From nobody Sun Apr 12 07:24:46 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1771409897; cv=none; d=zohomail.com; s=zohoarc; b=Lk+0+YwGpKJPCHVF9n+94mqJzFxtZq7+3YcWNTcpF2XSSI840Q7PVlurzTjLNyIt5MuSTeme2UOjNzal4558XQlW8c0QT2Y+j3/YYdbfYtJ4tTYzLbX3tphm7GCkXzlxzVkZEIWkcQDzxS7IHbh6rLpP62Ba3Kk6B8UklgB/tnU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1771409897; h=Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To:Cc; bh=cRn1s4kAttQw1nbcEBQDiFcdN2d570X/bYyzLWn5q7Q=; b=XRWaI4LQzUEootCkiYbv7Tw1Z6eYNpYkRqlLcn6PGhe9mAnVE8ZARVEuFOtUcy6OdG7g8lSdC0fd7QfacN4h4rLB/DUxr+8OTvLk1mOixFp5uOsqv0IXbRt4PHD7HjpAw7nwAJzj66cH7whAPu05CmT3obY9krCTg4PocaFHHLs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1771409897969965.6792420941358; Wed, 18 Feb 2026 02:18:17 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vsecv-0000QF-HY; Wed, 18 Feb 2026 05:17:49 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vsecs-0000PI-Ua for qemu-devel@nongnu.org; Wed, 18 Feb 2026 05:17:46 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vsecp-0005qW-1j for qemu-devel@nongnu.org; Wed, 18 Feb 2026 05:17:46 -0500 Received: from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-610-YQaTkrRCP5O1U5KMZYubcw-1; Wed, 18 Feb 2026 05:17:38 -0500 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id EB6E918002C3; Wed, 18 Feb 2026 10:17:36 +0000 (UTC) Received: from srv1.redhat.com (unknown [10.45.224.201]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id A8CE730001BB; Wed, 18 Feb 2026 10:17:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1771409862; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=cRn1s4kAttQw1nbcEBQDiFcdN2d570X/bYyzLWn5q7Q=; b=DsP2hTWek8Iemp5/iDjYvGzr8RO6XjUxEldJuN7ZDPHZJEchRhimVLnWru1iRnJPbJ5kMG HbR1f4BR+dGVYkE9hdImouN8L3XFUdi8z9QH/dRpAxTq8ykEsYWY8SXCYaEtsh/Ax5HWlC o2EkmEh0AEqvkZuX4dKW7I82JlWhHBw= X-MC-Unique: YQaTkrRCP5O1U5KMZYubcw-1 X-Mimecast-MFC-AGG-ID: YQaTkrRCP5O1U5KMZYubcw_1771409857 From: Kostiantyn Kostiuk To: qemu-devel@nongnu.org, Peter Maydell , Richard Henderson Subject: [PULL v2 2/3] qga: Move CoInitialize/CoInitializeSecurity to main process thread Date: Wed, 18 Feb 2026 12:17:28 +0200 Message-ID: <20260218101729.92630-3-kkostiuk@redhat.com> In-Reply-To: <20260218101729.92630-1-kkostiuk@redhat.com> References: <20260218101729.92630-1-kkostiuk@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=kkostiuk@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.043, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1771409900491158500 Content-Type: text/plain; charset="utf-8" From: Elizabeth Ashurov Problem: Two issues with COM initialization: Issue #1: Incorrect call order - requester_init() called CoInitializeSecurity first - Per Microsoft documentation, CoInitialize() must be called BEFORE CoInitializeSecurity() Issue #2: Incorrect call location - CoInitializeSecurity was called from dll instead of the main process - Per Microsoft documentation, CoInitializeSecurity() must be called exactl= y once per process from the main executable, not from a DLL Reference: https://learn.microsoft.com/en-us/windows/win32/api/combaseapi/nf-combaseap= i-coinitializesecurity https://learn.microsoft.com/en-us/windows/win32/api/objbase/nf-objbase-coin= itialize This caused incorrect COM initialization, preventing VSS Writers from calling back via IVssWriterCallback (hr =3D 0x80070005, Access denied, Event ID 8194). Fix: - Initialize COM in main.c for both service and CLI modes - Call CoInitialize() followed by CoInitializeSecurity() in correct order in the main thread before any VSS operations - Add proper CoUninitialize() cleanup Result: VSS Writers can now successfully call back to the agent. Event ID 8194 error is resolved. Signed-off-by: Elizabeth Ashurov Reviewed-by: Kostiantyn Kostiuk Tested-by: Dehan Meng Link: https://lore.kernel.org/qemu-devel/20260211101744.757548-1-eashurov@r= edhat.com Signed-off-by: Kostiantyn Kostiuk --- qga/main.c | 42 +++++++++++++++++++++++++++++++++++++ qga/vss-win32/requester.cpp | 13 ------------ 2 files changed, 42 insertions(+), 13 deletions(-) diff --git a/qga/main.c b/qga/main.c index dd1c216f9a..fd19c7037d 100644 --- a/qga/main.c +++ b/qga/main.c @@ -32,6 +32,8 @@ #include "qemu/systemd.h" #include "qemu-version.h" #ifdef _WIN32 +#include +#include #include #include #include "qga/service-win32.h" @@ -830,6 +832,29 @@ DWORD WINAPI service_ctrl_handler(DWORD ctrl, DWORD ty= pe, LPVOID data, return ret; } =20 +/* Initialize COM for VSS operations */ +static HRESULT init_com(void) +{ + HRESULT hr; + + hr =3D CoInitialize(NULL); + if (FAILED(hr)) { + return hr; + } + + hr =3D CoInitializeSecurity( + NULL, -1, NULL, NULL, + RPC_C_AUTHN_LEVEL_PKT_PRIVACY, + RPC_C_IMP_LEVEL_IDENTIFY, + NULL, EOAC_NONE, NULL); + if (FAILED(hr)) { + CoUninitialize(); + return hr; + } + + return S_OK; +} + VOID WINAPI service_main(DWORD argc, TCHAR *argv[]) { GAService *service =3D &ga_state->service; @@ -842,6 +867,13 @@ VOID WINAPI service_main(DWORD argc, TCHAR *argv[]) return; } =20 + /* Initialize COM for VSS operations in the service thread */ + HRESULT hr_com =3D init_com(); + if (FAILED(hr_com)) { + g_critical("Failed to initialize COM in service thread: 0x%lx", hr= _com); + return; + } + service->status.dwServiceType =3D SERVICE_WIN32; service->status.dwCurrentState =3D SERVICE_RUNNING; service->status.dwControlsAccepted =3D SERVICE_ACCEPT_STOP | SERVICE_A= CCEPT_SHUTDOWN; @@ -866,6 +898,8 @@ VOID WINAPI service_main(DWORD argc, TCHAR *argv[]) =20 run_agent(ga_state); =20 + CoUninitialize(); + UnregisterDeviceNotification(service->device_notification_handle); service->status.dwCurrentState =3D SERVICE_STOPPED; SetServiceStatus(service->status_handle, &service->status); @@ -1719,7 +1753,15 @@ int main(int argc, char **argv) StartServiceCtrlDispatcher(service_table); ret =3D EXIT_SUCCESS; } else { + HRESULT hr_com =3D init_com(); + if (FAILED(hr_com)) { + g_critical("Failed to initialize COM: 0x%lx", hr_com); + ret =3D EXIT_FAILURE; + goto end; + } + ret =3D run_agent(s); + CoUninitialize(); } #else ret =3D run_agent(s); diff --git a/qga/vss-win32/requester.cpp b/qga/vss-win32/requester.cpp index 74489fcd0a..626d6ab1ff 100644 --- a/qga/vss-win32/requester.cpp +++ b/qga/vss-win32/requester.cpp @@ -60,15 +60,6 @@ STDAPI requester_init(void) { qga_debug_begin; =20 - COMInitializer initializer; /* to call CoInitializeSecurity */ - HRESULT hr =3D CoInitializeSecurity( - NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_PKT_PRIVACY, - RPC_C_IMP_LEVEL_IDENTIFY, NULL, EOAC_NONE, NULL); - if (FAILED(hr)) { - qga_debug("failed to CoInitializeSecurity (error %lx)", hr); - return hr; - } - hLib =3D LoadLibraryA("VSSAPI.DLL"); if (!hLib) { qga_debug("failed to load VSSAPI.DLL"); @@ -320,8 +311,6 @@ void requester_freeze(int *num_vols, void *mountpoints,= ErrorSet *errset) return; } =20 - CoInitialize(NULL); - /* Allow unrestricted access to events */ InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE); @@ -562,7 +551,6 @@ out: =20 out1: requester_cleanup(); - CoUninitialize(); =20 qga_debug_end; } @@ -643,7 +631,6 @@ void requester_thaw(int *num_vols, void *mountpints, Er= rorSet *errset) *num_vols =3D vss_ctx.cFrozenVols; requester_cleanup(); =20 - CoUninitialize(); StopService(); =20 qga_debug_end; --=20 2.52.0