qemu: Be more selective when determining cdrom for taint messaging

https://bugzilla.redhat.com/show_bug.cgi?id=1471225

Commit id '99a2d6af2' was a bit too aggressive with determining whether
the provided path was a "physical" cd-rom in order to generate a taint
message due to the possibility of some guest and host trying to control
the tray. For cd-rom guest devices backed to some VIR_STORAGE_TYPE_FILE
storage, this wouldn't be a problem and as such it shouldn't be a problem
for guest devices using some sort of block device on the host such as
iSCSI, LVM, or a Disk pool would present.

So before issuing a taint message, let's check if the provided path of
the VIR_STORAGE_TYPE_BLOCK backed device is a "known" physical cdrom name
by comparing the beginning of the path w/ "/dev/cdrom" and "/dev/sr".
Also since it's possible the provided path could resolve to some /dev/srN
device, let's get that path as well and perform the same check.

Signed-off-by: John Ferlan <jferlan@redhat.com>
This commit is contained in:
John Ferlan 2017-09-11 08:35:05 -04:00
parent 57d8afcf75
commit ed2a741e48

View File

@ -4788,6 +4788,35 @@ qemuDomainDefFormatLive(virQEMUDriverPtr driver,
}
/* qemuDomainFilePathIsHostCDROM
* @path: Supplied path.
*
* Determine if the path is a host CD-ROM path. Typically this is
* either /dev/cdrom[n] or /dev/srN, so those are easy checks, but
* it's also possible that @path resolves to /dev/srN, so check for
* those conditions on @path in order to emit the tainted message.
*
* Returns true if the path is a CDROM, false otherwise or on error.
*/
static bool
qemuDomainFilePathIsHostCDROM(const char *path)
{
bool ret = false;
char *linkpath = NULL;
if (virFileResolveLink(path, &linkpath) < 0)
goto cleanup;
if (STRPREFIX(path, "/dev/cdrom") || STRPREFIX(path, "/dev/sr") ||
STRPREFIX(linkpath, "/dev/sr"))
ret = true;
cleanup:
VIR_FREE(linkpath);
return ret;
}
void qemuDomainObjTaint(virQEMUDriverPtr driver,
virDomainObjPtr obj,
virDomainTaintFlags taint,
@ -4906,7 +4935,7 @@ void qemuDomainObjCheckDiskTaint(virQEMUDriverPtr driver,
if (disk->device == VIR_DOMAIN_DISK_DEVICE_CDROM &&
virStorageSourceGetActualType(disk->src) == VIR_STORAGE_TYPE_BLOCK &&
disk->src->path)
disk->src->path && qemuDomainFilePathIsHostCDROM(disk->src->path))
qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_CDROM_PASSTHROUGH,
logCtxt);