From 379c0ce4bfed8733dfbde557c359eecc5474ce38 Mon Sep 17 00:00:00 2001 From: Michal Privoznik Date: Fri, 16 Dec 2022 14:58:25 +0100 Subject: [PATCH] qemu_namespace: Umount the original /dev before replacing it with tmpfs Our code relies on mount events propagating into the namespace we create for a domain. However, there's one caveat. In v8.8.0-rc1~8 I've tried to make us detect differences in mount tables between the namespace in which libvirtd runs and the domain namespace. This is crucial for any mounts that happen after the domain was started (for instance new hugetlbfs can be mounted on say /dev/hugepages1G). Therefore, we take a look into /proc/$(pgrep qemu)/mounts to see what filesystems are mounted under /dev. Now, since we don't umount the original /dev, just mount a tmpfs over it, we get all the events (e.g. aforementioned hugetlbfs mount on /dev/hugepages1G), but we are not really able to access it because of the tmpfs that's placed on top. This then confuses our algorithm for detecting which filesystems are mounted (the algorithm is implemented in qemuDomainGetPreservedMounts()). To break the link between host's and guest's /dev we just need to umount() the original /dev in the namespace. Just before our artificially created tmpfs is moved into its place. Fixes: 46b03819ae8d833b11c2aaccb2c2a0361727f51b Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2151869#c6 Signed-off-by: Michal Privoznik Reviewed-by: Martin Kletzander --- src/qemu/qemu_namespace.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c index 0f7351ad46..fb79460109 100644 --- a/src/qemu/qemu_namespace.c +++ b/src/qemu/qemu_namespace.c @@ -776,6 +776,11 @@ qemuDomainUnshareNamespace(virQEMUDriverConfig *cfg, goto cleanup; } + if (umount("/dev") < 0) { + virReportSystemError(errno, "%s", _("failed to umount devfs on /dev")); + return -1; + } + if (virFileMoveMount(devPath, "/dev") < 0) goto cleanup;