qemuProcessHandleMonitorEOF: Disable namespace for domain

https://bugzilla.redhat.com/show_bug.cgi?id=1430634 If a qemu process has died, we get EOF on its monitor. At this point, since qemu process was the only one running in the namespace kernel has already cleaned the namespace up. Any attempt of ours to enter it has to fail. This really happened in the bug linked above. We've tried to attach a disk to qemu and while we were in the monitor talking to qemu it just died. Therefore our code tried to do some roll back (e.g. deny the device in cgroups again, restore labels, etc.). However, during the roll back (esp. when restoring labels) we still thought that domain has a namespace. So we used secdriver's transactions. This failed as there is no namespace to enter. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2024-10-03 04:45:46 +00:00 · 2017-03-10 13:34:15 +01:00 · 2017-03-10 13:34:15 +01:00 · e915942b05
commit e915942b05
parent 33feb66608
3 changed files with 32 additions and 0 deletions
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@ -201,6 +201,22 @@ qemuDomainEnableNamespace(virDomainObjPtr vm,
 }


+static void
+qemuDomainDisableNamespace(virDomainObjPtr vm,
+                           qemuDomainNamespace ns)
+{
+    qemuDomainObjPrivatePtr priv = vm->privateData;
+
+    if (priv->namespaces) {
+        ignore_value(virBitmapClearBit(priv->namespaces, ns));
+        if (virBitmapIsAllClear(priv->namespaces)) {
+            virBitmapFree(priv->namespaces);
+            priv->namespaces = NULL;
+        }
+    }
+}
+
+
 void qemuDomainEventQueue(virQEMUDriverPtr driver,
                          virObjectEventPtr event)
 {
@ -7805,6 +7821,15 @@ qemuDomainCreateNamespace(virQEMUDriverPtr driver,
 }


+void
+qemuDomainDestroyNamespace(virQEMUDriverPtr driver ATTRIBUTE_UNUSED,
+                           virDomainObjPtr vm)
+{
+    if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
+        qemuDomainDisableNamespace(vm, QEMU_DOMAIN_NS_MOUNT);
+}
+
+
 bool
 qemuDomainNamespaceAvailable(qemuDomainNamespace ns ATTRIBUTE_UNUSED)
 {
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@ -816,6 +816,9 @@ int qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg,
 int qemuDomainCreateNamespace(virQEMUDriverPtr driver,
                              virDomainObjPtr vm);

+void qemuDomainDestroyNamespace(virQEMUDriverPtr driver,
+                                virDomainObjPtr vm);
+
 bool qemuDomainNamespaceAvailable(qemuDomainNamespace ns);

 int qemuDomainNamespaceSetupDisk(virQEMUDriverPtr driver,
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@ -314,6 +314,10 @@ qemuProcessHandleMonitorEOF(qemuMonitorPtr mon ATTRIBUTE_UNUSED,
     */
    qemuMonitorUnregister(mon);

+    /* We don't want any cleanup from EOF handler (or any other
+     * thread) to enter qemu namespace. */
+    qemuDomainDestroyNamespace(driver, vm);
+
 cleanup:
    virObjectUnlock(vm);
 }