snapshot: use SELinux and lock manager with external snapshots

With this, it is now possible to create external snapshots even
when SELinux is enforcing, and to protect the new file with a
lock manager.

* src/qemu/qemu_driver.c
(qemuDomainSnapshotCreateSingleDiskActive): Create and register
new file with proper permissions and locks.
(qemuDomainSnapshotCreateDiskActive): Update caller.
This commit is contained in:
Eric Blake 2011-08-23 17:14:55 -06:00
parent 9c21b44131
commit 6337989089

View File

@ -87,6 +87,7 @@
#include "configmake.h" #include "configmake.h"
#include "threadpool.h" #include "threadpool.h"
#include "locking/lock_manager.h" #include "locking/lock_manager.h"
#include "locking/domain_lock.h"
#include "virkeycode.h" #include "virkeycode.h"
#define VIR_FROM_THIS VIR_FROM_QEMU #define VIR_FROM_THIS VIR_FROM_QEMU
@ -8854,7 +8855,8 @@ cleanup:
/* The domain is expected to hold monitor lock. */ /* The domain is expected to hold monitor lock. */
static int static int
qemuDomainSnapshotCreateSingleDiskActive(virDomainObjPtr vm, qemuDomainSnapshotCreateSingleDiskActive(struct qemud_driver *driver,
virDomainObjPtr vm,
virDomainSnapshotDiskDefPtr snap, virDomainSnapshotDiskDefPtr snap,
virDomainDiskDefPtr disk) virDomainDiskDefPtr disk)
{ {
@ -8863,6 +8865,10 @@ qemuDomainSnapshotCreateSingleDiskActive(virDomainObjPtr vm,
char *source = NULL; char *source = NULL;
char *driverType = NULL; char *driverType = NULL;
int ret = -1; int ret = -1;
int fd = -1;
char *origsrc = NULL;
char *origdriver = NULL;
bool need_unlink = false;
if (snap->snapshot != VIR_DOMAIN_DISK_SNAPSHOT_EXTERNAL) { if (snap->snapshot != VIR_DOMAIN_DISK_SNAPSHOT_EXTERNAL) {
qemuReportError(VIR_ERR_INTERNAL_ERROR, "%s", qemuReportError(VIR_ERR_INTERNAL_ERROR, "%s",
@ -8878,7 +8884,35 @@ qemuDomainSnapshotCreateSingleDiskActive(virDomainObjPtr vm,
goto cleanup; goto cleanup;
} }
/* XXX create new file and set selinux labels */ /* create the stub file and set selinux labels; manipulate disk in
* place, in a way that can be reverted on failure. */
fd = qemuOpenFile(driver, source, O_WRONLY | O_TRUNC | O_CREAT,
&need_unlink, NULL);
if (fd < 0)
goto cleanup;
VIR_FORCE_CLOSE(fd);
origsrc = disk->src;
disk->src = source;
origdriver = disk->driverType;
disk->driverType = driverType;
if (virDomainLockDiskAttach(driver->lockManager, vm, disk) < 0)
goto cleanup;
if (virSecurityManagerSetImageLabel(driver->securityManager, vm,
disk) < 0) {
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
VIR_WARN("Unable to release lock on %s", source);
goto cleanup;
}
need_unlink = false;
disk->src = origsrc;
origsrc = NULL;
disk->driverType = origdriver;
origdriver = NULL;
/* create the actual snapshot */
ret = qemuMonitorDiskSnapshot(priv->mon, device, source); ret = qemuMonitorDiskSnapshot(priv->mon, device, source);
virDomainAuditDisk(vm, disk->src, source, "snapshot", ret >= 0); virDomainAuditDisk(vm, disk->src, source, "snapshot", ret >= 0);
if (ret < 0) if (ret < 0)
@ -8898,6 +8932,12 @@ qemuDomainSnapshotCreateSingleDiskActive(virDomainObjPtr vm,
* configuration changes awaiting the next boot? */ * configuration changes awaiting the next boot? */
cleanup: cleanup:
if (origsrc) {
disk->src = origsrc;
disk->driverType = origdriver;
}
if (need_unlink && unlink(source))
VIR_WARN("unable to unlink just-created %s", source);
VIR_FREE(device); VIR_FREE(device);
VIR_FREE(source); VIR_FREE(source);
VIR_FREE(driverType); VIR_FREE(driverType);
@ -8949,7 +8989,7 @@ qemuDomainSnapshotCreateDiskActive(virConnectPtr conn,
if (snap->def->disks[i].snapshot == VIR_DOMAIN_DISK_SNAPSHOT_NO) if (snap->def->disks[i].snapshot == VIR_DOMAIN_DISK_SNAPSHOT_NO)
continue; continue;
ret = qemuDomainSnapshotCreateSingleDiskActive(vm, ret = qemuDomainSnapshotCreateSingleDiskActive(driver, vm,
&snap->def->disks[i], &snap->def->disks[i],
vm->def->disks[i]); vm->def->disks[i]);
if (ret < 0) if (ret < 0)