From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 0FB6D60B82 for ; Fri, 9 Oct 2020 17:44:28 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 0556D17A7D for ; Fri, 9 Oct 2020 17:44:28 +0200 (CEST) Received: from pmg.fws.fr (pmg.fws.fr [51.91.175.36]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 42C1B17A71 for ; Fri, 9 Oct 2020 17:44:26 +0200 (CEST) Received: from pmg.fws.fr (localhost [127.0.0.1]) by pmg.fws.fr (Proxmox) with ESMTP id B7F0DC24EE for ; Fri, 9 Oct 2020 17:44:25 +0200 (CEST) Received: from zmproxy.fws.fr (zmproxy.fws.fr [10.29.1.17]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pmg.fws.fr (Proxmox) with ESMTPS id 80EBFC0245 for ; Fri, 9 Oct 2020 17:44:22 +0200 (CEST) Received: from zmproxy.fws.fr (localhost [127.0.0.1]) by zmproxy.fws.fr (Postfix) with ESMTPS id 73FB08B79BF; Fri, 9 Oct 2020 17:44:22 +0200 (CEST) Received: from zmproxy.fws.fr (localhost [127.0.0.1]) by zmproxy.fws.fr (Postfix) with ESMTPS id 5BC168B79C0; Fri, 9 Oct 2020 17:44:22 +0200 (CEST) DKIM-Filter: OpenDKIM Filter v2.10.3 zmproxy.fws.fr 5BC168B79C0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=firewall-services.com; s=7DAD15A2-D84A-11E9-8F77-BEC4FAA34EBC; t=1602258262; bh=AswLyFpzR/C8kcLNxjd2P1wc3Lbvt/rWHhSW73IPQ5w=; h=Date:From:To:Message-ID:MIME-Version; b=LEEks4AtIiB1nC7JM6of0qE6jWorHfsuM+CCH/93bVcYPp+oD+Y9e9Q4bGb6dBSN4 QnBBlaCDygLoRPQBTtfFNVhIC40U1DatUASHibFLtKpg9JjV1Bq3QUX5AmI8k1G8hs bdWtQB+jiBbA7lsX+pisBJPd6OWwKmunzZ2XQneX4CdhWKmKQEST0E1oIPtuJFo2mg sETjwYMeCQCPQFeQJ4gEwWsDMwkVwNyA1JiXzARgACG/JQYbYp1SCHuFBBQrSTtA0f gRTY9IuB0712AgNn6Bw2O1MQBeVIYF0Uj+DGxnvkty1+VjUgTDW3Vd66Z6OShVXR1R q7ipkHs2IatNg== Received: from zmstore.fws.fr (zmstore.fws.fr [10.29.3.15]) by zmproxy.fws.fr (Postfix) with ESMTP id 56A938B79BF for ; Fri, 9 Oct 2020 17:44:22 +0200 (CEST) Date: Fri, 9 Oct 2020 17:44:22 +0200 (CEST) From: Daniel Berteaud To: Proxmox VE development discussion Message-ID: <1253861784.220180.1602258262225.JavaMail.zimbra@fws.fr> In-Reply-To: <1663712196.220058.1602257198078.JavaMail.zimbra@fws.fr> References: <20201009151344.8999-1-s.ivanov@proxmox.com> <1663712196.220058.1602257198078.JavaMail.zimbra@fws.fr> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.29.1.17] X-Mailer: Zimbra 8.8.15_GA_3963 (ZimbraWebClient - GC85 (Linux)/8.8.15_GA_3963) Thread-Topic: ZFSPlugin: untaint lun number Thread-Index: 2GIizgU0wYAeg5ieH1mYM4cI56U/dPDvwJ2+ X-SPAM-LEVEL: Spam detection results: 0 AWL 0.014 Adjusted score from AWL reputation of From: address DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not necessarily valid DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature DKIM_VALID_AU -0.1 Message has a valid DKIM or DK signature from author's domain DKIM_VALID_EF -0.1 Message has a valid DKIM or DK signature from envelope-from domain RCVD_IN_DNSWL_MED -2.3 Sender listed at https://www.dnswl.org/, medium trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [firewall-services.com, proxmox.com, zfsplugin.pm, fws.fr, lio.pm, open3.pm] Subject: Re: [pve-devel] [PATCH storage] ZFSPlugin: untaint lun number X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Oct 2020 15:44:28 -0000 ----- Le 9 Oct 20, =C3=A0 17:26, Daniel Berteaud daniel@firewall-services.c= om a =C3=A9crit : > ----- Le 9 Oct 20, =C3=A0 17:13, Stoiko Ivanov s.ivanov@proxmox.com a =C3= =A9crit : >=20 >> ZFS over iSCSI fetches information about the disk-images via ssh, thus >> the obtainted data is tainted (perlsec (1)). >>=20 >> Since pvedaemon runs with '-T' enabled trying to start a VM via GUI/API = failed, >> while it still worked via `qm` or `pvesh`. >>=20 >> The issue surfaced after commit cb9db10c1a9855cf40ff13e81f9dd97d6a9b2698= in >> pve-common ('run_command: improve performance for logging and long lines= '), >> and results from concatenating the original (tainted) buffer to a variab= le, >> instead of a captured subgroup. >>=20 >> Untainting the value in ZFSPlugin should not cause any regressiosn, sinc= e the >> other 3 target providers already have a match on '\d+' for retrieving th= e >> lun number. >>=20 >> reported via pve-user [0]. >>=20 >> reproduced and tested by setting up a LIO-target (on top of a virtual PV= E), >> adding it as storage and trying to start a guest (with a disk on the >> ZFS over iSCSI storage) with `perl -T /usr/sbin/qm start $vmid` >>=20 >> [0] https://lists.proxmox.com/pipermail/pve-user/2020-October/172055.htm= l >>=20 >> Signed-off-by: Stoiko Ivanov >> --- >> PVE/Storage/ZFSPlugin.pm | 6 +++++- >> 1 file changed, 5 insertions(+), 1 deletion(-) >>=20 >> diff --git a/PVE/Storage/ZFSPlugin.pm b/PVE/Storage/ZFSPlugin.pm >> index 383f0a0..63b9551 100644 >> --- a/PVE/Storage/ZFSPlugin.pm >> +++ b/PVE/Storage/ZFSPlugin.pm >> @@ -159,7 +159,11 @@ sub zfs_get_lun_number { >>=20 >> die "could not find lun_number for guid $guid" if !$guid; >>=20 >> - return $class->zfs_request($scfg, undef, 'list_view', $guid); >> + if ($class->zfs_request($scfg, undef, 'list_view', $guid) =3D~ /^(\= d+)$/) { >> +=09return $1; >> + } >> + >> + die "lun_number for guid $guid is not a number"; >> } >=20 I can confirm this is fixing the issue of the VM not starting from the web = interface. There's still a (probably) related issue : ZFS over iSCSI disks = can't be removed (eg, at the end of a live disk move) : Use of uninitialized value in die at /usr/share/perl5/PVE/Storage/LunCmd/LI= O.pm line 337. error during cfs-locked 'storage-iscsi-zfs-zol1-prd' operation: command '/u= sr/bin/ssh -o 'BatchMode=3Dyes' -i /etc/pve/priv/zfs/10.29.255.252_id_rsa r= oot@10.29.255.252 -- /usr/bin/targetcli /iscsi/iqn.2019-10.fr.fws.pve:prod/= tpg1/luns/ delete lun1' failed: Insecure dependency in exec while running w= ith -T switch at /usr/share/perl/5.28/IPC/Open3.pm line 178. =09...propagated at /usr/share/perl5/PVE/Storage/LunCmd/LIO.pm line 337. It might be only affecting the LIO backend though Cheers, Daniel --=20 [ https://www.firewall-services.com/ ] =09 Daniel Berteaud=20 FIREWALL-SERVICES SAS, La s=C3=A9curit=C3=A9 des r=C3=A9seaux=20 Soci=C3=A9t=C3=A9 de Services en Logiciels Libres=20 T=C3=A9l : +33.5 56 64 15 32=20 Matrix: @dani:fws.fr=20 [ https://www.firewall-services.com/ | https://www.firewall-services.com ]