[PATCH] storage: fix scsi detach regression with cgroup ACLs

Eric Blake <eblake@xxxxxxxxxx> · Thu, 29 Nov 2012 14:48:41 -0700

https://bugzilla.redhat.com/show_bug.cgi?id=876828

Commit 38c4a9cc introduced a regression in hot unplugging of disks
from qemu, where cgroup device ACLs were no longer being revoked
(thankfully not a security hole: cgroup ACLs only prevent open()
of the disk; so reverting the ACL prevents future abuse but doesn't
stop abuse from an fd that was already opened before the ACL change).

Commit 1b2ebf95 overlooked that there were two spots affected.

* src/qemu/qemu_hotplug.c (qemuDomainDetachDiskDevice):
Transfer backing chain before deletion.
* src/qemu/qemu_driver.c (qemuDomainDetachDeviceDiskLive): Fix
spacing (partly to ensure a different-looking patch).
---

I blame git for letting me find this - I did a 'pull --rebase' on
top of libvirt.git, and noticed that my working patch was still
on the tree - it turns out that the hunk for qemu_hotplug.c is
_identical_ except for the context of the function name needing
a fix.  I still wish git would be more vocal when it finds an
alternate place to apply a patch when function names don't match.

 src/qemu/qemu_driver.c  |    2 +-
 src/qemu/qemu_hotplug.c |    2 ++
 2 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index c37bdb9..ae98dbf 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -6070,7 +6070,7 @@ qemuDomainDetachDeviceDiskLive(virQEMUDriverPtr driver,
         if (disk->bus == VIR_DOMAIN_DISK_BUS_VIRTIO)
             ret = qemuDomainDetachPciDiskDevice(driver, vm, dev);
         else if (disk->bus == VIR_DOMAIN_DISK_BUS_SCSI)
-            ret =  qemuDomainDetachDiskDevice(driver, vm, dev);
+            ret = qemuDomainDetachDiskDevice(driver, vm, dev);
         else if (dev->data.disk->bus == VIR_DOMAIN_DISK_BUS_USB)
             ret = qemuDomainDetachDiskDevice(driver, vm, dev);
         else
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index cfeae68..2d4a822 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -2091,6 +2091,8 @@ int qemuDomainDetachDiskDevice(virQEMUDriverPtr driver,

     virDomainDiskRemove(vm->def, i);

+    dev->data.disk->backingChain = detach->backingChain;
+    detach->backingChain = NULL;
     virDomainDiskDefFree(detach);

     if (virSecurityManagerRestoreImageLabel(driver->securityManager,
-- 
1.7.1

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list





