Hide Forgot
Description of problem: Owner and SElinux context cannot be restore after hot-unplug USB Host device. Version-Release number of selected component (if applicable): libvirt-1.3.4-1.el7.x86_64 qemu-kvm-rhev-2.6.0-4.el7.x86_64 How reproducible: 100% Steps to Reproduce: 1.Prepared an USB device # lsusb ...... Bus 002 Device 006: ID 0951:1656 Kingston Technology DataTraveler Ultimate G2 # ls -alZ /dev/bus/usb/002/006 -alZ crw-rw-r--. root root system_u:object_r:usb_device_t:s0 /dev/bus/usb/002/006 2. attach this USB device to a running guest. # cat hostdev-usb3.xml <hostdev mode='subsystem' type='usb' managed='yes'> <source startupPolicy='optional'> <vendor id='0x0951'/> <product id='0x1656'/> </source> </hostdev> # virsh attach-device r72 hostdev-usb3.xml Device attached successfully check Owner and SElinux label # ls -alZ /dev/bus/usb/002/006 -alZ crw-rw-r--. qemu qemu system_u:object_r:svirt_image_t:s0:c270,c634 /dev/bus/usb/002/006 3. detach device # virsh detach-device r72 hostdev-usb3.xml Device detached successfully check owner and SElinxu label again. # ls -alZ /dev/bus/usb/002/006 crw-rw-r--. qemu qemu system_u:object_r:svirt_image_t:s0:c270,c634 /dev/bus/usb/002/006 # virsh destroy r72 Domain r72 destroyed # ls -alZ /dev/bus/usb/002/006 crw-rw-r--. qemu qemu system_u:object_r:svirt_image_t:s0:c270,c634 /dev/bus/usb/002/006 Actual results: As step 3, usb device keep the owner and SElinux context as set to virtual machine. Expected results: Libvirt should clean what it modified before. After detach device, usb device should be changed back to original permission and SELinux context. Additional info: It cannot be reproduced on RHEL7.2.
Upstream patch: https://www.redhat.com/archives/libvir-list/2016-June/msg01166.html
Pushed as: commit 22d262c9b019ab43bc9ff7188fc31794902d5287 Author: Ján Tomko <jtomko@redhat.com> CommitDate: 2016-06-17 19:43:22 +0200 qemu: restore non-pci hostdev labels after detach Commit 409de00 changed the logic to only match PCI devices while moving this before Remove*HostDevice calls. https://bugzilla.redhat.com/show_bug.cgi?id=1342874 git describe: v1.3.5-316-g22d262c
verify the bug version: libvirt-2.0.0-6.el7.x86_64 qemu-kvm-rhev-2.6.0-22.el7.x86_64 steps: 1.Prepared an USB device [root@localhost ~]# lsusb Bus 002 Device 002: ID 0951:1642 Kingston Technology DT101 G2 Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 008 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 007 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub [root@localhost ~]# ls -alZ /dev/bus/usb/002/002 crw-rw-r--. root root system_u:object_r:usb_device_t:s0 /dev/bus/usb/002/002 2. attach this USB device to a running guest [root@localhost ~]# cat usb.xml <hostdev mode='subsystem' type='usb' managed='yes'> <source startupPolicy='optional'> <vendor id='0x0951'/> <product id='0x1642'/> </source> </hostdev> [root@localhost ~]# virsh attach-device bios usb.xml Device attached successfully [root@localhost ~]# ls -alZ /dev/bus/usb/002/002 crw-rw-r--. qemu qemu system_u:object_r:svirt_image_t:s0:c152,c690 /dev/bus/usb/002/002 3. detach device [root@localhost ~]# virsh detach-device bios usb.xml Device detached successfully [root@localhost ~]# [root@localhost ~]# ls -alZ /dev/bus/usb/002/002 crw-rw-r--. root root system_u:object_r:usb_device_t:s0 /dev/bus/usb/002/002 usb device is changed back to original permission and SELinux context.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2016-2577.html