render / rpms / libvirt

Forked from rpms/libvirt a year ago
Clone
Source Code
GIT

Blame SOURCES/libvirt-qemuDomainDetachDeviceUnlink-Don-t-unlink-files-we-haven-t-created.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-sig-hyperscale c8s-stream-rhel c9 c9-beta c9s-sig-hyperscale libvirt-hyperscale-10.10.0 libvirt-hyperscale-10.4.0 upgrade-hyperscale-libvirt
  1.   6d33513840fdff41fc63a0903dae33dfd1b9a428
  2.   SOURCES
  3.   libvirt-qemuDomainDetachDeviceUnlink-Don-t-unlink-files-we-haven-t-created.patch
Blob History Raw
6d3351 
From 8767eb1b444bcd825f382f150cd064171fdcba81 Mon Sep 17 00:00:00 2001
6d3351 
Message-Id: <8767eb1b444bcd825f382f150cd064171fdcba81@dist-git>
6d3351 
From: Michal Privoznik <mprivozn@redhat.com>
6d3351 
Date: Thu, 11 May 2017 15:38:41 +0200
6d3351 
Subject: [PATCH] qemuDomainDetachDeviceUnlink: Don't unlink files we haven't
6d3351 
 created
6d3351
6d3351 
https://bugzilla.redhat.com/show_bug.cgi?id=1449510
6d3351
6d3351 
Even though there are several checks before calling this function
6d3351 
and for some scenarios we don't call it at all (e.g. on disk hot
6d3351 
unplug), it may be possible to sneak in some weird files (e.g. if
6d3351 
domain would have RNG with /dev/shm/some_file as its backend). No
6d3351 
matter how improbable, we shouldn't unlink it as we would be
6d3351 
unlinking a file from the host which we haven't created in the
6d3351 
first place.
6d3351
6d3351 
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
6d3351 
Reviewed-by: Cedric Bosdonnat <cbosdonnat@suse.com>
6d3351 
(cherry picked from commit 2f0b3b103b329b0b9656ac4fc8b5f94a5c2fa051)
6d3351 
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
6d3351 
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
6d3351 
---
6d3351 
 src/qemu/qemu_domain.c | 86 ++++++++++++++++++++++++++++++++++++++++++++------
6d3351 
 1 file changed, 76 insertions(+), 10 deletions(-)
6d3351
6d3351 
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
6d3351 
index 671569f6f..5ef3d0577 100644
6d3351 
--- a/src/qemu/qemu_domain.c
6d3351 
+++ b/src/qemu/qemu_domain.c
6d3351 
@@ -8471,14 +8471,32 @@ qemuDomainDetachDeviceUnlinkHelper(pid_t pid ATTRIBUTE_UNUSED,
6d3351 
 static int
6d3351 
 qemuDomainDetachDeviceUnlink(virQEMUDriverPtr driver ATTRIBUTE_UNUSED,
6d3351 
                              virDomainObjPtr vm,
6d3351 
-                             const char *file)
6d3351 
+                             const char *file,
6d3351 
+                             char * const *devMountsPath,
6d3351 
+                             size_t ndevMountsPath)
6d3351 
 {
6d3351 
-    if (virProcessRunInMountNamespace(vm->pid,
6d3351 
-                                      qemuDomainDetachDeviceUnlinkHelper,
6d3351 
-                                      (void *)file) < 0)
6d3351 
-        return -1;
6d3351 
+    int ret = -1;
6d3351 
+    size_t i;
6d3351
6d3351 
-    return 0;
6d3351 
+    if (STRPREFIX(file, DEVPREFIX)) {
6d3351 
+        for (i = 0; i < ndevMountsPath; i++) {
6d3351 
+            if (STREQ(devMountsPath[i], "/dev"))
6d3351 
+                continue;
6d3351 
+            if (STRPREFIX(file, devMountsPath[i]))
6d3351 
+                break;
6d3351 
+        }
6d3351 
+
6d3351 
+        if (i == ndevMountsPath) {
6d3351 
+            if (virProcessRunInMountNamespace(vm->pid,
6d3351 
+                                              qemuDomainDetachDeviceUnlinkHelper,
6d3351 
+                                              (void *)file) < 0)
6d3351 
+                goto cleanup;
6d3351 
+        }
6d3351 
+    }
6d3351 
+
6d3351 
+    ret = 0;
6d3351 
+ cleanup:
6d3351 
+    return ret;
6d3351 
 }
6d3351
6d3351
6d3351 
@@ -8597,6 +8615,9 @@ qemuDomainNamespaceTeardownHostdev(virQEMUDriverPtr driver,
6d3351 
                                    virDomainObjPtr vm,
6d3351 
                                    virDomainHostdevDefPtr hostdev)
6d3351 
 {
6d3351 
+    virQEMUDriverConfigPtr cfg = NULL;
6d3351 
+    char **devMountsPath = NULL;
6d3351 
+    size_t ndevMountsPath = 0;
6d3351 
     int ret = -1;
6d3351 
     char **path = NULL;
6d3351 
     size_t i, npaths = 0;
6d3351 
@@ -8608,8 +8629,15 @@ qemuDomainNamespaceTeardownHostdev(virQEMUDriverPtr driver,
6d3351 
                                  &npaths, &path, NULL) < 0)
6d3351 
         goto cleanup;
6d3351
6d3351 
+    cfg = virQEMUDriverGetConfig(driver);
6d3351 
+    if (qemuDomainGetPreservedMounts(cfg, vm,
6d3351 
+                                     &devMountsPath, NULL,
6d3351 
+                                     &ndevMountsPath) < 0)
6d3351 
+        goto cleanup;
6d3351 
+
6d3351 
     for (i = 0; i < npaths; i++) {
6d3351 
-        if (qemuDomainDetachDeviceUnlink(driver, vm, path[i]) < 0)
6d3351 
+        if (qemuDomainDetachDeviceUnlink(driver, vm, path[i],
6d3351 
+                                         devMountsPath, ndevMountsPath) < 0)
6d3351 
             goto cleanup;
6d3351 
     }
6d3351
6d3351 
@@ -8618,6 +8646,8 @@ qemuDomainNamespaceTeardownHostdev(virQEMUDriverPtr driver,
6d3351 
     for (i = 0; i < npaths; i++)
6d3351 
         VIR_FREE(path[i]);
6d3351 
     VIR_FREE(path);
6d3351 
+    virStringListFreeCount(devMountsPath, ndevMountsPath);
6d3351 
+    virObjectUnref(cfg);
6d3351 
     return ret;
6d3351 
 }
6d3351
6d3351 
@@ -8660,6 +8690,9 @@ qemuDomainNamespaceTeardownMemory(virQEMUDriverPtr driver,
6d3351 
                                   virDomainObjPtr vm,
6d3351 
                                   virDomainMemoryDefPtr mem)
6d3351 
 {
6d3351 
+    virQEMUDriverConfigPtr cfg = NULL;
6d3351 
+    char **devMountsPath = NULL;
6d3351 
+    size_t ndevMountsPath = 0;
6d3351 
     int ret = -1;
6d3351
6d3351 
     if (mem->model != VIR_DOMAIN_MEMORY_MODEL_NVDIMM)
6d3351 
@@ -8668,10 +8701,19 @@ qemuDomainNamespaceTeardownMemory(virQEMUDriverPtr driver,
6d3351 
     if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
6d3351 
         return 0;
6d3351
6d3351 
-    if (qemuDomainDetachDeviceUnlink(driver, vm, mem->nvdimmPath) < 0)
6d3351 
+    cfg = virQEMUDriverGetConfig(driver);
6d3351 
+    if (qemuDomainGetPreservedMounts(cfg, vm,
6d3351 
+                                     &devMountsPath, NULL,
6d3351 
+                                     &ndevMountsPath) < 0)
6d3351 
+        goto cleanup;
6d3351 
+
6d3351 
+    if (qemuDomainDetachDeviceUnlink(driver, vm, mem->nvdimmPath,
6d3351 
+                                     devMountsPath, ndevMountsPath) < 0)
6d3351 
         goto cleanup;
6d3351 
     ret = 0;
6d3351 
  cleanup:
6d3351 
+    virStringListFreeCount(devMountsPath, ndevMountsPath);
6d3351 
+    virObjectUnref(cfg);
6d3351 
     return ret;
6d3351 
 }
6d3351
6d3351 
@@ -8719,6 +8761,9 @@ qemuDomainNamespaceTeardownChardev(virQEMUDriverPtr driver,
6d3351 
                                    virDomainObjPtr vm,
6d3351 
                                    virDomainChrDefPtr chr)
6d3351 
 {
6d3351 
+    virQEMUDriverConfigPtr cfg = NULL;
6d3351 
+    char **devMountsPath = NULL;
6d3351 
+    size_t ndevMountsPath = 0;
6d3351 
     int ret = -1;
6d3351 
     const char *path = NULL;
6d3351
6d3351 
@@ -8730,11 +8775,20 @@ qemuDomainNamespaceTeardownChardev(virQEMUDriverPtr driver,
6d3351
6d3351 
     path = chr->source->data.file.path;
6d3351
6d3351 
-    if (qemuDomainDetachDeviceUnlink(driver, vm, path) < 0)
6d3351 
+    cfg = virQEMUDriverGetConfig(driver);
6d3351 
+    if (qemuDomainGetPreservedMounts(cfg, vm,
6d3351 
+                                     &devMountsPath, NULL,
6d3351 
+                                     &ndevMountsPath) < 0)
6d3351 
+        goto cleanup;
6d3351 
+
6d3351 
+    if (qemuDomainDetachDeviceUnlink(driver, vm, path,
6d3351 
+                                     devMountsPath, ndevMountsPath) < 0)
6d3351 
         goto cleanup;
6d3351
6d3351 
     ret = 0;
6d3351 
  cleanup:
6d3351 
+    virStringListFreeCount(devMountsPath, ndevMountsPath);
6d3351 
+    virObjectUnref(cfg);
6d3351 
     return ret;
6d3351 
 }
6d3351
6d3351 
@@ -8788,6 +8842,9 @@ qemuDomainNamespaceTeardownRNG(virQEMUDriverPtr driver,
6d3351 
                                virDomainObjPtr vm,
6d3351 
                                virDomainRNGDefPtr rng)
6d3351 
 {
6d3351 
+    virQEMUDriverConfigPtr cfg = NULL;
6d3351 
+    char **devMountsPath = NULL;
6d3351 
+    size_t ndevMountsPath = 0;
6d3351 
     int ret = -1;
6d3351 
     const char *path = NULL;
6d3351
6d3351 
@@ -8805,11 +8862,20 @@ qemuDomainNamespaceTeardownRNG(virQEMUDriverPtr driver,
6d3351 
         goto cleanup;
6d3351 
     }
6d3351
6d3351 
-    if (qemuDomainDetachDeviceUnlink(driver, vm, path) < 0)
6d3351 
+    cfg = virQEMUDriverGetConfig(driver);
6d3351 
+    if (qemuDomainGetPreservedMounts(cfg, vm,
6d3351 
+                                     &devMountsPath, NULL,
6d3351 
+                                     &ndevMountsPath) < 0)
6d3351 
+        goto cleanup;
6d3351 
+
6d3351 
+    if (qemuDomainDetachDeviceUnlink(driver, vm, path,
6d3351 
+                                     devMountsPath, ndevMountsPath) < 0)
6d3351 
         goto cleanup;
6d3351
6d3351 
     ret = 0;
6d3351 
  cleanup:
6d3351 
+    virStringListFreeCount(devMountsPath, ndevMountsPath);
6d3351 
+    virObjectUnref(cfg);
6d3351 
     return ret;
6d3351 
 }
6d3351
6d3351 
--
6d3351 
2.13.0
6d3351

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation