From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Daniel P. Berrange" <berrange@redhat.com>
Subject: PATCH: Set close-on-exec flag for QEMU disks
Date: Fri, 2 Mar 2007 21:40:37 +0000
Message-ID: <20070302214037.GC4598@redhat.com>
Reply-To: "Daniel P. Berrange" <berrange@redhat.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="wRRV7LY7NUeQGEoC"
Return-path: <xen-devel-bounces@lists.xensource.com>
Content-Disposition: inline
List-Unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: xen-devel@lists.xensource.com
List-Id: xen-devel@lists.xenproject.org


--wRRV7LY7NUeQGEoC
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

QEMU does not currently set the close-on-exec flag after opening its virtual
disk images. This causes problems when it later runs the /etc/xen/qemu-ifup
script because the file descriptors get propagated to networking commands
like brctl / ifconfig. The SELinux policy quite rightly does not allow the
networking scripts to access the virtual disk images, so these inherited
file descriptors for AVC denials to be logged.

The attached patch modifies all the QEMU disk driver backends to make sure
the close-on-exec flag is turned on

  Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

Regards,
Dan.
-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=| 

--wRRV7LY7NUeQGEoC
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="xen-qemu-closexec.patch"

diff -r 3ac19fda0bc2 tools/ioemu/block-bochs.c
--- a/tools/ioemu/block-bochs.c	Fri Mar 02 12:11:52 2007 +0000
+++ b/tools/ioemu/block-bochs.c	Fri Mar 02 15:56:36 2007 -0500
@@ -88,7 +88,7 @@ static int bochs_open(BlockDriverState *
 static int bochs_open(BlockDriverState *bs, const char *filename)
 {
     BDRVBochsState *s = bs->opaque;
-    int fd, i;
+    int fd, i, flags;
     struct bochs_header bochs;
 
     fd = open(filename, O_RDWR | O_BINARY | O_LARGEFILE);
@@ -97,7 +97,16 @@ static int bochs_open(BlockDriverState *
         if (fd < 0)
             return -1;
     }
-    
+    if ((flags = fcntl(fd, F_GETFD)) < 0) {
+        close(fd);
+	return -1;
+    }
+    flags |= FD_CLOEXEC;
+    if ((fcntl(fd, F_SETFD, flags)) < 0) {
+    	close(fd);
+	return -1;
+    }
+
     bs->read_only = 1; // no write support yet
     
     s->fd = fd;
diff -r 3ac19fda0bc2 tools/ioemu/block-cloop.c
--- a/tools/ioemu/block-cloop.c	Fri Mar 02 12:11:52 2007 +0000
+++ b/tools/ioemu/block-cloop.c	Fri Mar 02 15:57:29 2007 -0500
@@ -53,11 +53,23 @@ static int cloop_open(BlockDriverState *
 static int cloop_open(BlockDriverState *bs, const char *filename)
 {
     BDRVCloopState *s = bs->opaque;
+    int fd, flags;
     uint32_t offsets_size,max_compressed_block_size=1,i;
 
-    s->fd = open(filename, O_RDONLY | O_BINARY | O_LARGEFILE);
-    if (s->fd < 0)
+    fd = open(filename, O_RDONLY | O_BINARY | O_LARGEFILE);
+    if (fd < 0)
         return -1;
+    if ((flags = fcntl(fd, F_GETFD)) < 0) {
+    	close(fd);
+	return -1;
+    }
+    flags |= FD_CLOEXEC;
+    if ((fcntl(fd, F_SETFD, flags)) < 0) {
+    	close(fd);
+	return -1;
+    }
+
+    s->fd = fd;
     bs->read_only = 1;
 
     /* read header */
diff -r 3ac19fda0bc2 tools/ioemu/block-cow.c
--- a/tools/ioemu/block-cow.c	Fri Mar 02 12:11:52 2007 +0000
+++ b/tools/ioemu/block-cow.c	Fri Mar 02 15:53:28 2007 -0500
@@ -65,7 +65,7 @@ static int cow_open(BlockDriverState *bs
 static int cow_open(BlockDriverState *bs, const char *filename)
 {
     BDRVCowState *s = bs->opaque;
-    int fd;
+    int fd, flags;
     struct cow_header_v2 cow_header;
     int64_t size;
 
@@ -75,6 +75,16 @@ static int cow_open(BlockDriverState *bs
         if (fd < 0)
             return -1;
     }
+    if ((flags = fcntl(fd, F_GETFD)) < 0) {
+    	close(fd);
+	return -1;
+    }
+    flags |= FD_CLOEXEC;
+    if ((fcntl(fd, F_SETFD, flags)) < 0) {
+    	close(fd);
+	return -1;
+    }
+
     s->fd = fd;
     /* see if it is a cow image */
     if (read(fd, &cow_header, sizeof(cow_header)) != sizeof(cow_header)) {
diff -r 3ac19fda0bc2 tools/ioemu/block-dmg.c
--- a/tools/ioemu/block-dmg.c	Fri Mar 02 12:11:52 2007 +0000
+++ b/tools/ioemu/block-dmg.c	Fri Mar 02 15:57:51 2007 -0500
@@ -76,13 +76,25 @@ static int dmg_open(BlockDriverState *bs
 static int dmg_open(BlockDriverState *bs, const char *filename)
 {
     BDRVDMGState *s = bs->opaque;
+    int fd, flags;
     off_t info_begin,info_end,last_in_offset,last_out_offset;
     uint32_t count;
     uint32_t max_compressed_size=1,max_sectors_per_chunk=1,i;
 
-    s->fd = open(filename, O_RDONLY | O_BINARY | O_LARGEFILE);
-    if (s->fd < 0)
+    fd = open(filename, O_RDONLY | O_BINARY | O_LARGEFILE);
+    if (fd < 0)
         return -1;
+    if ((flags = fcntl(fd, F_GETFD)) < 0) {
+    	close(fd);
+	return -1;
+    }
+    flags |= FD_CLOEXEC;
+    if ((fcntl(fd, F_SETFD, flags)) < 0) {
+    	close(fd);
+	return -1;
+    }
+
+    s->fd = fd;
     bs->read_only = 1;
     s->n_chunks = 0;
     s->offsets = s->lengths = s->sectors = s->sectorcounts = 0;
diff -r 3ac19fda0bc2 tools/ioemu/block-qcow.c
--- a/tools/ioemu/block-qcow.c	Fri Mar 02 12:11:52 2007 +0000
+++ b/tools/ioemu/block-qcow.c	Fri Mar 02 15:52:42 2007 -0500
@@ -92,7 +92,7 @@ static int qcow_open(BlockDriverState *b
 static int qcow_open(BlockDriverState *bs, const char *filename)
 {
     BDRVQcowState *s = bs->opaque;
-    int fd, len, i, shift;
+    int fd, len, i, shift, flags;
     QCowHeader header;
     
     fd = open(filename, O_RDWR | O_BINARY | O_LARGEFILE);
@@ -101,6 +101,16 @@ static int qcow_open(BlockDriverState *b
         if (fd < 0)
             return -1;
     }
+    if ((flags = fcntl(fd, F_GETFD)) < 0) {
+    	close(fd);
+	return -1;
+    }
+    flags |= FD_CLOEXEC;
+    if ((fcntl(fd, F_SETFD, flags)) < 0) {
+    	close(fd);
+	return -1;
+    }
+
     s->fd = fd;
     if (read(fd, &header, sizeof(header)) != sizeof(header))
         goto fail;
diff -r 3ac19fda0bc2 tools/ioemu/block-vmdk.c
--- a/tools/ioemu/block-vmdk.c	Fri Mar 02 12:11:52 2007 +0000
+++ b/tools/ioemu/block-vmdk.c	Fri Mar 02 15:52:16 2007 -0500
@@ -92,7 +92,7 @@ static int vmdk_open(BlockDriverState *b
 static int vmdk_open(BlockDriverState *bs, const char *filename)
 {
     BDRVVmdkState *s = bs->opaque;
-    int fd, i;
+    int fd, i, flags;
     uint32_t magic;
     int l1_size;
 
@@ -103,6 +103,16 @@ static int vmdk_open(BlockDriverState *b
             return -1;
         bs->read_only = 1;
     }
+    if ((flags = fcntl(fd, F_GETFD)) < 0) {
+    	close(fd);
+	return -1;
+    }
+    flags |= FD_CLOEXEC;
+    if ((fcntl(fd, F_SETFD, flags)) < 0) {
+    	close(fd);
+	return -1;
+    }
+
     if (read(fd, &magic, sizeof(magic)) != sizeof(magic))
         goto fail;
     magic = be32_to_cpu(magic);
diff -r 3ac19fda0bc2 tools/ioemu/block-vpc.c
--- a/tools/ioemu/block-vpc.c	Fri Mar 02 12:11:52 2007 +0000
+++ b/tools/ioemu/block-vpc.c	Fri Mar 02 15:55:10 2007 -0500
@@ -89,7 +89,7 @@ static int vpc_open(BlockDriverState *bs
 static int vpc_open(BlockDriverState *bs, const char *filename)
 {
     BDRVVPCState *s = bs->opaque;
-    int fd, i;
+    int fd, i, flags;
     struct vpc_subheader header;
 
     fd = open(filename, O_RDWR | O_BINARY | O_LARGEFILE);
@@ -99,6 +99,16 @@ static int vpc_open(BlockDriverState *bs
             return -1;
     }
     
+    if ((flags = fcntl(fd, F_GETFD)) < 0) {
+	close(fd);
+	return -1;
+    }
+    flags |= FD_CLOEXEC;
+    if ((fcntl(fd, F_SETFD, flags)) < 0) {
+    	close(fd);
+	return -1;
+    }
+
     bs->read_only = 1; // no write support yet
     
     s->fd = fd;
diff -r 3ac19fda0bc2 tools/ioemu/block.c
--- a/tools/ioemu/block.c	Fri Mar 02 12:11:52 2007 +0000
+++ b/tools/ioemu/block.c	Fri Mar 02 15:56:14 2007 -0500
@@ -180,7 +180,7 @@ void get_tmp_filename(char *filename, in
    simplify the BSD case */
 static BlockDriver *find_image_format(const char *filename)
 {
-    int fd, ret, score, score_max;
+    int fd, ret, score, score_max, flags;
     BlockDriver *drv1, *drv;
     uint8_t *buf;
     size_t bufsize = 1024;
@@ -190,6 +190,16 @@ static BlockDriver *find_image_format(co
         buf = NULL;
         ret = 0;
     } else {
+    	if ((flags = fcntl(fd, F_GETFD)) < 0) {
+	    close(fd);
+	    return -1;
+	}
+	flags |= FD_CLOEXEC;
+	if ((fcntl(fd, F_SETFD, flags)) < 0) {
+	    close(fd);
+	    return -1;
+	}
+
 #ifdef DIOCGSECTORSIZE
         {
             unsigned int sectorsize = 512;
@@ -675,7 +685,7 @@ static int raw_open(BlockDriverState *bs
 static int raw_open(BlockDriverState *bs, const char *filename)
 {
     BDRVRawState *s = bs->opaque;
-    int fd;
+    int fd,  flags;
     int64_t size;
 #ifdef _BSD
     struct stat sb;
@@ -692,6 +702,16 @@ static int raw_open(BlockDriverState *bs
             return -1;
         bs->read_only = 1;
     }
+    if ((flags = fcntl(fd, F_GETFD)) < 0) {
+	close(fd);
+	return -1;
+    }
+    flags |= FD_CLOEXEC;
+    if ((fcntl(fd, F_SETFD, flags)) < 0) {
+    	close(fd);
+	return -1;
+    }
+
 #ifdef _BSD
     if (!fstat(fd, &sb) && (S_IFCHR & sb.st_mode)) {
 #ifdef DIOCGMEDIASIZE

--wRRV7LY7NUeQGEoC
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

--wRRV7LY7NUeQGEoC--