Ubuntu
libvirt package

  1. Bug #1726804
  2. Activity log

Activity log for bug #1726804

Date Who What changed Old value New value Message
2017-10-24 10:41:58 Christian Ehrhardt  bug added bug
2017-10-24 10:42:06 Christian Ehrhardt  tags virt-aa-helper
2017-10-24 10:42:12 Christian Ehrhardt  libvirt (Ubuntu): status New Confirmed
2017-10-24 10:44:31 Christian Ehrhardt  description TODO On something like: $ virsh attach-device <guest> <xml> The rule rendered is: "/tmp/B.img" rw, This is missing the k flag needed on qemu >=2.10. This applies to block and file definitions: <disk type='block'> <driver name='qemu'/> <source dev='/tmp/B.img'/> <target dev='sdb'/> </disk> <disk type='file'> <driver name='qemu'/> <source file='/tmp/F.img'/> <target dev='sdc'/> </disk> Both are rendered correctly as: "/tmp/F.img" rwk, If being part of the domain xml instead of being a hot-add.
2017-10-24 12:33:45 Christian Ehrhardt  libvirt (Ubuntu): importance Undecided Critical
2017-10-24 12:34:21 Christian Ehrhardt  tags virt-aa-helper regression-release virt-aa-helper
2017-10-24 15:33:47 Christian Ehrhardt  description On something like: $ virsh attach-device <guest> <xml> The rule rendered is: "/tmp/B.img" rw, This is missing the k flag needed on qemu >=2.10. This applies to block and file definitions: <disk type='block'> <driver name='qemu'/> <source dev='/tmp/B.img'/> <target dev='sdb'/> </disk> <disk type='file'> <driver name='qemu'/> <source file='/tmp/F.img'/> <target dev='sdc'/> </disk> Both are rendered correctly as: "/tmp/F.img" rwk, If being part of the domain xml instead of being a hot-add. [Impact] * Qemu 2.10 started to lock image files to ensure no data corruption occurs. Unfurtunately that isn't covered by the apparmor rules we had for images so far - it need to add "k" permission. * This was spotted and done in Artful, but the tests for the hot-add of disks were hidden behind some other known not-too-bad issues. So by fixing those tests I realized that hot-add of disks is currently broken in Artful. [Test Case] # Get a very minimal Testguest that keeps running to attach something $ qemu-img create /tmp/A.img 1M cat <<EOF > testguest.xml <domain type='kvm'> <name>testguest</name> <uuid>deadbeef-dead-beef-dead-beefdeadbeef</uuid> <memory unit='KiB'>1024</memory> <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64' machine='pc-i440fx-zesty'>hvm</type> <boot dev='hd'/> </os> <features> <acpi/> <apic/> <pae/> </features> <devices> <emulator>/usr/bin/kvm-spice</emulator> <disk type='file' device='disk'> <driver name='qemu'/> <source file='/tmp/A.img'/> <target dev='vda'/> </disk> </devices> <seclabel type='dynamic' model='apparmor' relabel='yes'/> </domain> EOF $ virsh define testguest.xml $ virsh start testguest # Prepare Disk $ qemu-img create /tmp/F.img 1M $ cat <<EOF >diskF.xml <disk type='file'> <driver name='qemu'/> <source file='/tmp/F.img'/> <target dev='sdc'/> </disk> EOF # Then attach: $ virsh attach-device testguest diskF.xml * This should work, but fails without the fix as: error: internal error: unable to execute QEMU command 'device_add': Property 'scsi-hd.drive' can't find value 'drive-scsi0-0-0-1' With a related apparmor denial: apparmor="DENIED" operation="file_lock" profile="libvirt-7d781722-69b7-8801-fe96-caf37b7a8969" name="/tmp/tmpKzZQR0/device_disk.img" pid=17582 comm="qemu" requested_mask="k" denied_mask="k" fsuid=0 ouid=0 * With the fix the file is rwk and works to be attached [Regression Potential] * This is only adding apparmor lock permissions to files added after start. Thereby the only thing that comes to mind is if now things are locked that were not before, and thereby cause issues. But OTOH no one but qemu should lock the image files in use - and if someone else does he now correctly sees qemu holding the lock. Seems safe to me. [Other Info] * This is an release/upgrade-regression which should be fixed asap. I already wrote and submitted a fix to upstream, but given that this can break a lot of use cases we ahve to fix fast and reroll in case upstream decides to modify. --- On something like:  $ virsh attach-device <guest> <xml> The rule rendered is: "/tmp/B.img" rw, This is missing the k flag needed on qemu >=2.10. This applies to block and file definitions: <disk type='block'>   <driver name='qemu'/>   <source dev='/tmp/B.img'/>   <target dev='sdb'/> </disk> <disk type='file'>   <driver name='qemu'/>   <source file='/tmp/F.img'/>   <target dev='sdc'/> </disk> Both are rendered correctly as: "/tmp/F.img" rwk, If being part of the domain xml instead of being a hot-add.
2017-10-24 15:44:56 Christian Ehrhardt  bug task added cloud-archive
2017-10-24 18:43:35 Andy Whitcroft libvirt (Ubuntu Artful): status Confirmed Fix Committed
2017-10-24 18:43:36 Andy Whitcroft bug added subscriber Ubuntu Stable Release Updates Team
2017-10-24 18:43:38 Andy Whitcroft bug added subscriber SRU Verification
2017-10-24 18:43:40 Andy Whitcroft tags regression-release virt-aa-helper regression-release verification-needed verification-needed-artful virt-aa-helper
2017-10-25 08:26:00 Christian Ehrhardt  tags regression-release verification-needed verification-needed-artful virt-aa-helper regression-release verification-done verification-done-artful virt-aa-helper
2017-10-26 19:00:46 Corey Bryant nominated for series cloud-archive/pike
2017-10-26 19:00:46 Corey Bryant bug task added cloud-archive/pike
2017-10-26 19:01:43 Corey Bryant cloud-archive/pike: status New Triaged
2017-10-26 19:02:23 Corey Bryant cloud-archive: status New Triaged
2017-10-26 19:02:28 Corey Bryant cloud-archive/pike: importance Undecided Critical
2017-10-26 19:02:30 Corey Bryant cloud-archive: importance Undecided Critical
2017-10-26 19:02:36 Corey Bryant nominated for series cloud-archive/queens
2017-10-26 19:02:36 Corey Bryant bug task added cloud-archive/queens
2017-10-26 21:12:35 Martin Pitt attachment added pitti's reproducer https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1726804/+attachment/4997114/+files/reproducer.sh
2017-10-26 21:13:40 Martin Pitt bug added subscriber Martin Pitt
2017-10-31 18:04:21 Corey Bryant cloud-archive/pike: status Triaged Fix Committed
2017-10-31 18:04:23 Corey Bryant tags regression-release verification-done verification-done-artful virt-aa-helper regression-release verification-done verification-done-artful verification-pike-needed virt-aa-helper
2017-10-31 18:07:49 Corey Bryant cloud-archive/queens: status Triaged Fix Released
2017-10-31 18:08:11 Corey Bryant cloud-archive/queens: status Fix Released Fix Committed
2017-10-31 18:08:14 Corey Bryant tags regression-release verification-done verification-done-artful verification-pike-needed virt-aa-helper regression-release verification-done verification-done-artful verification-pike-needed verification-queens-needed virt-aa-helper
2017-11-01 00:27:49 Launchpad Janitor libvirt (Ubuntu Artful): status Fix Committed Fix Released
2017-11-01 00:28:09 Chris Halse Rogers removed subscriber Ubuntu Stable Release Updates Team
2017-11-05 09:41:40 Launchpad Janitor libvirt (Ubuntu): status Fix Committed Fix Released
2017-11-12 15:47:00 XiaoRuiguo bug added subscriber XiaoRuiguo
2017-12-15 09:07:20 Christian Ehrhardt  tags regression-release verification-done verification-done-artful verification-pike-needed verification-queens-needed virt-aa-helper qemu-file-locking regression-release verification-done verification-done-artful verification-pike-needed verification-queens-needed virt-aa-helper
2018-01-02 20:55:36 Corey Bryant cloud-archive/queens: status Fix Committed Fix Released
2018-01-02 20:58:13 Corey Bryant tags qemu-file-locking regression-release verification-done verification-done-artful verification-pike-needed verification-queens-needed virt-aa-helper qemu-file-locking regression-release verification-done verification-done-artful verification-pike-done verification-queens-needed virt-aa-helper
2018-01-02 20:59:55 Corey Bryant cloud-archive/pike: status Fix Committed Fix Released