qemu_hotplug: Create chardev files before attempting to relabel them

When hotplugging a chardev, Libvirt opens corresponding file/binds to a socket/does whatever necessary to obtain an FD that is later passed to QEMU. However, due to wrong placement of the function that does all of this (qemuProcessPrepareHostBackendChardevHotplug()) it may happen that a file is set seclabel on, only to be unlink()-ed and created again (the former is done by qemuSecuritySetChardevLabel(), the latter by aforementioned function). The unlink()-ing is done for UNIX sockets with mode='bind' and happens inside qemuOpenChrChardevUNIXSocket(). However, these steps can be swapped simply. Fixes: ad81aa8ad0 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
2024-12-22 13:45:38 +00:00 · 2022-07-18 16:13:12 +02:00 · 2022-07-18 16:13:12 +02:00 · a1dd3576b5
commit a1dd3576b5
parent 14f42129fc
1 changed files with 3 additions and 3 deletions
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@ -2118,6 +2118,9 @@ qemuDomainAttachChrDevice(virQEMUDriver *driver,
    if (qemuDomainAttachChrDeviceAssignAddr(vm, chr, &need_release) < 0)
        goto cleanup;

+    if (qemuProcessPrepareHostBackendChardevHotplug(vm, dev) < 0)
+        goto cleanup;
+
    if (qemuDomainNamespaceSetupChardev(vm, chr, &teardowndevice) < 0)
        goto cleanup;

@ -2129,9 +2132,6 @@ qemuDomainAttachChrDevice(virQEMUDriver *driver,
        goto cleanup;
    teardowncgroup = true;

-    if (qemuProcessPrepareHostBackendChardevHotplug(vm, dev) < 0)
-        goto cleanup;
-
    if (guestfwd) {
        if (!(netdevprops = qemuBuildChannelGuestfwdNetdevProps(chr)))
            goto cleanup;