976387 – taint domain if it uses host CD-ROM passthrough

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 976387 - taint domain if it uses host CD-ROM passthrough

Summary: taint domain if it uses host CD-ROM passthrough

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	libvirt
Sub Component:
Version:	7.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	John Ferlan
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-06-20 13:20 UTC by Paolo Bonzini
Modified:	2016-04-26 13:58 UTC (History)
CC List:	10 users (show)
Fixed In Version:	libvirt-1.2.16-1.el7
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-11-19 05:43:16 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2015:2202	0	normal	SHIPPED_LIVE	libvirt bug fix and enhancement update	2015-11-19 08:17:58 UTC

Description Paolo Bonzini 2013-06-20 13:20:48 UTC

A domain that uses a device as the source of a virtual CD-ROM drive will often encounter problems as both the guest and host try to control the tray.  It would be nice if such a domain could be tainted.

How to reproduce:

1. create a domain with

    <disk type='block' device='cdrom'>
      <driver name='qemu' type='raw'/>
      <source dev='/dev/sr0'/>
      <target dev='hdc' bus='ide'>
      <readonly/>
    </disk>

2. The per-domain logfile should show something like "Domain id=3 is tainted: cdrom-passthrough".

Comment 5 Jiri Denemark 2014-04-04 21:37:45 UTC

This bug was not selected to be addressed in Red Hat Enterprise Linux 6. We will look at it again within the Red Hat Enterprise Linux 7 product.

Comment 8 John Ferlan 2015-05-12 20:04:01 UTC

Posted patches upstream:

http://www.redhat.com/archives/libvir-list/2015-May/msg00380.html

Comment 9 John Ferlan 2015-05-20 11:52:13 UTC

Patch pushed upstream:

commit 99a2d6af2b30bbb6cd87986b65129cfa9257e5ff
Author: John Ferlan <jferlan>
Date:   Tue May 12 15:58:31 2015 -0400

    Taint domains using cdrom-passthrough
    
    https://bugzilla.redhat.com/show_bug.cgi?id=976387
    
    For a domain configured using the host cdrom, we should taint the domain
    due to problems encountered when the host and guest try to control the tray.


$ git describe 99a2d6af2b30bbb6cd87986b65129cfa9257e5ff
v1.2.15-116-g99a2d6a
$

Comment 11 yisun 2015-09-17 11:52:28 UTC

cdrom passthrough is disabled by qemu-kvm as bz https://bugzilla.redhat.com/show_bug.cgi?id=760885

Downgrade qemu-kvm and libvirt cause a lot of other problems with current 7.2 kernel. Will find an available host with cd-rom and test this with rhel7.0 later.

Comment 12 yisun 2015-10-12 08:46:05 UTC

verified on:
libvirt-1.2.17-13.el7.x86_64
qemu-kvm-rhev-2.3.0-26.el7.x86_64

since the qemu has disabled the host cd-rom pass-through. So the verification will just execute some sanity check.
1. check the code merged in latest libvirt
2. check the cd-rom pass-through is really disabled with libvirt.


Scenario 1: code check
1. download and install libvirt-1.2.17-13.el7.src.rpm
2. check code with patch instruction.
vim src/conf/domain_conf.c +96
VIR_ENUM_IMPL(virDomainTaint, VIR_DOMAIN_TAINT_LAST,
              "custom-argv",
              "custom-monitor",
              "high-privileges",
              "shell-scripts",
              "disk-probing",
              "external-launch",
              "host-cpu",
              "hook-script",
              "cdrom-passthrough",
              "custom-dtb");
========
vim src/conf/domain_conf.h +2313
typedef enum {
...
    VIR_DOMAIN_TAINT_CDROM_PASSTHROUGH,/* CDROM passthrough */ 
...
} virDomainTaintFlags;

========

vim src/qemu/qemu_domain.c +2191
    if (disk->device == VIR_DOMAIN_DISK_DEVICE_CDROM &&
        virStorageSourceGetActualType(disk->src) == VIR_STORAGE_TYPE_BLOCK &&
        disk->src->path)
        qemuDomainObjTaint(driver, obj, VIR_DOM/qemu/qemu_domain.cAIN_TAINT_CDROM_PASSTHROUGH,
                           logFD);

    virObjectUnref(cfg); 


Scenario 2: check host cd-rom pass-through is really disabled. 
1. prepare a disk xml
#cat disk.xml
    <disk type='block' device='cdrom'>
      <driver name='qemu' type='raw'/>
      <source dev='/dev/sr0'/>
      <target dev='hdc' bus='ide'/>
      <readonly/>
    </disk>

2. hotplug the disk
# virsh attach-device ys1 disk.xml 
error: Failed to attach device from disk.xml
error: internal error: No device with bus 'ide' and target 'hdc'. cdrom and floppy device hotplug isn't supported by libvirt

# virsh attach-disk ys1 /dev/sr0 sdc
error: Failed to attach disk
error: internal error: unable to execute QEMU command '__com.redhat_drive_add': Device 'drive-scsi0-0-0-2' could not be initialized


3. cold plug the disk
#virsh edit ys1
(add following)
    <disk type='block' device='cdrom'>
      <driver name='qemu' type='raw'/>
      <source dev='/dev/sr0'/>
      <target dev='hdc' bus='ide'/>
      <readonly/>
    </disk>

# virsh start ys1
error: Failed to start domain ys1
error: internal error: process exited while connecting to monitor: 2015-10-12T08:26:10.000070Z qemu-kvm: -drive file=/dev/sr0,if=none,id=drive-ide0-1-0,readonly=on,format=raw: Driver 'host_cdrom' is not whitelisted

Comment 14 errata-xmlrpc 2015-11-19 05:43:16 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2202.html

Note You need to log in before you can comment on or make changes to this bug.