qemu: Use correct permissions when determining the image chain

The code took into account only the global permissions. The domains now support per-vm DAC labels and per-image DAC labels. Use the most specific label available.

qemu: Use correct permissions when determining the image chain
The code took into account only the global permissions. The domains now support per-vm DAC labels and per-image DAC labels. Use the most specific label available.
9bf629ab · Peter Krempa · e209c077 · 9bf629ab · 9bf629ab · 9bf629ab
5 changed file
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -2210,7 +2210,7 @@ qemuDomainCheckDiskPresence(virQEMUDriverPtr driver,
        if (!disk->src)
            continue;
-        if (qemuDomainDetermineDiskChain(driver, disk, false) >= 0 &&
+        if (qemuDomainDetermineDiskChain(driver, vm, disk, false) >= 0 &&
            qemuDiskChainCheckBroken(disk) >= 0)
            continue;
@@ -2319,13 +2319,46 @@ qemuDiskChainCheckBroken(virDomainDiskDefPtr disk)
    return 0;
 }
+static void
+qemuDomainGetImageIds(virQEMUDriverConfigPtr cfg,
+                      virDomainObjPtr vm,
+                      virDomainDiskDefPtr disk,
+                      uid_t *uid, gid_t *gid)
+{
+    virSecurityLabelDefPtr vmlabel;
+    virSecurityDeviceLabelDefPtr disklabel;
+    if (uid)
+        *uid = -1;
+    if (gid)
+        *gid = -1;
+    if (cfg) {
+        if (uid)
+            *uid = cfg->user;
+        if (gid)
+            *gid = cfg->group;
+    }
+    if (vm && (vmlabel = virDomainDefGetSecurityLabelDef(vm->def, "dac")))
+        virParseOwnershipIds(vmlabel->label, uid, gid);
+    if ((disklabel = virDomainDiskDefGetSecurityLabelDef(disk, "dac")))
+        virParseOwnershipIds(disklabel->label, uid, gid);
+}
 int
 qemuDomainDetermineDiskChain(virQEMUDriverPtr driver,
+                             virDomainObjPtr vm,
                             virDomainDiskDefPtr disk,
                             bool force)
 {
    virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
    int ret = 0;
+    uid_t uid;
+    gid_t gid;
    if (!disk->src ||
        disk->type == VIR_DOMAIN_DISK_TYPE_NETWORK ||
@@ -2340,8 +2373,11 @@ qemuDomainDetermineDiskChain(virQEMUDriverPtr driver,
            goto cleanup;
        }
    }
+    qemuDomainGetImageIds(cfg, vm, disk, &uid, &gid);
    disk->backingChain = virStorageFileGetMetadata(disk->src, disk->format,
-                                                   cfg->user, cfg->group,
+                                                   uid, gid,
                                                   cfg->allowDiskFormatProbing);
    if (!disk->backingChain)
        ret = -1;

--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -353,6 +353,7 @@ int qemuDomainCheckDiskPresence(virQEMUDriverPtr driver,
 int qemuDiskChainCheckBroken(virDomainDiskDefPtr disk);
 int qemuDomainDetermineDiskChain(virQEMUDriverPtr driver,
+                                 virDomainObjPtr vm,
                                 virDomainDiskDefPtr disk,
                                 bool force);

--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -6499,7 +6499,7 @@ qemuDomainChangeDiskMediaLive(virConnectPtr conn,
    if (qemuTranslateDiskSourcePool(conn, disk) < 0)
        goto end;
-    if (qemuDomainDetermineDiskChain(driver, disk, false) < 0)
+    if (qemuDomainDetermineDiskChain(driver, vm, disk, false) < 0)
        goto end;
    if (qemuSetupDiskCgroup(vm, disk) < 0)
@@ -14632,7 +14632,7 @@ qemuDomainBlockPivot(virConnectPtr conn,
    disk->src = disk->mirror;
    disk->format = disk->mirrorFormat;
    disk->backingChain = NULL;
-    if (qemuDomainDetermineDiskChain(driver, disk, false) < 0) {
+    if (qemuDomainDetermineDiskChain(driver, vm, disk, false) < 0) {
        disk->src = oldsrc;
        disk->format = oldformat;
        disk->backingChain = oldchain;
@@ -14983,7 +14983,7 @@ qemuDomainBlockCopy(virDomainObjPtr vm,
        goto endjob;
    }
-    if (qemuDomainDetermineDiskChain(driver, disk, false) < 0)
+    if (qemuDomainDetermineDiskChain(driver, vm, disk, false) < 0)
        goto endjob;
    if ((flags & VIR_DOMAIN_BLOCK_REBASE_SHALLOW) &&
@@ -15190,7 +15190,7 @@ qemuDomainBlockCommit(virDomainPtr dom, const char *path, const char *base,
                       disk->dst);
        goto endjob;
    }
-    if (qemuDomainDetermineDiskChain(driver, disk, false) < 0)
+    if (qemuDomainDetermineDiskChain(driver, vm, disk, false) < 0)
        goto endjob;
    if (!top) {

--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -719,7 +719,7 @@ qemuDomainAttachDeviceDiskLive(virConnectPtr conn,
    if (qemuSetUnprivSGIO(dev) < 0)
        goto end;
-    if (qemuDomainDetermineDiskChain(driver, disk, false) < 0)
+    if (qemuDomainDetermineDiskChain(driver, vm, disk, false) < 0)
        goto end;
    if (qemuSetupDiskCgroup(vm, disk) < 0)

--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -997,7 +997,7 @@ qemuProcessHandleBlockJob(qemuMonitorPtr mon ATTRIBUTE_UNUSED,
        if ((type == VIR_DOMAIN_BLOCK_JOB_TYPE_PULL ||
             type == VIR_DOMAIN_BLOCK_JOB_TYPE_COMMIT) &&
            status == VIR_DOMAIN_BLOCK_JOB_COMPLETED)
-            qemuDomainDetermineDiskChain(driver, disk, true);
+            qemuDomainDetermineDiskChain(driver, vm, disk, true);
        if (disk->mirror && type == VIR_DOMAIN_BLOCK_JOB_TYPE_COPY &&
            status == VIR_DOMAIN_BLOCK_JOB_READY)
            disk->mirroring = true;