External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-02-22 03:12:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

qemuDomainBuildNamespace: Populate inputs from daemon's namespace

Browse Source 
As mentioned in one of previous commits, populating domain's
namespace from pre-exec() hook is dangerous. This commit moves
population of the namespace with domain inputs into daemon's
namespace.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
Michal Privoznik 2020-07-21 14:34:22 +02:00
parent 5f4f7c2094
commit c872905242
1 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/qemu/qemu_namespace.c
View File

@ -732,11 +732,11 @@ qemuDomainSetupAllGraphics(virDomainObjPtr vm,
static int
qemuDomainSetupInput(virDomainInputDefPtr input,
const struct qemuDomainCreateDeviceData *data)
char ***paths)
{
const char *path = virDomainInputDefGetPath(input);
if (path && qemuDomainCreateDevice(path, data, false) < 0)
if (path && virStringListAdd(paths, path) < 0)
return -1;
return 0;
@ -745,14 +745,14 @@ qemuDomainSetupInput(virDomainInputDefPtr input,
static int
qemuDomainSetupAllInputs(virDomainObjPtr vm,
const struct qemuDomainCreateDeviceData *data)
char ***paths)
{
size_t i;
VIR_DEBUG("Setting up inputs");
for (i = 0; i < vm->def->ninputs; i++) {
if (qemuDomainSetupInput(vm->def->inputs[i],
data) < 0)
paths) < 0)
return -1;
}
VIR_DEBUG("Setup all inputs");
@ -885,6 +885,9 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg,
if (qemuDomainSetupAllGraphics(vm, &paths) < 0)
return -1;
if (qemuDomainSetupAllInputs(vm, &paths) < 0)
return -1;
if (qemuNamespaceMknodPaths(vm, (const char **) paths) < 0)
return -1;
@ -936,9 +939,6 @@ qemuDomainUnshareNamespace(virQEMUDriverConfigPtr cfg,
if (qemuDomainSetupDev(mgr, vm, devPath) < 0)
goto cleanup;
if (qemuDomainSetupAllInputs(vm, &data) < 0)
goto cleanup;
if (qemuDomainSetupAllRNGs(vm, &data) < 0)
goto cleanup;
@ -1871,15 +1871,15 @@ int
qemuDomainNamespaceSetupInput(virDomainObjPtr vm,
virDomainInputDefPtr input)
{
const char *path = NULL;
VIR_AUTOSTRINGLIST paths = NULL;
if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
return 0;
if (!(path = virDomainInputDefGetPath(input)))
return 0;
if (qemuDomainSetupInput(input, &paths) < 0)
return -1;
if (path && qemuDomainNamespaceMknodPath(vm, path) < 0)
if (qemuNamespaceMknodPaths(vm, (const char **) paths) < 0)
return -1;
return 0;
}