All of lore.kernel.org
 help / color / mirror / Atom feed
From: Eduardo Otubo <otubo@redhat.com>
To: "Ján Tomko" <jtomko@redhat.com>
Cc: Yi Min Zhao <zyimin@linux.ibm.com>,
	fiuczy@linux.ibm.com, borntraeger@de.ibm.com,
	qemu-devel@nongnu.org, jferlan@redhat.com
Subject: Re: [Qemu-devel] [PATCH v2 1/1] sandbox: disable -sandbox if CONFIG_SECCOMP undefined
Date: Fri, 18 May 2018 11:19:16 +0200	[thread overview]
Message-ID: <20180518091916.GA22292@vader> (raw)
In-Reply-To: <20180518075212.GE3416@dnr>

On 18/05/2018 - 09:52:12, Ján Tomko wrote:
> On Thu, May 17, 2018 at 02:41:09PM +0200, Eduardo Otubo wrote:
> > On 15/05/2018 - 19:33:48, Yi Min Zhao wrote:
> > > If CONFIG_SECCOMP is undefined, the option 'elevateprivileges' remains
> > > compiled. This would make libvirt set the corresponding capability and
> > > then trigger the guest startup fails. So this patch excludes the code
> > > regarding seccomp staff if CONFIG_SECCOMP is undefined.
> > 
> > Just a sugestion for the next patch you send: If it's a single patch, you don't
> > need to format it with a cover-letter. Just put all the description in the body,
> > or if you need to add a text that shouldn't be included in the commit message,
> > just add it after the "---" after Signed-off-by.
> > 
> > > 
> > > Signed-off-by: Yi Min Zhao <zyimin@linux.ibm.com>
> > > ---
> > >  vl.c | 13 ++++++++-----
> > >  1 file changed, 8 insertions(+), 5 deletions(-)
> > > 
> 
> > > @@ -4071,10 +4072,12 @@ int main(int argc, char **argv, char **envp)
> > >          exit(1);
> > >      }
> > > 
> > > +#ifdef CONFIG_SECCOMP
> > >      if (qemu_opts_foreach(qemu_find_opts("sandbox"),
> > >                            parse_sandbox, NULL, NULL)) {
> > >          exit(1);
> > >      }
> > > +#endif
> > > 
> > >      if (qemu_opts_foreach(qemu_find_opts("name"),
> > >                            parse_name, NULL, NULL)) {
> > > --
> > > Yi Min
> > > 
> > 
> > I just wanted a review from Ján, since he is the author of the original libvirt
> > patch. Does this breaks libvirt logic in any way? If not, ACK on this patch.
> > 
> 
> Current libvirt logic assumes the -sandbox option is always present.
> (IIRC it was introduced in QEMU 1.1 and when we switched from help
> scraping to capability probing via QMP for QEMU 1.2, there was no
> way to detect it)
> 
> This patch fixes the usage of QEMU new enough for seccomp blacklist
> (where libvirt enables the sandbox by default),
> but breaks the usage of QEMU with compiled out sandbox and
> setting
>  seccomp_sandbox = 0
> in libvirt's qemu.conf:
> 
> error: internal error: process exited while connecting to monitor:
> qemu-git: -sandbox off: There is no option group 'sandbox'
> 
> 
> But now libvirt requires QEMU >= 1.5.0 which already supports
> query-command-line-options, so if you want the option gone completely
> --without-seccomp, I can add the code that probes for it and
> make seccomp_sandbox = 0 a no-op if it's compiled out.

This looks like a good solution for the libvirt side. Can you add this support
so we can merge this fix?

Thanks a lot,

-- 
Eduardo Otubo

  reply	other threads:[~2018-05-18  9:19 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-05-15 11:33 [Qemu-devel] [PATCH v2 0/1] Bug: Sandbox: libvirt breakdowns qemu guest Yi Min Zhao
2018-05-15 11:33 ` [Qemu-devel] [PATCH v2 1/1] sandbox: disable -sandbox if CONFIG_SECCOMP undefined Yi Min Zhao
2018-05-15 15:25   ` Eric Blake
2018-05-16  1:05     ` Yi Min Zhao
2018-05-17 11:33     ` Yi Min Zhao
2018-05-17 12:41   ` Eduardo Otubo
2018-05-17 14:36     ` Yi Min Zhao
2018-05-18  7:52     ` Ján Tomko
2018-05-18  9:19       ` Eduardo Otubo [this message]
2018-05-18 13:07         ` Ján Tomko
2018-05-19  8:20           ` Yi Min Zhao
2018-05-23  7:47             ` Ján Tomko
2018-05-23  9:16               ` Yi Min Zhao
2018-05-23 10:33                 ` Eduardo Otubo
2018-05-23 12:17                   ` Yi Min Zhao
2018-05-24  7:53                     ` Eduardo Otubo
2018-05-24 13:40                       ` Paolo Bonzini
2018-05-25  4:23                         ` Yi Min Zhao
2018-05-25  9:36                           ` Eduardo Otubo
2018-05-28 12:55                             ` Yi Min Zhao
2018-05-18 12:08       ` Eric Blake

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180518091916.GA22292@vader \
    --to=otubo@redhat.com \
    --cc=borntraeger@de.ibm.com \
    --cc=fiuczy@linux.ibm.com \
    --cc=jferlan@redhat.com \
    --cc=jtomko@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=zyimin@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.