[libvirt] [PATCH 09/10] qemuDomainAttachDeviceMknod: Deal with symlinks

Martin Kletzander mkletzan at redhat.com
Tue Feb 7 10:57:52 UTC 2017 

On Fri, Jan 20, 2017 at 10:42:49AM +0100, Michal Privoznik wrote:
>Similarly to one of the previous commits, we need to deal
>properly with symlinks in hotplug case too.
>
>Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
>---
> src/qemu/qemu_domain.c | 120 ++++++++++++++++++++++++++++++++++++++-----------
> 1 file changed, 94 insertions(+), 26 deletions(-)
>

ACK to this, but ...

>diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
>index 448583313..bcfb2446f 100644
>--- a/src/qemu/qemu_domain.c
>+++ b/src/qemu/qemu_domain.c
>@@ -7701,17 +7763,22 @@ qemuDomainAttachDeviceMknod(virQEMUDriverPtr driver,
>     }
> #endif
>
>-    if (virSecurityManagerPreFork(driver->securityManager) < 0)
>-        goto cleanup;
>+    if (STRPREFIX(file, DEVPREFIX)) {
>+        if (virSecurityManagerPreFork(driver->securityManager) < 0)
>+            goto cleanup;
>
>-    if (virProcessRunInMountNamespace(vm->pid,
>-                                      qemuDomainAttachDeviceMknodHelper,
>-                                      &data) < 0) {
>+        if (virProcessRunInMountNamespace(vm->pid,
>+                                          qemuDomainAttachDeviceMknodHelper,
>+                                          &data) < 0) {

... I'm sure you have patches for this somewhere that are not posted or
something =D However now we actually fork for every level of the
symlink.  Even when everyone is scared of every single fork().  Can't we
use transactions for this as well?  If not, could we enhance them so
that we can use them?

>+            virSecurityManagerPostFork(driver->securityManager);
>+            goto cleanup;
>+        }
>         virSecurityManagerPostFork(driver->securityManager);
>-        goto cleanup;
>     }
>
>-    virSecurityManagerPostFork(driver->securityManager);
>+    if (isLink &&
>+        qemuDomainAttachDeviceMknod(driver, vm, devDef, target) < 0)
>+        goto cleanup;
>
>     ret = 0;
>  cleanup:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20170207/0143220a/attachment-0001.sig>

More information about the libvir-list mailing list