On Thu, Sep 03, 2020 at 06:22:00PM +0200, Michal Privoznik wrote: > In 6.7.0 release I've changed how domain namespace is built and > populated. Previously it used to be done from a pre-exec hook > (ran in the forked off child, just before dropping all privileges > and exec()-ing QEMU), which not only meant we had to have two > different code paths for creating a node in domain's namespace > (one for this pre-exec hook, the other for hotplug ran from the > daemon), it also proved problematic because it was leaking FDs > into QEMU process. To mitigate this problem, we've not only > ditched libdevmapper from the NS population process, I've also > dropped the pre-exec code and let the NS be populated from the > daemon (using the hotplug code). But, I was not careful when > doing so, because the pre-exec code was tolerant to files that > doesn't exist, while this new code isn't. For instance, the very > first thing that is done when the new NS is created is it's > populated with @defaultDeviceACL which contain files like > /dev/null, /dev/zero, /dev/random and /dev/kvm (and others). > While the rest will probably exist every time, /dev/kvm might not > and thus the new code I wrote has to be tolerant to that. > > Of course, users can override the @defaultDeviceACL (by setting > cgroup_device_acl in qemu.conf) and remove /dev/kvm (which is > acceptable workaround), but we definitely want libvirt to work > out of the box even on hosts without KVM. > > Fixes: 9048dc4e627ddf33996084167bece7b5fb83b0bc > Reported-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> > Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx> > --- > src/qemu/qemu_namespace.c | 12 +++++++++++- > 1 file changed, 11 insertions(+), 1 deletion(-) Reviewed-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|