From: Michal Privoznik Date: Mon, 18 Jul 2022 14:13:12 +0000 (+0200) Subject: qemu_hotplug: Create chardev files before attempting to relabel them X-Git-Tag: v8.6.0-rc1~20 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a1dd3576b57b67c1c562dfb3a33053cc625cfacc;p=thirdparty%2Flibvirt.git qemu_hotplug: Create chardev files before attempting to relabel them When hotplugging a chardev, Libvirt opens corresponding file/binds to a socket/does whatever necessary to obtain an FD that is later passed to QEMU. However, due to wrong placement of the function that does all of this (qemuProcessPrepareHostBackendChardevHotplug()) it may happen that a file is set seclabel on, only to be unlink()-ed and created again (the former is done by qemuSecuritySetChardevLabel(), the latter by aforementioned function). The unlink()-ing is done for UNIX sockets with mode='bind' and happens inside qemuOpenChrChardevUNIXSocket(). However, these steps can be swapped simply. Fixes: ad81aa8ad07e52c9bd4840de84d2ed59998b4d2a Signed-off-by: Michal Privoznik Reviewed-by: Kristina Hanicova --- diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index 1c404ad5a5..5eb370c3df 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -2118,6 +2118,9 @@ qemuDomainAttachChrDevice(virQEMUDriver *driver, if (qemuDomainAttachChrDeviceAssignAddr(vm, chr, &need_release) < 0) goto cleanup; + if (qemuProcessPrepareHostBackendChardevHotplug(vm, dev) < 0) + goto cleanup; + if (qemuDomainNamespaceSetupChardev(vm, chr, &teardowndevice) < 0) goto cleanup; @@ -2129,9 +2132,6 @@ qemuDomainAttachChrDevice(virQEMUDriver *driver, goto cleanup; teardowncgroup = true; - if (qemuProcessPrepareHostBackendChardevHotplug(vm, dev) < 0) - goto cleanup; - if (guestfwd) { if (!(netdevprops = qemuBuildChannelGuestfwdNetdevProps(chr))) goto cleanup;