| From 09f7d1ef473ec3e1f21c62abff77d55d79817704 Mon Sep 17 00:00:00 2001 |
| Message-Id: <09f7d1ef473ec3e1f21c62abff77d55d79817704@dist-git> |
| From: Michal Privoznik <mprivozn@redhat.com> |
| Date: Thu, 11 May 2017 15:38:39 +0200 |
| Subject: [PATCH] qemuDomainCreateDeviceRecursive: Don't try to create devices |
| under preserved mount points |
| |
| https://bugzilla.redhat.com/show_bug.cgi?id=1449510 |
| |
| While the code allows devices to already be there (by some |
| miracle), we shouldn't try to create devices that don't belong to |
| us. For instance, we shouldn't try to create /dev/shm/file |
| because /dev/shm is a mount point that is preserved. Therefore if |
| a file is created there from an outside (e.g. by mgmt application |
| or some other daemon running on the system like vhostmd), it |
| exists in the qemu namespace too as the mount point is the same. |
| It's only /dev and /dev only that is different. The same |
| reasoning applies to all other preserved mount points. |
| |
| Signed-off-by: Michal Privoznik <mprivozn@redhat.com> |
| Reviewed-by: Cedric Bosdonnat <cbosdonnat@suse.com> |
| (cherry picked from commit e30dbf35a1a9e86934272aeef803f91b36d8cbce) |
| Signed-off-by: Michal Privoznik <mprivozn@redhat.com> |
| Signed-off-by: Jiri Denemark <jdenemar@redhat.com> |
| |
| src/qemu/qemu_domain.c | 39 ++++++++++++++++++++++++++++++--------- |
| 1 file changed, 30 insertions(+), 9 deletions(-) |
| |
| diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c |
| index bbf865e12..9217747d5 100644 |
| |
| |
| @@ -7415,6 +7415,8 @@ qemuDomainGetPreservedMounts(virQEMUDriverConfigPtr cfg, |
| |
| struct qemuDomainCreateDeviceData { |
| const char *path; /* Path to temp new /dev location */ |
| + char * const *devMountsPath; |
| + size_t ndevMountsPath; |
| }; |
| |
| |
| @@ -7468,17 +7470,34 @@ qemuDomainCreateDeviceRecursive(const char *device, |
| * For now, lets hope callers play nice. |
| */ |
| if (STRPREFIX(device, DEVPREFIX)) { |
| - if (virAsprintf(&devicePath, "%s/%s", |
| - data->path, device + strlen(DEVPREFIX)) < 0) |
| - goto cleanup; |
| + size_t i; |
| |
| - if (virFileMakeParentPath(devicePath) < 0) { |
| - virReportSystemError(errno, |
| - _("Unable to create %s"), |
| - devicePath); |
| - goto cleanup; |
| + for (i = 0; i < data->ndevMountsPath; i++) { |
| + if (STREQ(data->devMountsPath[i], "/dev")) |
| + continue; |
| + if (STRPREFIX(device, data->devMountsPath[i])) |
| + break; |
| + } |
| + |
| + if (i == data->ndevMountsPath) { |
| + /* Okay, @device is in /dev but not in any mount point under /dev. |
| + * Create it. */ |
| + if (virAsprintf(&devicePath, "%s/%s", |
| + data->path, device + strlen(DEVPREFIX)) < 0) |
| + goto cleanup; |
| + |
| + if (virFileMakeParentPath(devicePath) < 0) { |
| + virReportSystemError(errno, |
| + _("Unable to create %s"), |
| + devicePath); |
| + goto cleanup; |
| + } |
| + VIR_DEBUG("Creating dev %s", device); |
| + create = true; |
| + } else { |
| + VIR_DEBUG("Skipping dev %s because of %s mount point", |
| + device, data->devMountsPath[i]); |
| } |
| - create = true; |
| } |
| |
| if (isLink) { |
| @@ -8027,6 +8046,8 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, |
| } |
| |
| data.path = devPath; |
| + data.devMountsPath = devMountsPath; |
| + data.ndevMountsPath = ndevMountsPath; |
| |
| if (virProcessSetupPrivateMountNS() < 0) |
| goto cleanup; |
| -- |
| 2.13.0 |
| |