Re: [PATCH v1 16/34] qemuDomainBuildNamespace: Populate basic /dev from daemon's namespace

As mentioned in previous commit, populating domain's namespace from pre-exec() hook is dangerous. This commit moves population of the namespace with basic /dev nodes (e.g. /dev/null, /dev/kvm, etc.) into daemon's namespace. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com&gt; --- src/qemu/qemu_domain_namespace.c | 23 +++++++++++------------ src/qemu/qemu_domain_namespace.h | 3 ++- src/qemu/qemu_process.c | 2 +- 3 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/src/qemu/qemu_domain_namespace.c b/src/qemu/qemu_domain_namespace.c index 38abed56c8..17c804dfca 100644 --- a/src/qemu/qemu_domain_namespace.c +++ b/src/qemu/qemu_domain_namespace.c @@ -435,8 +435,7 @@ qemuDomainCreateDevice(const char *device, static int qemuDomainPopulateDevices(virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm G_GNUC_UNUSED, - const struct qemuDomainCreateDeviceData *data) + char ***paths) { const char *const *devices = (const char *const *) cfg->cgroupDeviceACL; size_t i; @@ -445,7 +444,7 @@ qemuDomainPopulateDevices(virQEMUDriverConfigPtr cfg, devices = defaultDeviceACL; for (i = 0; devices[i]; i++) { - if (qemuDomainCreateDevice(devices[i], data, true) < 0) + if (virStringListAdd(paths, devices[i]) < 0) return -1; } @@ -454,10 +453,9 @@ qemuDomainPopulateDevices(virQEMUDriverConfigPtr cfg, static int -qemuDomainSetupDev(virQEMUDriverConfigPtr cfg, - virSecurityManagerPtr mgr, +qemuDomainSetupDev(virSecurityManagerPtr mgr, virDomainObjPtr vm, - const struct qemuDomainCreateDeviceData *data) + const char *path) { g_autofree char *mount_options = NULL; g_autofree char *opts = NULL; @@ -475,10 +473,7 @@ qemuDomainSetupDev(virQEMUDriverConfigPtr cfg, */ opts = g_strdup_printf("mode=755,size=65536%s", mount_options); - if (virFileSetupDev(data->path, opts) < 0) - return -1; - - if (qemuDomainPopulateDevices(cfg, vm, data) < 0) + if (virFileSetupDev(path, opts) < 0) return -1; return 0; @@ -862,10 +857,14 @@ qemuDomainNamespaceMknodPaths(virDomainObjPtr vm, int -qemuDomainBuildNamespace(virDomainObjPtr vm) +qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm) { VIR_AUTOSTRINGLIST paths = NULL; + if (qemuDomainPopulateDevices(cfg, &paths) < 0) + return -1; + if (qemuDomainNamespaceMknodPaths(vm, (const char **) paths) < 0) return -1; @@ -914,7 +913,7 @@ qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, if (virProcessSetupPrivateMountNS() < 0) goto cleanup; - if (qemuDomainSetupDev(cfg, mgr, vm, &data) < 0) + if (qemuDomainSetupDev(mgr, vm, devPath) < 0) goto cleanup; if (qemuDomainSetupAllDisks(vm, &data) < 0) diff --git a/src/qemu/qemu_domain_namespace.h b/src/qemu/qemu_domain_namespace.h index 70eebf4dc4..644f2adef3 100644 --- a/src/qemu/qemu_domain_namespace.h +++ b/src/qemu/qemu_domain_namespace.h @@ -41,7 +41,8 @@ int qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg, virSecurityManagerPtr mgr, virDomainObjPtr vm); -int qemuDomainBuildNamespace(virDomainObjPtr vm); +int qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, + virDomainObjPtr vm); void qemuDomainDestroyNamespace(virQEMUDriverPtr driver, virDomainObjPtr vm); diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index bee0fd031b..e2f32dc25a 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -6832,7 +6832,7 @@ qemuProcessLaunch(virConnectPtr conn, } VIR_DEBUG("Building domain mount namespace (if required)"); - if (qemuDomainBuildNamespace(vm) < 0) + if (qemuDomainBuildNamespace(cfg, vm) < 0) goto cleanup; VIR_DEBUG("Setting up domain cgroup (if required)"); -- 2.26.2