From nobody Mon Sep 8 21:40:31 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1747667937; cv=none; d=zohomail.com; s=zohoarc; b=FJL+R3frK97nfHvlbIg9E/EA17ykOwoMJNXLN1n/lyHQfpkiM0JUAlgUxeYp4d4HnyTmBvITisWinS2TfKQSbMh24SOWiCrqX4+Z279uI5jv2UOT0FF9Ef1pb6+c5NyIGfmBihWtRQJQR4kZdV3DPJRIAurztvC2ig73gY/lcdE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1747667937; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc; bh=FglzbT/jiuL/FdvVncAWvbE17navhTANycQf40VHpw0=; b=SVXiczTs7TcaFt/J7zjm6QSqRmk/3UJMFFRHMQRgGm9mI9GZNx3Pk17XeuF0v4R7AmJWCdmhG+PdlnNtlbWozuwznBe6ywnOsZ4c9GvxcsIosPG18jZdKGa9vjtZGfVM4l/8rWjR08q2RHn0bc1NNZ/MeIsAWaGJLDjIkcECMX4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1747667937916924.022816252242; Mon, 19 May 2025 08:18:57 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id E4C6215C7; Mon, 19 May 2025 11:18:56 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 0890F16B0; Mon, 19 May 2025 11:18:24 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 1586B1292; Mon, 19 May 2025 11:18:20 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id AAA0913FD for ; Mon, 19 May 2025 11:18:19 -0400 (EDT) Received: from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-610-w2GmCGSwOj2p4sdquwpQ_A-1; Mon, 19 May 2025 11:18:18 -0400 Received: from mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.111]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 4B5A11801A10 for ; Mon, 19 May 2025 15:18:17 +0000 (UTC) Received: from speedmetal.lan (unknown [10.44.22.37]) by mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 7EA1618003FC for ; Mon, 19 May 2025 15:18:16 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H5, RCVD_IN_MSPIKE_WL,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1747667899; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=I/c+q7n5XT2Yh5sK/pOCE0WndqFFIOdDpERQqxzG0kU=; b=YPXcLltA0TFKWlbPwRP+Vj7hRkkKdaZ6pZKuqZKXZw116baKkvALROLhWICqCbOC3R5qTZ 4jeS0GfPjKspwk1VPx9u0c4AY0bTHKL9EAn7Fc/Hu2cI0IMOO4oNecKBxJCvQeURFiGqJj 92+Ild8iK+5HTF+72mCGaXkpyqiCbCo= X-MC-Unique: w2GmCGSwOj2p4sdquwpQ_A-1 X-Mimecast-MFC-AGG-ID: w2GmCGSwOj2p4sdquwpQ_A_1747667897 To: devel@lists.libvirt.org Subject: [PATCH 1/3] qemuBackupPrepare: Actually allow 'VIR_STORAGE_NET_HOST_TRANS_FD' Date: Mon, 19 May 2025 17:18:11 +0200 Message-ID: <908a48b002646328bcbca28af5a22c06a9ae7a40.1747667845.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.111 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: MOwHybSeNSfy5O2_iR8iMnMzkSghnFoxlXFTv9fo5Hk_1747667897 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: PPQDUJ5E4JRV6ZW3KIZIRDSXBAGRVQ24 X-Message-ID-Hash: PPQDUJ5E4JRV6ZW3KIZIRDSXBAGRVQ24 X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: From: Peter Krempa via Devel Reply-To: Peter Krempa X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1747667939368116600 Content-Type: text/plain; charset="utf-8" From: Peter Krempa While I've actually implemented support for FD passing the NBD server socket in eb768a556db I managed to misplace the hunk allowing the 'FD' transport in the validation code, rendering the whole feature useless. Fix the validation logic to make the feature useful. Fixes: eb768a556db75040f7b518d198a18bd0f5d6faad Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_backup.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_backup.c b/src/qemu/qemu_backup.c index f6ee31dc2a..fb3558d280 100644 --- a/src/qemu/qemu_backup.c +++ b/src/qemu/qemu_backup.c @@ -86,8 +86,10 @@ qemuBackupPrepare(virDomainBackupDef *def) /* TODO: Do we need to mess with selinux? */ break; - case VIR_STORAGE_NET_HOST_TRANS_RDMA: case VIR_STORAGE_NET_HOST_TRANS_FD: + break; + + case VIR_STORAGE_NET_HOST_TRANS_RDMA: case VIR_STORAGE_NET_HOST_TRANS_LAST: virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("unexpected transport in ")); --=20 2.49.0 From nobody Mon Sep 8 21:40:31 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1747667954; cv=none; d=zohomail.com; s=zohoarc; b=Z4biP2SZFCUXqlS+fWP5J99UPtFwKRQcnSONUKiIsdiGJ3kUghp2aA+NGngdq4s/qhboBsHv7Df4+Ja5DA+szkons5KoRy9/bKq62W38NZ6eKsNUJ4b8G779iAQp1FaZD7TvnfNciIAKTsTjPW7c/jhufnx8RDtGUty8MdL64Cw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1747667954; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc; bh=qlMHZPMar7xY3TdOemzOhvDDei8AC0Ghxm6hqWKa/aQ=; b=cYgWsSIUAEubBM08WftKUIyn6z7lJwPuvggGixoBLyrgZnARhrkHF6rMT8M5AFr5cOgXqHzTifdz8haWM3oWdn7X30vSV9a6To3I2L795bU8feXyDe2DtXygZd9y0xgRFltA3GIQYvR6yVXipYHMMcOeFnB8AA0XYFpnmZlxfgY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1747667954886482.67773077922993; Mon, 19 May 2025 08:19:14 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id E48CE16F9; Mon, 19 May 2025 11:19:13 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id E68CF1752; Mon, 19 May 2025 11:18:26 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id D0E1B1401; Mon, 19 May 2025 11:18:21 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 5D0B713FD for ; Mon, 19 May 2025 11:18:21 -0400 (EDT) Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-486-klk-rN5kOoSSe8W4i9ag1g-1; Mon, 19 May 2025 11:18:19 -0400 Received: from mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.111]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id A240F1956086 for ; Mon, 19 May 2025 15:18:18 +0000 (UTC) Received: from speedmetal.lan (unknown [10.44.22.37]) by mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id D453918003FC for ; Mon, 19 May 2025 15:18:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H5, RCVD_IN_MSPIKE_WL,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1747667901; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=43WMkpMwikr+ssPkCNhQlQjGeSOK1iukx1sw17zYWGs=; b=WrGR9RkiwCVvQdLgLHV51BykFzqcKuQt1cHtO2nSFUikslEpLmqGxvgOe5apdRdDgUhuy2 QolUSew/X3Oc183DsjvJ1VU3cGROwQ3FFiVFI230pFJO4MSEqeEzuMCat2R645/8YtFqLq PIpt3uw9WMv24U74nRUr0ovzFZ5iRtg= X-MC-Unique: klk-rN5kOoSSe8W4i9ag1g-1 X-Mimecast-MFC-AGG-ID: klk-rN5kOoSSe8W4i9ag1g_1747667898 To: devel@lists.libvirt.org Subject: [PATCH 2/3] docs: backup: Hint at proper selinux labelling of the FD-passed NBD socket Date: Mon, 19 May 2025 17:18:12 +0200 Message-ID: <5d839af05b8850105a9c856455c4fddb6c4e3d24.1747667845.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.111 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: vO-Twu23xxlWP_5LpFx1gaChEa15bnJA3UCDNyMJUcU_1747667898 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: IDCUTDHH4MNN33FO455OAVHLA5RXUWR6 X-Message-ID-Hash: IDCUTDHH4MNN33FO455OAVHLA5RXUWR6 X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: From: Peter Krempa via Devel Reply-To: Peter Krempa X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1747667955541116600 Content-Type: text/plain; charset="utf-8" From: Peter Krempa In case selinux is used on the host the socket passed to qemu needs to be properly labelled. Add a hint to the example code. Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- docs/formatbackup.rst | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/formatbackup.rst b/docs/formatbackup.rst index 155a45a22f..df6392e3bd 100644 --- a/docs/formatbackup.rst +++ b/docs/formatbackup.rst @@ -53,6 +53,10 @@ were supplied). The following child elements and attribu= tes are supported: import socket import libvirt + import selinux + + # Optionally setup selinux context for the socket if the distro uses = it + # selinux.setsockcreatecon_raw("system_u:object_r:svirt_t:s0") s =3D socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) s.bind("/path/to/socket") --=20 2.49.0 From nobody Mon Sep 8 21:40:31 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1747667979; cv=none; d=zohomail.com; s=zohoarc; b=M4SHAxFfwPk1c4nb8Jg9Ym6FCaWqj0e5v3qjNujSkgV5RPqnaD2mG0qP0oTUeP9R4kIobvvUcKAlUd/vLI1obWBUGgBWv6m0yg9htXNfyxm4jdK1pHU9io93DXIZR+Uz/GBdjo15JHhnRz27km2zrf45kkV2ayGxkxgEFC5h6cQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1747667979; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc; bh=MqZ9reN/mh7MUE9q6ekaQ3H9P8RjhLyfcaqcN5WKN/I=; b=l72lOZwQCDVqDOrGPGHyYZvr8+Flgapt3tGIpzyzErkjGfj6VOB04k+XdB2/DViFfC2QZdWhSybbKBRvlrgx5uCVtF+iquHBYdau4HEgZxojBUDYGBHyBHAQAc2vsit36kk56eqBCfprbe5gj1KTQQL1bowY8eDOhO6O1+V0Pw4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1747667979026719.0728524806649; Mon, 19 May 2025 08:19:39 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 14A2E140E; Mon, 19 May 2025 11:19:38 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 36093178B; Mon, 19 May 2025 11:18:32 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id BE20D15E4; Mon, 19 May 2025 11:18:27 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 9029415A1 for ; Mon, 19 May 2025 11:18:22 -0400 (EDT) Received: from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-553-N70xkhZ5MBuTPIhrDYDQOw-1; Mon, 19 May 2025 11:18:20 -0400 Received: from mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.111]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id E4FAF180036F for ; Mon, 19 May 2025 15:18:19 +0000 (UTC) Received: from speedmetal.lan (unknown [10.44.22.37]) by mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 2DB0F18003FC for ; Mon, 19 May 2025 15:18:18 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H5, RCVD_IN_MSPIKE_WL,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1747667902; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=9o3dJGEv24A8BYcV8tKzHw4krPC3QK9i5vPwCX4a9mo=; b=KzCAVrL2rFfqzgUARrXHTM18h/8d/fT9tUD/Y1qbRGQYYBZWFtkKfwW80ZZYsDpBFRFsbD 3cDCsLLzAZlq9lOrZLH0u1QzS6gpf5ZoADEDm77rMdRAV8Wa2a0UgIGgqn02g0ZJO7hI+n WyU+Zly4Ici8DXShr2xM7FG78X3rMsw= X-MC-Unique: N70xkhZ5MBuTPIhrDYDQOw-1 X-Mimecast-MFC-AGG-ID: N70xkhZ5MBuTPIhrDYDQOw_1747667900 To: devel@lists.libvirt.org Subject: [PATCH 3/3] qemu: fd: Log information about passed file descriptor Date: Mon, 19 May 2025 17:18:13 +0200 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.111 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: jLZ-V6GyVPgdtjQw8QXIztEzn3LBaiFZOi0DiUWbtQc_1747667900 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: RYWVOACJEUFI67ISEDZLRV3YXN5S42RE X-Message-ID-Hash: RYWVOACJEUFI67ISEDZLRV3YXN5S42RE X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: From: Peter Krempa via Devel Reply-To: Peter Krempa X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1747667979793116600 Content-Type: text/plain; charset="utf-8" From: Peter Krempa Log information (type, label, etc) about FDs passed to qemu via APIs from this module. This does "spill" the selinux library code into this module, but acessing it via the security driver would require passing much more context to this module. Since it's for logging only it can be easily removed if necessary. Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_fd.c | 62 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) diff --git a/src/qemu/qemu_fd.c b/src/qemu/qemu_fd.c index 333f9b128e..ef0a8d8127 100644 --- a/src/qemu/qemu_fd.c +++ b/src/qemu/qemu_fd.c @@ -25,6 +25,11 @@ #include "virfile.h" #include "virlog.h" +/* Used strictly for logging selinux context of passed FD */ +#ifdef WITH_SECDRIVER_SELINUX +# include +#endif + #define VIR_FROM_THIS VIR_FROM_QEMU VIR_LOG_INIT("qemu.qemu_fd"); @@ -44,6 +49,56 @@ struct _qemuFDPass { }; +static void +qemuFDPassLogFDInfo(const char *name, + size_t idx, + int fd) +{ + struct stat st; + const char *type =3D "error"; + g_autofree char *selinux =3D NULL; + g_autofree char *tmp =3D NULL; + + if (fstat(fd, &st) =3D=3D 0) { + switch (st.st_mode & S_IFMT) { + case S_IFBLK: + type =3D "block"; + break; + case S_IFCHR: + type =3D "char"; + break; + case S_IFDIR: + type =3D "directory"; + break; + case S_IFIFO: + type =3D "pipe"; + break; + case S_IFLNK: + type =3D "symlink"; + break; + case S_IFREG: + type =3D "file"; + break; + case S_IFSOCK: + type =3D "socket"; + break; + default: + type =3D tmp =3D g_strdup_printf("unknown:'0x%x')", st.st_m= ode & S_IFMT); + break; + } + } + +#ifdef WITH_SECDRIVER_SELINUX + ignore_value(fgetfilecon_raw(fd, &selinux)); +#else + selinux =3D g_strdup("N/A"); +#endif + + VIR_DEBUG("passing fd:'%i', name:'%s'(%zu) type:'%s' selinux:'%s'", + fd, name, idx, type, selinux); +} + + void qemuFDPassFree(qemuFDPass *fdpass) { @@ -234,6 +289,8 @@ qemuFDPassTransferCommand(qemuFDPass *fdpass, fdpass->fds[i].fd, fdpass->fds[i].opaque); + qemuFDPassLogFDInfo(fdpass->fds[i].opaque, i, fdpass->fds[i].fd); + virCommandPassFD(cmd, fdpass->fds[i].fd, VIR_COMMAND_PASS_FD_CLOSE= _PARENT); fdpass->fds[i].fd =3D -1; virCommandAddArgList(cmd, "-add-fd", arg, NULL); @@ -274,6 +331,8 @@ qemuFDPassTransferMonitor(qemuFDPass *fdpass, } for (i =3D 0; i < fdpass->nfds; i++) { + qemuFDPassLogFDInfo(fdpass->fds[i].opaque, i, fdpass->fds[i].fd); + if (qemuMonitorAddFileHandleToSet(mon, fdpass->fds[i].fd, fdpass->fdSetID, @@ -381,6 +440,7 @@ qemuFDPassDirectTransferCommand(qemuFDPassDirect *fdpas= s, if (!fdpass) return; + qemuFDPassLogFDInfo(fdpass->name, 0, fdpass->fd); virCommandPassFD(cmd, fdpass->fd, VIR_COMMAND_PASS_FD_CLOSE_PARENT); g_free(fdpass->name); fdpass->name =3D g_strdup_printf("%d", fdpass->fd); @@ -403,6 +463,8 @@ qemuFDPassDirectTransferMonitor(qemuFDPassDirect *fdpas= s, if (!fdpass) return 0; + qemuFDPassLogFDInfo(fdpass->name, 0, fdpass->fd); + if (qemuMonitorSendFileHandle(mon, fdpass->name, fdpass->fd) < 0) return -1; --=20 2.49.0