From nobody Sun Feb 8 23:37:00 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595411038; cv=none; d=zohomail.com; s=zohoarc; b=CJ+aN7h4UUaFV8CyknHAvDrZ054UnlJPxi0p79vdcX8W4BufbJGF4ln9vBlUKbX6eonDxV2Wd4Et7p6LuPcYSPlQ0NbyJjzPv/Ib8y46Dht8Pg0dAtYzzNG6sx+m5oYeT+0ybQXjWk4p/Iorwz/mN7wlAl0+Q3wNUS2rsmHHlpE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595411038; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=/VhzEqzfScA/lDD1KAT9KVj9I3/RAuhL9HoNYUGKl0w=; b=nrLE0c9nztVX47gLgE/hq1xw6nR4B2KLas9wjVOtJZDVoHsituV+Futzbl3jFXjlu6LO2wC6rXkq0wzaLf6VKsMFff2HO/SirgNPj7tZ1ba7lvaUno1OjYKNl+VG5wfMcJzLJzeAz0N1bapBvbo3BWdcGLciymWK+H0ZgD7zhlo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 1595411038866141.37867817996016; Wed, 22 Jul 2020 02:43:58 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-297-Djs8CgI1PgSxTQlpeaezTg-1; Wed, 22 Jul 2020 05:43:54 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 6846B100CCC2; Wed, 22 Jul 2020 09:43:48 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 470E760C05; Wed, 22 Jul 2020 09:43:48 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 14FFB730EE; Wed, 22 Jul 2020 09:43:48 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06M9ea8J000812 for ; Wed, 22 Jul 2020 05:40:36 -0400 Received: by smtp.corp.redhat.com (Postfix) id 63DED2B6DB; Wed, 22 Jul 2020 09:40:36 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.120]) by smtp.corp.redhat.com (Postfix) with ESMTP id D6A661A8F7 for ; Wed, 22 Jul 2020 09:40:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595411037; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=/VhzEqzfScA/lDD1KAT9KVj9I3/RAuhL9HoNYUGKl0w=; b=Uk28USoMNcituRG9xLNj3TRp8xHNCzYtUP4zLHX0GJ91z2zz46PpHO+uMMtlWoQmOi2Lnh Rd5Op8ZPaMFuLA6DT0hVClD328f5LoQPcXAFzpZf3i7+DBqY0f36+9hHHZd/1DFX+YRhXO pY6l82ljNQFeQjvh7R+2aD+7EJDJAI0= X-MC-Unique: Djs8CgI1PgSxTQlpeaezTg-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH v1 01/34] virDevMapperGetTargetsImpl: Close /dev/mapper/control in the end Date: Wed, 22 Jul 2020 11:39:55 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" When building domain's private /dev in a namespace, libdevmapper is consulted for getting full dependency tree of domain's disks. The reason is that for a multipath devices all dependent devices must be created in the namespace and allowed in CGroups. However, this approach is very fragile as building of namespace happens in the forked off child process, after mass close of FDs and just before dropping privileges and execing QEMU. And it so happens that when calling libdevmapper APIs, one of them opens /dev/mapper/control and saves the FD into a global variable. The FD is kept open until the lib is unlinked or dm_lib_release() is called explicitly. We are doing neither. This is not a problem when calling the function from libvirtd (when setting up CGroups), but it is a problem when called from the pre-exec hook because we leak the FD into QEMU. Fixes: a30078cb832646177defd256e77c632905f1e6d0 Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=3D1858260 Signed-off-by: Michal Privoznik --- src/util/virdevmapper.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/util/virdevmapper.c b/src/util/virdevmapper.c index 40a82285f9..1c216fb6c1 100644 --- a/src/util/virdevmapper.c +++ b/src/util/virdevmapper.c @@ -156,6 +156,7 @@ virDevMapperGetTargetsImpl(const char *path, virStringListFree(recursiveDevPaths); virStringListFree(devPaths); dm_task_destroy(dmt); + dm_lib_release(); return ret; } =20 --=20 2.26.2