From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by passt.top (Postfix) with ESMTP id 3908D5A0082 for ; Tue, 14 Feb 2023 12:51:38 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1676375497; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=oDg162r32V15U2UZBDKnyhQD4s2WwK82d5ZnhYcuERU=; b=gg/wzC1A+q8PTQTsUr0FzRO/NtAONu9/hUWM+zbPcn88KQLfxTjG0M4gXFYQW0la8oE68K ZFnMs5SKpSOiZt8ZryKL0zj/jf9OY7MpC0vLKeWySwYAtlfY2t5ZT+cxU/9Kc2JZIc9coA zpj78w5Dd8C5LpSyhgkItXvnW6CnA0c= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-312-HlA6cBjkPtyb3Y5cAiBvLw-1; Tue, 14 Feb 2023 06:51:28 -0500 X-MC-Unique: HlA6cBjkPtyb3Y5cAiBvLw-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 454073828887 for ; Tue, 14 Feb 2023 11:51:28 +0000 (UTC) Received: from maggie.redhat.com (unknown [10.43.2.39]) by smtp.corp.redhat.com (Postfix) with ESMTP id ACBFA140EBF6; Tue, 14 Feb 2023 11:51:27 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 4/4] qemu_passt: Don't let passt fork off Date: Tue, 14 Feb 2023 12:51:22 +0100 Message-Id: <5abfc412e4692a38e980c8dc600e1bfbd03ddcfd.1676374699.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII"; x-default=true X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation Message-ID-Hash: THW5MNIIU2YFZQKO5NG3R6KPAA5STCUP X-Message-ID-Hash: THW5MNIIU2YFZQKO5NG3R6KPAA5STCUP X-Mailman-Approved-At: Tue, 14 Feb 2023 14:06:27 +0100 CC: sbrivio@redhat.com, passt-dev@passt.top X-Mailman-Version: 3.3.3 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: When passt starts it tries to do some security measures to restrict itself. For instance, it creates its own namespaces, umounts basically everything, drops capabilities, forks off to further restrict itself (the child is where all interesting work takes place now). This is sound, except it's causing two problems: 1) the PID file FD, which we leak into the passt process, gets closed (and thus our virPidFile*() helpers see unlocked PID file, which makes them think the process is gone), 2) the PID file no longer reflects true PID of the process. Worse, the child calls setsid() so we can't even kill the whole process group. I mean, we can but it won't be any good. Fortunately, passt has '--foreground' argument, which causes it to undergo the same security measures but without forking off the child. This in turn means, that the PID file FD won't get closed and the PID file itself contains the correct PID. Signed-off-by: Michal Privoznik --- src/qemu/qemu_passt.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/qemu/qemu_passt.c b/src/qemu/qemu_passt.c index 78830fdc26..441cfe87e8 100644 --- a/src/qemu/qemu_passt.c +++ b/src/qemu/qemu_passt.c @@ -159,6 +159,7 @@ qemuPasstStart(virDomainObj *vm, virCommandDaemonize(cmd); virCommandAddArgList(cmd, + "--foreground", "--one-off", "--socket", passtSocketName, "--mac-addr", virMacAddrFormat(&net->mac, macaddr), -- 2.39.1