rpms / libvirt

Clone
Source Code
GIT

Blame SOURCES/libvirt-qemuDomainSaveMemory-Don-t-enforce-dynamicOwnership.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-sig-hyperscale c8s-stream-rhel c9 c9-beta c9s-sig-hyperscale
  1.   c313ded493352e588f6f6e12713a664ce11e10e3
  2.   SOURCES
  3.   libvirt-qemuDomainSaveMemory-Don-t-enforce-dynamicOwnership.patch
Blob History Raw
9c6c51 
From 94ba115a0dc13cedaf652513ac6cacd419672627 Mon Sep 17 00:00:00 2001
9c6c51 
Message-Id: <94ba115a0dc13cedaf652513ac6cacd419672627@dist-git>
9c6c51 
From: Michal Privoznik <mprivozn@redhat.com>
9c6c51 
Date: Wed, 25 Jul 2018 08:27:10 +0200
9c6c51 
Subject: [PATCH] qemuDomainSaveMemory: Don't enforce dynamicOwnership
9c6c51 
MIME-Version: 1.0
9c6c51 
Content-Type: text/plain; charset=UTF-8
9c6c51 
Content-Transfer-Encoding: 8bit
9c6c51
9c6c51 
https://bugzilla.redhat.com/show_bug.cgi?id=1589115
9c6c51
9c6c51 
When doing a memory snapshot qemuOpenFile() is used. This means
9c6c51 
that the file where memory is saved is firstly attempted to be
9c6c51 
created under root:root (because that's what libvirtd is running
9c6c51 
under) and if this fails the second attempt is done under
9c6c51 
domain's uid:gid. This does not make much sense - qemu is given
9c6c51 
opened FD so it does not need to access the file. Moreover, if
9c6c51 
dynamicOwnership is set in qemu.conf and the file lives on a
9c6c51 
squashed NFS this is deadly combination and very likely to fail.
9c6c51
9c6c51 
The fix consists of using:
9c6c51
9c6c51 
  qemuOpenFileAs(fallback_uid = cfg->user,
9c6c51 
                 fallback_gid = cfg->group,
9c6c51 
                 dynamicOwnership = false)
9c6c51
9c6c51 
In other words, dynamicOwnership is turned off for memory
9c6c51 
snapshot (chown() will still be attempted if the file does not
9c6c51 
live on NFS) and instead of using domain DAC label, configured
9c6c51 
user:group is set as fallback.
9c6c51
9c6c51 
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
9c6c51 
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
9c6c51 
(cherry picked from commit 8c8c32339ae965fa6991462e98be1f5890ac7499)
9c6c51 
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
9c6c51 
Reviewed-by: Ján Tomko <jtomko@redhat.com>
9c6c51 
---
9c6c51 
 src/qemu/qemu_driver.c | 15 +++++++++------
9c6c51 
 1 file changed, 9 insertions(+), 6 deletions(-)
9c6c51
9c6c51 
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
9c6c51 
index e8a595f17e..f85248e3c7 100644
9c6c51 
--- a/src/qemu/qemu_driver.c
9c6c51 
+++ b/src/qemu/qemu_driver.c
9c6c51 
@@ -3185,6 +3185,7 @@ qemuDomainSaveMemory(virQEMUDriverPtr driver,
9c6c51 
                      unsigned int flags,
9c6c51 
                      qemuDomainAsyncJob asyncJob)
9c6c51 
 {
9c6c51 
+    virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
9c6c51 
     bool needUnlink = false;
9c6c51 
     int ret = -1;
9c6c51 
     int fd = -1;
9c6c51 
@@ -3202,9 +3203,10 @@ qemuDomainSaveMemory(virQEMUDriverPtr driver,
9c6c51 
             goto cleanup;
9c6c51 
         }
9c6c51 
     }
9c6c51 
-    fd = qemuOpenFile(driver, vm, path,
9c6c51 
-                      O_WRONLY | O_TRUNC | O_CREAT | directFlag,
9c6c51 
-                      &needUnlink);
9c6c51 
+
9c6c51 
+    fd = qemuOpenFileAs(cfg->user, cfg->group, false, path,
9c6c51 
+                        O_WRONLY | O_TRUNC | O_CREAT | directFlag,
9c6c51 
+                        &needUnlink);
9c6c51 
     if (fd < 0)
9c6c51 
         goto cleanup;
9c6c51
9c6c51 
@@ -3244,6 +3246,7 @@ qemuDomainSaveMemory(virQEMUDriverPtr driver,
9c6c51 
  cleanup:
9c6c51 
     VIR_FORCE_CLOSE(fd);
9c6c51 
     virFileWrapperFdFree(wrapperFd);
9c6c51 
+    virObjectUnref(cfg);
9c6c51
9c6c51 
     if (ret < 0 && needUnlink)
9c6c51 
         unlink(path);
9c6c51 
@@ -3793,9 +3796,9 @@ doCoreDump(virQEMUDriverPtr driver,
9c6c51 
     /* Core dumps usually imply last-ditch analysis efforts are
9c6c51 
      * desired, so we intentionally do not unlink even if a file was
9c6c51 
      * created.  */
9c6c51 
-    if ((fd = qemuOpenFile(driver, vm, path,
9c6c51 
-                           O_CREAT | O_TRUNC | O_WRONLY | directFlag,
9c6c51 
-                           NULL)) < 0)
9c6c51 
+    if ((fd = qemuOpenFileAs(cfg->user, cfg->group, false, path,
9c6c51 
+                             O_CREAT | O_TRUNC | O_WRONLY | directFlag,
9c6c51 
+                             NULL)) < 0)
9c6c51 
         goto cleanup;
9c6c51
9c6c51 
     if (!(wrapperFd = virFileWrapperFdNew(&fd, path, flags)))
9c6c51 
--
9c6c51 
2.18.0
9c6c51

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation