From faf5df2081f15b34c963e0e1f69128cce33e969b Mon Sep 17 00:00:00 2001 From: Cole Robinson Date: Fri, 15 Sep 2017 19:04:20 -0400 Subject: [PATCH] Fix TPM2 passthrough (bz #1486240) Fix spice GL qemu:///system rendernode permissions (bz #1460804) Fix on_reboot=destroy setting (bz #1476866) Fix disk images in /dev/shm (bz #1482146) --- ...agate-bridge-MTU-into-qemu-host_mtu-.patch | 0 ...mon-Don-t-run-if-in-a-Fedora-live-VM.patch | 35 ------ ...5-cpu-Introduce-virCPUCopyMigratable.patch | 0 ...-code-in-virQEMUCapsInitCPUModel-one.patch | 0 ...ble-parameter-to-virQEMUCapsInitCPUM.patch | 0 ...mu-Introduce-virQEMUCapsSetHostModel.patch | 0 ...ps-CPU-data-copying-into-a-separate-.patch | 0 ...ntroduce-virQEMUCapsHostCPUDataClear.patch | 0 ...e-qemuCaps-host-CPU-data-in-a-struct.patch | 0 ...-qemuCaps-for-multiple-host-CPU-defs.patch | 0 ...table-host-CPU-model-to-virCPUUpdate.patch | 0 ...-feature-filtering-from-virCPUUpdate.patch | 0 ...u-Introduce-virCPUGetHostIsSupported.patch | 0 ...emu-Use-more-data-for-comparing-CPUs.patch | 0 ...ll-for-cancel-path-if-none-was-found.patch | 34 ++++++ ...ity-add-MANAGER_MOUNT_NAMESPACE-flag.patch | 108 +++++++++++++++++ ...ecurity-dac-relabel-spice-rendernode.patch | 101 ++++++++++++++++ 0107-qemu-Honour-on_reboot.patch | 63 ++++++++++ ...Namespace-Move-dev-mountpoints-later.patch | 113 ++++++++++++++++++ libvirt.spec | 46 ++++--- 20 files changed, 448 insertions(+), 52 deletions(-) rename 0005-Revert-qemu-propagate-bridge-MTU-into-qemu-host_mtu-.patch => 0004-Revert-qemu-propagate-bridge-MTU-into-qemu-host_mtu-.patch (100%) delete mode 100644 0004-daemon-Don-t-run-if-in-a-Fedora-live-VM.patch rename 0006-cpu-Introduce-virCPUCopyMigratable.patch => 0005-cpu-Introduce-virCPUCopyMigratable.patch (100%) rename 0007-qemu-Move-common-code-in-virQEMUCapsInitCPUModel-one.patch => 0006-qemu-Move-common-code-in-virQEMUCapsInitCPUModel-one.patch (100%) rename 0008-qemu-Add-migratable-parameter-to-virQEMUCapsInitCPUM.patch => 0007-qemu-Add-migratable-parameter-to-virQEMUCapsInitCPUM.patch (100%) rename 0009-qemu-Introduce-virQEMUCapsSetHostModel.patch => 0008-qemu-Introduce-virQEMUCapsSetHostModel.patch (100%) rename 0010-qemu-Move-qemuCaps-CPU-data-copying-into-a-separate-.patch => 0009-qemu-Move-qemuCaps-CPU-data-copying-into-a-separate-.patch (100%) rename 0011-qemu-Introduce-virQEMUCapsHostCPUDataClear.patch => 0010-qemu-Introduce-virQEMUCapsHostCPUDataClear.patch (100%) rename 0012-qemu-Move-qemuCaps-host-CPU-data-in-a-struct.patch => 0011-qemu-Move-qemuCaps-host-CPU-data-in-a-struct.patch (100%) rename 0013-qemu-Prepare-qemuCaps-for-multiple-host-CPU-defs.patch => 0012-qemu-Prepare-qemuCaps-for-multiple-host-CPU-defs.patch (100%) rename 0014-qemu-Pass-migratable-host-CPU-model-to-virCPUUpdate.patch => 0013-qemu-Pass-migratable-host-CPU-model-to-virCPUUpdate.patch (100%) rename 0015-cpu-Drop-feature-filtering-from-virCPUUpdate.patch => 0014-cpu-Drop-feature-filtering-from-virCPUUpdate.patch (100%) rename 0016-cpu-Introduce-virCPUGetHostIsSupported.patch => 0015-cpu-Introduce-virCPUGetHostIsSupported.patch (100%) rename 0017-qemu-Use-more-data-for-comparing-CPUs.patch => 0016-qemu-Use-more-data-for-comparing-CPUs.patch (100%) create mode 100644 0104-tpm-Use-dev-null-for-cancel-path-if-none-was-found.patch create mode 100644 0105-security-add-MANAGER_MOUNT_NAMESPACE-flag.patch create mode 100644 0106-security-dac-relabel-spice-rendernode.patch create mode 100644 0107-qemu-Honour-on_reboot.patch create mode 100644 0108-qemuDomainBuildNamespace-Move-dev-mountpoints-later.patch diff --git a/0005-Revert-qemu-propagate-bridge-MTU-into-qemu-host_mtu-.patch b/0004-Revert-qemu-propagate-bridge-MTU-into-qemu-host_mtu-.patch similarity index 100% rename from 0005-Revert-qemu-propagate-bridge-MTU-into-qemu-host_mtu-.patch rename to 0004-Revert-qemu-propagate-bridge-MTU-into-qemu-host_mtu-.patch diff --git a/0004-daemon-Don-t-run-if-in-a-Fedora-live-VM.patch b/0004-daemon-Don-t-run-if-in-a-Fedora-live-VM.patch deleted file mode 100644 index 76e9673..0000000 --- a/0004-daemon-Don-t-run-if-in-a-Fedora-live-VM.patch +++ /dev/null @@ -1,35 +0,0 @@ -From: Cole Robinson -Date: Tue, 30 May 2017 18:35:04 -0400 -Subject: [PATCH] daemon: Don't run if in a Fedora live VM - -Only start libvirtd if not in a VM OR if not in a Fedora live env, -via systemd unit conditions. It checks Fedora live env by looking -for the rd.live.image option on the kernel command line. - -Roundabout way to prevent the 'default' network killing connectivity -of the livecd running in a VM - -https://bugzilla.redhat.com/show_bug.cgi?id=1146232 - -Not upstream, will likely need some kind of different permanent solution ---- - daemon/libvirtd.service.in | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/daemon/libvirtd.service.in b/daemon/libvirtd.service.in -index fbaf02f3b..86ee988fa 100644 ---- a/daemon/libvirtd.service.in -+++ b/daemon/libvirtd.service.in -@@ -16,6 +16,12 @@ After=local-fs.target - After=remote-fs.target - Documentation=man:libvirtd(8) - Documentation=http://libvirt.org -+# This says, start libvirtd if not in a VM OR if not in a Fedora live env -+# Roundabout way to prevent the 'default' network killing connectivity -+# of the livecd running in a VM -+# https://bugzilla.redhat.com/show_bug.cgi?id=1146232 -+ConditionVirtualization=|0 -+ConditionKernelCommandLine=|!rd.live.image - - [Service] - Type=notify diff --git a/0006-cpu-Introduce-virCPUCopyMigratable.patch b/0005-cpu-Introduce-virCPUCopyMigratable.patch similarity index 100% rename from 0006-cpu-Introduce-virCPUCopyMigratable.patch rename to 0005-cpu-Introduce-virCPUCopyMigratable.patch diff --git a/0007-qemu-Move-common-code-in-virQEMUCapsInitCPUModel-one.patch b/0006-qemu-Move-common-code-in-virQEMUCapsInitCPUModel-one.patch similarity index 100% rename from 0007-qemu-Move-common-code-in-virQEMUCapsInitCPUModel-one.patch rename to 0006-qemu-Move-common-code-in-virQEMUCapsInitCPUModel-one.patch diff --git a/0008-qemu-Add-migratable-parameter-to-virQEMUCapsInitCPUM.patch b/0007-qemu-Add-migratable-parameter-to-virQEMUCapsInitCPUM.patch similarity index 100% rename from 0008-qemu-Add-migratable-parameter-to-virQEMUCapsInitCPUM.patch rename to 0007-qemu-Add-migratable-parameter-to-virQEMUCapsInitCPUM.patch diff --git a/0009-qemu-Introduce-virQEMUCapsSetHostModel.patch b/0008-qemu-Introduce-virQEMUCapsSetHostModel.patch similarity index 100% rename from 0009-qemu-Introduce-virQEMUCapsSetHostModel.patch rename to 0008-qemu-Introduce-virQEMUCapsSetHostModel.patch diff --git a/0010-qemu-Move-qemuCaps-CPU-data-copying-into-a-separate-.patch b/0009-qemu-Move-qemuCaps-CPU-data-copying-into-a-separate-.patch similarity index 100% rename from 0010-qemu-Move-qemuCaps-CPU-data-copying-into-a-separate-.patch rename to 0009-qemu-Move-qemuCaps-CPU-data-copying-into-a-separate-.patch diff --git a/0011-qemu-Introduce-virQEMUCapsHostCPUDataClear.patch b/0010-qemu-Introduce-virQEMUCapsHostCPUDataClear.patch similarity index 100% rename from 0011-qemu-Introduce-virQEMUCapsHostCPUDataClear.patch rename to 0010-qemu-Introduce-virQEMUCapsHostCPUDataClear.patch diff --git a/0012-qemu-Move-qemuCaps-host-CPU-data-in-a-struct.patch b/0011-qemu-Move-qemuCaps-host-CPU-data-in-a-struct.patch similarity index 100% rename from 0012-qemu-Move-qemuCaps-host-CPU-data-in-a-struct.patch rename to 0011-qemu-Move-qemuCaps-host-CPU-data-in-a-struct.patch diff --git a/0013-qemu-Prepare-qemuCaps-for-multiple-host-CPU-defs.patch b/0012-qemu-Prepare-qemuCaps-for-multiple-host-CPU-defs.patch similarity index 100% rename from 0013-qemu-Prepare-qemuCaps-for-multiple-host-CPU-defs.patch rename to 0012-qemu-Prepare-qemuCaps-for-multiple-host-CPU-defs.patch diff --git a/0014-qemu-Pass-migratable-host-CPU-model-to-virCPUUpdate.patch b/0013-qemu-Pass-migratable-host-CPU-model-to-virCPUUpdate.patch similarity index 100% rename from 0014-qemu-Pass-migratable-host-CPU-model-to-virCPUUpdate.patch rename to 0013-qemu-Pass-migratable-host-CPU-model-to-virCPUUpdate.patch diff --git a/0015-cpu-Drop-feature-filtering-from-virCPUUpdate.patch b/0014-cpu-Drop-feature-filtering-from-virCPUUpdate.patch similarity index 100% rename from 0015-cpu-Drop-feature-filtering-from-virCPUUpdate.patch rename to 0014-cpu-Drop-feature-filtering-from-virCPUUpdate.patch diff --git a/0016-cpu-Introduce-virCPUGetHostIsSupported.patch b/0015-cpu-Introduce-virCPUGetHostIsSupported.patch similarity index 100% rename from 0016-cpu-Introduce-virCPUGetHostIsSupported.patch rename to 0015-cpu-Introduce-virCPUGetHostIsSupported.patch diff --git a/0017-qemu-Use-more-data-for-comparing-CPUs.patch b/0016-qemu-Use-more-data-for-comparing-CPUs.patch similarity index 100% rename from 0017-qemu-Use-more-data-for-comparing-CPUs.patch rename to 0016-qemu-Use-more-data-for-comparing-CPUs.patch diff --git a/0104-tpm-Use-dev-null-for-cancel-path-if-none-was-found.patch b/0104-tpm-Use-dev-null-for-cancel-path-if-none-was-found.patch new file mode 100644 index 0000000..bd818f0 --- /dev/null +++ b/0104-tpm-Use-dev-null-for-cancel-path-if-none-was-found.patch @@ -0,0 +1,34 @@ +From: Stefan Berger +Date: Thu, 29 Jun 2017 14:01:11 -0400 +Subject: [PATCH] tpm: Use /dev/null for cancel path if none was found +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +TPM 2 does not implement sysfs files for cancellation of commands. +We therefore use /dev/null for the cancel path passed to QEMU. + +Signed-off-by: Stefan Berger +Tested-by: Javier Martinez Canillas +Reviewed-by: Marc-André Lureau +Signed-off-by: Jiri Denemark +(cherry picked from commit dfbb15b75433e520fb1b905c1c3e28753e53e4a5) +--- + src/util/virtpm.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/src/util/virtpm.c b/src/util/virtpm.c +index 6d9b0657a..d5c10da38 100644 +--- a/src/util/virtpm.c ++++ b/src/util/virtpm.c +@@ -61,9 +61,7 @@ virTPMCreateCancelPath(const char *devpath) + VIR_FREE(path); + } + if (!path) +- virReportError(VIR_ERR_INTERNAL_ERROR, "%s", +- _("No usable sysfs TPM cancel file could be " +- "found")); ++ ignore_value(VIR_STRDUP(path, "/dev/null")); + } else { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("TPM device path %s is invalid"), devpath); diff --git a/0105-security-add-MANAGER_MOUNT_NAMESPACE-flag.patch b/0105-security-add-MANAGER_MOUNT_NAMESPACE-flag.patch new file mode 100644 index 0000000..cee8159 --- /dev/null +++ b/0105-security-add-MANAGER_MOUNT_NAMESPACE-flag.patch @@ -0,0 +1,108 @@ +From: Cole Robinson +Date: Sun, 27 Aug 2017 11:23:47 -0400 +Subject: [PATCH] security: add MANAGER_MOUNT_NAMESPACE flag + +The VIR_SECURITY_MANAGER_MOUNT_NAMESPACE flag informs the DAC driver +if mount namespaces are in use for the VM. Will be used for future +changes. + +Wire it up in the qemu driver + +(cherry picked from commit 321031e482425dfeae0f125cdac6df870f079efd) +--- + src/qemu/qemu_driver.c | 2 ++ + src/security/security_dac.c | 10 ++++++++++ + src/security/security_dac.h | 3 +++ + src/security/security_manager.c | 4 +++- + src/security/security_manager.h | 1 + + 5 files changed, 19 insertions(+), 1 deletion(-) + +diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c +index ce844bb04..555a1009b 100644 +--- a/src/qemu/qemu_driver.c ++++ b/src/qemu/qemu_driver.c +@@ -417,6 +417,8 @@ qemuSecurityInit(virQEMUDriverPtr driver) + if (virQEMUDriverIsPrivileged(driver)) { + if (cfg->dynamicOwnership) + flags |= VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP; ++ if (virBitmapIsBitSet(cfg->namespaces, QEMU_DOMAIN_NS_MOUNT)) ++ flags |= VIR_SECURITY_MANAGER_MOUNT_NAMESPACE; + if (!(mgr = qemuSecurityNewDAC(QEMU_DRIVER_NAME, + cfg->user, + cfg->group, +diff --git a/src/security/security_dac.c b/src/security/security_dac.c +index 922e48494..1f8d279bf 100644 +--- a/src/security/security_dac.c ++++ b/src/security/security_dac.c +@@ -57,6 +57,7 @@ struct _virSecurityDACData { + gid_t *groups; + int ngroups; + bool dynamicOwnership; ++ bool mountNamespace; + char *baselabel; + virSecurityManagerDACChownCallback chownCallback; + }; +@@ -238,6 +239,15 @@ virSecurityDACSetDynamicOwnership(virSecurityManagerPtr mgr, + } + + void ++virSecurityDACSetMountNamespace(virSecurityManagerPtr mgr, ++ bool mountNamespace) ++{ ++ virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr); ++ priv->mountNamespace = mountNamespace; ++} ++ ++ ++void + virSecurityDACSetChownCallback(virSecurityManagerPtr mgr, + virSecurityManagerDACChownCallback chownCallback) + { +diff --git a/src/security/security_dac.h b/src/security/security_dac.h +index 846cefbb5..97681c961 100644 +--- a/src/security/security_dac.h ++++ b/src/security/security_dac.h +@@ -32,6 +32,9 @@ int virSecurityDACSetUserAndGroup(virSecurityManagerPtr mgr, + void virSecurityDACSetDynamicOwnership(virSecurityManagerPtr mgr, + bool dynamic); + ++void virSecurityDACSetMountNamespace(virSecurityManagerPtr mgr, ++ bool mountNamespace); ++ + void virSecurityDACSetChownCallback(virSecurityManagerPtr mgr, + virSecurityManagerDACChownCallback chownCallback); + +diff --git a/src/security/security_manager.c b/src/security/security_manager.c +index 6c777db1e..b2d04d4b9 100644 +--- a/src/security/security_manager.c ++++ b/src/security/security_manager.c +@@ -146,7 +146,8 @@ virSecurityManagerNewDAC(const char *virtDriver, + virSecurityManagerPtr mgr; + + virCheckFlags(VIR_SECURITY_MANAGER_NEW_MASK | +- VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP, NULL); ++ VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP | ++ VIR_SECURITY_MANAGER_MOUNT_NAMESPACE, NULL); + + mgr = virSecurityManagerNewDriver(&virSecurityDriverDAC, + virtDriver, +@@ -161,6 +162,7 @@ virSecurityManagerNewDAC(const char *virtDriver, + } + + virSecurityDACSetDynamicOwnership(mgr, flags & VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP); ++ virSecurityDACSetMountNamespace(mgr, flags & VIR_SECURITY_MANAGER_MOUNT_NAMESPACE); + virSecurityDACSetChownCallback(mgr, chownCallback); + + return mgr; +diff --git a/src/security/security_manager.h b/src/security/security_manager.h +index 238e66cd0..96937a892 100644 +--- a/src/security/security_manager.h ++++ b/src/security/security_manager.h +@@ -36,6 +36,7 @@ typedef enum { + VIR_SECURITY_MANAGER_REQUIRE_CONFINED = 1 << 2, + VIR_SECURITY_MANAGER_PRIVILEGED = 1 << 3, + VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP = 1 << 4, ++ VIR_SECURITY_MANAGER_MOUNT_NAMESPACE = 1 << 5, + } virSecurityManagerNewFlags; + + # define VIR_SECURITY_MANAGER_NEW_MASK \ diff --git a/0106-security-dac-relabel-spice-rendernode.patch b/0106-security-dac-relabel-spice-rendernode.patch new file mode 100644 index 0000000..b97bdf1 --- /dev/null +++ b/0106-security-dac-relabel-spice-rendernode.patch @@ -0,0 +1,101 @@ +From: Cole Robinson +Date: Mon, 17 Jul 2017 08:57:57 -0400 +Subject: [PATCH] security: dac: relabel spice rendernode + +For a logged in user this a path like /dev/dri/renderD128 will have +default ownership root:video which won't work for the qemu:qemu user, +so we need to chown it. + +We only do this when mount namespaces are enabled in the qemu driver, +so the chown'ing doesn't interfere with other users of the shared +render node path + +https://bugzilla.redhat.com/show_bug.cgi?id=1460804 +(cherry picked from commit 98931187eefdec6f2dea5cb82ab6d23a3ffa6634) +--- + src/security/security_dac.c | 58 +++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 58 insertions(+) + +diff --git a/src/security/security_dac.c b/src/security/security_dac.c +index 1f8d279bf..5f13bcee8 100644 +--- a/src/security/security_dac.c ++++ b/src/security/security_dac.c +@@ -1380,6 +1380,54 @@ virSecurityDACRestoreTPMFileLabel(virSecurityManagerPtr mgr, + + + static int ++virSecurityDACSetGraphicsLabel(virSecurityManagerPtr mgr, ++ virDomainDefPtr def, ++ virDomainGraphicsDefPtr gfx) ++ ++{ ++ virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr); ++ virSecurityLabelDefPtr seclabel; ++ uid_t user; ++ gid_t group; ++ ++ /* Skip chowning the shared render file if namespaces are disabled */ ++ if (!priv->mountNamespace) ++ return 0; ++ ++ seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME); ++ if (seclabel && !seclabel->relabel) ++ return 0; ++ ++ if (virSecurityDACGetIds(seclabel, priv, &user, &group, NULL, NULL) < 0) ++ return -1; ++ ++ if (gfx->type == VIR_DOMAIN_GRAPHICS_TYPE_SPICE && ++ gfx->data.spice.gl == VIR_TRISTATE_BOOL_YES && ++ gfx->data.spice.rendernode) { ++ if (virSecurityDACSetOwnership(priv, NULL, ++ gfx->data.spice.rendernode, ++ user, group) < 0) ++ return -1; ++ } ++ ++ return 0; ++} ++ ++ ++static int ++virSecurityDACRestoreGraphicsLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED, ++ virDomainDefPtr def ATTRIBUTE_UNUSED, ++ virDomainGraphicsDefPtr gfx ATTRIBUTE_UNUSED) ++ ++{ ++ /* The only graphics labelling we do is dependent on mountNamespaces, ++ in which case 'restoring' the label doesn't actually accomplish ++ anything, so there's nothing to do here */ ++ return 0; ++} ++ ++ ++static int + virSecurityDACSetInputLabel(virSecurityManagerPtr mgr, + virDomainDefPtr def, + virDomainInputDefPtr input) +@@ -1489,6 +1537,11 @@ virSecurityDACRestoreAllLabel(virSecurityManagerPtr mgr, + rc = -1; + } + ++ for (i = 0; i < def->ngraphics; i++) { ++ if (virSecurityDACRestoreGraphicsLabel(mgr, def, def->graphics[i]) < 0) ++ return -1; ++ } ++ + for (i = 0; i < def->ninputs; i++) { + if (virSecurityDACRestoreInputLabel(mgr, def, def->inputs[i]) < 0) + rc = -1; +@@ -1602,6 +1655,11 @@ virSecurityDACSetAllLabel(virSecurityManagerPtr mgr, + return -1; + } + ++ for (i = 0; i < def->ngraphics; i++) { ++ if (virSecurityDACSetGraphicsLabel(mgr, def, def->graphics[i]) < 0) ++ return -1; ++ } ++ + for (i = 0; i < def->ninputs; i++) { + if (virSecurityDACSetInputLabel(mgr, def, def->inputs[i]) < 0) + return -1; diff --git a/0107-qemu-Honour-on_reboot.patch b/0107-qemu-Honour-on_reboot.patch new file mode 100644 index 0000000..f52ede2 --- /dev/null +++ b/0107-qemu-Honour-on_reboot.patch @@ -0,0 +1,63 @@ +From: Michal Privoznik +Date: Mon, 31 Jul 2017 16:55:58 +0200 +Subject: [PATCH] qemu: Honour + +https://bugzilla.redhat.com/show_bug.cgi?id=1476866 + +For some reason, we completely ignore setting for +domains. The implementation is simply not there. It never was. + +Signed-off-by: Michal Privoznik +(cherry picked from commit 3ee9bdbe351c0b80d4c469571ef31df3f1b148ea) +--- + src/qemu/qemu_process.c | 27 ++++++++++++++++++++++++--- + 1 file changed, 24 insertions(+), 3 deletions(-) + +diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c +index 992a7174b..7588212ba 100644 +--- a/src/qemu/qemu_process.c ++++ b/src/qemu/qemu_process.c +@@ -487,6 +487,7 @@ qemuProcessHandleReset(qemuMonitorPtr mon ATTRIBUTE_UNUSED, + virObjectEventPtr event; + qemuDomainObjPrivatePtr priv; + virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver); ++ int ret = -1; + + virObjectLock(vm); + +@@ -498,12 +499,32 @@ qemuProcessHandleReset(qemuMonitorPtr mon ATTRIBUTE_UNUSED, + if (virDomainSaveStatus(driver->xmlopt, cfg->stateDir, vm, driver->caps) < 0) + VIR_WARN("Failed to save status on vm %s", vm->def->name); + +- virObjectUnlock(vm); ++ if (vm->def->onReboot == VIR_DOMAIN_LIFECYCLE_DESTROY || ++ vm->def->onReboot == VIR_DOMAIN_LIFECYCLE_PRESERVE) { + +- qemuDomainEventQueue(driver, event); ++ if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0) ++ goto cleanup; ++ ++ if (!virDomainObjIsActive(vm)) { ++ VIR_DEBUG("Ignoring RESET event from inactive domain %s", ++ vm->def->name); ++ goto endjob; ++ } ++ ++ qemuProcessStop(driver, vm, VIR_DOMAIN_SHUTOFF_DESTROYED, ++ QEMU_ASYNC_JOB_NONE, 0); ++ virDomainAuditStop(vm, "destroyed"); ++ qemuDomainRemoveInactive(driver, vm); ++ endjob: ++ qemuDomainObjEndJob(driver, vm); ++ } + ++ ret = 0; ++ cleanup: ++ virObjectUnlock(vm); ++ qemuDomainEventQueue(driver, event); + virObjectUnref(cfg); +- return 0; ++ return ret; + } + + diff --git a/0108-qemuDomainBuildNamespace-Move-dev-mountpoints-later.patch b/0108-qemuDomainBuildNamespace-Move-dev-mountpoints-later.patch new file mode 100644 index 0000000..2b61294 --- /dev/null +++ b/0108-qemuDomainBuildNamespace-Move-dev-mountpoints-later.patch @@ -0,0 +1,113 @@ +From: Michal Privoznik +Date: Thu, 27 Apr 2017 16:29:21 +0200 +Subject: [PATCH] qemuDomainBuildNamespace: Move /dev/* mountpoints later + +When setting up mount namespace for a qemu domain the following +steps are executed: + +1) get list of mountpoints under /dev/ +2) move them to /var/run/libvirt/qemu/$domName.ext +3) start constructing new device tree under /var/run/libvirt/qemu/$domName.dev +4) move the mountpoint of the new device tree to /dev +5) restore original mountpoints from step 2) + +Note the problem with this approach is that if some device in step +3) requires access to a mountpoint from step 2) it will fail as +the mountpoint is not there anymore. For instance consider the +following domain disk configuration: + + + + + +
+ + +In this case operation fails as we are unable to create vhostmd0 +in the new device tree because after step 2) there is no /dev/shm +anymore. Leave aside fact that we shouldn't try to create devices +living in other mountpoints. That's a separate bug that will be +addressed later. + +Currently, the order described above is rearranged to: + +1) get list of mountpoints under /dev/ +2) start constructing new device tree under /var/run/libvirt/qemu/$domName.dev +3) move them to /var/run/libvirt/qemu/$domName.ext +4) move the mountpoint of the new device tree to /dev +5) restore original mountpoints from step 3) + +Signed-off-by: Michal Privoznik +Reviewed-by: Cedric Bosdonnat +(cherry picked from commit a7cc039dc796f541793955598377807af48341fb) +(cherry picked from commit 469bf7cb7a44a0798c63e4b5e4682d8e38bce66e) +--- + src/qemu/qemu_domain.c | 48 ++++++++++++++++++++++++------------------------ + 1 file changed, 24 insertions(+), 24 deletions(-) + +diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c +index 4a127cedf..64f18f493 100644 +--- a/src/qemu/qemu_domain.c ++++ b/src/qemu/qemu_domain.c +@@ -7854,6 +7854,30 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, + if (qemuDomainSetupDev(cfg, mgr, vm, devPath) < 0) + goto cleanup; + ++ if (qemuDomainSetupAllDisks(cfg, vm, devPath) < 0) ++ goto cleanup; ++ ++ if (qemuDomainSetupAllHostdevs(cfg, vm, devPath) < 0) ++ goto cleanup; ++ ++ if (qemuDomainSetupAllMemories(cfg, vm, devPath) < 0) ++ goto cleanup; ++ ++ if (qemuDomainSetupAllChardevs(cfg, vm, devPath) < 0) ++ goto cleanup; ++ ++ if (qemuDomainSetupTPM(cfg, vm, devPath) < 0) ++ goto cleanup; ++ ++ if (qemuDomainSetupAllGraphics(cfg, vm, devPath) < 0) ++ goto cleanup; ++ ++ if (qemuDomainSetupAllInputs(cfg, vm, devPath) < 0) ++ goto cleanup; ++ ++ if (qemuDomainSetupAllRNGs(cfg, vm, devPath) < 0) ++ goto cleanup; ++ + /* Save some mount points because we want to share them with the host */ + for (i = 0; i < ndevMountsPath; i++) { + struct stat sb; +@@ -7881,30 +7905,6 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, + goto cleanup; + } + +- if (qemuDomainSetupAllDisks(cfg, vm, devPath) < 0) +- goto cleanup; +- +- if (qemuDomainSetupAllHostdevs(cfg, vm, devPath) < 0) +- goto cleanup; +- +- if (qemuDomainSetupAllMemories(cfg, vm, devPath) < 0) +- goto cleanup; +- +- if (qemuDomainSetupAllChardevs(cfg, vm, devPath) < 0) +- goto cleanup; +- +- if (qemuDomainSetupTPM(cfg, vm, devPath) < 0) +- goto cleanup; +- +- if (qemuDomainSetupAllGraphics(cfg, vm, devPath) < 0) +- goto cleanup; +- +- if (qemuDomainSetupAllInputs(cfg, vm, devPath) < 0) +- goto cleanup; +- +- if (qemuDomainSetupAllRNGs(cfg, vm, devPath) < 0) +- goto cleanup; +- + if (virFileMoveMount(devPath, "/dev") < 0) + goto cleanup; + diff --git a/libvirt.spec b/libvirt.spec index 177cce6..6fd2f0e 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -240,7 +240,7 @@ Summary: Library providing a simple virtualization API Name: libvirt Version: 3.2.1 -Release: 5%{?dist}%{?extra_release} +Release: 6%{?dist}%{?extra_release} License: LGPLv2+ Group: Development/Libraries BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root @@ -255,24 +255,21 @@ Source: http://libvirt.org/sources/%{?mainturl}libvirt-%{version}.tar.xz Patch0001: 0001-tests-Check-default-GIC-version-for-aarch64-virt-TCG.patch Patch0002: 0002-qemu-Use-GICv2-for-aarch64-virt-TCG-guests.patch Patch0003: 0003-gic-Remove-VIR_GIC_VERSION_DEFAULT.patch -# Don't run libvirtd in live environment, to avoid network collision (bz -# #1146232) -Patch0004: 0004-daemon-Don-t-run-if-in-a-Fedora-live-VM.patch # Fix resuming qemu VMs suspended before libvirt 3.2.0 -Patch0005: 0005-Revert-qemu-propagate-bridge-MTU-into-qemu-host_mtu-.patch +Patch0004: 0004-Revert-qemu-propagate-bridge-MTU-into-qemu-host_mtu-.patch # Fix issues with AMD CPU models, and some others -Patch0006: 0006-cpu-Introduce-virCPUCopyMigratable.patch -Patch0007: 0007-qemu-Move-common-code-in-virQEMUCapsInitCPUModel-one.patch -Patch0008: 0008-qemu-Add-migratable-parameter-to-virQEMUCapsInitCPUM.patch -Patch0009: 0009-qemu-Introduce-virQEMUCapsSetHostModel.patch -Patch0010: 0010-qemu-Move-qemuCaps-CPU-data-copying-into-a-separate-.patch -Patch0011: 0011-qemu-Introduce-virQEMUCapsHostCPUDataClear.patch -Patch0012: 0012-qemu-Move-qemuCaps-host-CPU-data-in-a-struct.patch -Patch0013: 0013-qemu-Prepare-qemuCaps-for-multiple-host-CPU-defs.patch -Patch0014: 0014-qemu-Pass-migratable-host-CPU-model-to-virCPUUpdate.patch -Patch0015: 0015-cpu-Drop-feature-filtering-from-virCPUUpdate.patch -Patch0016: 0016-cpu-Introduce-virCPUGetHostIsSupported.patch -Patch0017: 0017-qemu-Use-more-data-for-comparing-CPUs.patch +Patch0005: 0005-cpu-Introduce-virCPUCopyMigratable.patch +Patch0006: 0006-qemu-Move-common-code-in-virQEMUCapsInitCPUModel-one.patch +Patch0007: 0007-qemu-Add-migratable-parameter-to-virQEMUCapsInitCPUM.patch +Patch0008: 0008-qemu-Introduce-virQEMUCapsSetHostModel.patch +Patch0009: 0009-qemu-Move-qemuCaps-CPU-data-copying-into-a-separate-.patch +Patch0010: 0010-qemu-Introduce-virQEMUCapsHostCPUDataClear.patch +Patch0011: 0011-qemu-Move-qemuCaps-host-CPU-data-in-a-struct.patch +Patch0012: 0012-qemu-Prepare-qemuCaps-for-multiple-host-CPU-defs.patch +Patch0013: 0013-qemu-Pass-migratable-host-CPU-model-to-virCPUUpdate.patch +Patch0014: 0014-cpu-Drop-feature-filtering-from-virCPUUpdate.patch +Patch0015: 0015-cpu-Introduce-virCPUGetHostIsSupported.patch +Patch0016: 0016-qemu-Use-more-data-for-comparing-CPUs.patch # Enable ZFS storage driver (bz #1471912) Patch0101: 0101-spec-Add-support-for-building-the-zfs-storage-driver.patch @@ -281,6 +278,15 @@ Patch0101: 0101-spec-Add-support-for-building-the-zfs-storage-driver.patch Patch0102: 0102-Avoid-hidden-cgroup-mount-points.patch # disk driver name=... should be optional (bz #1473091) Patch0103: 0103-docs-schema-make-disk-driver-name-attribute-optional.patch +# Fix TPM2 passthrough (bz #1486240) +Patch0104: 0104-tpm-Use-dev-null-for-cancel-path-if-none-was-found.patch +# Fix spice GL qemu:///system rendernode permissions (bz #1460804) +Patch0105: 0105-security-add-MANAGER_MOUNT_NAMESPACE-flag.patch +Patch0106: 0106-security-dac-relabel-spice-rendernode.patch +# Fix on_reboot=destroy setting (bz #1476866) +Patch0107: 0107-qemu-Honour-on_reboot.patch +# Fix disk images in /dev/shm (bz #1482146) +Patch0108: 0108-qemuDomainBuildNamespace-Move-dev-mountpoints-later.patch Requires: libvirt-daemon = %{version}-%{release} Requires: libvirt-daemon-config-network = %{version}-%{release} @@ -2148,6 +2154,12 @@ exit 0 %changelog +* Fri Sep 15 2017 Cole Robinson - 3.2.1-6 +- Fix TPM2 passthrough (bz #1486240) +- Fix spice GL qemu:///system rendernode permissions (bz #1460804) +- Fix on_reboot=destroy setting (bz #1476866) +- Fix disk images in /dev/shm (bz #1482146) + * Fri Aug 04 2017 Cole Robinson - 3.2.1-5 - Enable ZFS storage driver (bz #1471912) - Don't use cgroup mount points from /proc/mounts that are hidden (bz