[PATCH] qemu_namespace: Be tolerant to non-existent files when populating /dev
jtomko at redhat.com
Thu Sep 3 18:19:21 UTC 2020
On a Thursday in 2020, Michal Privoznik wrote:
>In 6.7.0 release I've changed how domain namespace is built and
>populated. Previously it used to be done from a pre-exec hook
>(ran in the forked off child, just before dropping all privileges
>and exec()-ing QEMU), which not only meant we had to have two
>different code paths for creating a node in domain's namespace
>(one for this pre-exec hook, the other for hotplug ran from the
>daemon), it also proved problematic because it was leaking FDs
>into QEMU process. To mitigate this problem, we've not only
>ditched libdevmapper from the NS population process, I've also
>dropped the pre-exec code and let the NS be populated from the
>daemon (using the hotplug code). But, I was not careful when
>doing so, because the pre-exec code was tolerant to files that
>doesn't exist, while this new code isn't. For instance, the very
>first thing that is done when the new NS is created is it's
>populated with @defaultDeviceACL which contain files like
>/dev/null, /dev/zero, /dev/random and /dev/kvm (and others).
>While the rest will probably exist every time, /dev/kvm might not
>and thus the new code I wrote has to be tolerant to that.
Please put a newline somewhere in this huge block of text.
>Of course, users can override the @defaultDeviceACL (by setting
>cgroup_device_acl in qemu.conf) and remove /dev/kvm (which is
>acceptable workaround), but we definitely want libvirt to work
>out of the box even on hosts without KVM.
>Reported-by: Daniel P. Berrangé <berrange at redhat.com>
>Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> src/qemu/qemu_namespace.c | 12 +++++++++++-
> 1 file changed, 11 insertions(+), 1 deletion(-)
Reviewed-by: Ján Tomko <jtomko at redhat.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: not available
More information about the libvir-list