Bug 1868856

(In reply to gaojianan from comment #0)
> Description of problem:
> Read-only passthrough scsi device can still be modified in VM
> 
> Version-Release number of selected component (if applicable):
> libvirt-daemon-6.6.0-2.module+el8.3.0+7567+dc41c0a9.x86_64
> qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64
> 
> How reproducible:
> 100%
> 
> Steps to Reproduce:
> 1.1. enable split daemon mode:
> 
> #systemctl stop libvirtd.service
> 
> #systemctl stop libvirtd{,-ro,-admin,-tcp,-tls}.socket
> 
> #systemctl disable libvirtd.service
> 
> #systemctl disable libvirtd{,-ro,-admin,-tcp,-tls}.socket
> 
> #systemctl enable virtlogd; systemctl enable virtlogd.socket; systemctl
> start virtlogd.socket
> 
> #for drv in qemu interface network nodedev nwfilter secret storage proxy; do
> systemctl unmask virt${drv}d.service; systemctl unmask
> virt${drv}d{,-ro,-admin}.socket; systemctl enable virt${drv}d.service;
> systemctl enable virt${drv}d{,-ro,-admin}.socket; systemctl start
> virt${drv}d{,-ro,-admin}.socket ; done 
> 
> # systemctl status virtqemud
> ● virtqemud.service - Virtualization qemu daemon
>    Loaded: loaded (/usr/lib/systemd/system/virtqemud.service; enabled;
> vendor preset: disabled)
>    Active: active (running) (thawing) since Wed 2020-08-12 21:42:52 EDT;
> 5min ago
>      Docs: man:libvirtd(8)
>            https://libvirt.org
>  Main PID: 214669 (virtqemud)
>     Tasks: 18 (limit: 32768)
>    Memory: 27.9M
>    CGroup: /system.slice/virtqemud.service
>            └─214669 /usr/sbin/virtqemud --timeout 120
> 
> 2.Prepare an iscsi device
>    #  targetcli /backstores/fileio/ create device.img0
> /var/tmp/avocado_uwj2dbz0/img0
>    #  targetcli /iscsi/ create iqn.2020-08.com.virttest:img0.target
>    #  targetcli /iscsi/iqn.2020-08.com.virttest:img0.target/tpg1/luns/
> create /backstores/fileio/device.img0
>    #  targetcli /iscsi/iqn.2020-08.com.virttest:img0.target/tpg1/ set
> attribute authentication=0 demo_mode_write_protect=0 generate_node_acls=1
> cache_dynamic_acls=1
> 
> 3.Prepare a guest and hot-plug the iscsi device by host-passthrough in
> read-only mode
> # cat hostdev.xml 
> <hostdev managed="no" mode="subsystem" rawio="yes" type="scsi">
> <readonly />
> <source name="iqn.2020-08.com.virttest:img0.target/0" protocol="iscsi">
> <host name="127.0.0.1" port="3260" />
> </source>
> </hostdev>
> 
> # virsh attach-device avocado-vt-vm1 hostdev.xml 
> Device attached successfully
> 
> 4.Login the guest and try to operate the new added disk
> # virsh console avocado-vt-vm1
> # fdisk -l /dev/sda && mkfs.ext4 -F /dev/sda && mkdir -p sda && mount
> /dev/sda sda && echo teststring > sda/testfile && cat sda/testfile
> teststring
> 
> Actual results:
> This disk can still operate in guest in read-only mode
> 
> Expected results:
> The disk can't be operated in guest in read-only mode in step4
> 
> Additional info:

Re-test in lagacy libvirtd mode without split daemon,can get the same error,so this bug is not only happened in split daemon mode.

Fixed upstream:

commit f2d90b558f0e116a2e3b8a0fc22fce7e90e5910b
Author: Peter Krempa <pkrempa>
Date:   Tue Sep 15 17:58:04 2020 +0200

    qemuBuildHostdevSCSIAttachPrepare: Propagate 'readonly' flag also for iSCSI
    
    The 'readonly' hostdev property is stored separately from the
    virStorageSource as some hostdevs are not described by a virStorage
    source. We need to propagate the flag to the virStorage source also for
    iSCSI backends as it's used to generate the backend properties.
    
    Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1868856
    
    Signed-off-by: Peter Krempa <pkrempa>
    Reviewed-by: Michal Privoznik <mprivozn>

commit c58c97058602ee5be707c036c00c22400485e4e4
Author: Peter Krempa <pkrempa>
Date:   Tue Sep 15 17:48:22 2020 +0200

    qemuxml2argvtest: hostdev-scsi-virtio-scsi: Add <readonly/> to one of the iSCSI hostdevs
    
    Test a readonly iSCSI backend as well.
    
    Signed-off-by: Peter Krempa <pkrempa>
    Reviewed-by: Michal Privoznik <mprivozn>

Verified on libvirt version:
libvirt-6.6.0-6.virtcov.el8.x86_64

Step1:
Set libvirt split daemon env as bug description:
# systemctl status virtqemud
● virtqemud.service - Virtualization qemu daemon
   Loaded: loaded (/usr/lib/systemd/system/virtqemud.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2020-09-17 16:51:38 CST; 30min ago
     Docs: man:libvirtd(8)
           https://libvirt.org
 Main PID: 877577 (virtqemud)
    Tasks: 17 (limit: 32768)
   Memory: 40.5M
   CGroup: /system.slice/virtqemud.service
           └─877577 /usr/sbin/virtqemud --timeout 120

2.Prepare an iscsi disk and passthrough it to a vm with readonly mode
    <hostdev mode='subsystem' type='scsi' managed='no' rawio='yes'>
      <source protocol='iscsi' name='iqn.2016-03.com.virttest:logical-pool.target6/0'>
        <host name='127.0.0.1' port='3260'/>
      </source>
      <readonly/>
      <address type='drive' controller='0' bus='0' target='0' unit='0'/>
    </hostdev>

3.Login the guest and try to modify the added disk
# lsblk
NAME          MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda             8:0    0   1G  1 disk 
sdb             8:16   0  10G  0 disk 
├─sdb1          8:17   0   1G  0 part /boot
└─sdb2          8:18   0   9G  0 part 
  ├─rhel-root 253:0    0   8G  0 lvm  /
  └─rhel-swap 253:1    0   1G  0 lvm  [SWAP]
[root@localhost ~]# mkfs.ext4 /dev/sda 
mke2fs 1.45.6 (20-Mar-2020)
/dev/sda: Read-only file system while setting up superblock

The same scenario is also pass for libvirtd daemon.
Work as expected,so verified.

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (virt:8.3 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:5137