Bug 655735
| Summary: | qemu-kvm (or libvirt?) permission denied errors when exporting readonly IDE disk to guest | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Richard W.M. Jones <rjones> |
| Component: | qemu-kvm | Assignee: | Markus Armbruster <armbru> |
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | 6.0 | CC: | llim, michen, mkenneth, szhou, tburke, virt-maint |
| Target Milestone: | rc | Keywords: | Triaged |
| Target Release: | 6.1 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | qemu-kvm-0.12.1.2-2.148.el6 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-05-19 11:31:56 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 580953 | ||
IDE disks can't do readonly. QEMU rejects readonly=on with if=ide, but fails to do so with if=none. Fixed upstream in commit 7aa9c811. Would backporting that commit fix this bug? I figure only if libvirt handles the error sanely. Let's find out. Dan Berrange says libvirt handles this kind of error. Related: invalid CHS. Best fixed together. Reproducer: $ qemu-kvm -nodefaults -vnc :0 -enable-kvm -S -monitor stdio -drive id=drv,file=tmp.qcow2,if=none,cyls=256,heads=17,secs=63 -device ide-drive,drive=drv Expected: qemu-system-x86_64: -device ide-drive,drive=drv: heads must be between 1 and 16 qemu-system-x86_64: -device ide-drive,drive=drv: Device 'ide-drive' could not be initialized Actual: No error. I didn't check how the invalid geometry is exposed to the guest, nor how guests commonly react to it. Don't expect it to be pretty. Similarly simplified reproducer for readonly: $ qemu-kvm -nodefaults -vnc :0 -enable-kvm -S -monitor stdio -drive id=drv,file=tmp.qcow2,readonly,if=none -device ide-drive,drive=drv Expected: qemu-system-x86_64: -device ide-drive,drive=drv: Can't use a read-only drive qemu-system-x86_64: -device ide-drive,drive=drv: Device 'ide-drive' could not be initialized Actual: No error. Guest sees IDE disk (which can't be readonly), attempts to write, gets nasty IDE errors. Reproduce this bug with qemu-kvm-0.12.1.2-2.133.el6.x86_64 as following steps: 1. Start guest with attached ide data disk with readonly=on -drive file=/root/data.img,if=none,id=driveide0-0-1,format=qcow2,cache=none,readonly=on -device ide-drive,drive=drive-ide0-0-1,id=ide0-0-1 2. login guest, try to make partition on above ide disk, some block io error occurs in qemu monitor, and error happens in guest (qemu) block I/O error in device 'drive-ide0-0-1': Operation not permitted (1) block I/O error in device 'drive-ide0-0-1': Operation not permitted (1) sd 1:0:0:0: [sda] Add. Sense: No additional sense information sd 1:0:0:0: [sda] CDB: Write(10): 2a 00 00 00 00 00 00 00 08 00 end_request: I/O error, dev sda, sector 0 Buffer I/O error on device sda, logical block 0 lost page write due to I/O error on sda ata2: EH complete sda: unknown partition table Verify this bug with qemu-kvm-0.12.1.2-2.148.el6.x86_64, guest can not be start when start guest with attached ide data disk with readonly=on qemu-kvm: -device ide-drive,drive=drive-ide0-0-1,id=ide0-0-1: Can't use a read-only drive qemu-kvm: -device ide-drive,drive=drive-ide0-0-1,id=ide0-0-1: Device 'ide-drive' could not be initialized So this bug has been resolved. move to verified based on comment#9 An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2011-0534.html An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2011-0534.html |
Description of problem: On a RHEL 6 production host, I export a file to some guests read-only: <disk type='file' device='disk'> <driver name='qemu' type='raw'/> <source file='/usr/local/etc/virt/modules'/> <target dev='hdb' bus='ide'/> <readonly/> <address type='drive' controller='0' bus='0' unit='1'/> </disk> This translates to the following qemu-kvm command line: /usr/libexec/qemu-kvm -S -M rhel6.0.0 -enable-kvm -m 512 -smp 1,sockets=1,cores=1,threads=1 -name database -uuid 449d5071-88aa-bf2c-7f07-e27e0f6e1a0d -nodefconfig -nodefaults -chardev socket,id=monitor,path=/var/lib/libvirt/qemu/database.monitor,server,nowait -mon chardev=monitor,mode=control -rtc base=utc -boot c -kernel /usr/local/etc/virt/vmlinuz -initrd /usr/local/etc/virt/initrd -append ro root=/dev/hda -drive file=/dev/mapper/VolGroup00-dbroot,if=none,id=drive-ide0-0-0,format=raw -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive file=/usr/local/etc/virt/modules,if=none,id=drive-ide0-0-1,readonly=on,format=ra w -device ide-drive,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1 -drive file=/dev/mapper/VolGroup00-dbdata,if=none,id=drive-ide0-1-0,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -netdev tap,fd=20,id=hostnet0 -device rtl8139,netdev=hostnet0,id=net0,mac=54:52:00:6b:be:31,bus=pci.0,addr=0x3 -chardev pty,id! =serial0 -device isa-serial,chardev=serial0 -usb -vnc 127.0.0.1:0 -vga cirrus - device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x4 This causes the guest to see lots of IDE errors, and on the host side qemu-kvm spews out these permission denied errors: block I/O error in device 'drive-ide0-0-1': Permission denied (13) There appears to be no actual permission problem with the file, SELinux is off, and the file and its containing directory is o+rw. If I remove the <readonly/> element, everything fixes itself. The new qemu-kvm command line looks like this: /usr/libexec/qemu-kvm -S -M rhel6.0.0 -enable-kvm -m 512 -smp 1,sockets=1,cores=1,threads=1 -name database -uuid 449d5071-88aa-bf2c-7f07-e27e0f6e1a0d -nodefconfig -nodefaults -chardev socket,id=monitor,path=/var/lib/libvirt/qemu/database.monitor,server,nowait -mon chardev=monitor,mode=control -rtc base=utc -boot c -kernel /usr/local/etc/virt/vmlinuz -initrd /usr/local/etc/virt/initrd -append ro root=/dev/hda -drive file=/dev/mapper/VolGroup00-dbroot,if=none,id=drive-ide0-0-0,format=raw -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive file=/usr/local/etc/virt/modules,if=none,id=drive-ide0-0-1,format=raw -device ide-drive,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1 -drive file=/dev/mapper/VolGroup00-dbdata,if=none,id=drive-ide0-1-0,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -netdev tap,fd=20,id=hostnet0 -device rtl8139,netdev=hostnet0,id=net0,mac=54:52:00:6b:be:31,bus=pci.0,addr=0x3 -chardev pty,id=serial0 -de! vice isa-serial,chardev=serial0 -usb -vnc 127.0.0.1:0 -vga cirrus -device virti o-balloon-pci,id=balloon0,bus=pci.0,addr=0x4 Version-Release number of selected component (if applicable): I tested qemu-kvm from RHEL 6.0, and also the qemu-kvm from brew: qemu-kvm-0.12.1.2-2.120.el6.x86_64 How reproducible: Always. Steps to Reproduce: 1. Export a file-backed IDE disk to a guest with <readonly/> in XML. Actual results: Lots of permission-denied errors. Expected results: Shouldn't have these errors. Additional info: