External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-08-27 19:11:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

qemu: checkpoint: Do ACL check prior to snapshot interlocking

Browse Source 
The interlocking with snapshots is executed prior to the ACL check so if
a VM has snapshots invoking the checkpoint API may leak it's existance.

Introduced with the qemuDomainCheckpointCreateXML API implementation in
commit 5f4e079650.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
This commit is contained in:
Peter Krempa 2019-09-27 10:00:39 +02:00
parent f4e1ef9d39
commit c8ef580f7b
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/qemu/qemu_driver.c
View File

@ -17254,18 +17254,18 @@ qemuDomainCheckpointCreateXML(virDomainPtr domain,
if (!(vm = qemuDomainObjFromDomain(domain)))
goto cleanup;
if (virDomainSnapshotObjListNum(vm->snapshots, NULL, 0) > 0) {
virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
_("cannot create checkpoint while snapshot exists"));
goto cleanup;
}
priv = vm->privateData;
cfg = virQEMUDriverGetConfig(driver);
if (virDomainCheckpointCreateXMLEnsureACL(domain->conn, vm->def, flags) < 0)
goto cleanup;
if (virDomainSnapshotObjListNum(vm->snapshots, NULL, 0) > 0) {
virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
_("cannot create checkpoint while snapshot exists"));
goto cleanup;
}
if (!virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_BITMAP_MERGE)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("qemu binary lacks persistent bitmaps support"));