From nobody Sun Apr 12 07:20:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1771237868; cv=none; d=zohomail.com; s=zohoarc; b=J/rbVRP4k6D++UmH84tngaj6uiOsW5DXg15a7Ryp0rsybUhi+NhY1V1QD2xeIklolS3ubj9pGYNPkb7CE05COsuJpvG/tLwhJ2EREwU3/3I6A+F7WbupQ7cXLY6u5Sq8DrojyqGfL0JEYtXUgMM6mn6SP8FEbBu8TypmtSskS6M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1771237868; h=Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To:Cc; bh=rrHCY5KX91VDIK/7DELWtkdibSPQHxJxeU1/Q0fsMT0=; b=h3UYmqV639ZGM8gtj9GwP9W4HowgXbIz+CeE0EM5FLhEqcu5uHGW/EIiUqlvBp2KmCDzeoIgjFt0oUQ8QxArx0ztiNbvvsBlinQbvyGeVyf12L1fxKVRIiOoULw/+ZcDNFepBdpAWMCyml5VZWcIHsVCssxlr2U/4zOlotPVjDc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1771237868495607.5983514502775; Mon, 16 Feb 2026 02:31:08 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vrvrt-0005xZ-3l; Mon, 16 Feb 2026 05:30:17 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vrvrp-0005wz-D5 for qemu-devel@nongnu.org; Mon, 16 Feb 2026 05:30:14 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vrvrj-0006tK-7N for qemu-devel@nongnu.org; Mon, 16 Feb 2026 05:30:09 -0500 Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-503-0eOSy0isOOeg5D-Nk9onkQ-1; Mon, 16 Feb 2026 05:30:03 -0500 Received: from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 53DFC1955D7A; Mon, 16 Feb 2026 10:30:02 +0000 (UTC) Received: from srv1.redhat.com (unknown [10.44.32.156]) by mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 2009F1800465; Mon, 16 Feb 2026 10:30:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1771237805; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rrHCY5KX91VDIK/7DELWtkdibSPQHxJxeU1/Q0fsMT0=; b=Cr7pj1VmvsJPAc9VWxbeW6sB1oNexqUBddcqqEX8/5y7ne2lOHySpb1XEJr6+Ab+rTVROB pSRl3ja8roHJDABZ+7NBZRnwCB3m3LvKrWbFEFBalsV8m6KEQfV6ArB+Hm84l5AmRe7BVf pxiN+hzrWzLO3izchRuJSSpYoSmEzBg= X-MC-Unique: 0eOSy0isOOeg5D-Nk9onkQ-1 X-Mimecast-MFC-AGG-ID: 0eOSy0isOOeg5D-Nk9onkQ_1771237802 From: Kostiantyn Kostiuk To: qemu-devel@nongnu.org, Peter Maydell , Richard Henderson Subject: [PULL 4/5] qga: Move CoInitialize/CoInitializeSecurity to main process thread Date: Mon, 16 Feb 2026 12:29:50 +0200 Message-ID: <20260216102951.150381-5-kkostiuk@redhat.com> In-Reply-To: <20260216102951.150381-1-kkostiuk@redhat.com> References: <20260216102951.150381-1-kkostiuk@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.93 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=kkostiuk@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1771237871699154100 Content-Type: text/plain; charset="utf-8" From: Elizabeth Ashurov Problem: Two issues with COM initialization: Issue #1: Incorrect call order - requester_init() called CoInitializeSecurity first - Per Microsoft documentation, CoInitialize() must be called BEFORE CoInitializeSecurity() Issue #2: Incorrect call location - CoInitializeSecurity was called from dll instead of the main process - Per Microsoft documentation, CoInitializeSecurity() must be called exactl= y once per process from the main executable, not from a DLL Reference: https://learn.microsoft.com/en-us/windows/win32/api/combaseapi/nf-combaseap= i-coinitializesecurity https://learn.microsoft.com/en-us/windows/win32/api/objbase/nf-objbase-coin= itialize This caused incorrect COM initialization, preventing VSS Writers from calling back via IVssWriterCallback (hr =3D 0x80070005, Access denied, Event ID 8194). Fix: - Initialize COM in main.c for both service and CLI modes - Call CoInitialize() followed by CoInitializeSecurity() in correct order in the main thread before any VSS operations - Add proper CoUninitialize() cleanup Result: VSS Writers can now successfully call back to the agent. Event ID 8194 error is resolved. Signed-off-by: Elizabeth Ashurov Reviewed-by: Kostiantyn Kostiuk Tested-by: Dehan Meng Link: https://lore.kernel.org/qemu-devel/20260211101744.757548-1-eashurov@r= edhat.com Signed-off-by: Kostiantyn Kostiuk --- qga/main.c | 42 +++++++++++++++++++++++++++++++++++++ qga/vss-win32/requester.cpp | 13 ------------ 2 files changed, 42 insertions(+), 13 deletions(-) diff --git a/qga/main.c b/qga/main.c index dd1c216f9a..fd19c7037d 100644 --- a/qga/main.c +++ b/qga/main.c @@ -32,6 +32,8 @@ #include "qemu/systemd.h" #include "qemu-version.h" #ifdef _WIN32 +#include +#include #include #include #include "qga/service-win32.h" @@ -830,6 +832,29 @@ DWORD WINAPI service_ctrl_handler(DWORD ctrl, DWORD ty= pe, LPVOID data, return ret; } =20 +/* Initialize COM for VSS operations */ +static HRESULT init_com(void) +{ + HRESULT hr; + + hr =3D CoInitialize(NULL); + if (FAILED(hr)) { + return hr; + } + + hr =3D CoInitializeSecurity( + NULL, -1, NULL, NULL, + RPC_C_AUTHN_LEVEL_PKT_PRIVACY, + RPC_C_IMP_LEVEL_IDENTIFY, + NULL, EOAC_NONE, NULL); + if (FAILED(hr)) { + CoUninitialize(); + return hr; + } + + return S_OK; +} + VOID WINAPI service_main(DWORD argc, TCHAR *argv[]) { GAService *service =3D &ga_state->service; @@ -842,6 +867,13 @@ VOID WINAPI service_main(DWORD argc, TCHAR *argv[]) return; } =20 + /* Initialize COM for VSS operations in the service thread */ + HRESULT hr_com =3D init_com(); + if (FAILED(hr_com)) { + g_critical("Failed to initialize COM in service thread: 0x%lx", hr= _com); + return; + } + service->status.dwServiceType =3D SERVICE_WIN32; service->status.dwCurrentState =3D SERVICE_RUNNING; service->status.dwControlsAccepted =3D SERVICE_ACCEPT_STOP | SERVICE_A= CCEPT_SHUTDOWN; @@ -866,6 +898,8 @@ VOID WINAPI service_main(DWORD argc, TCHAR *argv[]) =20 run_agent(ga_state); =20 + CoUninitialize(); + UnregisterDeviceNotification(service->device_notification_handle); service->status.dwCurrentState =3D SERVICE_STOPPED; SetServiceStatus(service->status_handle, &service->status); @@ -1719,7 +1753,15 @@ int main(int argc, char **argv) StartServiceCtrlDispatcher(service_table); ret =3D EXIT_SUCCESS; } else { + HRESULT hr_com =3D init_com(); + if (FAILED(hr_com)) { + g_critical("Failed to initialize COM: 0x%lx", hr_com); + ret =3D EXIT_FAILURE; + goto end; + } + ret =3D run_agent(s); + CoUninitialize(); } #else ret =3D run_agent(s); diff --git a/qga/vss-win32/requester.cpp b/qga/vss-win32/requester.cpp index 5615955b6f..2ebfabf45d 100644 --- a/qga/vss-win32/requester.cpp +++ b/qga/vss-win32/requester.cpp @@ -60,15 +60,6 @@ STDAPI requester_init(void) { qga_debug_begin; =20 - COMInitializer initializer; /* to call CoInitializeSecurity */ - HRESULT hr =3D CoInitializeSecurity( - NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_PKT_PRIVACY, - RPC_C_IMP_LEVEL_IDENTIFY, NULL, EOAC_NONE, NULL); - if (FAILED(hr)) { - qga_debug("failed to CoInitializeSecurity (error %lx)", hr); - return hr; - } - hLib =3D LoadLibraryA("VSSAPI.DLL"); if (!hLib) { qga_debug("failed to load VSSAPI.DLL"); @@ -320,8 +311,6 @@ void requester_freeze(int *num_vols, void *mountpoints,= ErrorSet *errset) return; } =20 - CoInitialize(NULL); - /* Allow unrestricted access to events */ InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE); @@ -560,7 +549,6 @@ out: =20 out1: requester_cleanup(); - CoUninitialize(); =20 qga_debug_end; } @@ -641,7 +629,6 @@ void requester_thaw(int *num_vols, void *mountpints, Er= rorSet *errset) *num_vols =3D vss_ctx.cFrozenVols; requester_cleanup(); =20 - CoUninitialize(); StopService(); =20 qga_debug_end; --=20 2.52.0