[libvirt] [PATCH v2] qemuDomainSaveMemory: Don't enforce dynamicOwnership
Michal Privoznik
mprivozn at redhat.com
Wed Jul 25 06:19:33 UTC 2018
On 07/24/2018 10:40 PM, John Ferlan wrote:
>
>
> On 07/09/2018 08:51 AM, Michal Privoznik wrote:
>> https://bugzilla.redhat.com/show_bug.cgi?id=1589115
>>
>> When doing a memory snapshot qemuOpenFile() is used. This means
>> that the file where memory is saved is firstly attempted to be
>> created under root:root (because that's what libvirtd is running
>> under) and if this fails the second attempt is done under
>> domain's uid:gid. This does not make much sense - qemu is given
>> opened FD so it does not need to access the file. Moreover, if
>> dynamicOwnership is set in qemu.conf and the file lives on a
>> squashed NFS this is deadly combination and very likely to fail.
>>
>> The fix consists of using:
>>
>> qemuOpenFileAs(fallback_uid = cfg->user,
>> fallback_gid = cfg->group,
>> dynamicOwnership = false)
>>
>> In other words, dynamicOwnership is turned off for memory
>> snapshot (chown() will still be attempted if the file does not
>> live on NFS) and instead of using domain DAC label, configured
>> user:group is set as fallback.
>>
>
> for memory snapshot and core files, right?
>
>> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
>> ---
>>
>> Diff to v1:
>> - Fix doCoreDump too (raised in review by John).
>>
>> src/qemu/qemu_driver.c | 15 +++++++++------
>> 1 file changed, 9 insertions(+), 6 deletions(-)
>>
>
> Strange - I had this marked as I replied to it, but obviously I didn't.
> Wonder WTF happened ...
>
> and the second qemuOpenFile in qemuDomainSaveMemory to touch up the
> header (virQEMUSaveDataFinish) probably could use qemuOpenFileAs too
> right? although perhaps less important since the answer should be the
> same, just the journey a little different.
Not really. The second time we're opening the file it exists already
(notice we are not passing O_CREAT flag). This means we will not touch
the owner of the file.
>
> Leaving just one consumer for qemuOpenFile and dynamic_ownership
> manipulation.
>
> Reviewed-by: John Ferlan <jferlan at redhat.com>
>
Pushed, thanks.
Michal
More information about the libvir-list
mailing list