From 0304fa2feecd2cc6e76d93fa379cb4257b015e13 Mon Sep 17 00:00:00 2001 From: Peter Krempa Date: Thu, 18 Apr 2019 14:36:38 +0200 Subject: [PATCH] qemu: Allow using qemuDomainStorageSourceAccessModify on singe images MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add a new flag QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN to select whether to work on single image or full chain. Signed-off-by: Peter Krempa Reviewed-by: Ján Tomko --- src/qemu/qemu_domain.c | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index f5cb1cec70..9431e4d02e 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -9214,6 +9214,8 @@ qemuDomainDiskGetBackendAlias(virDomainDiskDefPtr disk, typedef enum { /* revoke access to the image instead of allowing it */ QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_REVOKE = 1 << 0, + /* operate on full backing chain rather than single image */ + QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN = 1 << 1, } qemuDomainStorageSourceAccessFlags; @@ -9239,6 +9241,8 @@ qemuDomainStorageSourceAccessModify(virQEMUDriverPtr driver, const char *srcstr = NULLSTR(src->path); int ret = -1; virErrorPtr orig_err = NULL; + bool chain = flags & QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN; + int rc; /* just tear down the disk access */ if (flags & QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_REVOKE) { @@ -9253,20 +9257,30 @@ qemuDomainStorageSourceAccessModify(virQEMUDriverPtr driver, if (qemuDomainNamespaceSetupDisk(vm, src) < 0) goto rollback_lock; - if (qemuSecuritySetImageLabel(driver, vm, src, true) < 0) + if (qemuSecuritySetImageLabel(driver, vm, src, chain) < 0) goto rollback_namespace; - if (qemuSetupImageChainCgroup(vm, src) < 0) + if (chain) + rc = qemuSetupImageChainCgroup(vm, src); + else + rc = qemuSetupImageCgroup(vm, src); + + if (rc < 0) goto rollback_label; ret = 0; goto cleanup; rollback_cgroup: - if (qemuTeardownImageChainCgroup(vm, src) < 0) + if (chain) + rc = qemuTeardownImageChainCgroup(vm, src); + else + rc = qemuTeardownImageCgroup(vm, src); + + if (rc < 0) VIR_WARN("Unable to tear down cgroup access on %s", srcstr); rollback_label: - if (qemuSecurityRestoreImageLabel(driver, vm, src, true) < 0) + if (qemuSecurityRestoreImageLabel(driver, vm, src, chain) < 0) VIR_WARN("Unable to restore security label on %s", srcstr); rollback_namespace: @@ -9289,7 +9303,7 @@ qemuDomainStorageSourceChainAccessAllow(virQEMUDriverPtr driver, virDomainObjPtr vm, virStorageSourcePtr src) { - qemuDomainStorageSourceAccessFlags flags = 0; + qemuDomainStorageSourceAccessFlags flags = QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN; return qemuDomainStorageSourceAccessModify(driver, vm, src, flags); } @@ -9300,7 +9314,8 @@ qemuDomainStorageSourceChainAccessRevoke(virQEMUDriverPtr driver, virDomainObjPtr vm, virStorageSourcePtr src) { - qemuDomainStorageSourceAccessFlags flags = QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_REVOKE; + qemuDomainStorageSourceAccessFlags flags = QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_REVOKE | + QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN; return qemuDomainStorageSourceAccessModify(driver, vm, src, flags); }