|Summary:||qemu: reject '/' in <shmem name=XXX/>|
|Product:||[Community] Virtualization Tools||Reporter:||Andrew Jones <drjones>|
|Component:||libvirt||Assignee:||Libvirt Maintainers <libvirt-maint>|
|Status:||CLOSED CURRENTRELEASE||QA Contact:|
|Version:||unspecified||CC:||berrange, crobinso, skobyda|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2019-03-26 20:08:01 UTC||Type:||Bug|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
Description Andrew Jones 2015-02-13 09:56:42 UTC
Some XML name elements will be used as part of a path. These types of names should never include '/', nor be '.' or '..'. Possibly other names should be avoided as well. One example of such a name element is <shmem name='NAME'> which will use NAME in the patch /dev/shm/NAME, but there are likely others to check as well.
Comment 1 Andrew Jones 2015-02-13 13:11:17 UTC
Actually for the example in the description (shmem). A single '/' could be allowed, as long as it's the first character of the name. Knowing how shmem-name is used (by shm_open), we see that "/NAME" is POSIX compliant, and is even required on some systems to allow opening a pre-existing object of the same name. The behavior of opening a pre-existing object without the slash is implementation defined per POSIX. But, this complicates libvirt, and allows some QEMU internals knowledge to leak into it (we have to know that QEMU uses shm_open on this particular name element), so I'm not sure if it should be considered. Linux doesn't care if the slash is there or not, pre-existing objects are opened as if it was.
Comment 2 Daniel Berrangé 2015-02-13 14:26:30 UTC
I think that's probably obscure enough that we can just unconditionally block use of '/' in names and not cause problems for apps/users.
Comment 3 Cole Robinson 2016-04-26 19:23:20 UTC
This should probably be fine to validate in qemuDomainPostParse, since presumably there isn't any previous configs we need to worry about. Tagging as LibvirtFirstBug
Comment 4 Simon Kobyda 2018-07-10 11:45:45 UTC
Patch proposed upstream: https://www.redhat.com/archives/libvir-list/2018-July/msg00586.html