External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-10-03 04:45:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

qemu: don't pass virConnectPtr around for secrets

Browse Source 
During domain startup there are many places where we need to acquire
secrets. Currently code passes around a virConnectPtr, except in the
places where we pass in NULL. So there are a few codepaths where ability
to start guests using secrets will fail. Change to acquire a handle to
the secret driver when needed.

Reviewed-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrangé 2018-02-09 16:14:41 +00:00
parent 2d43f0a2dc
commit 6ea0ae9619
8 changed files with 119 additions and 168 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

115
src/qemu/qemu_domain.c
View File

@ -1151,7 +1151,6 @@ qemuDomainChrSourcePrivateDispose(void *obj)
/* qemuDomainSecretPlainSetup:
* @conn: Pointer to connection
* @secinfo: Pointer to secret info
* @usageType: The virSecretUsageType
* @username: username to use for authentication (may be NULL)
@ -1162,24 +1161,33 @@ qemuDomainChrSourcePrivateDispose(void *obj)
* Returns 0 on success, -1 on failure with error message
*/
static int
qemuDomainSecretPlainSetup(virConnectPtr conn,
qemuDomainSecretInfoPtr secinfo,
qemuDomainSecretPlainSetup(qemuDomainSecretInfoPtr secinfo,
virSecretUsageType usageType,
const char *username,
virSecretLookupTypeDefPtr seclookupdef)
{
secinfo->type = VIR_DOMAIN_SECRET_INFO_TYPE_PLAIN;
if (VIR_STRDUP(secinfo->s.plain.username, username) < 0)
virConnectPtr conn;
int ret = -1;
conn = virGetConnectSecret();
if (!conn)
return -1;
return virSecretGetSecretString(conn, seclookupdef, usageType,
&secinfo->s.plain.secret,
&secinfo->s.plain.secretlen);
secinfo->type = VIR_DOMAIN_SECRET_INFO_TYPE_PLAIN;
if (VIR_STRDUP(secinfo->s.plain.username, username) < 0)
goto cleanup;
ret = virSecretGetSecretString(conn, seclookupdef, usageType,
&secinfo->s.plain.secret,
&secinfo->s.plain.secretlen);
cleanup:
virObjectUnref(conn);
return ret;
}
/* qemuDomainSecretAESSetup:
* @conn: Pointer to connection
* @priv: pointer to domain private object
* @secinfo: Pointer to secret info
* @srcalias: Alias of the disk/hostdev used to generate the secret alias
@ -1193,8 +1201,7 @@ qemuDomainSecretPlainSetup(virConnectPtr conn,
* Returns 0 on success, -1 on failure with error message
*/
static int
qemuDomainSecretAESSetup(virConnectPtr conn,
qemuDomainObjPrivatePtr priv,
qemuDomainSecretAESSetup(qemuDomainObjPrivatePtr priv,
qemuDomainSecretInfoPtr secinfo,
const char *srcalias,
virSecretUsageType usageType,
@ -1202,6 +1209,7 @@ qemuDomainSecretAESSetup(virConnectPtr conn,
virSecretLookupTypeDefPtr seclookupdef,
bool isLuks)
{
virConnectPtr conn;
int ret = -1;
uint8_t *raw_iv = NULL;
size_t ivlen = QEMU_DOMAIN_AES_IV_LEN;
@ -1210,16 +1218,20 @@ qemuDomainSecretAESSetup(virConnectPtr conn,
uint8_t *ciphertext = NULL;
size_t ciphertextlen = 0;
secinfo->type = VIR_DOMAIN_SECRET_INFO_TYPE_AES;
if (VIR_STRDUP(secinfo->s.aes.username, username) < 0)
conn = virGetConnectSecret();
if (!conn)
return -1;
secinfo->type = VIR_DOMAIN_SECRET_INFO_TYPE_AES;
if (VIR_STRDUP(secinfo->s.aes.username, username) < 0)
goto cleanup;
if (!(secinfo->s.aes.alias = qemuDomainGetSecretAESAlias(srcalias, isLuks)))
return -1;
goto cleanup;
/* Create a random initialization vector */
if (!(raw_iv = virCryptoGenerateRandom(ivlen)))
return -1;
goto cleanup;
/* Encode the IV and save that since qemu will need it */
if (!(secinfo->s.aes.iv = virStringEncodeBase64(raw_iv, ivlen)))
@ -1250,13 +1262,12 @@ qemuDomainSecretAESSetup(virConnectPtr conn,
VIR_DISPOSE_N(raw_iv, ivlen);
VIR_DISPOSE_N(secret, secretlen);
VIR_DISPOSE_N(ciphertext, ciphertextlen);
virObjectUnref(conn);
return ret;
}
/* qemuDomainSecretSetup:
* @conn: Pointer to connection
* @priv: pointer to domain private object
* @secinfo: Pointer to secret info
* @srcalias: Alias of the disk/hostdev used to generate the secret alias
@ -1273,8 +1284,7 @@ qemuDomainSecretAESSetup(virConnectPtr conn,
* Returns 0 on success, -1 on failure
*/
static int
qemuDomainSecretSetup(virConnectPtr conn,
qemuDomainObjPrivatePtr priv,
qemuDomainSecretSetup(qemuDomainObjPrivatePtr priv,
qemuDomainSecretInfoPtr secinfo,
const char *srcalias,
virSecretUsageType usageType,
@ -1291,12 +1301,12 @@ qemuDomainSecretSetup(virConnectPtr conn,
(usageType == VIR_SECRET_USAGE_TYPE_ISCSI && iscsiHasPS) ||
usageType == VIR_SECRET_USAGE_TYPE_VOLUME ||
usageType == VIR_SECRET_USAGE_TYPE_TLS)) {
if (qemuDomainSecretAESSetup(conn, priv, secinfo, srcalias,
if (qemuDomainSecretAESSetup(priv, secinfo, srcalias,
usageType, username,
seclookupdef, isLuks) < 0)
return -1;
} else {
if (qemuDomainSecretPlainSetup(conn, secinfo, usageType,
if (qemuDomainSecretPlainSetup(secinfo, usageType,
username, seclookupdef) < 0)
return -1;
}
@ -1305,7 +1315,6 @@ qemuDomainSecretSetup(virConnectPtr conn,
/* qemuDomainSecretInfoNew:
* @conn: Pointer to connection
* @priv: pointer to domain private object
* @srcAlias: Alias base to use for TLS object
* @usageType: Secret usage type
@ -1319,8 +1328,7 @@ qemuDomainSecretSetup(virConnectPtr conn,
* to eventually free @secinfo.
*/
static qemuDomainSecretInfoPtr
qemuDomainSecretInfoNew(virConnectPtr conn,
qemuDomainObjPrivatePtr priv,
qemuDomainSecretInfoNew(qemuDomainObjPrivatePtr priv,
const char *srcAlias,
virSecretUsageType usageType,
const char *username,
@ -1332,7 +1340,7 @@ qemuDomainSecretInfoNew(virConnectPtr conn,
if (VIR_ALLOC(secinfo) < 0)
return NULL;
if (qemuDomainSecretSetup(conn, priv, secinfo, srcAlias, usageType,
if (qemuDomainSecretSetup(priv, secinfo, srcAlias, usageType,
username, lookupDef, isLuks) < 0)
goto error;
@ -1352,7 +1360,6 @@ qemuDomainSecretInfoNew(virConnectPtr conn,
/**
* qemuDomainSecretInfoTLSNew:
* @conn: Pointer to connection
* @priv: pointer to domain private object
* @srcAlias: Alias base to use for TLS object
* @secretUUID: Provide a secretUUID value to look up/create the secretInfo
@ -1363,8 +1370,7 @@ qemuDomainSecretInfoNew(virConnectPtr conn,
* Returns qemuDomainSecretInfoPtr or NULL on error.
*/
qemuDomainSecretInfoPtr
qemuDomainSecretInfoTLSNew(virConnectPtr conn,
qemuDomainObjPrivatePtr priv,
qemuDomainSecretInfoTLSNew(qemuDomainObjPrivatePtr priv,
const char *srcAlias,
const char *secretUUID)
{
@ -1378,7 +1384,7 @@ qemuDomainSecretInfoTLSNew(virConnectPtr conn,
}
seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_UUID;
return qemuDomainSecretInfoNew(conn, priv, srcAlias,
return qemuDomainSecretInfoNew(priv, srcAlias,
VIR_SECRET_USAGE_TYPE_TLS, NULL,
&seclookupdef, false);
}
@ -1440,7 +1446,6 @@ qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src)
/**
* qemuDomainSecretStorageSourcePrepare:
* @conn: connection object - for secret lookup
* @priv: domain private object
* @src: storage source struct to setup
* @authalias: prefix of the alias for secret holding authentication data
@ -1454,8 +1459,7 @@ qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src)
* Returns 0 on success; -1 on error while reporting an libvirt error.
*/
static int
qemuDomainSecretStorageSourcePrepare(virConnectPtr conn,
qemuDomainObjPrivatePtr priv,
qemuDomainSecretStorageSourcePrepare(qemuDomainObjPrivatePtr priv,
virStorageSourcePtr src,
const char *authalias,
const char *encalias)
@ -1479,7 +1483,7 @@ qemuDomainSecretStorageSourcePrepare(virConnectPtr conn,
usageType = VIR_SECRET_USAGE_TYPE_CEPH;
if (!(srcPriv->secinfo =
qemuDomainSecretInfoNew(conn, priv, authalias,
qemuDomainSecretInfoNew(priv, authalias,
usageType, src->auth->username,
&src->auth->seclookupdef, false)))
return -1;
@ -1487,7 +1491,7 @@ qemuDomainSecretStorageSourcePrepare(virConnectPtr conn,
if (hasEnc) {
if (!(srcPriv->encinfo =
qemuDomainSecretInfoNew(conn, priv, encalias,
qemuDomainSecretInfoNew(priv, encalias,
VIR_SECRET_USAGE_TYPE_VOLUME, NULL,
&src->encryption->secrets[0]->seclookupdef,
true)))
@ -1499,7 +1503,6 @@ qemuDomainSecretStorageSourcePrepare(virConnectPtr conn,
/* qemuDomainSecretDiskPrepare:
* @conn: Pointer to connection
* @priv: pointer to domain private object
* @disk: Pointer to a disk definition
*
@ -1509,11 +1512,10 @@ qemuDomainSecretStorageSourcePrepare(virConnectPtr conn,
*/
static int
qemuDomainSecretDiskPrepare(virConnectPtr conn,
qemuDomainObjPrivatePtr priv,
qemuDomainSecretDiskPrepare(qemuDomainObjPrivatePtr priv,
virDomainDiskDefPtr disk)
{
return qemuDomainSecretStorageSourcePrepare(conn, priv, disk->src,
return qemuDomainSecretStorageSourcePrepare(priv, disk->src,
disk->info.alias,
disk->info.alias);
}
@ -1543,7 +1545,6 @@ qemuDomainSecretHostdevDestroy(virDomainHostdevDefPtr hostdev)
/* qemuDomainSecretHostdevPrepare:
* @conn: Pointer to connection
* @priv: pointer to domain private object
* @hostdev: Pointer to a hostdev definition
*
@ -1552,8 +1553,7 @@ qemuDomainSecretHostdevDestroy(virDomainHostdevDefPtr hostdev)
* Returns 0 on success, -1 on failure
*/
int
qemuDomainSecretHostdevPrepare(virConnectPtr conn,
qemuDomainObjPrivatePtr priv,
qemuDomainSecretHostdevPrepare(qemuDomainObjPrivatePtr priv,
virDomainHostdevDefPtr hostdev)
{
if (virHostdevIsSCSIDevice(hostdev)) {
@ -1571,7 +1571,7 @@ qemuDomainSecretHostdevPrepare(virConnectPtr conn,
srcPriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(src);
if (!(srcPriv->secinfo =
qemuDomainSecretInfoNew(conn, priv, hostdev->info->alias,
qemuDomainSecretInfoNew(priv, hostdev->info->alias,
VIR_SECRET_USAGE_TYPE_ISCSI,
src->auth->username,
&src->auth->seclookupdef,
@ -1603,7 +1603,6 @@ qemuDomainSecretChardevDestroy(virDomainChrSourceDefPtr dev)
/* qemuDomainSecretChardevPrepare:
* @conn: Pointer to connection
* @cfg: Pointer to driver config object
* @priv: pointer to domain private object
* @chrAlias: Alias of the chr device
@ -1615,8 +1614,7 @@ qemuDomainSecretChardevDestroy(virDomainChrSourceDefPtr dev)
* Returns 0 on success, -1 on failure
*/
int
qemuDomainSecretChardevPrepare(virConnectPtr conn,
virQEMUDriverConfigPtr cfg,
qemuDomainSecretChardevPrepare(virQEMUDriverConfigPtr cfg,
qemuDomainObjPrivatePtr priv,
const char *chrAlias,
virDomainChrSourceDefPtr dev)
@ -1635,7 +1633,7 @@ qemuDomainSecretChardevPrepare(virConnectPtr conn,
return -1;
chrSourcePriv->secinfo =
qemuDomainSecretInfoTLSNew(conn, priv, charAlias,
qemuDomainSecretInfoTLSNew(priv, charAlias,
cfg->chardevTLSx509secretUUID);
VIR_FREE(charAlias);
@ -1693,7 +1691,6 @@ qemuDomainSecretDestroy(virDomainObjPtr vm)
/* qemuDomainSecretPrepare:
* @conn: Pointer to connection
* @driver: Pointer to driver object
* @vm: Domain object
*
@ -1706,8 +1703,7 @@ qemuDomainSecretDestroy(virDomainObjPtr vm)
* Returns 0 on success, -1 on failure with error message set
*/
int
qemuDomainSecretPrepare(virConnectPtr conn,
virQEMUDriverPtr driver,
qemuDomainSecretPrepare(virQEMUDriverPtr driver,
virDomainObjPtr vm)
{
qemuDomainObjPrivatePtr priv = vm->privateData;
@ -1718,34 +1714,34 @@ qemuDomainSecretPrepare(virConnectPtr conn,
/* disk secrets are prepared when preparing disks */
for (i = 0; i < vm->def->nhostdevs; i++) {
if (qemuDomainSecretHostdevPrepare(conn, priv,
if (qemuDomainSecretHostdevPrepare(priv,
vm->def->hostdevs[i]) < 0)
goto cleanup;
}
for (i = 0; i < vm->def->nserials; i++) {
if (qemuDomainSecretChardevPrepare(conn, cfg, priv,
if (qemuDomainSecretChardevPrepare(cfg, priv,
vm->def->serials[i]->info.alias,
vm->def->serials[i]->source) < 0)
goto cleanup;
}
for (i = 0; i < vm->def->nparallels; i++) {
if (qemuDomainSecretChardevPrepare(conn, cfg, priv,
if (qemuDomainSecretChardevPrepare(cfg, priv,
vm->def->parallels[i]->info.alias,
vm->def->parallels[i]->source) < 0)
goto cleanup;
}
for (i = 0; i < vm->def->nchannels; i++) {
if (qemuDomainSecretChardevPrepare(conn, cfg, priv,
if (qemuDomainSecretChardevPrepare(cfg, priv,
vm->def->channels[i]->info.alias,
vm->def->channels[i]->source) < 0)
goto cleanup;
}
for (i = 0; i < vm->def->nconsoles; i++) {
if (qemuDomainSecretChardevPrepare(conn, cfg, priv,
if (qemuDomainSecretChardevPrepare(cfg, priv,
vm->def->consoles[i]->info.alias,
vm->def->consoles[i]->source) < 0)
goto cleanup;
@ -1754,21 +1750,21 @@ qemuDomainSecretPrepare(virConnectPtr conn,
for (i = 0; i < vm->def->nsmartcards; i++)
if (vm->def->smartcards[i]->type ==
VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH &&
qemuDomainSecretChardevPrepare(conn, cfg, priv,
qemuDomainSecretChardevPrepare(cfg, priv,
vm->def->smartcards[i]->info.alias,
vm->def->smartcards[i]->data.passthru) < 0)
goto cleanup;
for (i = 0; i < vm->def->nrngs; i++) {
if (vm->def->rngs[i]->backend == VIR_DOMAIN_RNG_BACKEND_EGD &&
qemuDomainSecretChardevPrepare(conn, cfg, priv,
qemuDomainSecretChardevPrepare(cfg, priv,
vm->def->rngs[i]->info.alias,
vm->def->rngs[i]->source.chardev) < 0)
goto cleanup;
}
for (i = 0; i < vm->def->nredirdevs; i++) {
if (qemuDomainSecretChardevPrepare(conn, cfg, priv,
if (qemuDomainSecretChardevPrepare(cfg, priv,
vm->def->redirdevs[i]->info.alias,
vm->def->redirdevs[i]->source) < 0)
goto cleanup;
@ -11504,15 +11500,14 @@ qemuDomainCheckMigrationCapabilities(virQEMUDriverPtr driver,
int
qemuDomainPrepareDiskSource(virConnectPtr conn,
virDomainDiskDefPtr disk,
qemuDomainPrepareDiskSource(virDomainDiskDefPtr disk,
qemuDomainObjPrivatePtr priv,
virQEMUDriverConfigPtr cfg)
{
if (qemuDomainPrepareDiskSourceTLS(disk->src, cfg) < 0)
return -1;
if (qemuDomainSecretDiskPrepare(conn, priv, disk) < 0)
if (qemuDomainSecretDiskPrepare(priv, disk) < 0)
return -1;
if (disk->src->type == VIR_STORAGE_TYPE_NETWORK &&

21
src/qemu/qemu_domain.h
View File

@ -836,37 +836,33 @@ bool qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src)
ATTRIBUTE_NONNULL(1);
qemuDomainSecretInfoPtr
qemuDomainSecretInfoTLSNew(virConnectPtr conn,
qemuDomainObjPrivatePtr priv,
qemuDomainSecretInfoTLSNew(qemuDomainObjPrivatePtr priv,
const char *srcAlias,
const char *secretUUID);
void qemuDomainSecretHostdevDestroy(virDomainHostdevDefPtr disk)
ATTRIBUTE_NONNULL(1);
int qemuDomainSecretHostdevPrepare(virConnectPtr conn,
qemuDomainObjPrivatePtr priv,
int qemuDomainSecretHostdevPrepare(qemuDomainObjPrivatePtr priv,
virDomainHostdevDefPtr hostdev)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3);
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2);
void qemuDomainSecretChardevDestroy(virDomainChrSourceDefPtr dev)
ATTRIBUTE_NONNULL(1);
int qemuDomainSecretChardevPrepare(virConnectPtr conn,
virQEMUDriverConfigPtr cfg,
int qemuDomainSecretChardevPrepare(virQEMUDriverConfigPtr cfg,
qemuDomainObjPrivatePtr priv,
const char *chrAlias,
virDomainChrSourceDefPtr dev)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3)
ATTRIBUTE_NONNULL(4) ATTRIBUTE_NONNULL(5);
ATTRIBUTE_NONNULL(4);
void qemuDomainSecretDestroy(virDomainObjPtr vm)
ATTRIBUTE_NONNULL(1);
int qemuDomainSecretPrepare(virConnectPtr conn,
virQEMUDriverPtr driver,
int qemuDomainSecretPrepare(virQEMUDriverPtr driver,
virDomainObjPtr vm)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3);
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2);
int qemuDomainDefValidateDiskLunSource(const virStorageSource *src)
ATTRIBUTE_NONNULL(1);
@ -1000,8 +996,7 @@ qemuDomainCheckMigrationCapabilities(virQEMUDriverPtr driver,
qemuDomainAsyncJob asyncJob);
int
qemuDomainPrepareDiskSource(virConnectPtr conn,
virDomainDiskDefPtr disk,
qemuDomainPrepareDiskSource(virDomainDiskDefPtr disk,
qemuDomainObjPrivatePtr priv,
virQEMUDriverConfigPtr cfg);

18
src/qemu/qemu_driver.c
View File

@ -7635,7 +7635,6 @@ qemuDomainUndefine(virDomainPtr dom)
static int
qemuDomainAttachDeviceLive(virDomainObjPtr vm,
virDomainDeviceDefPtr dev,
virConnectPtr conn,
virQEMUDriverPtr driver)
{
int ret = -1;
@ -7644,7 +7643,7 @@ qemuDomainAttachDeviceLive(virDomainObjPtr vm,
switch ((virDomainDeviceType) dev->type) {
case VIR_DOMAIN_DEVICE_DISK:
qemuDomainObjCheckDiskTaint(driver, vm, dev->data.disk, NULL);
ret = qemuDomainAttachDeviceDiskLive(conn, driver, vm, dev);
ret = qemuDomainAttachDeviceDiskLive(driver, vm, dev);
if (!ret) {
alias = dev->data.disk->info.alias;
dev->data.disk = NULL;
@ -7677,7 +7676,7 @@ qemuDomainAttachDeviceLive(virDomainObjPtr vm,
case VIR_DOMAIN_DEVICE_HOSTDEV:
qemuDomainObjCheckHostdevTaint(driver, vm, dev->data.hostdev, NULL);
ret = qemuDomainAttachHostDevice(conn, driver, vm,
ret = qemuDomainAttachHostDevice(driver, vm,
dev->data.hostdev);
if (!ret) {
alias = dev->data.hostdev->info->alias;
@ -7686,7 +7685,7 @@ qemuDomainAttachDeviceLive(virDomainObjPtr vm,
break;
case VIR_DOMAIN_DEVICE_REDIRDEV:
ret = qemuDomainAttachRedirdevDevice(conn, driver, vm,
ret = qemuDomainAttachRedirdevDevice(driver, vm,
dev->data.redirdev);
if (!ret) {
alias = dev->data.redirdev->info.alias;
@ -7695,7 +7694,7 @@ qemuDomainAttachDeviceLive(virDomainObjPtr vm,
break;
case VIR_DOMAIN_DEVICE_CHR:
ret = qemuDomainAttachChrDevice(conn, driver, vm,
ret = qemuDomainAttachChrDevice(driver, vm,
dev->data.chr);
if (!ret) {
alias = dev->data.chr->info.alias;
@ -7704,7 +7703,7 @@ qemuDomainAttachDeviceLive(virDomainObjPtr vm,
break;
case VIR_DOMAIN_DEVICE_RNG:
ret = qemuDomainAttachRNGDevice(conn, driver, vm,
ret = qemuDomainAttachRNGDevice(driver, vm,
dev->data.rng);
if (!ret) {
alias = dev->data.rng->info.alias;
@ -8441,8 +8440,7 @@ qemuDomainUpdateDeviceConfig(virDomainDefPtr vmdef,
}
static int
qemuDomainAttachDeviceLiveAndConfig(virConnectPtr conn,
virDomainObjPtr vm,
qemuDomainAttachDeviceLiveAndConfig(virDomainObjPtr vm,
virQEMUDriverPtr driver,
const char *xml,
unsigned int flags)
@ -8501,7 +8499,7 @@ qemuDomainAttachDeviceLiveAndConfig(virConnectPtr conn,
if (virDomainDefCompatibleDevice(vm->def, dev_copy) < 0)
goto cleanup;
if ((ret = qemuDomainAttachDeviceLive(vm, dev_copy, conn, driver)) < 0)
if ((ret = qemuDomainAttachDeviceLive(vm, dev_copy, driver)) < 0)
goto cleanup;
/*
* update domain status forcibly because the domain status may be
@ -8557,7 +8555,7 @@ qemuDomainAttachDeviceFlags(virDomainPtr dom,
if (virDomainObjUpdateModificationImpact(vm, &flags) < 0)
goto endjob;
if (qemuDomainAttachDeviceLiveAndConfig(dom->conn, vm, driver, xml, flags) < 0)
if (qemuDomainAttachDeviceLiveAndConfig(vm, driver, xml, flags) < 0)
goto endjob;
ret = 0;

64
src/qemu/qemu_hotplug.c
View File

@ -354,8 +354,7 @@ qemuDomainChangeEjectableMedia(virQEMUDriverPtr driver,
* Attaches disk to a VM. This function aggregates common code for all bus types.
* In cases when the VM crashed while adding the disk, -2 is returned. */
static int
qemuDomainAttachDiskGeneric(virConnectPtr conn,
virQEMUDriverPtr driver,
qemuDomainAttachDiskGeneric(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainDiskDefPtr disk)
{
@ -382,7 +381,7 @@ qemuDomainAttachDiskGeneric(virConnectPtr conn,
if (qemuAssignDeviceDiskAlias(vm->def, disk) < 0)
goto error;
if (qemuDomainPrepareDiskSource(conn, disk, priv, cfg) < 0)
if (qemuDomainPrepareDiskSource(disk, priv, cfg) < 0)
goto error;
srcPriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(disk->src);
@ -487,8 +486,7 @@ qemuDomainAttachDiskGeneric(virConnectPtr conn,
static int
qemuDomainAttachVirtioDiskDevice(virConnectPtr conn,
virQEMUDriverPtr driver,
qemuDomainAttachVirtioDiskDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainDiskDefPtr disk)
{
@ -499,7 +497,7 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn,
if (qemuDomainEnsureVirtioAddress(&releaseaddr, vm, &dev, disk->dst) < 0)
return -1;
if ((rv = qemuDomainAttachDiskGeneric(conn, driver, vm, disk)) < 0) {
if ((rv = qemuDomainAttachDiskGeneric(driver, vm, disk)) < 0) {
if (rv == -1 && releaseaddr)
qemuDomainReleaseDeviceAddress(vm, &disk->info, disk->dst);
@ -639,8 +637,7 @@ qemuDomainFindOrCreateSCSIDiskController(virQEMUDriverPtr driver,
static int
qemuDomainAttachSCSIDisk(virConnectPtr conn,
virQEMUDriverPtr driver,
qemuDomainAttachSCSIDisk(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainDiskDefPtr disk)
{
@ -666,7 +663,7 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
return -1;
}
if (qemuDomainAttachDiskGeneric(conn, driver, vm, disk) < 0)
if (qemuDomainAttachDiskGeneric(driver, vm, disk) < 0)
return -1;
return 0;
@ -674,8 +671,7 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
static int
qemuDomainAttachUSBMassStorageDevice(virConnectPtr conn,
virQEMUDriverPtr driver,
qemuDomainAttachUSBMassStorageDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainDiskDefPtr disk)
{
@ -686,7 +682,7 @@ qemuDomainAttachUSBMassStorageDevice(virConnectPtr conn,
return -1;
}
if (qemuDomainAttachDiskGeneric(conn, driver, vm, disk) < 0) {
if (qemuDomainAttachDiskGeneric(driver, vm, disk) < 0) {
virDomainUSBAddressRelease(priv->usbaddrs, &disk->info);
return -1;
}
@ -696,8 +692,7 @@ qemuDomainAttachUSBMassStorageDevice(virConnectPtr conn,
int
qemuDomainAttachDeviceDiskLive(virConnectPtr conn,
virQEMUDriverPtr driver,
qemuDomainAttachDeviceDiskLive(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainDeviceDefPtr dev)
{
@ -761,15 +756,15 @@ qemuDomainAttachDeviceDiskLive(virConnectPtr conn,
_("disk device='lun' is not supported for usb bus"));
break;
}
ret = qemuDomainAttachUSBMassStorageDevice(conn, driver, vm, disk);
ret = qemuDomainAttachUSBMassStorageDevice(driver, vm, disk);
break;
case VIR_DOMAIN_DISK_BUS_VIRTIO:
ret = qemuDomainAttachVirtioDiskDevice(conn, driver, vm, disk);
ret = qemuDomainAttachVirtioDiskDevice(driver, vm, disk);
break;
case VIR_DOMAIN_DISK_BUS_SCSI:
ret = qemuDomainAttachSCSIDisk(conn, driver, vm, disk);
ret = qemuDomainAttachSCSIDisk(driver, vm, disk);
break;
case VIR_DOMAIN_DISK_BUS_IDE:
@ -954,11 +949,8 @@ qemuDomainAttachNetDevice(virQEMUDriverPtr driver,
* as a hostdev (the hostdev code will reach over into the
* netdev-specific code as appropriate), then also added to
* the nets list (see cleanup:) if successful.
*
* qemuDomainAttachHostDevice uses a connection to resolve
* a SCSI hostdev secret, which is not this case, so pass NULL.
*/
ret = qemuDomainAttachHostDevice(NULL, driver, vm,
ret = qemuDomainAttachHostDevice(driver, vm,
virDomainNetGetActualHostdev(net));
goto cleanup;
break;
@ -1519,8 +1511,7 @@ qemuDomainGetTLSObjects(virQEMUCapsPtr qemuCaps,
static int
qemuDomainAddChardevTLSObjects(virConnectPtr conn,
virQEMUDriverPtr driver,
qemuDomainAddChardevTLSObjects(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainChrSourceDefPtr dev,
char *devAlias,
@ -1545,7 +1536,7 @@ qemuDomainAddChardevTLSObjects(virConnectPtr conn,
goto cleanup;
}
if (qemuDomainSecretChardevPrepare(conn, cfg, priv, devAlias, dev) < 0)
if (qemuDomainSecretChardevPrepare(cfg, priv, devAlias, dev) < 0)
goto cleanup;
if ((chrSourcePriv = QEMU_DOMAIN_CHR_SOURCE_PRIVATE(dev)))
@ -1623,8 +1614,7 @@ qemuDomainDelChardevTLSObjects(virQEMUDriverPtr driver,
}
int qemuDomainAttachRedirdevDevice(virConnectPtr conn,
virQEMUDriverPtr driver,
int qemuDomainAttachRedirdevDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainRedirdevDefPtr redirdev)
{
@ -1655,7 +1645,7 @@ int qemuDomainAttachRedirdevDevice(virConnectPtr conn,
if (VIR_REALLOC_N(def->redirdevs, def->nredirdevs+1) < 0)
goto cleanup;
if (qemuDomainAddChardevTLSObjects(conn, driver, vm, redirdev->source,
if (qemuDomainAddChardevTLSObjects(driver, vm, redirdev->source,
redirdev->info.alias, charAlias,
&tlsAlias, &secAlias) < 0)
goto audit;
@ -1861,8 +1851,7 @@ qemuDomainAttachChrDeviceAssignAddr(virDomainObjPtr vm,
return 0;
}
int qemuDomainAttachChrDevice(virConnectPtr conn,
virQEMUDriverPtr driver,
int qemuDomainAttachChrDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainChrDefPtr chr)
{
@ -1914,7 +1903,7 @@ int qemuDomainAttachChrDevice(virConnectPtr conn,
if (qemuDomainChrPreInsert(vmdef, chr) < 0)
goto cleanup;
if (qemuDomainAddChardevTLSObjects(conn, driver, vm, dev,
if (qemuDomainAddChardevTLSObjects(driver, vm, dev,
chr->info.alias, charAlias,
&tlsAlias, &secAlias) < 0)
goto audit;
@ -1969,8 +1958,7 @@ int qemuDomainAttachChrDevice(virConnectPtr conn,
int
qemuDomainAttachRNGDevice(virConnectPtr conn,
virQEMUDriverPtr driver,
qemuDomainAttachRNGDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainRNGDefPtr rng)
{
@ -2024,7 +2012,7 @@ qemuDomainAttachRNGDevice(virConnectPtr conn,
goto cleanup;
if (rng->backend == VIR_DOMAIN_RNG_BACKEND_EGD) {
if (qemuDomainAddChardevTLSObjects(conn, driver, vm,
if (qemuDomainAddChardevTLSObjects(driver, vm,
rng->source.chardev,
rng->info.alias, charAlias,
&tlsAlias, &secAlias) < 0)
@ -2325,8 +2313,7 @@ qemuDomainAttachHostUSBDevice(virQEMUDriverPtr driver,
static int
qemuDomainAttachHostSCSIDevice(virConnectPtr conn,
virQEMUDriverPtr driver,
qemuDomainAttachHostSCSIDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainHostdevDefPtr hostdev)
{
@ -2383,7 +2370,7 @@ qemuDomainAttachHostSCSIDevice(virConnectPtr conn,
if (qemuAssignDeviceHostdevAlias(vm->def, &hostdev->info->alias, -1) < 0)
goto cleanup;
if (qemuDomainSecretHostdevPrepare(conn, priv, hostdev) < 0)
if (qemuDomainSecretHostdevPrepare(priv, hostdev) < 0)
goto cleanup;
if (scsisrc->protocol == VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI) {
@ -2585,8 +2572,7 @@ qemuDomainAttachSCSIVHostDevice(virQEMUDriverPtr driver,
int
qemuDomainAttachHostDevice(virConnectPtr conn,
virQEMUDriverPtr driver,
qemuDomainAttachHostDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainHostdevDefPtr hostdev)
{
@ -2611,7 +2597,7 @@ qemuDomainAttachHostDevice(virConnectPtr conn,
break;
case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI:
if (qemuDomainAttachHostSCSIDevice(conn, driver, vm,
if (qemuDomainAttachHostSCSIDevice(driver, vm,
hostdev) < 0)
goto error;
break;

15
src/qemu/qemu_hotplug.h
View File

@ -62,19 +62,16 @@ int qemuDomainGetTLSObjects(virQEMUCapsPtr qemuCaps,
int qemuDomainAttachControllerDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainControllerDefPtr controller);
int qemuDomainAttachDeviceDiskLive(virConnectPtr conn,
virQEMUDriverPtr driver,
int qemuDomainAttachDeviceDiskLive(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainDeviceDefPtr dev);
int qemuDomainAttachNetDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainNetDefPtr net);
int qemuDomainAttachRedirdevDevice(virConnectPtr conn,
virQEMUDriverPtr driver,
int qemuDomainAttachRedirdevDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainRedirdevDefPtr hostdev);
int qemuDomainAttachHostDevice(virConnectPtr conn,
virQEMUDriverPtr driver,
int qemuDomainAttachHostDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainHostdevDefPtr hostdev);
int qemuDomainAttachShmemDevice(virQEMUDriverPtr driver,
@ -140,15 +137,13 @@ int qemuDomainAttachLease(virQEMUDriverPtr driver,
int qemuDomainDetachLease(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainLeaseDefPtr lease);
int qemuDomainAttachChrDevice(virConnectPtr conn,
virQEMUDriverPtr driver,
int qemuDomainAttachChrDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainChrDefPtr chr);
int qemuDomainDetachChrDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainChrDefPtr chr);
int qemuDomainAttachRNGDevice(virConnectPtr conn,
virQEMUDriverPtr driver,
int qemuDomainAttachRNGDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainRNGDefPtr rng);
int qemuDomainDetachRNGDevice(virQEMUDriverPtr driver,

10
src/qemu/qemu_migration.c
View File

@ -128,7 +128,6 @@ qemuMigrationCheckTLSCreds(virQEMUDriverPtr driver,
/* qemuMigrationCheckSetupTLS
* @conn: Connection pointer
* @driver: pointer to qemu driver
* @vm: domain object
* @cfg: configuration pointer
@ -144,8 +143,7 @@ qemuMigrationCheckTLSCreds(virQEMUDriverPtr driver,
* Returns 0 on success, -1 on error/failure
*/
static int
qemuMigrationCheckSetupTLS(virConnectPtr conn,
virQEMUDriverPtr driver,
qemuMigrationCheckSetupTLS(virQEMUDriverPtr driver,
virQEMUDriverConfigPtr cfg,
virDomainObjPtr vm,
qemuDomainAsyncJob asyncJob)
@ -171,7 +169,7 @@ qemuMigrationCheckSetupTLS(virConnectPtr conn,
/* If there's a secret, then grab/store it now using the connection */
if (cfg->migrateTLSx509secretUUID &&
!(priv->migSecinfo =
qemuDomainSecretInfoTLSNew(conn, priv, QEMU_MIGRATION_TLS_ALIAS_BASE,
qemuDomainSecretInfoTLSNew(priv, QEMU_MIGRATION_TLS_ALIAS_BASE,
cfg->migrateTLSx509secretUUID)))
return -1;
@ -2180,7 +2178,7 @@ qemuMigrationBegin(virConnectPtr conn,
if (flags & VIR_MIGRATE_TLS) {
cfg = virQEMUDriverGetConfig(driver);
if (qemuMigrationCheckSetupTLS(conn, driver, cfg, vm, asyncJob) < 0)
if (qemuMigrationCheckSetupTLS(driver, cfg, vm, asyncJob) < 0)
goto endjob;
}
@ -2788,7 +2786,7 @@ qemuMigrationPrepareAny(virQEMUDriverPtr driver,
* set the migration TLS parameters */
if (flags & VIR_MIGRATE_TLS) {
cfg = virQEMUDriverGetConfig(driver);
if (qemuMigrationCheckSetupTLS(dconn, driver, cfg, vm,
if (qemuMigrationCheckSetupTLS(driver, cfg, vm,
QEMU_ASYNC_JOB_MIGRATION_IN) < 0)
goto stopjob;

40
src/qemu/qemu_process.c
View File

@ -368,11 +368,11 @@ qemuProcessFindDomainDiskByAlias(virDomainObjPtr vm,
}
static int
qemuProcessGetVolumeQcowPassphrase(virConnectPtr conn,
virDomainDiskDefPtr disk,
qemuProcessGetVolumeQcowPassphrase(virDomainDiskDefPtr disk,
char **secretRet,
size_t *secretLen)
{
virConnectPtr conn = NULL;
char *passphrase;
unsigned char *data;
size_t size;
@ -387,19 +387,8 @@ qemuProcessGetVolumeQcowPassphrase(virConnectPtr conn,
}
enc = disk->src->encryption;
if (!conn) {
virReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("cannot find secrets without a connection"));
if (!(conn = virGetConnectSecret()))
goto cleanup;
}
if (conn->secretDriver == NULL ||
conn->secretDriver->secretLookupByUUID == NULL ||
conn->secretDriver->secretGetValue == NULL) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
_("secret storage not supported"));
goto cleanup;
}
if (enc->format != VIR_STORAGE_ENCRYPTION_FORMAT_QCOW ||
enc->nsecrets != 1 ||
@ -442,6 +431,7 @@ qemuProcessGetVolumeQcowPassphrase(virConnectPtr conn,
ret = 0;
cleanup:
virObjectUnref(conn);
return ret;
}
@ -453,7 +443,6 @@ qemuProcessFindVolumeQcowPassphrase(qemuMonitorPtr mon ATTRIBUTE_UNUSED,
size_t *secretLen,
void *opaque ATTRIBUTE_UNUSED)
{
virConnectPtr conn = NULL;
virDomainDiskDefPtr disk;
int ret = -1;
@ -465,11 +454,9 @@ qemuProcessFindVolumeQcowPassphrase(qemuMonitorPtr mon ATTRIBUTE_UNUSED,
goto cleanup;
}
conn = virGetConnectSecret();
ret = qemuProcessGetVolumeQcowPassphrase(conn, disk, secretRet, secretLen);
ret = qemuProcessGetVolumeQcowPassphrase(disk, secretRet, secretLen);
cleanup:
virObjectUnref(conn);
virObjectUnlock(vm);
return ret;
}
@ -2567,8 +2554,7 @@ qemuProcessResctrlCreate(virQEMUDriverPtr driver,
static int
qemuProcessInitPasswords(virConnectPtr conn,
virQEMUDriverPtr driver,
qemuProcessInitPasswords(virQEMUDriverPtr driver,
virDomainObjPtr vm,
int asyncJob)
{
@ -2613,8 +2599,7 @@ qemuProcessInitPasswords(virConnectPtr conn,
continue;
VIR_FREE(secret);
if (qemuProcessGetVolumeQcowPassphrase(conn,
vm->def->disks[i],
if (qemuProcessGetVolumeQcowPassphrase(vm->def->disks[i],
&secret, &secretLen) < 0)
goto cleanup;
@ -5589,8 +5574,7 @@ qemuProcessPrepareDomainNUMAPlacement(virDomainObjPtr vm,
static int
qemuProcessPrepareDomainStorage(virConnectPtr conn,
virQEMUDriverPtr driver,
qemuProcessPrepareDomainStorage(virQEMUDriverPtr driver,
virDomainObjPtr vm,
qemuDomainObjPrivatePtr priv,
virQEMUDriverConfigPtr cfg,
@ -5611,7 +5595,7 @@ qemuProcessPrepareDomainStorage(virConnectPtr conn,
continue;
}
if (qemuDomainPrepareDiskSource(conn, disk, priv, cfg) < 0)
if (qemuDomainPrepareDiskSource(disk, priv, cfg) < 0)
return -1;
}
@ -5722,14 +5706,14 @@ qemuProcessPrepareDomain(virConnectPtr conn,
goto cleanup;
VIR_DEBUG("Setting up storage");
if (qemuProcessPrepareDomainStorage(conn, driver, vm, priv, cfg, flags) < 0)
if (qemuProcessPrepareDomainStorage(driver, vm, priv, cfg, flags) < 0)
goto cleanup;
VIR_DEBUG("Prepare chardev source backends for TLS");
qemuDomainPrepareChardevSource(vm->def, cfg);
VIR_DEBUG("Add secrets to hostdevs and chardevs");
if (qemuDomainSecretPrepare(conn, driver, vm) < 0)
if (qemuDomainSecretPrepare(driver, vm) < 0)
goto cleanup;
for (i = 0; i < vm->def->nchannels; i++) {
@ -6180,7 +6164,7 @@ qemuProcessLaunch(virConnectPtr conn,
goto cleanup;
VIR_DEBUG("Setting any required VM passwords");
if (qemuProcessInitPasswords(conn, driver, vm, asyncJob) < 0)
if (qemuProcessInitPasswords(driver, vm, asyncJob) < 0)
goto cleanup;
/* set default link states */

4
tests/qemuhotplugtest.c
View File

@ -120,10 +120,10 @@ testQemuHotplugAttach(virDomainObjPtr vm,
/* conn in only used for storage pool and secrets lookup so as long
* as we don't use any of them, passing NULL should be safe
*/
ret = qemuDomainAttachDeviceDiskLive(NULL, &driver, vm, dev);
ret = qemuDomainAttachDeviceDiskLive(&driver, vm, dev);
break;
case VIR_DOMAIN_DEVICE_CHR:
ret = qemuDomainAttachChrDevice(NULL, &driver, vm, dev->data.chr);
ret = qemuDomainAttachChrDevice(&driver, vm, dev->data.chr);
break;
case VIR_DOMAIN_DEVICE_SHMEM:
ret = qemuDomainAttachShmemDevice(&driver, vm, dev->data.shmem);