Bug 976387
| Summary: | taint domain if it uses host CD-ROM passthrough | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Paolo Bonzini <pbonzini> |
| Component: | libvirt | Assignee: | John Ferlan <jferlan> |
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.0 | CC: | armbru, dyuan, mzhan, rbalakri, shyu, weizhan, xuzhang, ydu, yisun, zhwang |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | libvirt-1.2.16-1.el7 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-11-19 05:43:16 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
This bug was not selected to be addressed in Red Hat Enterprise Linux 6. We will look at it again within the Red Hat Enterprise Linux 7 product. Posted patches upstream: http://www.redhat.com/archives/libvir-list/2015-May/msg00380.html Patch pushed upstream:
commit 99a2d6af2b30bbb6cd87986b65129cfa9257e5ff
Author: John Ferlan <jferlan>
Date: Tue May 12 15:58:31 2015 -0400
Taint domains using cdrom-passthrough
https://bugzilla.redhat.com/show_bug.cgi?id=976387
For a domain configured using the host cdrom, we should taint the domain
due to problems encountered when the host and guest try to control the tray.
$ git describe 99a2d6af2b30bbb6cd87986b65129cfa9257e5ff
v1.2.15-116-g99a2d6a
$
cdrom passthrough is disabled by qemu-kvm as bz https://bugzilla.redhat.com/show_bug.cgi?id=760885 Downgrade qemu-kvm and libvirt cause a lot of other problems with current 7.2 kernel. Will find an available host with cd-rom and test this with rhel7.0 later. verified on:
libvirt-1.2.17-13.el7.x86_64
qemu-kvm-rhev-2.3.0-26.el7.x86_64
since the qemu has disabled the host cd-rom pass-through. So the verification will just execute some sanity check.
1. check the code merged in latest libvirt
2. check the cd-rom pass-through is really disabled with libvirt.
Scenario 1: code check
1. download and install libvirt-1.2.17-13.el7.src.rpm
2. check code with patch instruction.
vim src/conf/domain_conf.c +96
VIR_ENUM_IMPL(virDomainTaint, VIR_DOMAIN_TAINT_LAST,
"custom-argv",
"custom-monitor",
"high-privileges",
"shell-scripts",
"disk-probing",
"external-launch",
"host-cpu",
"hook-script",
"cdrom-passthrough",
"custom-dtb");
========
vim src/conf/domain_conf.h +2313
typedef enum {
...
VIR_DOMAIN_TAINT_CDROM_PASSTHROUGH,/* CDROM passthrough */
...
} virDomainTaintFlags;
========
vim src/qemu/qemu_domain.c +2191
if (disk->device == VIR_DOMAIN_DISK_DEVICE_CDROM &&
virStorageSourceGetActualType(disk->src) == VIR_STORAGE_TYPE_BLOCK &&
disk->src->path)
qemuDomainObjTaint(driver, obj, VIR_DOM/qemu/qemu_domain.cAIN_TAINT_CDROM_PASSTHROUGH,
logFD);
virObjectUnref(cfg);
Scenario 2: check host cd-rom pass-through is really disabled.
1. prepare a disk xml
#cat disk.xml
<disk type='block' device='cdrom'>
<driver name='qemu' type='raw'/>
<source dev='/dev/sr0'/>
<target dev='hdc' bus='ide'/>
<readonly/>
</disk>
2. hotplug the disk
# virsh attach-device ys1 disk.xml
error: Failed to attach device from disk.xml
error: internal error: No device with bus 'ide' and target 'hdc'. cdrom and floppy device hotplug isn't supported by libvirt
# virsh attach-disk ys1 /dev/sr0 sdc
error: Failed to attach disk
error: internal error: unable to execute QEMU command '__com.redhat_drive_add': Device 'drive-scsi0-0-0-2' could not be initialized
3. cold plug the disk
#virsh edit ys1
(add following)
<disk type='block' device='cdrom'>
<driver name='qemu' type='raw'/>
<source dev='/dev/sr0'/>
<target dev='hdc' bus='ide'/>
<readonly/>
</disk>
# virsh start ys1
error: Failed to start domain ys1
error: internal error: process exited while connecting to monitor: 2015-10-12T08:26:10.000070Z qemu-kvm: -drive file=/dev/sr0,if=none,id=drive-ide0-1-0,readonly=on,format=raw: Driver 'host_cdrom' is not whitelisted
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-2202.html |
A domain that uses a device as the source of a virtual CD-ROM drive will often encounter problems as both the guest and host try to control the tray. It would be nice if such a domain could be tainted. How to reproduce: 1. create a domain with <disk type='block' device='cdrom'> <driver name='qemu' type='raw'/> <source dev='/dev/sr0'/> <target dev='hdc' bus='ide'> <readonly/> </disk> 2. The per-domain logfile should show something like "Domain id=3 is tainted: cdrom-passthrough".