; =20 virCommandAddArgList(cmd, "--address", addr, NULL); =20 @@ -256,14 +231,14 @@ qemuPasstStart(virDomainObj *vm, /* validation guarantees this will never happen */ virReportError(VIR_ERR_INTERNAL_ERROR, _("Invalid portForward proto value %1$u"), pf->= proto); - goto error; + return -1; } =20 if (VIR_SOCKET_ADDR_VALID(&pf->address)) { g_autofree char *addr =3D NULL; =20 if (!(addr =3D virSocketAddrFormat(&pf->address))) - goto error; + return -1; =20 virBufferAddStr(&buf, addr); emitsep =3D true; @@ -309,7 +284,7 @@ qemuPasstStart(virDomainObj *vm, =20 =20 if (qemuExtDeviceLogCommand(driver, vm, cmd, "passt") < 0) - goto error; + return -1; =20 if (qemuSecurityCommandRun(driver, vm, cmd, -1, -1, true, NULL) < 0) goto error; @@ -317,11 +292,6 @@ qemuPasstStart(virDomainObj *vm, return 0; =20 error: - if (needUnlink && unlink(net->backend.logFile) < 0) { - VIR_WARN("Unable to unlink '%s': %s", - net->backend.logFile, g_strerror(errno)); - } - qemuPasstKill(pidfile, passtSocketName); return -1; } --=20 2.41.0