Bug 2180030 - Logs are spammed with ' Domain id=7 is tainted: custom-ga-command' message [rhel-8.8.0.z]
Summary: Logs are spammed with ' Domain id=7 is tainted: custom-ga-command' message [r...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: libvirt
Version: 8.4
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Peter Krempa
QA Contact: Lili Zhu
URL:
Whiteboard:
Depends On: 2174447
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-03-20 15:17 UTC by RHEL Program Management Team
Modified: 2023-06-27 14:59 UTC (History)
9 users (show)

Fixed In Version: libvirt-8.0.0-19.module+el8.8.0+18370+e5872f90
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 2174447
Environment:
Last Closed: 2023-06-27 14:58:12 UTC
Type: ---
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHELPLAN-152432 0 None None None 2023-03-20 15:19:57 UTC
Red Hat Product Errata RHSA-2023:3822 0 None None None 2023-06-27 14:58:25 UTC

Comment 2 Lili Zhu 2023-04-04 06:14:34 UTC 
Test this bug with:
libvirt-8.0.0-19.module+el8.8.0+18453+e0bf0d1d.x86_64

1. prepare a guest with guest agent device
# virsh domtime rhel8.8 
Time: 1680585239

2. check the dominfo
# virsh dominfo rhel8.8 
Id:             1
Name:           rhel8.8
UUID:           a239cb28-110e-4c39-9dd1-e9caf8bcf7f6
OS Type:        hvm
State:          running
CPU(s):         8
CPU time:       842.5s
Max memory:     2883584 KiB
Used memory:    2097152 KiB
Persistent:     yes
Autostart:      disable
Managed save:   no
Security model: selinux
Security DOI:   0
Security label: system_u:system_r:svirt_t:s0:c557,c936 (enforcing)

3. check the vcpus about guest using qemu-agent-command
# virsh qemu-agent-command rhel8.8 '{"execute":"guest-get-vcpus"}'
{"return":[{"online":true,"can-offline":true,"logical-id":7},....

4. check the dominfo again
Id:             2
Name:           rhel8.8
UUID:           a239cb28-110e-4c39-9dd1-e9caf8bcf7f6
OS Type:        hvm
State:          running
CPU(s):         8
CPU time:       166.5s
Max memory:     2883584 KiB
Used memory:    2097152 KiB
Persistent:     yes
Autostart:      disable
Managed save:   no
Security model: selinux
Security DOI:   0
Security label: system_u:system_r:svirt_t:s0:c676,c804 (enforcing)

5. check the log
# grep -ni tainted /var/log/libvirt/libvirtd.log 
569:2023-04-04 06:11:16.977+0000: 34389: warning : qemuDomainObjTaintMsg:6401 : Domain id=2 name='rhel8.8' uuid=a239cb28-110e-4c39-9dd1-e9caf8bcf7f6 is tainted: custom-ga-command
571:2023-04-04 06:11:16.977+0000: 34389: debug : qemuDomainLogAppendMessage:6766 : Append log message (vm='rhel8.8' message='2023-04-04 06:11:16.977+0000: Domain id=2 is tainted: custom-ga-command

6. repeat step 2 for 100 times
# for i in {1..100}; do virsh qemu-agent-command rhel8.8 '{"execute":"guest-get-vcpus"}'; done

7. check the log again
# grep -ni tainted /var/log/libvirt/libvirtd.log 
569:2023-04-04 06:11:16.977+0000: 34389: warning : qemuDomainObjTaintMsg:6401 : Domain id=2 name='rhel8.8' uuid=a239cb28-110e-4c39-9dd1-e9caf8bcf7f6 is tainted: custom-ga-command
571:2023-04-04 06:11:16.977+0000: 34389: debug : qemuDomainLogAppendMessage:6766 : Append log message (vm='rhel8.8' message='2023-04-04 06:11:16.977+0000: Domain id=2 is tainted: custom-ga-command

(The tainted message is printed when invoking guest-agent-command for the first time. And no new logs about tainted messages printed for the later invoking, logs are not spammed)
Comment 5 Lili Zhu 2023-05-11 06:35:41 UTC 
Tested this bug with:
libvirt-8.0.0-19.module+el8.8.0+18453+e0bf0d1d.x86_64

Testing steps are the same with those in Comment #2
As the testing results match with the expected results, mark the bug as verified.
Comment 10 errata-xmlrpc 2023-06-27 14:58:12 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: virt:rhel and virt-devel:rhel security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:3822
Note You need to log in before you can comment on or make changes to this bug.