From 09f7d1ef473ec3e1f21c62abff77d55d79817704 Mon Sep 17 00:00:00 2001
Message-Id: <09f7d1ef473ec3e1f21c62abff77d55d79817704@dist-git>
From: Michal Privoznik <mprivozn@redhat.com>
Date: Thu, 11 May 2017 15:38:39 +0200
Subject: [PATCH] qemuDomainCreateDeviceRecursive: Don't try to create devices
 under preserved mount points

https://bugzilla.redhat.com/show_bug.cgi?id=1449510

While the code allows devices to already be there (by some
miracle), we shouldn't try to create devices that don't belong to
us. For instance, we shouldn't try to create /dev/shm/file
because /dev/shm is a mount point that is preserved. Therefore if
a file is created there from an outside (e.g. by mgmt application
or some other daemon running on the system like vhostmd), it
exists in the qemu namespace too as the mount point is the same.
It's only /dev and /dev only that is different. The same
reasoning applies to all other preserved mount points.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cedric Bosdonnat <cbosdonnat@suse.com>
(cherry picked from commit e30dbf35a1a9e86934272aeef803f91b36d8cbce)
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
 src/qemu/qemu_domain.c | 39 ++++++++++++++++++++++++++++++---------
 1 file changed, 30 insertions(+), 9 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index bbf865e12..9217747d5 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -7415,6 +7415,8 @@ qemuDomainGetPreservedMounts(virQEMUDriverConfigPtr cfg,
 
 struct qemuDomainCreateDeviceData {
     const char *path;     /* Path to temp new /dev location */
+    char * const *devMountsPath;
+    size_t ndevMountsPath;
 };
 
 
@@ -7468,17 +7470,34 @@ qemuDomainCreateDeviceRecursive(const char *device,
      * For now, lets hope callers play nice.
      */
     if (STRPREFIX(device, DEVPREFIX)) {
-        if (virAsprintf(&devicePath, "%s/%s",
-                        data->path, device + strlen(DEVPREFIX)) < 0)
-            goto cleanup;
+        size_t i;
 
-        if (virFileMakeParentPath(devicePath) < 0) {
-            virReportSystemError(errno,
-                                 _("Unable to create %s"),
-                                 devicePath);
-            goto cleanup;
+        for (i = 0; i < data->ndevMountsPath; i++) {
+            if (STREQ(data->devMountsPath[i], "/dev"))
+                continue;
+            if (STRPREFIX(device, data->devMountsPath[i]))
+                break;
+        }
+
+        if (i == data->ndevMountsPath) {
+            /* Okay, @device is in /dev but not in any mount point under /dev.
+             * Create it. */
+            if (virAsprintf(&devicePath, "%s/%s",
+                            data->path, device + strlen(DEVPREFIX)) < 0)
+                goto cleanup;
+
+            if (virFileMakeParentPath(devicePath) < 0) {
+                virReportSystemError(errno,
+                                     _("Unable to create %s"),
+                                     devicePath);
+                goto cleanup;
+            }
+            VIR_DEBUG("Creating dev %s", device);
+            create = true;
+        } else {
+            VIR_DEBUG("Skipping dev %s because of %s mount point",
+                      device, data->devMountsPath[i]);
         }
-        create = true;
     }
 
     if (isLink) {
@@ -8027,6 +8046,8 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg,
     }
 
     data.path = devPath;
+    data.devMountsPath = devMountsPath;
+    data.ndevMountsPath = ndevMountsPath;
 
     if (virProcessSetupPrivateMountNS() < 0)
         goto cleanup;
-- 
2.13.0