qemu: Separate image metadata removal into a function

There are four places where we remove image XATTRs and in all of
them we have the same for() loop with the same body. Move it into
a separate function because I'm about to introduce fifth place
where the same needs to be done.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
This commit is contained in:
Michal Privoznik 2019-11-19 08:43:58 +01:00
parent 86085c9a2f
commit 1c12b86185
3 changed files with 35 additions and 41 deletions

View File

@ -22,6 +22,7 @@
#include "qemu_command.h" #include "qemu_command.h"
#include "qemu_domain.h" #include "qemu_domain.h"
#include "qemu_alias.h" #include "qemu_alias.h"
#include "qemu_security.h"
#include "viralloc.h" #include "viralloc.h"
#include "virstring.h" #include "virstring.h"
@ -2588,3 +2589,27 @@ qemuBlockStorageSourceCreateDetectSize(virHashTablePtr blockNamedNodeData,
return 0; return 0;
} }
int
qemuBlockRemoveImageMetadata(virQEMUDriverPtr driver,
virDomainObjPtr vm,
const char *diskTarget,
virStorageSourcePtr src)
{
virStorageSourcePtr n;
int ret = 0;
for (n = src; virStorageSourceIsBacking(n); n = n->backingStore) {
if (qemuSecurityMoveImageMetadata(driver, vm, n, NULL) < 0) {
VIR_WARN("Unable to remove disk metadata on "
"vm %s from %s (disk target %s)",
vm->def->name,
NULLSTR(n->path),
diskTarget);
ret = -1;
}
}
return ret;
}

View File

@ -197,3 +197,9 @@ int
qemuBlockStorageSourceCreateDetectSize(virHashTablePtr blockNamedNodeData, qemuBlockStorageSourceCreateDetectSize(virHashTablePtr blockNamedNodeData,
virStorageSourcePtr src, virStorageSourcePtr src,
virStorageSourcePtr templ); virStorageSourcePtr templ);
int
qemuBlockRemoveImageMetadata(virQEMUDriverPtr driver,
virDomainObjPtr vm,
const char *diskTarget,
virStorageSourcePtr src);

View File

@ -658,36 +658,18 @@ qemuBlockJobEventProcessLegacyCompleted(virQEMUDriverPtr driver,
virObjectUnref(disk->src); virObjectUnref(disk->src);
disk->src = disk->mirror; disk->src = disk->mirror;
} else { } else {
virStorageSourcePtr n;
if (disk->mirror) { if (disk->mirror) {
virDomainLockImageDetach(driver->lockManager, vm, disk->mirror); virDomainLockImageDetach(driver->lockManager, vm, disk->mirror);
/* Ideally, we would restore seclabels on the backing chain here /* Ideally, we would restore seclabels on the backing chain here
* but we don't know if somebody else is not using parts of it. * but we don't know if somebody else is not using parts of it.
* Remove security driver metadata so that they are not leaked. */ * Remove security driver metadata so that they are not leaked. */
for (n = disk->mirror; virStorageSourceIsBacking(n); n = n->backingStore) { qemuBlockRemoveImageMetadata(driver, vm, disk->dst, disk->mirror);
if (qemuSecurityMoveImageMetadata(driver, vm, n, NULL) < 0) {
VIR_WARN("Unable to remove disk metadata on "
"vm %s from %s (disk target %s)",
vm->def->name,
NULLSTR(disk->src->path),
disk->dst);
}
}
virObjectUnref(disk->mirror); virObjectUnref(disk->mirror);
} }
for (n = disk->src; virStorageSourceIsBacking(n); n = n->backingStore) { qemuBlockRemoveImageMetadata(driver, vm, disk->dst, disk->src);
if (qemuSecurityMoveImageMetadata(driver, vm, n, NULL) < 0) {
VIR_WARN("Unable to remove disk metadata on "
"vm %s from %s (disk target %s)",
vm->def->name,
NULLSTR(n->path),
disk->dst);
}
}
} }
/* Recompute the cached backing chain to match our /* Recompute the cached backing chain to match our
@ -754,22 +736,12 @@ qemuBlockJobEventProcessLegacy(virQEMUDriverPtr driver,
case VIR_DOMAIN_BLOCK_JOB_FAILED: case VIR_DOMAIN_BLOCK_JOB_FAILED:
case VIR_DOMAIN_BLOCK_JOB_CANCELED: case VIR_DOMAIN_BLOCK_JOB_CANCELED:
if (disk->mirror) { if (disk->mirror) {
virStorageSourcePtr n;
virDomainLockImageDetach(driver->lockManager, vm, disk->mirror); virDomainLockImageDetach(driver->lockManager, vm, disk->mirror);
/* Ideally, we would restore seclabels on the backing chain here /* Ideally, we would restore seclabels on the backing chain here
* but we don't know if somebody else is not using parts of it. * but we don't know if somebody else is not using parts of it.
* Remove security driver metadata so that they are not leaked. */ * Remove security driver metadata so that they are not leaked. */
for (n = disk->mirror; virStorageSourceIsBacking(n); n = n->backingStore) { qemuBlockRemoveImageMetadata(driver, vm, disk->dst, disk->mirror);
if (qemuSecurityMoveImageMetadata(driver, vm, n, NULL) < 0) {
VIR_WARN("Unable to remove disk metadata on "
"vm %s from %s (disk target %s)",
vm->def->name,
NULLSTR(disk->src->path),
disk->dst);
}
}
virObjectUnref(disk->mirror); virObjectUnref(disk->mirror);
disk->mirror = NULL; disk->mirror = NULL;
@ -1177,7 +1149,6 @@ qemuBlockJobProcessEventFailedActiveCommit(virQEMUDriverPtr driver,
qemuBlockJobDataPtr job) qemuBlockJobDataPtr job)
{ {
virDomainDiskDefPtr disk = job->disk; virDomainDiskDefPtr disk = job->disk;
virStorageSourcePtr n;
VIR_DEBUG("active commit job '%s' on VM '%s' failed", job->name, vm->def->name); VIR_DEBUG("active commit job '%s' on VM '%s' failed", job->name, vm->def->name);
@ -1187,15 +1158,7 @@ qemuBlockJobProcessEventFailedActiveCommit(virQEMUDriverPtr driver,
/* Ideally, we would make the backing chain read only again (yes, SELinux /* Ideally, we would make the backing chain read only again (yes, SELinux
* can do that using different labels). But that is not implemented yet and * can do that using different labels). But that is not implemented yet and
* not leaking security driver metadata is more important. */ * not leaking security driver metadata is more important. */
for (n = disk->mirror; virStorageSourceIsBacking(n); n = n->backingStore) { qemuBlockRemoveImageMetadata(driver, vm, disk->dst, disk->mirror);
if (qemuSecurityMoveImageMetadata(driver, vm, n, NULL) < 0) {
VIR_WARN("Unable to remove disk metadata on "
"vm %s from %s (disk target %s)",
vm->def->name,
NULLSTR(disk->src->path),
disk->dst);
}
}
virObjectUnref(disk->mirror); virObjectUnref(disk->mirror);
disk->mirror = NULL; disk->mirror = NULL;